mirrors
/
jgit
mirror of https://github.com/eclipse/jgit.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 204 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3826 Commits
49 Branches
Tree: a85e817dc2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a85e817dc2'
${ noResults }
jgit/org.eclipse.jgit.test/tst/org/eclipse/jgit/transport/PushCertificateParserTest.java

PushCertificateParserTest.java 6.3KB
Raw Normal View History

Rewrite push certificate parsing - Consistently return structured data, such as actual ReceiveCommands, which is more useful for callers that are doing things other than verifying the signature, e.g. recording the set of commands. - Store the certificate version field, as this is required to be part of the signed payload. - Add a toText() method to recreate the actual payload for signature verification. This requires keeping track of the un-chomped command strings from the original protocol stream. - Separate the parser from the certificate itself, so the actual PushCertificate object can be immutable. Make a fair attempt at deep immutability, but this is not possible with the current mutable ReceiveCommand structure. - Use more detailed error messages that don't involve NON-NLS strings. - Document null return values more thoroughly. Instead of having the undocumented behavior of throwing NPE from certain methods if they are not first guarded by enabled(), eliminate enabled() and return null from those methods. - Add tests for parsing a push cert from a section of pkt-line stream using a real live stream captured with Wireshark (which, it should be noted, uncovered several simply incorrect statements in C git's Documentation/technical/pack-protocol.txt). This is a slightly breaking API change to classes that were technically public and technically released in 4.0. However, it is highly unlikely that people were actually depending on public behavior, since there were no public methods to create PushCertificates with anything other than null field values, or a PushCertificateParser that did anything other than infinite loop or throw exceptions when reading. Change-Id: I5382193347a8eb1811032d9b32af9651871372d0
9 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160 
  1. /*

  2.  * Copyright (C) 2015, Google Inc.

  3.  *

  4.  * This program and the accompanying materials are made available

  5.  * under the terms of the Eclipse Distribution License v1.0 which

  6.  * accompanies this distribution, is reproduced below, and is

  7.  * available at http://www.eclipse.org/org/documents/edl-v10.php

  8.  *

  9.  * All rights reserved.

  10.  *

  11.  * Redistribution and use in source and binary forms, with or

  12.  * without modification, are permitted provided that the following

  13.  * conditions are met:

  14.  *

  15.  * - Redistributions of source code must retain the above copyright

  16.  *	 notice, this list of conditions and the following disclaimer.

  17.  *

  18.  * - Redistributions in binary form must reproduce the above

  19.  *	 copyright notice, this list of conditions and the following

  20.  *	 disclaimer in the documentation and/or other materials provided

  21.  *	 with the distribution.

  22.  *

  23.  * - Neither the name of the Eclipse Foundation, Inc. nor the

  24.  *	 names of its contributors may be used to endorse or promote

  25.  *	 products derived from this software without specific prior

  26.  *	 written permission.

  27.  *

  28.  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND

  29.  * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,

  30.  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

  31.  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  32.  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR

  33.  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  34.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  35.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  36.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER

  37.  * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  38.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  39.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF

  40.  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

  41.  */

  42. 

  43. package org.eclipse.jgit.transport;

  44. 

  45. import static org.junit.Assert.assertEquals;

  46. import static org.junit.Assert.assertFalse;

  47. import static org.junit.Assert.assertNotEquals;

  48. 

  49. import java.io.ByteArrayInputStream;

  50. import java.io.EOFException;

  51. import java.io.IOException;

  52. 

  53. import org.eclipse.jgit.internal.storage.dfs.DfsRepositoryDescription;

  54. import org.eclipse.jgit.internal.storage.dfs.InMemoryRepository;

  55. import org.eclipse.jgit.lib.Config;

  56. import org.eclipse.jgit.lib.Constants;

  57. import org.eclipse.jgit.lib.ObjectId;

  58. import org.eclipse.jgit.lib.Repository;

  59. import org.eclipse.jgit.transport.BaseReceivePack.ReceiveConfig;

  60. import org.junit.Test;

  61. 

  62. /** Test for push certificate parsing. */

  63. public class PushCertificateParserTest {

  64. 	@Test

  65. 	public void parseCertFromPktLine() throws Exception {

  66. 		// Example push certificate generated by C git 2.2.0.

  67. 		String input = "001ccertificate version 0.1\n"

  68. 		+ "0041pusher Dave Borowitz <dborowitz@google.com> 1433954361 -0700\n"

  69. 		+ "0024pushee git://localhost/repo.git\n"

  70. 		+ "002anonce 1433954361-bde756572d665bba81d8\n"

  71. 		+ "0005\n"

  72. 		+ "00680000000000000000000000000000000000000000"

  73. 		+ " 6c2b981a177396fb47345b7df3e4d3f854c6bea7"

  74. 		+ " refs/heads/master\n"

  75. 		+ "0022-----BEGIN PGP SIGNATURE-----\n"

  76. 		+ "0016Version: GnuPG v1\n"

  77. 		+ "0005\n"

  78. 		+ "0045iQEcBAABAgAGBQJVeGg5AAoJEPfTicJkUdPkUggH/RKAeI9/i/LduuiqrL/SSdIa\n"

