PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-01-09 19:57:57 +01:00
Code Issues Releases Wiki Activity

Clean up BCUtils class

Browse source
This commit is contained in:
Paul Schaub 2021-05-29 12:43:31 +02:00
parent 13c7572c8c
commit 1a5baa0fa4
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
9 changed files with 137 additions and 312 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java
View file

@ -15,20 +15,30 @@
*/
package org.pgpainless.key.util;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.NoSuchElementException;
import javax.annotation.Nonnull;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyRing;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.protection.UnlockSecretKey;
import org.pgpainless.util.selection.key.PublicKeySelectionStrategy;
import org.pgpainless.util.selection.key.impl.And;
import org.pgpainless.util.selection.key.impl.KeyBelongsToKeyRing;
import org.pgpainless.util.selection.key.impl.NoRevocation;
public class KeyRingUtils {
@ -138,4 +148,53 @@ public class KeyRingUtils {
public static PGPPrivateKey unlockSecretKey(PGPSecretKey secretKey, SecretKeyRingProtector protector) throws PGPException {
return UnlockSecretKey.unlockSecretKey(secretKey, protector);
}
/*
PGPXxxKeyRing -> PGPXxxKeyRingCollection
*/
public static PGPPublicKeyRingCollection keyRingsToKeyRingCollection(@Nonnull PGPPublicKeyRing... rings)
throws IOException, PGPException {
return new PGPPublicKeyRingCollection(Arrays.asList(rings));
}
public static PGPSecretKeyRingCollection keyRingsToKeyRingCollection(@Nonnull PGPSecretKeyRing... rings)
throws IOException, PGPException {
return new PGPSecretKeyRingCollection(Arrays.asList(rings));
}
/**
* Remove all keys from the key ring, are either not having a subkey signature from the master key
* (identified by {@code masterKeyId}), or are revoked ("normal" key revocation, as well as subkey revocation).
*
* @param ring key ring
* @param masterKey master key
* @return "cleaned" key ring
*/
public static PGPSecretKeyRing removeUnassociatedKeysFromKeyRing(@Nonnull PGPSecretKeyRing ring,
@Nonnull PGPPublicKey masterKey) {
if (!masterKey.isMasterKey()) {
throw new IllegalArgumentException("Given key is not a master key.");
}
// Only select keys which are signed by the master key and not revoked.
PublicKeySelectionStrategy selector = new And.PubKeySelectionStrategy(
new KeyBelongsToKeyRing.PubkeySelectionStrategy(masterKey),
new NoRevocation.PubKeySelectionStrategy());
PGPSecretKeyRing cleaned = ring;
Iterator<PGPSecretKey> secretKeys = ring.getSecretKeys();
while (secretKeys.hasNext()) {
PGPSecretKey secretKey = secretKeys.next();
if (!selector.accept(secretKey.getPublicKey())) {
cleaned = PGPSecretKeyRing.removeSecretKey(cleaned, secretKey);
}
}
return cleaned;
}
public static boolean keyRingContainsKeyWithId(@Nonnull PGPPublicKeyRing ring,
long keyId) {
return ring.getPublicKey(keyId) != null;
}
}

28
pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java
View file

@ -15,16 +15,22 @@
*/
package org.pgpainless.signature;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.util.Date;
import java.util.List;
import org.bouncycastle.bcpg.sig.KeyExpirationTime;
import org.bouncycastle.bcpg.sig.RevocationReason;
import org.bouncycastle.bcpg.sig.SignatureExpirationTime;
import org.bouncycastle.openpgp.PGPMarker;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.PGPSignatureList;
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.HashAlgorithm;
@ -34,6 +40,7 @@ import org.pgpainless.key.util.OpenPgpKeyAttributeUtil;
import org.pgpainless.key.util.RevocationAttributes;
import org.pgpainless.policy.Policy;
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
import org.pgpainless.util.BCUtil;
/**
* Utility methods related to signatures.
@ -167,4 +174,25 @@ public class SignatureUtils {
}
return RevocationAttributes.Reason.isHardRevocation(reasonSubpacket.getRevocationReason());
}
/**
* Parse an ASCII encoded list of OpenPGP signatures into a {@link PGPSignatureList}.
*
* @param encodedSignatures ASCII armored signature list
* @return signature list
* @throws IOException if the signatures cannot be read
*/
public static PGPSignatureList readSignatures(String encodedSignatures) throws IOException {
InputStream inputStream = BCUtil.getPgpDecoderInputStream(encodedSignatures.getBytes(Charset.forName("UTF8")));
PGPObjectFactory objectFactory = new PGPObjectFactory(inputStream, ImplementationFactory.getInstance().getKeyFingerprintCalculator());
Object next = objectFactory.nextObject();
while (next != null) {
if (next instanceof PGPMarker) {
next = objectFactory.nextObject();
continue;
}
return (PGPSignatureList) next;
}
return null;
}
}

