mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-22 20:32:05 +01:00
Refactor SignatureVerifyingInputStream
This commit is contained in:
parent
ad070d0c34
commit
be33206d03
GPG key ID:
62BEE9264BF17311
1 changed files with 52 additions and 33 deletions
|
|
@ -67,12 +67,9 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
|
||||||
}
|
}
|
||||||
|
|
||||||
private void validateOnePassSignatures() throws IOException {
|
private void validateOnePassSignatures() throws IOException {
|
||||||
|
|
||||||
if (validated) {
|
if (validated) {
|
||||||
LOGGER.log(LEVEL, "Validated signatures already. Skip");
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
validated = true;
|
validated = true;
|
||||||
|
|
||||||
if (onePassSignatures.isEmpty()) {
|
if (onePassSignatures.isEmpty()) {
|
||||||
|
|
@ -80,44 +77,20 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
PGPSignatureList signatureList = findPgpSignatureList();
|
||||||
|
|
||||||
try {
|
try {
|
||||||
PGPSignatureList signatureList = null;
|
|
||||||
Object obj = objectFactory.nextObject();
|
|
||||||
while (obj != null && signatureList == null) {
|
|
||||||
if (obj instanceof PGPSignatureList) {
|
|
||||||
signatureList = (PGPSignatureList) obj;
|
|
||||||
} else {
|
|
||||||
obj = objectFactory.nextObject();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (signatureList == null || signatureList.isEmpty()) {
|
|
||||||
throw new IOException("Verification failed - No Signatures found");
|
|
||||||
}
|
|
||||||
|
|
||||||
for (PGPSignature signature : signatureList) {
|
for (PGPSignature signature : signatureList) {
|
||||||
resultBuilder.addSignature(signature);
|
resultBuilder.addSignature(signature);
|
||||||
OpenPgpV4Fingerprint fingerprint = null;
|
|
||||||
for (OpenPgpV4Fingerprint f : onePassSignatures.keySet()) {
|
|
||||||
if (f.getKeyId() == signature.getKeyID()) {
|
|
||||||
fingerprint = f;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
PGPOnePassSignature onePassSignature;
|
OpenPgpV4Fingerprint fingerprint = findFingerprintForSignature(signature);
|
||||||
if (fingerprint == null || (onePassSignature = onePassSignatures.get(fingerprint)) == null) {
|
PGPOnePassSignature onePassSignature = findOnePassSignature(fingerprint);
|
||||||
|
if (onePassSignature == null) {
|
||||||
LOGGER.log(LEVEL, "Found Signature without respective OnePassSignature packet -> skip");
|
LOGGER.log(LEVEL, "Found Signature without respective OnePassSignature packet -> skip");
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!onePassSignature.verify(signature)) {
|
verifySignatureOrThrowSignatureException(signature, fingerprint, onePassSignature);
|
||||||
throw new SignatureException("Bad Signature of key " + signature.getKeyID());
|
|
||||||
} else {
|
|
||||||
LOGGER.log(LEVEL, "Verified signature of key " + Long.toHexString(signature.getKeyID()));
|
|
||||||
resultBuilder.putVerifiedSignature(fingerprint, signature);
|
|
||||||
resultBuilder.addVerifiedSignatureFingerprint(fingerprint);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
} catch (PGPException | SignatureException e) {
|
} catch (PGPException | SignatureException e) {
|
||||||
throw new IOException(e.getMessage(), e);
|
throw new IOException(e.getMessage(), e);
|
||||||
|
|
@ -125,6 +98,52 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void verifySignatureOrThrowSignatureException(PGPSignature signature, OpenPgpV4Fingerprint fingerprint, PGPOnePassSignature onePassSignature) throws PGPException, SignatureException {
|
||||||
|
if (onePassSignature.verify(signature)) {
|
||||||
|
LOGGER.log(LEVEL, "Verified signature of key " + Long.toHexString(signature.getKeyID()));
|
||||||
|
resultBuilder.putVerifiedSignature(fingerprint, signature);
|
||||||
|
resultBuilder.addVerifiedSignatureFingerprint(fingerprint);
|
||||||
|
} else {
|
||||||
|
throw new SignatureException("Bad Signature of key " + signature.getKeyID());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private PGPOnePassSignature findOnePassSignature(OpenPgpV4Fingerprint fingerprint) {
|
||||||
|
if (fingerprint != null) {
|
||||||
|
return onePassSignatures.get(fingerprint);
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
private PGPSignatureList findPgpSignatureList() throws IOException {
|
||||||
|
PGPSignatureList signatureList = null;
|
||||||
|
Object pgpObject = objectFactory.nextObject();
|
||||||
|
while (pgpObject != null && signatureList == null) {
|
||||||
|
if (pgpObject instanceof PGPSignatureList) {
|
||||||
|
signatureList = (PGPSignatureList) pgpObject;
|
||||||
|
} else {
|
||||||
|
pgpObject = objectFactory.nextObject();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (signatureList == null || signatureList.isEmpty()) {
|
||||||
|
throw new IOException("Verification failed - No Signatures found");
|
||||||
|
}
|
||||||
|
|
||||||
|
return signatureList;
|
||||||
|
}
|
||||||
|
|
||||||
|
private OpenPgpV4Fingerprint findFingerprintForSignature(PGPSignature signature) {
|
||||||
|
OpenPgpV4Fingerprint fingerprint = null;
|
||||||
|
for (OpenPgpV4Fingerprint f : onePassSignatures.keySet()) {
|
||||||
|
if (f.getKeyId() == signature.getKeyID()) {
|
||||||
|
fingerprint = f;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return fingerprint;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public int read() throws IOException {
|
public int read() throws IOException {
|
||||||
final int data = super.read();
|
final int data = super.read();
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue