From c7cdf4c35362157d50cb583d58eae0f2512549f9 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Tue, 9 Aug 2022 18:34:42 +0200 Subject: [PATCH] Adopt changes from cert-d-java rewrite --- .../java/pgp/cert_d/cli/MergeCallbacks.java | 28 +-- .../main/java/pgp/cert_d/cli/PGPCertDCli.java | 24 +- .../java/pgp/cert_d/cli/commands/Export.java | 4 +- .../java/pgp/cert_d/cli/commands/Get.java | 8 +- .../java/pgp/cert_d/cli/commands/Import.java | 6 +- .../java/pgp/cert_d/cli/commands/Insert.java | 6 +- .../java/pgp/cert_d/cli/commands/List.java | 4 +- .../java/pgp/cert_d/cli/commands/Setup.java | 2 +- .../certificate_store/CertificateFactory.java | 2 +- .../certificate_store/KeyFactory.java | 10 +- ...{KeyReader.java => KeyMaterialReader.java} | 18 +- .../certificate_store/PGPainlessCertD.java | 36 +++ .../SharedPGPCertificateDirectoryAdapter.java | 145 ----------- ...redPGPCertificateDirectoryAdapterTest.java | 230 ------------------ .../SharedPGPCertificateDirectoryTest.java | 61 ++--- 15 files changed, 101 insertions(+), 483 deletions(-) rename pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/{KeyReader.java => KeyMaterialReader.java} (61%) create mode 100644 pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/PGPainlessCertD.java delete mode 100644 pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/SharedPGPCertificateDirectoryAdapter.java delete mode 100644 pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryAdapterTest.java diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/MergeCallbacks.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/MergeCallbacks.java index 02fb292..aba0342 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/MergeCallbacks.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/MergeCallbacks.java @@ -10,10 +10,8 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.pgpainless.PGPainless; import org.pgpainless.certificate_store.CertificateFactory; import org.pgpainless.key.OpenPgpFingerprint; -import pgp.certificate_store.Certificate; -import pgp.certificate_store.CertificateMerger; -import pgp.certificate_store.Key; -import pgp.certificate_store.KeyMerger; +import pgp.certificate.KeyMaterial; +import pgp.certificate.KeyMaterialMerger; import java.io.IOException; import java.util.Iterator; @@ -21,16 +19,16 @@ import java.util.Iterator; public class MergeCallbacks { /** - * Return a {@link CertificateMerger} that merges the two copies of the same certificate (same primary key) into one + * Return a {@link KeyMaterialMerger} that merges the two copies of the same certificate (same primary key) into one * combined certificate. * * @return merging callback */ - public static CertificateMerger mergeCertificates() { - return new CertificateMerger() { + public static KeyMaterialMerger mergeCertificates() { + return new KeyMaterialMerger() { @Override - public Certificate merge(Certificate data, Certificate existing) throws IOException { + public KeyMaterial merge(KeyMaterial data, KeyMaterial existing) throws IOException { try { PGPPublicKeyRing existingCert = PGPainless.readKeyRing().publicKeyRing(existing.getInputStream()); PGPPublicKeyRing updatedCert = PGPainless.readKeyRing().publicKeyRing(data.getInputStream()); @@ -97,26 +95,26 @@ public class MergeCallbacks { } /** - * Return an implementation of {@link CertificateMerger} that ignores the existing certificate and instead + * Return an implementation of {@link KeyMaterialMerger} that ignores the existing certificate and instead * returns the first instance. * * @return overriding callback */ - public static CertificateMerger overrideCertificate() { + public static KeyMaterialMerger overrideCertificate() { // noinspection Convert2Lambda - return new CertificateMerger() { + return new KeyMaterialMerger() { @Override - public Certificate merge(Certificate data, Certificate existing) { + public KeyMaterial merge(KeyMaterial data, KeyMaterial existing) { return data; } }; } - public static KeyMerger overrideKey() { + public static KeyMaterialMerger overrideKey() { // noinspection Convert2Lambda - return new KeyMerger() { + return new KeyMaterialMerger() { @Override - public Key merge(Key data, Key existing) { + public KeyMaterial merge(KeyMaterial data, KeyMaterial existing) { return data; } }; diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java index f742d01..cb44fdd 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java @@ -4,21 +4,15 @@ package pgp.cert_d.cli; -import org.pgpainless.certificate_store.KeyReader; -import org.pgpainless.certificate_store.SharedPGPCertificateDirectoryAdapter; +import org.pgpainless.certificate_store.PGPainlessCertD; import pgp.cert_d.BaseDirectoryProvider; -import pgp.cert_d.SharedPGPCertificateDirectoryImpl; +import pgp.cert_d.NotAStoreException; import pgp.cert_d.cli.commands.Export; import pgp.cert_d.cli.commands.Get; import pgp.cert_d.cli.commands.Insert; import pgp.cert_d.cli.commands.Import; import pgp.cert_d.cli.commands.List; import pgp.cert_d.cli.commands.Setup; -import pgp.cert_d.jdbc.sqlite.DatabaseSubkeyLookup; -import