commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From br...@apache.org
Subject svn commit: r675435 - in /commons/sandbox/openpgp/trunk: ./ src/main/java/org/apache/commons/openpgp/ src/test/java/org/apache/commons/openpgp/ src/test/resources/
Date Thu, 10 Jul 2008 04:16:53 GMT
Author: brett
Date: Wed Jul  9 21:16:51 2008
New Revision: 675435

URL: http://svn.apache.org/viewvc?rev=675435&view=rev
Log:
updating to work with ASCII armoured signatures, add more tests

Added:
    commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignerTest.java
  (with props)
    commons/sandbox/openpgp/trunk/src/test/resources/test-input.asc
      - copied, changed from r675341, commons/sandbox/openpgp/trunk/src/test/resources/test-signature.asc
    commons/sandbox/openpgp/trunk/src/test/resources/test-input.bpg
      - copied unchanged from r675341, commons/sandbox/openpgp/trunk/src/test/resources/test-signature.bpg
    commons/sandbox/openpgp/trunk/src/test/resources/test-input.sig   (with props)
Removed:
    commons/sandbox/openpgp/trunk/src/test/resources/test-signature.asc
    commons/sandbox/openpgp/trunk/src/test/resources/test-signature.bpg
Modified:
    commons/sandbox/openpgp/trunk/pom.xml
    commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java
    commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java
    commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java
    commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java

Modified: commons/sandbox/openpgp/trunk/pom.xml
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/pom.xml?rev=675435&r1=675434&r2=675435&view=diff
==============================================================================
--- commons/sandbox/openpgp/trunk/pom.xml (original)
+++ commons/sandbox/openpgp/trunk/pom.xml Wed Jul  9 21:16:51 2008
@@ -28,13 +28,7 @@
       <groupId>ant</groupId>
       <artifactId>ant</artifactId>
       <version>1.6.5</version>
-      <scope>compile</scope>
-    </dependency>
-    <dependency>
-      <groupId>ant</groupId>
-      <artifactId>ant-launcher</artifactId>
-      <version>1.6.5</version>
-      <scope>runtime</scope>
+      <scope>provided</scope>
     </dependency>
   </dependencies>
   <build>

Modified: commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java?rev=675435&r1=675434&r2=675435&view=diff
==============================================================================
--- commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java
(original)
+++ commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java
Wed Jul  9 21:16:51 2008
@@ -37,12 +37,11 @@
         return null;  //To change body of implemented methods use File | Settings | File
Templates.
     }
 
-    public SignatureStatus verifyDetachedSignature( InputStream data, InputStream signature,
KeyRing keyRing,
-                                                    boolean asciiArmored )
+    public SignatureStatus verifyDetachedSignature( InputStream data, InputStream signature,
KeyRing keyRing )
         throws OpenPgpException, UnknownKeyException, IOException
     {
         OpenPgpStreamingSignatureVerifier verifier =
-            new BouncyCastleOpenPgpStreamingSignatureVerifier( signature, keyRing, asciiArmored
);
+            new BouncyCastleOpenPgpStreamingSignatureVerifier( signature, keyRing );
 
         byte[] buf = new byte[BUFFER_SIZE];
 

Modified: commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java?rev=675435&r1=675434&r2=675435&view=diff
==============================================================================
--- commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java
(original)
+++ commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java
Wed Jul  9 21:16:51 2008
@@ -17,26 +17,21 @@
  * limitations under the License.
  */
 
-import org.bouncycastle.bcpg.BCPGOutputStream;
-import org.bouncycastle.bcpg.ArmoredInputStream;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.openpgp.PGPException;
-import org.bouncycastle.openpgp.PGPSignature;
-import org.bouncycastle.openpgp.PGPSignatureGenerator;
-import org.bouncycastle.openpgp.PGPUtil;
-import org.bouncycastle.openpgp.PGPObjectFactory;
-import org.bouncycastle.openpgp.PGPSignatureList;
-import org.bouncycastle.openpgp.PGPCompressedData;
-import org.bouncycastle.openpgp.PGPPublicKey;
-
-import java.io.ByteArrayOutputStream;
 import java.io.IOException;
-import java.io.OutputStream;
 import java.io.InputStream;
 import java.security.NoSuchProviderException;
 import java.security.Security;
 import java.security.SignatureException;
 
