PGPainless/pgpainless
PGPainless
/
pgpainless
mirror of https://github.com/pgpainless/pgpainless.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Switch from JUL logging to SLF4J

This commit is contained in:
Paul Schaub 2021-08-23 13:29:57 +02:00
parent ae1539fa24
commit 829068d5a8
9 changed files with 77 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pgpainless-core/build.gradle
View File

@ -10,6 +10,9 @@ dependencies {
implementation "org.bouncycastle:bcprov-jdk15on:$bouncyCastleVersion" implementation "org.bouncycastle:bcprov-jdk15on:$bouncyCastleVersion"
api "org.bouncycastle:bcpg-jdk15on:$bouncyCastleVersion" api "org.bouncycastle:bcpg-jdk15on:$bouncyCastleVersion"
implementation 'org.slf4j:slf4j-api:1.7.32'
testImplementation 'ch.qos.logback:logback-classic:1.2.5'
// https://mvnrepository.com/artifact/com.google.code.findbugs/jsr305 // https://mvnrepository.com/artifact/com.google.code.findbugs/jsr305
implementation group: 'com.google.code.findbugs', name: 'jsr305', version: '3.0.2' implementation group: 'com.google.code.findbugs', name: 'jsr305', version: '3.0.2'
} }

8
pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStream.java
View File

@ -20,8 +20,6 @@ import static org.pgpainless.signature.SignatureValidator.signatureWasCreatedInB
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.util.List; import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPPublicKeyRing;
@ -31,6 +29,8 @@ import org.pgpainless.signature.DetachedSignature;
import org.pgpainless.signature.CertificateValidator; import org.pgpainless.signature.CertificateValidator;
import org.pgpainless.exception.SignatureValidationException; import org.pgpainless.exception.SignatureValidationException;
import org.pgpainless.util.IntegrityProtectedInputStream; import org.pgpainless.util.IntegrityProtectedInputStream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** /**
* Decryption Stream that handles updating and verification of detached signatures, * Decryption Stream that handles updating and verification of detached signatures,
@ -38,7 +38,7 @@ import org.pgpainless.util.IntegrityProtectedInputStream;
*/ */
public class DecryptionStream extends InputStream { public class DecryptionStream extends InputStream {
private static final Logger LOGGER = Logger.getLogger(DecryptionStream.class.getName()); private static final Logger LOGGER = LoggerFactory.getLogger(DecryptionStream.class);
private final InputStream inputStream; private final InputStream inputStream;
private final ConsumerOptions options; private final ConsumerOptions options;
@ -108,7 +108,7 @@ public class DecryptionStream extends InputStream {
boolean verified = CertificateValidator.validateCertificateAndVerifyInitializedSignature(s.getSignature(), (PGPPublicKeyRing) s.getSigningKeyRing(), PGPainless.getPolicy()); boolean verified = CertificateValidator.validateCertificateAndVerifyInitializedSignature(s.getSignature(), (PGPPublicKeyRing) s.getSigningKeyRing(), PGPainless.getPolicy());
s.setVerified(verified); s.setVerified(verified);
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
LOGGER.log(Level.WARNING, "Could not verify signature of key " + s.getSigningKeyIdentifier(), e); LOGGER.warn("Could not verify signature of key {}", s.getSigningKeyIdentifier(), e);
} }
} }
} }