pgp.cert_d.jdbc.sqlite.SqliteSubkeyLookupDaoImpl; -import pgp.certificate_store.SubkeyLookup; -import pgp.certificate_store.exception.NotAStoreException; -import pgp.certificate_store.CertificateDirectory; import picocli.CommandLine; import java.io.File; @@ -43,7 +37,7 @@ public class PGPCertDCli { scope = CommandLine.ScopeType.INHERIT) File baseDirectory; - private static CertificateDirectory certificateDirectory; + private static PGPainlessCertD certificateDirectory; private int executionStrategy(CommandLine.ParseResult parseResult) { try { @@ -55,19 +49,11 @@ public class PGPCertDCli { } private void initStore() throws NotAStoreException, SQLException { - SharedPGPCertificateDirectoryImpl certificateDirectory; - SubkeyLookup subkeyLookup; if (baseDirectory == null) { baseDirectory = BaseDirectoryProvider.getDefaultBaseDir(); } - certificateDirectory = new SharedPGPCertificateDirectoryImpl( - baseDirectory, - new KeyReader()); - subkeyLookup = new DatabaseSubkeyLookup( - SqliteSubkeyLookupDaoImpl.forDatabaseFile(new File(baseDirectory, "_pgpainless_subkey_map.db"))); - - PGPCertDCli.certificateDirectory = new SharedPGPCertificateDirectoryAdapter(certificateDirectory, subkeyLookup); + PGPCertDCli.certificateDirectory = PGPainlessCertD.fileBased(baseDirectory); } public static void main(String[] args) { @@ -77,7 +63,7 @@ public class PGPCertDCli { .execute(args); } - public static CertificateDirectory getCertificateDirectory() { + public static PGPainlessCertD getCertificateDirectory() { return certificateDirectory; } } diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Export.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Export.java index 8a9027a..7e06e58 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Export.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Export.java @@ -9,7 +9,7 @@ import org.bouncycastle.util.io.Streams; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.Certificate; +import pgp.certificate.Certificate; import picocli.CommandLine; import java.io.IOException; @@ -29,7 +29,7 @@ public class Export implements Runnable { @Override public void run() { Iterator certificates = PGPCertDCli.getCertificateDirectory() - .getCertificates(); + .items(); OutputStream out = armor ? new ArmoredOutputStream(System.out) : System.out; while (certificates.hasNext()) { try { diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java index 861790a..c5ce49b 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java @@ -9,10 +9,10 @@ import java.io.IOException; import org.bouncycastle.util.io.Streams; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import pgp.cert_d.BadDataException; +import pgp.cert_d.BadNameException; import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.Certificate; -import pgp.certificate_store.exception.BadDataException; -import pgp.certificate_store.exception.BadNameException; +import pgp.certificate.Certificate; import picocli.CommandLine; @CommandLine.Command(name = "get", @@ -31,7 +31,7 @@ public class Get implements Runnable { public void run() { try { Certificate certificate = PGPCertDCli.getCertificateDirectory() - .getCertificate(identifer); + .getByFingerprint(identifer); if (certificate == null) { return; } diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java index 80b19d9..d201b84 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java @@ -10,10 +10,10 @@ import org.bouncycastle.openpgp.PGPPublicKeyRingCollection; import org.pgpainless.PGPainless; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import pgp.cert_d.BadDataException; import pgp.cert_d.cli.MergeCallbacks; import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.Certificate; -import pgp.certificate_store.exception.BadDataException; +import pgp.certificate.Certificate; import picocli.CommandLine; import java.io.ByteArrayInputStream; @@ -32,7 +32,7 @@ public class Import implements Runnable { for (PGPPublicKeyRing cert : certificates) { ByteArrayInputStream certIn = new ByteArrayInputStream(cert.getEncoded()); Certificate certificate = PGPCertDCli.getCertificateDirectory() - .insertCertificate(certIn, MergeCallbacks.mergeCertificates()); + .insert(certIn, MergeCallbacks.mergeCertificates()); } } catch (IOException e) { LOGGER.error("IO-Error.", e); diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Insert.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Insert.java index 437003d..30020a8 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Insert.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Insert.java @@ -6,10 +6,10 @@ package pgp.cert_d.cli.commands; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import pgp.cert_d.BadDataException; import pgp.cert_d.cli.MergeCallbacks; import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.Certificate; -import pgp.certificate_store.exception.BadDataException; +import pgp.certificate.Certificate; import picocli.CommandLine; import java.io.IOException; @@ -24,7 +24,7 @@ public class Insert implements Runnable { public void run() { try { Certificate certificate = PGPCertDCli.getCertificateDirectory() - .insertCertificate(System.in, MergeCallbacks.mergeCertificates()); + .insert(System.in, MergeCallbacks.mergeCertificates()); } catch (IOException e) { LOGGER.error("IO-Error.", e); System.exit(-1); diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/List.