F

2022-01-02 14:44:20 +01:00 · 2022-01-02 14:44:20 +01:00 · 7ca2b9a821
parent 09026f56b0
commit 7ca2b9a821
4 changed files with 38 additions and 15 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java
@ -9,6 +9,8 @@ import org.bouncycastle.bcpg.sig.EmbeddedSignature;
 import org.bouncycastle.bcpg.sig.Exportable;
 import org.bouncycastle.bcpg.sig.Features;
 import org.bouncycastle.bcpg.sig.IntendedRecipientFingerprint;
+import org.bouncycastle.bcpg.sig.IssuerFingerprint;
+import org.bouncycastle.bcpg.sig.IssuerKeyID;
 import org.bouncycastle.bcpg.sig.KeyExpirationTime;
 import org.bouncycastle.bcpg.sig.KeyFlags;
 import org.bouncycastle.bcpg.sig.NotationData;
@ -17,6 +19,7 @@ import org.bouncycastle.bcpg.sig.PrimaryUserID;
 import org.bouncycastle.bcpg.sig.Revocable;
 import org.bouncycastle.bcpg.sig.RevocationKey;
 import org.bouncycastle.bcpg.sig.RevocationReason;
+import org.bouncycastle.bcpg.sig.SignatureCreationTime;
 import org.bouncycastle.bcpg.sig.SignatureExpirationTime;
 import org.bouncycastle.bcpg.sig.SignatureTarget;
 import org.bouncycastle.bcpg.sig.SignerUserID;
@ -36,9 +39,16 @@ public class SignatureSubpacketsHelper {
            org.pgpainless.algorithm.SignatureSubpacket type = org.pgpainless.algorithm.SignatureSubpacket.fromCode(subpacket.getType());
            switch (type) {
                case signatureCreationTime:
+                    SignatureCreationTime sigCreationTime = (SignatureCreationTime) subpacket;
+                    subpackets.setSignatureCreationTime(sigCreationTime);
+                    break;
                case issuerKeyId:
+                    IssuerKeyID issuerKeyID = (IssuerKeyID) subpacket;
+                    subpackets.setIssuerKeyId(issuerKeyID);
+                    break;
                case issuerFingerprint:
-                    // ignore, we override this anyways
+                    IssuerFingerprint issuerFingerprint = (IssuerFingerprint) subpacket;
+                    subpackets.setIssuerFingerprint(issuerFingerprint);
                    break;
                case signatureExpirationTime:
                    SignatureExpirationTime sigExpTime = (SignatureExpirationTime) subpacket;
--- a/pgpainless-core/src/test/java/org/pgpainless/key/modification/OldSignatureSubpacketsArePreservedOnNewSig.java
+++ b/pgpainless-core/src/test/java/org/pgpainless/key/modification/OldSignatureSubpacketsArePreservedOnNewSig.java
@ -8,8 +8,7 @@ import static org.junit.jupiter.api.Assertions.assertArrayEquals;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotEquals;

-import java.security.InvalidAlgorithmParameterException;
-import java.security.NoSuchAlgorithmException;
+import java.io.IOException;
 import java.util.Calendar;
 import java.util.Date;

@ -25,19 +24,36 @@ import org.pgpainless.util.TestAllImplementations;

