| /* |
| * Copyright (C) 2015, Google Inc. |
| * and other copyright owners as documented in the project's IP log. |
| * |
| * This program and the accompanying materials are made available |
| * under the terms of the Eclipse Distribution License v1.0 which |
| * accompanies this distribution, is reproduced below, and is |
| * available at http://www.eclipse.org/org/documents/edl-v10.php |
| * |
| * All rights reserved. |
| * |
| * Redistribution and use in source and binary forms, with or |
| * without modification, are permitted provided that the following |
| * conditions are met: |
| * |
| * - Redistributions of source code must retain the above copyright |
| * notice, this list of conditions and the following disclaimer. |
| * |
| * - Redistributions in binary form must reproduce the above |
| * copyright notice, this list of conditions and the following |
| * disclaimer in the documentation and/or other materials provided |
| * with the distribution. |
| * |
| * - Neither the name of the Eclipse Foundation, Inc. nor the |
| * names of its contributors may be used to endorse or promote |
| * products derived from this software without specific prior |
| * written permission. |
| * |
| * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND |
| * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, |
| * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR |
| * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
| * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
| * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF |
| * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
| |
| package org.eclipse.jgit.transport; |
| |
| import static org.eclipse.jgit.transport.PushCertificateParser.NONCE; |
| import static org.eclipse.jgit.transport.PushCertificateParser.PUSHEE; |
| import static org.eclipse.jgit.transport.PushCertificateParser.PUSHER; |
| import static org.eclipse.jgit.transport.PushCertificateParser.VERSION; |
| |
| import java.text.MessageFormat; |
| import java.util.List; |
| import java.util.Objects; |
| |
| import org.eclipse.jgit.internal.JGitText; |
| |
| /** |
| * The required information to verify the push. |
| * <p> |
| * A valid certificate will not return null from any getter methods; callers may |
| * assume that any null value indicates a missing or invalid certificate. |
| * |
| * @since 4.0 |
| */ |
| public class PushCertificate { |
| /** Verification result of the nonce returned during push. */ |
| public enum NonceStatus { |
| /** Nonce was not expected, yet client sent one anyway. */ |
| UNSOLICITED, |
| /** Nonce is invalid and did not match server's expectations. */ |
| BAD, |
| /** Nonce is required, but was not sent by client. */ |
| MISSING, |
| /** |
| * Received nonce matches sent nonce, or is valid within the accepted slop |
| * window. |
| */ |
| OK, |
| /** Received nonce is valid, but outside the accepted slop window. */ |
| SLOP |
| } |
| |
| private final String version; |
| private final PushCertificateIdent pusher; |
| private final String pushee; |
| private final String nonce; |
| private final NonceStatus nonceStatus; |
| private final List<ReceiveCommand> commands; |
| private final String signature; |
| |
| PushCertificate(String version, PushCertificateIdent pusher, String pushee, |
| String nonce, NonceStatus nonceStatus, List<ReceiveCommand> commands, |
| String signature) { |
| if (version == null || version.isEmpty()) { |
| throw new IllegalArgumentException(MessageFormat.format( |
| JGitText.get().pushCertificateInvalidField, VERSION)); |
| } |
| if (pusher == null) { |
| throw new IllegalArgumentException(MessageFormat.format( |
| JGitText.get().pushCertificateInvalidField, PUSHER)); |
| } |
| if (nonce == null || nonce.isEmpty()) { |
| throw new IllegalArgumentException(MessageFormat.format( |
| JGitText.get().pushCertificateInvalidField, NONCE)); |
| } |
| if (nonceStatus == null) { |
| throw new IllegalArgumentException(MessageFormat.format( |
| JGitText.get().pushCertificateInvalidField, |
| "nonce status")); //$NON-NLS-1$ |
| } |
| if (commands == null || commands.isEmpty()) { |
| throw new IllegalArgumentException(MessageFormat.format( |
| JGitText.get().pushCertificateInvalidField, |
| "command")); //$NON-NLS-1$ |
| } |
