mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-23 03:17:58 +01:00
Progress on SOP04 support
This commit is contained in:
parent
3f16c54867
commit
2d60650cc6
5 changed files with 131 additions and 19 deletions
|
@ -42,7 +42,13 @@ public final class ClearsignedMessageUtil {
|
|||
public static PGPSignatureList detachSignaturesFromInbandClearsignedMessage(InputStream clearsignedInputStream,
|
||||
OutputStream messageOutputStream)
|
||||
throws IOException, WrongConsumingMethodException {
|
||||
ArmoredInputStream in = ArmoredInputStreamFactory.get(clearsignedInputStream);
|
||||
ArmoredInputStream in;
|
||||
if (clearsignedInputStream instanceof ArmoredInputStream) {
|
||||
in = (ArmoredInputStream) clearsignedInputStream;
|
||||
} else {
|
||||
in = ArmoredInputStreamFactory.get(clearsignedInputStream);
|
||||
}
|
||||
|
||||
if (!in.isClearText()) {
|
||||
throw new WrongConsumingMethodException("Message is not using the Cleartext Signature Framework.");
|
||||
}
|
||||
|
|
|
@ -14,8 +14,8 @@ import org.bouncycastle.bcpg.ArmoredOutputStream;
|
|||
import org.bouncycastle.openpgp.PGPSignature;
|
||||
import org.bouncycastle.openpgp.PGPSignatureList;
|
||||
import org.bouncycastle.util.io.Streams;
|
||||
import org.pgpainless.exception.WrongConsumingMethodException;
|
||||
import org.pgpainless.decryption_verification.cleartext_signatures.ClearsignedMessageUtil;
|
||||
import org.pgpainless.exception.WrongConsumingMethodException;
|
||||
import org.pgpainless.util.ArmoredOutputStreamFactory;
|
||||
import sop.ReadyWithResult;
|
||||
import sop.Signatures;
|
||||
|
|
|
@ -25,7 +25,7 @@ import sop.Verification;
|
|||
import sop.enums.SignAs;
|
||||
import sop.exception.SOPGPException;
|
||||
|
||||
public class SignTest {
|
||||
public class DetachedSignTest {
|
||||
|
||||
private static SOP sop;
|
||||
private static byte[] key;
|
|
@ -29,12 +29,13 @@ import sop.ByteArrayAndResult;
|
|||
import sop.SOP;
|
||||
import sop.Signatures;
|
||||
import sop.Verification;
|
||||
import sop.enums.InlineSignAs;
|
||||
|
||||
public class DetachInbandSignatureAndMessageTest {
|
||||
public class InlineDetachTest {
|
||||
|
||||
private static final SOP sop = new SOPImpl();
|
||||
@Test
|
||||
public void testDetachingOfInbandSignaturesAndMessage() throws IOException, PGPException {
|
||||
SOP sop = new SOPImpl();
|
||||
public void detachCleartextSignedMessage() throws IOException {
|
||||
byte[] key = sop.generateKey()
|
||||
.userId("Alice <alice@pgpainless.org>")
|
||||
.generate()
|
||||
|
@ -44,22 +45,15 @@ public class DetachInbandSignatureAndMessageTest {
|
|||
|
||||
// Create a cleartext signed message
|
||||
byte[] data = "Hello, World\n".getBytes(StandardCharsets.UTF_8);
|
||||
ByteArrayOutputStream out = new ByteArrayOutputStream();
|
||||
EncryptionStream signingStream = PGPainless.encryptAndOrSign()
|
||||
.onOutputStream(out)
|
||||
.withOptions(
|
||||
ProducerOptions.sign(
|
||||
SigningOptions.get()
|
||||
.addDetachedSignature(SecretKeyRingProtector.unprotectedKeys(),
|
||||
secretKey, DocumentSignatureType.BINARY_DOCUMENT)
|
||||
).setCleartextSigned());
|
||||
|
||||
Streams.pipeAll(new ByteArrayInputStream(data), signingStream);
|
||||
signingStream.close();
|
||||
byte[] cleartextSigned = sop.inlineSign()
|
||||
.key(key)
|
||||
.withKeyPassword("sw0rdf1sh")
|
||||
.mode(InlineSignAs.CleartextSigned)
|
||||
.data(data).getBytes();
|
||||
|
||||
// actually detach the message
|
||||
ByteArrayAndResult<Signatures> detachedMsg = sop.inlineDetach()
|
||||
.message(out.toByteArray())
|
||||
.message(cleartextSigned)
|
||||
.toByteArrayAndResult();
|
||||
|
||||
byte[] message = detachedMsg.getBytes();
|
||||
|
@ -75,4 +69,35 @@ public class DetachInbandSignatureAndMessageTest {
|
|||
