Instead of just looking for a substring match of user.signingKey in a key's user ID implement the GPG matching formats[1] for: '=' Full exact match '<' Full exact match of the e-mail address '@' Substring match within the e-mail address only '*' General case-insensitive substring match (default) When user.signingKey is not set, the committer's e-mail address is used by default. In that case, use '<', i.e., require an exact match on the OpenPGP e-mail address. Also handle the optional "0x" prefix for (partial) key fingerprints. [1] https://www.gnupg.org/documentation/manuals/gnupg/Specify-a-User-ID.html Bug: 550335 Change-Id: I6ce482a099ff1a0dc9de45435cd4d3ec5b504f12 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>tags/v5.6.0.201911271000-m3
org.eclipse.jgit.junit.time;version="[5.6.0,5.7.0)", | org.eclipse.jgit.junit.time;version="[5.6.0,5.7.0)", | ||||
org.eclipse.jgit.lfs;version="[5.6.0,5.7.0)", | org.eclipse.jgit.lfs;version="[5.6.0,5.7.0)", | ||||
org.eclipse.jgit.lib;version="[5.6.0,5.7.0)", | org.eclipse.jgit.lib;version="[5.6.0,5.7.0)", | ||||
org.eclipse.jgit.lib.internal;version="[5.6.0,5.7.0)", | |||||
org.eclipse.jgit.merge;version="[5.6.0,5.7.0)", | org.eclipse.jgit.merge;version="[5.6.0,5.7.0)", | ||||
org.eclipse.jgit.nls;version="[5.6.0,5.7.0)", | org.eclipse.jgit.nls;version="[5.6.0,5.7.0)", | ||||
org.eclipse.jgit.notes;version="[5.6.0,5.7.0)", | org.eclipse.jgit.notes;version="[5.6.0,5.7.0)", |
/* | |||||
* Copyright (C) 2019, Thomas Wolf <thomas.wolf@paranor.ch> | |||||
* and other copyright owners as documented in the project's IP log. | |||||
* | |||||
* This program and the accompanying materials are made available | |||||
* under the terms of the Eclipse Distribution License v1.0 which | |||||
* accompanies this distribution, is reproduced below, and is | |||||
* available at http://www.eclipse.org/org/documents/edl-v10.php | |||||
* | |||||
* All rights reserved. | |||||
* | |||||
* Redistribution and use in source and binary forms, with or | |||||
* without modification, are permitted provided that the following | |||||
* conditions are met: | |||||
* | |||||
* - Redistributions of source code must retain the above copyright | |||||
* notice, this list of conditions and the following disclaimer. | |||||
* | |||||
* - Redistributions in binary form must reproduce the above | |||||
* copyright notice, this list of conditions and the following | |||||
* disclaimer in the documentation and/or other materials provided | |||||
* with the distribution. | |||||
* | |||||
* - Neither the name of the Eclipse Foundation, Inc. nor the | |||||
* names of its contributors may be used to endorse or promote | |||||
* products derived from this software without specific prior | |||||
* written permission. | |||||
* | |||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND | |||||
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, | |||||
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |||||
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR | |||||
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER | |||||
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF | |||||
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |||||
*/ | |||||
package org.eclipse.jgit.lib.internal; | |||||
import static org.junit.Assert.assertFalse; | |||||
import static org.junit.Assert.assertTrue; | |||||
import java.util.Locale; | |||||
import org.junit.Test; | |||||
public class BouncyCastleGpgKeyLocatorTest { | |||||
private static final String USER_ID = "Heinrich Heine <heinrichh@uni-duesseldorf.de>"; | |||||
private static boolean match(String userId, String pattern) { | |||||
return BouncyCastleGpgKeyLocator.containsSigningKey(userId, pattern); | |||||
} | |||||
@Test | |||||
public void testFullMatch() throws Exception { | |||||
assertTrue(match(USER_ID, | |||||
"=Heinrich Heine <heinrichh@uni-duesseldorf.de>")); | |||||
assertFalse(match(USER_ID, "=Heinrich Heine")); | |||||
