mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-23 04:42:06 +01:00
Add investigation test for cleartext signature verification
This commit is contained in:
parent
200e00990b
commit
3573115a60
1 changed files with 53 additions and 48 deletions
|
@ -26,12 +26,16 @@ import java.io.IOException;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSignature;
|
import org.bouncycastle.openpgp.PGPSignature;
|
||||||
import org.bouncycastle.util.io.Streams;
|
import org.bouncycastle.util.io.Streams;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.key.TestKeys;
|
import org.pgpainless.key.TestKeys;
|
||||||
|
import org.pgpainless.signature.CertificateValidator;
|
||||||
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
|
import org.pgpainless.signature.cleartext_signatures.ClearsignedMessageUtil;
|
||||||
import org.pgpainless.signature.cleartext_signatures.CleartextSignatureProcessor;
|
import org.pgpainless.signature.cleartext_signatures.CleartextSignatureProcessor;
|
||||||
import org.pgpainless.signature.cleartext_signatures.InMemoryMultiPassStrategy;
|
import org.pgpainless.signature.cleartext_signatures.InMemoryMultiPassStrategy;
|
||||||
import org.pgpainless.signature.cleartext_signatures.MultiPassStrategy;
|
import org.pgpainless.signature.cleartext_signatures.MultiPassStrategy;
|
||||||
|
@ -39,75 +43,61 @@ import org.pgpainless.util.TestUtils;
|
||||||
|
|
||||||
public class CleartextSignatureVerificationTest {
|
public class CleartextSignatureVerificationTest {
|
||||||
|
|
||||||
|
public static final String MESSAGE_BODY = "Ah, Juliet, if the measure of thy joy\n" +
|
||||||
|
"Be heaped like mine, and that thy skill be more\n" +
|
||||||
|
"To blazon it, then sweeten with thy breath\n" +
|
||||||
|
"This neighbor air, and let rich music’s tongue\n" +
|
||||||
|
"Unfold the imagined happiness that both\n" +
|
||||||
|
"Receive in either by this dear encounter.\n";
|
||||||
|
public static final String MESSAGE_SIGNED = "-----BEGIN PGP SIGNED MESSAGE-----\n" +
|
||||||
|
"Hash: SHA512\n" +
|
||||||
|
"\n" +
|
||||||
|
"Ah, Juliet, if the measure of thy joy\n" +
|
||||||
|
"Be heaped like mine, and that thy skill be more\n" +
|
||||||
|
"To blazon it, then sweeten with thy breath\n" +
|
||||||
|
"This neighbor air, and let rich music’s tongue\n" +
|
||||||
|
"Unfold the imagined happiness that both\n" +
|
||||||
|
"Receive in either by this dear encounter.\n" +
|
||||||
|
"-----BEGIN PGP SIGNATURE-----\n" +
|
||||||
|
"\n" +
|
||||||
|
"iHUEARMKAB0WIQRPZlxNwsRmC8ZCXkFXNuaTGs83DAUCYJ/x5gAKCRBXNuaTGs83\n" +
|
||||||
|
"DFRwAP9/4wMvV3WcX59Clo7mkRce6iwW3VBdiN+yMu3tjmHB2wD/RfE28Q1v4+eo\n" +
|
||||||
|
"ySNgbyvqYYsNr0fnBwaG3aaj+u5ExiE=\n" +
|
||||||
|
"=Z2SO\n" +
|
||||||
|
"-----END PGP SIGNATURE-----";
|
||||||
|
public static final String SIGNATURE = "-----BEGIN PGP SIGNATURE-----\n" +
|
||||||
|
"\n" +
|
||||||
|
"iHUEARMKAB0WIQRPZlxNwsRmC8ZCXkFXNuaTGs83DAUCYJ/x5gAKCRBXNuaTGs83\n" +
|
||||||
|
"DFRwAP9/4wMvV3WcX59Clo7mkRce6iwW3VBdiN+yMu3tjmHB2wD/RfE28Q1v4+eo\n" +
|
||||||
|
"ySNgbyvqYYsNr0fnBwaG3aaj+u5ExiE=\n" +
|
||||||
|
"=Z2SO\n" +
|
||||||
|
"-----END PGP SIGNATURE-----";
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void cleartextSignVerification_InMemoryMultiPassStrategy() throws IOException, PGPException {