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.openpgp.PGPCompressedData;
+import org.bouncycastle.openpgp.PGPException;
+import org.bouncycastle.openpgp.PGPObjectFactory;
+import org.bouncycastle.openpgp.PGPPublicKey;
+import org.bouncycastle.openpgp.PGPSignature;
+import org.bouncycastle.openpgp.PGPSignatureList;
+import org.bouncycastle.openpgp.PGPUtil;
+
 /**
  * Bouncy Castle implementation of the OpenPGP signer.
  *
@@ -45,17 +40,15 @@
 public class BouncyCastleOpenPgpStreamingSignatureVerifier
     implements OpenPgpStreamingSignatureVerifier
 {
-    private static final String PROVIDER = "BC";
-
     private PGPSignature sig;
-
-    public BouncyCastleOpenPgpStreamingSignatureVerifier( InputStream signature, KeyRing
keyRing, boolean asciiArmor )
+    
+    public BouncyCastleOpenPgpStreamingSignatureVerifier( InputStream signature, KeyRing
keyRing )
         throws OpenPgpException, IOException
     {
-        init( asciiArmor, signature, keyRing );
+        init( signature, keyRing );
     }
 
-    private void init( boolean asciiArmor, InputStream signature, KeyRing keyRing )
+    private void init( InputStream signature, KeyRing keyRing )
         throws OpenPgpException, IOException
     {
         // TODO: better location for this?
@@ -64,10 +57,6 @@
         try
         {
             signature = PGPUtil.getDecoderStream( signature );
-            if ( asciiArmor )
-            {
-                signature = new ArmoredInputStream( signature );
-            }
 
             PGPObjectFactory pgpFact = new PGPObjectFactory( signature );
             PGPSignatureList p3;
@@ -79,7 +68,7 @@
 
                 pgpFact = new PGPObjectFactory( c1.getDataStream() );
 
-                p3 = (PGPSignatureList) pgpFact.nextObject();
+                p3 = (PGPSignatureList) pgpFact.nextObject();                    
             }
             else
             {

Modified: commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java?rev=675435&r1=675434&r2=675435&view=diff
==============================================================================
--- commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java
(original)
+++ commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java
Wed Jul  9 21:16:51 2008
@@ -46,9 +46,7 @@
      * @param data         the data to that was signed
      * @param signature    the detached signature to verify against the data
      * @param keyRing      the keyring containing the key used to sign the data
-     * @param asciiArmored whether the signature is ascii armored
      */
-    SignatureStatus verifyDetachedSignature( InputStream data, InputStream signature, KeyRing
keyRing,
-                                             boolean asciiArmored )
+    SignatureStatus verifyDetachedSignature( InputStream data, InputStream signature, KeyRing
keyRing )
         throws OpenPgpException, UnknownKeyException, IOException;
 }

Modified: commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java?rev=675435&r1=675434&r2=675435&view=diff
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java
(original)
+++ commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java
Wed Jul  9 21:16:51 2008
@@ -57,10 +57,9 @@
         ByteArrayOutputStream signature = new ByteArrayOutputStream();
         signer.detachedSign( getClass().getResourceAsStream( "/test-input" ), signature,
keyId, keyRing, false );
 
-        // TODO: can we get it to verify an ascii armored one?
-        SignatureStatus status = verifier.verifyDetachedSignature( getClass().getResourceAsStream(
"/test-input" ),
-                                                                   new ByteArrayInputStream(
signature.toByteArray() ),
-                                                                   keyRing, false );
+        SignatureStatus status =
+            verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input"
),
+                                              new ByteArrayInputStream( signature.toByteArray()
), keyRing );
         assertNotNull( "check we got a status", status );
         assertTrue( "check it was successful", status.isValid() );
     }
@@ -68,10 +67,44 @@
     public void testVerifySignatureDetachedBinary()
         throws IOException, OpenPgpException
     {
-        // TODO: can we get it to verify an ascii armored one?
-        SignatureStatus status = verifier.verifyDetachedSignature( getClass().getResourceAsStream(
"/test-input" ),
-                                                                   getClass().getResourceAsStream(
-                                                                       "/test-signature.bpg"
), keyRing, false );
+        SignatureStatus status =
+            verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input"
),
+                                              getClass().getResourceAsStream( "/test-input.bpg"
), keyRing );
+
+        assertNotNull( "check we got a status", status );
+        assertTrue( "check it was successful", status.isValid() );
+    }
+    
+    public void testVerifySignatureDetachedBinaryGpg()
+        throws IOException, OpenPgpException
+    {
+        SignatureStatus status =
+            verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input"
),
+                                              getClass().getResourceAsStream( "/test-input.sig"
), keyRing );
+
+        assertNotNull( "check we got a status", status );
+        assertTrue( "check it was successful", status.isValid() );
+    }
+
+    public void testSignDataDetachedAscii()
+        throws OpenPgpException, IOException
+    {
+        ByteArrayOutputStream signature = new ByteArrayOutputStream();
+        signer.detachedSign( getClass().getResourceAsStream( "/test-input" ), signature,
keyId, keyRing, true );
+
+        SignatureStatus status =
+            verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input"
),
+                                              new ByteArrayInputStream( signature.toByteArray()
), keyRing );
+        assertNotNull( "check we got a status", status );
+        assertTrue( "check it was successful", status.isValid() );
+    }
+
+    public void testVerifySignatureDetachedAscii()
+        throws IOException, OpenPgpException
+    {
+        SignatureStatus status =
+            verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input"
),
+                                              getClass().getResourceAsStream( "/test-input.asc"
), keyRing );
 