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/List.java index 8c888c2..cedf1ff 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/List.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/List.java @@ -5,7 +5,7 @@ package pgp.cert_d.cli.commands; import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.Certificate; +import pgp.certificate.Certificate; import picocli.CommandLine; import java.util.Iterator; @@ -18,7 +18,7 @@ public class List implements Runnable { @Override public void run() { Iterator certificates = PGPCertDCli.getCertificateDirectory() - .getCertificates(); + .items(); while (certificates.hasNext()) { Certificate certificate = certificates.next(); // CHECKSTYLE:OFF diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Setup.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Setup.java index bb94de7..e1a4b5e 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Setup.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Setup.java @@ -15,9 +15,9 @@ import org.pgpainless.key.generation.type.eddsa.EdDSACurve; import org.pgpainless.util.Passphrase; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import pgp.cert_d.BadDataException; import pgp.cert_d.cli.MergeCallbacks; import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.exception.BadDataException; import picocli.CommandLine; import java.io.ByteArrayInputStream; diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java index e4b40c1..1757491 100644 --- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java +++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java @@ -8,7 +8,7 @@ import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.util.encoders.Base64; import org.pgpainless.key.OpenPgpFingerprint; -import pgp.certificate_store.Certificate; +import pgp.certificate.Certificate; import java.io.ByteArrayInputStream; import java.io.IOException; diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyFactory.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyFactory.java index 64ebf10..d71777b 100644 --- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyFactory.java +++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyFactory.java @@ -8,14 +8,15 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.util.encoders.Base64; import org.pgpainless.PGPainless; -import pgp.certificate_store.Certificate; -import pgp.certificate_store.Key; +import pgp.certificate.Certificate; +import pgp.certificate.Key; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import java.util.Set; public class KeyFactory { @@ -49,6 +50,11 @@ public class KeyFactory { digest.update(secretKeyRing.getEncoded()); return Base64.toBase64String(digest.digest()); } + + @Override + public Set getSubkeyIds() throws IOException { + return getCertificate().getSubkeyIds(); + } }; } } diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyReader.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyMaterialReader.java similarity index 61% rename from pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyReader.java rename to pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyMaterialReader.java index bc8f371..7af37f3 100644 --- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyReader.java +++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyMaterialReader.java @@ -8,22 +8,22 @@ import org.bouncycastle.openpgp.PGPKeyRing; import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.pgpainless.PGPainless; -import pgp.certificate_store.KeyMaterial; -import pgp.certificate_store.KeyReaderBackend; -import pgp.certificate_store.exception.BadDataException; +import pgp.cert_d.BadDataException; +import pgp.certificate.KeyMaterial; +import pgp.certificate.KeyMaterialReaderBackend; import java.io.IOException; import java.io.InputStream; -public class KeyReader implements KeyReaderBackend { +public class KeyMaterialReader implements KeyMaterialReaderBackend { @Override public KeyMaterial read(InputStream data) throws IOException, BadDataException { - final PGPKeyRing keyRing = PGPainless.readKeyRing().keyRing(data); - if (keyRing instanceof PGPPublicKeyRing) { - return CertificateFactory.certificateFromPublicKeyRing((PGPPublicKeyRing) keyRing); - } else if (keyRing instanceof PGPSecretKeyRing) { - return KeyFactory.keyFromSecretKeyRing((PGPSecretKeyRing) keyRing); + PGPKeyRing keyMaterial = PGPainless.readKeyRing().keyRing(data); + if (keyMaterial instanceof PGPSecretKeyRing) { + return KeyFactory.keyFromSecretKeyRing((PGPSecretKeyRing) keyMaterial); + } else if (keyMaterial instanceof PGPPublicKeyRing) { + return CertificateFactory.certificateFromPublicKeyRing((PGPPublicKeyRing) keyMaterial); } else { throw new BadDataException(); } diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/PGPainlessCertD.