mirror of
https://codeberg.org/PGPainless/sop-java.git
synced 2024-11-25 16:42:07 +01:00
Kotlin conversion: DecryptCmd
This commit is contained in:
parent
8e65771e36
commit
9daabb758a
3 changed files with 226 additions and 258 deletions
|
@ -1,255 +0,0 @@
|
||||||
// SPDX-FileCopyrightText: 2020 Paul Schaub <vanitasvitae@fsfe.org>
|
|
||||||
//
|
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
|
||||||
|
|
||||||
package sop.cli.picocli.commands;
|
|
||||||
|
|
||||||
import picocli.CommandLine;
|
|
||||||
import sop.DecryptionResult;
|
|
||||||
import sop.ReadyWithResult;
|
|
||||||
import sop.SessionKey;
|
|
||||||
import sop.Verification;
|
|
||||||
import sop.cli.picocli.SopCLI;
|
|
||||||
import sop.exception.SOPGPException;
|
|
||||||
import sop.operation.Decrypt;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.io.InputStream;
|
|
||||||
import java.io.OutputStream;
|
|
||||||
import java.io.PrintWriter;
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.Date;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
@CommandLine.Command(name = "decrypt",
|
|
||||||
resourceBundle = "msg_decrypt",
|
|
||||||
exitCodeOnInvalidInput = SOPGPException.UnsupportedOption.EXIT_CODE)
|
|
||||||
public class DecryptCmd extends AbstractSopCmd {
|
|
||||||
|
|
||||||
private static final String OPT_SESSION_KEY_OUT = "--session-key-out";
|
|
||||||
private static final String OPT_WITH_SESSION_KEY = "--with-session-key";
|
|
||||||
private static final String OPT_WITH_PASSWORD = "--with-password";
|
|
||||||
private static final String OPT_WITH_KEY_PASSWORD = "--with-key-password";
|
|
||||||
private static final String OPT_VERIFICATIONS_OUT = "--verifications-out"; // see SOP-05
|
|
||||||
private static final String OPT_VERIFY_WITH = "--verify-with";
|
|
||||||
private static final String OPT_NOT_BEFORE = "--verify-not-before";
|
|
||||||
private static final String OPT_NOT_AFTER = "--verify-not-after";
|
|
||||||
|
|
||||||
|
|
||||||
@CommandLine.Option(
|
|
||||||
names = {OPT_SESSION_KEY_OUT},
|
|
||||||
paramLabel = "SESSIONKEY")
|
|
||||||
String sessionKeyOut;
|
|
||||||
|
|
||||||
@CommandLine.Option(
|
|
||||||
names = {OPT_WITH_SESSION_KEY},
|
|
||||||
paramLabel = "SESSIONKEY")
|
|
||||||
List<String> withSessionKey = new ArrayList<>();
|
|
||||||
|
|
||||||
@CommandLine.Option(
|
|
||||||
names = {OPT_WITH_PASSWORD},
|
|
||||||
paramLabel = "PASSWORD")
|
|
||||||
List<String> withPassword = new ArrayList<>();
|
|
||||||
|
|
||||||
@CommandLine.Option(names = {OPT_VERIFICATIONS_OUT, "--verify-out"}, // TODO: Remove --verify-out in 06
|
|
||||||
paramLabel = "VERIFICATIONS")
|
|
||||||
String verifyOut;
|
|
||||||
|
|
||||||
@CommandLine.Option(names = {OPT_VERIFY_WITH},
|
|
||||||
paramLabel = "CERT")
|
|
||||||
List<String> certs = new ArrayList<>();
|
|
||||||
|
|
||||||
@CommandLine.Option(names = {OPT_NOT_BEFORE},
|
|
||||||
paramLabel = "DATE")
|
|
||||||
String notBefore = "-";
|
|
||||||
|
|
||||||
@CommandLine.Option(names = {OPT_NOT_AFTER},
|
|
||||||
paramLabel = "DATE")
|
|
||||||
String notAfter = "now";
|
|
||||||
|
|
||||||
@CommandLine.Parameters(index = "0..*",
|
|
||||||
paramLabel = "KEY")
|
|
||||||
