From f21802523acb2c56b41d2926cfc5158a126cc9f2 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Thu, 25 Aug 2022 14:26:36 +0200 Subject: [PATCH] CLI: Add test for Setup command --- .../main/java/pgp/cert_d/cli/PGPCertDCli.java | 6 +- .../java/pgp/cert_d/cli/InstantiateCLI.java | 18 +++ .../pgp/cert_d/cli/commands/SetupTest.java | 125 ++++++++++++++++++ 3 files changed, 148 insertions(+), 1 deletion(-) create mode 100644 pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/InstantiateCLI.java create mode 100644 pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/commands/SetupTest.java diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java index 501d6ca..7fbac8f 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java @@ -40,7 +40,7 @@ public class PGPCertDCli { scope = CommandLine.ScopeType.INHERIT) File baseDirectory; - private static PGPainlessCertD certificateDirectory; + static PGPainlessCertD certificateDirectory; private int executionStrategy(CommandLine.ParseResult parseResult) { try { @@ -52,6 +52,10 @@ public class PGPCertDCli { } private void initStore() throws NotAStoreException, SQLException { + if (certificateDirectory != null) { + return; + } + if (baseDirectory == null) { baseDirectory = BaseDirectoryProvider.getDefaultBaseDir(); } diff --git a/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/InstantiateCLI.java b/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/InstantiateCLI.java new file mode 100644 index 0000000..6a20ff6 --- /dev/null +++ b/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/InstantiateCLI.java @@ -0,0 +1,18 @@ +// SPDX-FileCopyrightText: 2022 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package pgp.cert_d.cli; + +import org.pgpainless.certificate_store.PGPainlessCertD; + +public class InstantiateCLI { + + public static void resetStore() { + PGPCertDCli.certificateDirectory = null; + } + + public static void setInMemoryStore() { + PGPCertDCli.certificateDirectory = PGPainlessCertD.inMemory(); + } +} diff --git a/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/commands/SetupTest.java b/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/commands/SetupTest.java new file mode 100644 index 0000000..b4664c0 --- /dev/null +++ b/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/commands/SetupTest.java @@ -0,0 +1,125 @@ +// SPDX-FileCopyrightText: 2022 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package pgp.cert_d.cli.commands; + +import org.bouncycastle.openpgp.PGPException; +import org.bouncycastle.openpgp.PGPSecretKeyRing; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.pgpainless.PGPainless; +import org.pgpainless.certificate_store.PGPainlessCertD; +import org.pgpainless.key.OpenPgpFingerprint; +import org.pgpainless.key.info.KeyInfo; +import org.pgpainless.key.protection.UnlockSecretKey; +import org.pgpainless.util.Passphrase; +import pgp.cert_d.cli.InstantiateCLI; +import pgp.cert_d.cli.PGPCertDCli; +import pgp.certificate_store.certificate.Key; +import pgp.certificate_store.certificate.KeyMaterial; +import pgp.certificate_store.exception.BadDataException; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.nio.charset.Charset; +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertNull; +import static org.junit.jupiter.api.Assertions.assertTrue; + +public class SetupTest { + + private PGPainlessCertD store; + + @BeforeEach + public void setup() { + InstantiateCLI.setInMemoryStore(); + store = PGPCertDCli.getCertificateDirectory(); + } + + @AfterEach + public void teardown() { + InstantiateCLI.resetStore(); + store = null; + } + + @Test + public void testSetupGeneratesTrustRoot() + throws BadDataException, IOException { + assertNull(store.getTrustRoot()); + + PGPCertDCli.main(new String[] {"setup"}); + KeyMaterial trustRoot = store.getTrustRoot(); + assertNotNull(trustRoot); + assertTrue(trustRoot instanceof Key); + + // Check that key has no password + PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(trustRoot.getInputStream()); + assertTrue(KeyInfo.isDecrypted(secretKeys.getSecretKey())); + } + + @Test + public void testSetupWithPassword() + throws BadDataException, IOException, PGPException { + assertNull(store.getTrustRoot()); + + PGPCertDCli.main(new String[] {"setup", "--with-password", "sw0rdf1sh"}); + KeyMaterial trustRoot = store.getTrustRoot(); + assertNotNull(trustRoot); + assertTrue(trustRoot instanceof Key); + + // Check that key is encrypted + PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(trustRoot.getInputStream()); + assertTrue(KeyInfo.isEncrypted(secretKeys.getSecretKey())); + // Check that password matches + assertNotNull(UnlockSecretKey.unlockSecretKey( + secretKeys.getSecretKey(), Passphrase.fromPassword("sw0rdf1sh"))); + } + + @Test + public void testSetupImportFromStdin() + throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, + BadDataException, IOException { + assertNull(store.getTrustRoot()); + + PGPSecretKeyRing trustRoot = PGPainless.generateKeyRing() + .modernKeyRing("trust-root"); + OpenPgpFingerprint fingerprint = OpenPgpFingerprint.of(trustRoot); + String armored = PGPainless.asciiArmor(trustRoot); + ByteArrayInputStream trustRootIn = new ByteArrayInputStream( + armored.getBytes(Charset.forName("UTF8"))); + + InputStream originalStdin = System.in; + System.setIn(trustRootIn); + PGPCertDCli.main(new String[] {"setup", "--import-from-stdin"}); + System.setIn(originalStdin); + + KeyMaterial importedTrustRoot = store.getTrustRoot(); + assertEquals(fingerprint.toString().toLowerCase(), importedTrustRoot.getFingerprint()); + } + + @Test + public void testSetupOverridesExistingTrustRoot() + throws BadDataException, IOException { + assertNull(store.getTrustRoot()); + + PGPCertDCli.main(new String[] {"setup"}); + KeyMaterial trustRoot = store.getTrustRoot(); + assertNotNull(trustRoot); + String fingerprint = trustRoot.getFingerprint(); + + // Override trust-root by calling setup again + PGPCertDCli.main(new String[] {"setup"}); + trustRoot = store.getTrustRoot(); + assertNotNull(trustRoot); + + assertNotEquals(fingerprint, trustRoot.getFingerprint()); + } +}