assertFalse(match(USER_ID, "= ")); | |||||
assertFalse(match(USER_ID, "=heinrichh@uni-duesseldorf.de")); | |||||
} | |||||
@Test | |||||
public void testEmpty() throws Exception { | |||||
assertFalse(match(USER_ID, "")); | |||||
assertFalse(match(USER_ID, null)); | |||||
assertFalse(match("", "")); | |||||
assertFalse(match(null, "")); | |||||
assertFalse(match(null, null)); | |||||
assertFalse(match("", "something")); | |||||
assertFalse(match(null, "something")); | |||||
} | |||||
@Test | |||||
public void testFullEmail() throws Exception { | |||||
assertTrue(match(USER_ID, "<heinrichh@uni-duesseldorf.de>")); | |||||
assertTrue(match(USER_ID + " ", "<heinrichh@uni-duesseldorf.de>")); | |||||
assertFalse(match(USER_ID, "<>")); | |||||
assertFalse(match(USER_ID, "<h>")); | |||||
assertFalse(match(USER_ID, "<heinrichh>")); | |||||
assertFalse(match(USER_ID, "<uni-duesseldorf>")); | |||||
assertFalse(match(USER_ID, "<h@u>")); | |||||
assertFalse(match(USER_ID, "<HeinrichH@uni-duesseldorf.de>")); | |||||
assertFalse(match(USER_ID.substring(0, USER_ID.length() - 1), | |||||
"<heinrichh@uni-duesseldorf.de>")); | |||||
assertFalse(match("", "<>")); | |||||
assertFalse(match("", "<heinrichh@uni-duesseldorf.de>")); | |||||
} | |||||
@Test | |||||
public void testPartialEmail() throws Exception { | |||||
assertTrue(match(USER_ID, "@heinrichh@uni-duesseldorf.de")); | |||||
assertTrue(match(USER_ID, "@heinrichh")); | |||||
assertTrue(match(USER_ID, "@duesseldorf")); | |||||
assertTrue(match(USER_ID, "@uni-d")); | |||||
assertTrue(match(USER_ID, "@h")); | |||||
assertTrue(match(USER_ID, "@.")); | |||||
assertTrue(match(USER_ID, "@h@u")); | |||||
assertFalse(match(USER_ID, "@ ")); | |||||
assertFalse(match(USER_ID, "@")); | |||||
assertFalse(match(USER_ID, "@Heine")); | |||||
assertFalse(match(USER_ID, "@HeinrichH")); | |||||
assertFalse(match(USER_ID, "@Heinrich")); | |||||
assertFalse(match("", "@")); | |||||
assertFalse(match("", "@h")); | |||||
} | |||||
private void substringTests(String prefix) throws Exception { | |||||
assertTrue(match(USER_ID, prefix + "heinrichh@uni-duesseldorf.de")); | |||||
assertTrue(match(USER_ID, prefix + "heinrich")); | |||||
assertTrue(match(USER_ID, prefix + "HEIN")); | |||||
assertTrue(match(USER_ID, prefix + "Heine <")); | |||||
assertTrue(match(USER_ID, prefix + "UNI")); | |||||
assertTrue(match(USER_ID, prefix + "uni")); | |||||
assertTrue(match(USER_ID, prefix + "rich He")); | |||||
assertTrue(match(USER_ID, prefix + "h@u")); | |||||
assertTrue(match(USER_ID, prefix + USER_ID)); | |||||
assertTrue(match(USER_ID, prefix + USER_ID.toUpperCase(Locale.ROOT))); | |||||
assertFalse(match(USER_ID, prefix + "")); | |||||
assertFalse(match(USER_ID, prefix + " ")); | |||||
assertFalse(match(USER_ID, prefix + "yy")); | |||||
assertFalse(match("", prefix + "")); | |||||
assertFalse(match("", prefix + "uni")); | |||||
} | |||||
@Test | |||||
public void testSubstringPlain() throws Exception { | |||||
substringTests(""); | |||||
} | |||||
@Test | |||||
public void testSubstringAsterisk() throws Exception { | |||||
substringTests("*"); | |||||
} | |||||
@Test | |||||
public void testExplicitFingerprint() throws Exception { | |||||
assertFalse(match("John Fade <j.fade@example.com>", "0xfade")); | |||||
assertFalse(match("John Fade <0xfade@example.com>", "0xfade")); | |||||
assertFalse(match("", "0xfade")); | |||||
} | |||||
@Test | |||||
public void testImplicitFingerprint() throws Exception { | |||||
assertTrue(match("John Fade <j.fade@example.com>", "fade")); | |||||
assertTrue(match("John Fade <0xfade@example.com>", "fade")); | |||||
assertTrue(match("John Fade <j.fade@example.com>", "FADE")); | |||||
assertTrue(match("John Fade <0xfade@example.com>", "FADE")); | |||||
} | |||||
@Test | |||||
public void testZeroX() throws Exception { | |||||
assertTrue(match("John Fade <0xfade@example.com>", "0x")); | |||||
assertTrue(match("John Fade <0xfade@example.com>", "*0x")); | |||||
