| // Copyright (C) 2015 The Android Open Source Project |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| |
| package com.google.gerrit.gpg; |
| |
| import static com.google.gerrit.gpg.PublicKeyStore.keyIdToString; |
| import static com.google.gerrit.gpg.PublicKeyStore.keyToString; |
| import static com.google.gerrit.gpg.testing.TestKeys.expiredKey; |
| import static com.google.gerrit.gpg.testing.TestKeys.validKeyWithExpiration; |
| import static com.google.gerrit.gpg.testing.TestKeys.validKeyWithoutExpiration; |
| import static java.nio.charset.StandardCharsets.UTF_8; |
| import static org.junit.Assert.assertEquals; |
| |
| import com.google.gerrit.gpg.testing.TestKey; |
| import com.google.gerrit.testing.GerritBaseTests; |
| import java.io.ByteArrayInputStream; |
| import java.io.ByteArrayOutputStream; |
| import java.io.InputStreamReader; |
| import java.io.Reader; |
| import java.text.SimpleDateFormat; |
| import java.util.ArrayList; |
| import java.util.Arrays; |
| import java.util.Collections; |
| import java.util.Date; |
| import java.util.List; |
| import org.bouncycastle.bcpg.ArmoredOutputStream; |
| import org.bouncycastle.bcpg.BCPGOutputStream; |
| import org.bouncycastle.openpgp.PGPSignature; |
| import org.bouncycastle.openpgp.PGPSignatureGenerator; |
| import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator; |
| import org.bouncycastle.openpgp.PGPUtil; |
| import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder; |
| import org.eclipse.jgit.internal.storage.dfs.DfsRepositoryDescription; |
| import org.eclipse.jgit.internal.storage.dfs.InMemoryRepository; |
| import org.eclipse.jgit.lib.CommitBuilder; |
| import org.eclipse.jgit.lib.PersonIdent; |
| import org.eclipse.jgit.lib.RefUpdate; |
| import org.eclipse.jgit.lib.Repository; |
| import org.eclipse.jgit.transport.PushCertificate; |
| import org.eclipse.jgit.transport.PushCertificateIdent; |
| import org.eclipse.jgit.transport.PushCertificateParser; |
| import org.eclipse.jgit.transport.SignedPushConfig; |
| import org.junit.Before; |
| import org.junit.Test; |
| |
| public class PushCertificateCheckerTest extends GerritBaseTests { |
| private InMemoryRepository repo; |
| private PublicKeyStore store; |
| private SignedPushConfig signedPushConfig; |
| private PushCertificateChecker checker; |
| |
| @Before |
| public void setUp() throws Exception { |
| TestKey key1 = validKeyWithoutExpiration(); |
| TestKey key3 = expiredKey(); |
| repo = new InMemoryRepository(new DfsRepositoryDescription("repo")); |
| store = new PublicKeyStore(repo); |
| store.add(key1.getPublicKeyRing()); |
| store.add(key3.getPublicKeyRing()); |
| |
| PersonIdent ident = new PersonIdent("A U Thor", "author@example.com"); |
| CommitBuilder cb = new CommitBuilder(); |
| cb.setAuthor(ident); |
| cb.setCommitter(ident); |
| assertEquals(RefUpdate.Result.NEW, store.save(cb)); |
| |
| signedPushConfig = new SignedPushConfig(); |
| signedPushConfig.setCertNonceSeed("sekret"); |
| signedPushConfig.setCertNonceSlopLimit(60 * 24); |
| checker = newChecker(true); |
| } |
| |
| private PushCertificateChecker newChecker(boolean checkNonce) { |
| PublicKeyChecker keyChecker = new PublicKeyChecker().setStore(store); |
| return new PushCertificateChecker(keyChecker) { |
| @Override |
| protected Repository getRepository() { |
| return repo; |
| } |
| |
| @Override |
| protected boolean shouldClose(Repository repo) { |
| return false; |
| } |
| }.setCheckNonce(checkNonce); |
| } |
| |
| @Test |
| public void validCert() throws Exception { |
| PushCertificate cert = newSignedCert(validNonce(), validKeyWithoutExpiration()); |
| assertNoProblems(cert); |
| } |
| |
| @Test |
