Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement OpenPGP Signature generation using PGPainless #48

Open
wants to merge 19 commits into
base: master
Choose a base branch
from
Open

Implement OpenPGP Signature generation using PGPainless #48

Changes from 1 commit
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
1fbc14b
Replace BC dependency with PGPainless (pulls in BC)
vanitasvitae May 29, 2023
bb2289f
Change default signature hash algorithm from SHA1 to SHA256
vanitasvitae May 29, 2023
4b1827d
Base the SigningStream on PGPainless
vanitasvitae May 30, 2023
dce7bfa
Add PgpHeaderSignatureProcessor and PgpSignatureProcessor
vanitasvitae May 30, 2023
977a59e
Base RpmFileSignatureProcessor on new PgpSignatureProcessor
vanitasvitae May 30, 2023
e1cd281
Remove extraneous semicolon
vanitasvitae May 30, 2023
b6f03da
Fix copyright statement in PgpHeaderSignatureProcessor
vanitasvitae May 30, 2023
49967ee
Fix copyright statement in new PgpSignatureProcessor classes
vanitasvitae May 30, 2023
489bd04
Add back and deprecate some old signing logic
vanitasvitae Jun 5, 2023
060d2e8
Bump PGPainless to 1.5.3 and support provided key-IDs
vanitasvitae Jun 12, 2023
bcf9966
Flatten set of signatures
vanitasvitae Jun 12, 2023
bc1ca89
Merge branch 'master' into pgpainless
dwalluck Mar 29, 2024
a2ac387
Fix codestyle isses
vanitasvitae Mar 29, 2024
b90e86c
Bump PGPainless to 1.6.7
vanitasvitae Mar 29, 2024
68f8658
Fix IOUtils import
dwalluck Mar 29, 2024
d68ab1a
For DSA signatures: Put DSAHEADER blob
vanitasvitae Mar 29, 2024
b2a8d25
Remove unused algorithm tags
vanitasvitae Mar 30, 2024
de14b42
Add deprecation notices to RsaSignatureProcessor and RsaHeaderSignatu…
vanitasvitae Mar 30, 2024
c2c9b84
Move logging statements to finish(), differentiating RSA and DSA
vanitasvitae Mar 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 25 additions & 2 deletions rpm/src/main/java/org/eclipse/packager/rpm/signature/PgpHeaderSignatureProcessor.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,9 @@
import java.nio.ByteBuffer;
import java.util.Objects;

import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSignature;
import org.eclipse.packager.rpm.RpmSignatureTag;
import org.eclipse.packager.rpm.header.Header;
import org.pgpainless.PGPainless;
Expand All @@ -43,6 +45,8 @@ public class PgpHeaderSignatureProcessor implements SignatureProcessor {

private final long keyId;

private PGPSignature signature;

private byte[] value;

public PgpHeaderSignatureProcessor(final PGPSecretKeyRing secretKeys,
Expand Down Expand Up @@ -91,7 +95,8 @@ public void write(int i) throws IOException {
signingStream.close();
EncryptionResult result = signingStream.getResult();

this.value = result.getDetachedSignatures().flatten().iterator().next().getEncoded();
this.signature = result.getDetachedSignatures().flatten().iterator().next();
this.value = signature.getEncoded();
logger.info("RSA HEADER: {}", this.value);
} catch (final Exception e) {
throw new RuntimeException(e);
Expand All @@ -105,6 +110,24 @@ public void feedPayloadData(final ByteBuffer data) {

@Override
public void finish(final Header<RpmSignatureTag> signature) {
signature.putBlob(RpmSignatureTag.RSAHEADER, this.value);
switch (this.signature.getKeyAlgorithm()) {
// RSA
case PublicKeyAlgorithmTags.RSA_GENERAL:
case PublicKeyAlgorithmTags.RSA_ENCRYPT:
case PublicKeyAlgorithmTags.RSA_SIGN:
signature.putBlob(RpmSignatureTag.RSAHEADER, this.value);
vanitasvitae marked this conversation as resolved.
Show resolved Hide resolved
break;

// DSA
case PublicKeyAlgorithmTags.DSA:
case PublicKeyAlgorithmTags.ECDSA:
case PublicKeyAlgorithmTags.EDDSA_LEGACY:
vanitasvitae marked this conversation as resolved.
Show resolved Hide resolved
signature.putBlob(RpmSignatureTag.DSAHEADER, this.value);
break;

default:
throw new RuntimeException("Unsupported public key algorithm id: " + this.signature.getKeyAlgorithm());
}

}
}