summaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.gpg.bc
diff options
context:
space:
mode:
authorMatthias Sohn <matthias.sohn@sap.com>2020-11-28 21:02:09 +0100
committerMatthias Sohn <matthias.sohn@sap.com>2020-11-28 21:51:50 +0100
commit286ad23cb56ffeac77d4bfd03be575358fd5217c (patch)
treedc075c6b1d1e813f253ec465813b6251d9d07d61 /org.eclipse.jgit.gpg.bc
parent4887894ffd637030a311ca8d60b78515b1a5cf35 (diff)
parent4f2065d145c3fa3f8ad3de28af3ee5dfeb74c765 (diff)
downloadjgit-286ad23cb56ffeac77d4bfd03be575358fd5217c.tar.gz
jgit-286ad23cb56ffeac77d4bfd03be575358fd5217c.zip
Merge branch 'master' into next
* master: Remove unused imports Silence API warnings Remove erraneously merged source features Add support for reading symrefs from pack capabilities Prepare 5.3.9-SNAPSHOT builds JGit v5.3.8.202011260953-r Prepare 5.1.15-SNAPSHOT builds JGit v5.1.14.202011251942-r GC#deleteOrphans: log warning for deleted orphaned files GC#deleteOrphans: handle failure to list files in pack directory Ensure that GC#deleteOrphans respects pack lock Prepare 5.10.0-SNAPSHOT builds JGit v5.10.0.202011251205-m3 PacketLineIn: ensure that END != DELIM Update Orbit to S20201118210000 and add target for 4.18 PacketLineIn: ensure that END != DELIM PacketLineIn: ensure that END != DELIM Allow to resolve a conflict by checking out a file Update Orbit to I20201111205634 Document that setLastModified sets time of symlink target Fix bug in PerformanceLogContext Fix IOException occurring during gc Prepare 5.10.0-SNAPSHOT builds JGit v5.10.0.202011041322-m2 Revert "Client-side protocol V2 support for fetching" Close Repository to fix tests failing on Windows Client-side protocol V2 support for fetching Update slf4j to 1.7.30 Update Orbit to S20201027182932 (2020-12 M2) Fix formatting of config option values Document options in core section supported by JGit Ensure .gitmodules is loaded when accessing submodule name Export new package org.eclipse.jgit.logging and import it where used Ensure GC.deleteOrphans() can delete read-only orphaned files on Windows Add new performance logging Implement git describe --all Compute time differences with Duration Override config http.userAgent from environment GIT_HTTP_USER_AGENT Upgrade spotbugs-maven-plugin to 4.1.3 Fix OperatorPrecedence warning flagged by error prone UploadPackTest#testUploadRedundantBytes: ensure test repo is closed ObjectDirectory#selectObjectRepresentation: fix formatting Upgrade ecj to 3.23.0 Support "http.userAgent" and "http.extraHeader" from the git config sshd: better error report when user cancels authentication API filters for PackStatistics.Accumulator Add TypedConfigGetter.getPath() Make Javadoc consistent for PackStatistics fields Measure time taken for reachability checks Measure time taken for negotiation in protocol V2 IndexDiffFilter: handle path prefixes correctly sshd: support the ProxyJump ssh config Upgrade jacoco-maven-plugin to 0.8.6 ReceivePackStats: Add size and count of unnecessary pushed objects Upgrade maven-project-info-reports-plugin to 3.1.1 Prepare 5.9.1-SNAPSHOT builds JGit v5.9.0.202009080501-r [releng] Enable japicmp for the fragments added in 5.8.0 GitlinkMergeTest: fix boxing warnings Remove unused API problem filters Add missing since tag on BundleWriter#addObjectsAsIs SshdSession: close channel gracefully GPG: include signer's user ID in the signature jgit: Add DfsBundleWriter Bump Bazel version to 3.5.0 Upgrade maven-resources-plugin to 3.2.0 Upgrade plexus-compiler version to 2.8.8 [bazel] Add missing dependency to slf4j-api [errorprone] DirCacheEntry: make clear operator precedence [errorprone] PackWriter#parallelDeltaSearch: avoid suppressed exception [errorprone] Declare DirCache#version final Add