2023-01-09 19:48:25 +01:00
|
|
|
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
|
|
|
|
//
|
|
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
|
|
|
package sop.external.operation;
|
|
|
|
|
|
|
|
import sop.ReadyWithResult;
|
|
|
|
import sop.Verification;
|
|
|
|
import sop.exception.SOPGPException;
|
|
|
|
import sop.external.ExternalSOP;
|
|
|
|
import sop.operation.InlineVerify;
|
|
|
|
import sop.util.UTCUtil;
|
|
|
|
|
2023-11-15 13:52:36 +01:00
|
|
|
import javax.annotation.Nonnull;
|
2023-01-12 14:58:42 +01:00
|
|
|
import java.io.BufferedReader;
|
|
|
|
import java.io.File;
|
|
|
|
import java.io.FileInputStream;
|
2023-01-09 19:48:25 +01:00
|
|
|
import java.io.IOException;
|
|
|
|
import java.io.InputStream;
|
2023-01-12 14:58:42 +01:00
|
|
|
import java.io.InputStreamReader;
|
2023-01-09 19:48:25 +01:00
|
|
|
import java.io.OutputStream;
|
|
|
|
import java.util.ArrayList;
|
|
|
|
import java.util.Date;
|
|
|
|
import java.util.List;
|
|
|
|
import java.util.Properties;
|
|
|
|
|
2023-01-19 17:29:29 +01:00
|
|
|
/**
|
|
|
|
* Implementation of the {@link InlineVerify} operation using an external SOP binary.
|
|
|
|
*/
|
2023-01-09 19:48:25 +01:00
|
|
|
public class InlineVerifyExternal implements InlineVerify {
|
|
|
|
|
2023-01-12 14:58:42 +01:00
|
|
|
private final ExternalSOP.TempDirProvider tempDirProvider;
|
2023-01-09 19:48:25 +01:00
|
|
|
private final List<String> commandList = new ArrayList<>();
|
|
|
|
private final List<String> envList;
|
|
|
|
|
|
|
|
private int certCounter = 0;
|
|
|
|
|
2023-01-12 14:58:42 +01:00
|
|
|
public InlineVerifyExternal(String binary, Properties environment, ExternalSOP.TempDirProvider tempDirProvider) {
|
|
|
|
this.tempDirProvider = tempDirProvider;
|
2023-01-09 19:48:25 +01:00
|
|
|
commandList.add(binary);
|
|
|
|
commandList.add("inline-verify");
|
|
|
|
envList = ExternalSOP.propertiesToEnv(environment);
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public InlineVerify notBefore(@Nonnull Date timestamp) throws SOPGPException.UnsupportedOption {
|
2023-01-09 19:48:25 +01:00
|
|
|
commandList.add("--not-before=" + UTCUtil.formatUTCDate(timestamp));
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public InlineVerify notAfter(@Nonnull Date timestamp) throws SOPGPException.UnsupportedOption {
|
2023-01-09 19:48:25 +01:00
|
|
|
commandList.add("--not-after=" + UTCUtil.formatUTCDate(timestamp));
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public InlineVerify cert(@Nonnull InputStream cert) throws SOPGPException.BadData, IOException {
|
2023-01-09 19:48:25 +01:00
|
|
|
String envVar = "CERT_" + certCounter++;
|
|
|
|
commandList.add("@ENV:" + envVar);
|
2023-01-22 15:07:17 +01:00
|
|
|
envList.add(envVar + "=" + ExternalSOP.readString(cert));
|
2023-01-09 19:48:25 +01:00
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public ReadyWithResult<List<Verification>> data(@Nonnull InputStream data) throws IOException, SOPGPException.NoSignature, SOPGPException.BadData {
|
2023-01-12 14:58:42 +01:00
|
|
|
File tempDir = tempDirProvider.provideTempDirectory();
|
|
|
|
|
|
|
|
File verificationsOut = new File(tempDir, "verifications-out");
|
|
|
|
verificationsOut.delete();
|
|
|
|
commandList.add("--verifications-out=" + verificationsOut.getAbsolutePath());
|
|
|
|
|
2023-01-09 19:48:25 +01:00
|
|
|
String[] command = commandList.toArray(new String[0]);
|
|
|
|
String[] env = envList.toArray(new String[0]);
|
|
|
|
|
|
|
|
try {
|
|
|
|
Process process = Runtime.getRuntime().exec(command, env);
|
|
|
|
OutputStream processOut = process.getOutputStream();
|
|
|
|
InputStream processIn = process.getInputStream();
|
|
|
|
|
|
|
|
return new ReadyWithResult<List<Verification>>() {
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
public List<Verification> writeTo(@Nonnull OutputStream outputStream) throws IOException, SOPGPException.NoSignature {
|
2023-01-09 19:48:25 +01:00
|
|
|
byte[] buf = new byte[4096];
|
|
|
|
int r;
|
|
|
|
while ((r = data.read(buf)) > 0) {
|
|
|
|
processOut.write(buf, 0, r);
|
|
|
|
}
|
|
|
|
|
|
|
|
data.close();
|
|
|
|
processOut.close();
|
|
|
|
|
|
|
|
|
|
|
|
while ((r = processIn.read(buf)) > 0) {
|
|
|
|
outputStream.write(buf, 0 , r);
|
|
|
|
}
|
|
|
|
|
|
|
|
processIn.close();
|
|
|
|
outputStream.close();
|
|
|
|
|
|
|
|
ExternalSOP.finish(process);
|
|
|
|
|
2023-01-12 14:58:42 +01:00
|
|
|
FileInputStream verificationsOutIn = new FileInputStream(verificationsOut);
|
|
|
|
BufferedReader reader = new BufferedReader(new InputStreamReader(verificationsOutIn));
|
|
|
|
List<Verification> verificationList = new ArrayList<>();
|
|
|
|
String line;
|
|
|
|
while ((line = reader.readLine()) != null) {
|
|
|
|
verificationList.add(Verification.fromString(line.trim()));
|
|
|
|
}
|
|
|
|
|
|
|
|
return verificationList;
|
2023-01-09 19:48:25 +01:00
|
|
|
}
|
|
|
|
};
|
|
|
|
} catch (IOException e) {
|
|
|
|
throw new RuntimeException(e);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|