|
public void cleartextSignVerification_InMemoryMultiPassStrategy() throws IOException, PGPException {
|
||||||
String message = "Ah, Juliet, if the measure of thy joy\n" +
|
|
||||||
"Be heaped like mine, and that thy skill be more\n" +
|
|
||||||
"To blazon it, then sweeten with thy breath\n" +
|
|
||||||
"This neighbor air, and let rich music’s tongue\n" +
|
|
||||||
"Unfold the imagined happiness that both\n" +
|
|
||||||
"Receive in either by this dear encounter.\n";
|
|
||||||
String signed = "-----BEGIN PGP SIGNED MESSAGE-----\n" +
|
|
||||||
"Hash: SHA512\n" +
|
|
||||||
"\n" +
|
|
||||||
"Ah, Juliet, if the measure of thy joy\n" +
|
|
||||||
"Be heaped like mine, and that thy skill be more\n" +
|
|
||||||
"To blazon it, then sweeten with thy breath\n" +
|
|
||||||
"This neighbor air, and let rich music’s tongue\n" +
|
|
||||||
"Unfold the imagined happiness that both\n" +
|
|
||||||
"Receive in either by this dear encounter.\n" +
|
|
||||||
"-----BEGIN PGP SIGNATURE-----\n" +
|
|
||||||
"\n" +
|
|
||||||
"iHUEARMKAB0WIQRPZlxNwsRmC8ZCXkFXNuaTGs83DAUCYJ/x5gAKCRBXNuaTGs83\n" +
|
|
||||||
"DFRwAP9/4wMvV3WcX59Clo7mkRce6iwW3VBdiN+yMu3tjmHB2wD/RfE28Q1v4+eo\n" +
|
|
||||||
"ySNgbyvqYYsNr0fnBwaG3aaj+u5ExiE=\n" +
|
|
||||||
"=Z2SO\n" +
|
|
||||||
"-----END PGP SIGNATURE-----";
|
|
||||||
PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing();
|
PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing();
|
||||||
|
|
||||||
InMemoryMultiPassStrategy multiPassStrategy = MultiPassStrategy.keepMessageInMemory();
|
InMemoryMultiPassStrategy multiPassStrategy = MultiPassStrategy.keepMessageInMemory();
|
||||||
CleartextSignatureProcessor processor = PGPainless.verifyCleartextSignedMessage()
|
CleartextSignatureProcessor processor = PGPainless.verifyCleartextSignedMessage()
|
||||||
.onInputStream(new ByteArrayInputStream(signed.getBytes(StandardCharsets.UTF_8)))
|
.onInputStream(new ByteArrayInputStream(MESSAGE_SIGNED.getBytes(StandardCharsets.UTF_8)))
|
||||||
.withStrategy(multiPassStrategy)
|
.withStrategy(multiPassStrategy)
|
||||||
.verifyWith(signingKeys);
|
.verifyWith(signingKeys);
|
||||||
|
|
||||||
PGPSignature signature = processor.process();
|
PGPSignature signature = processor.process();
|
||||||
|
|
||||||
assertEquals(signature.getKeyID(), signingKeys.getPublicKey().getKeyID());
|
assertEquals(signature.getKeyID(), signingKeys.getPublicKey().getKeyID());
|
||||||
assertArrayEquals(message.getBytes(StandardCharsets.UTF_8), multiPassStrategy.getBytes());
|
assertArrayEquals(MESSAGE_BODY.getBytes(StandardCharsets.UTF_8), multiPassStrategy.getBytes());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void cleartextSignVerification_FileBasedMultiPassStrategy() throws IOException, PGPException {
|
public void cleartextSignVerification_FileBasedMultiPassStrategy() throws IOException, PGPException {
|
||||||
String message = "Ah, Juliet, if the measure of thy joy\n" +
|
|
||||||
"Be heaped like mine, and that thy skill be more\n" +
|
|
||||||
"To blazon it, then sweeten with thy breath\n" +
|
|
||||||
"This neighbor air, and let rich music’s tongue\n" +
|
|
||||||
"Unfold the imagined happiness that both\n" +
|
|
||||||
"Receive in either by this dear encounter.\n";
|
|
||||||
