Author: brett Date: Tue Dec 6 23:32:26 2005 New Revision: 354747 URL: http://svn.apache.org/viewcvs?rev=354747&view=rev Log: refactor to use the streaming signature updater
Added: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureUpdater.java (with props) jakarta/commons/sandbox/openpgp/trunk/src/test/resources/test-signature.bpg (with props) Modified: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSigner.java jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureUpdater.java jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java jakarta/commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java Added: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureUpdater.java URL: http://svn.apache.org/viewcvs/jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureUpdater.java?rev=354747&view=auto ============================================================================== --- jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureUpdater.java (added) +++ jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureUpdater.java Tue Dec 6 23:32:26 2005 @@ -0,0 +1,151 @@ +package org.apache.commons.openpgp; + +/* + * Copyright 2005 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import org.bouncycastle.bcpg.ArmoredOutputStream; +import org.bouncycastle.bcpg.BCPGOutputStream; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.openpgp.PGPException; +import org.bouncycastle.openpgp.PGPPrivateKey; +import org.bouncycastle.openpgp.PGPSecretKey; +import org.bouncycastle.openpgp.PGPSignature; +import org.bouncycastle.openpgp.PGPSignatureGenerator; +import org.bouncycastle.openpgp.PGPUtil; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Security; +import java.security.SignatureException; + +/** + * Bouncy Castle implementation of the OpenPGP signer. + * + * @author <a href="mailto:[EMAIL PROTECTED]">Brett Porter</a> + */ +public class BouncyCastleOpenPgpSignatureUpdater + implements OpenPgpSignatureUpdater +{ + private static final String PROVIDER = "BC"; + + private PGPSignatureGenerator sGen; + + private final ByteArrayOutputStream signatureBytes; + + private BCPGOutputStream bOut; + + public BouncyCastleOpenPgpSignatureUpdater( String keyId, KeyRing keyRing, boolean asciiArmor ) + throws OpenPgpException + { + signatureBytes = new ByteArrayOutputStream(); + init( asciiArmor, signatureBytes, keyRing, keyId ); + } + + public BouncyCastleOpenPgpSignatureUpdater( OutputStream signature, String keyId, KeyRing keyRing, + boolean asciiArmor ) + throws OpenPgpException + { + signatureBytes = null; + init( asciiArmor, signature, keyRing, keyId ); + } + + private void init( boolean asciiArmor, OutputStream signature, KeyRing keyRing, String keyId ) + throws OpenPgpException + { + // TODO: better location for this? + Security.addProvider( new BouncyCastleProvider() ); + + OutputStream out; + if ( asciiArmor ) + { + out = new ArmoredOutputStream( signature ); + } + else + { + out = signature; + } + bOut = new BCPGOutputStream( out ); + + try + { + PGPSecretKey pgpSec = keyRing.getSecretKey( keyId ); + PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey( keyRing.getPassword(), PROVIDER ); + sGen = new PGPSignatureGenerator( pgpSec.getPublicKey().getAlgorithm(), PGPUtil.SHA1, PROVIDER ); + sGen.initSign( PGPSignature.BINARY_DOCUMENT, pgpPrivKey ); + } + catch ( NoSuchAlgorithmException e ) + { + throw new OpenPgpException( + "Unable to find the correct algorithm for PGP - check that the Bouncy Castle provider is correctly installed", + e ); + } + catch ( NoSuchProviderException e ) + { + throw new OpenPgpException( + "Unable to find the correct provider for PGP - check that the Bouncy Castle provider is correctly installed", + e ); + } + catch ( PGPException e ) + { + // TODO: more details + throw new OpenPgpException( "Error calculating detached signature", e ); + } + } + + public void update( byte[] buf ) + throws OpenPgpException + { + update( buf, 0, buf.length ); + } + + public void update( byte[] buf, int offset, int length ) + throws OpenPgpException + { + try + { + sGen.update( buf, offset, length ); + } + catch ( SignatureException e ) + { + // TODO: more details + throw new OpenPgpException( "Error calculating detached signature", e ); + } + } + + public byte[] finish() + throws OpenPgpException, IOException + { + try + { + sGen.generate().encode( bOut ); + } + catch ( PGPException e ) + { + // TODO: more details + throw new OpenPgpException( "Error calculating detached signature", e ); + } + catch ( SignatureException e ) + { + // TODO: more details + throw new OpenPgpException( "Error calculating detached signature", e ); + } + return signatureBytes != null ? signatureBytes.toByteArray() : null; + } + +} Propchange: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureUpdater.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureUpdater.java ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Modified: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java URL: http://svn.apache.org/viewcvs/jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java?rev=354747&r1=354746&r2=354747&view=diff ============================================================================== --- jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java (original) +++ jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignatureVerifier.java Tue Dec 6 23:32:26 2005 @@ -1,18 +1,5 @@ package org.apache.commons.openpgp; -import org.bouncycastle.openpgp.PGPCompressedData; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPObjectFactory; -import org.bouncycastle.openpgp.PGPPublicKey; -import org.bouncycastle.openpgp.PGPSignature; -import org.bouncycastle.openpgp.PGPSignatureList; -import org.bouncycastle.openpgp.PGPUtil; - -import java.io.IOException; -import java.io.InputStream; -import java.security.NoSuchProviderException; -import java.security.SignatureException; - /* * Copyright 2005 The Apache Software Foundation. * @@ -29,6 +16,22 @@ * limitations under the License. */ +import org.bouncycastle.bcpg.ArmoredInputStream; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.openpgp.PGPCompressedData; +import org.bouncycastle.openpgp.PGPException; +import org.bouncycastle.openpgp.PGPObjectFactory; +import org.bouncycastle.openpgp.PGPPublicKey; +import org.bouncycastle.openpgp.PGPSignature; +import org.bouncycastle.openpgp.PGPSignatureList; +import org.bouncycastle.openpgp.PGPUtil; + +import java.io.IOException; +import java.io.InputStream; +import java.security.NoSuchProviderException; +import java.security.Security; +import java.security.SignatureException; + /** * Verify signatures using the Bouncy Castle OpenPGP provider. * @@ -44,10 +47,18 @@ return null; //To change body of implemented methods use File | Settings | File Templates. } - public SignatureStatus verifyDetachedSignature( InputStream data, InputStream signature, KeyRing keyRing ) + public SignatureStatus verifyDetachedSignature( InputStream data, InputStream signature, KeyRing keyRing, + boolean asciiArmored ) throws OpenPgpException, UnknownKeyException, IOException { + // TODO: better location for this? + Security.addProvider( new BouncyCastleProvider() ); + signature = PGPUtil.getDecoderStream( signature ); + if ( asciiArmored ) + { + signature = new ArmoredInputStream( signature ); + } PGPObjectFactory pgpFact = new PGPObjectFactory( signature ); PGPSignatureList p3; Modified: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSigner.java URL: http://svn.apache.org/viewcvs/jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSigner.java?rev=354747&r1=354746&r2=354747&view=diff ============================================================================== --- jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSigner.java (original) +++ jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSigner.java Tue Dec 6 23:32:26 2005 @@ -16,23 +16,9 @@ * limitations under the License. */ -import org.bouncycastle.bcpg.ArmoredOutputStream; -import org.bouncycastle.bcpg.BCPGOutputStream; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPrivateKey; -import org.bouncycastle.openpgp.PGPSecretKey; -import org.bouncycastle.openpgp.PGPSignature; -import org.bouncycastle.openpgp.PGPSignatureGenerator; -import org.bouncycastle.openpgp.PGPUtil; - import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.Security; -import java.security.SignatureException; /** * Bouncy Castle implementation of the OpenPGP signer. @@ -42,7 +28,7 @@ public class BouncyCastleOpenPgpSigner implements OpenPgpSigner { - private static final String BOUNCY_CASTLE_PROVIDER = "BC"; + private static final int BUFFER_SIZE = 1024; public void sign( InputStream data, OutputStream signedOutput, String keyId, KeyRing keyRing, boolean asciiArmor ) throws OpenPgpException @@ -54,54 +40,22 @@ boolean asciiArmor ) throws OpenPgpException, IOException { - // TODO: necessary? - Security.addProvider( new BouncyCastleProvider() ); - if ( asciiArmor ) - { - signature = new ArmoredOutputStream( signature ); - } - - PGPSecretKey pgpSec = keyRing.getSecretKey( keyId ); - try - { - PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey( keyRing.getPassword(), BOUNCY_CASTLE_PROVIDER ); - PGPSignatureGenerator sGen = - new PGPSignatureGenerator( pgpSec.getPublicKey().getAlgorithm(), PGPUtil.SHA1, BOUNCY_CASTLE_PROVIDER ); + OpenPgpSignatureUpdater updater = + new BouncyCastleOpenPgpSignatureUpdater( signature, keyId, keyRing, asciiArmor ); - sGen.initSign( PGPSignature.BINARY_DOCUMENT, pgpPrivKey ); + byte[] buf = new byte[BUFFER_SIZE]; - BCPGOutputStream bOut = new BCPGOutputStream( signature ); - - int ch; - - while ( ( ch = data.read() ) >= 0 ) + int len; + do + { + len = data.read( buf ); + if ( len > 0 ) { - sGen.update( (byte) ch ); + updater.update( buf, 0, len ); } - - sGen.generate().encode( bOut ); - } - catch ( NoSuchAlgorithmException e ) - { - throw new OpenPgpException( - "Unable to find the correct algorithm for PGP - check that the Bouncy Castle provider is correctly installed", - e ); - } - catch ( NoSuchProviderException e ) - { - throw new OpenPgpException( - "Unable to find the correct provider for PGP - check that the Bouncy Castle provider is correctly installed", - e ); - } - catch ( PGPException e ) - { - // TODO: more details - throw new OpenPgpException( "Error calculating detached signature", e ); - } - catch ( SignatureException e ) - { - // TODO: more details - throw new OpenPgpException( "Error calculating detached signature", e ); } + while ( len >= 0 ); + + updater.finish(); } } Modified: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureUpdater.java URL: http://svn.apache.org/viewcvs/jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureUpdater.java?rev=354747&r1=354746&r2=354747&view=diff ============================================================================== --- jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureUpdater.java (original) +++ jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureUpdater.java Tue Dec 6 23:32:26 2005 @@ -16,11 +16,12 @@ * limitations under the License. */ +import java.io.IOException; + /** * An interface for updating an OpenPGP signature on the fly with streaming data. * * @author <a href="mailto:[EMAIL PROTECTED]">Brett Porter</a> - * @todo not sure if this will be used or not */ public interface OpenPgpSignatureUpdater { @@ -51,6 +52,6 @@ * @throws OpenPgpException if the signature is not in a consistent or complete state */ byte[] finish() - throws OpenPgpException; + throws OpenPgpException, IOException; } Modified: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java URL: http://svn.apache.org/viewcvs/jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java?rev=354747&r1=354746&r2=354747&view=diff ============================================================================== --- jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java (original) +++ jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/OpenPgpSignatureVerifier.java Tue Dec 6 23:32:26 2005 @@ -40,10 +40,12 @@ /** * Verify a piece of data against a detached signature. * - * @param data the data to that was signed - * @param signature the detached signature to verify against the data - * @param keyRing the keyring containing the key used to sign the data + * @param data the data to that was signed + * @param signature the detached signature to verify against the data + * @param keyRing the keyring containing the key used to sign the data + * @param asciiArmored whether the signature is ascii armored */ - SignatureStatus verifyDetachedSignature( InputStream data, InputStream signature, KeyRing keyRing ) + SignatureStatus verifyDetachedSignature( InputStream data, InputStream signature, KeyRing keyRing, + boolean asciiArmored ) throws OpenPgpException, UnknownKeyException, IOException; } Modified: jakarta/commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java URL: http://svn.apache.org/viewcvs/jakarta/commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java?rev=354747&r1=354746&r2=354747&view=diff ============================================================================== --- jakarta/commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java (original) +++ jakarta/commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java Tue Dec 6 23:32:26 2005 @@ -58,17 +58,18 @@ // TODO: can we get it to verify an ascii armored one? SignatureStatus status = verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input.txt" ), new ByteArrayInputStream( signature.toByteArray() ), - keyRing ); + keyRing, false ); assertNotNull( "check we got a status", status ); assertTrue( "check it was successful", status.isValid() ); } - public void testVerifySignatureDetachedAsciiArmor() + public void testVerifySignatureDetachedBinary() throws IOException, OpenPgpException { + // TODO: can we get it to verify an ascii armored one? SignatureStatus status = verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input.txt" ), getClass().getResourceAsStream( - "/test-signature.asc" ), keyRing ); + "/test-signature.bpg" ), keyRing, false ); assertNotNull( "check we got a status", status ); assertTrue( "check it was successful", status.isValid() ); Added: jakarta/commons/sandbox/openpgp/trunk/src/test/resources/test-signature.bpg URL: http://svn.apache.org/viewcvs/jakarta/commons/sandbox/openpgp/trunk/src/test/resources/test-signature.bpg?rev=354747&view=auto ============================================================================== Binary file - no diff available. Propchange: jakarta/commons/sandbox/openpgp/trunk/src/test/resources/test-signature.bpg ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]