Partially fix errors when using DummyKeyringModule

This fixes a few problems encountered when building and running according to the Install Guide using the DummyKeyring. It's still failing when trying to parse the JSON credential, which I haven't solved, but before proceeding I wanted to get agreement that it needs to be fixed at all since the best we could do is provide a valid format (as with the PGP keyrings), but the metrics logging will still fail for a different reason (i.e. the credential will not work for the GC project). Things fixed in this PR: Fix format string causing MissingFormatArgumentException in FrontendServlet when keyring fails to load. Include exception cause in VerifyException in PgpHelper. Replace dummy PGP keyrings with ones without a password, as code expects. Document how the PGP keyrings are created. P.S. I see a tab character snuck into PgpHelper. I'll fix that if you're interested in this PR. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=188342973
2025-05-14 00:17:20 +02:00 · 2018-03-08 09:30:46 -08:00 · 2018-03-08 09:30:46 -08:00 · c4f1be4baa
commit c4f1be4baa
parent 00bf8a999f
4 changed files with 70 additions and 51 deletions
--- a/java/google/registry/keyring/api/DummyKeyringModule.java
+++ b/java/google/registry/keyring/api/DummyKeyringModule.java
@ -42,6 +42,29 @@ import org.bouncycastle.openpgp.bc.BcPGPSecretKeyRingCollection;
 * with all attempted outgoing connections failing because the supplied dummy credentials aren't
 * valid. For a real system that needs to connect with external services, you should replace this
 * module with one that loads real credentials from secure sources.
 *
 * <p>The dummy PGP keyrings are created using gnupg1/pgp1 roughly like the following (using
 * gnupg2/pgp2 is an exercise left for the developer):
 *
 * <pre>{@code
 * # mkdir gpg
 * # chmod 700 gpg
 * # gpg1 --homedir gpg --gen-key <<<EOF
 * 1
 * 1024
 * 0
 * Y
 * Test Registry
 * test-registry@example.com
 *
 * O
 * EOF
 * [press enter twice at keyring password prompts]
 * # gpg1 --homedir gpg -a -o pgp-public-keyring.asc --export test-registry@example.com
 * # gpg1 --homedir gpg -a -o pgp-private-keyring.asc --export-secret-keys test-registry@example.com
 * # mv pgp*keyring.asc java/google/registry/keyring/api
 * # rm -rf gpg
 * }</pre>
 */
@Module
@Immutable
@ -56,7 +79,7 @@ public final class DummyKeyringModule {
