mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-23 12:52:07 +01:00
Refactoring: Move signature verification stuff to consumer subpacket
This commit is contained in:
parent
3438b7259a
commit
352f099d8a
25 changed files with 54 additions and 26 deletions
|
@ -56,8 +56,8 @@ import org.pgpainless.key.SubkeyIdentifier;
|
||||||
import org.pgpainless.key.info.KeyRingInfo;
|
import org.pgpainless.key.info.KeyRingInfo;
|
||||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
import org.pgpainless.key.protection.UnlockSecretKey;
|
import org.pgpainless.key.protection.UnlockSecretKey;
|
||||||
import org.pgpainless.signature.DetachedSignatureCheck;
|
import org.pgpainless.signature.consumer.DetachedSignatureCheck;
|
||||||
import org.pgpainless.signature.OnePassSignatureCheck;
|
import org.pgpainless.signature.consumer.OnePassSignatureCheck;
|
||||||
import org.pgpainless.signature.SignatureUtils;
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
import org.pgpainless.util.CRCingArmoredInputStreamWrapper;
|
import org.pgpainless.util.CRCingArmoredInputStreamWrapper;
|
||||||
import org.pgpainless.util.PGPUtilWrapper;
|
import org.pgpainless.util.PGPUtilWrapper;
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
|
|
||||||
package org.pgpainless.decryption_verification;
|
package org.pgpainless.decryption_verification;
|
||||||
|
|
||||||
import static org.pgpainless.signature.SignatureValidator.signatureWasCreatedInBounds;
|
import static org.pgpainless.signature.consumer.SignatureValidator.signatureWasCreatedInBounds;
|
||||||
|
|
||||||
import java.io.FilterInputStream;
|
import java.io.FilterInputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
@ -20,9 +20,9 @@ import org.bouncycastle.openpgp.PGPSignatureList;
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.exception.SignatureValidationException;
|
import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.policy.Policy;
|
import org.pgpainless.policy.Policy;
|
||||||
import org.pgpainless.signature.CertificateValidator;
|
import org.pgpainless.signature.consumer.CertificateValidator;
|
||||||
import org.pgpainless.signature.DetachedSignatureCheck;
|
import org.pgpainless.signature.consumer.DetachedSignatureCheck;
|
||||||
import org.pgpainless.signature.OnePassSignatureCheck;
|
import org.pgpainless.signature.consumer.OnePassSignatureCheck;
|
||||||
import org.pgpainless.signature.SignatureUtils;
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
|
@ -19,8 +19,8 @@ import org.pgpainless.algorithm.SignatureType;
|
||||||
import org.pgpainless.exception.SignatureValidationException;
|
import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.implementation.ImplementationFactory;
|
import org.pgpainless.implementation.ImplementationFactory;
|
||||||
import org.pgpainless.policy.Policy;
|
import org.pgpainless.policy.Policy;
|
||||||
import org.pgpainless.signature.SignatureCreationDateComparator;
|
import org.pgpainless.signature.consumer.SignatureCreationDateComparator;
|
||||||
import org.pgpainless.signature.SignatureVerifier;
|
import org.pgpainless.signature.consumer.SignatureVerifier;
|
||||||
import org.pgpainless.util.CollectionUtils;
|
import org.pgpainless.util.CollectionUtils;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
|
@ -39,7 +39,7 @@ import org.pgpainless.exception.KeyValidationError;
|
||||||
import org.pgpainless.key.OpenPgpFingerprint;
|
import org.pgpainless.key.OpenPgpFingerprint;
|
||||||
import org.pgpainless.key.SubkeyIdentifier;
|
import org.pgpainless.key.SubkeyIdentifier;
|
||||||
import org.pgpainless.policy.Policy;
|
import org.pgpainless.policy.Policy;
|
||||||
import org.pgpainless.signature.SignaturePicker;
|
import org.pgpainless.signature.consumer.SignaturePicker;
|
||||||
import org.pgpainless.signature.SignatureUtils;
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
||||||
|
|
||||||
|
|
|
@ -16,9 +16,9 @@ import org.pgpainless.exception.WrongPassphraseException;
|
||||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
|
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
|
||||||
|
|
||||||
public final class SignatureBuilder {
|
public final class SignatureFactory {
|
||||||
|
|
||||||
private SignatureBuilder() {
|
private SignatureFactory() {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,9 +2,9 @@
|
||||||
//
|
//
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package org.pgpainless.signature;
|
package org.pgpainless.signature.consumer;
|
||||||
|
|
||||||
import static org.pgpainless.signature.SignatureVerifier.verifyOnePassSignature;
|
import static org.pgpainless.signature.consumer.SignatureVerifier.verifyOnePassSignature;
|
||||||
|
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
@ -24,6 +24,7 @@ import org.pgpainless.algorithm.KeyFlag;
|
||||||
import org.pgpainless.algorithm.SignatureType;
|
import org.pgpainless.algorithm.SignatureType;
|
||||||
import org.pgpainless.exception.SignatureValidationException;
|
import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.policy.Policy;
|
import org.pgpainless.policy.Policy;
|
||||||
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
|
@ -2,7 +2,7 @@
|
||||||
//
|
//
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package org.pgpainless.signature;
|
package org.pgpainless.signature.consumer;
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPKeyRing;
|
import org.bouncycastle.openpgp.PGPKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSignature;
|
import org.bouncycastle.openpgp.PGPSignature;
|
|
@ -2,7 +2,7 @@
|
||||||
//
|
//
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package org.pgpainless.signature;
|
package org.pgpainless.signature.consumer;
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPOnePassSignature;
|