jgit-4.17-staging target platform for 2020-09 Update target platform to R20200831200620 Prepare 5.10.0-SNAPSHOT builds Prepare 5.9.0-SNAPSHOT builds ResolveMerger: do not content-merge gitlinks on del/mod conflicts ResolveMerger: Adding test cases for GITLINK deletion ResolveMerger: choose OURS on gitlink when ignoreConflicts ResolveMerger: improving content merge readability ResolveMerger: extracting createGitLinksMergeResult method ResolveMerger: Adding test cases for GITLINK merge JGit v5.9.0.202008260805-m3 Fix possible NegativeArraySizeException in PackIndexV1 FS: use binary search to determine filesystem timestamp resolution Do not prematurely create directory of jgit's XDG config file FS: write to JGit config in a background thread FS: don't cache fallback if running in background Keep line endings for text files committed with CR/LF on text=auto Delay WindowCache statistics JMX MBean registration [releng] Update plexus-compiler to 2.8.7 DirCache: support index V4 Update javadoc for RemoteSession and SshSessionFactory Fix JSchProcess.waitFor() with time-out sshd: work around a race condition in Apache MINA sshd 2.4.0/2.5.x sshd: store per-session data on the sshd session object FilterSpec: Use BigInteger.ZERO instead of valueOf(0) Do not send empty blob in response to blob:none filter Add support for tree filters when fetching sshd: use PropertyResolver in test FS_POSIX: avoid prompt to install the XCode tools on OS X Remove dependency on JSch from SSH test framework Use LinkedBlockingQueue for executor determining filesystem attributes Update API warning filters Remove unused imports Bazel: Add workspace status command to stamp final artifact DiffFormatter: correctly deal with tracked files in ignored folders Prepare 5.8.2-SNAPSHOT builds JGit v5.8.1.202007141445-r Update Jetty to 9.4.30.v20200611 Fix writing GPG signatures with trailing newline Rename a test method Add a test for upstream bug SSHD-1028 Improve error message when receive.maxCommandBytes is exceeded LfsConnectionFactory#getLfsUrl: Fix unconditional break in for-loop DiffFormatterTest: Add a test to confirm the default rename detection settings Upgrade maven-site-plugin to 3.9.1 Upgrade build-helper-maven-plugin to 3.2.0 Upgrade spotbugs to 4.0.4 MergedReftable: Include the last reftable in determining minUpdateIndex Add new osgi fragments to maven-central deploy scripts PackBitmapIndex: Not buffer inflated bitmap during bitmap creation. Do not require org.assertj.core.annotations Upgrade ecj to 3.22.0 Remove workaround for signing jars using Tycho plugins Use https for URL of jgit website Fix CI information in pom.xml Use gitiles as scm url in pom.xml for browsing source code Update API baseline to 5.8.0.202006091008-r Remove trailing whitespace Change-Id: Ie6bc6954741a47cfbd32c0886bdbd7b594f08b31 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Diffstat (limited to 'org.eclipse.jgit.gpg.bc')
-rw-r--r--org.eclipse.jgit.gpg.bc/META-INF/MANIFEST.MF3
-rw-r--r--org.eclipse.jgit.gpg.bc/pom.xml4
-rw-r--r--org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java39
3 files changed, 35 insertions, 11 deletions
diff --git a/org.eclipse.jgit.gpg.bc/META-INF/MANIFEST.MF b/org.eclipse.jgit.gpg.bc/META-INF/MANIFEST.MF
index aa851a9d5d..b59a850ea3 100644
--- a/org.eclipse.jgit.gpg.bc/META-INF/MANIFEST.MF
+++ b/org.eclipse.jgit.gpg.bc/META-INF/MANIFEST.MF
@@ -8,8 +8,7 @@ Bundle-Vendor: %Bundle-Vendor
Bundle-Localization: plugin
Bundle-Version: 6.0.0.qualifier
Bundle-RequiredExecutionEnvironment: JavaSE-1.8
-Import-Package: org.assertj.core.annotations;version="3.14.0",
- org.bouncycastle.bcpg;version="[1.65.0,2.0.0)",
+Import-Package: org.bouncycastle.bcpg;version="[1.65.0,2.0.0)",
