diff --git a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CleartextSignatureVerificationTest.java b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CleartextSignatureVerificationTest.java index 06ea461a..9a470369 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CleartextSignatureVerificationTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CleartextSignatureVerificationTest.java @@ -26,12 +26,16 @@ import java.io.IOException; import java.nio.charset.StandardCharsets; import org.bouncycastle.openpgp.PGPException; +import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.util.io.Streams; import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; import org.pgpainless.key.TestKeys; +import org.pgpainless.signature.CertificateValidator; +import org.pgpainless.signature.SignatureUtils; +import org.pgpainless.signature.cleartext_signatures.ClearsignedMessageUtil; import org.pgpainless.signature.cleartext_signatures.CleartextSignatureProcessor; import org.pgpainless.signature.cleartext_signatures.InMemoryMultiPassStrategy; import org.pgpainless.signature.cleartext_signatures.MultiPassStrategy; @@ -39,75 +43,61 @@ import org.pgpainless.util.TestUtils; public class CleartextSignatureVerificationTest { + public static final String MESSAGE_BODY = "Ah, Juliet, if the measure of thy joy\n" + + "Be heaped like mine, and that thy skill be more\n" + + "To blazon it, then sweeten with thy breath\n" + + "This neighbor air, and let rich music’s tongue\n" + + "Unfold the imagined happiness that both\n" + + "Receive in either by this dear encounter.\n"; + public static final String MESSAGE_SIGNED = "-----BEGIN PGP SIGNED MESSAGE-----\n" + + "Hash: SHA512\n" + + "\n" + + "Ah, Juliet, if the measure of thy joy\n" + + "Be heaped like mine, and that thy skill be more\n" + + "To blazon it, then sweeten with thy breath\n" + + "This neighbor air, and let rich music’s tongue\n" + + "Unfold the imagined happiness that both\n" + + "Receive in either by this dear encounter.\n" + + "-----BEGIN PGP SIGNATURE-----\n" + + "\n" + + "iHUEARMKAB0WIQRPZlxNwsRmC8ZCXkFXNuaTGs83DAUCYJ/x5gAKCRBXNuaTGs83\n" + + "DFRwAP9/4wMvV3WcX59Clo7mkRce6iwW3VBdiN+yMu3tjmHB2wD/RfE28Q1v4+eo\n" + + "ySNgbyvqYYsNr0fnBwaG3aaj+u5ExiE=\n" + + "=Z2SO\n" + + "-----END PGP SIGNATURE-----"; + public static final String SIGNATURE = "-----BEGIN PGP SIGNATURE-----\n" + + "\n" + + "iHUEARMKAB0WIQRPZlxNwsRmC8ZCXkFXNuaTGs83DAUCYJ/x5gAKCRBXNuaTGs83\n" + + "DFRwAP9/4wMvV3WcX59Clo7mkRce6iwW3VBdiN+yMu3tjmHB2wD/RfE28Q1v4+eo\n" + + "ySNgbyvqYYsNr0fnBwaG3aaj+u5ExiE=\n" + + "=Z2SO\n" + + "-----END PGP SIGNATURE-----"; + @Test public void cleartextSignVerification_InMemoryMultiPassStrategy() throws IOException, PGPException { - String message = "Ah, Juliet, if the measure of thy joy\n" + - "Be heaped like mine, and that thy skill be more\n" + - "To blazon it, then sweeten with thy breath\n" + - "This neighbor air, and let rich music’s tongue\n" + - "Unfold the imagined happiness that both\n" + - "Receive in either by this dear encounter.\n"; - String signed = "-----BEGIN PGP SIGNED MESSAGE-----\n" + - "Hash: SHA512\n" + - "\n" + - "Ah, Juliet, if the measure of thy joy\n" + - "Be heaped like mine, and that thy skill be more\n" + - "To blazon it, then sweeten with thy breath\n" + - "This neighbor air, and let rich music’s tongue\n" + - "Unfold the imagined happiness that both\n" + - "Receive in either by this dear encounter.