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/PGPainlessCertD.java new file mode 100644 index 0000000..8dcb1ba --- /dev/null +++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/PGPainlessCertD.java @@ -0,0 +1,36 @@ +// SPDX-FileCopyrightText: 2022 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package org.pgpainless.certificate_store; + +import pgp.cert_d.BaseDirectoryProvider; +import pgp.cert_d.FileBasedCertificateDirectoryBackend; +import pgp.cert_d.InMemoryCertificateDirectoryBackend; +import pgp.cert_d.NotAStoreException; +import pgp.cert_d.PGPCertificateDirectory; + +import java.io.File; + +public class PGPainlessCertD extends PGPCertificateDirectory { + + private static final KeyMaterialReader keyMaterialReader = new KeyMaterialReader(); + + public PGPainlessCertD(Backend backend) { + super(backend); + } + + public static PGPainlessCertD inMemory() { + Backend backend = new InMemoryCertificateDirectoryBackend(keyMaterialReader); + return new PGPainlessCertD(backend); + } + + public static PGPainlessCertD fileBased() throws NotAStoreException { + return fileBased(BaseDirectoryProvider.getDefaultBaseDir()); + } + + public static PGPainlessCertD fileBased(File baseDirectory) throws NotAStoreException { + Backend backend = new FileBasedCertificateDirectoryBackend(baseDirectory, keyMaterialReader); + return new PGPainlessCertD(backend); + } +} diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/SharedPGPCertificateDirectoryAdapter.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/SharedPGPCertificateDirectoryAdapter.java deleted file mode 100644 index 968485b..0000000 --- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/SharedPGPCertificateDirectoryAdapter.java +++ /dev/null @@ -1,145 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package org.pgpainless.certificate_store; - -import java.io.IOException; -import java.io.InputStream; -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; -import java.util.Set; - -import pgp.cert_d.SharedPGPCertificateDirectory; -import pgp.cert_d.SpecialNames; -import pgp.certificate_store.Certificate; -import pgp.certificate_store.CertificateDirectory; -import pgp.certificate_store.CertificateMerger; -import pgp.certificate_store.CertificateStore; -import pgp.certificate_store.Key; -import pgp.certificate_store.KeyMerger; -import pgp.certificate_store.SubkeyLookup; -import pgp.certificate_store.exception.BadDataException; -import pgp.certificate_store.exception.BadNameException; - -/** - * Adapter class used to adapt the {@link SharedPGPCertificateDirectory} for use with - * {@link CertificateDirectory}. - */ -public class SharedPGPCertificateDirectoryAdapter - implements CertificateStore { - - private final SharedPGPCertificateDirectory directory; - private final SubkeyLookup subkeyLookup; - - /** - * Create an adapter to use {@link SharedPGPCertificateDirectory} objects as {@link CertificateDirectory CertificateStores}. - * - * @param directory directory instance - */ - public SharedPGPCertificateDirectoryAdapter(SharedPGPCertificateDirectory directory, SubkeyLookup subkeyLookup) { - this.directory = directory; - this.subkeyLookup = subkeyLookup; - } - - @Override - public Certificate getCertificate(String identifier) - throws IOException, BadDataException, BadNameException { - String specialName = SpecialNames.lookupSpecialName(identifier); - if (specialName != null) { - return directory.getBySpecialName(specialName); - } - - return directory.getByFingerprint(identifier.toLowerCase()); - - } - - @Override - public Certificate getCertificateIfChanged(String identifier, String tag) - throws IOException, BadDataException, BadNameException { - String specialName = SpecialNames.lookupSpecialName(identifier); - if (specialName != null) { - return directory.getBySpecialNameIfChanged(specialName, tag); - } - - return directory.getByFingerprintIfChanged(identifier.toLowerCase(), tag); - - } - - @Override - public Certificate insertCertificate(InputStream data, CertificateMerger merge) - throws IOException, InterruptedException, BadDataException { - Certificate certificate = directory.insert(data, merge); - storeIdentifierForSubkeys(certificate); - return certificate; - } - - @Override - public Certificate tryInsertCertificate(InputStream data, CertificateMerger merge) - throws IOException, BadDataException { - Certificate certificate = directory.tryInsert(data, merge); - storeIdentifierForSubkeys(certificate); - return certificate; - } - - @Override - public Certificate insertCertificateBySpecialName(String specialName, InputStream data, CertificateMerger merge) - throws IOException, InterruptedException, BadDataException, BadNameException { - return directory.insertWithSpecialName(specialName, data, merge); - } - - @Override - public Certificate tryInsertCertificateBySpecialName(String specialName, InputStream data, CertificateMerger merge) - throws IOException, BadDataException, BadNameException { - return directory.tryInsertWithSpecialName(specialName, data, merge); - } - - @Override - public Iterator getCertificates() { - return