45
pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java
View File

@ -24,8 +24,6 @@ import java.util.HashMap;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
import org.bouncycastle.bcpg.ArmoredInputStream; import org.bouncycastle.bcpg.ArmoredInputStream;
@ -70,11 +68,12 @@ import org.pgpainless.signature.SignatureUtils;
import org.pgpainless.util.CRCingArmoredInputStreamWrapper; import org.pgpainless.util.CRCingArmoredInputStreamWrapper;
import org.pgpainless.util.IntegrityProtectedInputStream; import org.pgpainless.util.IntegrityProtectedInputStream;
import org.pgpainless.util.Passphrase; import org.pgpainless.util.Passphrase;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public final class DecryptionStreamFactory { public final class DecryptionStreamFactory {
private static final Logger LOGGER = Logger.getLogger(DecryptionStreamFactory.class.getName()); private static final Logger LOGGER = LoggerFactory.getLogger(DecryptionStreamFactory.class);
private static final Level LEVEL = Level.FINE;
private static final int MAX_RECURSION_DEPTH = 16; private static final int MAX_RECURSION_DEPTH = 16;
private final ConsumerOptions options; private final ConsumerOptions options;
@ -103,7 +102,7 @@ public final class DecryptionStreamFactory {
resultBuilder.addDetachedSignature( resultBuilder.addDetachedSignature(
new DetachedSignature(signature, signingKeyRing, signingKeyIdentifier)); new DetachedSignature(signature, signingKeyRing, signingKeyIdentifier));
} catch (PGPException e) { } catch (PGPException e) {
LOGGER.log(Level.INFO, "Cannot verify signature made by " + signingKeyIdentifier, e); LOGGER.warn("Cannot verify detached signature made by {}. Reason: {}", signingKeyIdentifier, e.getMessage(), e);
} }
} }
} }
@ -163,7 +162,7 @@ public final class DecryptionStreamFactory {
return processOnePassSignatureList(objectFactory, (PGPOnePassSignatureList) nextPgpObject, depth); return processOnePassSignatureList(objectFactory, (PGPOnePassSignatureList) nextPgpObject, depth);
} }
if (nextPgpObject instanceof PGPLiteralData) { if (nextPgpObject instanceof PGPLiteralData) {
return processPGPLiteralData(objectFactory, (PGPLiteralData) nextPgpObject); return processPGPLiteralData(objectFactory, (PGPLiteralData) nextPgpObject, depth);
} }
} }
@ -172,7 +171,7 @@ public final class DecryptionStreamFactory {
private InputStream processPGPEncryptedDataList(PGPEncryptedDataList pgpEncryptedDataList, int depth) private InputStream processPGPEncryptedDataList(PGPEncryptedDataList pgpEncryptedDataList, int depth)
throws PGPException, IOException { throws PGPException, IOException {
LOGGER.log(LEVEL, "Encountered PGPEncryptedDataList"); LOGGER.debug("Depth {}: Encountered PGPEncryptedDataList", depth);
InputStream decryptedDataStream = decrypt(pgpEncryptedDataList); InputStream decryptedDataStream = decrypt(pgpEncryptedDataList);
InputStream decodedDataStream = PGPUtil.getDecoderStream(decryptedDataStream); InputStream decodedDataStream = PGPUtil.getDecoderStream(decryptedDataStream);
PGPObjectFactory factory = new PGPObjectFactory(decodedDataStream, keyFingerprintCalculator); PGPObjectFactory factory = new PGPObjectFactory(decodedDataStream, keyFingerprintCalculator);
@ -182,7 +181,7 @@ public final class DecryptionStreamFactory {
private InputStream processPGPCompressedData(PGPCompressedData pgpCompressedData, int depth) private InputStream processPGPCompressedData(PGPCompressedData pgpCompressedData, int depth)
throws PGPException, IOException { throws PGPException, IOException {
CompressionAlgorithm compressionAlgorithm = CompressionAlgorithm.fromId(pgpCompressedData.getAlgorithm()); CompressionAlgorithm compressionAlgorithm = CompressionAlgorithm.fromId(pgpCompressedData.getAlgorithm());
LOGGER.log(LEVEL, "Encountered PGPCompressedData: {}", compressionAlgorithm); LOGGER.debug("Depth {}: Encountered PGPCompressedData: {}", depth, compressionAlgorithm);
resultBuilder.setCompressionAlgorithm(compressionAlgorithm); resultBuilder.setCompressionAlgorithm(compressionAlgorithm);
InputStream inflatedDataStream = pgpCompressedData.getDataStream(); InputStream inflatedDataStream = pgpCompressedData.getDataStream();
@ -194,13 +193,13 @@ public final class DecryptionStreamFactory {
