mirror of
https://codeberg.org/PGPainless/wkd-java.git
synced 2024-11-21 23:02:05 +01:00
Javadoc
This commit is contained in:
parent
d0a161e87a
commit
df85b4202d
9 changed files with 224 additions and 41 deletions
|
@ -10,7 +10,7 @@ import pgp.wkd.WKDAddressHelper;
|
||||||
import pgp.wkd.cli.PGPainlessCertificateParser;
|
import pgp.wkd.cli.PGPainlessCertificateParser;
|
||||||
import pgp.wkd.cli.RuntimeIOException;
|
import pgp.wkd.cli.RuntimeIOException;
|
||||||
import pgp.wkd.discovery.CertificateDiscoverer;
|
import pgp.wkd.discovery.CertificateDiscoverer;
|
||||||
import pgp.wkd.discovery.DefaultCertificateDiscoverer;
|
import pgp.wkd.discovery.ValidatingCertificateDiscoverer;
|
||||||
import pgp.wkd.discovery.DiscoveryResult;
|
import pgp.wkd.discovery.DiscoveryResult;
|
||||||
import pgp.wkd.discovery.HttpsUrlConnectionCertificateFetcher;
|
import pgp.wkd.discovery.HttpsUrlConnectionCertificateFetcher;
|
||||||
import pgp.wkd.exception.MalformedUserIdException;
|
import pgp.wkd.exception.MalformedUserIdException;
|
||||||
|
@ -39,7 +39,7 @@ public class Fetch implements Runnable {
|
||||||
)
|
)
|
||||||
boolean armor = false;
|
boolean armor = false;
|
||||||
|
|
||||||
public static final CertificateDiscoverer DEFAULT_DISCOVERER = new DefaultCertificateDiscoverer(
|
public static final CertificateDiscoverer DEFAULT_DISCOVERER = new ValidatingCertificateDiscoverer(
|
||||||
new PGPainlessCertificateParser(), new HttpsUrlConnectionCertificateFetcher());
|
new PGPainlessCertificateParser(), new HttpsUrlConnectionCertificateFetcher());
|
||||||
|
|
||||||
private static CertificateDiscoverer discoverer = DEFAULT_DISCOVERER;
|
private static CertificateDiscoverer discoverer = DEFAULT_DISCOVERER;
|
||||||
|
|
|
@ -12,7 +12,7 @@ import pgp.wkd.cli.PGPainlessCertificateParser;
|
||||||
import pgp.wkd.cli.WKDCLI;
|
import pgp.wkd.cli.WKDCLI;
|
||||||
import pgp.wkd.cli.command.Fetch;
|
import pgp.wkd.cli.command.Fetch;
|
||||||
import pgp.wkd.discovery.CertificateDiscoverer;
|
import pgp.wkd.discovery.CertificateDiscoverer;
|
||||||
import pgp.wkd.discovery.DefaultCertificateDiscoverer;
|
import pgp.wkd.discovery.ValidatingCertificateDiscoverer;
|
||||||
import pgp.wkd.discovery.DiscoveryMethod;
|
import pgp.wkd.discovery.DiscoveryMethod;
|
||||||
import pgp.wkd.test_suite.TestCase;
|
import pgp.wkd.test_suite.TestCase;
|
||||||
import pgp.wkd.test_suite.TestSuite;
|
import pgp.wkd.test_suite.TestSuite;
|
||||||
|
@ -43,7 +43,7 @@ public class TestSuiteTestRunner {
|
||||||
suite = generator.generateTestSuiteInDirectory(tempFile, DiscoveryMethod.direct);
|
suite = generator.generateTestSuiteInDirectory(tempFile, DiscoveryMethod.direct);
|
||||||
|
|
||||||
// Fetch certificates from a local directory instead of the internetzzz.
|
// Fetch certificates from a local directory instead of the internetzzz.
|
||||||
CertificateDiscoverer discoverer = new DefaultCertificateDiscoverer(
|
CertificateDiscoverer discoverer = new ValidatingCertificateDiscoverer(
|
||||||
new PGPainlessCertificateParser(), new DirectoryBasedCertificateFetcher(tempPath));
|
new PGPainlessCertificateParser(), new DirectoryBasedCertificateFetcher(tempPath));
|
||||||
Fetch.setCertificateDiscoverer(discoverer);
|
Fetch.setCertificateDiscoverer(discoverer);
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,10 +12,27 @@ import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Abstract implementation of the {@link CertificateFetcher} interface.
