mirror of
https://github.com/pgpainless/pgpainless.git
synced 2025-01-08 19:27:57 +01:00
Fix signature verification
This commit is contained in:
parent
8a2ae0a989
commit
061e1c9292
3 changed files with 22 additions and 22 deletions
|
@ -37,8 +37,6 @@ import org.bouncycastle.openpgp.operator.bc.BcPublicKeyDataDecryptorFactory;
|
|||
|
||||
public class InputStreamFactory {
|
||||
|
||||
private InputStream inputStream;
|
||||
|
||||
private final PGPSecretKeyRingCollection decryptionKeys;
|
||||
private final SecretKeyRingProtector decryptionKeyDecryptor;
|
||||
private final Set<PGPPublicKeyRing> verificationKeys = new HashSet<>();
|
||||
|
@ -47,6 +45,7 @@ public class InputStreamFactory {
|
|||
|
||||
private final PainlessResult.Builder resultBuilder = PainlessResult.getBuilder();
|
||||
private final PGPContentVerifierBuilderProvider verifierBuilderProvider = new BcPGPContentVerifierBuilderProvider();
|
||||
private final KeyFingerPrintCalculator fingerCalc = new BcKeyFingerprintCalculator();
|
||||
private final Map<Long, PGPOnePassSignature> verifiableOnePassSignatures = new HashMap<>();
|
||||
|
||||
private InputStreamFactory(PGPSecretKeyRingCollection decryptionKeys,
|
||||
|
@ -85,9 +84,8 @@ public class InputStreamFactory {
|
|||
}
|
||||
|
||||
private InputStream wrap(PGPObjectFactory objectFactory) throws IOException, PGPException {
|
||||
KeyFingerPrintCalculator fingerCalc = new BcKeyFingerprintCalculator();
|
||||
|
||||
Object pgpObj = null;
|
||||
Object pgpObj;
|
||||
while ((pgpObj = objectFactory.nextObject()) != null) {
|
||||
|
||||
if (pgpObj instanceof PGPEncryptedDataList) {
|
||||
|
@ -107,7 +105,8 @@ public class InputStreamFactory {
|
|||
|
||||
if (pgpObj instanceof PGPOnePassSignatureList) {
|
||||
PGPOnePassSignatureList onePassSignatures = (PGPOnePassSignatureList) pgpObj;
|
||||
verify(onePassSignatures);
|
||||
initOnePassSignatures(onePassSignatures);
|
||||
return wrap(objectFactory);
|
||||
}
|
||||
|
||||
if (pgpObj instanceof PGPLiteralData) {
|
||||
|
@ -166,7 +165,7 @@ public class InputStreamFactory {
|
|||
return decryptionStream;
|
||||
}
|
||||
|
||||
private void verify(PGPOnePassSignatureList onePassSignatureList) throws PGPException {
|
||||
private void initOnePassSignatures(PGPOnePassSignatureList onePassSignatureList) throws PGPException {
|
||||
Iterator<PGPOnePassSignature> iterator = onePassSignatureList.iterator();
|
||||
if (!iterator.hasNext()) {
|
||||
throw new PGPException("Verification failed - No OnePassSignatures found!");
|
||||
|
|
|
@ -49,11 +49,12 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
|
|||
|
||||
try {
|
||||
PGPSignatureList signatureList = null;
|
||||
Iterator objectIterator = objectFactory.iterator();
|
||||
while (objectIterator.hasNext() && signatureList == null) {
|
||||
Object object = objectIterator.next();
|
||||
if (object instanceof PGPSignatureList) {
|
||||
signatureList = (PGPSignatureList) object;
|
||||
Object obj = objectFactory.nextObject();
|
||||
while (obj != null && signatureList == null) {
|
||||
if (obj instanceof PGPSignatureList) {
|
||||
signatureList = (PGPSignatureList) obj;
|
||||
} else {
|
||||
obj = objectFactory.nextObject();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -70,6 +71,7 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
|
|||
throw new SignatureException("Bad Signature of key " + signature.getKeyID());
|
||||
} else {
|
||||
resultBuilder.addVerifiedSignatureKeyId(signature.getKeyID());
|
||||
onePassSignatures.remove(signature.getKeyID());
|
||||
}
|
||||
}
|
||||
} catch (PGPException | SignatureException e) {
|
||||
|
|
|
@ -8,6 +8,7 @@ import java.io.ByteArrayOutputStream;
|
|||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
import java.nio.charset.Charset;
|
||||
import java.security.Security;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
|
@ -15,7 +16,6 @@ import java.util.Collections;
|
|||
import de.vanitasvitae.crypto.pgpainless.key.UnprotectedKeysProtector;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
|
||||
|
@ -38,7 +38,8 @@ public class EncryptDecryptTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
public void test() throws IOException, PGPException {
|
||||
public void test() throws Exception {
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
PGPPublicKeyRing jPub = new PGPPublicKeyRing(PGPUtil.getDecoderStream(new ByteArrayInputStream(TestKeys.JULIET_PUB.getBytes())), new BcKeyFingerprintCalculator());
|
||||
|
||||
ByteArrayOutputStream toEncrypted = new ByteArrayOutputStream();
|
||||
|
@ -66,7 +67,8 @@ public class EncryptDecryptTest {
|
|||
.onInputStream(fromEncrypted)
|
||||
.decryptWith(new PGPSecretKeyRingCollection(Collections.singleton(juliet)),
|
||||
new UnprotectedKeysProtector())
|
||||
.doNotVerify()
|
||||
.verifyWith(Collections.singleton(jPub.getPublicKey().getKeyID()), Collections.singleton(jPub))
|
||||
.ignoreMissingPublicKeys()
|
||||
.build();
|
||||
|
||||
InputStream decryptor = resultAndInputStream.getInputStream();
|
||||
|
@ -79,14 +81,8 @@ public class EncryptDecryptTest {
|
|||
assertTrue(Arrays.equals(message.getBytes(), toPlain.toByteArray()));
|
||||
}
|
||||
|
||||
public static void main(String[] args) throws IOException, PGPException {
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
EncryptDecryptTest test = new EncryptDecryptTest();
|
||||
test.decryptVerifyTest();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void decryptVerifyTest() throws IOException, PGPException {
|
||||
public void decryptVerifyTest() throws Exception {
|
||||
String encryptedMessage = "-----BEGIN PGP MESSAGE-----\n" +
|
||||
"\n" +
|
||||
"hQGMAwAAAAAAAAAAAQwAoJtfpcBPCwhUzzHuVIcBzBLyfIWT/EJ527neb46lN56S\n" +
|
||||
|
@ -137,6 +133,9 @@ public class EncryptDecryptTest {
|
|||
decryptor.close();
|
||||
toPlain.close();
|
||||
|
||||
assertTrue(Arrays.equals("This message is encrypted".getBytes(), toPlain.toByteArray()));
|
||||
byte[] expected = "This message is encrypted\n".getBytes(Charset.forName("UTF-8"));
|
||||
byte[] actual = toPlain.toByteArray();
|
||||
|
||||
assertTrue(Arrays.equals(expected, actual));
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue