show signature key on changeset

2025-11-03 20:15:52 +01:00 · 2020-07-28 17:52:20 +02:00
parent 0c45cf21e3
commit b22ead23de
37 changed files with 806 additions and 385 deletions
--- a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/repository/GitChangesetConverter.java
+++ b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/repository/GitChangesetConverter.java
@@ -26,6 +26,7 @@ package sonia.scm.repository;

 //~--- non-JDK imports --------------------------------------------------------

+import com.google.common.base.Strings;
 import com.google.common.collect.Lists;
 import com.google.common.collect.Multimap;
 import org.eclipse.jgit.lib.ObjectId;
@@ -51,7 +52,6 @@ import java.util.Optional;
 //~--- JDK imports ------------------------------------------------------------

 /**
- *
 * @author Sebastian Sdorra
 */
 public class GitChangesetConverter implements Closeable {
@@ -137,11 +137,15 @@ public class GitChangesetConverter implements Closeable {
    byte[] signature = Arrays.copyOfRange(raw, start, end);

    String publicKeyId = gpg.findPublicKeyId(signature);
+    if (Strings.isNullOrEmpty(publicKeyId)) {
+      // key not found
+      return new Signature(publicKeyId, "gpg", SignatureStatus.NOT_FOUND, null, Collections.emptySet());
+    }

    Optional<PublicKey> publicKeyById = gpg.findPublicKey(publicKeyId);
    if (!publicKeyById.isPresent()) {
      // key not found
-      return new Signature(publicKeyId, "gpg", false, null);
+      return new Signature(publicKeyId, "gpg", SignatureStatus.NOT_FOUND, null, Collections.emptySet());
    }

    PublicKey publicKey = publicKeyById.get();
@@ -159,7 +163,13 @@ public class GitChangesetConverter implements Closeable {
    }

    boolean verified = publicKey.verify(baos.toByteArray(), signature);
-    return new Signature(publicKeyId, "gpg", verified, publicKey.getOwner().orElse(null));
+    return new Signature(
+      publicKeyId,
+      "gpg",
+      verified ? SignatureStatus.VERIFIED : SignatureStatus.INVALID,
+      publicKey.getOwner().orElse(null),
+      publicKey.getContacts()
+    );
  }

  public Person createPersonFor(PersonIdent personIndent) {
--- a/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/repository/GitChangesetConverterTest.java
+++ b/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/repository/GitChangesetConverterTest.java
@@ -45,7 +45,6 @@ import org.eclipse.jgit.lib.GpgSignature;
 import org.eclipse.jgit.lib.GpgSigner;
 import org.eclipse.jgit.lib.PersonIdent;
 import org.eclipse.jgit.revwalk.RevCommit;
-import org.eclipse.jgit.revwalk.RevWalk;
 import org.eclipse.jgit.transport.CredentialsProvider;
 import org.junit.jupiter.api.AfterAll;
 import org.junit.jupiter.api.AfterEach;
@@ -72,6 +71,7 @@ import java.security.KeyPairGenerator;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.Security;
+import java.util.Collections;
 import java.util.Date;
 import java.util.List;
 import java.util.Optional;
@@ -165,7 +165,7 @@ class GitChangesetConverterTest {
      when(gpg.findPublicKeyId(any())).thenReturn(identity);

      Signature signature = addSignedCommitAndReturnSignature(identity);
-      assertThat(signature).isEqualTo(new Signature(identity, "gpg", false, null));
+      assertThat(signature).isEqualTo(new Signature(identity, "gpg", SignatureStatus.NOT_FOUND, null, Collections.emptySet()));
    }

    @Test
@@ -175,7 +175,7 @@ class GitChangesetConverterTest {
      setPublicKey(identity, owner, false);

      Signature signature = addSignedCommitAndReturnSignature(identity);
-      assertThat(signature).isEqualTo(new Signature(identity, "gpg", false, owner));
+      assertThat(signature).isEqualTo(new Signature(identity, "gpg", SignatureStatus.INVALID, owner, Collections.emptySet()));
    }

    @Test
@@ -185,7 +185,7 @@ class GitChangesetConverterTest {
      setPublicKey(identity, owner, true);

      Signature signature = addSignedCommitAndReturnSignature(identity);
-      assertThat(signature).isEqualTo(new Signature(identity, "gpg", true, owner));
+      assertThat(signature).isEqualTo(new Signature(identity, "gpg", SignatureStatus.VERIFIED, owner, Collections.emptySet()));
    }

    @Test
@@ -241,6 +241,7 @@ class GitChangesetConverterTest {


  }
+
  private PGPKeyPair createKeyPair() throws PGPException, NoSuchProviderException, NoSuchAlgorithmException {
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
    // we use a small key size to speedup test, a much larger size should be used for production
--- a/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/repository/GitTestHelper.java
+++ b/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/repository/GitTestHelper.java
@@ -30,6 +30,7 @@ import sonia.scm.security.PublicKey;

 import java.util.Collections;
 import java.util.Optional;
+import java.util.Set;

 public final class GitTestHelper {