List<String> keys = new ArrayList<>();
|
|
||||||
|
|
||||||
@CommandLine.Option(names = {OPT_WITH_KEY_PASSWORD},
|
|
||||||
paramLabel = "PASSWORD")
|
|
||||||
List<String> withKeyPassword = new ArrayList<>();
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void run() {
|
|
||||||
Decrypt decrypt = throwIfUnsupportedSubcommand(
|
|
||||||
SopCLI.getSop().decrypt(), "decrypt");
|
|
||||||
|
|
||||||
throwIfOutputExists(verifyOut);
|
|
||||||
throwIfOutputExists(sessionKeyOut);
|
|
||||||
|
|
||||||
setNotAfter(notAfter, decrypt);
|
|
||||||
setNotBefore(notBefore, decrypt);
|
|
||||||
setWithPasswords(withPassword, decrypt);
|
|
||||||
setWithSessionKeys(withSessionKey, decrypt);
|
|
||||||
setWithKeyPassword(withKeyPassword, decrypt);
|
|
||||||
setVerifyWith(certs, decrypt);
|
|
||||||
setDecryptWith(keys, decrypt);
|
|
||||||
|
|
||||||
if (verifyOut != null && certs.isEmpty()) {
|
|
||||||
String errorMsg = getMsg("sop.error.usage.option_requires_other_option", OPT_VERIFICATIONS_OUT, OPT_VERIFY_WITH);
|
|
||||||
throw new SOPGPException.IncompleteVerification(errorMsg);
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
|
||||||
ReadyWithResult<DecryptionResult> ready = decrypt.ciphertext(System.in);
|
|
||||||
DecryptionResult result = ready.writeTo(System.out);
|
|
||||||
writeSessionKeyOut(result);
|
|
||||||
writeVerifyOut(result);
|
|
||||||
|
|
||||||
} catch (SOPGPException.BadData badData) {
|
|
||||||
String errorMsg = getMsg("sop.error.input.stdin_not_a_message");
|
|
||||||
throw new SOPGPException.BadData(errorMsg, badData);
|
|
||||||
} catch (SOPGPException.CannotDecrypt e) {
|
|
||||||
String errorMsg = getMsg("sop.error.runtime.cannot_decrypt_message");
|
|
||||||
throw new SOPGPException.CannotDecrypt(errorMsg, e);
|
|
||||||
} catch (IOException ioException) {
|
|
||||||
throw new RuntimeException(ioException);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void writeVerifyOut(DecryptionResult result) throws IOException {
|
|
||||||
if (verifyOut != null) {
|
|
||||||
if (result.getVerifications().isEmpty()) {
|
|
||||||
String errorMsg = getMsg("sop.error.runtime.no_verifiable_signature_found");
|
|
||||||
throw new SOPGPException.NoSignature(errorMsg);
|
|
||||||
}
|
|
||||||
|
|
||||||
try (OutputStream fileOut = getOutput(verifyOut)) {
|
|
||||||
PrintWriter writer = new PrintWriter(fileOut);
|
|
||||||
for (Verification verification : result.getVerifications()) {
|
|
||||||
// CHECKSTYLE:OFF
|
|
||||||
writer.println(verification.toString());
|
|
||||||
// CHECKSTYLE:ON
|
|
||||||
}
|
|
||||||
writer.flush();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void writeSessionKeyOut(DecryptionResult result) throws IOException {
|
|
||||||
if (sessionKeyOut == null) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
try (OutputStream outputStream = getOutput(sessionKeyOut)) {
|
|
||||||
if (!result.getSessionKey().isPresent()) {
|
|
||||||
String errorMsg = getMsg("sop.error.runtime.no_session_key_extracted");
|
|
||||||
throw new SOPGPException.UnsupportedOption(String.format(errorMsg, OPT_SESSION_KEY_OUT));
|
|
||||||
}
|
|
||||||
SessionKey sessionKey = result.getSessionKey().get();
|
|
||||||
