PublicKeyChecker: Add web-of-trust checks

Callers can specify a set of trusted keys and a maximum depth, and the checker will recursively verify certification signatures until reaching a root trusted key. Change-Id: I41df284302ea77d92515d87e7eb960f4d3d40857
2015-07-21 14:35:08 -07:00
parent 833a8d81dd
commit 8e28957137
7 changed files with 1389 additions and 18 deletions
--- a/gerrit-gpg/src/test/java/com/google/gerrit/gpg/PublicKeyCheckerTest.java
+++ b/gerrit-gpg/src/test/java/com/google/gerrit/gpg/PublicKeyCheckerTest.java
--- a/gerrit-gpg/src/test/java/com/google/gerrit/gpg/testutil/TestKey.java
+++ b/gerrit-gpg/src/test/java/com/google/gerrit/gpg/testutil/TestKey.java
@@ -563,7 +563,7 @@ public class TestKey {
  private final PGPPublicKeyRing pubRing;
  private final PGPSecretKeyRing secRing;

-  private TestKey(String pubArmored, String secArmored) {
+  public TestKey(String pubArmored, String secArmored) {
    this.pubArmored = pubArmored;
    this.secArmored = secArmored;
    BcKeyFingerprintCalculator fc = new BcKeyFingerprintCalculator();