| public void invalidNonce() throws Exception { |
| PushCertificate cert = newSignedCert("invalid-nonce", validKeyWithoutExpiration()); |
| assertProblems(cert, "Invalid nonce"); |
| } |
| |
| @Test |
| public void invalidNonceNotChecked() throws Exception { |
| checker = newChecker(false); |
| PushCertificate cert = newSignedCert("invalid-nonce", validKeyWithoutExpiration()); |
| assertNoProblems(cert); |
| } |
| |
| @Test |
| public void missingKey() throws Exception { |
| TestKey key2 = validKeyWithExpiration(); |
| PushCertificate cert = newSignedCert(validNonce(), key2); |
| assertProblems(cert, "No public keys found for key ID " + keyIdToString(key2.getKeyId())); |
| } |
| |
| @Test |
| public void invalidKey() throws Exception { |
| TestKey key3 = expiredKey(); |
| PushCertificate cert = newSignedCert(validNonce(), key3); |
| assertProblems( |
| cert, "Invalid public key " + keyToString(key3.getPublicKey()) + ":\n Key is expired"); |
| } |
| |
| @Test |
| public void signatureByExpiredKeyBeforeExpiration() throws Exception { |
| TestKey key3 = expiredKey(); |
| Date now = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss Z").parse("2005-07-10 12:00:00 -0400"); |
| PushCertificate cert = newSignedCert(validNonce(), key3, now); |
| assertNoProblems(cert); |
| } |
| |
| private String validNonce() { |
| return signedPushConfig |
| .getNonceGenerator() |
| .createNonce(repo, System.currentTimeMillis() / 1000); |
| } |
| |
| private PushCertificate newSignedCert(String nonce, TestKey signingKey) throws Exception { |
| return newSignedCert(nonce, signingKey, null); |
| } |
| |
| private PushCertificate newSignedCert(String nonce, TestKey signingKey, Date now) |
| throws Exception { |
| PushCertificateIdent ident = |
| new PushCertificateIdent(signingKey.getFirstUserId(), System.currentTimeMillis(), -7 * 60); |
| String payload = |
| "certificate version 0.1\n" |
| + "pusher " |
| + ident.getRaw() |
| + "\n" |
| + "pushee test://localhost/repo.git\n" |
| + "nonce " |
| + nonce |
| + "\n" |
| + "\n" |
| + "0000000000000000000000000000000000000000" |
| + " deadbeefdeadbeefdeadbeefdeadbeefdeadbeef" |
| + " refs/heads/master\n"; |
| PGPSignatureGenerator gen = |
| new PGPSignatureGenerator( |
| new BcPGPContentSignerBuilder(signingKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1)); |
| |
| if (now != null) { |
| PGPSignatureSubpacketGenerator subGen = new PGPSignatureSubpacketGenerator(); |
| subGen.setSignatureCreationTime(false, now); |
| gen.setHashedSubpackets(subGen.generate()); |
| } |
| |
| gen.init(PGPSignature.BINARY_DOCUMENT, signingKey.getPrivateKey()); |
| gen.update(payload.getBytes(UTF_8)); |
| PGPSignature sig = gen.generate(); |
| |
| ByteArrayOutputStream bout = new ByteArrayOutputStream(); |
| try (BCPGOutputStream out = new BCPGOutputStream(new ArmoredOutputStream(bout))) { |
| sig.encode(out); |
| } |
| |
| String cert = payload + new String(bout.toByteArray(), UTF_8); |
| Reader reader = new InputStreamReader(new ByteArrayInputStream(cert.getBytes(UTF_8)), UTF_8); |
| PushCertificateParser parser = new PushCertificateParser(repo, signedPushConfig); |
| return parser.parse(reader); |
| } |
| |
| private void assertProblems(PushCertificate cert, String first, String... rest) throws Exception { |
| List<String> expected = new ArrayList<>(); |
| expected.add(first); |
| expected.addAll(Arrays.asList(rest)); |
| CheckResult result = checker.check(cert).getCheckResult(); |
| assertEquals(expected, result.getProblems()); |
| } |
| |
| private void assertNoProblems(PushCertificate cert) { |
| CheckResult result = checker.check(cert).getCheckResult(); |
| assertEquals(Collections.emptyList(), result.getProblems()); |
| } |
| } |