assertEquals(new OpenPgpV4Fingerprint(secretKey).toString(), verificationList.get(0).getSigningCertFingerprint());
|
||||
assertArrayEquals(data, message);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void detachInbandSignedMessage() throws IOException {
|
||||
byte[] key = sop.generateKey()
|
||||
.userId("Alice <alice@pgpainless.org>")
|
||||
.generate()
|
||||
.getBytes();
|
||||
byte[] cert = sop.extractCert().key(key).getBytes();
|
||||
|
||||
byte[] data = "Hello, World\n".getBytes(StandardCharsets.UTF_8);
|
||||
byte[] inlineSigned = sop.inlineSign()
|
||||
.key(key)
|
||||
.data(data).getBytes();
|
||||
|
||||
// actually detach the message
|
||||
ByteArrayAndResult<Signatures> detachedMsg = sop.inlineDetach()
|
||||
.message(inlineSigned)
|
||||
.toByteArrayAndResult();
|
||||
|
||||
byte[] message = detachedMsg.getBytes();
|
||||
byte[] signature = detachedMsg.getResult().getBytes();
|
||||
|
||||
List<Verification> verificationList = sop.verify()
|
||||
.cert(cert)
|
||||
.signatures(signature)
|
||||
.data(message);
|
||||
|
||||
assertFalse(verificationList.isEmpty());
|
||||
assertEquals(1, verificationList.size());
|
||||
assertArrayEquals(data, message);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,81 @@
|
|||
// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
|
||||
//
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
package org.pgpainless.sop;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
import sop.ByteArrayAndResult;
|
||||
import sop.SOP;
|
||||
import sop.Verification;
|
||||
import sop.enums.InlineSignAs;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.List;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
|
||||
public class InlineSignVerifyRoundtripTest {
|
||||
|
||||
private static final SOP sop = new SOPImpl();
|
||||
|
||||
@Test
|
||||
public void testInlineSignAndVerifyWithCleartextSignatures() throws IOException {
|
||||
byte[] key = sop.generateKey()
|
||||
.userId("Werner")
|
||||
.withKeyPassword("sw0rdf1sh")
|
||||
.generate().getBytes();
|
||||
|
||||
byte[] cert = sop.extractCert()
|
||||
.key(key).getBytes();
|
||||
|
||||
byte[] message = "If you want something different, create a new protocol but don't try to\npush it onto a working system.\n".getBytes(StandardCharsets.UTF_8);
|
||||
|
||||
byte[] inlineSigned = sop.inlineSign()
|
||||
.key(key)
|
||||
.withKeyPassword("sw0rdf1sh")
|
||||
.mode(InlineSignAs.CleartextSigned)
|
||||
.data(message).getBytes();
|
||||
|
||||
ByteArrayAndResult<List<Verification>> result = sop.inlineVerify()
|
||||
.cert(cert)
|
||||
.data(inlineSigned)
|
||||
.toByteArrayAndResult();
|
||||
|
||||
byte[] verified = result.getBytes();
|
||||
|
||||
assertFalse(result.getResult().isEmpty());
|
||||
assertArrayEquals(message, verified);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testInlineSignAndVerifyWithBinarySignatures() throws IOException {
|
||||
byte[] key = sop.generateKey()
|
||||
.userId("Werner")
|
||||
.withKeyPassword("sw0rdf1sh")
|
||||
.generate().getBytes();
|
||||
|
||||
byte[] cert = sop.extractCert()
|
||||
.key(key).getBytes();
|
||||
|
||||
byte[] message = "Yes, this is what has been deployed worldwide for years in millions of\ninstallations (decryption wise) and is meanwhile in active use.\n".getBytes(StandardCharsets.UTF_8);
|
||||
|
||||
byte[] inlineSigned = sop.inlineSign()
|
||||
.key(key)
|
||||
.withKeyPassword("sw0rdf1sh")
|
||||
.data(message).getBytes();
|
||||
|
||||
ByteArrayAndResult<List<Verification>> result = sop.inlineVerify()
|
||||
.cert(cert)
|
||||
.data(inlineSigned)
|
||||
.toByteArrayAndResult();
|
||||
|
||||
byte[] verified = result.getBytes();
|
||||
|
||||
assertFalse(result.getResult().isEmpty());
|
||||
assertArrayEquals(message, verified);
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in a new issue