245
pgpainless-core/src/main/java/org/pgpainless/util/BCUtil.java
View file

@ -16,100 +16,14 @@
package org.pgpainless.util;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyRing;
import org.bouncycastle.openpgp.PGPMarker;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureList;
import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
import org.bouncycastle.openpgp.PGPUtil;
import org.bouncycastle.util.io.Streams;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.util.selection.key.PublicKeySelectionStrategy;
import org.pgpainless.util.selection.key.impl.And;
import org.pgpainless.util.selection.key.impl.KeyBelongsToKeyRing;
import org.pgpainless.util.selection.key.impl.NoRevocation;
public class BCUtil {
private static final Logger LOGGER = Logger.getLogger(BCUtil.class.getName());
public static Date getExpirationDate(Date creationDate, long validSeconds) {
if (validSeconds == 0) {
return null;
}
return new Date(creationDate.getTime() + 1000 * validSeconds);
}
/*
PGPXxxKeyRing -> PGPXxxKeyRingCollection
*/
public static PGPPublicKeyRingCollection keyRingsToKeyRingCollection(@Nonnull PGPPublicKeyRing... rings)
throws IOException, PGPException {
return new PGPPublicKeyRingCollection(Arrays.asList(rings));
}
public static PGPSecretKeyRingCollection keyRingsToKeyRingCollection(@Nonnull PGPSecretKeyRing... rings)
throws IOException, PGPException {
return new PGPSecretKeyRingCollection(Arrays.asList(rings));
}
/*
PGPXxxKeyRingCollection -> PGPXxxKeyRing
*/
public static PGPSecretKeyRing getKeyRingFromCollection(@Nonnull PGPSecretKeyRingCollection collection,
@Nonnull Long id)
throws PGPException {
PGPSecretKeyRing uncleanedRing = collection.getSecretKeyRing(id);
// Determine ids of signed keys
Set<Long> signedKeyIds = new HashSet<>();
signedKeyIds.add(id); // Add the signing key itself
Iterator<PGPPublicKey> signedPubKeys = uncleanedRing.getKeysWithSignaturesBy(id);
while (signedPubKeys.hasNext()) {
signedKeyIds.add(signedPubKeys.next().getKeyID());
}
PGPSecretKeyRing cleanedRing = uncleanedRing;
Iterator<PGPSecretKey> secretKeys = uncleanedRing.getSecretKeys();
while (secretKeys.hasNext()) {
PGPSecretKey secretKey = secretKeys.next();
if (!signedKeyIds.contains(secretKey.getKeyID())) {
cleanedRing = PGPSecretKeyRing.removeSecretKey(cleanedRing, secretKey);
}
}
return cleanedRing;
}
public static PGPPublicKeyRing getKeyRingFromCollection(@Nonnull PGPPublicKeyRingCollection collection,
@Nonnull Long id)
throws PGPException {
PGPPublicKey key = collection.getPublicKey(id);
return removeUnassociatedKeysFromKeyRing(collection.getPublicKeyRing(id), key);
}
public static InputStream getPgpDecoderInputStream(@Nonnull byte[] bytes)
throws IOException {
return getPgpDecoderInputStream(new ByteArrayInputStream(bytes));
@ -120,163 +34,4 @@ public class BCUtil {
return PGPUtil.getDecoderStream(inputStream);
}
public static byte[] getDecodedBytes(@Nonnull byte[] bytes)
throws IOException {
ByteArrayOutputStream buffer = new ByteArrayOutputStream();
Streams.pipeAll(getPgpDecoderInputStream(bytes), buffer);
return buffer.toByteArray();
}
public static byte[] getDecodedBytes(@Nonnull InputStream inputStream)
throws IOException {
ByteArrayOutputStream buffer = new ByteArrayOutputStream();
Streams.pipeAll(inputStream, buffer);
return getDecodedBytes(buffer.toByteArray());
}
/**
* Remove all keys from the key ring, are either not having a subkey signature from the master key
* (identified by {@code masterKeyId}), or are revoked ("normal" key revocation, as well as subkey revocation).
*
* @param ring key ring
* @param masterKey master key
* @return "cleaned" key ring
*/
public static PGPPublicKeyRing removeUnassociatedKeysFromKeyRing(@Nonnull PGPPublicKeyRing ring,
@Nonnull PGPPublicKey masterKey) {
if (!masterKey.isMasterKey()) {
throw new IllegalArgumentException("Given key is not a master key.");