PrintWriter writer = new PrintWriter(outputStream);
|
|
||||||
// CHECKSTYLE:OFF
|
|
||||||
writer.println(sessionKey.toString());
|
|
||||||
// CHECKSTYLE:ON
|
|
||||||
writer.flush();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setDecryptWith(List<String> keys, Decrypt decrypt) {
|
|
||||||
for (String key : keys) {
|
|
||||||
try (InputStream keyIn = getInput(key)) {
|
|
||||||
decrypt.withKey(keyIn);
|
|
||||||
} catch (SOPGPException.KeyIsProtected keyIsProtected) {
|
|
||||||
String errorMsg = getMsg("sop.error.runtime.cannot_unlock_key", key);
|
|
||||||
throw new SOPGPException.KeyIsProtected(errorMsg, keyIsProtected);
|
|
||||||
} catch (SOPGPException.BadData badData) {
|
|
||||||
String errorMsg = getMsg("sop.error.input.not_a_private_key", key);
|
|
||||||
throw new SOPGPException.BadData(errorMsg, badData);
|
|
||||||
} catch (IOException e) {
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setVerifyWith(List<String> certs, Decrypt decrypt) {
|
|
||||||
for (String cert : certs) {
|
|
||||||
try (InputStream certIn = getInput(cert)) {
|
|
||||||
decrypt.verifyWithCert(certIn);
|
|
||||||
} catch (SOPGPException.BadData badData) {
|
|
||||||
String errorMsg = getMsg("sop.error.input.not_a_certificate", cert);
|
|
||||||
throw new SOPGPException.BadData(errorMsg, badData);
|
|
||||||
} catch (IOException ioException) {
|
|
||||||
throw new RuntimeException(ioException);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setWithSessionKeys(List<String> withSessionKey, Decrypt decrypt) {
|
|
||||||
for (String sessionKeyFile : withSessionKey) {
|
|
||||||
String sessionKeyString;
|
|
||||||
try {
|
|
||||||
sessionKeyString = stringFromInputStream(getInput(sessionKeyFile));
|
|
||||||
} catch (IOException e) {
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
SessionKey sessionKey;
|
|
||||||
try {
|
|
||||||
sessionKey = SessionKey.fromString(sessionKeyString);
|
|
||||||
} catch (IllegalArgumentException e) {
|
|
||||||
String errorMsg = getMsg("sop.error.input.malformed_session_key");
|
|
||||||
throw new IllegalArgumentException(errorMsg, e);
|
|
||||||
}
|
|
||||||
try {
|
|
||||||
decrypt.withSessionKey(sessionKey);
|
|
||||||
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
|
|
||||||
String errorMsg = getMsg("sop.error.feature_support.option_not_supported", OPT_WITH_SESSION_KEY);
|
|
||||||
throw new SOPGPException.UnsupportedOption(errorMsg, unsupportedOption);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setWithPasswords(List<String> withPassword, Decrypt decrypt) {
|
|
||||||
for (String passwordFile : withPassword) {
|
|
||||||
try {
|
|
||||||
String password = stringFromInputStream(getInput(passwordFile));
|
|
||||||
decrypt.withPassword(password);
|
|
||||||
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
|
|
||||||
|
|
||||||
String errorMsg = getMsg("sop.error.feature_support.option_not_supported", OPT_WITH_PASSWORD);
|
|
||||||
throw new SOPGPException.UnsupportedOption(errorMsg, unsupportedOption);
|
|
||||||
} catch (IOException e) {
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setWithKeyPassword(List<String> withKeyPassword, Decrypt decrypt) {
|
|
||||||
for (String passwordFile : withKeyPassword) {
