diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java index ee34a6fc..4bc172ef 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java @@ -9,6 +9,8 @@ import org.bouncycastle.bcpg.sig.EmbeddedSignature; import org.bouncycastle.bcpg.sig.Exportable; import org.bouncycastle.bcpg.sig.Features; import org.bouncycastle.bcpg.sig.IntendedRecipientFingerprint; +import org.bouncycastle.bcpg.sig.IssuerFingerprint; +import org.bouncycastle.bcpg.sig.IssuerKeyID; import org.bouncycastle.bcpg.sig.KeyExpirationTime; import org.bouncycastle.bcpg.sig.KeyFlags; import org.bouncycastle.bcpg.sig.NotationData; @@ -17,6 +19,7 @@ import org.bouncycastle.bcpg.sig.PrimaryUserID; import org.bouncycastle.bcpg.sig.Revocable; import org.bouncycastle.bcpg.sig.RevocationKey; import org.bouncycastle.bcpg.sig.RevocationReason; +import org.bouncycastle.bcpg.sig.SignatureCreationTime; import org.bouncycastle.bcpg.sig.SignatureExpirationTime; import org.bouncycastle.bcpg.sig.SignatureTarget; import org.bouncycastle.bcpg.sig.SignerUserID; @@ -36,9 +39,16 @@ public class SignatureSubpacketsHelper { org.pgpainless.algorithm.SignatureSubpacket type = org.pgpainless.algorithm.SignatureSubpacket.fromCode(subpacket.getType()); switch (type) { case signatureCreationTime: + SignatureCreationTime sigCreationTime = (SignatureCreationTime) subpacket; + subpackets.setSignatureCreationTime(sigCreationTime); + break; case issuerKeyId: + IssuerKeyID issuerKeyID = (IssuerKeyID) subpacket; + subpackets.setIssuerKeyId(issuerKeyID); + break; case issuerFingerprint: - // ignore, we override this anyways + IssuerFingerprint issuerFingerprint = (IssuerFingerprint) subpacket; + subpackets.setIssuerFingerprint(issuerFingerprint); break; case signatureExpirationTime: SignatureExpirationTime sigExpTime = (SignatureExpirationTime) subpacket; diff --git a/pgpainless-core/src/test/java/org/pgpainless/key/modification/OldSignatureSubpacketsArePreservedOnNewSig.java b/pgpainless-core/src/test/java/org/pgpainless/key/modification/OldSignatureSubpacketsArePreservedOnNewSig.java index f7d4d181..ba4ae588 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/key/modification/OldSignatureSubpacketsArePreservedOnNewSig.java +++ b/pgpainless-core/src/test/java/org/pgpainless/key/modification/OldSignatureSubpacketsArePreservedOnNewSig.java @@ -8,8 +8,7 @@ import static org.junit.jupiter.api.Assertions.assertArrayEquals; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotEquals; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; +import java.io.IOException; import java.util.Calendar; import java.util.Date; @@ -25,19 +24,36 @@ import org.pgpainless.util.TestAllImplementations; public class OldSignatureSubpacketsArePreservedOnNewSig { + private static final String nonExpiringKey = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" + + "Version: PGPainless\n" + + "Comment: 4398 3833 6CCB 85C4 BB5A 9E3A 1D0A 4A95 635B EE3F\n" + + "Comment: Alice \n" + + "\n" + + "lFgEYdDrURYJKwYBBAHaRw8BAQdAKQ9V1m76/9Nh9Je2b69yznCeT31Sjl4MzV3E\n" + + "q9/v014AAP9EEWaTbaUrmQWeoh/kclIOTOd/b6r4cFcFx2vOdFzUxxA3tBxBbGlj\n" + + "ZSA8YWxpY2VAd29uZGVybGFuZC5saXQ+iI8EExYKAEEFAmHQ61IJkB0KSpVjW+4/\n" + + "FqEEQ5g4M2zLhcS7Wp46HQpKlWNb7j8CngECmwMFlgIDAQAEiwkIBwWVCgkICwKZ\n" + + "AQAAT+4A/2LrJ4O1f7npnE3vGemysXNkAb/h1XuiyIzspLJwjIyaAP97vn/n6xuJ\n" + + "0bk78ZLEJE7IurNjuhb5xmREa68AYcmUAZxdBGHQ61ISCisGAQQBl1UBBQEBB0AN\n" + + "tuRI87tPfJbKmXGGwbOjspLQ3qhFEKohaqeDmFe7OQMBCAcAAP976zWucXZ100RR\n" + + "8KsjFGgO50O9TQ5f4adi2N41zTUrOBAviHUEGBYKAB0FAmHQ61ICngECmwwFlgID\n" + + "AQAEiwkIBwWVCgkICwAKCRAdCkqVY1vuP/LEAQDg/K1bmNdpQdkPrZD00r55HP9T\n" + + "vvExdYJtFaX2rCIANgEAidfP0vSG/17L6iDR3/TQC0qWew/iQaRhE95ALUn38g0=\n" + + "=mNne\n" + + "-----END PGP PRIVATE KEY BLOCK-----"; + @TestTemplate @ExtendWith(TestAllImplementations.class) public void verifyOldSignatureSubpacketsArePreservedOnNewExpirationDateSig() - throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, InterruptedException { - PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing() - .simpleEcKeyRing("Alice "); + throws PGPException, IOException { + PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(nonExpiringKey); PGPSignature oldSignature = PGPainless.inspectKeyRing(secretKeys).getLatestUserIdCertification("Alice "); PGPSignatureSubpacketVector oldPackets = oldSignature.getHashedSubPackets(); + // key does not expire assertEquals(0, oldPackets.getKeyExpirationTime()); - Thread.sleep(1000); Date now = new Date(); Calendar calendar = Calendar.getInstance(); calendar.setTime(now); diff --git a/pgpainless-core/src/test/java/org/pgpainless/signature/builder/DirectKeySignatureBuilderTest.java b/pgpainless-core/src/test/java/org/pgpainless/signature/builder/DirectKeySignatureBuilderTest.java index 0ab09eb0..3630555e 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/signature/builder/DirectKeySignatureBuilderTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/signature/builder/DirectKeySignatureBuilderTest.java @@ -11,6 +11,7 @@ import static org.junit.jupiter.api.Assertions.assertNotNull; import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; import java.util.Collections; +import java.util.Date; import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPSecretKeyRing; diff --git a/pgpainless-core/src/test/java/org/pgpainless/signature/subpackets/SignatureSubpacketsTest.java b/pgpainless-core/src/test/java/org/pgpainless/signature/subpackets/SignatureSubpacketsTest.java index 988bc776..082ffad2 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/signature/subpackets/SignatureSubpacketsTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/signature/subpackets/SignatureSubpacketsTest.java @@ -39,6 +39,7 @@ import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.openpgp.PGPSignatureGenerator; import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator; import org.bouncycastle.openpgp.PGPSignatureSubpacketVector; +import org.bouncycastle.util.encoders.Hex; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; @@ -449,11 +450,9 @@ public class SignatureSubpacketsTest { long keyId = fingerprint.getKeyId(); PGPSignatureSubpacketGenerator subpackets = new PGPSignatureSubpacketGenerator(); - // These are not extracted from the vector subpackets.setSignatureCreationTime(true, sigCreationDate); subpackets.setIssuerKeyID(true, keyId); subpackets.setIssuerFingerprint(true, publicKeys.getPublicKey()); - // These are extracted subpackets.setSignatureExpirationTime(true, 256000); subpackets.setExportable(true, true); subpackets.setTrust(true, 5, 15); @@ -488,12 +487,9 @@ public class SignatureSubpacketsTest { SignatureSubpackets wrapper = SignatureSubpackets.createSubpacketsFrom(subpackets.generate()); PGPSignatureSubpacketVector vector = SignatureSubpacketsHelper.toVector(wrapper); - // Verify these are not extracted - assertEquals(0, vector.getIssuerKeyID()); - assertNull(vector.getIssuerFingerprint()); - assertNull(vector.getSignatureCreationTime()); - - // Verify these are extracted + assertEquals(keyId, vector.getIssuerKeyID()); + assertEquals(fingerprint.toString(), Hex.toHexString(vector.getIssuerFingerprint().getFingerprint()).toUpperCase()); + assertEquals(sigCreationDate.getTime(), vector.getSignatureCreationTime().getTime()); assertEquals(256000, vector.getSignatureExpirationTime()); assertTrue(((Exportable) vector.getSubpacket(SignatureSubpacketTags.EXPORTABLE)).isExportable()); TrustSignature trust = (TrustSignature) vector.getSubpacket(SignatureSubpacketTags.TRUST_SIG);