From 5abd8a4feb5da689982c12b65faef34aabedeb26 Mon Sep 17 00:00:00 2001 From: Thomas Wolf Date: Sat, 5 Dec 2020 21:55:29 +0100 Subject: Enable GpgSigner to also sign tags Factor out a common ObjectBuilder as super class of CommitBuilder and TagBuilder, and make the GpgSigner work on ObjectBuilder. In order not to break API, add the new method for signing an ObjectBuilder in a new interface GpgObjectSigner. The signature for a tag is just tacked onto the end of the tag message. The message of a signed tag must end in LF. Bug: 386908 Change-Id: I5e021e3c927f4051825cd7355b129113b949455e Signed-off-by: Thomas Wolf --- .../jgit/gpg/bc/internal/BouncyCastleGpgSigner.java | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'org.eclipse.jgit.gpg.bc/src') diff --git a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java index ea159c547d..449c4a487b 100644 --- a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java +++ b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java @@ -38,6 +38,8 @@ import org.eclipse.jgit.errors.UnsupportedCredentialItem; import org.eclipse.jgit.lib.CommitBuilder; import org.eclipse.jgit.lib.GpgSignature; import org.eclipse.jgit.lib.GpgSigner; +import org.eclipse.jgit.lib.GpgObjectSigner; +import org.eclipse.jgit.lib.ObjectBuilder; import org.eclipse.jgit.lib.PersonIdent; import org.eclipse.jgit.transport.CredentialsProvider; import org.eclipse.jgit.util.StringUtils; @@ -45,7 +47,8 @@ import org.eclipse.jgit.util.StringUtils; /** * GPG Signer using BouncyCastle library */ -public class BouncyCastleGpgSigner extends GpgSigner { +public class BouncyCastleGpgSigner extends GpgSigner + implements GpgObjectSigner { private static void registerBouncyCastleProviderIfNecessary() { if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { @@ -98,6 +101,13 @@ public class BouncyCastleGpgSigner extends GpgSigner { public void sign(@NonNull CommitBuilder commit, @Nullable String gpgSigningKey, @NonNull PersonIdent committer, CredentialsProvider credentialsProvider) throws CanceledException { + signObject(commit, gpgSigningKey, committer, credentialsProvider); + } + + @Override + public void signObject(@NonNull ObjectBuilder object, + @Nullable String gpgSigningKey, @NonNull PersonIdent committer, + CredentialsProvider credentialsProvider) throws CanceledException { try (BouncyCastleGpgKeyPassphrasePrompt passphrasePrompt = new BouncyCastleGpgKeyPassphrasePrompt( credentialsProvider)) { BouncyCastleGpgKey gpgKey = locateSigningKey(gpgSigningKey, @@ -158,10 +168,10 @@ public class BouncyCastleGpgSigner extends GpgSigner { ByteArrayOutputStream buffer = new ByteArrayOutputStream(); try (BCPGOutputStream out = new BCPGOutputStream( new ArmoredOutputStream(buffer))) { - signatureGenerator.update(commit.build()); + signatureGenerator.update(object.build()); signatureGenerator.generate().encode(out); } - commit.setGpgSignature(new GpgSignature(buffer.toByteArray())); + object.setGpgSignature(new GpgSignature(buffer.toByteArray())); } catch (PGPException | IOException | NoSuchAlgorithmException | NoSuchProviderException | URISyntaxException e) { throw new JGitInternalException(e.getMessage(), e); -- cgit v1.2.3