         assertNotNull( "check we got a status", status );
         assertTrue( "check it was successful", status.isValid() );

Added: commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignerTest.java
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignerTest.java?rev=675435&view=auto
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignerTest.java
(added)
+++ commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignerTest.java
Wed Jul  9 21:16:51 2008
@@ -0,0 +1,220 @@
+package org.apache.commons.openpgp;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+import junit.framework.TestCase;
+
+/**
+ * Test the open pgp signer.
+ *
+ * @author <a href="mailto:brett@apache.org">Brett Porter</a>
+ * @todo test text input as well as binary - apparently it fails cross platform
+ */
+public class BouncyCastleOpenPgpStreamingSignerTest
+    extends TestCase
+{
+    private String keyId = "A7D16BD4";
+
+    private KeyRing keyRing;
+
+    private static final String PASSWORD = "cop";
+
+    protected void setUp()
+        throws Exception
+    {
+        super.setUp();
+
+        keyRing = new BouncyCastleKeyRing( getClass().getResourceAsStream( "/secring.gpg"
),
+                                           getClass().getResourceAsStream( "/pubring.gpg"
), PASSWORD.toCharArray() );
+    }
+
+    public void testSignDataDetachedBinary()
+        throws OpenPgpException, IOException
+    {
+        OpenPgpStreamingSigner signer = new BouncyCastleOpenPgpStreamingSigner( keyId, keyRing,
false );
+
+        InputStream in = getClass().getResourceAsStream( "/test-input" );
+        byte[] buf = new byte[8192];
+        int len;
+        try
+        {
+            do
+            {
+                len = in.read( buf, 0, 8192 );
+                if ( len > 0 )
+                {
+                    signer.update( buf, 0, len );
+                }
+            }
+            while ( len >= 0 );
+        }
+        finally
+        {
+            in.close();
+        }
+
+        byte[] signature = signer.finish();
+        
+        OpenPgpSignatureVerifier verifier = new BouncyCastleOpenPgpSignatureVerifier();
+
+        SignatureStatus status =
+            verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input"
),
+                                              new ByteArrayInputStream( signature ), keyRing
);
+        assertNotNull( "check we got a status", status );
+        assertTrue( "check it was successful", status.isValid() );
+    }
+
+    public void testVerifySignatureDetachedBinary()
+        throws IOException, OpenPgpException
+    {
+        InputStream signature = getClass().getResourceAsStream( "/test-input.bpg" );
+        OpenPgpStreamingSignatureVerifier verifier =
+            new BouncyCastleOpenPgpStreamingSignatureVerifier( signature, keyRing );
+
+        InputStream in = getClass().getResourceAsStream( "/test-input" );
+        byte[] buf = new byte[8192];
+        int len;
+        try
+        {
+            do
+            {
+                len = in.read( buf, 0, 8192 );
+                if ( len > 0 )
+                {
+                    verifier.update( buf, 0, len );
+                }
+            }
+            while ( len >= 0 );
+        }
+        finally
+        {
+            in.close();
+        }
+
+        SignatureStatus status = verifier.finish();
+        
+        assertNotNull( "check we got a status", status );
+        assertTrue( "check it was successful", status.isValid() );
+    }
+
+    public void testVerifySignatureDetachedBinaryGpg()
+        throws IOException, OpenPgpException
+    {
+        InputStream signature = getClass().getResourceAsStream( "/test-input.sig" );
+        OpenPgpStreamingSignatureVerifier verifier =
+            new BouncyCastleOpenPgpStreamingSignatureVerifier( signature, keyRing );
+
+        InputStream in = getClass().getResourceAsStream( "/test-input" );
+        byte[] buf = new byte[8192];
+        int len;
+        try
+        {
+            do
+            {
+                len = in.read( buf, 0, 8192 );
+                if ( len > 0 )
+                {
+                    verifier.update( buf, 0, len );
+                }
+            }
+            while ( len >= 0 );
+        }
+        finally
+        {
+            in.close();
+        }
+
+        SignatureStatus status = verifier.finish();
+
+        assertNotNull( "check we got a status", status );
+        assertTrue( "check it was successful", status.isValid() );
+    }
+
+    public void testSignDataDetachedAscii()
+        throws OpenPgpException, IOException
+    {
+        OpenPgpStreamingSigner signer = new BouncyCastleOpenPgpStreamingSigner( keyId, keyRing,
true );
+
+        InputStream in = getClass().getResourceAsStream( "/test-input" );
+        byte[] buf = new byte[8192];
+        int len;
+        try
+        {
+            do
+            {
+                len = in.read( buf, 0, 8192 );
+                if ( len > 0 )
+                {
+                    signer.update( buf, 0, len );
+                }
+            }
+            while ( len >= 0 );
+        }
+        finally
+        {
+            in.close();
+        }
+
+        byte[] signature = signer.finish();
+        
+        OpenPgpSignatureVerifier verifier = new BouncyCastleOpenPgpSignatureVerifier();
+
+        SignatureStatus status =
+            verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input"
),
+                                              new ByteArrayInputStream( signature ), keyRing
);
+        assertNotNull( "check we got a status", status );
+        assertTrue( "check it was successful", status.isValid() );
+    }
+
+    public void testVerifySignatureDetachedAscii()
+        throws IOException, OpenPgpException
+    {
+        InputStream signature = getClass().getResourceAsStream( "/test-input.asc" );
+        OpenPgpStreamingSignatureVerifier verifier =
+            new BouncyCastleOpenPgpStreamingSignatureVerifier( signature, keyRing );
+
+        InputStream in = getClass().getResourceAsStream( "/test-input" );
+        byte[] buf = new byte[8192];
+        int len;
+        try
+        {
+            do
+            {
+                len = in.read( buf, 0, 8192 );
+                if ( len > 0 )
+                {
+                    verifier.update( buf, 0, len );
+                }
+            }
+            while ( len >= 0 );
+        }
+        finally
+        {
+            in.close();
+        }
+
+        SignatureStatus status = verifier.finish();
+        
+        assertNotNull( "check we got a status", status );
+        assertTrue( "check it was successful", status.isValid() );
+    }
+}

