Author: ogusakov
Date: Mon Aug 11 17:05:29 2008
New Revision: 684994
URL: http://svn.apache.org/viewvc?rev=684994&view=rev
Log:
implemented PGP signatures, changed StreamVerifier modus operandi to get
initialized with signature upfront as crypto signature needs that. Changed http
client to follow this new paradigm
Modified:
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/AbstractStreamVerifierFactory.java
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamObserver.java
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifier.java
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierException.java
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierFactory.java
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1Verifier.java
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1VerifierFactory.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableInputStream.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableOutputStream.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/RetrievalTarget.java
Modified:
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/AbstractStreamVerifierFactory.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/AbstractStreamVerifierFactory.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/AbstractStreamVerifierFactory.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/AbstractStreamVerifierFactory.java
Mon Aug 11 17:05:29 2008
@@ -1,7 +1,7 @@
package org.apache.maven.mercury.crypto.api;
/**
- *
+ * Helper for implementing stream verifier factories, takes care of attributes
*
* @author Oleg Gusakov
* @version $Id$
Modified:
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamObserver.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamObserver.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamObserver.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamObserver.java
Mon Aug 11 17:05:29 2008
@@ -20,6 +20,10 @@
public interface StreamObserver
{
- void byteReady(int b);
- void bytesReady(byte[]b, int off, int len);
+ void byteReady(int b)
+ throws StreamObserverException;
+
+ void bytesReady(byte[]b, int off, int len)
+ throws StreamObserverException;
+
}
Modified:
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifier.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifier.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifier.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifier.java
Mon Aug 11 17:05:29 2008
@@ -18,11 +18,24 @@
*/
package org.apache.maven.mercury.crypto.api;
+import java.io.InputStream;
+
public interface StreamVerifier
extends StreamObserver
{
public StreamVerifierAttributes getAttributes();
- public String getSignature();
- public boolean verifySignature( String signature );
+ public String getSignature()
+ throws StreamVerifierException;
+
+ // to verify stream: initSignature( InputStream signatureStream ), process
stream, then verifySignature()
+ public void initSignature( String signatureStream )
+ throws StreamVerifierException;
+
+ public boolean verifySignature()
+ throws StreamVerifierException;
+
+// public boolean verifySignature( String signature )
+// throws StreamVerifierException;
+
}
Modified:
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierException.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierException.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierException.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierException.java
Mon Aug 11 17:05:29 2008
@@ -8,7 +8,7 @@
*
*/
public class StreamVerifierException
- extends Exception
+extends StreamObserverException
{
/**
@@ -22,11 +22,9 @@
/**
* @param message
*/
- public StreamVerifierException(
- String message )
+ public StreamVerifierException( String message )
{
super( message );
- // TODO Auto-generated constructor stub
}
/**
Modified:
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierFactory.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierFactory.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierFactory.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-api/src/main/java/org/apache/maven/mercury/crypto/api/StreamVerifierFactory.java
Mon Aug 11 17:05:29 2008
@@ -20,6 +20,8 @@
public interface StreamVerifierFactory
{
- public StreamVerifier newInstance();
+ public StreamVerifier newInstance()
+ throws StreamVerifierException;
+
public String getDefaultExtension();
}
Modified:
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1Verifier.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1Verifier.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1Verifier.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1Verifier.java