|
||||||
|
* The purpose of this class is to map {@link #fetchCertificate(WKDAddress, DiscoveryMethod)}
|
||||||
|
* and {@link #fetchPolicy(WKDAddress, DiscoveryMethod)} calls to {@link #fetchFromUri(URI)}.
|
||||||
|
*
|
||||||
|
* A concrete implementation of this class then simply needs to implement the latter method.
|
||||||
|
*/
|
||||||
public abstract class AbstractUriCertificateFetcher implements CertificateFetcher {
|
public abstract class AbstractUriCertificateFetcher implements CertificateFetcher {
|
||||||
|
|
||||||
private static final Logger LOGGER = LoggerFactory.getLogger(CertificateFetcher.class);
|
private static final Logger LOGGER = LoggerFactory.getLogger(CertificateFetcher.class);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fetch the contents of the file that the {@link URI} points to from the remote server.
|
||||||
|
* @param uri uri
|
||||||
|
* @return file contents
|
||||||
|
*
|
||||||
|
* @throws java.net.ConnectException in case the file or host does not exist
|
||||||
|
* @throws IOException in case of an IO-error
|
||||||
|
*/
|
||||||
|
protected abstract InputStream fetchFromUri(URI uri) throws IOException;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public InputStream fetchCertificate(WKDAddress address, DiscoveryMethod method) throws IOException {
|
public InputStream fetchCertificate(WKDAddress address, DiscoveryMethod method) throws IOException {
|
||||||
URI uri = address.getUri(method);
|
URI uri = address.getUri(method);
|
||||||
|
@ -38,14 +55,4 @@ public abstract class AbstractUriCertificateFetcher implements CertificateFetche
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Fetch the contents of the file that the {@link URI} points to from the remote server.
|
|
||||||
* @param uri uri
|
|
||||||
* @return file contents
|
|
||||||
*
|
|
||||||
* @throws java.net.ConnectException in case the file or host does not exist
|
|
||||||
* @throws IOException in case of an IO-error
|
|
||||||
*/
|
|
||||||
protected abstract InputStream fetchFromUri(URI uri) throws IOException;
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,10 +11,26 @@ import pgp.wkd.WKDAddressHelper;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Interface which describes an API to discover OpenPGP certificates via the WKD.
|
||||||
|
*/
|
||||||
public interface CertificateDiscoverer {
|
public interface CertificateDiscoverer {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Discover OpenPGP certificates by querying the given <pre>address</pre> via the given <pre>method</pre>.
|
||||||
|
*
|
||||||
|
* @param method discovery method
|
||||||
|
* @param address wkd address
|
||||||
|
* @return response
|
||||||
|
*/
|
||||||
DiscoveryResponse discover(DiscoveryMethod method, WKDAddress address);
|
DiscoveryResponse discover(DiscoveryMethod method, WKDAddress address);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Discover OpenPGP certificates by {@link WKDAddress}.
|
||||||
|
*
|
||||||
|
* @param address address
|
||||||
|
* @return discovery result
|
||||||
|
*/
|
||||||
default DiscoveryResult discover(WKDAddress address) {
|
default DiscoveryResult discover(WKDAddress address) {
|
||||||
List<DiscoveryResponse> results = new ArrayList<>();
|
List<DiscoveryResponse> results = new ArrayList<>();
|
||||||
|
|
||||||
|
@ -31,10 +47,26 @@ public interface CertificateDiscoverer {
|
||||||
return new DiscoveryResult(results);
|
return new DiscoveryResult(results);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Discover OpenPGP certificates by email address.
|
||||||
|
*
|
||||||
|
* @param email email address
|
||||||
|
* @return discovery result
|
||||||
|
*
|
||||||
|
* @throws MalformedUserIdException in case of a malformed email address
|
||||||
|
*/
|
||||||
default DiscoveryResult discoverByEmail(String email) throws MalformedUserIdException {
|
default DiscoveryResult discoverByEmail(String email) throws MalformedUserIdException {
|
||||||
return discover(WKDAddress.fromEmail(email));
|
return discover(WKDAddress.fromEmail(email));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Discover OpenPGP certificates by user-id.
