1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 06:12:06 +01:00

Progress on SOP04 support

This commit is contained in:
Paul Schaub 2022-06-16 13:09:42 +02:00
parent 3f16c54867
commit 2d60650cc6
5 changed files with 131 additions and 19 deletions

View file

@ -42,7 +42,13 @@ public final class ClearsignedMessageUtil {
public static PGPSignatureList detachSignaturesFromInbandClearsignedMessage(InputStream clearsignedInputStream,
OutputStream messageOutputStream)
throws IOException, WrongConsumingMethodException {
ArmoredInputStream in = ArmoredInputStreamFactory.get(clearsignedInputStream);
ArmoredInputStream in;
if (clearsignedInputStream instanceof ArmoredInputStream) {
in = (ArmoredInputStream) clearsignedInputStream;
} else {
in = ArmoredInputStreamFactory.get(clearsignedInputStream);
}
if (!in.isClearText()) {
throw new WrongConsumingMethodException("Message is not using the Cleartext Signature Framework.");
}

View file

@ -14,8 +14,8 @@ import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureList;
import org.bouncycastle.util.io.Streams;
import org.pgpainless.exception.WrongConsumingMethodException;
import org.pgpainless.decryption_verification.cleartext_signatures.ClearsignedMessageUtil;
import org.pgpainless.exception.WrongConsumingMethodException;
import org.pgpainless.util.ArmoredOutputStreamFactory;
import sop.ReadyWithResult;
import sop.Signatures;

View file

@ -25,7 +25,7 @@ import sop.Verification;
import sop.enums.SignAs;
import sop.exception.SOPGPException;
public class SignTest {
public class DetachedSignTest {
private static SOP sop;
private static byte[] key;

View file

@ -29,12 +29,13 @@ import sop.ByteArrayAndResult;
import sop.SOP;
import sop.Signatures;
import sop.Verification;
import sop.enums.InlineSignAs;
public class DetachInbandSignatureAndMessageTest {
public class InlineDetachTest {
private static final SOP sop = new SOPImpl();
@Test
public void testDetachingOfInbandSignaturesAndMessage() throws IOException, PGPException {
SOP sop = new SOPImpl();
public void detachCleartextSignedMessage() throws IOException {
byte[] key = sop.generateKey()
.userId("Alice <alice@pgpainless.org>")
.generate()
@ -44,22 +45,15 @@ public class DetachInbandSignatureAndMessageTest {
// Create a cleartext signed message
byte[] data = "Hello, World\n".getBytes(StandardCharsets.UTF_8);
ByteArrayOutputStream out = new ByteArrayOutputStream();
EncryptionStream signingStream = PGPainless.encryptAndOrSign()
.onOutputStream(out)
.withOptions(
ProducerOptions.sign(
SigningOptions.get()
.addDetachedSignature(SecretKeyRingProtector.unprotectedKeys(),
secretKey, DocumentSignatureType.BINARY_DOCUMENT)
).setCleartextSigned());
Streams.pipeAll(new ByteArrayInputStream(data), signingStream);
signingStream.close();
byte[] cleartextSigned = sop.inlineSign()
.key(key)
.withKeyPassword("sw0rdf1sh")
.mode(InlineSignAs.CleartextSigned)
.data(data).getBytes();
// actually detach the message
ByteArrayAndResult<Signatures> detachedMsg = sop.inlineDetach()
.message(out.toByteArray())
.message(cleartextSigned)
.toByteArrayAndResult();
byte[] message = detachedMsg.getBytes();
@ -75,4 +69,35 @@ public class DetachInbandSignatureAndMessageTest {
assertEquals(new OpenPgpV4Fingerprint(secretKey).toString(), verificationList.get(0).getSigningCertFingerprint());
assertArrayEquals(data, message);
}
@Test
public void detachInbandSignedMessage() throws IOException {
byte[] key = sop.generateKey()
.userId("Alice <alice@pgpainless.org>")
.generate()
.getBytes();
byte[] cert = sop.extractCert().key(key).getBytes();
byte[] data = "Hello, World\n".getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.key(key)
.data(data).getBytes();
// actually detach the message
ByteArrayAndResult<Signatures> detachedMsg = sop.inlineDetach()
.message(inlineSigned)
.toByteArrayAndResult();
byte[] message = detachedMsg.getBytes();
byte[] signature = detachedMsg.getResult().getBytes();
List<Verification> verificationList = sop.verify()
.cert(cert)
.signatures(signature)
.data(message);
assertFalse(verificationList.isEmpty());
assertEquals(1, verificationList.size());
assertArrayEquals(data, message);
}
}

View file

@ -0,0 +1,81 @@
// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.sop;
import org.junit.jupiter.api.Test;
import sop.ByteArrayAndResult;
import sop.SOP;
import sop.Verification;
import sop.enums.InlineSignAs;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.List;
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
public class InlineSignVerifyRoundtripTest {
private static final SOP sop = new SOPImpl();
@Test
public void testInlineSignAndVerifyWithCleartextSignatures() throws IOException {
byte[] key = sop.generateKey()
.userId("Werner")
.withKeyPassword("sw0rdf1sh")
.generate().getBytes();
byte[] cert = sop.extractCert()
.key(key).getBytes();
byte[] message = "If you want something different, create a new protocol but don't try to\npush it onto a working system.\n".getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.key(key)
.withKeyPassword("sw0rdf1sh")
.mode(InlineSignAs.CleartextSigned)
.data(message).getBytes();
ByteArrayAndResult<List<Verification>> result = sop.inlineVerify()
.cert(cert)
.data(inlineSigned)
.toByteArrayAndResult();
byte[] verified = result.getBytes();
assertFalse(result.getResult().isEmpty());
assertArrayEquals(message, verified);
}
@Test
public void testInlineSignAndVerifyWithBinarySignatures() throws IOException {
byte[] key = sop.generateKey()
.userId("Werner")
.withKeyPassword("sw0rdf1sh")
.generate().getBytes();
byte[] cert = sop.extractCert()
.key(key).getBytes();
byte[] message = "Yes, this is what has been deployed worldwide for years in millions of\ninstallations (decryption wise) and is meanwhile in active use.\n".getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.key(key)
.withKeyPassword("sw0rdf1sh")
.data(message).getBytes();
ByteArrayAndResult<List<Verification>> result = sop.inlineVerify()
.cert(cert)
.data(inlineSigned)
.toByteArrayAndResult();
byte[] verified = result.getBytes();
assertFalse(result.getResult().isEmpty());
assertArrayEquals(message, verified);
}
}