org.eclipse.jgit/src/org/eclipse/jgit/lib/AbstractGpgSignatureVerifier.java - jgit - Git at Google

 /*
  * Copyright (C) 2024, Thomas Wolf <twolf@apache.org> and others
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Distribution License v. 1.0 which is available at
 * https://www.eclipse.org/org/documents/edl-v10.php.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
 package org.eclipse.jgit.lib;

 import java.io.IOException;
 import java.util.Arrays;

 import org.eclipse.jgit.revwalk.RevCommit;
 import org.eclipse.jgit.revwalk.RevObject;
 import org.eclipse.jgit.revwalk.RevTag;
 import org.eclipse.jgit.util.RawParseUtils;

 /**
  * Provides a base implementation of
  * {@link GpgSignatureVerifier#verifySignature(RevObject, GpgConfig)}.
  *
  * @since 6.9
  */
 public abstract class AbstractGpgSignatureVerifier
 		implements GpgSignatureVerifier {

 	@Override
 	public SignatureVerification verifySignature(RevObject object,
 			GpgConfig config) throws IOException {
 		if (object instanceof RevCommit) {
 			RevCommit commit = (RevCommit) object;
 			byte[] signatureData = commit.getRawGpgSignature();
 			if (signatureData == null) {
 				return null;
 			}
 			byte[] raw = commit.getRawBuffer();
 			// Now remove the GPG signature
 			byte[] header = { 'g', 'p', 'g', 's', 'i', 'g' };
 			int start = RawParseUtils.headerStart(header, raw, 0);
 			if (start < 0) {
 				return null;
 			}
 			int end = RawParseUtils.nextLfSkippingSplitLines(raw, start);
 			// start is at the beginning of the header's content
 			start -= header.length + 1;
 			// end is on the terminating LF; we need to skip that, too
 			if (end < raw.length) {
 				end++;
 			}
 			byte[] data = new byte[raw.length - (end - start)];
 			System.arraycopy(raw, 0, data, 0, start);
 			System.arraycopy(raw, end, data, start, raw.length - end);
 			return verify(config, data, signatureData);
 		} else if (object instanceof RevTag) {
 			RevTag tag = (RevTag) object;
 			byte[] signatureData = tag.getRawGpgSignature();
 			if (signatureData == null) {
 				return null;
 			}
 			byte[] raw = tag.getRawBuffer();
 			// The signature is just tacked onto the end of the message, which
 			// is last in the buffer.
 			byte[] data = Arrays.copyOfRange(raw, 0,
 					raw.length - signatureData.length);
 			return verify(config, data, signatureData);
 		}
 		return null;
 	}
 }
	/*
	* Copyright (C) 2024, Thomas Wolf <twolf@apache.org> and others
	*
	* This program and the accompanying materials are made available under the
	* terms of the Eclipse Distribution License v. 1.0 which is available at
	* https://www.eclipse.org/org/documents/edl-v10.php.
	*
	* SPDX-License-Identifier: BSD-3-Clause
	*/
	package org.eclipse.jgit.lib;

	import java.io.IOException;
	import java.util.Arrays;

	import org.eclipse.jgit.revwalk.RevCommit;
	import org.eclipse.jgit.revwalk.RevObject;
	import org.eclipse.jgit.revwalk.RevTag;
	import org.eclipse.jgit.util.RawParseUtils;

	/**
	* Provides a base implementation of
	* {@link GpgSignatureVerifier#verifySignature(RevObject, GpgConfig)}.
	*
	* @since 6.9
	*/
	public abstract class AbstractGpgSignatureVerifier
	implements GpgSignatureVerifier {

	@Override
	public SignatureVerification verifySignature(RevObject object,
	GpgConfig config) throws IOException {
	if (object instanceof RevCommit) {
	RevCommit commit = (RevCommit) object;
	byte[] signatureData = commit.getRawGpgSignature();
	if (signatureData == null) {
	return null;
	}
	byte[] raw = commit.getRawBuffer();
	// Now remove the GPG signature
	byte[] header = { 'g', 'p', 'g', 's', 'i', 'g' };
	int start = RawParseUtils.headerStart(header, raw, 0);
	if (start < 0) {
	return null;
	}
	int end = RawParseUtils.nextLfSkippingSplitLines(raw, start);
	// start is at the beginning of the header's content
	start -= header.length + 1;
	// end is on the terminating LF; we need to skip that, too
	if (end < raw.length) {
	end++;
	}
	byte[] data = new byte[raw.length - (end - start)];
	System.arraycopy(raw, 0, data, 0, start);
	System.arraycopy(raw, end, data, start, raw.length - end);
	return verify(config, data, signatureData);
	} else if (object instanceof RevTag) {
	RevTag tag = (RevTag) object;
	byte[] signatureData = tag.getRawGpgSignature();
	if (signatureData == null) {
	return null;
	}
	byte[] raw = tag.getRawBuffer();
	// The signature is just tacked onto the end of the message, which
	// is last in the buffer.
	byte[] data = Arrays.copyOfRange(raw, 0,
	raw.length - signatureData.length);
	return verify(config, data, signatureData);
	}
	return null;
	}
	}