import org.bouncycastle.openpgp.PGPOnePassSignature;
|
||||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
|
@ -2,7 +2,7 @@
|
||||||
//
|
//
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package org.pgpainless.signature;
|
package org.pgpainless.signature.consumer;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
|
@ -2,7 +2,7 @@
|
||||||
//
|
//
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package org.pgpainless.signature;
|
package org.pgpainless.signature.consumer;
|
||||||
|
|
||||||
import java.util.Comparator;
|
import java.util.Comparator;
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
//
|
//
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package org.pgpainless.signature;
|
package org.pgpainless.signature.consumer;
|
||||||
|
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
|
@ -15,6 +15,7 @@ import org.bouncycastle.openpgp.PGPSignature;
|
||||||
import org.pgpainless.algorithm.SignatureType;
|
import org.pgpainless.algorithm.SignatureType;
|
||||||
import org.pgpainless.exception.SignatureValidationException;
|
import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.policy.Policy;
|
import org.pgpainless.policy.Policy;
|
||||||
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
import org.pgpainless.util.CollectionUtils;
|
import org.pgpainless.util.CollectionUtils;
|
||||||
|
|
||||||
/**
|
/**
|
|
@ -2,7 +2,7 @@
|
||||||
//
|
//
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package org.pgpainless.signature;
|
package org.pgpainless.signature.consumer;
|
||||||
|
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
|
@ -30,6 +30,7 @@ import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.implementation.ImplementationFactory;
|
import org.pgpainless.implementation.ImplementationFactory;
|
||||||
import org.pgpainless.key.OpenPgpFingerprint;
|
import org.pgpainless.key.OpenPgpFingerprint;
|
||||||
import org.pgpainless.policy.Policy;
|
import org.pgpainless.policy.Policy;
|
||||||
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
||||||
import org.pgpainless.util.BCUtil;
|
import org.pgpainless.util.BCUtil;
|
||||||
import org.pgpainless.util.DateUtil;
|
import org.pgpainless.util.DateUtil;
|
|
@ -2,18 +2,19 @@
|
||||||
//
|
//
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package org.pgpainless.signature;
|
package org.pgpainless.signature.consumer;
|
||||||
|
|
||||||
import java.util.Comparator;
|
import java.util.Comparator;
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPSignature;
|
import org.bouncycastle.openpgp.PGPSignature;
|
||||||
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Comparator which sorts signatures based on an ordering and on revocation hardness.
|
* Comparator which sorts signatures based on an ordering and on revocation hardness.
|
||||||
*
|
*
|
||||||
* If a list of signatures gets ordered using this comparator, hard revocations will always
|
* If a list of signatures gets ordered using this comparator, hard revocations will always
|
||||||
* come first.
|
* come first.
|
||||||
* Further, signatures are ordered by date according to the {@link org.pgpainless.signature.SignatureCreationDateComparator.Order}.
|
* Further, signatures are ordered by date according to the {@link SignatureCreationDateComparator.Order}.
|
||||||
*/
|
*/
|
||||||
public class SignatureValidityComparator implements Comparator<PGPSignature> {
|
public class SignatureValidityComparator implements Comparator<PGPSignature> {
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
//
|
//
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package org.pgpainless.signature;
|
package org.pgpainless.signature.consumer;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
|
@ -0,0 +1,18 @@
|
||||||
|
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
||||||
|
//
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package org.pgpainless.signature.subpackets;
|
||||||
|
|
||||||
|
public interface CertificationSubpackets extends BaseSignatureSubpackets {
|
||||||
|
|
||||||
|
interface Callback {
|
||||||
|
default void modifyHashedSubpackets(CertificationSubpackets subpackets) {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
default void modifyUnhashedSubpackets(CertificationSubpackets subpackets) {
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -34,9 +34,9 @@ import org.pgpainless.encryption_signing.SigningOptions;
|
||||||
import org.pgpainless.exception.WrongConsumingMethodException;
|
import org.pgpainless.exception.WrongConsumingMethodException;
|
||||||
import org.pgpainless.key.TestKeys;
|
import org.pgpainless.key.TestKeys;
|
||||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
import org.pgpainless.signature.CertificateValidator;
|
import org.pgpainless.signature.consumer.CertificateValidator;
|
||||||
import org.pgpainless.signature.SignatureUtils;
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
import org.pgpainless.signature.SignatureVerifier;
|
import org.pgpainless.signature.consumer.SignatureVerifier;
|
||||||
import org.pgpainless.util.ArmorUtils;
|
import org.pgpainless.util.ArmorUtils;
|
||||||
import org.pgpainless.util.TestUtils;
|
import org.pgpainless.util.TestUtils;
|
||||||
|
|
||||||
|
|
|
@ -22,6 +22,7 @@ import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.exception.SignatureValidationException;
|
import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.implementation.ImplementationFactory;
|
import org.pgpainless.implementation.ImplementationFactory;
|
||||||
import org.pgpainless.policy.Policy;
|
import org.pgpainless.policy.Policy;
|
||||||
|
import org.pgpainless.signature.consumer.CertificateValidator;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Explores how subpackets on binding sigs are handled.
