PushCertificateParser: include begin/end lines in signature
The signature is intended to be passed to a verification library such as Bouncy Castle, which expects these lines to be present in order to parse the signature. Change-Id: I22097bead2746da5fc53419f79761cafd5c31c3b
This commit is contained in:
parent
48c35edfd2
commit
b822f9b51d
|
@ -43,8 +43,8 @@
|
|||
package org.eclipse.jgit.transport;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertNotEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.EOFException;
|
||||
|
@ -119,9 +119,9 @@ public void parseCertFromPktLine() throws Exception {
|
|||
|
||||
assertEquals(concatPacketLines(input, 0, 6), cert.toText());
|
||||
|
||||
String signature = concatPacketLines(input, 7, 16);
|
||||
assertFalse(signature.contains(PushCertificateParser.BEGIN_SIGNATURE));
|
||||
assertFalse(signature.contains(PushCertificateParser.END_SIGNATURE));
|
||||
String signature = concatPacketLines(input, 6, 17);
|
||||
assertTrue(signature.startsWith(PushCertificateParser.BEGIN_SIGNATURE));
|
||||
assertTrue(signature.endsWith(PushCertificateParser.END_SIGNATURE));
|
||||
assertEquals(signature, cert.getSignature());
|
||||
}
|
||||
|
||||
|
|
|
@ -123,6 +123,11 @@ public enum NonceStatus {
|
|||
throw new IllegalArgumentException(
|
||||
JGitText.get().pushCertificateInvalidSignature);
|
||||
}
|
||||
if (!signature.startsWith(PushCertificateParser.BEGIN_SIGNATURE)
|
||||
|| !signature.endsWith(PushCertificateParser.END_SIGNATURE)) {
|
||||
throw new IllegalArgumentException(
|
||||
JGitText.get().pushCertificateInvalidSignature);
|
||||
}
|
||||
this.version = version;
|
||||
this.pusher = pusher;
|
||||
this.pushee = pushee;
|
||||
|
@ -193,7 +198,7 @@ public List<ReceiveCommand> getCommands() {
|
|||
/**
|
||||
* @return the raw signature, consisting of the lines received between the
|
||||
* lines {@code "----BEGIN GPG SIGNATURE-----\n"} and
|
||||
* {@code "----END GPG SIGNATURE-----\n}", exclusive
|
||||
* {@code "----END GPG SIGNATURE-----\n}", inclusive.
|
||||
* @since 4.0
|
||||
*/
|
||||
public String getSignature() {
|
||||
|
|
|
@ -258,12 +258,12 @@ receivedNonce, sentNonce(), db, stateless, nonceSlopLimit)
|
|||
*/
|
||||
public void receiveSignature(PacketLineIn pckIn) throws IOException {
|
||||
try {
|
||||
StringBuilder sig = new StringBuilder();
|
||||
StringBuilder sig = new StringBuilder(BEGIN_SIGNATURE);
|
||||
String line;
|
||||
while (!(line = pckIn.readStringRaw()).equals(END_SIGNATURE)) {
|
||||
sig.append(line);
|
||||
}
|
||||
signature = sig.toString();
|
||||
signature = sig.append(END_SIGNATURE).toString();
|
||||
if (!pckIn.readStringRaw().equals(END_CERT)) {
|
||||
throw new PackProtocolException(
|
||||
JGitText.get().pushCertificateInvalidSignature);
|
||||
|
|
Loading…
Reference in New Issue