diff --git a/pgpainless-core/src/test/java/org/pgpainless/policy/PolicySetterTest.java b/pgpainless-core/src/test/java/org/pgpainless/policy/PolicySetterTest.java index 6e90847d..dea45166 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/policy/PolicySetterTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/policy/PolicySetterTest.java @@ -17,43 +17,43 @@ public class PolicySetterTest { @Test public void testSetCertificationSignatureHashAlgorithmPolicy_NullFails() { - Policy policy = Policy.getInstance(); + Policy policy = new Policy(); assertThrows(NullPointerException.class, () -> policy.setCertificationSignatureHashAlgorithmPolicy(null)); } @Test public void testSetDataSignatureHashAlgorithmPolicy_NullFails() { - Policy policy = Policy.getInstance(); + Policy policy = new Policy(); assertThrows(NullPointerException.class, () -> policy.setDataSignatureHashAlgorithmPolicy(null)); } @Test public void testSetRevocationSignatureHashAlgorithmPolicy_NullFails() { - Policy policy = Policy.getInstance(); + Policy policy = new Policy(); assertThrows(NullPointerException.class, () -> policy.setRevocationSignatureHashAlgorithmPolicy(null)); } @Test public void testSetSymmetricKeyEncryptionAlgorithmPolicy_NullFails() { - Policy policy = Policy.getInstance(); + Policy policy = new Policy(); assertThrows(NullPointerException.class, () -> policy.setSymmetricKeyEncryptionAlgorithmPolicy(null)); } @Test public void testSetSymmetricKeyDecryptionAlgorithmPolicy_NullFails() { - Policy policy = Policy.getInstance(); + Policy policy = new Policy(); assertThrows(NullPointerException.class, () -> policy.setSymmetricKeyDecryptionAlgorithmPolicy(null)); } @Test public void testSetCompressionAlgorithmPolicy_NullFails() { - Policy policy = Policy.getInstance(); + Policy policy = new Policy(); assertThrows(NullPointerException.class, () -> policy.setCompressionAlgorithmPolicy(null)); } @Test public void testSetPublicKeyAlgorithmPolicy_NullFails() { - Policy policy = Policy.getInstance(); + Policy policy = new Policy(); assertThrows(NullPointerException.class, () -> policy.setPublicKeyAlgorithmPolicy(null)); } diff --git a/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureSubpacketsUtilTest.java b/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureSubpacketsUtilTest.java index 1caeb9e9..38c663a3 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureSubpacketsUtilTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureSubpacketsUtilTest.java @@ -61,7 +61,7 @@ public class SignatureSubpacketsUtilTest { .done(); PGPSignature expirationSig = SignaturePicker.pickCurrentUserIdCertificationSignature( - secretKeys, "Expire", Policy.getInstance(), new Date()); + secretKeys, "Expire", PGPainless.getPolicy(), new Date()); PGPPublicKey notTheRightKey = PGPainless.inspectKeyRing(secretKeys).getSigningSubkeys().get(0); assertThrows(IllegalArgumentException.class, () -> diff --git a/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/GenerateOpenPgpKeyTest.kt b/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/GenerateOpenPgpKeyTest.kt index 9418ece9..151c1977 100644 --- a/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/GenerateOpenPgpKeyTest.kt +++ b/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/GenerateOpenPgpKeyTest.kt @@ -28,7 +28,7 @@ class GenerateOpenPgpKeyTest { fun test() { val date = DateUtil.parseUTCDate("2020-04-01 10:00:00 UTC") val key = - GenerateOpenPgpKey(Policy.getInstance(), date) + GenerateOpenPgpKey(Policy(), date) .buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519), listOf(KeyFlag.CERTIFY_OTHER)) .addUserId("Alice") .addEncryptionSubkey(KeyType.XDH(XDHSpec._X25519)) @@ -40,7 +40,7 @@ class GenerateOpenPgpKeyTest { @Test fun minimal() { val key = - GenerateOpenPgpKey(Policy.getInstance()) + GenerateOpenPgpKey(Policy()) .buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519), listOf(KeyFlag.CERTIFY_OTHER)) .build() println(PGPainless.asciiArmor(key)) @@ -49,7 +49,7 @@ class GenerateOpenPgpKeyTest { @Test fun minimalWithUserId() { val key = - GenerateOpenPgpKey(Policy.getInstance()) + GenerateOpenPgpKey(Policy()) .buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519), listOf(KeyFlag.CERTIFY_OTHER)) .addUserId("Alice ") .build() @@ -59,7 +59,7 @@ class GenerateOpenPgpKeyTest { @Test fun primaryKeyMustBeCertificationCapable() { assertThrows { - GenerateOpenPgpKey(Policy.getInstance()) + GenerateOpenPgpKey(Policy()) // XDH is not signing/certification capable .buildV4Key(KeyType.XDH(XDHSpec._X25519)) } @@ -68,7 +68,7 @@ class GenerateOpenPgpKeyTest { @Test fun encryptionSubkeyMustBeEncryptionCapable() { val builder = - GenerateOpenPgpKey(Policy.getInstance()).buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519)) + GenerateOpenPgpKey(Policy()).buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519)) assertThrows { builder.addEncryptionSubkey(KeyType.EDDSA(EdDSACurve._Ed25519)) @@ -78,7 +78,7 @@ class GenerateOpenPgpKeyTest { @Test fun signingSubkeysMustBeSigningCapable() { val builder = - GenerateOpenPgpKey(Policy.getInstance()).buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519)) + GenerateOpenPgpKey(Policy()).buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519)) assertThrows { builder.addSigningSubkey(KeyType.XDH(XDHSpec._X25519)) @@ -108,7 +108,7 @@ class GenerateOpenPgpKeyTest { @Test fun testKeyGenerationWithJPEGAttribute() { val key = - GenerateOpenPgpKey(Policy.getInstance()) + GenerateOpenPgpKey(Policy()) .buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519)) .addJpegImage(requireResource("suzanne.jpg")) .build() diff --git a/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/MalformedKeyGenerationTest.kt b/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/MalformedKeyGenerationTest.kt index dcfbc85d..f92a3198 100644 --- a/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/MalformedKeyGenerationTest.kt +++ b/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/MalformedKeyGenerationTest.kt @@ -24,7 +24,7 @@ class MalformedKeyGenerationTest { fun malformedPrimaryUserIdSubpacket() { val userId = "Alice " val key = - GenerateOpenPgpKey(Policy.getInstance()) + GenerateOpenPgpKey(Policy()) .buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519)) .addUserId( userId, @@ -42,7 +42,7 @@ class MalformedKeyGenerationTest { @Test fun malformedExportableSubpacket() { val key = - GenerateOpenPgpKey(Policy.getInstance()) + GenerateOpenPgpKey(Policy()) .buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519)) .addUserId( "Alice ", @@ -60,7 +60,7 @@ class MalformedKeyGenerationTest { @Test fun malformedRevocableSubpacket() { val key = - GenerateOpenPgpKey(Policy.getInstance()) + GenerateOpenPgpKey(Policy()) .buildV4Key(KeyType.EDDSA(EdDSACurve._Ed25519)) .addUserId( "Alice ", @@ -77,7 +77,7 @@ class MalformedKeyGenerationTest { @Test fun primaryUserIdOnDirectKeySig() { - val policy = Policy.getInstance() + val policy = Policy() val key = GenerateOpenPgpKey(policy) .buildV4Key( diff --git a/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/OpenPgpKeyGeneratorTest.kt b/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/OpenPgpKeyGeneratorTest.kt index 50a6fcb5..18f37430 100644 --- a/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/OpenPgpKeyGeneratorTest.kt +++ b/pgpainless-core/src/test/kotlin/org/pgpainless/key/generation/OpenPgpKeyGeneratorTest.kt @@ -112,13 +112,27 @@ class OpenPgpKeyGeneratorTest { @Test fun `key generation with too weak PK algorithms fails`() { - val policy = Policy.getInstance() + val policy = Policy() policy.publicKeyAlgorithmPolicy = Policy.PublicKeyAlgorithmPolicy( buildMap { put(PublicKeyAlgorithm.RSA_GENERAL, 3072) } ) assertThrows { - buildV4(policy).setPrimaryKey(KeyType.RSA(RsaLength._2048)) + buildV4(policy) + // opinionated builder verifies PK parameters + .setPrimaryKey(KeyType.RSA(RsaLength._2048)) // too weak } } + + @Test + fun `unopionionated key generation with too weak PK algorithm does not fail`() { + val policy = Policy() + policy.publicKeyAlgorithmPolicy = Policy.PublicKeyAlgorithmPolicy( + buildMap { put(PublicKeyAlgorithm.RSA_GENERAL, 3072) } + ) + + buildV4(policy) + .unopinionated() // unopinionated builder allows for non-compliant configurations + .setPrimaryKey(KeyType.RSA(RsaLength._2048)) + } }