In this week I pushed methods to verify signature on gerrit. See [1].
There are several updates in those methods.
- I have updated isSelfSignedCertificate method to change the way checking is taking place. See [2].
- I have added method isCertChainValid to check the validity of certificate like certificate is signed by root CA that is trusted, is any certificate in chain is revoked and is any expired. I will have to check whether this method works in windows since it includes java enviroment variable path. See [2]. An error is occurring while running this method and it is unable to check revocation list. I am working on it.
I am waiting for one review before patching these changes so that things don't get complicated.
There is a minor change in how certificates are retrieved from keystore in method getCertificate of PerformSignature class. Previously I was performing only call to keyStore.getCertificateChain but it can return null depending upon how user have imported certificate to keystore. So, I have added keyStore.getCertificate step. If previous on returns null than next one will surely work. See [3].
I have also updated following classes to provide method getSignatureInfo.
- ICodeParser.java
- AbstractCodeParser.java
- PythonCodeParser to update getBlockCommentToken methods
I am planning to patch all these changes in the next patch of [1] after 1st review.
In order to get commented string in form of language specific block comments, we will have to update following classes.
- ICodeFactory.java to provide method to allow block comment like
- String createCommentedString(String comment, boolean addBlockComment);
- AbstractCodeFactory.java to implement this method.
- _javascript_CodeFactory and PythonCodeFactory to add getBlockCommentToken method