From 29055a825af5405e44ffcd59a776f8952bdc7203 Mon Sep 17 00:00:00 2001 From: Julien Lepiller Date: Fri, 15 Dec 2017 16:03:23 +0100 Subject: [PATCH] Port to latest bouncycastle. --- .../bouncycastle/OpenPGPSignatureGenerator.java | 34 ++++++++++------------ 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java index af7beae..34c204f 100644 --- a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java +++ b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java @@ -41,6 +41,11 @@ import org.bouncycastle.openpgp.PGPSecretKeyRingCollection; import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.openpgp.PGPSignatureGenerator; import org.bouncycastle.openpgp.PGPUtil; +import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor; +import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder; +import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider; +import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder; +import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator; public class OpenPGPSignatureGenerator implements SignatureGenerator { @@ -101,11 +106,15 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { pgpSec = readSecretKey(keyIn); } - PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(password.toCharArray(), - BouncyCastleProvider.PROVIDER_NAME); - PGPSignatureGenerator sGen = new PGPSignatureGenerator(pgpSec.getPublicKey() - .getAlgorithm(), PGPUtil.SHA1, BouncyCastleProvider.PROVIDER_NAME); - sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey); + PBESecretKeyDecryptor decryptor = + new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()) + .build(password.toCharArray()); + PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(decryptor); + BcPGPContentSignerBuilder builder = new BcPGPContentSignerBuilder( + pgpSec.getPublicKey().getAlgorithm(), PGPUtil.SHA1); + + PGPSignatureGenerator sGen = new PGPSignatureGenerator(builder); + sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey); in = new FileInputStream(src); out = new BCPGOutputStream(new ArmoredOutputStream(new FileOutputStream(dest))); @@ -116,22 +125,10 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { } sGen.generate().encode(out); - } catch (SignatureException e) { - IOException ioexc = new IOException(); - ioexc.initCause(e); - throw ioexc; } catch (PGPException e) { IOException ioexc = new IOException(); ioexc.initCause(e); throw ioexc; - } catch (NoSuchAlgorithmException e) { - IOException ioexc = new IOException(); - ioexc.initCause(e); - throw ioexc; - } catch (NoSuchProviderException e) { - IOException ioexc = new IOException(); - ioexc.initCause(e); - throw ioexc; } finally { if (out != null) { try { @@ -156,7 +153,8 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { private PGPSecretKey readSecretKey(InputStream in) throws IOException, PGPException { in = PGPUtil.getDecoderStream(in); - PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in); + PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in, + new BcKeyFingerprintCalculator()); PGPSecretKey key = null; for (Iterator it = pgpSec.getKeyRings(); key == null && it.hasNext();) { -- 2.15.1 D_DAEMON_OFFLOAD]: Remove 'scripts/offload'. * config-daemon.ac: Don't output 'nix/scripts/offload'. * build-aux/pre-inst-env.in: Don't set 'NIX_BUILD_HOOK'. * nix/libstore/build.cc (HookInstance::HookInstance): Run 'guix offload'. (DerivationGoal::tryBuildHook): Remove reference to 'NIX_BUILD_HOOK'. * nix/nix-daemon/guix-daemon.cc (main) [HAVE_DAEMON_OFFLOAD_HOOK]: Don't set 'NIX_BUILD_HOOK'. * nix/nix-daemon/nix-daemon.cc (performOp) [!HAVE_DAEMON_OFFLOAD_HOOK]: Leave 'settings.useBuildHook' unchanged. Ludovic Courtès 2019-09-08daemon: Invoke 'guix gc --list-busy' instead of 'list-runtime-roots'....* nix/scripts/list-runtime-roots.in: Remove. * guix/store/roots.scm (%proc-directory): New variable. (proc-file-roots, proc-exe-roots, proc-cwd-roots) (proc-fd-roots, proc-maps-roots, proc-environ-roots) (referenced-files, canonicalize-store-item, busy-store-items): New procedures, taken from 'list-runtime-roots.in'. * nix/libstore/globals.hh (Settings)[guixProgram]: New field. * nix/libstore/globals.cc (Settings::processEnvironment): Initialize 'guixProgram'. * nix/libstore/gc.cc (addAdditionalRoots): Drop code related to 'NIX_ROOT_FINDER'. Run "guix gc --list-busy". * nix/local.mk (nodist_pkglibexec_SCRIPTS): Remove 'scripts/list-runtime-roots'. * config-daemon.ac: Don't output nix/scripts/list-runtime-roots. * build-aux/pre-inst-env.in: Don't set 'NIX_ROOT_FINDER'. Set 'GUIX'. * doc/guix.texi (Invoking guix gc): Document '--list-busy'. * guix/scripts/gc.scm (show-help, %options): Add "--list-busy". (guix-gc)[list-busy]: New procedure. Handle the 'list-busy' action. Ludovic Courtès 2019-02-04daemon: Add "/guix" to default 'nixLibexecDir'....This makes it easier to run the uninstalled daemon. * nix/local.mk (libstore_a_CPPFLAGS): Append "/guix" to NIX_LIBEXEC_DIR. * build-aux/pre-inst-env.in (NIX_LIBEXEC_DIR): Adjust comment. * nix/libstore/builtins.cc (builtinDownload): Remove SUBDIR and its use. * nix/libstore/local-store.cc (runAuthenticationProgram): Ditto. * nix/libstore/gc.cc (addAdditionalRoots): Remove "/guix" prefix. * nix/nix-daemon/guix-daemon.cc (main): Ditto. Ludovic Courtès 2019-02-04daemon: Remove the 'NIX_SUBSTITUTERS' environment variable....* nix/libstore/globals.cc (Settings:update): Remove changes to 'substituters'. * nix/nix-daemon/guix-daemon.cc (main): Set 'settings.substituters' directly instead of changing the 'NIX_SUBSTITUTERS' environment variable. * build-aux/pre-inst-env.in: Remove reference to 'NIX_SUBSTITUTERS'. Ludovic Courtès