mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-23 03:17:58 +01:00
Tests: Replace usages of default algorithm policies with specific policies
This commit is contained in:
parent
847d4b5e33
commit
03d04fb324
5 changed files with 20 additions and 17 deletions
|
@ -66,9 +66,9 @@ public class EncryptDecryptTest {
|
|||
@BeforeEach
|
||||
public void setDefaultPolicy() {
|
||||
PGPainless.getPolicy().setSymmetricKeyEncryptionAlgorithmPolicy(
|
||||
Policy.SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyEncryptionAlgorithmPolicy());
|
||||
Policy.SymmetricKeyAlgorithmPolicy.symmetricKeyEncryptionPolicy2022());
|
||||
PGPainless.getPolicy().setSymmetricKeyDecryptionAlgorithmPolicy(
|
||||
Policy.SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyDecryptionAlgorithmPolicy());
|
||||
Policy.SymmetricKeyAlgorithmPolicy.symmetricKeyDecryptionPolicy2022());
|
||||
}
|
||||
|
||||
@TestTemplate
|
||||
|
|
|
@ -44,22 +44,22 @@ public class ManagePolicy {
|
|||
public void resetPolicy() {
|
||||
// Policy for hash algorithms in non-revocation signatures
|
||||
PGPainless.getPolicy().setSignatureHashAlgorithmPolicy(
|
||||
Policy.HashAlgorithmPolicy.defaultSignatureAlgorithmPolicy());
|
||||
Policy.HashAlgorithmPolicy.static2022SignatureHashAlgorithmPolicy());
|
||||
// Policy for hash algorithms in revocation signatures
|
||||
PGPainless.getPolicy().setRevocationSignatureHashAlgorithmPolicy(
|
||||
Policy.HashAlgorithmPolicy.defaultRevocationSignatureHashAlgorithmPolicy());
|
||||
Policy.HashAlgorithmPolicy.static2022RevocationSignatureHashAlgorithmPolicy());
|
||||
// Policy for public key algorithms and bit lengths
|
||||
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(
|
||||
Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
|
||||
Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
|
||||
// Policy for acceptable symmetric encryption algorithms when decrypting messages
|
||||
PGPainless.getPolicy().setSymmetricKeyDecryptionAlgorithmPolicy(
|
||||
Policy.SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyDecryptionAlgorithmPolicy());
|
||||
Policy.SymmetricKeyAlgorithmPolicy.symmetricKeyDecryptionPolicy2022());
|
||||
// Policy for acceptable symmetric encryption algorithms when encrypting messages
|
||||
PGPainless.getPolicy().setSymmetricKeyEncryptionAlgorithmPolicy(
|
||||
Policy.SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyEncryptionAlgorithmPolicy());
|
||||
Policy.SymmetricKeyAlgorithmPolicy.symmetricKeyEncryptionPolicy2022());
|
||||
// Policy for acceptable compression algorithms
|
||||
PGPainless.getPolicy().setCompressionAlgorithmPolicy(
|
||||
Policy.CompressionAlgorithmPolicy.defaultCompressionAlgorithmPolicy());
|
||||
Policy.CompressionAlgorithmPolicy.anyCompressionAlgorithmPolicy());
|
||||
// Known notations
|
||||
PGPainless.getPolicy().getNotationRegistry().clear();
|
||||
}
|
||||
|
@ -73,7 +73,7 @@ public class ManagePolicy {
|
|||
*
|
||||
* Per default, PGPainless will reject non-revocation signatures that use SHA-1 as hash algorithm.
|
||||
* To inspect PGPainless' default signature hash algorithm policy, see
|
||||
* {@link Policy.HashAlgorithmPolicy#defaultSignatureAlgorithmPolicy()}.
|
||||
* {@link Policy.HashAlgorithmPolicy#static2022SignatureHashAlgorithmPolicy()}.
|
||||
*
|
||||
* Since it may be a valid use-case to accept signatures made using SHA-1 as part of a less strict policy,
|
||||
* this example demonstrates how to set a custom signature hash algorithm policy.
|
||||
|
@ -108,7 +108,8 @@ public class ManagePolicy {
|
|||
/**
|
||||
* Similar to hash algorithms, {@link PublicKeyAlgorithm PublicKeyAlgorithms} tend to get outdated eventually.
|
||||
* Per default, PGPainless will reject signatures made by keys of unacceptable algorithm or length.
|
||||
* See {@link Policy.PublicKeyAlgorithmPolicy#defaultPublicKeyAlgorithmPolicy()} to inspect PGPainless' defaults.
|
||||
* See {@link Policy.PublicKeyAlgorithmPolicy#bsi2021PublicKeyAlgorithmPolicy()}
|
||||
* to inspect PGPainless' defaults.
|
||||
*
|
||||
* This example demonstrates how to set a custom public key algorithm policy.
|
||||
*/
|
||||
|
|
|
@ -26,7 +26,7 @@ public class GeneratingWeakKeyThrowsTest {
|
|||
public void refuseToGenerateWeakPrimaryKeyTest() {
|
||||
// ensure we have default public key algorithm policy set
|
||||
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(
|
||||
Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
|
||||
Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
|
||||
|
||||
assertThrows(IllegalArgumentException.class, () ->
|
||||
PGPainless.buildKeyRing()
|
||||
|
@ -38,7 +38,7 @@ public class GeneratingWeakKeyThrowsTest {
|
|||
public void refuseToAddWeakSubkeyDuringGenerationTest() {
|
||||
// ensure we have default public key algorithm policy set
|
||||
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(
|
||||
Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
|
||||
Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
|
||||
|
||||
KeyRingBuilder kb = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.RSA(RsaLength._4096),
|
||||
|
@ -50,7 +50,8 @@ public class GeneratingWeakKeyThrowsTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
public void allowToAddWeakKeysWithWeakPolicy() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
public void allowToAddWeakKeysWithWeakPolicy()
|
||||
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
// set a weak algorithm policy
|
||||
Map<PublicKeyAlgorithm, Integer> bitStrengths = new HashMap<>();
|
||||
bitStrengths.put(PublicKeyAlgorithm.RSA_GENERAL, 512);
|
||||
|
@ -67,6 +68,7 @@ public class GeneratingWeakKeyThrowsTest {
|
|||
.build();
|
||||
|
||||
// reset public key algorithm policy
|
||||
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
|
||||
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(
|
||||
Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -34,7 +34,7 @@ public class RefuseToAddWeakSubkeyTest {
|
|||
public void testEditorRefusesToAddWeakSubkey()
|
||||
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
// ensure default policy is set
|
||||
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
|
||||
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
|
||||
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
.modernKeyRing("Alice");
|
||||
|
@ -84,6 +84,6 @@ public class RefuseToAddWeakSubkeyTest {
|
|||
assertEquals(2, PGPainless.inspectKeyRing(secretKeys).getEncryptionSubkeys(EncryptionPurpose.ANY).size());
|
||||
|
||||
// reset default policy
|
||||
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
|
||||
PGPainless.getPolicy().setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -56,7 +56,7 @@ public class PolicyTest {
|
|||
policy.setRevocationSignatureHashAlgorithmPolicy(new Policy.HashAlgorithmPolicy(HashAlgorithm.SHA512,
|
||||
revHashAlgoMap));
|
||||
|
||||
policy.setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.defaultPublicKeyAlgorithmPolicy());
|
||||
policy.setPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
Loading…
Reference in a new issue