|
|
||||||
try {
|
|
||||||
String password = stringFromInputStream(getInput(passwordFile));
|
|
||||||
decrypt.withKeyPassword(password);
|
|
||||||
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
|
|
||||||
|
|
||||||
String errorMsg = getMsg("sop.error.feature_support.option_not_supported", OPT_WITH_KEY_PASSWORD);
|
|
||||||
throw new SOPGPException.UnsupportedOption(errorMsg, unsupportedOption);
|
|
||||||
} catch (IOException e) {
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setNotAfter(String notAfter, Decrypt decrypt) {
|
|
||||||
Date notAfterDate = parseNotAfter(notAfter);
|
|
||||||
try {
|
|
||||||
decrypt.verifyNotAfter(notAfterDate);
|
|
||||||
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
|
|
||||||
String errorMsg = getMsg("sop.error.feature_support.option_not_supported", OPT_NOT_AFTER);
|
|
||||||
throw new SOPGPException.UnsupportedOption(errorMsg, unsupportedOption);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void setNotBefore(String notBefore, Decrypt decrypt) {
|
|
||||||
Date notBeforeDate = parseNotBefore(notBefore);
|
|
||||||
try {
|
|
||||||
decrypt.verifyNotBefore(notBeforeDate);
|
|
||||||
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
|
|
||||||
String errorMsg = getMsg("sop.error.feature_support.option_not_supported", OPT_NOT_BEFORE);
|
|
||||||
throw new SOPGPException.UnsupportedOption(errorMsg, unsupportedOption);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -0,0 +1,223 @@
|
||||||
|
package sop.cli.picocli.commands
|
||||||
|
|
||||||
|
import java.io.IOException
|
||||||
|
import java.io.PrintWriter
|
||||||
|
import picocli.CommandLine.*
|
||||||
|
import sop.DecryptionResult
|
||||||
|
import sop.SessionKey
|
||||||
|
import sop.SessionKey.Companion.fromString
|
||||||
|
import sop.cli.picocli.SopCLI
|
||||||
|
import sop.exception.SOPGPException.*
|
||||||
|
import sop.operation.Decrypt
|
||||||
|
|
||||||
|
@Command(
|
||||||
|
name = "decrypt",
|
||||||
|
resourceBundle = "msg_decrypt",
|
||||||
|
exitCodeOnInvalidInput = UnsupportedOption.EXIT_CODE)
|
||||||
|
class DecryptCmd : AbstractSopCmd() {
|
||||||
|
|
||||||
|
@Option(names = [OPT_SESSION_KEY_OUT], paramLabel = "SESSIONKEY")
|
||||||
|
var sessionKeyOut: String? = null
|
||||||
|
|
||||||
|
@Option(names = [OPT_WITH_SESSION_KEY], paramLabel = "SESSIONKEY")
|
||||||
|
var withSessionKey: List<String> = listOf()
|
||||||
|
|
||||||
|
@Option(names = [OPT_WITH_PASSWORD], paramLabel = "PASSWORD")
|
||||||
|
var withPassword: List<String> = listOf()
|
||||||
|
|
||||||
|
@Option(names = [OPT_VERIFICATIONS_OUT], paramLabel = "VERIFICATIONS")
|
||||||
|
var verifyOut: String? = null
|
||||||
|
|
||||||
|
@Option(names = [OPT_VERIFY_WITH], paramLabel = "CERT") var certs: List<String> = listOf()
|
||||||
|
|
||||||
|
@Option(names = [OPT_NOT_BEFORE], paramLabel = "DATE") var notBefore = "-"
|
||||||
|
|
||||||
|
@Option(names = [OPT_NOT_AFTER], paramLabel = "DATE") var notAfter = "now"
|
||||||
|
|
||||||
|
@Parameters(index = "0..*", paramLabel = "KEY") var keys: List<String> = listOf()
|
||||||
|
|
||||||
|
@Option(names = [OPT_WITH_KEY_PASSWORD], paramLabel = "PASSWORD")
|
||||||
|
var withKeyPassword: List<String> = listOf()
