mirror of
https://github.com/google/nomulus.git
synced 2025-05-01 12:37:52 +02:00
8ec2eaf39c
Second step of RDE encoding refactoring. Creates a single OutputStream encode RyDE files. This replaces the 5 OutputStreams that were needed before. Also removes all the factories that were injected. It's an encoding, there's no point in injecting it. Finally, removed the buffer-size configuration and replaced with a static final const value in each individual OutputStream. This doesn't yet include a decoder (InputStream). And there's still a lot of overlap between the Ryde and the Ghostryde code. Both of those are left for the next CLs. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=204898369
73 lines
3 KiB
Java
73 lines
3 KiB
Java
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package google.registry.tools;
|
|
|
|
import static google.registry.model.rde.RdeMode.FULL;
|
|
|
|
import com.google.common.io.ByteStreams;
|
|
import google.registry.keyring.api.KeyModule.Key;
|
|
import google.registry.model.rde.RdeNamingUtils;
|
|
import google.registry.rde.RdeUtil;
|
|
import google.registry.rde.RydeEncoder;
|
|
import google.registry.xml.XmlException;
|
|
import java.io.BufferedInputStream;
|
|
import java.io.IOException;
|
|
import java.io.InputStream;
|
|
import java.io.OutputStream;
|
|
import java.nio.file.Files;
|
|
import java.nio.file.Path;
|
|
import javax.inject.Inject;
|
|
import javax.inject.Provider;
|
|
import org.bouncycastle.bcpg.ArmoredOutputStream;
|
|
import org.bouncycastle.openpgp.PGPKeyPair;
|
|
import org.bouncycastle.openpgp.PGPPublicKey;
|
|
import org.joda.time.DateTime;
|
|
|
|
/** Utility for encrypting an RDE RyDE deposit on the Java 7 NIO file system. */
|
|
final class EscrowDepositEncryptor {
|
|
|
|
private static final int PEEK_BUFFER_SIZE = 64 * 1024;
|
|
|
|
@Inject @Key("rdeSigningKey") Provider<PGPKeyPair> rdeSigningKey;
|
|
@Inject @Key("rdeReceiverKey") Provider<PGPPublicKey> rdeReceiverKey;
|
|
@Inject EscrowDepositEncryptor() {}
|
|
|
|
/** Creates a {@code .ryde} and {@code .sig} file, provided an XML deposit file. */
|
|
void encrypt(String tld, Path xmlFile, Path outdir)
|
|
throws IOException, XmlException {
|
|
try (InputStream xmlFileInput = Files.newInputStream(xmlFile);
|
|
BufferedInputStream xmlInput = new BufferedInputStream(xmlFileInput, PEEK_BUFFER_SIZE)) {
|
|
DateTime watermark = RdeUtil.peekWatermark(xmlInput);
|
|
String name = RdeNamingUtils.makeRydeFilename(tld, watermark, FULL, 1, 0);
|
|
Path rydePath = outdir.resolve(name + ".ryde");
|
|
Path sigPath = outdir.resolve(name + ".sig");
|
|
Path pubPath = outdir.resolve(tld + ".pub");
|
|
PGPKeyPair signingKey = rdeSigningKey.get();
|
|
try (OutputStream rydeOutput = Files.newOutputStream(rydePath);
|
|
OutputStream sigOutput = Files.newOutputStream(sigPath);
|
|
RydeEncoder rydeEncoder = new RydeEncoder.Builder()
|
|
.setRydeOutput(rydeOutput, rdeReceiverKey.get())
|
|
.setSignatureOutput(sigOutput, signingKey)
|
|
.setFileMetadata(name, Files.size(xmlFile), watermark)
|
|
.build()) {
|
|
ByteStreams.copy(xmlInput, rydeEncoder);
|
|
}
|
|
try (OutputStream pubOutput = Files.newOutputStream(pubPath);
|
|
ArmoredOutputStream ascOutput = new ArmoredOutputStream(pubOutput)) {
|
|
signingKey.getPublicKey().encode(ascOutput);
|
|
}
|
|
}
|
|
}
|
|
}
|