assertTrue(match("John Fade <0xfade@example.com>", "*0xfade")); | |||||
assertTrue(match("John Fade <0xfade@example.com>", "*0xFADE")); | |||||
assertTrue(match("John Fade <0xfade@example.com>", "@0xfade")); | |||||
assertFalse(match("John Fade <0xfade@example.com>", "@0xFADE")); | |||||
assertFalse(match("", "0x")); | |||||
} | |||||
} |
org.eclipse.jgit.treewalk, | org.eclipse.jgit.treewalk, | ||||
org.eclipse.jgit.transport, | org.eclipse.jgit.transport, | ||||
org.eclipse.jgit.submodule", | org.eclipse.jgit.submodule", | ||||
org.eclipse.jgit.lib.internal;version="5.6.0";x-internal:=true, | |||||
org.eclipse.jgit.lib.internal;version="5.6.0";x-friends:="org.eclipse.jgit.test", | |||||
org.eclipse.jgit.merge;version="5.6.0"; | org.eclipse.jgit.merge;version="5.6.0"; | ||||
uses:="org.eclipse.jgit.lib, | uses:="org.eclipse.jgit.lib, | ||||
org.eclipse.jgit.treewalk, | org.eclipse.jgit.treewalk, |
import org.eclipse.jgit.errors.UnsupportedCredentialItem; | import org.eclipse.jgit.errors.UnsupportedCredentialItem; | ||||
import org.eclipse.jgit.internal.JGitText; | import org.eclipse.jgit.internal.JGitText; | ||||
import org.eclipse.jgit.util.FS; | import org.eclipse.jgit.util.FS; | ||||
import org.eclipse.jgit.util.StringUtils; | |||||
import org.eclipse.jgit.util.SystemReader; | import org.eclipse.jgit.util.SystemReader; | ||||
import org.slf4j.Logger; | import org.slf4j.Logger; | ||||
import org.slf4j.LoggerFactory; | import org.slf4j.LoggerFactory; | ||||
} | } | ||||
} | } | ||||
private boolean containsSigningKey(String userId) { | |||||
return userId.toLowerCase(Locale.ROOT) | |||||
.contains(signingKey.toLowerCase(Locale.ROOT)); | |||||
/** | |||||
* Checks whether a given OpenPGP {@code userId} matches a given | |||||
* {@code signingKeySpec}, which is supposed to have one of the formats | |||||
* defined by GPG. | |||||
* <p> | |||||
* Not all formats are supported; only formats starting with '=', '<', | |||||
* '@', and '*' are handled. Any other format results in a case-insensitive | |||||
* substring match. | |||||
* </p> | |||||
* | |||||
* @param userId | |||||
* of a key | |||||
* @param signingKeySpec | |||||
* GPG key identification | |||||
* @return whether the {@code userId} matches | |||||
* @see <a href= | |||||
* "https://www.gnupg.org/documentation/manuals/gnupg/Specify-a-User-ID.html">GPG | |||||
* Documentation: How to Specify a User ID</a> | |||||
*/ | |||||
static boolean containsSigningKey(String userId, String signingKeySpec) { | |||||
if (StringUtils.isEmptyOrNull(userId) | |||||
|| StringUtils.isEmptyOrNull(signingKeySpec)) { | |||||
return false; | |||||
} | |||||
String toMatch = signingKeySpec; | |||||
if (toMatch.startsWith("0x") && toMatch.trim().length() > 2) { //$NON-NLS-1$ | |||||
return false; // Explicit fingerprint | |||||
} | |||||
int command = toMatch.charAt(0); | |||||
switch (command) { | |||||
case '=': | |||||
case '<': | |||||
case '@': | |||||
case '*': | |||||
toMatch = toMatch.substring(1); | |||||
if (toMatch.isEmpty()) { | |||||
return false; | |||||
} | |||||
break; | |||||
default: | |||||
break; | |||||
} | |||||
switch (command) { | |||||
case '=': | |||||
return userId.equals(toMatch); | |||||
case '<': { | |||||
int begin = userId.indexOf('<'); | |||||
int end = userId.indexOf('>', begin + 1); | |||||
int stop = toMatch.indexOf('>'); | |||||
return begin >= 0 && end > begin + 1 && stop > 0 | |||||
&& userId.substring(begin + 1, end) | |||||
.equals(toMatch.substring(0, stop)); | |||||
} | |||||
case '@': { | |||||
int begin = userId.indexOf('<'); | |||||
int end = userId.indexOf('>', begin + 1); | |||||
return begin >= 0 && end > begin + 1 | |||||
&& userId.substring(begin + 1, end).contains(toMatch); | |||||
} | |||||
default: | |||||
if (toMatch.trim().isEmpty()) { | |||||
return false; | |||||
} | |||||
return userId.toLowerCase(Locale.ROOT) | |||||
.contains(toMatch.toLowerCase(Locale.ROOT)); | |||||
} | |||||
} | |||||