org.bouncycastle.gpg;version="[1.65.0,2.0.0)",
org.bouncycastle.gpg.keybox;version="[1.65.0,2.0.0)",
org.bouncycastle.gpg.keybox.jcajce;version="[1.65.0,2.0.0)",
diff --git a/org.eclipse.jgit.gpg.bc/pom.xml b/org.eclipse.jgit.gpg.bc/pom.xml
index 64f784d1d3..833d23ceba 100644
--- a/org.eclipse.jgit.gpg.bc/pom.xml
+++ b/org.eclipse.jgit.gpg.bc/pom.xml
@@ -128,7 +128,6 @@
</configuration>
</plugin>
- <!-- No previous version to compare to
<plugin>
<groupId>com.github.siom79.japicmp</groupId>
<artifactId>japicmp-maven-plugin</artifactId>
@@ -170,13 +169,11 @@
</execution>
</executions>
</plugin>
- -->
</plugins>
</build>
<reporting>
<plugins>
- <!-- No previous version to compare to
<plugin>
<groupId>com.github.siom79.japicmp</groupId>
<artifactId>japicmp-maven-plugin</artifactId>
@@ -217,7 +214,6 @@
<skip>false</skip>
</configuration>
</plugin>
- -->
</plugins>
</reporting>
</project>
diff --git a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java
index c6ecdbe6da..ea159c547d 100644
--- a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java
+++ b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java
@@ -15,6 +15,7 @@ import java.net.URISyntaxException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
+import java.util.Iterator;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.bcpg.BCPGOutputStream;
@@ -22,6 +23,7 @@ import org.bouncycastle.bcpg.HashAlgorithmTags;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
+import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
@@ -38,6 +40,7 @@ import org.eclipse.jgit.lib.GpgSignature;
import org.eclipse.jgit.lib.GpgSigner;
import org.eclipse.jgit.lib.PersonIdent;
import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.util.StringUtils;
/**
* GPG Signer using BouncyCastle library
@@ -126,17 +129,32 @@ public class BouncyCastleGpgSigner extends GpgSigner {
privateKey = secretKey
.extractPrivateKey(decryptorBuilder.build(passphrase));
}
+ PGPPublicKey publicKey = secretKey.getPublicKey();
PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(
new JcaPGPContentSignerBuilder(
- secretKey.getPublicKey().getAlgorithm(),
+ publicKey.getAlgorithm(),
HashAlgorithmTags.SHA256).setProvider(
BouncyCastleProvider.PROVIDER_NAME));
signatureGenerator.init(PGPSignature.BINARY_DOCUMENT, privateKey);
- PGPSignatureSubpacketGenerator subpacketGenerator = new PGPSignatureSubpacketGenerator();
- subpacketGenerator.setIssuerFingerprint(false,
- secretKey.getPublicKey());
+ PGPSignatureSubpacketGenerator subpackets = new PGPSignatureSubpacketGenerator();
+ subpackets.setIssuerFingerprint(false, publicKey);
+ // Also add the signer's user ID. Note that GPG uses only the e-mail
+ // address part.
+ String userId = committer.getEmailAddress();
+ Iterator<String> userIds = publicKey.getUserIDs();
+ if (userIds.hasNext()) {
+ String keyUserId = userIds.next();
+ if (!StringUtils.isEmptyOrNull(keyUserId)
+ && (userId == null || !keyUserId.contains(userId))) {
+ // Not the committer's key?
+ userId = extractSignerId(keyUserId);
+ }
+ }
+ if (userId != null) {
+ subpackets.setSignerUserID(false, userId);
+ }
signatureGenerator
- .setHashedSubpackets(subpacketGenerator.generate());
+ .setHashedSubpackets(subpackets.generate());
ByteArrayOutputStream buffer = new ByteArrayOutputStream();
try (BCPGOutputStream out = new BCPGOutputStream(
new ArmoredOutputStream(buffer))) {
@@ -149,4 +167,15 @@ public class BouncyCastleGpgSigner extends GpgSigner {
throw new JGitInternalException(e.getMessage(), e);
}
}
+
+ private String extractSignerId(String pgpUserId) {
+ int from = pgpUserId.indexOf('<');
+ if (from >= 0) {
+ int to = pgpUserId.indexOf('>', from + 1);
+ if (to > from + 1) {
+ return pgpUserId.substring(from + 1, to);
+ }
+ }
+ return pgpUserId;
+ }
}