| if (signature == null || signature.isEmpty()) { |
| throw new IllegalArgumentException( |
| JGitText.get().pushCertificateInvalidSignature); |
| } |
| if (!signature.startsWith(PushCertificateParser.BEGIN_SIGNATURE) |
| || !signature.endsWith(PushCertificateParser.END_SIGNATURE + '\n')) { |
| throw new IllegalArgumentException( |
| JGitText.get().pushCertificateInvalidSignature); |
| } |
| this.version = version; |
| this.pusher = pusher; |
| this.pushee = pushee; |
| this.nonce = nonce; |
| this.nonceStatus = nonceStatus; |
| this.commands = commands; |
| this.signature = signature; |
| } |
| |
| /** |
| * @return the certificate version string. |
| * @since 4.1 |
| */ |
| public String getVersion() { |
| return version; |
| } |
| |
| /** |
| * @return the raw line that signed the cert, as a string. |
| * @since 4.0 |
| */ |
| public String getPusher() { |
| return pusher.getRaw(); |
| } |
| |
| /** |
| * @return identity of the pusher who signed the cert. |
| * @since 4.1 |
| */ |
| public PushCertificateIdent getPusherIdent() { |
| return pusher; |
| } |
| |
| /** |
| * @return URL of the repository the push was originally sent to. |
| * @since 4.0 |
| */ |
| public String getPushee() { |
| return pushee; |
| } |
| |
| /** |
| * @return the raw nonce value that was presented by the pusher. |
| * @since 4.1 |
| */ |
| public String getNonce() { |
| return nonce; |
| } |
| |
| /** |
| * @return verification status of the nonce embedded in the certificate. |
| * @since 4.0 |
| */ |
| public NonceStatus getNonceStatus() { |
| return nonceStatus; |
| } |
| |
| /** |
| * @return the list of commands as one string to be feed into the signature |
| * verifier. |
| * @since 4.1 |
| */ |
| public List<ReceiveCommand> getCommands() { |
| return commands; |
| } |
| |
| /** |
| * @return the raw signature, consisting of the lines received between the |
| * lines {@code "----BEGIN GPG SIGNATURE-----\n"} and |
| * {@code "----END GPG SIGNATURE-----\n}", inclusive. |
| * @since 4.0 |
| */ |
| public String getSignature() { |
| return signature; |
| } |
| |
| /** |
| * @return text payload of the certificate for the signature verifier. |
| * @since 4.1 |
| */ |
| public String toText() { |
| return toStringBuilder().toString(); |
| } |
| |
| /** |
| * @return original text payload plus signature; the final output will be |
| * valid as input to {@link PushCertificateParser#fromString(String)}. |
| * @since 4.1 |
| */ |
| public String toTextWithSignature() { |
| return toStringBuilder().append(signature).toString(); |
| } |
| |
| private StringBuilder toStringBuilder() { |
| StringBuilder sb = new StringBuilder() |
| .append(VERSION).append(' ').append(version).append('\n') |
| .append(PUSHER).append(' ').append(getPusher()) |
| .append('\n'); |
| if (pushee != null) { |
| sb.append(PUSHEE).append(' ').append(pushee).append('\n'); |
| } |
| sb.append(NONCE).append(' ').append(nonce).append('\n') |
| .append('\n'); |
| for (ReceiveCommand cmd : commands) { |
| sb.append(cmd.getOldId().name()) |
| .append(' ').append(cmd.getNewId().name()) |
| .append(' ').append(cmd.getRefName()).append('\n'); |
| } |
| return sb; |
| } |
| |
| @Override |
| public int hashCode() { |
| return signature.hashCode(); |
| } |
| |
| @Override |
| public boolean equals(Object o) { |
| if (!(o instanceof PushCertificate)) { |
| return false; |
| } |
| PushCertificate p = (PushCertificate) o; |
| return version.equals(p.version) |
| && pusher.equals(p.pusher) |
| && Objects.equals(pushee, p.pushee) |
| && nonceStatus == p.nonceStatus |
| && signature.equals(p.signature) |
| && commandsEqual(this, p); |
| } |
| |
| private static boolean commandsEqual(PushCertificate c1, PushCertificate c2) { |
| if (c1.commands.size() != c2.commands.size()) { |
| return false; |
| } |
| for (int i = 0; i < c1.commands.size(); i++) { |
| ReceiveCommand cmd1 = c1.commands.get(i); |
| ReceiveCommand cmd2 = c2.commands.get(i); |
| if (!cmd1.getOldId().equals(cmd2.getOldId()) |
| || !cmd1.getNewId().equals(cmd2.getNewId()) |
| || !cmd1.getRefName().equals(cmd2.getRefName())) { |
| return false; |
| } |
| } |
| return true; |
| } |
| |
| @Override |
| public String toString() { |
| return getClass().getSimpleName() + '[' |
| + toTextWithSignature() + ']'; |
| } |
| } |