Propchange: commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignerTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Copied: commons/sandbox/openpgp/trunk/src/test/resources/test-input.asc (from r675341, commons/sandbox/openpgp/trunk/src/test/resources/test-signature.asc)
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/resources/test-input.asc?p2=commons/sandbox/openpgp/trunk/src/test/resources/test-input.asc&p1=commons/sandbox/openpgp/trunk/src/test/resources/test-signature.asc&r1=675341&r2=675435&rev=675435&view=diff
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/resources/test-signature.asc (original)
+++ commons/sandbox/openpgp/trunk/src/test/resources/test-input.asc Wed Jul  9 21:16:51 2008
@@ -1,7 +1,7 @@
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.1 (Cygwin)
+Version: GnuPG v1.4.8 (Darwin)
 
-iD8DBQBDlVJdTusOMqfRa9QRAuxXAJ9k0G+f2tbO6eTuBQS1uim44aADVwCgxS3i
-MH8RP0v17V5sM1WN8ih97n8=
-=gPJ5
+iEYEABECAAYFAkh1iI4ACgkQTusOMqfRa9TqvwCggGd9MXU4+9YKAohx+n2HIvKZ
+8S4An1yw871Lq44DnNaI6U4BXTnD6knm
+=84SX
 -----END PGP SIGNATURE-----

Added: commons/sandbox/openpgp/trunk/src/test/resources/test-input.sig
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/resources/test-input.sig?rev=675435&view=auto
==============================================================================
Binary file - no diff available.

Propchange: commons/sandbox/openpgp/trunk/src/test/resources/test-input.sig
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream



Mime
View raw message