|
||||||
|
*
|
||||||
|
* @param userId user-id
|
||||||
|
* @return discovery result
|
||||||
|
*
|
||||||
|
* @throws MalformedUserIdException in case of a malformed user-id
|
||||||
|
*/
|
||||||
default DiscoveryResult discoverByUserId(String userId) throws MalformedUserIdException {
|
default DiscoveryResult discoverByUserId(String userId) throws MalformedUserIdException {
|
||||||
return discover(WKDAddressHelper.wkdAddressFromUserId(userId));
|
return discover(WKDAddressHelper.wkdAddressFromUserId(userId));
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,22 @@ import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Interface for an OpenPGP certificate parser class.
|
||||||
|
*/
|
||||||
public interface CertificateParser {
|
public interface CertificateParser {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Read a list of OpenPGP certificates from the given input stream.
|
||||||
|
* The input stream contains binary OpenPGP certificate data.
|
||||||
|
*
|
||||||
|
* The result is a list of {@link CertificateAndUserIds}, where {@link CertificateAndUserIds#getUserIds()} only
|
||||||
|
* contains validly bound user-ids.
|
||||||
|
*
|
||||||
|
* @param inputStream input stream of binary OpenPGP certificates
|
||||||
|
* @return list of parsed certificates and their user-ids
|
||||||
|
*
|
||||||
|
* @throws IOException in case of an IO error
|
||||||
|
*/
|
||||||
List<CertificateAndUserIds> read(InputStream inputStream) throws IOException;
|
List<CertificateAndUserIds> read(InputStream inputStream) throws IOException;
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,6 +14,9 @@ import javax.annotation.Nullable;
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A single response to a WKD query.
|
||||||
|
*/
|
||||||
public final class DiscoveryResponse {
|
public final class DiscoveryResponse {
|
||||||
|
|
||||||
private final DiscoveryMethod method;
|
private final DiscoveryMethod method;
|
||||||
|
@ -49,47 +52,100 @@ public final class DiscoveryResponse {
|
||||||
this.missingPolicyFileException = missingPolicyFileException;
|
this.missingPolicyFileException = missingPolicyFileException;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the method that was used to fetch this response.
|
||||||
|
*
|
||||||
|
* @return method
|
||||||
|
*/
|
||||||
@Nonnull
|
@Nonnull
|
||||||
public DiscoveryMethod getMethod() {
|
public DiscoveryMethod getMethod() {
|
||||||
return method;
|
return method;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the WKD-Address which is queried.
|
||||||
|
*
|
||||||
|
* @return address
|
||||||
|
*/
|
||||||
@Nonnull
|
@Nonnull
|
||||||
public WKDAddress getAddress() {
|
public WKDAddress getAddress() {
|
||||||
return address;
|
return address;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the URI that was queried against.
|
||||||
|
*
|
||||||
|
* @return URI
|
||||||
|
*/
|
||||||
public URI getUri() {
|
public URI getUri() {
|
||||||
return getAddress().getUri(getMethod());
|
return getAddress().getUri(getMethod());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return true, if the query was successful.
|
||||||
|
* That is, if there were no fetching errors, and if the server presented a policy.
|
||||||
|
*
|
||||||
|
* @return success
|
||||||
|
*/
|
||||||
public boolean isSuccessful() {
|
public boolean isSuccessful() {
|
||||||
return !hasFetchingFailure() && hasPolicy();
|
return !hasFetchingFailure() && hasPolicy();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the list of acceptable certificates that were returned by the WKD service.
|
||||||
|
*
|
||||||
|
* @return certificates
|
||||||
|
*/
|
||||||
@Nonnull
|
@Nonnull
|
||||||
public List<Certificate> getCertificates() {
|
public List<Certificate> getCertificates() {
|
||||||
return certificates;
|
return certificates;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return a list containing all rejected certificates returned by the WKD service.
|
||||||
|
* Certificates can be rejected for several reasons such as a missing user-id, or if the certificate is malformed.
|
||||||
|
*
|
||||||
|
* @return list of rejected certificates
|
||||||
|
*/
|
||||||
@Nonnull
|
@Nonnull
|
||||||
public List<RejectedCertificate> getRejectedCertificates() {
|
public List<RejectedCertificate> getRejectedCertificates() {
|
||||||
return rejectedCertificates;
|
return rejectedCertificates;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the cause of fetching errors, if any.
|
||||||
|
* A fetching failure might be e.g. a connection exception in case the WKD service cannot be reached.