}
// Only select keys which are signed by the master key and not revoked.
PublicKeySelectionStrategy selector = new And.PubKeySelectionStrategy(
new KeyBelongsToKeyRing.PubkeySelectionStrategy(masterKey),
new NoRevocation.PubKeySelectionStrategy());
PGPPublicKeyRing cleaned = ring;
Iterator<PGPPublicKey> publicKeys = ring.getPublicKeys();
while (publicKeys.hasNext()) {
PGPPublicKey publicKey = publicKeys.next();
if (!selector.accept(publicKey)) {
cleaned = PGPPublicKeyRing.removePublicKey(cleaned, publicKey);
}
}
return cleaned;
}
/**
* Remove all keys from the key ring, are either not having a subkey signature from the master key
* (identified by {@code masterKeyId}), or are revoked ("normal" key revocation, as well as subkey revocation).
*
* @param ring key ring
* @param masterKey master key
* @return "cleaned" key ring
*/
public static PGPSecretKeyRing removeUnassociatedKeysFromKeyRing(@Nonnull PGPSecretKeyRing ring,
@Nonnull PGPPublicKey masterKey) {
if (!masterKey.isMasterKey()) {
throw new IllegalArgumentException("Given key is not a master key.");
}
// Only select keys which are signed by the master key and not revoked.
PublicKeySelectionStrategy selector = new And.PubKeySelectionStrategy(
new KeyBelongsToKeyRing.PubkeySelectionStrategy(masterKey),
new NoRevocation.PubKeySelectionStrategy());
PGPSecretKeyRing cleaned = ring;
Iterator<PGPSecretKey> secretKeys = ring.getSecretKeys();
while (secretKeys.hasNext()) {
PGPSecretKey secretKey = secretKeys.next();
if (!selector.accept(secretKey.getPublicKey())) {
cleaned = PGPSecretKeyRing.removeSecretKey(cleaned, secretKey);
}
}
return cleaned;
}
public static PGPPublicKey getMasterKeyFrom(@Nonnull PGPKeyRing ring) {
Iterator<PGPPublicKey> it = ring.getPublicKeys();
while (it.hasNext()) {
PGPPublicKey k = it.next();
if (k.isMasterKey()) {
// There can only be one master key, so we can immediately return
return k;
}
}
return null;
}
public static Set<Long> signingKeyIds(@Nonnull PGPSecretKeyRing ring) {
Set<Long> ids = new HashSet<>();
Iterator<PGPPublicKey> it = ring.getPublicKeys();
while (it.hasNext()) {
PGPPublicKey k = it.next();
boolean signingKey = false;
Iterator<?> sit = k.getSignatures();
while (sit.hasNext()) {
Object n = sit.next();
if (!(n instanceof PGPSignature)) {
continue;
}
PGPSignature s = (PGPSignature) n;
if (!s.hasSubpackets()) {
continue;
}
try {
s.verifyCertification(ring.getPublicKey(s.getKeyID()));
} catch (PGPException e) {
LOGGER.log(Level.WARNING, "Could not verify signature on " + Long.toHexString(k.getKeyID()) + " made by " + Long.toHexString(s.getKeyID()));
continue;
}
PGPSignatureSubpacketVector hashed = s.getHashedSubPackets();
if (KeyFlag.fromBitmask(hashed.getKeyFlags()).contains(KeyFlag.SIGN_DATA)) {
signingKey = true;
break;
}
}
if (signingKey) {
ids.add(k.getKeyID());
}
}
return ids;
}
public static boolean keyRingContainsKeyWithId(@Nonnull PGPPublicKeyRing ring,
long keyId) {
return ring.getPublicKey(keyId) != null;
}
public static boolean keyRingContainsKeyWithId(@Nonnull PGPSecretKeyRing ring,
long keyId) {
return ring.getSecretKey(keyId) != null;
}
/**
* Parse an ASCII encoded list of OpenPGP signatures into a {@link PGPSignatureList}.
*
* @param encodedSignatures ASCII armored signature list
* @return signature list
* @throws IOException if the signatures cannot be read
*/
public static PGPSignatureList readSignatures(String encodedSignatures) throws IOException {
InputStream inputStream = getPgpDecoderInputStream(encodedSignatures.getBytes(Charset.forName("UTF8")));
PGPObjectFactory objectFactory = new PGPObjectFactory(inputStream, ImplementationFactory.getInstance().getKeyFingerprintCalculator());
Object next = objectFactory.nextObject();
while (next != null) {
if (next instanceof PGPMarker) {
next = objectFactory.nextObject();
continue;
}
return (PGPSignatureList) next;
}
return null;
}
}