private String toFingerprint(String keyId) { | |||||
if (keyId.startsWith("0x")) { //$NON-NLS-1$ | |||||
return keyId.substring(2); | |||||
} | |||||
return keyId; | |||||
} | } | ||||
private PGPPublicKey findPublicKeyByKeyId(KeyBlob keyBlob) | private PGPPublicKey findPublicKeyByKeyId(KeyBlob keyBlob) | ||||
throws IOException { | throws IOException { | ||||
String keyId = signingKey.toLowerCase(Locale.ROOT); | |||||
String keyId = toFingerprint(signingKey).toLowerCase(Locale.ROOT); | |||||
if (keyId.isEmpty()) { | |||||
return null; | |||||
} | |||||
for (KeyInformation keyInfo : keyBlob.getKeyInformation()) { | for (KeyInformation keyInfo : keyBlob.getKeyInformation()) { | ||||
String fingerprint = Hex.toHexString(keyInfo.getFingerprint()) | String fingerprint = Hex.toHexString(keyInfo.getFingerprint()) | ||||
.toLowerCase(Locale.ROOT); | .toLowerCase(Locale.ROOT); | ||||
private PGPPublicKey findPublicKeyByUserId(KeyBlob keyBlob) | private PGPPublicKey findPublicKeyByUserId(KeyBlob keyBlob) | ||||
throws IOException { | throws IOException { | ||||
for (UserID userID : keyBlob.getUserIds()) { | for (UserID userID : keyBlob.getUserIds()) { | ||||
if (containsSigningKey(userID.getUserIDAsString())) { | |||||
if (containsSigningKey(userID.getUserIDAsString(), signingKey)) { | |||||
return getSigningPublicKey(keyBlob); | return getSigningPublicKey(keyBlob); | ||||
} | } | ||||
} | } | ||||
PGPUtil.getDecoderStream(new BufferedInputStream(in)), | PGPUtil.getDecoderStream(new BufferedInputStream(in)), | ||||
new JcaKeyFingerprintCalculator()); | new JcaKeyFingerprintCalculator()); | ||||
String keyId = signingkey.toLowerCase(Locale.ROOT); | |||||
String keyId = toFingerprint(signingkey).toLowerCase(Locale.ROOT); | |||||
Iterator<PGPSecretKeyRing> keyrings = pgpSec.getKeyRings(); | Iterator<PGPSecretKeyRing> keyrings = pgpSec.getKeyRings(); | ||||
while (keyrings.hasNext()) { | while (keyrings.hasNext()) { | ||||
PGPSecretKeyRing keyRing = keyrings.next(); | PGPSecretKeyRing keyRing = keyrings.next(); | ||||
Iterator<String> userIDs = key.getUserIDs(); | Iterator<String> userIDs = key.getUserIDs(); | ||||
while (userIDs.hasNext()) { | while (userIDs.hasNext()) { | ||||
String userId = userIDs.next(); | String userId = userIDs.next(); | ||||
if (containsSigningKey(userId)) { | |||||
if (containsSigningKey(userId, signingKey)) { | |||||
return key; | return key; | ||||
} | } | ||||
} | } | ||||
new BufferedInputStream(in), | new BufferedInputStream(in), | ||||
new JcaKeyFingerprintCalculator()); | new JcaKeyFingerprintCalculator()); | ||||
String keyId = signingKey.toLowerCase(Locale.ROOT); | |||||
String keyId = toFingerprint(signingKey).toLowerCase(Locale.ROOT); | |||||
Iterator<PGPPublicKeyRing> keyrings = pgpPub.getKeyRings(); | Iterator<PGPPublicKeyRing> keyrings = pgpPub.getKeyRings(); | ||||
while (keyrings.hasNext()) { | while (keyrings.hasNext()) { | ||||
PGPPublicKeyRing keyRing = keyrings.next(); | PGPPublicKeyRing keyRing = keyrings.next(); | ||||
Iterator<String> userIDs = key.getUserIDs(); | Iterator<String> userIDs = key.getUserIDs(); | ||||
while (userIDs.hasNext()) { | while (userIDs.hasNext()) { | ||||
String userId = userIDs.next(); | String userId = userIDs.next(); | ||||
if (containsSigningKey(userId)) { | |||||
if (containsSigningKey(userId, signingKey)) { | |||||
return key; | return key; | ||||
} | } | ||||
} | } |
NoSuchAlgorithmException, NoSuchProviderException, PGPException, | NoSuchAlgorithmException, NoSuchProviderException, PGPException, | ||||
URISyntaxException { | URISyntaxException { | ||||
if (gpgSigningKey == null || gpgSigningKey.isEmpty()) { | if (gpgSigningKey == null || gpgSigningKey.isEmpty()) { | ||||
gpgSigningKey = committer.getEmailAddress(); | |||||
gpgSigningKey = '<' + committer.getEmailAddress() + '>'; | |||||
} | } | ||||
BouncyCastleGpgKeyLocator keyHelper = new BouncyCastleGpgKeyLocator( | BouncyCastleGpgKeyLocator keyHelper = new BouncyCastleGpgKeyLocator( |