[Webfunds-commits] java/webfunds/client/contracts/wizard KeyPanel.java

Ian Grigg iang@cypherpunks.ai
Sat, 26 Aug 2000 19:30:38 -0400 (AST)


iang        00/08/26 19:30:37

  Modified:    webfunds/client/contracts/wizard KeyPanel.java
  Log:
  Added what amounts to lots of PGP utility classes so that we could
  do sanity checking.  Original methods written by Jeroen, rewritten
  by iang.  Old loadAndCheckKey() can be now deprecated.
  These utility methods really belong elsewhere...  Checks available
  include selfsigned, other-signed, strip-unwanted-sigs, but not
  secret-matches-public.  The one that was essential was stripping.
  (There may be still a bug in this, as the resultant stripped contract
  key is rejected by Contract.verify for reasons that are not clear...).

Revision  Changes    Path
1.6       +190 -7    java/webfunds/client/contracts/wizard/KeyPanel.java

Index: KeyPanel.java
===================================================================
RCS file: /home/webfunds/cvsroot/java/webfunds/client/contracts/wizard/KeyPanel.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- KeyPanel.java	2000/08/26 18:56:14	1.5
+++ KeyPanel.java	2000/08/26 23:30:37	1.6
@@ -1,5 +1,5 @@
 /*
- * $Id: KeyPanel.java,v 1.5 2000/08/26 18:56:14 gelderen Exp $
+ * $Id: KeyPanel.java,v 1.6 2000/08/26 23:30:37 iang Exp $
  *
  * Copyright (c) Systemics Inc 2000 on behalf of
  * the WebFunds Development Team.  All Rights Reserved.
@@ -10,6 +10,7 @@
 
 import cryptix.openpgp.PGPException;
 import cryptix.openpgp.PGPKeyFactory;
+import cryptix.openpgp.PGPKey;
 import cryptix.openpgp.PGPPublicKey;
 import cryptix.openpgp.PGPSecretKey;
 
@@ -24,28 +25,210 @@
 
 import java.util.Vector;
 
+import webfunds.ricardian.KeyUtil;
 
+
 /**
  * Abstract superclass for all panels in a wizard.
  *
+ * These amount to Utility classes for OpenPGP - perhaps better in openpgp?
+ *
  * @author Edwin Woudt <edwin@webfunds.org>
- * @version $Revision: 1.5 $
+ * @version $Revision: 1.6 $
  */
 
 public abstract class KeyPanel extends WizardPanel {
 
+    protected String loadAndCheckPublicKey(String filename,
+                                           String tag,
+                                           PGPPublicKey signerKey)
+    {
+        try {
+            // String keyAsString = loadKey(filename, false);
+            // PGPPublicKey pk = publicKeyFromString(keyAsString);
+
+            PGPPublicKey pk = loadPublicKey(filename);
+
+            // replace with stripped version
+            pk = KeyUtil.stripAndVerifyKey(pk, tag, signerKey);
+
+            return KeyUtil.publicKeyToString(pk);
+
+        } catch(Exception e) {
+            error("Dunno", e);
+            return null;
+        }
+    }
+
+    protected String loadString(String filename) {
+        
+        if (filename.equals("")) {
+            error("Please specify a key", null);
+            return null;
+        }
+            
+        // read file
+        String s;
+        try {
+            File f = new File(filename);
+            FileInputStream fis = new FileInputStream(f);
+            DataInputStream dis = new DataInputStream(fis);
+            
+            byte[] contr = new byte[fis.available()];
+            dis.readFully(contr);
+            
+            s = new String(contr,"ISO8859-1");
+        } catch (IOException ioe) {
+            String e;
+            if (ioe instanceof FileNotFoundException) {
+                e = "File not found";
+            } else {
+                e = ioe.toString();
+            }
+            error("Error opening file: "+e, ioe);
+            return null;
+        }
+
+        return s;
+    }
+        
+
+    /**
+     *  Load up a key from a filename.
+     *  No checking other than that intrinsic in de-armouring and
+     *  insisting on one and one only key.
+     */
+    protected PGPKey loadKey(String filename) {
+        
+        String keyAsString = loadString(filename);
+        if (keyAsString == null)
+            return null;
+        
+        // check key
+        PGPArmoury akey;
+        try {
+            akey = new PGPArmoury(keyAsString);
+        } catch (IllegalArgumentException iae) {
+            error("Invalid key, not armoured?",iae);
+            return null;
+        }
+    
+        // get the unarmoured key
+        PGPKeyFactory factory = new PGPKeyFactory();
+        PGPKey key;
+        try {
+            Vector keys = factory.decodeKeys(akey.getPayload());
+            if (keys.size() > 1) {
+                error("More than one key found in input file", null);
+                return null;
+            } else if (keys.size() < 1) {
+                error("No key found in input file", null);         
+                return null;
+            }
+            key = (PGPKey)keys.elementAt(0);
+        } catch (PGPException pe) {
+            error("Error parsing input file, "+pe, pe);
+            return null;
+        }
+
+        // everything ok, found a single Key
+        return key;
 