private InputStream processOnePassSignatureList(@Nonnull PGPObjectFactory objectFactory, PGPOnePassSignatureList onePassSignatures, int depth) private InputStream processOnePassSignatureList(@Nonnull PGPObjectFactory objectFactory, PGPOnePassSignatureList onePassSignatures, int depth)
throws PGPException, IOException { throws PGPException, IOException {
LOGGER.log(LEVEL, "Encountered PGPOnePassSignatureList of size {}", onePassSignatures.size()); LOGGER.debug("Depth {}: Encountered PGPOnePassSignatureList of size {}", depth, onePassSignatures.size());
initOnePassSignatures(onePassSignatures); initOnePassSignatures(onePassSignatures);
return processPGPPackets(objectFactory, ++depth); return processPGPPackets(objectFactory, ++depth);
} }
private InputStream processPGPLiteralData(@Nonnull PGPObjectFactory objectFactory, PGPLiteralData pgpLiteralData) { private InputStream processPGPLiteralData(@Nonnull PGPObjectFactory objectFactory, PGPLiteralData pgpLiteralData, int depth) {
LOGGER.log(LEVEL, "Found PGPLiteralData"); LOGGER.debug("Depth {}: Found PGPLiteralData", depth);
InputStream literalDataInputStream = pgpLiteralData.getInputStream(); InputStream literalDataInputStream = pgpLiteralData.getInputStream();
resultBuilder.setFileName(pgpLiteralData.getFileName()) resultBuilder.setFileName(pgpLiteralData.getFileName())
@ -208,7 +207,7 @@ public final class DecryptionStreamFactory {
.setFileEncoding(StreamEncoding.fromCode(pgpLiteralData.getFormat())); .setFileEncoding(StreamEncoding.fromCode(pgpLiteralData.getFormat()));
if (verifiableOnePassSignatures.isEmpty()) { if (verifiableOnePassSignatures.isEmpty()) {
LOGGER.log(LEVEL, "No OnePassSignatures found -> We are done"); LOGGER.debug("No OnePassSignatures found -> We are done");
return literalDataInputStream; return literalDataInputStream;
} }
@ -249,7 +248,7 @@ public final class DecryptionStreamFactory {
return decryptedDataStream; return decryptedDataStream;
} catch (PGPException e) { } catch (PGPException e) {
LOGGER.log(LEVEL, "Probable passphrase mismatch, skip PBE encrypted data block", e); LOGGER.debug("Probable passphrase mismatch, skip PBE encrypted data block", e);
} }
} }
} }
@ -261,12 +260,12 @@ public final class DecryptionStreamFactory {
if (!options.getDecryptionKeys().isEmpty()) { if (!options.getDecryptionKeys().isEmpty()) {
// Known key id // Known key id
if (keyId != 0) { if (keyId != 0) {
LOGGER.log(LEVEL, "PGPEncryptedData is encrypted for key {}", Long.toHexString(keyId)); LOGGER.debug("PGPEncryptedData is encrypted for key {}", Long.toHexString(keyId));
resultBuilder.addRecipientKeyId(keyId); resultBuilder.addRecipientKeyId(keyId);
PGPSecretKeyRing decryptionKeyRing = findDecryptionKeyRing(keyId); PGPSecretKeyRing decryptionKeyRing = findDecryptionKeyRing(keyId);
if (decryptionKeyRing != null) { if (decryptionKeyRing != null) {
PGPSecretKey secretKey = decryptionKeyRing.getSecretKey(keyId); PGPSecretKey secretKey = decryptionKeyRing.getSecretKey(keyId);
LOGGER.log(LEVEL, "Found respective secret key {}", Long.toHexString(keyId)); LOGGER.debug("Found respective secret key {}", Long.toHexString(keyId));
// Watch out! This assignment is possibly done multiple times. // Watch out! This assignment is possibly done multiple times.
encryptedSessionKey = publicKeyEncryptedData; encryptedSessionKey = publicKeyEncryptedData;
decryptionKey = UnlockSecretKey.unlockSecretKey(secretKey, options.getSecretKeyProtector(decryptionKeyRing)); decryptionKey = UnlockSecretKey.unlockSecretKey(secretKey, options.getSecretKeyProtector(decryptionKeyRing));
@ -276,7 +275,7 @@ public final class DecryptionStreamFactory {
// Hidden recipient // Hidden recipient
else { else {
LOGGER.log(LEVEL, "Hidden recipient detected. Try to decrypt with all available secret keys."); LOGGER.debug("Hidden recipient detected. Try to decrypt with all available secret keys.");
outerloop: for (PGPSecretKeyRing ring : options.getDecryptionKeys()) { outerloop: for (PGPSecretKeyRing ring : options.getDecryptionKeys()) {
KeyRingInfo info = new KeyRingInfo(ring); KeyRingInfo info = new KeyRingInfo(ring);
