Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Internal code refactor - all pgp utils together in one package #276

Merged
merged 1 commit into from
May 17, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/main/java/org/simplify4u/plugins/AbstractPGPMojo.java
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
import org.apache.maven.plugins.annotations.Parameter;
import org.simplify4u.plugins.keyserver.KeyServerClientSettings;
import org.simplify4u.plugins.keyserver.PGPKeysCache;
import org.simplify4u.plugins.utils.PGPSignatureUtils;
import org.simplify4u.plugins.pgp.SignatureUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

Expand All @@ -50,7 +50,7 @@ public abstract class AbstractPGPMojo extends AbstractMojo {
protected PGPKeysCache pgpKeysCache;

@Inject
protected PGPSignatureUtils pgpSignatureUtils;
protected SignatureUtils signatureUtils;

@Inject
protected MavenSession session;
Expand Down
20 changes: 10 additions & 10 deletions src/main/java/org/simplify4u/plugins/PGPShowMojo.java
Original file line number Diff line number Diff line change
Expand Up @@ -105,13 +105,13 @@ private boolean processArtifact(Map.Entry<Artifact,Artifact> artifactEntry) {
Artifact artifactToCheck = artifactEntry.getKey();
Artifact sig = artifactEntry.getValue();

SignatureCheckResult signatureInfo = pgpSignatureUtils.checkSignature(artifactToCheck, sig, pgpKeysCache);
SignatureCheckResult signatureCheckResult = signatureUtils.checkSignature(artifactToCheck, sig, pgpKeysCache);

MessageBuilder messageBuilder = MessageUtils.buffer();
messageBuilder.newline();
messageBuilder.newline();

ArtifactInfo artifactInfo = signatureInfo.getArtifact();
ArtifactInfo artifactInfo = signatureCheckResult.getArtifact();

messageBuilder.a("Artifact:").newline();
messageBuilder.a("\tgroupId: ").strong(artifactInfo.getGroupId()).newline();
Expand All @@ -120,13 +120,13 @@ private boolean processArtifact(Map.Entry<Artifact,Artifact> artifactEntry) {
Optional.ofNullable(artifactInfo.getClassifier()).ifPresent(
classifier -> messageBuilder.a("\tclassifier: ").strong(classifier).newline());
messageBuilder.a("\tversion: ").strong(artifactInfo.getVersion()).newline();
if (signatureInfo.getStatus() == SignatureStatus.ARTIFACT_NOT_RESOLVED) {
if (signatureCheckResult.getStatus() == SignatureStatus.ARTIFACT_NOT_RESOLVED) {
messageBuilder.a("\t").failure("artifact was not resolved - try mvn -U ...").newline();
}

messageBuilder.newline();

SignatureInfo signature = signatureInfo.getSignature();
SignatureInfo signature = signatureCheckResult.getSignature();
if (signature != null) {
messageBuilder.a("PGP signature:").newline();
messageBuilder.a("\tversion: ").strong(signature.getVersion()).newline();
Expand All @@ -137,25 +137,25 @@ private boolean processArtifact(Map.Entry<Artifact,Artifact> artifactEntry) {
messageBuilder.a("\tkeyId: ").strong(signature.getKeyId()).newline();
messageBuilder.a("\tcreate date: ").strong(signature.getDate()).newline();
messageBuilder.a("\tstatus: ");
if (signatureInfo.getStatus() == SignatureStatus.SIGNATURE_VALID) {
if (signatureCheckResult.getStatus() == SignatureStatus.SIGNATURE_VALID) {
messageBuilder.success("valid");
} else {
messageBuilder.failure("invalid");
}
messageBuilder.newline();
} else if (signatureInfo.getStatus() == SignatureStatus.SIGNATURE_NOT_RESOLVED) {
} else if (signatureCheckResult.getStatus() == SignatureStatus.SIGNATURE_NOT_RESOLVED) {
messageBuilder.a("\t")
.failure("PGP signature was not resolved - try mvn -U ...").newline();
}

messageBuilder.newline();