-    protected String loadAndCheckPublicKey(String filename) {
-        return loadAndCheckKey(filename, false);
     }
 
+    /**
+     *  Read a Public Key from a filename and return the key.
+     */
+    protected PGPPublicKey loadPublicKey(String filename) {
+        
+        PGPKey key = loadKey(filename);
+        if (key == null)
+            return null;
+
+        if (key instanceof PGPSecretKey) {
+            error(filename + " has a Secret Key!", null);
+            return null;
+        }
+        return (PGPPublicKey)key;
+    }
 
-    protected String loadAndCheckPrivateKey(String filename) {
-        return loadAndCheckKey(filename, true);
+    /**
+     *  Read a Secret Key from a filename and return the key.
+     */
+    protected PGPSecretKey loadSecretKey(String filename) {
+        
+        PGPKey key = loadKey(filename);
+        if (key == null)
+            return null;
+
+        if (key instanceof PGPPublicKey) {
+            error(filename + " has a Public Key!", null);
+            return null;
+        }
+        return (PGPSecretKey)key;
     }
 
+
+
+    /**
+     *  Read a Public Key from a filename and return the key.
+     *  It must be signed by the signer, if provided (can be null).
+     *  It must have the tag in it somewhere.
+     */
+    protected PGPPublicKey checkPublicKey(String filename,
+                                          String tag,
+                                          PGPPublicKey signer)
+    {
+        
+        PGPPublicKey pk = loadPublicKey(filename);
+        // check that the signer has signed
+
+        try {
+            pk = KeyUtil.stripAndVerifyKey(pk, tag, signer);
+
+        } catch (Exception ex) {
+            error("not fit for purpose or unsiged!", ex);
+            return null;
+        }
+
+        return pk;
+    }
+
+    /**
+     *  Read a Secret Key from a filename and return the key.
+     *  It must be the same key (pair) as the public key.
+     */
+    protected PGPSecretKey checkSecretKey(String filename,
+                                          PGPPublicKey pk)
+    {
+        
+        PGPSecretKey secret = loadSecretKey(filename);
+        // check that public matches key ???
+
+        return secret;
+    }
+
+    /**
+     *  Read a Secret Key from a filename and return the key.
+     *  It must be the same key (pair) as the public key.
+     */
+    protected String loadAndCheckSecretKey(String filename,
+                                          PGPPublicKey pk)
+    {
+        
+        PGPSecretKey secret = checkSecretKey(filename, pk);
+
+        return KeyUtil.secretKeyToString(secret);
+    }
+
+
+
+
 
-    private String loadAndCheckKey(String filename, boolean secret) {
+    /**
+     *  DEPRECATED - original checker.
+     */
+    protected String loadAndCheckKey(String filename, boolean secret) {
         
         if (!filename.equals("")) {