 public class OldSignatureSubpacketsArePreservedOnNewSig {

+    private static final String nonExpiringKey = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" +
+            "Version: PGPainless\n" +
+            "Comment: 4398 3833 6CCB 85C4 BB5A  9E3A 1D0A 4A95 635B EE3F\n" +
+            "Comment: Alice <alice@wonderland.lit>\n" +
+            "\n" +
+            "lFgEYdDrURYJKwYBBAHaRw8BAQdAKQ9V1m76/9Nh9Je2b69yznCeT31Sjl4MzV3E\n" +
+            "q9/v014AAP9EEWaTbaUrmQWeoh/kclIOTOd/b6r4cFcFx2vOdFzUxxA3tBxBbGlj\n" +
+            "ZSA8YWxpY2VAd29uZGVybGFuZC5saXQ+iI8EExYKAEEFAmHQ61IJkB0KSpVjW+4/\n" +
+            "FqEEQ5g4M2zLhcS7Wp46HQpKlWNb7j8CngECmwMFlgIDAQAEiwkIBwWVCgkICwKZ\n" +
+            "AQAAT+4A/2LrJ4O1f7npnE3vGemysXNkAb/h1XuiyIzspLJwjIyaAP97vn/n6xuJ\n" +
+            "0bk78ZLEJE7IurNjuhb5xmREa68AYcmUAZxdBGHQ61ISCisGAQQBl1UBBQEBB0AN\n" +
+            "tuRI87tPfJbKmXGGwbOjspLQ3qhFEKohaqeDmFe7OQMBCAcAAP976zWucXZ100RR\n" +
+            "8KsjFGgO50O9TQ5f4adi2N41zTUrOBAviHUEGBYKAB0FAmHQ61ICngECmwwFlgID\n" +
+            "AQAEiwkIBwWVCgkICwAKCRAdCkqVY1vuP/LEAQDg/K1bmNdpQdkPrZD00r55HP9T\n" +
+            "vvExdYJtFaX2rCIANgEAidfP0vSG/17L6iDR3/TQC0qWew/iQaRhE95ALUn38g0=\n" +
+            "=mNne\n" +
+            "-----END PGP PRIVATE KEY BLOCK-----";
+
    @TestTemplate
    @ExtendWith(TestAllImplementations.class)
    public void verifyOldSignatureSubpacketsArePreservedOnNewExpirationDateSig()
-            throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, InterruptedException {
-        PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
-                .simpleEcKeyRing("Alice <alice@wonderland.lit>");
+            throws PGPException, IOException {
+        PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(nonExpiringKey);

        PGPSignature oldSignature = PGPainless.inspectKeyRing(secretKeys).getLatestUserIdCertification("Alice <alice@wonderland.lit>");
        PGPSignatureSubpacketVector oldPackets = oldSignature.getHashedSubPackets();

+        // key does not expire
        assertEquals(0, oldPackets.getKeyExpirationTime());

-        Thread.sleep(1000);
        Date now = new Date();
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(now);
--- a/pgpainless-core/src/test/java/org/pgpainless/signature/builder/DirectKeySignatureBuilderTest.java
+++ b/pgpainless-core/src/test/java/org/pgpainless/signature/builder/DirectKeySignatureBuilderTest.java
@ -11,6 +11,7 @@ import static org.junit.jupiter.api.Assertions.assertNotNull;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.NoSuchAlgorithmException;
 import java.util.Collections;
+import java.util.Date;

 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPSecretKeyRing;
--- a/pgpainless-core/src/test/java/org/pgpainless/signature/subpackets/SignatureSubpacketsTest.java
+++ b/pgpainless-core/src/test/java/org/pgpainless/signature/subpackets/SignatureSubpacketsTest.java
@ -39,6 +39,7 @@ import org.bouncycastle.openpgp.PGPSignature;
 import org.bouncycastle.openpgp.PGPSignatureGenerator;
 import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator;
 import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
+import org.bouncycastle.util.encoders.Hex;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@ -449,11 +450,9 @@ public class SignatureSubpacketsTest {
        long keyId = fingerprint.getKeyId();

        PGPSignatureSubpacketGenerator subpackets = new PGPSignatureSubpacketGenerator();
-        // These are not extracted from the vector
        subpackets.setSignatureCreationTime(true, sigCreationDate);
        subpackets.setIssuerKeyID(true, keyId);
        subpackets.setIssuerFingerprint(true, publicKeys.getPublicKey());
-        // These are extracted
        subpackets.setSignatureExpirationTime(true, 256000);
        subpackets.setExportable(true, true);
        subpackets.setTrust(true, 5, 15);
@ -488,12 +487,9 @@ public class SignatureSubpacketsTest {
        SignatureSubpackets wrapper = SignatureSubpackets.createSubpacketsFrom(subpackets.generate());
        PGPSignatureSubpacketVector vector = SignatureSubpacketsHelper.toVector(wrapper);

-        // Verify these are not extracted
-        assertEquals(0, vector.getIssuerKeyID());
-        assertNull(vector.getIssuerFingerprint());
-        assertNull(vector.getSignatureCreationTime());
-
-        // Verify these are extracted
+        assertEquals(keyId, vector.getIssuerKeyID());
+        assertEquals(fingerprint.toString(), Hex.toHexString(vector.getIssuerFingerprint().getFingerprint()).toUpperCase());
+        assertEquals(sigCreationDate.getTime(), vector.getSignatureCreationTime().getTime());
        assertEquals(256000, vector.getSignatureExpirationTime());
        assertTrue(((Exportable) vector.getSubpacket(SignatureSubpacketTags.EXPORTABLE)).isExportable());
        TrustSignature trust = (TrustSignature) vector.getSubpacket(SignatureSubpacketTags.TRUST_SIG);