7
pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java
View file

@ -58,7 +58,6 @@ import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.protection.UnprotectedKeysProtector;
import org.pgpainless.key.util.KeyRingUtils;
import org.pgpainless.util.ArmoredOutputStreamFactory;
import org.pgpainless.util.BCUtil;
public class EncryptDecryptTest {
@ -169,7 +168,7 @@ public class EncryptDecryptTest {
assertFalse(encryptionResult.getRecipients().isEmpty());
for (SubkeyIdentifier encryptionKey : encryptionResult.getRecipients()) {
assertTrue(BCUtil.keyRingContainsKeyWithId(recipientPub, encryptionKey.getKeyId()));
assertTrue(KeyRingUtils.keyRingContainsKeyWithId(recipientPub, encryptionKey.getKeyId()));
}
assertEquals(SymmetricKeyAlgorithm.AES_256, encryptionResult.getSymmetricKeyAlgorithm());
@ -179,8 +178,8 @@ public class EncryptDecryptTest {
ByteArrayInputStream envelopeIn = new ByteArrayInputStream(encryptedSecretMessage);
DecryptionStream decryptor = PGPainless.decryptAndOrVerify()
.onInputStream(envelopeIn)
.decryptWith(keyDecryptor, BCUtil.keyRingsToKeyRingCollection(recipientSec))
.verifyWith(BCUtil.keyRingsToKeyRingCollection(senderPub))
.decryptWith(keyDecryptor, KeyRingUtils.keyRingsToKeyRingCollection(recipientSec))
.verifyWith(KeyRingUtils.keyRingsToKeyRingCollection(senderPub))
.ignoreMissingPublicKeys()
.build();

5
pgpainless-core/src/test/java/org/pgpainless/signature/BindingSignatureSubpacketsTest.java
View file

@ -30,7 +30,6 @@ import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.exception.SignatureValidationException;
import org.pgpainless.policy.Policy;
import org.pgpainless.util.BCUtil;
/**
* Explores how subpackets on binding sigs are handled.
@ -1918,7 +1917,7 @@ public class BindingSignatureSubpacketsTest {
private void expectSignatureValidationSucceeds(String key, String message) throws IOException {
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
PGPSignature signature = BCUtil.readSignatures(sig).get(0);
PGPSignature signature = SignatureUtils.readSignatures(sig).get(0);
try {
SignatureChainValidator.validateSignatureChain(signature, getSignedData(data), publicKeys, policy, validationDate);
@ -1932,7 +1931,7 @@ public class BindingSignatureSubpacketsTest {
private void expectSignatureValidationFails(String key, String message) throws IOException {
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
PGPSignature signature = BCUtil.readSignatures(sig).get(0);
PGPSignature signature = SignatureUtils.readSignatures(sig).get(0);
assertThrows(SignatureValidationException.class, () ->
SignatureChainValidator.validateSignatureChain(

3
pgpainless-core/src/test/java/org/pgpainless/signature/IgnoreMarkerPackets.java
View file