Mon Aug 11 17:05:29 2008
@@ -19,12 +19,17 @@
package org.apache.maven.mercury.crypto.sha;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.apache.maven.mercury.crypto.api.AbstractStreamVerifier;
import org.apache.maven.mercury.crypto.api.StreamVerifier;
import org.apache.maven.mercury.crypto.api.StreamVerifierAttributes;
+import org.apache.maven.mercury.crypto.api.StreamVerifierException;
import org.apache.maven.mercury.crypto.basic.ChecksumCalculator;
@@ -42,6 +47,8 @@
private MessageDigest digest;
private byte[] digestBytes;
+ private String sig;
+
public SHA1Verifier( StreamVerifierAttributes attributes )
{
super( attributes );
@@ -56,12 +63,7 @@
}
}
- public String getExtension()
- {
- return '.'+SHA1VerifierFactory.DEFAULT_EXTENSION;
- }
-
- public byte[] getSignatureBytes ()
+ private byte[] getSignatureBytes ()
{
if (digestBytes == null)
digestBytes = digest.digest();
@@ -72,14 +74,27 @@
{
return ChecksumCalculator.encodeToAsciiHex( getSignatureBytes() );
}
+
+ public void initSignature( String signatureString )
+ throws StreamVerifierException
+ {
+ if( signatureString == null || signatureString.length() < 1 )
+ throw new IllegalArgumentException("null signature stream");
+
+ sig = signatureString;
+
+ }
- public boolean verifySignature(String sig)
+ public boolean verifySignature()
{
String calculatedSignature = getSignature();
+
if (calculatedSignature == null && sig == null)
return true;
+
if ((calculatedSignature != null) && calculatedSignature.equals(sig))
return true;
+
return false;
}
Modified:
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1VerifierFactory.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1VerifierFactory.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1VerifierFactory.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-crypto/mercury-crypto-basic/src/main/java/org/apache/maven/mercury/crypto/sha/SHA1VerifierFactory.java
Mon Aug 11 17:05:29 2008
@@ -45,9 +45,6 @@
return new SHA1Verifier( attributes );
}
- /* (non-Javadoc)
- * @see
org.apache.maven.mercury.crypto.api.StreamVerifierFactory#getDefaultExtension()
- */
public String getDefaultExtension()
{
return DEFAULT_EXTENSION;
Modified:
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableInputStream.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableInputStream.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableInputStream.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableInputStream.java
Mon Aug 11 17:05:29 2008
@@ -27,10 +27,12 @@
import java.util.Set;
import org.apache.maven.mercury.crypto.api.StreamObserver;
+import org.apache.maven.mercury.crypto.api.StreamObserverException;
-public class ObservableInputStream extends FilterInputStream
+public class ObservableInputStream
+extends FilterInputStream
{
Set<StreamObserver> observers = new HashSet<StreamObserver>();
@@ -39,7 +41,8 @@
super(in);
}
- public int read(byte[] b, int off, int len) throws IOException
+ public int read(byte[] b, int off, int len)
+ throws IOException
{
int result = in.read(b, off, len);
if (result != -1)
@@ -78,23 +81,39 @@
}
private void notifyListeners (byte[]b, int off, int len)
+ throws IOException
{
synchronized (this.observers)
{
for (StreamObserver o: this.observers)
{
- o.bytesReady(b, off, len);
+ try
+ {
+ o.bytesReady(b, off, len);
+ }
+ catch( StreamObserverException e )
+ {
+ throw new IOException(e.getMessage());
+ }
}
}
}
private void notifyListeners (int b)
+ throws IOException
{
synchronized (this.observers)
{
for (StreamObserver o: this.observers)
{
- o.byteReady(b);
+ try
+ {
+ o.byteReady(b);
+ }
+ catch( StreamObserverException e )
+ {
+ throw new IOException(e.getMessage());
+ }
}
}
}
Modified:
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableOutputStream.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableOutputStream.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableOutputStream.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/ObservableOutputStream.java
Mon Aug 11 17:05:29 2008
@@ -28,6 +28,7 @@
import java.util.Set;
import org.apache.maven.mercury.crypto.api.StreamObserver;
+import org.apache.maven.mercury.crypto.api.StreamObserverException;
@@ -68,23 +69,39 @@
}
}
private void notifyListeners (byte[]b, int off, int len)
+ throws IOException
{
synchronized (this.observers)
{
for (StreamObserver o: this.observers)
{
- o.bytesReady(b, off, len);
+ try
+ {
+ o.bytesReady(b, off, len);
+ }
+ catch( StreamObserverException e )
+ {
+ throw new IOException(e.getMessage());
+ }
}
}
}
private void notifyListeners (int b)
+ throws IOException
{
synchronized (this.observers)
{