      Resources.asByteSource(getResource(InMemoryKeyring.class, "pgp-private-keyring.asc"));
  /** The email address of the aforementioned PGP key. */
-  private static final String EMAIL_ADDRESS = "domain-registry-users@googlegroups.com";
+  private static final String EMAIL_ADDRESS = "test-registry@example.com";
  /** Always returns a {@link InMemoryKeyring} instance. */
  @Provides
--- a/java/google/registry/keyring/api/PgpHelper.java
+++ b/java/google/registry/keyring/api/PgpHelper.java
@ -117,7 +117,7 @@ public final class PgpHelper {
          new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider())
              .build(new char[0]));
    } catch (PGPException e) {
-      throw new VerifyException(e.getMessage());
+      throw new VerifyException(String.format("Could not load PGP private key for: %s", query), e);
    }
    return new PGPKeyPair(publicKey, privateKey);
  }
--- a/java/google/registry/keyring/api/pgp-private-keyring.asc
+++ b/java/google/registry/keyring/api/pgp-private-keyring.asc
@ -1,35 +1,32 @@
 -----BEGIN PGP PRIVATE KEY BLOCK-----
 Version: GnuPG v1
-lQH+BFfPBakBBACTKn8ZPbKVyafxVOnFh9n9Xb0DIA2ph8oTw8p5ObJpzZ/bx/Bx
+lQHYBFo8aRIBBAC8MA2xQXYvEbeLV1iMo4GC3lRFYvrUCarenhwoWufCYH6dGien
-eIMs5KjiZu6yr+SQAkDbokDwlFTVIVESvkxYPeHVn9vnW01T4nlQ2/4ezAqjNuGl
+/HhiB0eiDF672J4MtueHQ2M7UaGJgxAoQTG9c6O90vlmFFhPZ967U1MTdY/NLvDK
-7B61Kl50JMprgZo+VvbRhzYWYcZclZDNO9axyphWuIFarMgdDl8TC0IuKwARAQAB
+bQEGzjdaUC1T/O6kr0O4GHRAyNyHa39Q75Oaj8MNdPsTmT4tDy+aFO6kKwARAQAB
-/gMDAiNREMtdTajUYJnvE5MXiUAwkiGYLgWeHu9/v+jzpKCpOFCzJpkQHRM4FoUC
+AAP9Gd59M12tUmEcGxKBwKuFVSkc6oDlvBosG/geJMoCS+0Z2pzK0MPbBJa9mSAc
-tb/PuWzMT/b6ZpxsiK2bjZ0MzQGUHfHGJfyqJQBRKblmHIemS2xlXzBnqU5znlUs
+MbRgXZ0TDLwNuwzIqO+UXARCQu1ln/NlCcSzQZd5S80Of6CSoFMdFEb0kcpFW3z9
-IFptSNUo6Qen3Oxlr4y4ArRKpMAYAjRP0prJDE5A/Za7AuChyDWZhLFu39iVer1c
+rpZdIBpNNk2iyBro9+7JOLJgCUkZQX7jy2K4LM5eTJsnuMECANFBnrMUde43XBiT
-9FJlkIGMfPWNzJEfqJnsO7IyszwbpEMbHtz3mCeYQn4E+S4RO6g4GsIkaVUcFvkL
+gixOJ5zbekGIIGq4QeRc8fJUDUhkFMq1znNriu30bB0Ld4Btlxzyn56tx8DVgx1+
-ATpmcnYvWlaRlWLkv8GTVBdTmHRb9/NGEhbrwfCN1vnjfi9iPVFpdmy9g5+zyh+6
+4anONuECAOY5nm2G9i46AUxQN3dB8IE0SMMHcRcz60eX68fke+1aYjdSQA/nf9hR
-fQEXa/a5JhKwzYfsvBGjOIworikhN8+OmLKS7ww2hB3wHa1JtEodjbBv6UqZk8+i
+l2f+gX9+y3cPqo7bFZzrDNECRm3J2IsB/2444JDTnzyME99jRYeEZGM0BXMWZEoO
-bMBXqCiR1oL9hll5XeOxwrfdmoye6bkzgawA0MXNnXHJRm6pl9rZkXo9SHPenQLJ