directory.items(); - } - - @Override - public Iterator getFingerprints() { - return directory.fingerprints(); - } - - private void storeIdentifierForSubkeys(Certificate certificate) throws IOException { - if (certificate == null) { - return; - } - String fingerprint = certificate.getFingerprint(); - storeCertificateSubkeyIds(fingerprint, new ArrayList<>(certificate.getSubkeyIds())); - } - - @Override - public Set getCertificateFingerprintsForSubkeyId(long subkeyId) throws IOException { - return subkeyLookup.getCertificateFingerprintsForSubkeyId(subkeyId); - } - - @Override - public void storeCertificateSubkeyIds(String certificate, List subkeyIds) throws IOException { - subkeyLookup.storeCertificateSubkeyIds(certificate, subkeyIds); - } - - @Override - public Key getTrustRoot() throws IOException, BadDataException { - return directory.getTrustRoot(); - } - - @Override - public Key getTrustRootIfChanged(String tag) throws IOException, BadDataException { - return directory.getTrustRootIfChanged(tag); - } - - @Override - public Key insertTrustRoot(InputStream data, KeyMerger keyMerger) throws IOException, InterruptedException, BadDataException { - return directory.insertTrustRoot(data, keyMerger); - } - - @Override - public Key tryInsertTrustRoot(InputStream data, KeyMerger keyMerger) throws IOException, BadDataException { - return directory.tryInsertTrustRoot(data, keyMerger); - } -} diff --git a/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryAdapterTest.java b/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryAdapterTest.java deleted file mode 100644 index 5a42690..0000000 --- a/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryAdapterTest.java +++ /dev/null @@ -1,230 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package org.pgpainless.cert_d; - -import static org.junit.jupiter.api.Assertions.assertArrayEquals; -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertFalse; -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertNull; -import static org.junit.jupiter.api.Assertions.assertThrows; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.File; -import java.io.IOException; -import java.nio.file.Files; -import java.util.Arrays; -import java.util.Collections; -import java.util.HashSet; -import java.util.Iterator; -import java.util.Set; - -import org.bouncycastle.util.encoders.Hex; -import org.bouncycastle.util.io.Streams; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; -import org.pgpainless.certificate_store.KeyReader; -import org.pgpainless.certificate_store.SharedPGPCertificateDirectoryAdapter; -import pgp.cert_d.InMemorySubkeyLookup; -import pgp.cert_d.SharedPGPCertificateDirectoryImpl; -import pgp.certificate_store.CertificateStore; -import pgp.certificate_store.exception.BadDataException; -import pgp.certificate_store.exception.BadNameException; -import pgp.certificate_store.exception.NotAStoreException; -import pgp.certificate_store.Certificate; - -public class SharedPGPCertificateDirectoryAdapterTest { - - private static final String testCertificate = "98330462069cc616092b06010401da470f010107400db5906b09f701ab1f7f96087eedab6ba44c02fcbd2470137cfeacac5a2d032db405416c696365888f0413160a0041050262069cc609906f054e826378552516a104505b134a7e62f0f154ec3d036f054e8263785525029e01029b01059602030100048b09080705950a09080b0299010000a12600fd117925c0f2192ef5b2a44e3d3038e2a7ce5ba0343fc2dfb661a3a46d1276fb380100bf2872e7e36b63f61ae3556464c4a04344e7d36e0d7313e623effb0290ce0b0fb8380462069cc6120a2b06010401975501050101074034ffd523242385fe92034a5e326a82f4edff614516cc1028ca91fb653557f25b0301080788750418160a001d050262069cc6029e01029b0c059602030100048b09080705950a09080b000a09106f054e8263785525391400ff4eb85df8ddfc15e94c9cf28bc0aa9d0426b571ca64c5421be5889d5410d8632f00fd1ac5e9aed683e711282489d8980222d2ceff15c5ce0499fcb36716d850749406b8330462069cc616092b06010401da470f0101074058f296fb7ce456039856144db677f14018963a8bfd281c84aaeebe7e14df8f1c88d50418160a007d050262069cc6029e01029b02059602030100048b09080705950a09080b5f200419160a0006050262069cc6000a09108119c86e0a4c6dc73a7600ff5e25427da84d824cc3f8890bc6bd037f423f610006e1249b1aad3d7f70ac47a100fc08e67a6a945c1feec301df9dc27e7ea4e61d107d0720e814eea1dc4f1da20a08000a09106f054e8263785525359700ff4ce78cf267c261468322de906118d4f003ceefa72fa3b86119e26f99be3727fc00fe3895207c4aac814549f0189d2f494f5b1fcee7f6da344e63a0c32743b216b406"; - private static final String testCertFingerprint = "505b134a7e62f0f154ec3d036f054e8263785525"; - private static final long testCertificateSubkey1 = 7999886635015099685L; - private static final long testCertificateSubkey2 = -5375724347241457298L; - private static final long testCertificateSubkey3 = -9144057193454342713L; - - private SharedPGPCertificateDirectoryAdapter adapter; - private CertificateStore store; - - @BeforeEach - public void setupInstance() throws IOException, NotAStoreException { - adapter = new SharedPGPCertificateDirectoryAdapter( - new SharedPGPCertificateDirectoryImpl(tempDir(), new KeyReader()), - new InMemorySubkeyLookup()); - store = adapter; - } - - private static File tempDir() throws