List<PGPPublicKey> encryptionSubkeys = info.getEncryptionSubkeys(EncryptionPurpose.STORAGE_AND_COMMUNICATIONS); List<PGPPublicKey> encryptionSubkeys = info.getEncryptionSubkeys(EncryptionPurpose.STORAGE_AND_COMMUNICATIONS);
@ -290,13 +289,13 @@ public final class DecryptionStreamFactory {
PublicKeyDataDecryptorFactory decryptorFactory = ImplementationFactory.getInstance().getPublicKeyDataDecryptorFactory(privateKey); PublicKeyDataDecryptorFactory decryptorFactory = ImplementationFactory.getInstance().getPublicKeyDataDecryptorFactory(privateKey);
try { try {
publicKeyEncryptedData.getSymmetricAlgorithm(decryptorFactory); // will only succeed if we have the right secret key publicKeyEncryptedData.getSymmetricAlgorithm(decryptorFactory); // will only succeed if we have the right secret key
LOGGER.log(LEVEL, "Found correct key {} for hidden recipient decryption.", Long.toHexString(key.getKeyID())); LOGGER.debug("Found correct key {} for hidden recipient decryption.", Long.toHexString(key.getKeyID()));
decryptionKey = privateKey; decryptionKey = privateKey;
resultBuilder.setDecryptionKey(new SubkeyIdentifier(ring, decryptionKey.getKeyID())); resultBuilder.setDecryptionKey(new SubkeyIdentifier(ring, decryptionKey.getKeyID()));
encryptedSessionKey = publicKeyEncryptedData; encryptedSessionKey = publicKeyEncryptedData;
break outerloop; break outerloop;
} catch (PGPException | ClassCastException e) { } catch (PGPException | ClassCastException e) {
LOGGER.log(LEVEL, "Skipping wrong key " + Long.toHexString(key.getKeyID()) + " for hidden recipient decryption.", e); LOGGER.debug("Skipping wrong key {} for hidden recipient decryption.", Long.toHexString(key.getKeyID()), e);
} }
} }
} }
@ -319,9 +318,9 @@ public final class DecryptionStreamFactory {
SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm
.fromId(encryptedSessionKey.getSymmetricAlgorithm(dataDecryptor)); .fromId(encryptedSessionKey.getSymmetricAlgorithm(dataDecryptor));
if (symmetricKeyAlgorithm == SymmetricKeyAlgorithm.NULL) { if (symmetricKeyAlgorithm == SymmetricKeyAlgorithm.NULL) {
LOGGER.log(LEVEL, "Message is unencrypted"); LOGGER.debug("Message is unencrypted");
} else { } else {
LOGGER.log(LEVEL, "Message is encrypted using {}", symmetricKeyAlgorithm); LOGGER.debug("Message is encrypted using {}", symmetricKeyAlgorithm);
} }
throwIfAlgorithmIsRejected(symmetricKeyAlgorithm); throwIfAlgorithmIsRejected(symmetricKeyAlgorithm);
resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm); resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm);
@ -359,12 +358,12 @@ public final class DecryptionStreamFactory {
private void processOnePassSignature(PGPOnePassSignature signature) throws PGPException { private void processOnePassSignature(PGPOnePassSignature signature) throws PGPException {
final long keyId = signature.getKeyID(); final long keyId = signature.getKeyID();
LOGGER.log(LEVEL, "Message contains OnePassSignature from {}", Long.toHexString(keyId)); LOGGER.debug("Message contains OnePassSignature from {}", Long.toHexString(keyId));
// Find public key // Find public key
PGPPublicKeyRing verificationKeyRing = findSignatureVerificationKeyRing(keyId); PGPPublicKeyRing verificationKeyRing = findSignatureVerificationKeyRing(keyId);
if (verificationKeyRing == null) { if (verificationKeyRing == null) {
LOGGER.log(LEVEL, "Missing verification key from {}", Long.toHexString(keyId)); LOGGER.debug("Missing verification key from {}", Long.toHexString(keyId));
return; return;
} }
PGPPublicKey verificationKey = verificationKeyRing.getPublicKey(keyId); PGPPublicKey verificationKey = verificationKeyRing.getPublicKey(keyId);
@ -390,7 +389,7 @@ public final class DecryptionStreamFactory {
for (PGPPublicKeyRing publicKeyRing : options.getCertificates()) { for (PGPPublicKeyRing publicKeyRing : options.getCertificates()) {
PGPPublicKey verificationKey = publicKeyRing.getPublicKey(keyId); PGPPublicKey verificationKey = publicKeyRing.getPublicKey(keyId);
if (verificationKey != null) { if (verificationKey != null) {
LOGGER.log(LEVEL, "Found public key {} for signature verification", Long.toHexString(keyId)); LOGGER.debug("Found public key {} for signature verification", Long.toHexString(keyId));
verificationKeyRing = publicKeyRing; verificationKeyRing = publicKeyRing;
break; break;
} }

