2023-01-09 19:48:25 +01:00
|
|
|
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
|
|
|
|
//
|
|
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
|
|
|
package sop.external.operation;
|
|
|
|
|
|
|
|
import sop.Verification;
|
|
|
|
import sop.exception.SOPGPException;
|
|
|
|
import sop.external.ExternalSOP;
|
|
|
|
import sop.operation.DetachedVerify;
|
|
|
|
import sop.operation.VerifySignatures;
|
|
|
|
import sop.util.UTCUtil;
|
|
|
|
|
2023-11-15 13:52:36 +01:00
|
|
|
import javax.annotation.Nonnull;
|
2023-01-09 19:48:25 +01:00
|
|
|
import java.io.BufferedReader;
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.io.InputStream;
|
|
|
|
import java.io.InputStreamReader;
|
|
|
|
import java.io.OutputStream;
|
|
|
|
import java.util.ArrayList;
|
|
|
|
import java.util.Date;
|
|
|
|
import java.util.HashSet;
|
|
|
|
import java.util.List;
|
|
|
|
import java.util.Properties;
|
|
|
|
import java.util.Set;
|
|
|
|
|
2023-01-19 17:29:29 +01:00
|
|
|
/**
|
|
|
|
* Implementation of the {@link DetachedVerify} operation using an external SOP binary.
|
|
|
|
*/
|
2023-01-09 19:48:25 +01:00
|
|
|
public class DetachedVerifyExternal implements DetachedVerify {
|
|
|
|
|
|
|
|
private final List<String> commandList = new ArrayList<>();
|
|
|
|
private final List<String> envList;
|
|
|
|
|
2023-04-26 16:23:18 +02:00
|
|
|
private final Set<InputStream> certs = new HashSet<>();
|
2023-01-09 19:48:25 +01:00
|
|
|
private InputStream signatures;
|
|
|
|
private int certCounter = 0;
|
|
|
|
|
|
|
|
public DetachedVerifyExternal(String binary, Properties environment) {
|
|
|
|
commandList.add(binary);
|
|
|
|
commandList.add("verify");
|
|
|
|
envList = ExternalSOP.propertiesToEnv(environment);
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public DetachedVerify notBefore(@Nonnull Date timestamp) throws SOPGPException.UnsupportedOption {
|
2023-01-09 19:48:25 +01:00
|
|
|
commandList.add("--not-before=" + UTCUtil.formatUTCDate(timestamp));
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public DetachedVerify notAfter(@Nonnull Date timestamp) throws SOPGPException.UnsupportedOption {
|
2023-01-09 19:48:25 +01:00
|
|
|
commandList.add("--not-after=" + UTCUtil.formatUTCDate(timestamp));
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public DetachedVerify cert(@Nonnull InputStream cert) throws SOPGPException.BadData {
|
2023-01-09 19:48:25 +01:00
|
|
|
this.certs.add(cert);
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public VerifySignatures signatures(@Nonnull InputStream signatures) throws SOPGPException.BadData {
|
2023-01-09 19:48:25 +01:00
|
|
|
this.signatures = signatures;
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public List<Verification> data(@Nonnull InputStream data) throws IOException, SOPGPException.NoSignature, SOPGPException.BadData {
|
2023-01-09 19:48:25 +01:00
|
|
|
commandList.add("@ENV:SIGNATURE");
|
2023-01-22 15:07:17 +01:00
|
|
|
envList.add("SIGNATURE=" + ExternalSOP.readString(signatures));
|
2023-01-09 19:48:25 +01:00
|
|
|
|
|
|
|
for (InputStream cert : certs) {
|
|
|
|
String envVar = "CERT_" + certCounter++;
|
|
|
|
commandList.add("@ENV:" + envVar);
|
2023-01-22 15:07:17 +01:00
|
|
|
envList.add(envVar + "=" + ExternalSOP.readString(cert));
|
2023-01-09 19:48:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
String[] command = commandList.toArray(new String[0]);
|
|
|
|
String[] env = envList.toArray(new String[0]);
|
|
|
|
|
|
|
|
try {
|
|
|
|
Process process = Runtime.getRuntime().exec(command, env);
|
|
|
|
OutputStream processOut = process.getOutputStream();
|
|
|
|
InputStream processIn = process.getInputStream();
|
|
|
|
|
|
|
|
byte[] buf = new byte[4096];
|
|
|
|
int r;
|
|
|
|
while ((r = data.read(buf)) > 0) {
|
|
|
|
processOut.write(buf, 0, r);
|
|
|
|
}
|
|
|
|
|
|
|
|
data.close();
|
|
|
|
processOut.close();
|
|
|
|
|
|
|
|
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(processIn));
|
|
|
|
List<Verification> verifications = new ArrayList<>();
|
|
|
|
|
|
|
|
String line = null;
|
|
|
|
while ((line = bufferedReader.readLine()) != null) {
|
|
|
|
verifications.add(Verification.fromString(line));
|
|
|
|
}
|
|
|
|
|
|
|
|
ExternalSOP.finish(process);
|
|
|
|
|
|
|
|
return verifications;
|
|
|
|
} catch (IOException e) {
|
|
|
|
throw new RuntimeException(e);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|