+hLU7f2V8pdN1po6mZ5bZZv6LeTXWPCIqCuBxNHZAV/xH9oWmkpjnw8Sc77QpVGVz
-Cqs5DNYKmNJg13ZIJdVdprT5nALCMuxMESsN6nKM7wrStDhEb21haW4gUmVnaXN0
+dCBSZWdpc3RyeSA8dGVzdC1yZWdpc3RyeUBleGFtcGxlLmNvbT6IuAQTAQIAIgUC
-cnkgPGRvbWFpbi1yZWdpc3RyeS11c2Vyc0Bnb29nbGVncm91cHMuY29tPoi4BBMB
+WjxpEgIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQvIOfrLbgEN2NegP+
-AgAiBQJXzwWpAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCIX9igNM8p
+JV+i4DxPTv3jfRDcpGy8yDANiIoBFSyARpqMqg0+TfV/UypuyjFTGfnLuQv+osce
-/6lZA/wIukET7iOVp/um4feLIaLoBaJlWdb6dRHPgQKZaFfNg5CaALCeVOwsBKNA
+OKtPevH8gCc779+OqtqyNDcPooTG5K+eUYR77PYtfzsKk/Z/33tQtEJDb8WWn4G4
-6YCCCtaSa1l6bIzziC8Lii37DB5hNF9M9A350rgUFHtKze5BAADtPkpDpY50nPug
+R9Nh51MOz1X17oe3ih9HNvMGIrOG9VeWPsTxjXAzBoidAdgEWjxpEgEEANiasS9p
-wkQP7UEjCMcpix0fDX5cJ/bJ9va7w5fw3LX/GuBuLHemswGBup0B/gRXzwWpAQQA
+bG53M3jeCwLX0PFgWgspMZl3QnU6bvaTsfMAHaklJ55Tj1wuaaQymHqNm6xElCN8
-xuQ90FV9LRznzfZe4/IUGGQ1L/ku9xuA1TGeTnuqRR9kdTofZw5p2a0Kh915x6En
+MK8exDQQvPZwYVQOuoP3cHriCslLGznB943URcuxXz6R7F7WixYUeVVpQ4J0+gFu
-VLogsAvshwIiDZaraJRiXLBrF7Hf4fKgc0gHNtlkVSCeow1kGScDXOpQ01deDFfU
+bR8PfThDCtHQyP+uYx9U+EVWIvuIZIchdjl9ABEBAAEAA/4xmt2sorthIf3g9pL1
-YjQq86XSfwCognw7O5636kNsS7Te0jfPZmbgJdldGXMAEQEAAf4DAwIjURDLXU2o
+e/jfKoZ8i1rPT1NiNvdeE217neFtEPP9i5vni76ISskGOgN2hH8bkE+y7zwWQ2YP
-1GC/wS0hrGk9x0H8daxBK1nH1U8kT+8RQM0t7c4rpY0z3p/FTpc4sKy58K0YDVT2
+FyYGlvVcw2KjT7+SrAWCkgR6Y7hWib+RDcVGje+YH5MxGtBIX2W/zcOW5S9+nC3Q
-7ym0ukUHBR7Em0rr9VCkUVkR0rQhpi2ioMUDLn+FyslzYSZnsvvK1WWgMYuCylHM
+Y3Tzc3YQxF8sOeaHvrEb1tJ9eQIA5ivEjt43GgZq0nxacKLhleXyA9Z/JmwDg15z
-H7lrzkJQvN7jWdKEURwkRC38S4/JfhZQ8Y+hHa8yt96pCxB6NgUkwjPK/H4KVYz7
+FCZCnPABmR72wpXzXe2gO18W3iiqwS/WFDbdSFwxDQ0lXSy8VQIA8Okv6Q2BNXEw
-hjPAu0fsvzklfo9/xZMSoRZF+K8KXNc8MqBK8gheuP8bU3c30KTjevjlLw8kUsL3
+H0hufK8P7aHvuOI1ll4qTw6QkY+z5hRZAcmmID3boQJeJAmVbUissYKUNJudmiUJ
-wkqehCYCe1GKPUhdLoBQiWGAddFFwyPuMuzk1W3oaxRaXPDT2eR4+5jNkoODX9Wz
+DPLQod+wiQIAtJWxlRgHvEHRjQS5tH13ERWLObBHdZcQvKcqdtTCZj1EVH7zVHpb
-sWgM7h6gkaPdaSaKNatYAlqVQxWsdVnJOzJzj8UZp34oGQxow9ZU1WGqccd5VlJx
+qBLggo7QwPJTC+UMf/f4nPd1U2O6zXv66p5liJ8EGAECAAkFAlo8aRICGwwACgkQ
-32aQjcGXcjgq/zY4OcKBKxiFWJX8LUzIlUmEyTppxzn4VxbOmbVc5L2Knw5isv6E
+vIOfrLbgEN141gP9GATYCoihm5igbZ0FL8YPPb5WvHpTEA4WgdIIUUCQ0TYJ2ZOC
-Q5CnZCaJVeGvIeHuDfIyIA0+Sk29nYifBBgBAgAJBQJXzwWpAhsMAAoJEIhf2KA0
+dK0i3qbb1xRRBJq006qSiE4vqQ7fHO8HxmEWaPLlsPvebGm39PUuzVyWx8I2w+0/
-zyn/cZcD/0a540LdD3xv9JrEwS2bMPYUKtwqw/dysiLnkvW1hQBj7bJUhQrILb3p