\n" + - "-----BEGIN PGP SIGNATURE-----\n" + - "\n" + - "iHUEARMKAB0WIQRPZlxNwsRmC8ZCXkFXNuaTGs83DAUCYJ/x5gAKCRBXNuaTGs83\n" + - "DFRwAP9/4wMvV3WcX59Clo7mkRce6iwW3VBdiN+yMu3tjmHB2wD/RfE28Q1v4+eo\n" + - "ySNgbyvqYYsNr0fnBwaG3aaj+u5ExiE=\n" + - "=Z2SO\n" + - "-----END PGP SIGNATURE-----"; PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing(); InMemoryMultiPassStrategy multiPassStrategy = MultiPassStrategy.keepMessageInMemory(); CleartextSignatureProcessor processor = PGPainless.verifyCleartextSignedMessage() - .onInputStream(new ByteArrayInputStream(signed.getBytes(StandardCharsets.UTF_8))) + .onInputStream(new ByteArrayInputStream(MESSAGE_SIGNED.getBytes(StandardCharsets.UTF_8))) .withStrategy(multiPassStrategy) .verifyWith(signingKeys); PGPSignature signature = processor.process(); assertEquals(signature.getKeyID(), signingKeys.getPublicKey().getKeyID()); - assertArrayEquals(message.getBytes(StandardCharsets.UTF_8), multiPassStrategy.getBytes()); + assertArrayEquals(MESSAGE_BODY.getBytes(StandardCharsets.UTF_8), multiPassStrategy.getBytes()); } @Test public void cleartextSignVerification_FileBasedMultiPassStrategy() throws IOException, PGPException { - String message = "Ah, Juliet, if the measure of thy joy\n" + - "Be heaped like mine, and that thy skill be more\n" + - "To blazon it, then sweeten with thy breath\n" + - "This neighbor air, and let rich music’s tongue\n" + - "Unfold the imagined happiness that both\n" + - "Receive in either by this dear encounter.\n"; - String signed = "-----BEGIN PGP SIGNED MESSAGE-----\n" + - "Hash: SHA512\n" + - "\n" + - "Ah, Juliet, if the measure of thy joy\n" + - "Be heaped like mine, and that thy skill be more\n" + - "To blazon it, then sweeten with thy breath\n" + - "This neighbor air, and let rich music’s tongue\n" + - "Unfold the imagined happiness that both\n" + - "Receive in either by this dear encounter.\n" + - "-----BEGIN PGP SIGNATURE-----\n" + - "\n" + - "iHUEARMKAB0WIQRPZlxNwsRmC8ZCXkFXNuaTGs83DAUCYJ/x5gAKCRBXNuaTGs83\n" + - "DFRwAP9/4wMvV3WcX59Clo7mkRce6iwW3VBdiN+yMu3tjmHB2wD/RfE28Q1v4+eo\n" + - "ySNgbyvqYYsNr0fnBwaG3aaj+u5ExiE=\n" + - "=Z2SO\n" + - "-----END PGP SIGNATURE-----"; PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing(); File tempDir = TestUtils.createTempDirectory(); File file = new File(tempDir, "file"); MultiPassStrategy multiPassStrategy = MultiPassStrategy.writeMessageToFile(file); CleartextSignatureProcessor processor = PGPainless.verifyCleartextSignedMessage() - .onInputStream(new ByteArrayInputStream(signed.getBytes(StandardCharsets.UTF_8))) + .onInputStream(new ByteArrayInputStream(MESSAGE_SIGNED.getBytes(StandardCharsets.UTF_8))) .withStrategy(multiPassStrategy) .verifyWith(signingKeys); @@ -118,6 +108,21 @@ public class CleartextSignatureVerificationTest { ByteArrayOutputStream bytes = new ByteArrayOutputStream(); Streams.pipeAll(fileIn, bytes); fileIn.close(); - assertArrayEquals(message.getBytes(StandardCharsets.UTF_8), bytes.toByteArray()); + assertArrayEquals(MESSAGE_BODY.getBytes(StandardCharsets.UTF_8), bytes.toByteArray()); + } + + @Test + public void verifySignatureDetached() throws IOException, PGPException { + PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing(); + + PGPSignature signature = SignatureUtils.readSignatures(SIGNATURE).get(0); + PGPPublicKey signingKey = signingKeys.getPublicKey(signature.getKeyID()); + + /* + SignatureVerifier.initializeSignatureAndUpdateWithSignedData(signature, new ByteArrayInputStream(MESSAGE_BODY.getBytes(StandardCharsets.UTF_8)), signingKey); + /*/ + ClearsignedMessageUtil.initializeSignature(signature, signingKey, new ByteArrayInputStream(MESSAGE_BODY.getBytes(StandardCharsets.UTF_8))); + //*/ + CertificateValidator.validateCertificateAndVerifyInitializedSignature(signature, signingKeys, PGPainless.getPolicy()); } }