17
pgpainless-core/src/main/java/org/pgpainless/decryption_verification/SignatureVerifyingInputStream.java
View File

@ -21,8 +21,6 @@ import java.io.FilterInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.util.Map; import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
import org.bouncycastle.openpgp.PGPObjectFactory; import org.bouncycastle.openpgp.PGPObjectFactory;
@ -34,11 +32,12 @@ import org.pgpainless.key.OpenPgpV4Fingerprint;
import org.pgpainless.policy.Policy; import org.pgpainless.policy.Policy;
import org.pgpainless.signature.OnePassSignature; import org.pgpainless.signature.OnePassSignature;
import org.pgpainless.signature.CertificateValidator; import org.pgpainless.signature.CertificateValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class SignatureVerifyingInputStream extends FilterInputStream { public class SignatureVerifyingInputStream extends FilterInputStream {
private static final Logger LOGGER = Logger.getLogger(SignatureVerifyingInputStream.class.getName()); private static final Logger LOGGER = LoggerFactory.getLogger(SignatureVerifyingInputStream.class);
private static final Level LEVEL = Level.FINE;
private final PGPObjectFactory objectFactory; private final PGPObjectFactory objectFactory;
private final Map<OpenPgpV4Fingerprint, OnePassSignature> onePassSignatures; private final Map<OpenPgpV4Fingerprint, OnePassSignature> onePassSignatures;
@ -58,7 +57,7 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
this.resultBuilder = resultBuilder; this.resultBuilder = resultBuilder;
this.onePassSignatures = onePassSignatures; this.onePassSignatures = onePassSignatures;
LOGGER.log(LEVEL, "Begin verifying OnePassSignatures"); LOGGER.debug("Begin verifying OnePassSignatures");
} }
private void updateOnePassSignatures(byte data) { private void updateOnePassSignatures(byte data) {
@ -83,7 +82,7 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
private void validateOnePassSignaturesIfAny() throws IOException { private void validateOnePassSignaturesIfAny() throws IOException {
if (onePassSignatures.isEmpty()) { if (onePassSignatures.isEmpty()) {
LOGGER.log(LEVEL, "No One-Pass-Signatures found -> No validation"); LOGGER.debug("No One-Pass-Signatures found -> No validation");
return; return;
} }
validateOnePassSignatures(); validateOnePassSignatures();
@ -97,14 +96,14 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
OpenPgpV4Fingerprint fingerprint = findFingerprintForSignature(signature); OpenPgpV4Fingerprint fingerprint = findFingerprintForSignature(signature);
OnePassSignature onePassSignature = findOnePassSignature(fingerprint); OnePassSignature onePassSignature = findOnePassSignature(fingerprint);
if (onePassSignature == null) { if (onePassSignature == null) {
LOGGER.log(LEVEL, "Found Signature without respective OnePassSignature packet -> skip"); LOGGER.warn("Found Signature without respective OnePassSignature packet -> skip");
continue; continue;
} }
verifySignatureOrThrowSignatureException(signature, onePassSignature); verifySignatureOrThrowSignatureException(signature, onePassSignature);
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
LOGGER.log(LEVEL, "One-pass-signature verification failed for signature made by key " + LOGGER.warn("One-pass-signature verification failed for signature made by key {}: {}",
Long.toHexString(signature.getKeyID()) + ": " + e.getMessage(), e); Long.toHexString(signature.getKeyID()), e.getMessage(), e);
} }
} }
} }

8
pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionBuilder.java
View File

@ -28,9 +28,13 @@ import org.pgpainless.algorithm.CompressionAlgorithm;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.algorithm.negotiation.SymmetricKeyAlgorithmNegotiator; import org.pgpainless.algorithm.negotiation.SymmetricKeyAlgorithmNegotiator;
import org.pgpainless.key.SubkeyIdentifier; import org.pgpainless.key.SubkeyIdentifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class EncryptionBuilder implements EncryptionBuilderInterface { public class EncryptionBuilder implements EncryptionBuilderInterface {
private static final Logger LOGGER = LoggerFactory.getLogger(EncryptionBuilder.class);
private OutputStream outputStream; private OutputStream outputStream;
@Override @Override
@ -61,12 +65,14 @@ public class EncryptionBuilder implements EncryptionBuilderInterface {
preferences.add(encryptionOptions.getKeyViews().get(key).getPreferredSymmetricKeyAlgorithms()); preferences.add(encryptionOptions.getKeyViews().get(key).getPreferredSymmetricKeyAlgorithms());
} }
return SymmetricKeyAlgorithmNegotiator SymmetricKeyAlgorithm algorithm = SymmetricKeyAlgorithmNegotiator
.byPopularity() .byPopularity()
.negotiate( .negotiate(
PGPainless.getPolicy().getSymmetricKeyEncryptionAlgorithmPolicy(), PGPainless.getPolicy().getSymmetricKeyEncryptionAlgorithmPolicy(),
encryptionOptions.getEncryptionAlgorithmOverride(), encryptionOptions.getEncryptionAlgorithmOverride(),
preferences); preferences);
LOGGER.debug("Negotiation resulted in {} being the symmetric encryption algorithm of choice.", algorithm);
return algorithm;
} }
public static CompressionAlgorithm negotiateCompressionAlgorithm(ProducerOptions producerOptions) { public static CompressionAlgorithm negotiateCompressionAlgorithm(ProducerOptions producerOptions) {

15
pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionStream.java
View File