KeyInfo key = signatureInfo.getKey();
KeyInfo key = signatureCheckResult.getKey();
if (key != null) {
messageBuilder.a("PGP key:").newline();
messageBuilder.a("\tversion: ").strong(key.getVersion()).newline();
messageBuilder.a("\talgorithm: ")
.strong(pgpSignatureUtils.keyAlgorithmName(key.getAlgorithm())).newline();
.strong(signatureUtils.keyAlgorithmName(key.getAlgorithm())).newline();
messageBuilder.a("\tbits: ").strong(key.getBits()).newline();
messageBuilder.a("\tfingerprint: ").strong(key.getFingerprint()).newline();
Optional.ofNullable(key.getMaster()).ifPresent(masterKey ->
Expand All @@ -167,12 +167,12 @@ private boolean processArtifact(Map.Entry<Artifact,Artifact> artifactEntry) {

messageBuilder.newline();

Optional.ofNullable(signatureInfo.getErrorMessage()).ifPresent(errorMessage ->
Optional.ofNullable(signatureCheckResult.getErrorMessage()).ifPresent(errorMessage ->
messageBuilder.failure(errorMessage).newline());

LOGGER.info(messageBuilder.toString());

return signatureInfo.getStatus() == SignatureStatus.SIGNATURE_VALID;
return signatureCheckResult.getStatus() == SignatureStatus.SIGNATURE_VALID;
}

private Artifact prepareArtifactToCheck() {
Expand Down
18 changes: 9 additions & 9 deletions src/main/java/org/simplify4u/plugins/PGPVerifyMojo.java
Original file line number Diff line number Diff line change
Expand Up @@ -47,16 +47,16 @@
import org.simplify4u.plugins.keyserver.PGPKeyNotFound;
import org.simplify4u.plugins.keysmap.KeysMap;
import org.simplify4u.plugins.keysmap.KeysMapLocationConfig;
import org.simplify4u.plugins.pgp.KeyId;
import org.simplify4u.plugins.pgp.PublicKeyUtils;
import org.simplify4u.plugins.pgp.SignatureException;
import org.simplify4u.plugins.skipfilters.CompositeSkipper;
import org.simplify4u.plugins.skipfilters.ProvidedDependencySkipper;
import org.simplify4u.plugins.skipfilters.ReactorDependencySkipper;
import org.simplify4u.plugins.skipfilters.ScopeSkipper;
import org.simplify4u.plugins.skipfilters.SkipFilter;
import org.simplify4u.plugins.skipfilters.SnapshotDependencySkipper;
import org.simplify4u.plugins.skipfilters.SystemDependencySkipper;
import org.simplify4u.plugins.utils.PGPKeyId;
import org.simplify4u.plugins.utils.PGPSignatureException;
import org.simplify4u.plugins.utils.PublicKeyUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

Expand Down Expand Up @@ -389,15 +389,15 @@ private boolean verifyPGPSignature(Artifact artifact, Artifact ascArtifact) thro
LOGGER.debug("Artifact file: {}", artifactFile);
LOGGER.debug("Artifact sign: {}", signatureFile);

PGPKeyId sigKeyID = null;
KeyId sigKeyID = null;
try {
final PGPSignature pgpSignature;
try (FileInputStream input = new FileInputStream(signatureFile)) {
pgpSignature = pgpSignatureUtils.loadSignature(input);
pgpSignature = signatureUtils.loadSignature(input);
}

verifyWeakSignature(pgpSignature);
sigKeyID = pgpSignatureUtils.retrieveKeyId(pgpSignature);
sigKeyID = signatureUtils.retrieveKeyId(pgpSignature);

PGPPublicKeyRing publicKeyRing = pgpKeysCache.getKeyRing(sigKeyID);
PGPPublicKey publicKey = sigKeyID.getKeyFromRing(publicKeyRing);
Expand All @@ -412,7 +412,7 @@ private boolean verifyPGPSignature(Artifact artifact, Artifact ascArtifact) thro
}

pgpSignature.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
pgpSignatureUtils.readFileContentInto(pgpSignature, artifactFile);
signatureUtils.readFileContentInto(pgpSignature, artifactFile);