|
||||||
|
*
|
||||||
|
* @return fetching failure
|
||||||
|
*/
|
||||||
@Nullable
|
@Nullable
|
||||||
public Throwable getFetchingFailure() {
|
public Throwable getFetchingFailure() {
|
||||||
return fetchingFailure;
|
return fetchingFailure;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return true, if the result contains acceptable certificates.
|
||||||
|
*
|
||||||
|
* @return true if the response has certificates
|
||||||
|
*/
|
||||||
public boolean hasCertificates() {
|
public boolean hasCertificates() {
|
||||||
return certificates != null && !certificates.isEmpty();
|
return certificates != null && !certificates.isEmpty();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return true, if there was a fetching failure.
|
||||||
|
*
|
||||||
|
* @return true if failure
|
||||||
|
*/
|
||||||
public boolean hasFetchingFailure() {
|
public boolean hasFetchingFailure() {
|
||||||
return fetchingFailure != null;
|
return fetchingFailure != null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return true, if the WKD service presented a policy.
|
||||||
|
*
|
||||||
|
* @return true if policy available
|
||||||
|
*/
|
||||||
public boolean hasPolicy() {
|
public boolean hasPolicy() {
|
||||||
return getPolicy() != null;
|
return getPolicy() != null;
|
||||||
}
|
}
|
||||||
|
@ -99,12 +155,18 @@ public final class DiscoveryResponse {
|
||||||
return policy;
|
return policy;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static Builder builder(@Nonnull DiscoveryMethod discoveryMethod, @Nonnull WKDAddress address) {
|
/**
|
||||||
Builder builder = new Builder(discoveryMethod, address);
|
* Builder for {@link DiscoveryResponse}.
|
||||||
return builder;
|
*
|
||||||
|
* @param discoveryMethod method used for discovery
|
||||||
|
* @param address WKD address
|
||||||
|
* @return builder
|
||||||
|
*/
|
||||||
|
static Builder builder(@Nonnull DiscoveryMethod discoveryMethod, @Nonnull WKDAddress address) {
|
||||||
|
return new Builder(discoveryMethod, address);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static class Builder {
|
static class Builder {
|
||||||
|
|
||||||
private DiscoveryMethod discoveryMethod;
|
private DiscoveryMethod discoveryMethod;
|
||||||
private WKDAddress address;
|
private WKDAddress address;
|
||||||
|
@ -114,37 +176,37 @@ public final class DiscoveryResponse {
|
||||||
private WKDPolicy policy;
|
private WKDPolicy policy;
|
||||||
private MissingPolicyFileException missingPolicyFileException;
|
private MissingPolicyFileException missingPolicyFileException;
|
||||||
|
|
||||||
public Builder(DiscoveryMethod discoveryMethod, WKDAddress address) {
|
Builder(DiscoveryMethod discoveryMethod, WKDAddress address) {
|
||||||
this.discoveryMethod = discoveryMethod;
|
this.discoveryMethod = discoveryMethod;
|
||||||
this.address = address;
|
this.address = address;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Builder setAcceptableCertificates(List<Certificate> acceptableCertificates) {
|
Builder setAcceptableCertificates(List<Certificate> acceptableCertificates) {
|
||||||
this.acceptableCertificates = acceptableCertificates;
|
this.acceptableCertificates = acceptableCertificates;
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Builder setRejectedCertificates(List<RejectedCertificate> rejectedCertificates) {
|
Builder setRejectedCertificates(List<RejectedCertificate> rejectedCertificates) {
|
||||||
this.rejectedCertificates = rejectedCertificates;
|
this.rejectedCertificates = rejectedCertificates;
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Builder setFetchingFailure(Throwable throwable) {
|
Builder setFetchingFailure(Throwable throwable) {
|
||||||
this.fetchingFailure = throwable;
|
this.fetchingFailure = throwable;
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Builder setPolicy(WKDPolicy policy) {
|
Builder setPolicy(WKDPolicy policy) {
|
||||||
this.policy = policy;
|
this.policy = policy;
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Builder setMissingPolicyFileException(MissingPolicyFileException exception) {
|
Builder setMissingPolicyFileException(MissingPolicyFileException exception) {
|
||||||
this.missingPolicyFileException = exception;
|
this.missingPolicyFileException = exception;
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public DiscoveryResponse build() {
|
DiscoveryResponse build() {
|
||||||
return new DiscoveryResponse(
|
return new DiscoveryResponse(
|
||||||
discoveryMethod,
|
discoveryMethod,
|
||||||
address,
|
address,
|
||||||
|
|
|
@ -14,14 +14,28 @@ import java.io.OutputStream;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Result of discovering an OpenPGP certificate via WKD.