String signed = "-----BEGIN PGP SIGNED MESSAGE-----\n" +
|
|
||||||
"Hash: SHA512\n" +
|
|
||||||
"\n" +
|
|
||||||
"Ah, Juliet, if the measure of thy joy\n" +
|
|
||||||
"Be heaped like mine, and that thy skill be more\n" +
|
|
||||||
"To blazon it, then sweeten with thy breath\n" +
|
|
||||||
"This neighbor air, and let rich music’s tongue\n" +
|
|
||||||
"Unfold the imagined happiness that both\n" +
|
|
||||||
"Receive in either by this dear encounter.\n" +
|
|
||||||
"-----BEGIN PGP SIGNATURE-----\n" +
|
|
||||||
"\n" +
|
|
||||||
"iHUEARMKAB0WIQRPZlxNwsRmC8ZCXkFXNuaTGs83DAUCYJ/x5gAKCRBXNuaTGs83\n" +
|
|
||||||
"DFRwAP9/4wMvV3WcX59Clo7mkRce6iwW3VBdiN+yMu3tjmHB2wD/RfE28Q1v4+eo\n" +
|
|
||||||
"ySNgbyvqYYsNr0fnBwaG3aaj+u5ExiE=\n" +
|
|
||||||
"=Z2SO\n" +
|
|
||||||
"-----END PGP SIGNATURE-----";
|
|
||||||
PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing();
|
PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing();
|
||||||
|
|
||||||
File tempDir = TestUtils.createTempDirectory();
|
File tempDir = TestUtils.createTempDirectory();
|
||||||
File file = new File(tempDir, "file");
|
File file = new File(tempDir, "file");
|
||||||
MultiPassStrategy multiPassStrategy = MultiPassStrategy.writeMessageToFile(file);
|
MultiPassStrategy multiPassStrategy = MultiPassStrategy.writeMessageToFile(file);
|
||||||
CleartextSignatureProcessor processor = PGPainless.verifyCleartextSignedMessage()
|
CleartextSignatureProcessor processor = PGPainless.verifyCleartextSignedMessage()
|
||||||
.onInputStream(new ByteArrayInputStream(signed.getBytes(StandardCharsets.UTF_8)))
|
.onInputStream(new ByteArrayInputStream(MESSAGE_SIGNED.getBytes(StandardCharsets.UTF_8)))
|
||||||
.withStrategy(multiPassStrategy)
|
.withStrategy(multiPassStrategy)
|
||||||
.verifyWith(signingKeys);
|
.verifyWith(signingKeys);
|
||||||
|
|
||||||
|
@ -118,6 +108,21 @@ public class CleartextSignatureVerificationTest {
|
||||||
ByteArrayOutputStream bytes = new ByteArrayOutputStream();
|
ByteArrayOutputStream bytes = new ByteArrayOutputStream();
|
||||||
Streams.pipeAll(fileIn, bytes);
|
Streams.pipeAll(fileIn, bytes);
|
||||||
fileIn.close();
|
fileIn.close();
|
||||||
assertArrayEquals(message.getBytes(StandardCharsets.UTF_8), bytes.toByteArray());
|
assertArrayEquals(MESSAGE_BODY.getBytes(StandardCharsets.UTF_8), bytes.toByteArray());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void verifySignatureDetached() throws IOException, PGPException {
|
||||||
|
PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing();
|
||||||
|
|
||||||
|
PGPSignature signature = SignatureUtils.readSignatures(SIGNATURE).get(0);
|
||||||
|
PGPPublicKey signingKey = signingKeys.getPublicKey(signature.getKeyID());
|
||||||
|
|
||||||
|
/*
|
||||||
|
SignatureVerifier.initializeSignatureAndUpdateWithSignedData(signature, new ByteArrayInputStream(MESSAGE_BODY.getBytes(StandardCharsets.UTF_8)), signingKey);
|
||||||
|
/*/
|
||||||
|
ClearsignedMessageUtil.initializeSignature(signature, signingKey, new ByteArrayInputStream(MESSAGE_BODY.getBytes(StandardCharsets.UTF_8)));
|
||||||
|
//*/
|
||||||
|
CertificateValidator.validateCertificateAndVerifyInitializedSignature(signature, signingKeys, PGPainless.getPolicy());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue