diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java b/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java index 630f4611..7b75e084 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java @@ -15,20 +15,30 @@ */ package org.pgpainless.key.util; +import java.io.IOException; import java.util.ArrayList; +import java.util.Arrays; import java.util.Iterator; import java.util.List; import java.util.NoSuchElementException; +import javax.annotation.Nonnull; + import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPKeyRing; import org.bouncycastle.openpgp.PGPPrivateKey; import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPPublicKeyRing; +import org.bouncycastle.openpgp.PGPPublicKeyRingCollection; import org.bouncycastle.openpgp.PGPSecretKey; import org.bouncycastle.openpgp.PGPSecretKeyRing; +import org.bouncycastle.openpgp.PGPSecretKeyRingCollection; import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.protection.UnlockSecretKey; +import org.pgpainless.util.selection.key.PublicKeySelectionStrategy; +import org.pgpainless.util.selection.key.impl.And; +import org.pgpainless.util.selection.key.impl.KeyBelongsToKeyRing; +import org.pgpainless.util.selection.key.impl.NoRevocation; public class KeyRingUtils { @@ -138,4 +148,53 @@ public class KeyRingUtils { public static PGPPrivateKey unlockSecretKey(PGPSecretKey secretKey, SecretKeyRingProtector protector) throws PGPException { return UnlockSecretKey.unlockSecretKey(secretKey, protector); } + + /* + PGPXxxKeyRing -> PGPXxxKeyRingCollection + */ + public static PGPPublicKeyRingCollection keyRingsToKeyRingCollection(@Nonnull PGPPublicKeyRing... rings) + throws IOException, PGPException { + return new PGPPublicKeyRingCollection(Arrays.asList(rings)); + } + + public static PGPSecretKeyRingCollection keyRingsToKeyRingCollection(@Nonnull PGPSecretKeyRing... rings) + throws IOException, PGPException { + return new PGPSecretKeyRingCollection(Arrays.asList(rings)); + } + + /** + * Remove all keys from the key ring, are either not having a subkey signature from the master key + * (identified by {@code masterKeyId}), or are revoked ("normal" key revocation, as well as subkey revocation). + * + * @param ring key ring + * @param masterKey master key + * @return "cleaned" key ring + */ + public static PGPSecretKeyRing removeUnassociatedKeysFromKeyRing(@Nonnull PGPSecretKeyRing ring, + @Nonnull PGPPublicKey masterKey) { + if (!masterKey.isMasterKey()) { + throw new IllegalArgumentException("Given key is not a master key."); + } + // Only select keys which are signed by the master key and not revoked. + PublicKeySelectionStrategy selector = new And.PubKeySelectionStrategy( + new KeyBelongsToKeyRing.PubkeySelectionStrategy(masterKey), + new NoRevocation.PubKeySelectionStrategy()); + + PGPSecretKeyRing cleaned = ring; + + Iterator secretKeys = ring.getSecretKeys(); + while (secretKeys.hasNext()) { + PGPSecretKey secretKey = secretKeys.next(); + if (!selector.accept(secretKey.getPublicKey())) { + cleaned = PGPSecretKeyRing.removeSecretKey(cleaned, secretKey); + } + } + + return cleaned; + } + + public static boolean keyRingContainsKeyWithId(@Nonnull PGPPublicKeyRing ring, + long keyId) { + return ring.getPublicKey(keyId) != null; + } } diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java b/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java index 8f549c76..2e265537 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java @@ -15,16 +15,22 @@ */ package org.pgpainless.signature; +import java.io.IOException; +import java.io.InputStream; +import java.nio.charset.Charset; import java.util.Date; import java.util.List; import org.bouncycastle.bcpg.sig.KeyExpirationTime; import org.bouncycastle.bcpg.sig.RevocationReason; import org.bouncycastle.bcpg.sig.SignatureExpirationTime; +import org.bouncycastle.openpgp.PGPMarker; +import org.bouncycastle.openpgp.PGPObjectFactory; import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPSecretKey; import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.openpgp.PGPSignatureGenerator; +import org.bouncycastle.openpgp.PGPSignatureList; import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.HashAlgorithm; @@ -34,6 +40,7 @@ import org.pgpainless.key.util.OpenPgpKeyAttributeUtil; import org.pgpainless.key.util.RevocationAttributes; import org.pgpainless.policy.Policy; import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil; +import org.pgpainless.util.BCUtil; /** * Utility methods related to signatures. @@ -167,4 +174,25 @@ public class SignatureUtils { } return RevocationAttributes.Reason.isHardRevocation(reasonSubpacket.getRevocationReason()); } + + /** + * Parse an ASCII encoded list of OpenPGP signatures into a {@link PGPSignatureList}. + * + * @param encodedSignatures ASCII armored signature list + * @return signature list + * @throws IOException if the signatures cannot be read + */ + public static PGPSignatureList readSignatures(String encodedSignatures) throws IOException { + InputStream inputStream = BCUtil.getPgpDecoderInputStream(encodedSignatures.getBytes(Charset.forName("UTF8"))); + PGPObjectFactory objectFactory = new PGPObjectFactory(inputStream, ImplementationFactory.getInstance().getKeyFingerprintCalculator()); + Object next = objectFactory.nextObject(); + while (next != null) { + if (next instanceof PGPMarker) { + next = objectFactory.nextObject(); + continue; + } + return (PGPSignatureList) next; + } + return null; + } } diff --git a/pgpainless-core/src/main/java/org/pgpainless/util/BCUtil.java b/pgpainless-core/src/main/java/org/pgpainless/util/BCUtil.java index 3eab058a..66853f48 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/util/BCUtil.java +++ b/pgpainless-core/src/main/java/org/pgpainless/util/BCUtil.java @@ -16,100 +16,14 @@ package org.pgpainless.util; import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; -import java.nio.charset.Charset; -import java.util.Arrays; -import java.util.Date; -import java.util.HashSet; -import java.util.Iterator; -import java.util.Set; -import java.util.logging.Level; -import java.util.logging.Logger; import javax.annotation.Nonnull; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPKeyRing; -import org.bouncycastle.openpgp.PGPMarker; -import org.bouncycastle.openpgp.PGPObjectFactory; -import org.bouncycastle.openpgp.PGPPublicKey; -import org.bouncycastle.openpgp.PGPPublicKeyRing; -import org.bouncycastle.openpgp.PGPPublicKeyRingCollection; -import org.bouncycastle.openpgp.PGPSecretKey; -import org.bouncycastle.openpgp.PGPSecretKeyRing; -import org.bouncycastle.openpgp.PGPSecretKeyRingCollection; -import org.bouncycastle.openpgp.PGPSignature; -import org.bouncycastle.openpgp.PGPSignatureList; -import org.bouncycastle.openpgp.PGPSignatureSubpacketVector; import org.bouncycastle.openpgp.PGPUtil; -import org.bouncycastle.util.io.Streams; -import org.pgpainless.algorithm.KeyFlag; -import org.pgpainless.implementation.ImplementationFactory; -import org.pgpainless.util.selection.key.PublicKeySelectionStrategy; -import org.pgpainless.util.selection.key.impl.And; -import org.pgpainless.util.selection.key.impl.KeyBelongsToKeyRing; -import org.pgpainless.util.selection.key.impl.NoRevocation; public class BCUtil { - private static final Logger LOGGER = Logger.getLogger(BCUtil.class.getName()); - - public static Date getExpirationDate(Date creationDate, long validSeconds) { - if (validSeconds == 0) { - return null; - } - return new Date(creationDate.getTime() + 1000 * validSeconds); - } - - /* - PGPXxxKeyRing -> PGPXxxKeyRingCollection - */ - public static PGPPublicKeyRingCollection keyRingsToKeyRingCollection(@Nonnull PGPPublicKeyRing... rings) - throws IOException, PGPException { - return new PGPPublicKeyRingCollection(Arrays.asList(rings)); - } - - public static PGPSecretKeyRingCollection keyRingsToKeyRingCollection(@Nonnull PGPSecretKeyRing... rings) - throws IOException, PGPException { - return new PGPSecretKeyRingCollection(Arrays.asList(rings)); - } - - /* - PGPXxxKeyRingCollection -> PGPXxxKeyRing - */ - - public static PGPSecretKeyRing getKeyRingFromCollection(@Nonnull PGPSecretKeyRingCollection collection, - @Nonnull Long id) - throws PGPException { - PGPSecretKeyRing uncleanedRing = collection.getSecretKeyRing(id); - - // Determine ids of signed keys - Set signedKeyIds = new HashSet<>(); - signedKeyIds.add(id); // Add the signing key itself - Iterator signedPubKeys = uncleanedRing.getKeysWithSignaturesBy(id); - while (signedPubKeys.hasNext()) { - signedKeyIds.add(signedPubKeys.next().getKeyID()); - } - - PGPSecretKeyRing cleanedRing = uncleanedRing; - Iterator secretKeys = uncleanedRing.getSecretKeys(); - while (secretKeys.hasNext()) { - PGPSecretKey secretKey = secretKeys.next(); - if (!signedKeyIds.contains(secretKey.getKeyID())) { - cleanedRing = PGPSecretKeyRing.removeSecretKey(cleanedRing, secretKey); - } - } - return cleanedRing; - } - - public static PGPPublicKeyRing getKeyRingFromCollection(@Nonnull PGPPublicKeyRingCollection collection, - @Nonnull Long id) - throws PGPException { - PGPPublicKey key = collection.getPublicKey(id); - return removeUnassociatedKeysFromKeyRing(collection.getPublicKeyRing(id), key); - } - public static InputStream getPgpDecoderInputStream(@Nonnull byte[] bytes) throws IOException { return getPgpDecoderInputStream(new ByteArrayInputStream(bytes)); @@ -120,163 +34,4 @@ public class BCUtil { return PGPUtil.getDecoderStream(inputStream); } - public static byte[] getDecodedBytes(@Nonnull byte[] bytes) - throws IOException { - ByteArrayOutputStream buffer = new ByteArrayOutputStream(); - Streams.pipeAll(getPgpDecoderInputStream(bytes), buffer); - return buffer.toByteArray(); - } - - public static byte[] getDecodedBytes(@Nonnull InputStream inputStream) - throws IOException { - ByteArrayOutputStream buffer = new ByteArrayOutputStream(); - Streams.pipeAll(inputStream, buffer); - return getDecodedBytes(buffer.toByteArray()); - } - - /** - * Remove all keys from the key ring, are either not having a subkey signature from the master key - * (identified by {@code masterKeyId}), or are revoked ("normal" key revocation, as well as subkey revocation). - * - * @param ring key ring - * @param masterKey master key - * @return "cleaned" key ring - */ - public static PGPPublicKeyRing removeUnassociatedKeysFromKeyRing(@Nonnull PGPPublicKeyRing ring, - @Nonnull PGPPublicKey masterKey) { - if (!masterKey.isMasterKey()) { - throw new IllegalArgumentException("Given key is not a master key."); - } - // Only select keys which are signed by the master key and not revoked. - PublicKeySelectionStrategy selector = new And.PubKeySelectionStrategy( - new KeyBelongsToKeyRing.PubkeySelectionStrategy(masterKey), - new NoRevocation.PubKeySelectionStrategy()); - - PGPPublicKeyRing cleaned = ring; - - Iterator publicKeys = ring.getPublicKeys(); - while (publicKeys.hasNext()) { - PGPPublicKey publicKey = publicKeys.next(); - if (!selector.accept(publicKey)) { - cleaned = PGPPublicKeyRing.removePublicKey(cleaned, publicKey); - } - } - - return cleaned; - } - - /** - * Remove all keys from the key ring, are either not having a subkey signature from the master key - * (identified by {@code masterKeyId}), or are revoked ("normal" key revocation, as well as subkey revocation). - * - * @param ring key ring - * @param masterKey master key - * @return "cleaned" key ring - */ - public static PGPSecretKeyRing removeUnassociatedKeysFromKeyRing(@Nonnull PGPSecretKeyRing ring, - @Nonnull PGPPublicKey masterKey) { - if (!masterKey.isMasterKey()) { - throw new IllegalArgumentException("Given key is not a master key."); - } - // Only select keys which are signed by the master key and not revoked. - PublicKeySelectionStrategy selector = new And.PubKeySelectionStrategy( - new KeyBelongsToKeyRing.PubkeySelectionStrategy(masterKey), - new NoRevocation.PubKeySelectionStrategy()); - - PGPSecretKeyRing cleaned = ring; - - Iterator secretKeys = ring.getSecretKeys(); - while (secretKeys.hasNext()) { - PGPSecretKey secretKey = secretKeys.next(); - if (!selector.accept(secretKey.getPublicKey())) { - cleaned = PGPSecretKeyRing.removeSecretKey(cleaned, secretKey); - } - } - - return cleaned; - } - - public static PGPPublicKey getMasterKeyFrom(@Nonnull PGPKeyRing ring) { - Iterator it = ring.getPublicKeys(); - while (it.hasNext()) { - PGPPublicKey k = it.next(); - if (k.isMasterKey()) { - // There can only be one master key, so we can immediately return - return k; - } - } - return null; - } - - public static Set signingKeyIds(@Nonnull PGPSecretKeyRing ring) { - Set ids = new HashSet<>(); - Iterator it = ring.getPublicKeys(); - while (it.hasNext()) { - PGPPublicKey k = it.next(); - - boolean signingKey = false; - - Iterator sit = k.getSignatures(); - while (sit.hasNext()) { - Object n = sit.next(); - if (!(n instanceof PGPSignature)) { - continue; - } - - PGPSignature s = (PGPSignature) n; - if (!s.hasSubpackets()) { - continue; - } - - try { - s.verifyCertification(ring.getPublicKey(s.getKeyID())); - } catch (PGPException e) { - LOGGER.log(Level.WARNING, "Could not verify signature on " + Long.toHexString(k.getKeyID()) + " made by " + Long.toHexString(s.getKeyID())); - continue; - } - - PGPSignatureSubpacketVector hashed = s.getHashedSubPackets(); - if (KeyFlag.fromBitmask(hashed.getKeyFlags()).contains(KeyFlag.SIGN_DATA)) { - signingKey = true; - break; - } - } - - if (signingKey) { - ids.add(k.getKeyID()); - } - } - return ids; - } - - public static boolean keyRingContainsKeyWithId(@Nonnull PGPPublicKeyRing ring, - long keyId) { - return ring.getPublicKey(keyId) != null; - } - - public static boolean keyRingContainsKeyWithId(@Nonnull PGPSecretKeyRing ring, - long keyId) { - return ring.getSecretKey(keyId) != null; - } - - /** - * Parse an ASCII encoded list of OpenPGP signatures into a {@link PGPSignatureList}. - * - * @param encodedSignatures ASCII armored signature list - * @return signature list - * @throws IOException if the signatures cannot be read - */ - public static PGPSignatureList readSignatures(String encodedSignatures) throws IOException { - InputStream inputStream = getPgpDecoderInputStream(encodedSignatures.getBytes(Charset.forName("UTF8"))); - PGPObjectFactory objectFactory = new PGPObjectFactory(inputStream, ImplementationFactory.getInstance().getKeyFingerprintCalculator()); - Object next = objectFactory.nextObject(); - while (next != null) { - if (next instanceof PGPMarker) { - next = objectFactory.nextObject(); - continue; - } - return (PGPSignatureList) next; - } - return null; - } } diff --git a/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java b/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java index b2938501..84a61da1 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java @@ -58,7 +58,6 @@ import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.protection.UnprotectedKeysProtector; import org.pgpainless.key.util.KeyRingUtils; import org.pgpainless.util.ArmoredOutputStreamFactory; -import org.pgpainless.util.BCUtil; public class EncryptDecryptTest { @@ -169,7 +168,7 @@ public class EncryptDecryptTest { assertFalse(encryptionResult.getRecipients().isEmpty()); for (SubkeyIdentifier encryptionKey : encryptionResult.getRecipients()) { - assertTrue(BCUtil.keyRingContainsKeyWithId(recipientPub, encryptionKey.getKeyId())); + assertTrue(KeyRingUtils.keyRingContainsKeyWithId(recipientPub, encryptionKey.getKeyId())); } assertEquals(SymmetricKeyAlgorithm.AES_256, encryptionResult.getSymmetricKeyAlgorithm()); @@ -179,8 +178,8 @@ public class EncryptDecryptTest { ByteArrayInputStream envelopeIn = new ByteArrayInputStream(encryptedSecretMessage); DecryptionStream decryptor = PGPainless.decryptAndOrVerify() .onInputStream(envelopeIn) - .decryptWith(keyDecryptor, BCUtil.keyRingsToKeyRingCollection(recipientSec)) - .verifyWith(BCUtil.keyRingsToKeyRingCollection(senderPub)) + .decryptWith(keyDecryptor, KeyRingUtils.keyRingsToKeyRingCollection(recipientSec)) + .verifyWith(KeyRingUtils.keyRingsToKeyRingCollection(senderPub)) .ignoreMissingPublicKeys() .build(); diff --git a/pgpainless-core/src/test/java/org/pgpainless/signature/BindingSignatureSubpacketsTest.java b/pgpainless-core/src/test/java/org/pgpainless/signature/BindingSignatureSubpacketsTest.java index 501837fd..924b2c53 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/signature/BindingSignatureSubpacketsTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/signature/BindingSignatureSubpacketsTest.java @@ -30,7 +30,6 @@ import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; import org.pgpainless.exception.SignatureValidationException; import org.pgpainless.policy.Policy; -import org.pgpainless.util.BCUtil; /** * Explores how subpackets on binding sigs are handled. @@ -1918,7 +1917,7 @@ public class BindingSignatureSubpacketsTest { private void expectSignatureValidationSucceeds(String key, String message) throws IOException { PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key); - PGPSignature signature = BCUtil.readSignatures(sig).get(0); + PGPSignature signature = SignatureUtils.readSignatures(sig).get(0); try { SignatureChainValidator.validateSignatureChain(signature, getSignedData(data), publicKeys, policy, validationDate); @@ -1932,7 +1931,7 @@ public class BindingSignatureSubpacketsTest { private void expectSignatureValidationFails(String key, String message) throws IOException { PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key); - PGPSignature signature = BCUtil.readSignatures(sig).get(0); + PGPSignature signature = SignatureUtils.readSignatures(sig).get(0); assertThrows(SignatureValidationException.class, () -> SignatureChainValidator.validateSignatureChain( diff --git a/pgpainless-core/src/test/java/org/pgpainless/signature/IgnoreMarkerPackets.java b/pgpainless-core/src/test/java/org/pgpainless/signature/IgnoreMarkerPackets.java index e5bcb724..2baa74a8 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/signature/IgnoreMarkerPackets.java +++ b/pgpainless-core/src/test/java/org/pgpainless/signature/IgnoreMarkerPackets.java @@ -38,7 +38,6 @@ import org.pgpainless.decryption_verification.OpenPgpMetadata; import org.pgpainless.key.OpenPgpV4Fingerprint; import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.util.KeyRingUtils; -import org.pgpainless.util.BCUtil; /** * Test if marker packets are being ignored properly. @@ -151,7 +150,7 @@ public class IgnoreMarkerPackets { PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(KEY); PGPPublicKeyRing publicKeys = KeyRingUtils.publicKeyRingFrom(secretKeys); String data = "Marker + Detached signature"; - PGPSignature signature = BCUtil.readSignatures(sig).get(0); + PGPSignature signature = SignatureUtils.readSignatures(sig).get(0); DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify().onInputStream(new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8))) .doNotDecrypt() diff --git a/pgpainless-core/src/test/java/org/pgpainless/signature/KeyRevocationTest.java b/pgpainless-core/src/test/java/org/pgpainless/signature/KeyRevocationTest.java