@ -19,8 +19,6 @@ import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
import org.bouncycastle.bcpg.ArmoredOutputStream; import org.bouncycastle.bcpg.ArmoredOutputStream;
@ -38,6 +36,8 @@ import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.implementation.ImplementationFactory; import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.key.SubkeyIdentifier; import org.pgpainless.key.SubkeyIdentifier;
import org.pgpainless.util.ArmoredOutputStreamFactory; import org.pgpainless.util.ArmoredOutputStreamFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** /**
* This class is based upon Jens Neuhalfen's Bouncy-GPG PGPEncryptingStream. * This class is based upon Jens Neuhalfen's Bouncy-GPG PGPEncryptingStream.
@ -45,8 +45,7 @@ import org.pgpainless.util.ArmoredOutputStreamFactory;
*/ */
public final class EncryptionStream extends OutputStream { public final class EncryptionStream extends OutputStream {
private static final Logger LOGGER = Logger.getLogger(EncryptionStream.class.getName()); private static final Logger LOGGER = LoggerFactory.getLogger(EncryptionStream.class);
private static final Level LEVEL = Level.FINE;
private final ProducerOptions options; private final ProducerOptions options;
private final EncryptionResult.Builder resultBuilder = EncryptionResult.builder(); private final EncryptionResult.Builder resultBuilder = EncryptionResult.builder();
@ -80,11 +79,11 @@ public final class EncryptionStream extends OutputStream {
private void prepareArmor() { private void prepareArmor() {
if (!options.isAsciiArmor()) { if (!options.isAsciiArmor()) {
LOGGER.log(LEVEL, "Encryption output will be binary"); LOGGER.debug("Output will be unarmored");
return; return;
} }
LOGGER.log(LEVEL, "Wrap encryption output in ASCII armor"); LOGGER.debug("Wrap encryption output in ASCII armor");
armorOutputStream = ArmoredOutputStreamFactory.get(outermostStream); armorOutputStream = ArmoredOutputStreamFactory.get(outermostStream);
outermostStream = armorOutputStream; outermostStream = armorOutputStream;
} }
@ -99,7 +98,7 @@ public final class EncryptionStream extends OutputStream {
SymmetricKeyAlgorithm encryptionAlgorithm = EncryptionBuilder.negotiateSymmetricEncryptionAlgorithm(encryptionOptions); SymmetricKeyAlgorithm encryptionAlgorithm = EncryptionBuilder.negotiateSymmetricEncryptionAlgorithm(encryptionOptions);
resultBuilder.setEncryptionAlgorithm(encryptionAlgorithm); resultBuilder.setEncryptionAlgorithm(encryptionAlgorithm);
LOGGER.log(LEVEL, "Encrypt message using {}", encryptionAlgorithm); LOGGER.debug("Encrypt message using {}", encryptionAlgorithm);
PGPDataEncryptorBuilder dataEncryptorBuilder = PGPDataEncryptorBuilder dataEncryptorBuilder =
ImplementationFactory.getInstance().getPGPDataEncryptorBuilder(encryptionAlgorithm); ImplementationFactory.getInstance().getPGPDataEncryptorBuilder(encryptionAlgorithm);
dataEncryptorBuilder.setWithIntegrityPacket(true); dataEncryptorBuilder.setWithIntegrityPacket(true);
@ -127,7 +126,7 @@ public final class EncryptionStream extends OutputStream {
return; return;
} }
LOGGER.log(LEVEL, "Compress using {}", compressionAlgorithm); LOGGER.debug("Compress using {}", compressionAlgorithm);
basicCompressionStream = new BCPGOutputStream(compressedDataGenerator.open(outermostStream)); basicCompressionStream = new BCPGOutputStream(compressedDataGenerator.open(outermostStream));
outermostStream = basicCompressionStream; outermostStream = basicCompressionStream;
} }

14
pgpainless-core/src/main/java/org/pgpainless/key/KeyRingValidator.java
View File

@ -19,8 +19,6 @@ import java.util.Collections;
import java.util.Date; import java.util.Date;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyRing; import org.bouncycastle.openpgp.PGPKeyRing;
@ -35,6 +33,8 @@ import org.pgpainless.policy.Policy;
import org.pgpainless.signature.SignatureCreationDateComparator; import org.pgpainless.signature.SignatureCreationDateComparator;
import org.pgpainless.signature.SignatureVerifier; import org.pgpainless.signature.SignatureVerifier;
import org.pgpainless.util.CollectionUtils; import org.pgpainless.util.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public final class KeyRingValidator { public final class KeyRingValidator {
@ -42,7 +42,7 @@ public final class KeyRingValidator {
} }
private static final Logger LOGGER = Logger.getLogger(KeyRingValidator.class.getName()); private static final Logger LOGGER = LoggerFactory.getLogger(KeyRingValidator.class);
public static <R extends PGPKeyRing> R validate(R keyRing, Policy policy) { public static <R extends PGPKeyRing> R validate(R keyRing, Policy policy) {
try { try {
@ -81,7 +81,7 @@ public final class KeyRingValidator {
blank = PGPPublicKey.addCertification(blank, signature); blank = PGPPublicKey.addCertification(blank, signature);
} }
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
LOGGER.log(Level.INFO, "Rejecting direct key signature", e); LOGGER.debug("Rejecting direct key signature: {}", e.getMessage(), e);
} }
} }
@ -94,7 +94,7 @@ public final class KeyRingValidator {
blank = PGPPublicKey.addCertification(blank, signature); blank = PGPPublicKey.addCertification(blank, signature);
} }
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
LOGGER.log(Level.INFO, "Rejecting key revocation signature", e); LOGGER.debug("Rejecting key revocation signature: {}", e.getMessage(), e);
} }
} }
@ -116,7 +116,7 @@ public final class KeyRingValidator {
} }
} }
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
LOGGER.log(Level.FINE, "Rejecting user-id certification for user-id " + userId, e); LOGGER.debug("Rejecting user-id certification for user-id {}: {}", userId, e.getMessage(), e);
} }
} }
} }
@ -138,7 +138,7 @@ public final class KeyRingValidator {
} }
} }
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
LOGGER.log(Level.INFO, "Rejecting user-attribute signature", e); LOGGER.debug("Rejecting user-attribute signature: {}", e.getMessage(), e);
} }
} }
} }

