Skip to content

Commit

Permalink
WiP add missing key to the exception information
Browse files Browse the repository at this point in the history
  • Loading branch information
@spyrkob
spyrkob committed Oct 15, 2024
1 parent fd9339e commit 148bb67
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 4 deletions.
11 changes: 11 additions & 0 deletions core/src/main/java/org/wildfly/channel/spi/SignatureValidator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,13 @@ SignatureResult validateSignature(ArtifactIdentifier artifactId, InputStream art
*/
class SignatureException extends RuntimeException {
private final SignatureResult signatureResult;
private String missingSignature;

public SignatureException(String message, Throwable cause, SignatureResult signatureResult, String missingSignature) {
super(message, cause);
this.signatureResult = signatureResult;
this.missingSignature = missingSignature;
}

public SignatureException(String message, Throwable cause, SignatureResult signatureResult) {
super(message, cause);
Expand All @@ -62,5 +69,9 @@ public SignatureException(String message, SignatureResult signatureResult) {
public SignatureResult getSignatureResult() {
return signatureResult;
}

public String getMissingSignature() {
return missingSignature;
}
}
}
8 changes: 4 additions & 4 deletions gpg-validator/src/main/java/org/wildfly/channel/gpg/GpgSignatureValidator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,7 @@ public SignatureResult validateSignature(ArtifactIdentifier artifactId, InputStr
}
} catch (PGPException | IOException e) {
throw new SignatureException("Unable to parse the certificate downloaded from keyserver", e,
SignatureResult.noSignature(artifactId));
SignatureResult.noSignature(artifactId), keyID);
}

if (key == null) {
Expand All @@ -146,7 +146,7 @@ public SignatureResult validateSignature(ArtifactIdentifier artifactId, InputStr
pgpPublicKeys = downloadPublicKey(gpgUrl);
} catch (IOException e) {
throw new SignatureException("Unable to parse the certificate downloaded from " + gpgUrl, e,
SignatureResult.noSignature(artifactId));
SignatureResult.noSignature(artifactId), Long.toHexString(pgpSignature.getKeyID()).toUpperCase(Locale.ROOT));
}
if (pgpPublicKeys.stream().anyMatch(k -> k.getKeyID() == pgpSignature.getKeyID())) {
key = pgpPublicKeys.stream().filter(k -> k.getKeyID() == pgpSignature.getKeyID()).findFirst().get();
Expand Down Expand Up @@ -193,7 +193,7 @@ public SignatureResult validateSignature(ArtifactIdentifier artifactId, InputStr
pgpSignature.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
} catch (PGPException e) {
throw new SignatureException("Unable to verify the signature using key " + keyID, e,
SignatureResult.invalid(artifactId));
SignatureResult.invalid(artifactId), keyID);
}
final SignatureResult result = verifyFile(artifactId, artifactStream, pgpSignature);

Expand Down Expand Up @@ -291,7 +291,7 @@ private static SignatureResult verifyFile(ArtifactIdentifier artifactSource, Inp
}
} catch (PGPException e) {
throw new SignatureException("Unable to verify the file signature", e,
SignatureResult.invalid(artifactSource));
SignatureResult.invalid(artifactSource), Long.toHexString(pgpSignature.getKeyID()).toUpperCase(Locale.ROOT));
}
}

Expand Down

0 comments on commit 148bb67

Please sign in to comment.