|
||||||
|
|
||||||
|
override fun run() {
|
||||||
|
val decrypt = throwIfUnsupportedSubcommand(SopCLI.getSop().decrypt(), "decrypt")
|
||||||
|
|
||||||
|
throwIfOutputExists(verifyOut)
|
||||||
|
throwIfOutputExists(sessionKeyOut)
|
||||||
|
|
||||||
|
setNotAfter(notAfter, decrypt)
|
||||||
|
setNotBefore(notBefore, decrypt)
|
||||||
|
setWithPasswords(withPassword, decrypt)
|
||||||
|
setWithSessionKeys(withSessionKey, decrypt)
|
||||||
|
setWithKeyPassword(withKeyPassword, decrypt)
|
||||||
|
setVerifyWith(certs, decrypt)
|
||||||
|
setDecryptWith(keys, decrypt)
|
||||||
|
|
||||||
|
if (verifyOut != null && certs.isEmpty()) {
|
||||||
|
val errorMsg =
|
||||||
|
getMsg(
|
||||||
|
"sop.error.usage.option_requires_other_option",
|
||||||
|
OPT_VERIFICATIONS_OUT,
|
||||||
|
OPT_VERIFY_WITH)
|
||||||
|
throw IncompleteVerification(errorMsg)
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
val ready = decrypt.ciphertext(System.`in`)
|
||||||
|
val result = ready.writeTo(System.out)
|
||||||
|
writeSessionKeyOut(result)
|
||||||
|
writeVerifyOut(result)
|
||||||
|
} catch (badData: BadData) {
|
||||||
|
val errorMsg = getMsg("sop.error.input.stdin_not_a_message")
|
||||||
|
throw BadData(errorMsg, badData)
|
||||||
|
} catch (e: CannotDecrypt) {
|
||||||
|
val errorMsg = getMsg("sop.error.runtime.cannot_decrypt_message")
|
||||||
|
throw CannotDecrypt(errorMsg, e)
|
||||||
|
} catch (ioException: IOException) {
|
||||||
|
throw RuntimeException(ioException)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Throws(IOException::class)
|
||||||
|
private fun writeVerifyOut(result: DecryptionResult) {
|
||||||
|
verifyOut?.let {
|
||||||
|
if (result.verifications.isEmpty()) {
|
||||||
|
val errorMsg = getMsg("sop.error.runtime.no_verifiable_signature_found")
|
||||||
|
throw NoSignature(errorMsg)
|
||||||
|
}
|
||||||
|
|
||||||
|
getOutput(verifyOut).use { out ->
|
||||||
|
PrintWriter(out).use { pw -> result.verifications.forEach { pw.println(it) } }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Throws(IOException::class)
|
||||||
|
private fun writeSessionKeyOut(result: DecryptionResult) {
|
||||||
|
sessionKeyOut?.let { fileName ->
|
||||||
|
getOutput(fileName).use { out ->
|
||||||
|
if (!result.sessionKey.isPresent) {
|
||||||
|
val errorMsg = getMsg("sop.error.runtime.no_session_key_extracted")
|
||||||
|
throw UnsupportedOption(String.format(errorMsg, OPT_SESSION_KEY_OUT))
|
||||||
|
}
|
||||||
|
|
||||||
|
PrintWriter(out).use { it.println(result.sessionKey.get()!!) }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private fun setDecryptWith(keys: List<String>, decrypt: Decrypt) {
|
||||||
|
for (key in keys) {
|
||||||
|
try {
|
||||||
|
getInput(key).use { decrypt.withKey(it) }
|
||||||
|
} catch (keyIsProtected: KeyIsProtected) {
|
||||||
|
val errorMsg = getMsg("sop.error.runtime.cannot_unlock_key", key)
|
||||||
|
throw KeyIsProtected(errorMsg, keyIsProtected)
|
||||||
|
} catch (badData: BadData) {
|
||||||
|
val errorMsg = getMsg("sop.error.input.not_a_private_key", key)
|
||||||
|
throw BadData(errorMsg, badData)
|
||||||
|
} catch (e: IOException) {
|
||||||
|