18
pgpainless-core/src/main/java/org/pgpainless/signature/CertificateValidator.java
View File

@ -25,8 +25,6 @@ import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.bcpg.sig.KeyFlags; import org.bouncycastle.bcpg.sig.KeyFlags;
import org.bouncycastle.bcpg.sig.SignerUserID; import org.bouncycastle.bcpg.sig.SignerUserID;
@ -38,6 +36,8 @@ import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.exception.SignatureValidationException; import org.pgpainless.exception.SignatureValidationException;
import org.pgpainless.policy.Policy; import org.pgpainless.policy.Policy;
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil; import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** /**
* A collection of static methods that validate signing certificates (public keys) and verify signature correctness. * A collection of static methods that validate signing certificates (public keys) and verify signature correctness.
@ -48,7 +48,7 @@ public final class CertificateValidator {
} }
private static final Logger LOGGER = Logger.getLogger(CertificateValidator.class.getName()); private static final Logger LOGGER = LoggerFactory.getLogger(CertificateValidator.class);
/** /**
* Check if the signing key was eligible to create the provided signature. * Check if the signing key was eligible to create the provided signature.
@ -88,7 +88,7 @@ public final class CertificateValidator {
} }
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
rejections.put(revocation, e); rejections.put(revocation, e);
LOGGER.log(Level.FINE, "Rejecting key revocation signature.", e); LOGGER.debug("Rejecting key revocation signature: {}", e.getMessage(), e);
} }
} }
@ -102,7 +102,7 @@ public final class CertificateValidator {
} }
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
rejections.put(keySignature, e); rejections.put(keySignature, e);
LOGGER.log(Level.FINE, "Rejecting key signature.", e); LOGGER.debug("Rejecting key signature: {}", e.getMessage(), e);
} }
} }
@ -128,7 +128,7 @@ public final class CertificateValidator {
} }
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
rejections.put(userIdSig, e); rejections.put(userIdSig, e);
LOGGER.log(Level.FINE, "Rejecting user-id signature.", e); LOGGER.debug("Rejecting user-id signature: {}", e.getMessage(), e);
} }
} }
Collections.sort(signaturesOnUserId, new SignatureValidityComparator(SignatureCreationDateComparator.Order.NEW_TO_OLD)); Collections.sort(signaturesOnUserId, new SignatureValidityComparator(SignatureCreationDateComparator.Order.NEW_TO_OLD));
@ -140,7 +140,7 @@ public final class CertificateValidator {
if (!userIdSignatures.get(userId).isEmpty()) { if (!userIdSignatures.get(userId).isEmpty()) {
PGPSignature current = userIdSignatures.get(userId).get(0); PGPSignature current = userIdSignatures.get(userId).get(0);
if (current.getSignatureType() == SignatureType.CERTIFICATION_REVOCATION.getCode()) { if (current.getSignatureType() == SignatureType.CERTIFICATION_REVOCATION.getCode()) {
LOGGER.log(Level.FINE, "User-ID '{}' is revoked.", userId); LOGGER.debug("User-ID '{}' is revoked.", userId);
} else { } else {
anyUserIdValid = true; anyUserIdValid = true;
} }
@ -178,7 +178,7 @@ public final class CertificateValidator {
} }
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
rejections.put(revocation, e); rejections.put(revocation, e);
LOGGER.log(Level.FINE, "Rejecting subkey revocation signature.", e); LOGGER.debug("Rejecting subkey revocation signature: {}", e.getMessage(), e);
} }
} }
@ -191,7 +191,7 @@ public final class CertificateValidator {
} }
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
rejections.put(bindingSig, e); rejections.put(bindingSig, e);
LOGGER.log(Level.FINE, "Rejecting subkey binding signature.", e); LOGGER.debug("Rejecting subkey binding signature: {}", e.getMessage(), e);
} }
} }

