Examples with PGPPublicKeyRing org.bouncycastle.openpgp.PGPPublicKeyRing used on opensource projects

Example 16 with PGPPublicKeyRing

use of org.bouncycastle.openpgp.PGPPublicKeyRing in project gerrit by GerritCodeReview.

the class PublicKeyStore method getSigner.

/**
   * Choose the public key that produced a signature.
   *
   * <p>
   *
   * @param keyRings candidate keys.
   * @param sig signature object.
   * @param data signed payload.
   * @return the key chosen from {@code keyRings} that was able to verify the signature, or {@code
   *     null} if none was found.
   * @throws PGPException if an error occurred verifying the signature.
   */
public static PGPPublicKey getSigner(Iterable<PGPPublicKeyRing> keyRings, PGPSignature sig, byte[] data) throws PGPException {
    for (PGPPublicKeyRing kr : keyRings) {
        PGPPublicKey k = kr.getPublicKey();
        sig.init(new BcPGPContentVerifierBuilderProvider(), k);
        sig.update(data);
        if (sig.verify()) {
            return k;
        }
    }
    return null;
}

Example 17 with PGPPublicKeyRing

use of org.bouncycastle.openpgp.PGPPublicKeyRing in project gerrit by GerritCodeReview.

the class PublicKeyStore method getSigner.

/**
   * Choose the public key that produced a certification.
   *
   * <p>
   *
   * @param keyRings candidate keys.
   * @param sig signature object.
   * @param userId user ID being certified.
   * @param key key being certified.
   * @return the key chosen from {@code keyRings} that was able to verify the certification, or
   *     {@code null} if none was found.
   * @throws PGPException if an error occurred verifying the certification.
   */
public static PGPPublicKey getSigner(Iterable<PGPPublicKeyRing> keyRings, PGPSignature sig, String userId, PGPPublicKey key) throws PGPException {
    for (PGPPublicKeyRing kr : keyRings) {
        PGPPublicKey k = kr.getPublicKey();
        sig.init(new BcPGPContentVerifierBuilderProvider(), k);
        if (sig.verifyCertification(userId, key)) {
            return k;
        }
    }
    return null;
}

Example 18 with PGPPublicKeyRing

use of org.bouncycastle.openpgp.PGPPublicKeyRing in project gerrit by GerritCodeReview.

the class PublicKeyStore method save.

/**
   * Save pending keys to the store.
   *
   * <p>One commit is created and the ref updated. The pending list is cleared if and only if the
   * ref update succeeds, which allows for easy retries in case of lock failure.
   *
   * @param cb commit builder with at least author and identity populated; tree and parent are
   *     ignored.
   * @return result of the ref update.
   */
public RefUpdate.Result save(CommitBuilder cb) throws PGPException, IOException {
    if (toAdd.isEmpty() && toRemove.isEmpty()) {
        return RefUpdate.Result.NO_CHANGE;
    }
    if (reader == null) {
        load();
    }
    if (notes == null) {
        notes = NoteMap.newEmptyMap();
    }
    ObjectId newTip;
    try (ObjectInserter ins = repo.newObjectInserter()) {
        for (PGPPublicKeyRing keyRing : toAdd.values()) {
            saveToNotes(ins, keyRing);
        }
        for (Fingerprint fp : toRemove) {
            deleteFromNotes(ins, fp);
        }
        cb.setTreeId(notes.writeTree(ins));
        if (cb.getTreeId().equals(tip != null ? tip.getTree() : EMPTY_TREE)) {
            return RefUpdate.Result.NO_CHANGE;
        }
        if (tip != null) {
            cb.setParentId(tip);
        }
        if (cb.getMessage() == null) {
            int n = toAdd.size() + toRemove.size();
            cb.setMessage(String.format("Update %d public key%s", n, n != 1 ? "s" : ""));
        }
        newTip = ins.insert(cb);
        ins.flush();
    }
    RefUpdate ru = repo.updateRef(PublicKeyStore.REFS_GPG_KEYS);
    ru.setExpectedOldObjectId(tip);
    ru.setNewObjectId(newTip);
    ru.setRefLogIdent(cb.getCommitter());
    ru.setRefLogMessage("Store public keys", true);
    RefUpdate.Result result = ru.update();
    reset();
    switch(result) {
        case FAST_FORWARD:
        case NEW:
        case NO_CHANGE:
            toAdd.clear();
            toRemove.clear();
            break;
        case FORCED:
        case IO_FAILURE:
        case LOCK_FAILURE:
        case NOT_ATTEMPTED:
        case REJECTED:
        case REJECTED_CURRENT_BRANCH:
        case RENAMED:
        default:
            break;
    }
    return result;
}

Example 19 with PGPPublicKeyRing

use of org.bouncycastle.openpgp.PGPPublicKeyRing in project gerrit by GerritCodeReview.

the class PublicKeyStore method deleteFromNotes.

private void deleteFromNotes(ObjectInserter ins, Fingerprint fp) throws PGPException, IOException {
    long keyId = fp.getId();
    PGPPublicKeyRingCollection existing = get(keyId);
    List<PGPPublicKeyRing> toWrite = new ArrayList<>(existing.size());
    for (PGPPublicKeyRing kr : existing) {
        if (!fp.equalsBytes(kr.getPublicKey().getFingerprint())) {
            toWrite.add(kr);
        }
    }
    if (toWrite.size() == existing.size()) {
        return;
    } else if (!toWrite.isEmpty()) {
        notes.set(keyObjectId(keyId), ins.insert(OBJ_BLOB, keysToArmored(toWrite)));
    } else {
        notes.remove(keyObjectId(keyId));
    }
}

Example 20 with PGPPublicKeyRing

use of org.bouncycastle.openpgp.PGPPublicKeyRing in project gerrit by GerritCodeReview.

the class PublicKeyStore method saveToNotes.

private void saveToNotes(ObjectInserter ins, PGPPublicKeyRing keyRing) throws PGPException, IOException {
    long keyId = keyRing.getPublicKey().getKeyID();
    PGPPublicKeyRingCollection existing = get(keyId);
    List<PGPPublicKeyRing> toWrite = new ArrayList<>(existing.size() + 1);
    boolean replaced = false;
    for (PGPPublicKeyRing kr : existing) {
        if (sameKey(keyRing, kr)) {
            toWrite.add(keyRing);
            replaced = true;
        } else {
            toWrite.add(kr);
        }
    }
    if (!replaced) {
        toWrite.add(keyRing);
    }
    notes.set(keyObjectId(keyId), ins.insert(OBJ_BLOB, keysToArmored(toWrite)));
}