PGPainless/pgpainless
PGPainless
/
pgpainless
mirror of https://github.com/pgpainless/pgpainless.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Tests: Replace usages of default algorithm policies with specific policies

This commit is contained in:
Paul Schaub 2022-11-15 16:29:24 +01:00
parent 847d4b5e33
commit 03d04fb324
5 changed files with 20 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java
View File

@ -66,9 +66,9 @@ public class EncryptDecryptTest {
@BeforeEach
public void setDefaultPolicy() {
PGPainless.getPolicy().setSymmetricKeyEncryptionAlgorithmPolicy(
Policy.SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyEncryptionAlgorithmPolicy());
Policy.SymmetricKeyAlgorithmPolicy.symmetricKeyEncryptionPolicy2022());
PGPainless.getPolicy().setSymmetricKeyDecryptionAlgorithmPolicy(
Policy.SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyDecryptionAlgorithmPolicy());
Policy.SymmetricKeyAlgorithmPolicy.symmetricKeyDecryptionPolicy2022());
}
@TestTemplate

17
pgpainless-core/src/test/java/org/pgpainless/example/ManagePolicy.java
View File

@ -44,22 +44,22 @@ public class ManagePolicy {
public void resetPolicy() {
// Policy for hash algorithms in non-revocation signatures
PGPainless.getPolicy().setSignatureHashAlgorithmPolicy(
Policy.HashAlgorithmPolicy.defaultSignatureAlgorithmPolicy());
Policy.HashAlgorithmPolicy.static2022SignatureHashAlgorithmPolicy());
// Policy for hash algorithms in revocation signatures
PGPainless.getPolicy().setRevocationSignatureHashAlgorithmPolicy(
Policy.HashAlgorithmPolicy.defaultRevocationSignatureHashAlgorithmPolicy());
Policy.HashAlgorithmPolicy.static2022RevocationSignatureHashAlgorithmPolicy());
// Policy for public key algorithms and bit lengths
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(
Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
// Policy for acceptable symmetric encryption algorithms when decrypting messages
PGPainless.getPolicy().setSymmetricKeyDecryptionAlgorithmPolicy(
Policy.SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyDecryptionAlgorithmPolicy());
Policy.SymmetricKeyAlgorithmPolicy.symmetricKeyDecryptionPolicy2022());
// Policy for acceptable symmetric encryption algorithms when encrypting messages
PGPainless.getPolicy().setSymmetricKeyEncryptionAlgorithmPolicy(
Policy.SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyEncryptionAlgorithmPolicy());
Policy.SymmetricKeyAlgorithmPolicy.symmetricKeyEncryptionPolicy2022());
// Policy for acceptable compression algorithms
PGPainless.getPolicy().setCompressionAlgorithmPolicy(
Policy.CompressionAlgorithmPolicy.defaultCompressionAlgorithmPolicy());
Policy.CompressionAlgorithmPolicy.anyCompressionAlgorithmPolicy());
// Known notations
PGPainless.getPolicy().getNotationRegistry().clear();
}
@ -73,7 +73,7 @@ public class ManagePolicy {
*
* Per default, PGPainless will reject non-revocation signatures that use SHA-1 as hash algorithm.
* To inspect PGPainless' default signature hash algorithm policy, see
* {@link Policy.HashAlgorithmPolicy#defaultSignatureAlgorithmPolicy()}.
* {@link Policy.HashAlgorithmPolicy#static2022SignatureHashAlgorithmPolicy()}.
*
* Since it may be a valid use-case to accept signatures made using SHA-1 as part of a less strict policy,
* this example demonstrates how to set a custom signature hash algorithm policy.
@ -108,7 +108,8 @@ public class ManagePolicy {
/**
* Similar to hash algorithms, {@link PublicKeyAlgorithm PublicKeyAlgorithms} tend to get outdated eventually.
* Per default, PGPainless will reject signatures made by keys of unacceptable algorithm or length.
* See {@link Policy.PublicKeyAlgorithmPolicy#defaultPublicKeyAlgorithmPolicy()} to inspect PGPainless' defaults.
* See {@link Policy.PublicKeyAlgorithmPolicy#bsi2021PublicKeyAlgorithmPolicy()}
* to inspect PGPainless' defaults.
*
* This example demonstrates how to set a custom public key algorithm policy.
*/

10
pgpainless-core/src/test/java/org/pgpainless/key/generation/GeneratingWeakKeyThrowsTest.java
View File

@ -26,7 +26,7 @@ public class GeneratingWeakKeyThrowsTest {
public void refuseToGenerateWeakPrimaryKeyTest() {
// ensure we have default public key algorithm policy set
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(
Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
assertThrows(IllegalArgumentException.class, () ->
PGPainless.buildKeyRing()
@ -38,7 +38,7 @@ public class GeneratingWeakKeyThrowsTest {
public void refuseToAddWeakSubkeyDuringGenerationTest() {
// ensure we have default public key algorithm policy set
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(
Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
KeyRingBuilder kb = PGPainless.buildKeyRing()
.setPrimaryKey(KeySpec.getBuilder(KeyType.RSA(RsaLength._4096),
@ -50,7 +50,8 @@ public class GeneratingWeakKeyThrowsTest {
}
@Test
public void allowToAddWeakKeysWithWeakPolicy() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
public void allowToAddWeakKeysWithWeakPolicy()
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
// set a weak algorithm policy
Map<PublicKeyAlgorithm, Integer> bitStrengths = new HashMap<>();
bitStrengths.put(PublicKeyAlgorithm.RSA_GENERAL, 512);
@ -67,6 +68,7 @@ public class GeneratingWeakKeyThrowsTest {
.build();
// reset public key algorithm policy
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(
Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
}
}

4
pgpainless-core/src/test/java/org/pgpainless/key/modification/RefuseToAddWeakSubkeyTest.java
View File

@ -34,7 +34,7 @@ public class RefuseToAddWeakSubkeyTest {
public void testEditorRefusesToAddWeakSubkey()
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
// ensure default policy is set
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
.modernKeyRing("Alice");
@ -84,6 +84,6 @@ public class RefuseToAddWeakSubkeyTest {
assertEquals(2, PGPainless.inspectKeyRing(secretKeys).getEncryptionSubkeys(EncryptionPurpose.ANY).size());
// reset default policy
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
}
}

2
pgpainless-core/src/test/java/org/pgpainless/policy/PolicyTest.java
View File

@ -56,7 +56,7 @@ public class PolicyTest {
policy.setRevocationSignatureHashAlgorithmPolicy(new Policy.HashAlgorithmPolicy(HashAlgorithm.SHA512,
revHashAlgoMap));
policy.setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
policy.setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
}
@Test