+qcxt5L2VVzbZFp6+Yoa+meRYsO77gAzUvqUG1yLWo6MD4pSUNYJA867BB/k=
-9qPcubKPPODNPfUxKOjQX7zTMTd4F7wVGXoARrqiqvmCrK9XL1UnqZ+ofvvId2Sc
+=mkAP
 p5qUP0iC5kc8od3T64DEPJPqMs2/GrjfMGwRTzEbIdp22Jho0Esy
 =qUDG
 -----END PGP PRIVATE KEY BLOCK-----
--- a/java/google/registry/keyring/api/pgp-public-keyring.asc
+++ b/java/google/registry/keyring/api/pgp-public-keyring.asc
@ -1,20 +1,19 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v1
-mI0EV88FqQEEAJMqfxk9spXJp/FU6cWH2f1dvQMgDamHyhPDynk5smnNn9vH8HF4
+mI0EWjxpEgEEALwwDbFBdi8Rt4tXWIyjgYLeVEVi+tQJqt6eHCha58Jgfp0aJ6f8
-gyzkqOJm7rKv5JACQNuiQPCUVNUhURK+TFg94dWf2+dbTVPieVDb/h7MCqM24aXs
+eGIHR6IMXrvYngy254dDYztRoYmDEChBMb1zo73S+WYUWE9n3rtTUxN1j80u8Mpt
-HrUqXnQkymuBmj5W9tGHNhZhxlyVkM071rHKmFa4gVqsyB0OXxMLQi4rABEBAAG0
+AQbON1pQLVP87qSvQ7gYdEDI3Idrf1Dvk5qPww10+xOZPi0PL5oU7qQrABEBAAG0
-OERvbWFpbiBSZWdpc3RyeSA8ZG9tYWluLXJlZ2lzdHJ5LXVzZXJzQGdvb2dsZWdy
+KVRlc3QgUmVnaXN0cnkgPHRlc3QtcmVnaXN0cnlAZXhhbXBsZS5jb20+iLgEEwEC
-b3Vwcy5jb20+iLgEEwECACIFAlfPBakCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B
+ACIFAlo8aRICGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELyDn6y24BDd
-AheAAAoJEIhf2KA0zyn/qVkD/Ai6QRPuI5Wn+6bh94shougFomVZ1vp1Ec+BAplo
+jXoD/iVfouA8T079430Q3KRsvMgwDYiKARUsgEaajKoNPk31f1MqbsoxUxn5y7kL
-V82DkJoAsJ5U7CwEo0DpgIIK1pJrWXpsjPOILwuKLfsMHmE0X0z0DfnSuBQUe0rN
+/qLHHjirT3rx/IAnO+/fjqrasjQ3D6KExuSvnlGEe+z2LX87CpP2f997ULRCQ2/F
-7kEAAO0+SkOljnSc+6DCRA/tQSMIxymLHR8Nflwn9sn29rvDl/Dctf8a4G4sd6az
+lp+BuEfTYedTDs9V9e6Ht4ofRzbzBiKzhvVXlj7E8Y1wMwaIuI0EWjxpEgEEANia
-AYG6uI0EV88FqQEEAMbkPdBVfS0c5832XuPyFBhkNS/5LvcbgNUxnk57qkUfZHU6
+sS9pbG53M3jeCwLX0PFgWgspMZl3QnU6bvaTsfMAHaklJ55Tj1wuaaQymHqNm6xE
-H2cOadmtCofdecehJ1S6ILAL7IcCIg2Wq2iUYlywaxex3+HyoHNIBzbZZFUgnqMN
+lCN8MK8exDQQvPZwYVQOuoP3cHriCslLGznB943URcuxXz6R7F7WixYUeVVpQ4J0
-ZBknA1zqUNNXXgxX1GI0KvOl0n8AqIJ8Ozuet+pDbEu03tI3z2Zm4CXZXRlzABEB
+gFubR8PfThDCtHQyP+uYx9U+EVWIvuIZIchdjl9ABEBAAGInwQYAQIACQUCWjxp
-AAGInwQYAQIACQUCV88FqQIbDAAKCRCIX9igNM8p/3GXA/9GueNC3Q98b/SaxMEt
+EgIbDAAKCRC8g5+stuAQ3XjWA/0YBNgKiKGbmKBtnQUvxg89vla8elMQDhaB0ghR
-mzD2FCrcKsP3crIi55L1tYUAY+2yVIUKyC296faj3LmyjzzgzT31MSjo0F+80zE3
+QJDRNgnZk4J0rSLeptvXFFEEmrTTqpKITi+pDt8c7wfGYRZo8uWw+95sabf09S7N
-eBe8FRl6AEa6oqr5gqyvVy9VJ6mfqH77yHdknKealD9IguZHPKHd0+uAxDyT6jLN
+XJbHwjbD7T+pzG3kvZVXNtkWnr5ihr6Z5Fiw7vuADNS+pQbXItajowPilJQ1gkDz
-vxq43zBsEU8xGyHadtiYaNBLMg==
+rsEH+Q==
-=v+Qg
+=ilBa
 -----END PGP PUBLIC KEY BLOCK-----