IOException { - File tempDir = Files.createTempDirectory("pgp.cert.d-").toFile(); - tempDir.deleteOnExit(); - return tempDir; - } - - @Test - public void getNonExistentCertIsNull() throws IOException, BadDataException, BadNameException { - assertNull(store.getCertificate("eb85bb5fa33a75e15e944e63f231550c4f47e38e")); - } - - @Test - public void getInvalidIdentifierThrows() { - assertThrows(BadNameException.class, () -> store.getCertificate("invalid")); - } - - @Test - public void insertAndGet() throws IOException, InterruptedException, BadDataException, BadNameException { - byte[] bytes = Hex.decode(testCertificate); - ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); - String fingerprint = testCertFingerprint; - - Certificate certificate = store.insertCertificate(byteIn, (data, existing) -> data); - - assertEquals(fingerprint, certificate.getFingerprint()); - Set expectedSubkeys = new HashSet<>(Arrays.asList(testCertificateSubkey1, testCertificateSubkey2, testCertificateSubkey3)); - Set subkeys = certificate.getSubkeyIds(); - assertEquals(expectedSubkeys, subkeys); - for (long subkey : subkeys) { - assertEquals(Collections.singleton(fingerprint), store.getCertificateFingerprintsForSubkeyId(subkey)); - } - - Certificate retrieved = store.getCertificate(fingerprint); - assertNotNull(retrieved); - ByteArrayOutputStream retrievedOut = new ByteArrayOutputStream(); - Streams.pipeAll(retrieved.getInputStream(), retrievedOut); - - assertArrayEquals(bytes, retrievedOut.toByteArray()); - } - - - @Test - public void tryInsertAndGet() throws IOException, BadDataException, BadNameException { - byte[] bytes = Hex.decode(testCertificate); - ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); - String fingerprint = testCertFingerprint; - - Certificate certificate = store.tryInsertCertificate(byteIn, (data, existing) -> data); - - assertEquals(fingerprint, certificate.getFingerprint()); - Set subkeys = certificate.getSubkeyIds(); - assertEquals(3, subkeys.size()); - for (long subkey : subkeys) { - assertEquals(Collections.singleton(fingerprint), store.getCertificateFingerprintsForSubkeyId(subkey)); - } - - Certificate retrieved = store.getCertificate(fingerprint); - assertNotNull(retrieved); - ByteArrayOutputStream retrievedOut = new ByteArrayOutputStream(); - Streams.pipeAll(retrieved.getInputStream(), retrievedOut); - - assertArrayEquals(bytes, retrievedOut.toByteArray()); - } - - - @Test - public void insertAndGetIfChanged() throws IOException, InterruptedException, BadDataException, BadNameException { - byte[] bytes = Hex.decode(testCertificate); - ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); - String fingerprint = testCertFingerprint; - - Certificate certificate = store.insertCertificate(byteIn, (data, existing) -> data); - String tag = certificate.getTag(); - - assertNull(store.getCertificateIfChanged(fingerprint, tag)); - assertNotNull(store.getCertificateIfChanged(fingerprint, "invalid")); - } - - @Test - public void insertBySpecialNameAndGet() throws IOException, InterruptedException, BadDataException, BadNameException { - byte[] bytes = Hex.decode(testCertificate); - ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); - String fingerprint = testCertFingerprint; - String identifier = "trust-root"; - - Certificate certificate = store.insertCertificateBySpecialName(identifier, byteIn, (data, existing) -> data); - - assertEquals(fingerprint, certificate.getFingerprint()); - - Certificate retrieved = store.getCertificate(identifier); - assertNotNull(retrieved); - ByteArrayOutputStream retrievedOut = new ByteArrayOutputStream(); - Streams.pipeAll(retrieved.getInputStream(), retrievedOut); - - assertArrayEquals(bytes, retrievedOut.toByteArray()); - } - - @Test - public void tryInsertBySpecialNameAndGet() throws IOException, BadDataException, BadNameException { - byte[] bytes = Hex.decode(testCertificate); - ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); - String fingerprint = testCertFingerprint; - String identifier = "trust-root"; - - Certificate certificate = store.tryInsertCertificateBySpecialName(identifier, byteIn, (data, existing) -> data); - - assertEquals(fingerprint, certificate.getFingerprint()); - - Certificate retrieved = store.getCertificate(identifier); - assertNotNull(retrieved); - ByteArrayOutputStream retrievedOut = new ByteArrayOutputStream(); - Streams.pipeAll(retrieved.getInputStream(), retrievedOut); - - assertArrayEquals(bytes, retrievedOut.toByteArray()); - } - - @Test - public void insertBySpecialNameAndGetIfChanged() throws IOException, InterruptedException, BadDataException, BadNameException { - byte[] bytes = Hex.decode(testCertificate); - ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); - String fingerprint = testCertFingerprint; - String identifier = "trust-root"; - - Certificate certificate = store.insertCertificateBySpecialName(identifier, byteIn, (data, existing) -> data); - String tag = certificate.getTag(); - - certificate = store.getCertificateIfChanged(identifier, tag); - assertNull(certificate); - certificate = store.getCertificateIfChanged(identifier, "invalid"); - assertNotNull(certificate); - assertEquals(fingerprint, certificate.getFingerprint()); - } - - @Test - public void getItemsAndFingerprints() throws IOException, InterruptedException, BadDataException, BadNameException { - byte[] bytes1 = Hex.decode(testCertificate); - ByteArrayInputStream byteIn1 = new ByteArrayInputStream(bytes1); - Certificate firstCert = store.insertCertificate(byteIn1, (data, existing) -> data); - - byte[] bytes2 = Hex.decode("9833046206a37516092b06010401da470f010107409f55baab1599044096ba901d69854cf5307b84b0542871b15db3dd4c62664f37b403426f62888f0413160a004105026206a3750990ba01b5a9eea7e76716a104f1d47fb85ad74549a37974f3ba01b5a9eea7e767029e01029b01059602030100048b09080705950a09080b0299010000e6170100e08374a6fd32d0b4be2d3f7c75d3f6c13cb47b1b73589aa452a1b2a16b888b5000fe274e6565ab9faa34338cf4d805663f8775fdee4ec6a0fdf1ec2cf84b72907f05b838046206a375120a2b0601040197550105010107405641e74d2dda92003ce200422c3ab6f3562fc49a8ecc67ea02593988442b23780301080788750418160a001d05026206a375029e01029b0c059602030100048b09080705950a09080b000a0910ba01b5a9eea7e76732850100910a6049779773f455226cd91645884842b91017796287a634104ab5364a0c0d00fe20b5febb17de271394f31128f709c307c0bbca4f9502570744bd54e6dc9c2209b833046206a37516092b06010401da470f0101074059f008928cb69b48bed07a639f03f43a48808aade67109cd658f54bddefa5ec288d50418160a007d05026206a375029e01029b02059602030100048b09080705950a09080b5f200419160a000605026206a375000a0910dcdb34f4068368c0dffb010095fb1f6daac239bf3221d9d2ecc81b6cb258c2b058a300a7e103f7f36a58bf1900fe273a9eaaa03b613236df22bebcbbd69d7c02caf1b7af4fa29320c8d96d32310f000a0910ba01b5a9eea7e7671de20100a5044d24a9d860f9af7e8b9a095d4eac8820fad8b045e70be1ae5607fa4d6b4f010097b53d1527f3b3e3d3b78367c8269c999ee37575a51ffc582f73d2cba4df080f"); - ByteArrayInputStream byteIn2 = new ByteArrayInputStream(bytes2); - Certificate secondCert = store.insertCertificate(byteIn2, ((data, existing) -> data)); - - String trustRootHex = "9833046206a57e16092b06010401da470f010107401ad7351d9766843bf11a8414f68790df0649fad8b01c244323f47e4ebc87fc35b40a74727573742d726f6f74888f0413160a004105026206a57f09907c619691ddee5fc216a10489e1e05cb458758d0729eb0c7c619691ddee5fc2029e01029b01059602030100048b09080705950a09080b029901000080c100ff45d97dda133895e337416266f1ff2c38ff3947ecfbfe21328d51bc877ccba367010096698a5fbac9444b7b28b96389c66ca405821f04871f1bbbf5b5bf8b800f9104b838046206a57f120a2b06010401975501050101074074ff41705c50e8f27b18df40a53aded6cacd2ce4f88b471c7130036010ca60240301080788750418160a001d05026206a57f029e01029b0c059602030100048b09080705950a09080b000a09107c619691ddee5fc27b3c0100fba12230adf80a6a7a376b9568481ab4ae86628274db67412074cb4a846011a200ff437e4047bbafec42b41594b296f8be93fc03482b2d35ac92e87ce632b86bc900b833046206a57f16092b06010401da470f01010740ce99f97d1f0b5aa2f4e6f2a7a2aa231da8c2a2f489a593b747983a750f3928ae88d50418160a007d05026206a57f029e01029b02059602030100048b09080705950a09080b5f200419160a000605026206a57f000a0910b905cb706dec67e3f6050100a7ae51ea07f3d0d493fd1fdfbcbbe112c19de8dbbd29e03ba5e755345444402300fe2663252eeca21772012c5dc4eb9efa4e01566dffbb44e7d1536181eb3f8b420e000a09107c619691ddee5fc2a4190100fdbedf9defd5d30bad77937a5589441ef336028613a6fcfc4a959bee51de134e00fd128628567b66fa03ef099d6936324f7593e2060608b433828d336dda552e2c04"; - byte[] trustRootBytes = Hex.decode(trustRootHex); - ByteArrayInputStream trustRootIn = new ByteArrayInputStream(trustRootBytes); - Certificate trustRoot = store.insertCertificateBySpecialName("trust-root", trustRootIn, (data, existing) -> data); - - Set expectedFingerprints = new HashSet<>(); - expectedFingerprints.add(firstCert.getFingerprint()); - expectedFingerprints.add(secondCert.getFingerprint()); - - Iterator certificateIterator = store.getCertificates(); - Set actualFingerprints = new HashSet<>(); - Certificate c = certificateIterator.next(); - actualFingerprints.add(c.getFingerprint()); - c = certificateIterator.next(); - actualFingerprints.add(c.getFingerprint()); - assertFalse(certificateIterator.hasNext()); - - assertEquals(expectedFingerprints, actualFingerprints); - assertFalse(actualFingerprints.contains(trustRoot.getFingerprint())); - - Iterator fingerprintIterator = store.getFingerprints(); - actualFingerprints = new HashSet<>(); - actualFingerprints.add(fingerprintIterator.next()); - actualFingerprints.add(fingerprintIterator.next()); - assertFalse(fingerprintIterator.hasNext()); - - assertEquals(expectedFingerprints, actualFingerprints); - assertFalse(actualFingerprints.contains(trustRoot.getFingerprint())); - } -} diff --git a/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java b/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java index d6a4902..6d3fb26 100644 --- a/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java +++ b/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java @@ -8,7 +8,6 @@ import static org.junit.jupiter.api.Assertions.assertArrayEquals; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertNull; -import static org.junit.jupiter.api.Assumptions.assumeTrue; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; @@ -32,36 +31,30 @@ import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.KeyFlag; -import org.pgpainless.certificate_store.KeyReader; +import org.pgpainless.certificate_store.PGPainlessCertD; import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.eddsa.EdDSACurve; -import pgp.cert_d.CachingSharedPGPCertificateDirectoryWrapper; -import pgp.cert_d.FileLockingMechanism; -import pgp.cert_d.SharedPGPCertificateDirectory; -import pgp.cert_d.SharedPGPCertificateDirectoryImpl; -import pgp.certificate_store.CertificateMerger; -import pgp.certificate_store.exception.BadDataException; -import pgp.certificate_store.exception.BadNameException; -import pgp.certificate_store.exception.NotAStoreException; -import pgp.certificate_store.Certificate; +import pgp.cert_d.BadDataException; +import pgp.cert_d.BadNameException; +import pgp.cert_d.NotAStoreException; +import pgp.certificate.Certificate; +import pgp.certificate.KeyMaterial; +import pgp.certificate.KeyMaterialMerger; public class SharedPGPCertificateDirectoryTest { - private static CertificateMerger dummyMerge = new CertificateMerger() { + private static KeyMaterialMerger dummyMerge = new KeyMaterialMerger() { @Override - public Certificate merge(Certificate data, Certificate existing) { + public KeyMaterial merge(KeyMaterial data, KeyMaterial existing) { return data; } }; - private static Stream provideTestSubjects() throws IOException, NotAStoreException { + private static Stream provideTestSubjects() throws IOException, NotAStoreException { return Stream.of( - new SharedPGPCertificateDirectoryImpl(tempDir(), new KeyReader()), - new CachingSharedPGPCertificateDirectoryWrapper( - new SharedPGPCertificateDirectoryImpl(tempDir(), new KeyReader())) - ); + PGPainlessCertD.fileBased(tempDir())); } private static File tempDir() throws IOException { @@ -72,7 +65,7 @@ public class SharedPGPCertificateDirectoryTest { @ParameterizedTest @MethodSource("provideTestSubjects") - public void simpleInsertGet(SharedPGPCertificateDirectory directory) + public void simpleInsertGet(PGPainlessCertD directory) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException, BadDataException, InterruptedException, BadNameException { PGPSecretKeyRing key = PGPainless.generateKeyRing().modernKeyRing("Alice"); @@ -87,10 +80,6 @@ public class SharedPGPCertificateDirectoryTest { Certificate certificate = directory.insert(certIn, dummyMerge); assertEquals(fingerprint.toString().toLowerCase(), certificate.getFingerprint()); - // getIfChanged - assertNull(directory.getByFingerprintIfChanged(certificate.getFingerprint(), certificate.getTag())); - assertNotNull(directory.getByFingerprintIfChanged(certificate.getFingerprint(), "invalidTag")); - // tryInsert certIn = new ByteArrayInputStream(cert.getEncoded()); assertNotNull(directory.tryInsert(certIn, dummyMerge)); @@ -98,7 +87,7 @@ public class SharedPGPCertificateDirectoryTest { @ParameterizedTest @MethodSource("provideTestSubjects") - public void simpleInsertGetBySpecialName(SharedPGPCertificateDirectory directory) + public void simpleInsertGetBySpecialName(PGPainlessCertD directory) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException, BadDataException, InterruptedException, BadNameException { PGPSecretKeyRing key = PGPainless.buildKeyRing() @@ -116,10 +105,6 @@ public class SharedPGPCertificateDirectoryTest { Certificate certificate = directory.insertWithSpecialName("trust-root", certIn, dummyMerge); assertEquals(fingerprint.toString().toLowerCase(), certificate.getFingerprint()); - // getIfChanged - assertNull(directory.getBySpecialNameIfChanged("trust-root", certificate.getTag())); - assertNotNull(directory.getBySpecialNameIfChanged("trust-root", "invalidTag")); - // tryInsert certIn = new ByteArrayInputStream(trustRoot.getEncoded()); assertNotNull(directory.tryInsertWithSpecialName("trust-root", certIn, dummyMerge)); @@ -127,25 +112,7 @@ public class SharedPGPCertificateDirectoryTest { @ParameterizedTest @MethodSource("provideTestSubjects") - public void tryInsertFailsWithLockedStore(SharedPGPCertificateDirectory directory) - throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException, - BadDataException, InterruptedException { - assumeTrue(directory.getLock() instanceof FileLockingMechanism); - - PGPSecretKeyRing key = PGPainless.generateKeyRing().modernKeyRing("Alice"); - PGPPublicKeyRing cert = PGPainless.extractCertificate(key); - ByteArrayInputStream certIn = new ByteArrayInputStream(cert.getEncoded()); - - directory.getLock().lockDirectory(); - assertNull(directory.tryInsert(certIn, dummyMerge)); - - directory.getLock().releaseDirectory(); - assertNotNull(directory.tryInsert(certIn, dummyMerge)); - } - - @ParameterizedTest - @MethodSource("provideTestSubjects") - public void testGetItemsAndFingerprints(SharedPGPCertificateDirectory directory) + public void testGetItemsAndFingerprints(PGPainlessCertD directory) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException, BadDataException, InterruptedException, BadNameException {