LOGGER.debug("signature.KeyAlgorithm: {} signature.hashAlgorithm: {}",
pgpSignature.getKeyAlgorithm(), pgpSignature.getHashAlgorithm());
Expand All @@ -428,7 +428,7 @@ private boolean verifyPGPSignature(Artifact artifact, Artifact ascArtifact) thro
LOGGER.error("PGP key {} not found on keyserver for artifact {}",
pgpKeysCache.getUrlForShowKey(sigKeyID), artifact.getId());
return false;
} catch (PGPSignatureException e) {
} catch (SignatureException e) {
if (keysMap.isBrokenSignature(artifact)) {
logWithQuiet("{} PGP Signature is broken, consistent with keys map.", artifact::getId);
return true;
Expand All @@ -445,7 +445,7 @@ private boolean verifyPGPSignature(Artifact artifact, Artifact ascArtifact) thro
}

private void verifyWeakSignature(PGPSignature pgpSignature) throws MojoFailureException {
final String weakHashAlgorithm = pgpSignatureUtils.checkWeakHashAlgorithm(pgpSignature);
final String weakHashAlgorithm = signatureUtils.checkWeakHashAlgorithm(pgpSignature);
if (weakHashAlgorithm == null) {
return;
}
Expand Down
14 changes: 7 additions & 7 deletions src/main/java/org/simplify4u/plugins/keyserver/PGPKeysCache.java
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,8 @@
import io.vavr.control.Try;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.simplify4u.plugins.utils.PGPKeyId;
import org.simplify4u.plugins.utils.PublicKeyUtils;
import org.simplify4u.plugins.pgp.KeyId;
import org.simplify4u.plugins.pgp.PublicKeyUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

Expand Down Expand Up @@ -145,7 +145,7 @@ static KeyServerList createKeyServerList(List<PGPKeysServerClient> pgpKeysServer
*
* @return url from current key server
*/
public String getUrlForShowKey(PGPKeyId keyID) {
public String getUrlForShowKey(KeyId keyID) {
return keyServerList.getUriForShowKey(keyID).toString();
}

Expand All @@ -156,7 +156,7 @@ public String getUrlForShowKey(PGPKeyId keyID) {
* @return Public Key Ring for given key
* @throws IOException in case of problems
*/
public PGPPublicKeyRing getKeyRing(PGPKeyId keyID) throws IOException {
public PGPPublicKeyRing getKeyRing(KeyId keyID) throws IOException {

String path = keyID.getHashPath();
File keyFile = new File(cachePath, path);
Expand All @@ -176,7 +176,7 @@ public PGPPublicKeyRing getKeyRing(PGPKeyId keyID) throws IOException {
}
}

private static Optional<PGPPublicKeyRing> loadKeyFromFile(File keyFile, PGPKeyId keyID)
private static Optional<PGPPublicKeyRing> loadKeyFromFile(File keyFile, KeyId keyID)
throws IOException {
Optional<PGPPublicKeyRing> keyRing = Optional.empty();
try (InputStream keyFileStream = new FileInputStream(keyFile)) {
Expand All @@ -191,7 +191,7 @@ private static Optional<PGPPublicKeyRing> loadKeyFromFile(File keyFile, PGPKeyId
return keyRing;
}

private static PGPPublicKeyRing receiveKey(File keyFile, PGPKeyId keyId, PGPKeysServerClient keysServerClient)
private static PGPPublicKeyRing receiveKey(File keyFile, KeyId keyId, PGPKeysServerClient keysServerClient)
throws IOException {
File dir = keyFile.getParentFile();

Expand Down Expand Up @@ -281,7 +281,7 @@ KeyServerList withClients(List<PGPKeysServerClient> keysServerClients) {
return this;
}

URI getUriForShowKey(PGPKeyId keyID) {
URI getUriForShowKey(KeyId keyID) {
return lastClient.getUriForShowKey(keyID);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,8 +53,8 @@
import org.apache.http.impl.client.ProxyAuthenticationStrategy;
import org.apache.http.impl.conn.DefaultProxyRoutePlanner;
import org.apache.maven.settings.Proxy;
import org.simplify4u.plugins.pgp.KeyId;
import org.simplify4u.plugins.utils.ExceptionUtils;
import org.simplify4u.plugins.utils.PGPKeyId;