|
||||||
|
*/
|
||||||
public class DiscoveryResult {
|
public class DiscoveryResult {
|
||||||
|
|
||||||
private List<DiscoveryResponse> items;
|
private final List<DiscoveryResponse> items;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a {@link DiscoveryResult} from a list of {@link DiscoveryResponse DiscoveryResponses}.
|
||||||
|
* Usually the list contains one or two responses (one for each {@link DiscoveryMethod}.
|
||||||
|
*
|
||||||
|
* @param items responses
|
||||||
|
*/
|
||||||
public DiscoveryResult(@Nonnull List<DiscoveryResponse> items) {
|
public DiscoveryResult(@Nonnull List<DiscoveryResponse> items) {
|
||||||
this.items = items;
|
this.items = items;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the list of acceptable certificates that were discovered.
|
||||||
|
*
|
||||||
|
* @return certificates
|
||||||
|
*/
|
||||||
@Nonnull
|
@Nonnull
|
||||||
public List<Certificate> getCertificates() {
|
public List<Certificate> getCertificates() {
|
||||||
List<Certificate> certificates = new ArrayList<>();
|
List<Certificate> certificates = new ArrayList<>();
|
||||||
|
@ -34,6 +48,11 @@ public class DiscoveryResult {
|
||||||
return certificates;
|
return certificates;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return true, if at least one {@link DiscoveryResponse} was successful and contained acceptable certificates.
|
||||||
|
*
|
||||||
|
* @return success
|
||||||
|
*/
|
||||||
public boolean isSuccessful() {
|
public boolean isSuccessful() {
|
||||||
for (DiscoveryResponse item : items) {
|
for (DiscoveryResponse item : items) {
|
||||||
if (item.isSuccessful() && item.hasCertificates()) {
|
if (item.isSuccessful() && item.hasCertificates()) {
|
||||||
|
@ -69,7 +88,7 @@ public class DiscoveryResult {
|
||||||
|
|
||||||
private void throwCertNotFetchableException() {
|
private void throwCertNotFetchableException() {
|
||||||
Throwable cause = null;
|
Throwable cause = null;
|
||||||
for (DiscoveryResponse response : getItems()) {
|
for (DiscoveryResponse response : getResponses()) {
|
||||||
// Find the most "useful" exception.
|
// Find the most "useful" exception.
|
||||||
// Rejections are more useful than fetching failures
|
// Rejections are more useful than fetching failures
|
||||||
if (!response.getRejectedCertificates().isEmpty()) {
|
if (!response.getRejectedCertificates().isEmpty()) {
|
||||||
|
@ -82,19 +101,13 @@ public class DiscoveryResult {
|
||||||
throw new CertNotFetchableException("Could not fetch certificates.", cause);
|
throw new CertNotFetchableException("Could not fetch certificates.", cause);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the list of responses.
|
||||||
|
*
|
||||||
|
* @return responses
|
||||||
|
*/
|
||||||
@Nonnull
|
@Nonnull
|
||||||
public List<DiscoveryResponse> getItems() {
|
public List<DiscoveryResponse> getResponses() {
|
||||||
return items;
|
return items;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Nonnull
|
|
||||||
public List<DiscoveryResponse> getFailedItems() {
|
|
||||||
List<DiscoveryResponse> fails = new ArrayList<>();
|
|
||||||
for (DiscoveryResponse item : items) {
|
|
||||||
if (!item.isSuccessful()) {
|
|
||||||
fails.add(item);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return fails;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,12 +16,16 @@ import java.io.InputStream;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
public class DefaultCertificateDiscoverer implements CertificateDiscoverer {
|
/**
|
||||||
|
* Default implementation of the {@link CertificateDiscoverer}.
|
||||||
|
* This implementation validates the received certificates.