throw RuntimeException(e)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private fun setVerifyWith(certs: List<String>, decrypt: Decrypt) {
|
||||||
|
for (cert in certs) {
|
||||||
|
try {
|
||||||
|
getInput(cert).use { certIn -> decrypt.verifyWithCert(certIn) }
|
||||||
|
} catch (badData: BadData) {
|
||||||
|
val errorMsg = getMsg("sop.error.input.not_a_certificate", cert)
|
||||||
|
throw BadData(errorMsg, badData)
|
||||||
|
} catch (ioException: IOException) {
|
||||||
|
throw RuntimeException(ioException)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private fun setWithSessionKeys(withSessionKey: List<String>, decrypt: Decrypt) {
|
||||||
|
for (sessionKeyFile in withSessionKey) {
|
||||||
|
val sessionKeyString: String =
|
||||||
|
try {
|
||||||
|
stringFromInputStream(getInput(sessionKeyFile))
|
||||||
|
} catch (e: IOException) {
|
||||||
|
throw RuntimeException(e)
|
||||||
|
}
|
||||||
|
val sessionKey: SessionKey =
|
||||||
|
try {
|
||||||
|
fromString(sessionKeyString)
|
||||||
|
} catch (e: IllegalArgumentException) {
|
||||||
|
val errorMsg = getMsg("sop.error.input.malformed_session_key")
|
||||||
|
throw IllegalArgumentException(errorMsg, e)
|
||||||
|
}
|
||||||
|
try {
|
||||||
|
decrypt.withSessionKey(sessionKey)
|
||||||
|
} catch (unsupportedOption: UnsupportedOption) {
|
||||||
|
val errorMsg =
|
||||||
|
getMsg("sop.error.feature_support.option_not_supported", OPT_WITH_SESSION_KEY)
|
||||||
|
throw UnsupportedOption(errorMsg, unsupportedOption)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private fun setWithPasswords(withPassword: List<String>, decrypt: Decrypt) {
|
||||||
|
for (passwordFile in withPassword) {
|
||||||
|
try {
|
||||||
|
val password = stringFromInputStream(getInput(passwordFile))
|
||||||
|
decrypt.withPassword(password)
|
||||||
|
} catch (unsupportedOption: UnsupportedOption) {
|
||||||
|
val errorMsg =
|
||||||
|
getMsg("sop.error.feature_support.option_not_supported", OPT_WITH_PASSWORD)
|
||||||
|
throw UnsupportedOption(errorMsg, unsupportedOption)
|
||||||
|
} catch (e: IOException) {
|
||||||
|
throw RuntimeException(e)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private fun setWithKeyPassword(withKeyPassword: List<String>, decrypt: Decrypt) {
|
||||||
|
for (passwordFile in withKeyPassword) {
|
||||||
|
try {
|
||||||
|
val password = stringFromInputStream(getInput(passwordFile))
|
||||||
|
decrypt.withKeyPassword(password)
|
||||||
|
} catch (unsupportedOption: UnsupportedOption) {
|
||||||
|
val errorMsg =
|
||||||
|
getMsg("sop.error.feature_support.option_not_supported", OPT_WITH_KEY_PASSWORD)
|
||||||
|
throw UnsupportedOption(errorMsg, unsupportedOption)
|
||||||
|
} catch (e: IOException) {
|
||||||
|
throw RuntimeException(e)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private fun setNotAfter(notAfter: String, decrypt: Decrypt) {
|
||||||
|
val notAfterDate = parseNotAfter(notAfter)
|
||||||
|
try {
|
||||||
|
decrypt.verifyNotAfter(notAfterDate)
|
||||||
|
} catch (unsupportedOption: UnsupportedOption) {
|
||||||
|
val errorMsg = getMsg("sop.error.feature_support.option_not_supported", OPT_NOT_AFTER)
|
||||||
|