22
pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java
View File

@ -21,8 +21,6 @@ import java.io.IOException;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.util.Iterator; import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPPublicKey;
@ -37,10 +35,12 @@ import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.rsa.RsaLength; import org.pgpainless.key.generation.type.rsa.RsaLength;
import org.pgpainless.key.util.KeyRingUtils; import org.pgpainless.key.util.KeyRingUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class BCUtilTest { public class BCUtilTest {
private static final Logger LOGGER = Logger.getLogger(BCUtil.class.getName()); private static final Logger LOGGER = LoggerFactory.getLogger(BCUtilTest.class);
@Test @Test
public void keyRingToCollectionTest() public void keyRingToCollectionTest()
@ -57,22 +57,22 @@ public class BCUtilTest {
PGPPublicKeyRing pub = KeyRingUtils.publicKeyRingFrom(sec); PGPPublicKeyRing pub = KeyRingUtils.publicKeyRingFrom(sec);
LOGGER.log(Level.FINER, "Main ID: " + sec.getPublicKey().getKeyID() + " " + pub.getPublicKey().getKeyID()); assertEquals(sec.getPublicKey().getKeyID(), pub.getPublicKey().getKeyID());
int secSize = 1; int secSize = 1;
Iterator<PGPPublicKey> secPubIt = sec.getPublicKeys(); Iterator<PGPPublicKey> secPubIt = sec.getPublicKeys();
while (secPubIt.hasNext()) { while (secPubIt.hasNext()) {
PGPPublicKey k = secPubIt.next(); PGPPublicKey k = secPubIt.next();
LOGGER.log(Level.FINER, secSize + " " + k.getKeyID() + " " + k.isEncryptionKey() + " " + k.isMasterKey()); LOGGER.debug("Index {}, keyId {}, isEncryptionKey={}, isPrimary={}", secSize, k.getKeyID(), k.isEncryptionKey(), k.isMasterKey());
secSize++; secSize++;
} }
LOGGER.log(Level.FINER, "After BCUtil.publicKeyRingFromSecretKeyRing()"); LOGGER.debug("After BCUtil.publicKeyRingFromSecretKeyRing()");
int pubSize = 1; int pubSize = 1;
Iterator<PGPPublicKey> pubPubIt = pub.getPublicKeys(); Iterator<PGPPublicKey> pubPubIt = pub.getPublicKeys();
while (pubPubIt.hasNext()) { while (pubPubIt.hasNext()) {
PGPPublicKey k = pubPubIt.next(); PGPPublicKey k = pubPubIt.next();
LOGGER.log(Level.FINER, pubSize + " " + k.getKeyID() + " " + k.isEncryptionKey() + " " + k.isMasterKey()); LOGGER.debug("Index {}, keyId {}, isEncryptionKey={}, isPrimary={}", pubSize, k.getKeyID(), k.isEncryptionKey(), k.isMasterKey());
pubSize++; pubSize++;
} }
@ -84,22 +84,20 @@ public class BCUtilTest {
Iterator<PGPSecretKeyRing> secColIt = secCol.getKeyRings(); Iterator<PGPSecretKeyRing> secColIt = secCol.getKeyRings();
while (secColIt.hasNext()) { while (secColIt.hasNext()) {
PGPSecretKeyRing r = secColIt.next(); PGPSecretKeyRing r = secColIt.next();
LOGGER.log(Level.FINER, "" + r.getPublicKey().getKeyID()); LOGGER.debug("{}", r.getPublicKey().getKeyID());
secColSize++; secColSize++;
} }
LOGGER.log(Level.FINER, "SecCol: " + secColSize);
PGPPublicKeyRingCollection pubCol = KeyRingUtils.keyRingsToKeyRingCollection(pub); PGPPublicKeyRingCollection pubCol = KeyRingUtils.keyRingsToKeyRingCollection(pub);
int pubColSize = 0; int pubColSize = 0;
Iterator<PGPPublicKeyRing> pubColIt = pubCol.getKeyRings(); Iterator<PGPPublicKeyRing> pubColIt = pubCol.getKeyRings();
while (pubColIt.hasNext()) { while (pubColIt.hasNext()) {
PGPPublicKeyRing r = pubColIt.next(); PGPPublicKeyRing r = pubColIt.next();
LOGGER.log(Level.FINER, "" + r.getPublicKey().getKeyID()); LOGGER.debug("{}", r.getPublicKey().getKeyID());
pubColSize++; pubColSize++;
} }
LOGGER.log(Level.FINER, "PubCol: " + pubColSize); assertEquals(pubColSize, secColSize);
} }
} }