|
||||||
|
*/
|
||||||
|
public class ValidatingCertificateDiscoverer implements CertificateDiscoverer {
|
||||||
|
|
||||||
protected final CertificateParser reader;
|
protected final CertificateParser reader;
|
||||||
protected final CertificateFetcher fetcher;
|
protected final CertificateFetcher fetcher;
|
||||||
|
|
||||||
public DefaultCertificateDiscoverer(CertificateParser reader, CertificateFetcher fetcher) {
|
public ValidatingCertificateDiscoverer(CertificateParser reader, CertificateFetcher fetcher) {
|
||||||
this.reader = reader;
|
this.reader = reader;
|
||||||
this.fetcher = fetcher;
|
this.fetcher = fetcher;
|
||||||
}
|
}
|
|
@ -10,6 +10,10 @@ import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.io.InputStreamReader;
|
import java.io.InputStreamReader;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Class describing the contents of a policy file.
|
||||||
|
* The WKD policy file is found at ".well-known/policy"
|
||||||
|
*/
|
||||||
public final class WKDPolicy {
|
public final class WKDPolicy {
|
||||||
|
|
||||||
public static final String KEYWORD_MAILBOX_ONLY = "mailbox-only";
|
public static final String KEYWORD_MAILBOX_ONLY = "mailbox-only";
|
||||||
|
@ -83,23 +87,69 @@ public final class WKDPolicy {
|
||||||
return new WKDPolicy(mailboxOnly, daneOnly, authSubmit, protocolVersion, submissionAddress);
|
return new WKDPolicy(mailboxOnly, daneOnly, authSubmit, protocolVersion, submissionAddress);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return <pre>true</pre> if the <pre>mailbox-only</pre> flag is set.
|
||||||
|
*
|
||||||
|
* The mail server provider does only accept keys with only a mailbox in the User ID.
|
||||||
|
* In particular User IDs with a real name in addition to the mailbox will be rejected as invalid.
|
||||||
|
*
|
||||||
|
* @return whether mailbox-only flag is set
|
||||||
|
*/
|
||||||
public boolean isMailboxOnly() {
|
public boolean isMailboxOnly() {
|
||||||
return mailboxOnly;
|
return mailboxOnly;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return <pre>true</pre> if the <pre>dane-only</pre> flag is set.
|
||||||
|
*
|
||||||
|
* The mail server provider does not run a Web Key Directory but only an OpenPGP DANE service.
|
||||||
|
* The Web Key Directory Update protocol is used to update the keys for the DANE service.
|
||||||
|
*
|
||||||
|
* @return whether dane-only flag is set
|
||||||
|
*/
|
||||||
public boolean isDaneOnly() {
|
public boolean isDaneOnly() {
|
||||||
return daneOnly;
|
return daneOnly;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return <pre>true</pre> if the <pre>auth-submit</pre> flag is set.
|
||||||
|
*
|
||||||
|
* The submission of the mail to the server is done using an authenticated connection.
|
||||||
|
* Thus the submitted key will be published immediately without any confirmation request.
|
||||||
|
*
|
||||||
|
* @return whether auth-submit flag is set
|
||||||
|
*/
|
||||||
public boolean isAuthSubmit() {
|
public boolean isAuthSubmit() {
|
||||||
return authSubmit;
|
return authSubmit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the protocol version.
|
||||||
|
*
|
||||||
|
* This keyword can be used to explicitly claim the support of a specific version of the Web Key Directory
|
||||||
|
* update protocol.
|
||||||
|
* This is in general not needed but implementations may have workarounds for providers which only support
|
||||||
|
* an old protocol version.
|
||||||
|
* If these providers update to a newer version they should add this keyword so that the implementation
|
||||||
|
* can disable the workaround.
|
||||||
|
* The value is an integer corresponding to the respective draft revision number.
|
||||||
|
*
|
||||||
|
* @return value of the protocol-version field
|
||||||
|
*/
|
||||||
@Nullable
|
@Nullable
|
||||||
public Integer getProtocolVersion() {
|
public Integer getProtocolVersion() {
|
||||||
return protocolVersion;
|
return protocolVersion;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the <pre>submission-address</pre>.
|
||||||
|
*
|
||||||
|
* An alternative way to specify the submission address.
|
||||||
|
* The value is the addr-spec part of the address to send requests to this server.
|
||||||
|
* If this keyword is used in addition to the submission-address file, both MUST have the same value.
|
||||||
|
*
|
||||||
|
* @return value of the submission-address field
|
||||||
|
*/
|
||||||
@Nullable
|
@Nullable
|
||||||
public String getSubmissionAddress() {
|
public String getSubmissionAddress() {
|
||||||
return submissionAddress;
|
return submissionAddress;
|
||||||
|
|
Loading…
Reference in a new issue