@ -38,7 +38,6 @@ import org.pgpainless.decryption_verification.OpenPgpMetadata;
import org.pgpainless.key.OpenPgpV4Fingerprint;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.util.KeyRingUtils;
import org.pgpainless.util.BCUtil;
/**
* Test if marker packets are being ignored properly.
@ -151,7 +150,7 @@ public class IgnoreMarkerPackets {
PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(KEY);
PGPPublicKeyRing publicKeys = KeyRingUtils.publicKeyRingFrom(secretKeys);
String data = "Marker + Detached signature";
PGPSignature signature = BCUtil.readSignatures(sig).get(0);
PGPSignature signature = SignatureUtils.readSignatures(sig).get(0);
DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify().onInputStream(new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)))
.doNotDecrypt()

11
pgpainless-core/src/test/java/org/pgpainless/signature/KeyRevocationTest.java
View file

@ -27,7 +27,6 @@ import org.bouncycastle.openpgp.PGPSignature;
import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.exception.SignatureValidationException;
import org.pgpainless.util.BCUtil;
public class KeyRevocationTest {
@ -154,10 +153,10 @@ public class KeyRevocationTest {
"-----END PGP ARMORED FILE-----\n";
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
PGPSignature t0 = BCUtil.readSignatures(sigT0).get(0);
PGPSignature t1t2 = BCUtil.readSignatures(sigT1T2).get(0);
PGPSignature t2t3 = BCUtil.readSignatures(sigT2T3).get(0);
PGPSignature t3now = BCUtil.readSignatures(sigT3Now).get(0);
PGPSignature t0 = SignatureUtils.readSignatures(sigT0).get(0);
PGPSignature t1t2 = SignatureUtils.readSignatures(sigT1T2).get(0);
PGPSignature t2t3 = SignatureUtils.readSignatures(sigT2T3).get(0);
PGPSignature t3now = SignatureUtils.readSignatures(sigT3Now).get(0);
assertThrows(SignatureValidationException.class, () -> SignatureChainValidator.validateSignatureChain(t0,
new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)),
@ -257,7 +256,7 @@ public class KeyRevocationTest {
"-----END PGP ARMORED FILE-----\n";
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
PGPSignature signature = BCUtil.readSignatures(sig).get(0);
PGPSignature signature = SignatureUtils.readSignatures(sig).get(0);
SignatureChainValidator.validateSignatureChain(signature,
new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)),

73
pgpainless-core/src/test/java/org/pgpainless/signature/SignatureChainValidatorTest.java
View file

