package org.eclipse.jgit.transport;
import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertTrue;
import java.io.ByteArrayInputStream;
import java.io.EOFException;
assertEquals(concatPacketLines(input, 0, 6), cert.toText());
- String signature = concatPacketLines(input, 7, 16);
- assertFalse(signature.contains(PushCertificateParser.BEGIN_SIGNATURE));
- assertFalse(signature.contains(PushCertificateParser.END_SIGNATURE));
+ String signature = concatPacketLines(input, 6, 17);
+ assertTrue(signature.startsWith(PushCertificateParser.BEGIN_SIGNATURE));
+ assertTrue(signature.endsWith(PushCertificateParser.END_SIGNATURE));
assertEquals(signature, cert.getSignature());
}
throw new IllegalArgumentException(
JGitText.get().pushCertificateInvalidSignature);
}
+ if (!signature.startsWith(PushCertificateParser.BEGIN_SIGNATURE)
+ || !signature.endsWith(PushCertificateParser.END_SIGNATURE)) {
+ throw new IllegalArgumentException(
+ JGitText.get().pushCertificateInvalidSignature);
+ }
this.version = version;
this.pusher = pusher;
this.pushee = pushee;
/**
* @return the raw signature, consisting of the lines received between the
* lines {@code "----BEGIN GPG SIGNATURE-----\n"} and
- * {@code "----END GPG SIGNATURE-----\n}", exclusive
+ * {@code "----END GPG SIGNATURE-----\n}", inclusive.
* @since 4.0
*/
public String getSignature() {
*/
public void receiveSignature(PacketLineIn pckIn) throws IOException {
try {
- StringBuilder sig = new StringBuilder();
+ StringBuilder sig = new StringBuilder(BEGIN_SIGNATURE);
String line;
while (!(line = pckIn.readStringRaw()).equals(END_SIGNATURE)) {
sig.append(line);
}
- signature = sig.toString();
+ signature = sig.append(END_SIGNATURE).toString();
if (!pckIn.readStringRaw().equals(END_CERT)) {
throw new PackProtocolException(
JGitText.get().pushCertificateInvalidSignature);
projects / jgit.git / commitdiff