  79. 		+ "00459tYaSqJKLbXz63M/AW4Sp+4u+dVCQvnAt/a35CVEnpZz6hN4Kn/tiswOWVJf4CO7\n"

  80. 		+ "0045htNubGs5ZMwvD6sLYqKAnrM3WxV/2TbbjzjZW6Jkidz3jz/WRT4SmjGYiEO7aA+V\n"

  81. 		+ "00454ZdIS9f7sW5VsHHYlNThCA7vH8Uu48bUovFXyQlPTX0pToSgrWV3JnTxDNxfn3iG\n"

  82. 		+ "0045IL0zTY/qwVCdXgFownLcs6J050xrrBWIKqfcWr3u4D2aCLyR0v+S/KArr7ulZygY\n"

  83. 		+ "0045+SOklImn8TAZiNxhWtA6ens66IiammUkZYFv7SSzoPLFZT4dC84SmGPWgf94NoQ=\n"

  84. 		+ "000a=XFeC\n"

  85. 		+ "0020-----END PGP SIGNATURE-----\n"

  86. 		+ "0012push-cert-end\n";

  87. 

  88. 		PacketLineIn pckIn = newPacketLineIn(input);

  89. 		Config cfg = new Config();

  90. 		cfg.setString("receive", null, "certnonceseed", "sekret");

  91. 		Repository db = new InMemoryRepository(

  92. 				new DfsRepositoryDescription("repo"));

  93. 

  94. 		PushCertificateParser parser = new PushCertificateParser(

  95. 				db, new ReceiveConfig(cfg));

  96. 		parser.receiveHeader(pckIn, false);

  97. 		parser.addCommand(pckIn.readStringRaw());

  98. 		assertEquals(PushCertificateParser.BEGIN_SIGNATURE, pckIn.readStringRaw());

  99. 		parser.receiveSignature(pckIn);

  100. 

  101. 		PushCertificate cert = parser.build();

  102. 		assertEquals("0.1", cert.getVersion());

  103. 		assertEquals("Dave Borowitz", cert.getPusherIdent().getName());

  104. 		assertEquals("dborowitz@google.com",

  105. 				cert.getPusherIdent().getEmailAddress());

  106. 		assertEquals(1433954361000L, cert.getPusherIdent().getWhen().getTime());

  107. 		assertEquals(-7 * 60, cert.getPusherIdent().getTimeZoneOffset());

  108. 		assertEquals("git://localhost/repo.git", cert.getPushee());

  109. 		assertEquals("1433954361-bde756572d665bba81d8", cert.getNonce());

  110. 

  111. 		assertNotEquals(cert.getNonce(), parser.getAdvertiseNonce());

  112. 		assertEquals(PushCertificate.NonceStatus.BAD, cert.getNonceStatus());

  113. 

  114. 		assertEquals(1, cert.getCommands().size());

  115. 		ReceiveCommand cmd = cert.getCommands().get(0);

  116. 		assertEquals("refs/heads/master", cmd.getRefName());

  117. 		assertEquals(ObjectId.zeroId(), cmd.getOldId());

  118. 		assertEquals("6c2b981a177396fb47345b7df3e4d3f854c6bea7",

  119. 				cmd.getNewId().name());

  120. 

  121. 		assertEquals(concatPacketLines(input, 0, 6), cert.toText());

  122. 

  123. 		String signature = concatPacketLines(input, 7, 16);

  124. 		assertFalse(signature.contains(PushCertificateParser.BEGIN_SIGNATURE));

  125. 		assertFalse(signature.contains(PushCertificateParser.END_SIGNATURE));

  126. 		assertEquals(signature, cert.getSignature());

  127. 	}

  128. 

  129. 	@Test

  130. 	public void testConcatPacketLines() throws Exception {

  131. 		String input = "000bline 1\n000bline 2\n000bline 3\n";

  132. 		assertEquals("line 1\n", concatPacketLines(input, 0, 1));

  133. 		assertEquals("line 1\nline 2\n", concatPacketLines(input, 0, 2));

  134. 		assertEquals("line 2\nline 3\n", concatPacketLines(input, 1, 3));

  135. 		assertEquals("line 2\nline 3\n", concatPacketLines(input, 1, 4));

  136. 	}

  137. 

  138. 	private static String concatPacketLines(String input, int begin, int end)

  139. 			throws IOException {

  140. 		StringBuilder result = new StringBuilder();

  141. 		int i = 0;

  142. 		PacketLineIn pckIn = newPacketLineIn(input);

  143. 		while (i < end) {

  144. 			String line;

  145. 			try {

  146. 				line = pckIn.readStringRaw();

  147. 			} catch (EOFException e) {

  148. 				break;

  149. 			}

  150. 			if (++i > begin) {

  151. 				result.append(line);

  152. 			}

  153. 		}

  154. 		return result.toString();

  155. 	}

  156. 

  157. 	private static PacketLineIn newPacketLineIn(String input) {

  158. 		return new PacketLineIn(new ByteArrayInputStream(Constants.encode(input)));

  159. 	}

  160. }