@ -30,7 +30,6 @@ import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.exception.SignatureValidationException;
import org.pgpainless.policy.Policy;
import org.pgpainless.util.BCUtil;
public class SignatureChainValidatorTest {
@ -161,10 +160,10 @@ public class SignatureChainValidatorTest {
"-----END PGP ARMORED FILE-----\n";
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature unboundSubkey = BCUtil.readSignatures(sigSubkeyNotBound).get(0);
PGPSignature primaryKeyRevoked = BCUtil.readSignatures(sigPrimaryKeyRevoked).get(0);
PGPSignature primaryKeyRevalidated = BCUtil.readSignatures(sigPrimaryKeyRevalidated).get(0);
PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature unboundSubkey = SignatureUtils.readSignatures(sigSubkeyNotBound).get(0);
PGPSignature primaryKeyRevoked = SignatureUtils.readSignatures(sigPrimaryKeyRevoked).get(0);
PGPSignature primaryKeyRevalidated = SignatureUtils.readSignatures(sigPrimaryKeyRevalidated).get(0);
Policy policy = PGPainless.getPolicy();
Date validationDate = new Date();
@ -310,10 +309,10 @@ public class SignatureChainValidatorTest {
"-----END PGP ARMORED FILE-----\n";
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature unboundSubkey = BCUtil.readSignatures(sigSigningKeyUnbound).get(0);
PGPSignature revokedSubkey = BCUtil.readSignatures(sigSubkeyRevoked).get(0);
PGPSignature revalidatedSubkey = BCUtil.readSignatures(sigSubkeyRevalidated).get(0);
PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature unboundSubkey = SignatureUtils.readSignatures(sigSigningKeyUnbound).get(0);
PGPSignature revokedSubkey = SignatureUtils.readSignatures(sigSubkeyRevoked).get(0);
PGPSignature revalidatedSubkey = SignatureUtils.readSignatures(sigSubkeyRevalidated).get(0);
Policy policy = PGPainless.getPolicy();
Date validationDate = new Date();
@ -460,10 +459,10 @@ public class SignatureChainValidatorTest {
"=lkHs\n" +
"-----END PGP ARMORED FILE-----\n";
PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature unboundKey = BCUtil.readSignatures(sigUnboundBeforeHardRevocation).get(0);
PGPSignature afterHardRevocation = BCUtil.readSignatures(sigAfterHardRevocation).get(0);
PGPSignature afterRevalidation = BCUtil.readSignatures(sigAfterRevalidation).get(0);
PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature unboundKey = SignatureUtils.readSignatures(sigUnboundBeforeHardRevocation).get(0);
PGPSignature afterHardRevocation = SignatureUtils.readSignatures(sigAfterHardRevocation).get(0);
PGPSignature afterRevalidation = SignatureUtils.readSignatures(sigAfterRevalidation).get(0);
Policy policy = PGPainless.getPolicy();
Date validationDate = new Date();
@ -610,10 +609,10 @@ public class SignatureChainValidatorTest {
"-----END PGP ARMORED FILE-----\n";
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(keyWithSoftRev);
PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature keyIsValid = BCUtil.readSignatures(sigKeyIsValid).get(0);
PGPSignature keyIsRevoked = BCUtil.readSignatures(sigKeyIsRevoked).get(0);
PGPSignature keyIsRevalidated = BCUtil.readSignatures(sigKeyIsRevalidated).get(0);
PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature keyIsValid = SignatureUtils.readSignatures(sigKeyIsValid).get(0);
PGPSignature keyIsRevoked = SignatureUtils.readSignatures(sigKeyIsRevoked).get(0);
PGPSignature keyIsRevalidated = SignatureUtils.readSignatures(sigKeyIsRevalidated).get(0);
Policy policy = PGPainless.getPolicy();
String data = "Hello, World";
@ -765,10 +764,10 @@ public class SignatureChainValidatorTest {
"-----END PGP ARMORED FILE-----\n";
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature keyNotBound = BCUtil.readSignatures(sigSubkeyNotBound).get(0);
PGPSignature keyRevoked = BCUtil.readSignatures(sigKeyRevoked).get(0);
PGPSignature valid = BCUtil.readSignatures(sigKeyValid).get(0);
PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature keyNotBound = SignatureUtils.readSignatures(sigSubkeyNotBound).get(0);
PGPSignature keyRevoked = SignatureUtils.readSignatures(sigKeyRevoked).get(0);
PGPSignature valid = SignatureUtils.readSignatures(sigKeyValid).get(0);
Policy policy = PGPainless.getPolicy();
String data = "Hello, World";
@ -916,10 +915,10 @@ public class SignatureChainValidatorTest {
"-----END PGP ARMORED FILE-----\n";
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
PGPSignature predatesPrimaryKey = BCUtil.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature valid = BCUtil.readSignatures(sigValid).get(0);
PGPSignature revoked = BCUtil.readSignatures(sigRevoked).get(0);
PGPSignature revalidated = BCUtil.readSignatures(sigReLegitimized).get(0);
PGPSignature predatesPrimaryKey = SignatureUtils.readSignatures(sigPredatesPrimaryKey).get(0);
PGPSignature valid = SignatureUtils.readSignatures(sigValid).get(0);
PGPSignature revoked = SignatureUtils.readSignatures(sigRevoked).get(0);
PGPSignature revalidated = SignatureUtils.readSignatures(sigReLegitimized).get(0);
Policy policy = PGPainless.getPolicy();
Date validationDate = new Date();
@ -1246,18 +1245,18 @@ public class SignatureChainValidatorTest {
PGPPublicKeyRing keysB = PGPainless.readKeyRing().publicKeyRing(keyB);
PGPPublicKeyRing keysC = PGPainless.readKeyRing().publicKeyRing(keyC);
PGPSignature sigAT0 = BCUtil.readSignatures(keyASigT0).get(0);
PGPSignature sigAT1_T2 = BCUtil.readSignatures(keyASigT1_T2).get(0);
PGPSignature sigAT2_T3 = BCUtil.readSignatures(keyASigT2_T3).get(0);
PGPSignature sigAT3_now = BCUtil.readSignatures(keyASigT3_now).get(0);
PGPSignature sigBT0 = BCUtil.readSignatures(keyBSigT0).get(0);
PGPSignature sigBT1_T2 = BCUtil.readSignatures(keyBSigT1_T2).get(0);
PGPSignature sigBT2_T3 = BCUtil.readSignatures(keyBSigT2_T3).get(0);
PGPSignature sigBT3_now = BCUtil.readSignatures(keyBSigT3_now).get(0);
PGPSignature sigCT0 = BCUtil.readSignatures(keyCSigT0).get(0);
PGPSignature sigCT1_T2 = BCUtil.readSignatures(keyCSigT1_T2).get(0);
PGPSignature sigCT2_T3 = BCUtil.readSignatures(keyCSigT2_T3).get(0);
PGPSignature sigCT3_now = BCUtil.readSignatures(keyCSigT3_now).get(0);
PGPSignature sigAT0 = SignatureUtils.readSignatures(keyASigT0).get(0);
PGPSignature sigAT1_T2 = SignatureUtils.readSignatures(keyASigT1_T2).get(0);
PGPSignature sigAT2_T3 = SignatureUtils.readSignatures(keyASigT2_T3).get(0);
PGPSignature sigAT3_now = SignatureUtils.readSignatures(keyASigT3_now).get(0);
PGPSignature sigBT0 = SignatureUtils.readSignatures(keyBSigT0).get(0);
PGPSignature sigBT1_T2 = SignatureUtils.readSignatures(keyBSigT1_T2).get(0);
PGPSignature sigBT2_T3 = SignatureUtils.readSignatures(keyBSigT2_T3).get(0);
PGPSignature sigBT3_now = SignatureUtils.readSignatures(keyBSigT3_now).get(0);
PGPSignature sigCT0 = SignatureUtils.readSignatures(keyCSigT0).get(0);
PGPSignature sigCT1_T2 = SignatureUtils.readSignatures(keyCSigT1_T2).get(0);
PGPSignature sigCT2_T3 = SignatureUtils.readSignatures(keyCSigT2_T3).get(0);
PGPSignature sigCT3_now = SignatureUtils.readSignatures(keyCSigT3_now).get(0);
Policy policy = PGPainless.getPolicy();
Date validationDate = new Date();