for (StreamObserver o: this.observers)
{
- o.byteReady(b);
+ try
+ {
+ o.byteReady(b);
+ }
+ catch( StreamObserverException e )
+ {
+ throw new IOException(e.getMessage());
+ }
}
}
}
Modified:
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/deploy/DefaultDeployer.java
Mon Aug 11 17:05:29 2008
@@ -32,6 +32,7 @@
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.maven.mercury.crypto.api.StreamObserver;
+import org.apache.maven.mercury.crypto.api.StreamVerifierException;
import org.apache.maven.mercury.crypto.api.StreamVerifierFactory;
import org.apache.maven.mercury.spi.http.client.FileExchange;
import org.apache.maven.mercury.spi.http.client.HandshakeExchange;
@@ -326,12 +327,13 @@
}
private Set<StreamObserver> createStreamObservers (Server server)
+ throws StreamVerifierException
{
HashSet<StreamObserver> observers = new HashSet<StreamObserver>();
Set<StreamVerifierFactory> factories =
server.getStreamObserverFactories();
for (StreamVerifierFactory f:factories)
{
- observers.add(f.newInstance());
+ observers.add( f.newInstance() );
}
return observers;
}
Modified:
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/DefaultRetriever.java
Mon Aug 11 17:05:29 2008
@@ -30,6 +30,7 @@
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.maven.mercury.crypto.api.StreamObserver;
+import org.apache.maven.mercury.crypto.api.StreamVerifierException;
import org.apache.maven.mercury.crypto.api.StreamVerifierFactory;
import org.apache.maven.mercury.spi.http.client.HttpClientException;
import org.apache.maven.mercury.transport.api.Binding;
@@ -175,10 +176,18 @@
public void onComplete()
{
//got the file, check the checksum
- boolean checksumOK = verifyChecksum();
- if ( !checksumOK )
+ boolean checksumOK = false;
+ try
{
- response.add( new HttpClientException( binding,
"Checksum failed") );
+ checksumOK = verifyChecksum();
+ if ( !checksumOK )
+ {
+ response.add( new HttpClientException( binding,
"Checksum failed") );
+ }
+ }
+ catch( StreamVerifierException e )
+ {
+ response.add( new HttpClientException( binding,
e.getMessage()) );
}
//if the file checksum is ok, then apply the validators
@@ -297,16 +306,16 @@
return server;
}
-
private Set<StreamObserver> createStreamObservers (Server server)
+ throws StreamVerifierException
{
HashSet<StreamObserver> observers = new HashSet<StreamObserver>();
if (server != null)
{
Set<StreamVerifierFactory> factories =
server.getStreamObserverFactories();
- for (StreamVerifierFactory f:factories)
+ for( StreamVerifierFactory f:factories )
{
- observers.add(f.newInstance());
+ observers.add( f.newInstance() );
}
}
return observers;
Modified:
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/RetrievalTarget.java
URL:
http://svn.apache.org/viewvc/maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/RetrievalTarget.java?rev=684994&r1=684993&r2=684994&view=diff
==============================================================================
---
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/RetrievalTarget.java
(original)
+++
maven/sandbox/trunk/mercury/mercury-transport/mercury-transport-http/src/main/java/org/apache/maven/mercury/spi/http/client/retrieve/RetrievalTarget.java
Mon Aug 11 17:05:29 2008
@@ -34,6 +34,7 @@
import org.apache.maven.mercury.crypto.api.StreamObserver;
import org.apache.maven.mercury.crypto.api.StreamVerifier;
+import org.apache.maven.mercury.crypto.api.StreamVerifierException;
import org.apache.maven.mercury.spi.http.client.FileExchange;
import org.apache.maven.mercury.spi.http.client.HttpClientException;
import org.apache.maven.mercury.spi.http.validate.Validator;
@@ -243,8 +244,10 @@
* Check the actual checksum against the expected checksum
*
* @return
+ * @throws StreamVerifierException
*/
public boolean verifyChecksum()
+ throws StreamVerifierException
{
boolean ok = true;
@@ -254,7 +257,7 @@
while (itor.hasNext() && ok)
{
Map.Entry<StreamVerifier, String> e = itor.next();
- ok = e.getKey().verifySignature(e.getValue());
+ ok = e.getKey().verifySignature();
}
}
@@ -371,9 +374,19 @@
//We got a checksum so match it up with the verifier it is
for
synchronized (_verifierMap)
{
- if (v.getAttributes().isSufficient())
+ if( v.getAttributes().isSufficient() )
_verifierMap.clear(); //remove all other entries,
we only need one checksum
- _verifierMap.put(v, getResponseContent().trim());
+
+ String actualSignature = getResponseContent().trim();
+ try
+ { // Oleg: verifier need to be loaded upfront
+ v.initSignature( actualSignature );
+ }
+ catch( StreamVerifierException e )
+ {
+ throw new IOException(e.getMessage());
+ }
+ _verifierMap.put( v, actualSignature );
}
updateChecksumState(index, null);
}