|
* Explores how subpackets on binding sigs are handled.
|
||||||
|
|
|
@ -28,6 +28,7 @@ import org.pgpainless.decryption_verification.OpenPgpMetadata;
|
||||||
import org.pgpainless.exception.SignatureValidationException;
|
import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.implementation.ImplementationFactory;
|
import org.pgpainless.implementation.ImplementationFactory;
|
||||||
import org.pgpainless.policy.Policy;
|
import org.pgpainless.policy.Policy;
|
||||||
|
import org.pgpainless.signature.consumer.CertificateValidator;
|
||||||
|
|
||||||
public class CertificateValidatorTest {
|
public class CertificateValidatorTest {
|
||||||
|
|
||||||
|
|
|
@ -19,6 +19,7 @@ import org.junit.jupiter.params.provider.MethodSource;
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.exception.SignatureValidationException;
|
import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.implementation.ImplementationFactory;
|
import org.pgpainless.implementation.ImplementationFactory;
|
||||||
|
import org.pgpainless.signature.consumer.CertificateValidator;
|
||||||
|
|
||||||
public class KeyRevocationTest {
|
public class KeyRevocationTest {
|
||||||
|
|
||||||
|
|
|
@ -28,6 +28,7 @@ import org.pgpainless.implementation.ImplementationFactory;
|
||||||
import org.pgpainless.key.TestKeys;
|
import org.pgpainless.key.TestKeys;
|
||||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
import org.pgpainless.key.protection.UnlockSecretKey;
|
import org.pgpainless.key.protection.UnlockSecretKey;
|
||||||
|
import org.pgpainless.signature.consumer.SignatureVerifier;
|
||||||
|
|
||||||
public class SignatureOverUserAttributesTest {
|
public class SignatureOverUserAttributesTest {
|
||||||
|
|
||||||
|
|
|
@ -46,6 +46,7 @@ import org.pgpainless.key.TestKeys;
|
||||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
import org.pgpainless.key.protection.UnlockSecretKey;
|
import org.pgpainless.key.protection.UnlockSecretKey;
|
||||||
import org.pgpainless.policy.Policy;
|
import org.pgpainless.policy.Policy;
|
||||||
|
import org.pgpainless.signature.consumer.SignaturePicker;
|
||||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
||||||
|
|
||||||
public class SignatureSubpacketsUtilTest {
|
public class SignatureSubpacketsUtilTest {
|
||||||
|
|
|
@ -17,6 +17,7 @@ import org.junit.jupiter.api.Test;
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.exception.SignatureValidationException;
|
import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.key.OpenPgpV4Fingerprint;
|
import org.pgpainless.key.OpenPgpV4Fingerprint;
|
||||||
|
import org.pgpainless.signature.consumer.SignatureValidator;
|
||||||
|
|
||||||
public class SignatureWasPossiblyMadeByKeyTest {
|
public class SignatureWasPossiblyMadeByKeyTest {
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@ import org.junit.jupiter.api.Test;
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.key.info.KeyRingInfo;
|
import org.pgpainless.key.info.KeyRingInfo;
|
||||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
import org.pgpainless.signature.ProofUtil;
|
import org.pgpainless.signature.consumer.ProofUtil;
|
||||||
|
|
||||||
public class ProofUtilTest {
|
public class ProofUtilTest {
|
||||||
|
|
||||||
|
|
|
@ -45,7 +45,7 @@ public class SubkeyBindingSignatureBuilderTest {
|
||||||
.getEncryptionSubkeys(EncryptionPurpose.ANY).get(0);
|
.getEncryptionSubkeys(EncryptionPurpose.ANY).get(0);
|
||||||
PGPSecretKey subkeySec = tempSubkeyRing.getSecretKey(subkeyPub.getKeyID());
|
PGPSecretKey subkeySec = tempSubkeyRing.getSecretKey(subkeyPub.getKeyID());
|
||||||
|
|
||||||
PGPSignature binding = SignatureBuilder.bindNonSigningSubkey(
|
PGPSignature binding = SignatureFactory.bindNonSigningSubkey(
|
||||||
secretKey.getSecretKey(), protector,
|
secretKey.getSecretKey(), protector,
|
||||||
new SelfSignatureSubpackets.Callback() {
|
new SelfSignatureSubpackets.Callback() {
|
||||||
@Override
|
@Override
|
||||||
|
|
Loading…
Reference in a new issue