throw UnsupportedOption(errorMsg, unsupportedOption)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private fun setNotBefore(notBefore: String, decrypt: Decrypt) {
|
||||||
|
val notBeforeDate = parseNotBefore(notBefore)
|
||||||
|
try {
|
||||||
|
decrypt.verifyNotBefore(notBeforeDate)
|
||||||
|
} catch (unsupportedOption: UnsupportedOption) {
|
||||||
|
val errorMsg = getMsg("sop.error.feature_support.option_not_supported", OPT_NOT_BEFORE)
|
||||||
|
throw UnsupportedOption(errorMsg, unsupportedOption)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
companion object {
|
||||||
|
const val OPT_SESSION_KEY_OUT = "--session-key-out"
|
||||||
|
const val OPT_WITH_SESSION_KEY = "--with-session-key"
|
||||||
|
const val OPT_WITH_PASSWORD = "--with-password"
|
||||||
|
const val OPT_WITH_KEY_PASSWORD = "--with-key-password"
|
||||||
|
const val OPT_VERIFICATIONS_OUT = "--verifications-out"
|
||||||
|
const val OPT_VERIFY_WITH = "--verify-with"
|
||||||
|
const val OPT_NOT_BEFORE = "--verify-not-before"
|
||||||
|
const val OPT_NOT_AFTER = "--verify-not-after"
|
||||||
|
}
|
||||||
|
}
|
|
@ -278,7 +278,7 @@ public class DecryptCmdTest {
|
||||||
File certFile = File.createTempFile("existing-verify-out-cert", ".asc");
|
File certFile = File.createTempFile("existing-verify-out-cert", ".asc");
|
||||||
File existingVerifyOut = File.createTempFile("existing-verify-out", ".tmp");
|
File existingVerifyOut = File.createTempFile("existing-verify-out", ".tmp");
|
||||||
|
|
||||||
SopCLI.main(new String[] {"decrypt", "--verify-out", existingVerifyOut.getAbsolutePath(), "--verify-with", certFile.getAbsolutePath()});
|
SopCLI.main(new String[] {"decrypt", "--verifications-out", existingVerifyOut.getAbsolutePath(), "--verify-with", certFile.getAbsolutePath()});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -302,7 +302,7 @@ public class DecryptCmdTest {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
SopCLI.main(new String[] {"decrypt", "--verify-out", verifyOut.getAbsolutePath(), "--verify-with", certFile.getAbsolutePath()});
|
SopCLI.main(new String[] {"decrypt", "--verifications-out", verifyOut.getAbsolutePath(), "--verify-with", certFile.getAbsolutePath()});
|
||||||
try (BufferedReader reader = new BufferedReader(new FileReader(verifyOut))) {
|
try (BufferedReader reader = new BufferedReader(new FileReader(verifyOut))) {
|
||||||
String line = reader.readLine();
|
String line = reader.readLine();
|
||||||
assertEquals("2021-07-11T20:58:23Z 1B66A707819A920925BC6777C3E0AFC0B2DFF862 C8CD564EBF8D7BBA90611D8D071773658BF6BF86", line);
|
assertEquals("2021-07-11T20:58:23Z 1B66A707819A920925BC6777C3E0AFC0B2DFF862 C8CD564EBF8D7BBA90611D8D071773658BF6BF86", line);
|
||||||
|
@ -377,6 +377,6 @@ public class DecryptCmdTest {
|
||||||
@Test
|
@Test
|
||||||
@ExpectSystemExitWithStatus(SOPGPException.IncompleteVerification.EXIT_CODE)
|
@ExpectSystemExitWithStatus(SOPGPException.IncompleteVerification.EXIT_CODE)
|
||||||
public void verifyOutWithoutVerifyWithCausesExit23() {
|
public void verifyOutWithoutVerifyWithCausesExit23() {
|
||||||
SopCLI.main(new String[] {"decrypt", "--verify-out", "out.file"});
|
SopCLI.main(new String[] {"decrypt", "--verifications-out", "out.file"});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue