aboutsummaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.gpg.bc.test/META-INF
Commit message (Collapse)AuthorAgeFilesLines
...
| * Prepare 5.12.0-SNAPSHOT buildsMatthias Sohn2021-03-101-4/+4
| | | | | | | | | | Change-Id: I736de7c3deb11da75777d459f47332df0b486443 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| * Prepare 5.11.1-SNAPSHOT buildsMatthias Sohn2021-03-091-4/+4
| | | | | | | | | | Change-Id: I94628ccbb5099a65aa4345cfd28a141ff5555b68 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| * JGit v5.11.0.202103091610-rv5.11.0.202103091610-rMatthias Sohn2021-03-091-1/+1
| | | | | | | | | | Change-Id: I8e6855eaf7228459f492036feb4e34ca085698a7 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| * Prepare 5.11.0-SNAPSHOT buildsMatthias Sohn2021-03-041-1/+1
| | | | | | | | | | Change-Id: I89ed49a6acc53dd75d16f40c99e1140e0c18f646 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| * JGit v5.11.0.202103031150-rc1v5.11.0.202103031150-rc1Matthias Sohn2021-03-031-1/+1
| | | | | | | | | | Change-Id: I0a86fa59645888f9f36ea6938c9121e095f02fc6 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| * Prepare 5.11.0-SNAPSHOT buildsMatthias Sohn2021-02-241-1/+1
| | | | | | | | | | Change-Id: If3dbe084ee37ae4b993d3a10ec48b14e8709ff6d Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| * JGit v5.11.0.202102240950-m3v5.11.0.202102240950-m3Matthias Sohn2021-02-241-1/+1
| | | | | | | | | | Change-Id: Iea6b3515fa63db497989194b6bf50fe7324086d0 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* | Merge branch 'master' into nextMatthias Sohn2021-02-281-3/+13
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * master: (143 commits) Prepare 5.11.0-SNAPSHOT builds JGit v5.11.0.202102240950-m3 [releng] japicmp: update last release version IgnoreNode: include path to file for invalid .gitignore patterns FastIgnoreRule: include bad pattern in log message init: add config option to set default for the initial branch name init: allow specifying the initial branch name for the new repository Fail clone if initial branch doesn't exist in remote repository GPG: fix reading unprotected old-format secret keys Update Orbit to S20210216215844 Add missing bazel dependency for o.e.j.gpg.bc.test GPG: handle extended private key format dfs: handle short copies [GPG] Provide a factory for the BouncyCastleGpgSigner Fix boxing warnings GPG: compute the keygrip to find a secret key GPG signature verification via BouncyCastle Post commit hook failure should not cause commit failure Allow to define additional Hook classes outside JGit GitHook: use default charset for output and error streams ... Change-Id: I689f4070e79f4a0ac1c02b35698ccaab68ad2f34
| * GPG: handle extended private key formatThomas Wolf2021-02-191-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add detection for the key-value pair format that was available in gpg-agent for some time already and that has become the default since gpg-agent 2.2.20. If a secret key in the .gnupg/private-keys-v1.d directory is found to have this format, extract the human-readable key from it, convert it to the binary serialized form and hand that to BouncyCastle. Encrypted keys in the new format may use AES/OCB. OCB is a patent- encumbered algorithm; although there is a license for open-source software, that may not be good enough and OCB may not be available in Java. It is not available in the default security provider in Java, and it is also not available in the BouncyCastle version included in Eclipse. Implement AES/OCB decryption, throwing a PGPException with a nice message if the algorithm is not available. Include a copy of the normal s-expression parser of BouncyCastle and fix it to properly handle data from such keys: such keys do not contain an internal hash since the AES/OCB cipher includes and checks a MAC already. Bug: 570501 Change-Id: Ifa6391a809a84cfc6ae7c6610af6a79204b4143b Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
| * GPG: compute the keygrip to find a secret keyThomas Wolf2021-02-161-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The gpg-agent stores secret keys in individual files in the secret key directory private-keys-v1.d. The files have the key's keygrip (in upper case) as name and extension ".key". A keygrip is a SHA1 hash over the parameters of the public key. By computing this keygrip, we can pre-compute the expected file name and then check only that one file instead of having to iterate over all keys stored in that directory. This file naming scheme is actually an implementation detail of gpg-agent. It is unlikely to change, though. The keygrip itself is computed via libgcrypt and will remain stable according to the GPG main author.[1] Add an implementation for calculating the keygrip and include tests. Do not iterate over files in BouncyCastleGpgKeyLocator but only check the single file identified by the keygrip. Ideally upstream BouncyCastle would provide such a getKeyGrip() method. But as it re-builds GPG and libgcrypt internals, it's doubtful it would be included there, and since BouncyCastle even lacks a number of curve OIDs for ed25519/curve25519 and uses the short-Weierstrass parameters instead of the more common Montgomery parameters, including it there might be quite a bit of work. [1] http://gnupg.10057.n7.nabble.com/GnuPG-2-1-x-and-2-2-x-keyring-formats-tp54146p54154.html Bug: 547536 Change-Id: I30022a0e7b33b1bf35aec1222f84591f0c30ddfd Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
| * Prepare 5.11.0-SNAPSHOT buildsMatthias Sohn2020-12-021-2/+2
| | | | | | | | | | Change-Id: I91e5532526775191fbd34f81e2ef777cba605e3b Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| * Prepare 5.10.0-SNAPSHOT buildsMatthias Sohn2020-08-271-2/+2
| | | | | | | | | | Change-Id: I9a2b39e9e85f27179ceb3b1709d75c466089a3bc Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* | Merge branch 'master' into nextMatthias Sohn2020-06-101-2/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * master: SimpleMergeTest: Clean up code style Prepare 5.8.1-SNAPSHOT builds Handle Fragment-Host declaration when updating version JGit v5.8.0.202006091008-r Prepare 5.9.0-SNAPSHOT builds Handle Fragment-Host declaration when updating version Add benchmark for strategies how to move a file Add getter for unpackErrorHandler in ReceivePack Upgrade maven-project-info-reports-plugin to 3.1.0 Upgrade maven-shade-plugin to 3.2.4 ObjectDirectoryInserter: Open FileOutputStream in try-with-resource ObjectDirectoryInserter: Remove redundant 'throws' declarations ObjectDirectory: Further clean up insertUnpackedObject Add Git#shutdown for releasing resources held by JGit process ApplyCommand: use context lines to determine hunk location GPG: don't prompt for a passphrase for unprotected keys Fix typo in org.eclipse.jgit.ssh.jsch.test MANIFEST Fix ProtectedMembersInFinalClass warning flagged by error prone Use version range to define fragment host bundle version ObjectDirectory: Explicitly handle NoSuchFileException ObjectDirectory: Fail immediately when atomic move is not supported Fix jgit packaging Fix InvalidInlineTag error flagged by error prone Fix BadComparable error flagged by error prone Add tests for RawTextComparator.WS_IGNORE_CHANGE.hash() Update Orbit to R20200529191137 for final Eclipse release 2020-06 Organize manifest of org.eclipse.jgit.pgm Do not include log4j implementation in jgit Decouple JSch from JGit Core Decouple BouncyCastle from JGit Core Verify that the user home directory is valid WindowCache: conditional JMX setup RawTextComparator.WS_IGNORE_CHANGE must not compare whitespace Revert "PackBitmapIndex: Not buffer inflated bitmap in BasePackBitmapIndex" Update jetty to 9.4.28.v20200408 Add 4.16 staging target platform In-memory SSH keys for the "no files" sshd tests Builder API to configure SshdSessionFactories TransportHttp: abort on time-out or on SocketException Ignore core.eol if core.autocrlf=input Attributes: fix handling of text=auto in combination with eol Bazel: Remove superfluous dependencies flagged by unused_deps Log stack trace if CachingKeyPairProvider hits unexpected exception Update Orbit to S20200519202422 and ant to 1.10.8 Include full IssuerFingerprint in GPG signature Bazel: Fix src_sha1 of bcpg-jdk15on Suppress API error for new method BitmapIndex.Bitmap#retrieveCompressed Fix wrong @since tags added in dcb0265 PackBitmapIndex: Set distance threshold PackBitmapIndex: Not buffer inflated bitmap in BasePackBitmapIndex PackBitmapIndex: Remove convertedBitmaps in the Remapper PackBitmapIndex: Reduce memory usage in GC PackBitmapIndex: Add AddToBitmapWithCacheFilter class PackBitmapIndex: Add util methods and builder to BitmapCommit PackBitmapIndex: Move BitmapCommit to a top-level class Refactor: Make retriveCompressed an method of the Bitmap class Fix downloading LFS Object fails behind proxy Allow for using custom s3 host with lfs server ReceivePack: adding IterativeConnectivityChecker Moving transport/internal -> internal/transport Fix error occurring during checkout Change-Id: Ic11286e16ed6a72c6372297b310336dd040689d1
* Prepare 5.9.0-SNAPSHOT buildsMatthias Sohn2020-06-091-2/+2
| | | | | Change-Id: Ia998e2772df1285a4c674b07201f15d53156eb78 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Decouple BouncyCastle from JGit CoreMatthias Sohn2020-06-011-0/+14
Motivation: BouncyCastle serves as 'default' implementation of the GPG Signer. If a client application does not use it there is no need to pull in this dependency, especially since BouncyCastle is a large library. Move the classes depending on BouncyCastle to an OSGi fragment extending the org.eclipse.jgit bundle. They are moved to a distinct internal package in order to avoid split packages. This doesn't break public API since these classes were already in an internal package before this change. Add a new feature org.eclipse.jgit.gpg.bc to enable installation. With that users can now decide if they want to install it. Attempts to sign a commit if org.eclipse.jgit.gpg.bc isn't available will result in ServiceUnavailableException being thrown. Bug: 559106 Change-Id: I42fd6c00002e17aa9a7be96ae434b538ea86ccf8 Also-by: Michael Dardis <git@md-5.net> Signed-off-by: Michael Dardis <git@md-5.net> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Signed-off-by: David Ostrovsky <david@ostrovsky.org>