Browse Source

PushCertificateParser: include begin/end lines in signature

The signature is intended to be passed to a verification library such
as Bouncy Castle, which expects these lines to be present in order to
parse the signature.

Change-Id: I22097bead2746da5fc53419f79761cafd5c31c3b
stable-4.1
Dave Borowitz 10 years ago
parent
commit
b822f9b51d
  1. 8
      org.eclipse.jgit.test/tst/org/eclipse/jgit/transport/PushCertificateParserTest.java
  2. 7
      org.eclipse.jgit/src/org/eclipse/jgit/transport/PushCertificate.java
  3. 4
      org.eclipse.jgit/src/org/eclipse/jgit/transport/PushCertificateParser.java

8
org.eclipse.jgit.test/tst/org/eclipse/jgit/transport/PushCertificateParserTest.java

@ -43,8 +43,8 @@
package org.eclipse.jgit.transport;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertTrue;
import java.io.ByteArrayInputStream;
import java.io.EOFException;
@ -119,9 +119,9 @@ public class PushCertificateParserTest {
assertEquals(concatPacketLines(input, 0, 6), cert.toText());
String signature = concatPacketLines(input, 7, 16);
assertFalse(signature.contains(PushCertificateParser.BEGIN_SIGNATURE));
assertFalse(signature.contains(PushCertificateParser.END_SIGNATURE));
String signature = concatPacketLines(input, 6, 17);
assertTrue(signature.startsWith(PushCertificateParser.BEGIN_SIGNATURE));
assertTrue(signature.endsWith(PushCertificateParser.END_SIGNATURE));
assertEquals(signature, cert.getSignature());
}

7
org.eclipse.jgit/src/org/eclipse/jgit/transport/PushCertificate.java

@ -123,6 +123,11 @@ public class PushCertificate {
throw new IllegalArgumentException(
JGitText.get().pushCertificateInvalidSignature);
}
if (!signature.startsWith(PushCertificateParser.BEGIN_SIGNATURE)
|| !signature.endsWith(PushCertificateParser.END_SIGNATURE)) {
throw new IllegalArgumentException(
JGitText.get().pushCertificateInvalidSignature);
}
this.version = version;
this.pusher = pusher;
this.pushee = pushee;
@ -193,7 +198,7 @@ public class PushCertificate {
/**
* @return the raw signature, consisting of the lines received between the
* lines {@code "----BEGIN GPG SIGNATURE-----\n"} and
* {@code "----END GPG SIGNATURE-----\n}", exclusive
* {@code "----END GPG SIGNATURE-----\n}", inclusive.
* @since 4.0
*/
public String getSignature() {

4
org.eclipse.jgit/src/org/eclipse/jgit/transport/PushCertificateParser.java

@ -258,12 +258,12 @@ public class PushCertificateParser {
*/
public void receiveSignature(PacketLineIn pckIn) throws IOException {
try {
StringBuilder sig = new StringBuilder();
StringBuilder sig = new StringBuilder(BEGIN_SIGNATURE);
String line;
while (!(line = pckIn.readStringRaw()).equals(END_SIGNATURE)) {
sig.append(line);
}
signature = sig.toString();
signature = sig.append(END_SIGNATURE).toString();
if (!pckIn.readStringRaw().equals(END_CERT)) {
throw new PackProtocolException(
JGitText.get().pushCertificateInvalidSignature);

Loading…
Cancel
Save