index 1bf1a7c5..a3bc1f1f 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/signature/KeyRevocationTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/signature/KeyRevocationTest.java @@ -27,7 +27,6 @@ import org.bouncycastle.openpgp.PGPSignature; import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; import org.pgpainless.exception.SignatureValidationException; -import org.pgpainless.util.BCUtil; public class KeyRevocationTest { @@ -154,10 +153,10 @@ public class KeyRevocationTest { "-----END PGP ARMORED FILE-----\n"; PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key); - PGPSignature t0 = BCUtil.readSignatures(sigT0).get(0); - PGPSignature t1t2 = BCUtil.readSignatures(sigT1T2).get(0); - PGPSignature t2t3 = BCUtil.readSignatures(sigT2T3).get(0); - PGPSignature t3now = BCUtil.readSignatures(sigT3Now).get(0); + PGPSignature t0 = SignatureUtils.readSignatures(sigT0).get(0); + PGPSignature t1t2 = SignatureUtils.readSignatures(sigT1T2).get(0); + PGPSignature t2t3 = SignatureUtils.readSignatures(sigT2T3).get(0); + PGPSignature t3now = SignatureUtils.readSignatures(sigT3Now).get(0); assertThrows(SignatureValidationException.class, () -> SignatureChainValidator.validateSignatureChain(t0, new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)), @@ -257,7 +256,7 @@ public class KeyRevocationTest { "-----END PGP ARMORED FILE-----\n"; PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key); - PGPSignature signature = BCUtil.readSignatures(sig).get(0); + PGPSignature signature = SignatureUtils.readSignatures(sig).get(0); SignatureChainValidator.validateSignatureChain(signature, new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)), diff --git a/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureChainValidatorTest.java b/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureChainValidatorTest.java index c42dfec9..a527e154 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureChainValidatorTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureChainValidatorTest.java @@ -30,7 +30,6 @@ import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; import org.pgpainless.exception.SignatureValidationException; import org.pgpainless.policy.Policy; -import org.pgpainless.util.BCUtil; public class SignatureChainValidatorTest { @@ -161,10 +160,10 @@ public class SignatureChainValidatorTest { "-----END PGP ARMORED FILE-----\n"; PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key); - PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0); - PGPSignature unboundSubkey = BCUtil.readSignatures(sigSubkeyNotBound).get(0); - PGPSignature primaryKeyRevoked = BCUtil.readSignatures(sigPrimaryKeyRevoked).get(0); - PGPSignature primaryKeyRevalidated = BCUtil.readSignatures(sigPrimaryKeyRevalidated).get(0); + PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0); + PGPSignature unboundSubkey = SignatureUtils.readSignatures(sigSubkeyNotBound).get(0); + PGPSignature primaryKeyRevoked = SignatureUtils.readSignatures(sigPrimaryKeyRevoked).get(0); + PGPSignature primaryKeyRevalidated = SignatureUtils.readSignatures(sigPrimaryKeyRevalidated).get(0); Policy policy = PGPainless.getPolicy(); Date validationDate = new Date(); @@ -310,10 +309,10 @@ public class SignatureChainValidatorTest { "-----END PGP ARMORED FILE-----\n"; PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key); - PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0); - PGPSignature unboundSubkey = BCUtil.readSignatures(sigSigningKeyUnbound).get(0); - PGPSignature revokedSubkey = BCUtil.readSignatures(sigSubkeyRevoked).get(0); - PGPSignature revalidatedSubkey = BCUtil.readSignatures(sigSubkeyRevalidated).get(0); + PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0); + PGPSignature unboundSubkey = SignatureUtils.readSignatures(sigSigningKeyUnbound).get(0); + PGPSignature revokedSubkey = SignatureUtils.readSignatures(sigSubkeyRevoked).get(0); + PGPSignature revalidatedSubkey = SignatureUtils.readSignatures(sigSubkeyRevalidated).get(0); Policy policy = PGPainless.getPolicy(); Date validationDate = new Date(); @@ -460,10 +459,10 @@ public class SignatureChainValidatorTest { "=lkHs\n" + "-----END PGP ARMORED FILE-----\n"; - PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0); - PGPSignature unboundKey = BCUtil.readSignatures(sigUnboundBeforeHardRevocation).get(0); - PGPSignature afterHardRevocation = BCUtil.readSignatures(sigAfterHardRevocation).get(0); - PGPSignature afterRevalidation = BCUtil.readSignatures(sigAfterRevalidation).get(0); + PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0); + PGPSignature unboundKey = SignatureUtils.readSignatures(sigUnboundBeforeHardRevocation).get(0); + PGPSignature afterHardRevocation = SignatureUtils.readSignatures(sigAfterHardRevocation).get(0); + PGPSignature afterRevalidation = SignatureUtils.readSignatures(sigAfterRevalidation).get(0); Policy policy = PGPainless.getPolicy(); Date validationDate = new Date(); @@ -610,10 +609,10 @@ public class SignatureChainValidatorTest { "-----END PGP ARMORED FILE-----\n"; PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(keyWithSoftRev); - PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0); - PGPSignature keyIsValid = BCUtil.readSignatures(sigKeyIsValid).get(0); - PGPSignature keyIsRevoked = BCUtil.readSignatures(sigKeyIsRevoked).get(0); - PGPSignature keyIsRevalidated = BCUtil.readSignatures(sigKeyIsRevalidated).get(0); + PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0); + PGPSignature keyIsValid = SignatureUtils.readSignatures(sigKeyIsValid).get(0); + PGPSignature keyIsRevoked = SignatureUtils.readSignatures(sigKeyIsRevoked).get(0); + PGPSignature keyIsRevalidated = SignatureUtils.readSignatures(sigKeyIsRevalidated).get(0); Policy policy = PGPainless.getPolicy(); String data = "Hello, World"; @@ -765,10 +764,10 @@ public class SignatureChainValidatorTest { "-----END PGP ARMORED FILE-----\n"; PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key); - PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0); - PGPSignature keyNotBound = BCUtil.readSignatures(sigSubkeyNotBound).get(0); - PGPSignature keyRevoked = BCUtil.readSignatures(sigKeyRevoked).get(0); - PGPSignature valid = BCUtil.readSignatures(sigKeyValid).get(0); + PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0); + PGPSignature keyNotBound = SignatureUtils.readSignatures(sigSubkeyNotBound).get(0); + PGPSignature keyRevoked = SignatureUtils.readSignatures(sigKeyRevoked).get(0); + PGPSignature valid = SignatureUtils.readSignatures(sigKeyValid).get(0); Policy policy = PGPainless.getPolicy(); String data = "Hello, World"; @@ -916,10 +915,10 @@ public class SignatureChainValidatorTest { "-----END PGP ARMORED FILE-----\n"; PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key); - PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0); - PGPSignature valid = BCUtil.readSignatures(sigValid).get(0); - PGPSignature revoked = BCUtil.readSignatures(sigRevoked).get(0); - PGPSignature revalidated = BCUtil.readSignatures(sigReLegitimized).get(0); + PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0); + PGPSignature valid = SignatureUtils.readSignatures(sigValid).get(0); + PGPSignature revoked = SignatureUtils.readSignatures(sigRevoked).get(0); + PGPSignature revalidated = SignatureUtils.readSignatures(sigReLegitimized).get(0); Policy policy = PGPainless.getPolicy(); Date validationDate = new Date(); @@ -1246,18 +1245,18 @@ public class SignatureChainValidatorTest { PGPPublicKeyRing keysB = PGPainless.readKeyRing().publicKeyRing(keyB); PGPPublicKeyRing keysC = PGPainless.readKeyRing().publicKeyRing(keyC); - PGPSignature sigAT0 = BCUtil.readSignatures(keyASigT0).get(0); - PGPSignature sigAT1_T2 = BCUtil.readSignatures(keyASigT1_T2).get(0); - PGPSignature sigAT2_T3 = BCUtil.readSignatures(keyASigT2_T3).get(0); - PGPSignature sigAT3_now = BCUtil.readSignatures(keyASigT3_now).get(0); - PGPSignature sigBT0 = BCUtil.readSignatures(keyBSigT0).get(0); - PGPSignature sigBT1_T2 = BCUtil.readSignatures(keyBSigT1_T2).get(0); - PGPSignature sigBT2_T3 = BCUtil.readSignatures(keyBSigT2_T3).get(0); - PGPSignature sigBT3_now = BCUtil.readSignatures(keyBSigT3_now).get(0); - PGPSignature sigCT0 = BCUtil.readSignatures(keyCSigT0).get(0); - PGPSignature sigCT1_T2 = BCUtil.readSignatures(keyCSigT1_T2).get(0); - PGPSignature sigCT2_T3 = BCUtil.readSignatures(keyCSigT2_T3).get(0); - PGPSignature sigCT3_now = BCUtil.readSignatures(keyCSigT3_now).get(0); + PGPSignature sigAT0 = SignatureUtils.readSignatures(keyASigT0).get(0); + PGPSignature sigAT1_T2 = SignatureUtils.readSignatures(keyASigT1_T2).get(0); + PGPSignature sigAT2_T3 = SignatureUtils.readSignatures(keyASigT2_T3).get(0); + PGPSignature sigAT3_now = SignatureUtils.readSignatures(keyASigT3_now).get(0); + PGPSignature sigBT0 = SignatureUtils.readSignatures(keyBSigT0).get(0); + PGPSignature sigBT1_T2 = SignatureUtils.readSignatures(keyBSigT1_T2).get(0); + PGPSignature sigBT2_T3 = SignatureUtils.readSignatures(keyBSigT2_T3).get(0); + PGPSignature sigBT3_now = SignatureUtils.readSignatures(keyBSigT3_now).get(0); + PGPSignature sigCT0 = SignatureUtils.readSignatures(keyCSigT0).get(0); + PGPSignature sigCT1_T2 = SignatureUtils.readSignatures(keyCSigT1_T2).get(0); + PGPSignature sigCT2_T3 = SignatureUtils.readSignatures(keyCSigT2_T3).get(0); + PGPSignature sigCT3_now = SignatureUtils.readSignatures(keyCSigT3_now).get(0); Policy policy = PGPainless.getPolicy(); Date validationDate = new Date(); diff --git a/pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java b/pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java index 7553a36e..69887b8d 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java @@ -36,8 +36,6 @@ import org.bouncycastle.openpgp.PGPSecretKeyRingCollection; import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.KeyFlag; -import org.pgpainless.key.OpenPgpV4Fingerprint; -import org.pgpainless.key.TestKeys; import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.rsa.RsaLength; @@ -83,7 +81,7 @@ public class BCUtilTest { assertEquals(secSize, pubSize); - PGPSecretKeyRingCollection secCol = BCUtil.keyRingsToKeyRingCollection(sec); + PGPSecretKeyRingCollection secCol = KeyRingUtils.keyRingsToKeyRingCollection(sec); int secColSize = 0; Iterator secColIt = secCol.getKeyRings(); @@ -95,7 +93,7 @@ public class BCUtilTest { LOGGER.log(Level.FINER, "SecCol: " + secColSize); - PGPPublicKeyRingCollection pubCol = BCUtil.keyRingsToKeyRingCollection(pub); + PGPPublicKeyRingCollection pubCol = KeyRingUtils.keyRingsToKeyRingCollection(pub); int pubColSize = 0; Iterator pubColIt = pubCol.getKeyRings(); @@ -132,17 +130,7 @@ public class BCUtilTest { // Check, if alice_mallory contains mallory's key assertNotNull(alice_mallory.getSecretKey(subKey.getKeyID())); - PGPSecretKeyRing cleaned = BCUtil.removeUnassociatedKeysFromKeyRing(alice_mallory, alice.getPublicKey()); + PGPSecretKeyRing cleaned = KeyRingUtils.removeUnassociatedKeysFromKeyRing(alice_mallory, alice.getPublicKey()); assertNull(cleaned.getSecretKey(subKey.getKeyID())); } - - @Test - public void getMasterKeyFromRingTest() throws IOException, PGPException { - PGPSecretKeyRing secretKeys = TestKeys.getCryptieSecretKeyRing(); - - PGPPublicKey primaryKey = BCUtil.getMasterKeyFrom(secretKeys); - - assertNotNull(primaryKey); - assertEquals(TestKeys.CRYPTIE_FINGERPRINT, new OpenPgpV4Fingerprint(primaryKey)); - } }