/**
* Abstract base client for requesting keys from PGP key servers over HKP/HTTP and HKPS/HTTPS.
Expand All @@ -66,8 +66,19 @@ abstract class PGPKeysServerClient {

private final KeyServerClientSettings keyServerClientSettings;

/**
* OnRetry hook interface.
*/
@FunctionalInterface
public interface OnRetryConsumer {
/**
* Call when retry operation occurs on a key server client.
*
* @param address address used to retrieve key
* @param numberOfRetryAttempts a number of try
* @param waitInterval wait time
* @param lastThrowable problem that cause to retry
*/
void onRetry(InetAddress address, int numberOfRetryAttempts, Duration waitInterval, Throwable lastThrowable);

}
Expand Down Expand Up @@ -117,7 +128,7 @@ static PGPKeysServerClient getClient(String keyServer, KeyServerClientSettings k
}
}

private static String getQueryStringForGetKey(PGPKeyId keyID) {
private static String getQueryStringForGetKey(KeyId keyID) {
return String.format("op=get&options=mr&search=%s", keyID);
}

Expand All @@ -128,13 +139,13 @@ private static String getQueryStringForGetKey(PGPKeyId keyID) {
*
* @return URI with given key
*/
URI getUriForGetKey(PGPKeyId keyID) {
URI getUriForGetKey(KeyId keyID) {
return Try.of(() -> new URI(keyserver.getScheme(), keyserver.getUserInfo(),
keyserver.getHost(), keyserver.getPort(),
"/pks/lookup", getQueryStringForGetKey(keyID), null)).get();
}

private static String getQueryStringForShowKey(PGPKeyId keyID) {
private static String getQueryStringForShowKey(KeyId keyID) {
return String.format("op=vindex&fingerprint=on&search=%s", keyID);
}

Expand All @@ -145,7 +156,7 @@ private static String getQueryStringForShowKey(PGPKeyId keyID) {
*
* @return URI with given key
*/
URI getUriForShowKey(PGPKeyId keyID) {
URI getUriForShowKey(KeyId keyID) {
return Try.of(() -> new URI(keyserver.getScheme(), keyserver.getUserInfo(),
keyserver.getHost(), keyserver.getPort(),
"/pks/lookup", getQueryStringForShowKey(keyID), null)).get();
Expand All @@ -164,7 +175,7 @@ URI getUriForShowKey(PGPKeyId keyID) {
*
* @throws IOException If the request fails, or the key cannot be written to the output stream.
*/
void copyKeyToOutputStream(PGPKeyId keyId, OutputStream outputStream, OnRetryConsumer onRetryConsumer)
void copyKeyToOutputStream(KeyId keyId, OutputStream outputStream, OnRetryConsumer onRetryConsumer)
throws IOException {

final URI keyUri = getUriForGetKey(keyId);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@
import lombok.EqualsAndHashCode;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.simplify4u.plugins.pgp.PublicKeyUtils;
import org.simplify4u.plugins.utils.HexUtils;
import org.simplify4u.plugins.utils.PublicKeyUtils;

/**
* Represent key as fingerprint for given artifact pattern.
Expand Down
42 changes: 42 additions & 0 deletions src/main/java/org/simplify4u/plugins/pgp/KeyFingerprint.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
/*
* Copyright 2021 Slawomir Jaranowski
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.simplify4u.plugins.pgp;

import lombok.RequiredArgsConstructor;
import lombok.Value;
import org.simplify4u.plugins.utils.HexUtils;

/**
* Represent a key fingerprint.
*/
@Value
@RequiredArgsConstructor
public class KeyFingerprint {

byte[] fingerprint;

/**
* Costruct a key fingerprint from string representation.
* @param strFingerprint a key fingerprint as string
*/
public KeyFingerprint(String strFingerprint) {
fingerprint = HexUtils.stringToFingerprint(strFingerprint);
}

public String toString() {
return HexUtils.fingerprintToString(fingerprint);
}
}
Loading