18
pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java
View file

@ -36,8 +36,6 @@ import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.key.OpenPgpV4Fingerprint;
import org.pgpainless.key.TestKeys;
import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.rsa.RsaLength;
@ -83,7 +81,7 @@ public class BCUtilTest {
assertEquals(secSize, pubSize);
PGPSecretKeyRingCollection secCol = BCUtil.keyRingsToKeyRingCollection(sec);
PGPSecretKeyRingCollection secCol = KeyRingUtils.keyRingsToKeyRingCollection(sec);
int secColSize = 0;
Iterator<PGPSecretKeyRing> secColIt = secCol.getKeyRings();
@ -95,7 +93,7 @@ public class BCUtilTest {
LOGGER.log(Level.FINER, "SecCol: " + secColSize);
PGPPublicKeyRingCollection pubCol = BCUtil.keyRingsToKeyRingCollection(pub);
PGPPublicKeyRingCollection pubCol = KeyRingUtils.keyRingsToKeyRingCollection(pub);
int pubColSize = 0;
Iterator<PGPPublicKeyRing> pubColIt = pubCol.getKeyRings();
@ -132,17 +130,7 @@ public class BCUtilTest {
// Check, if alice_mallory contains mallory's key
assertNotNull(alice_mallory.getSecretKey(subKey.getKeyID()));
PGPSecretKeyRing cleaned = BCUtil.removeUnassociatedKeysFromKeyRing(alice_mallory, alice.getPublicKey());
PGPSecretKeyRing cleaned = KeyRingUtils.removeUnassociatedKeysFromKeyRing(alice_mallory, alice.getPublicKey());
assertNull(cleaned.getSecretKey(subKey.getKeyID()));
}
@Test
public void getMasterKeyFromRingTest() throws IOException, PGPException {
PGPSecretKeyRing secretKeys = TestKeys.getCryptieSecretKeyRing();
PGPPublicKey primaryKey = BCUtil.getMasterKeyFrom(secretKeys);
assertNotNull(primaryKey);
assertEquals(TestKeys.CRYPTIE_FINGERPRINT, new OpenPgpV4Fingerprint(primaryKey));
}
}