1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-01-24 19:06:24 +01:00

Fix last two broken tests

This commit is contained in:
Paul Schaub 2022-10-24 18:30:40 +02:00
parent e0b2145793
commit 8097c87b7f
2 changed files with 30 additions and 12 deletions

View file

@ -9,6 +9,7 @@ import java.io.InputStream;
import java.io.OutputStream; import java.io.OutputStream;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collection; import java.util.Collection;
import java.util.Date;
import java.util.HashSet; import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
@ -60,12 +61,13 @@ import org.pgpainless.key.info.KeyRingInfo;
import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.protection.UnlockSecretKey; import org.pgpainless.key.protection.UnlockSecretKey;
import org.pgpainless.key.util.KeyIdUtil; import org.pgpainless.key.util.KeyIdUtil;
import org.pgpainless.key.util.KeyRingUtils;
import org.pgpainless.policy.Policy; import org.pgpainless.policy.Policy;
import org.pgpainless.signature.SignatureUtils; import org.pgpainless.signature.SignatureUtils;
import org.pgpainless.signature.consumer.CertificateValidator;
import org.pgpainless.signature.consumer.OnePassSignatureCheck; import org.pgpainless.signature.consumer.OnePassSignatureCheck;
import org.pgpainless.signature.consumer.SignatureCheck; import org.pgpainless.signature.consumer.SignatureCheck;
import org.pgpainless.signature.consumer.SignatureValidator; import org.pgpainless.signature.consumer.SignatureValidator;
import org.pgpainless.signature.consumer.SignatureVerifier;
import org.pgpainless.util.ArmoredInputStreamFactory; import org.pgpainless.util.ArmoredInputStreamFactory;
import org.pgpainless.util.Passphrase; import org.pgpainless.util.Passphrase;
import org.pgpainless.util.SessionKey; import org.pgpainless.util.SessionKey;
@ -654,7 +656,16 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
if (decryptionKey == null) { if (decryptionKey == null) {
continue; continue;
} }
return secretKeys;
KeyRingInfo info = new KeyRingInfo(secretKeys, policy, new Date());
List<PGPPublicKey> encryptionKeys = info.getEncryptionSubkeys(EncryptionPurpose.ANY);
for (PGPPublicKey key : encryptionKeys) {
if (key.getKeyID() == keyID) {
return secretKeys;
}
}
LOGGER.debug("Subkey " + Long.toHexString(keyID) + " cannot be used for decryption.");
} }
return null; return null;
} }
@ -951,8 +962,8 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
try { try {
SignatureValidator.signatureWasCreatedInBounds(options.getVerifyNotBefore(), options.getVerifyNotAfter()) SignatureValidator.signatureWasCreatedInBounds(options.getVerifyNotBefore(), options.getVerifyNotAfter())
.verify(signature); .verify(signature);
SignatureVerifier.verifyOnePassSignature(signature, onePassSignature.getVerificationKeys().getPublicKey(signature.getKeyID()), onePassSignature, policy); CertificateValidator.validateCertificateAndVerifyOnePassSignature(onePassSignature, policy);
LOGGER.debug("Acceptable signature by key " + verification.getSigningKey()); LOGGER.debug("Acceptable signature by key " + verification.getSigningKey());
layer.addVerifiedOnePassSignature(verification); layer.addVerifiedOnePassSignature(verification);
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
@ -1068,10 +1079,8 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
try { try {
SignatureValidator.signatureWasCreatedInBounds(options.getVerifyNotBefore(), options.getVerifyNotAfter()) SignatureValidator.signatureWasCreatedInBounds(options.getVerifyNotBefore(), options.getVerifyNotAfter())
.verify(detached.getSignature()); .verify(detached.getSignature());
SignatureVerifier.verifyInitializedSignature( CertificateValidator.validateCertificateAndVerifyInitializedSignature(
detached.getSignature(), detached.getSignature(), KeyRingUtils.publicKeys(detached.getSigningKeyRing()), policy);
detached.getSigningKeyRing().getPublicKey(detached.getSigningKeyIdentifier().getKeyId()),
policy, detached.getSignature().getCreationTime());
LOGGER.debug("Acceptable signature by key " + verification.getSigningKey()); LOGGER.debug("Acceptable signature by key " + verification.getSigningKey());
layer.addVerifiedDetachedSignature(verification); layer.addVerifiedDetachedSignature(verification);
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {
@ -1085,10 +1094,8 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
try { try {
SignatureValidator.signatureWasCreatedInBounds(options.getVerifyNotBefore(), options.getVerifyNotAfter()) SignatureValidator.signatureWasCreatedInBounds(options.getVerifyNotBefore(), options.getVerifyNotAfter())
.verify(prepended.getSignature()); .verify(prepended.getSignature());
SignatureVerifier.verifyInitializedSignature( CertificateValidator.validateCertificateAndVerifyInitializedSignature(
prepended.getSignature(), prepended.getSignature(), KeyRingUtils.publicKeys(prepended.getSigningKeyRing()), policy);
prepended.getSigningKeyRing().getPublicKey(prepended.getSigningKeyIdentifier().getKeyId()),
policy, prepended.getSignature().getCreationTime());
LOGGER.debug("Acceptable signature by key " + verification.getSigningKey()); LOGGER.debug("Acceptable signature by key " + verification.getSigningKey());
layer.addVerifiedPrependedSignature(verification); layer.addVerifiedPrependedSignature(verification);
} catch (SignatureValidationException e) { } catch (SignatureValidationException e) {

View file

@ -144,6 +144,17 @@ public final class KeyRingUtils {
return secretKey; return secretKey;
} }
@Nonnull
public static PGPPublicKeyRing publicKeys(@Nonnull PGPKeyRing keys) {
if (keys instanceof PGPPublicKeyRing) {
return (PGPPublicKeyRing) keys;
} else if (keys instanceof PGPSecretKeyRing) {
return publicKeyRingFrom((PGPSecretKeyRing) keys);
} else {
throw new IllegalArgumentException("Unknown keys class: " + keys.getClass().getName());
}
}
/** /**
* Extract a {@link PGPPublicKeyRing} containing all public keys from the provided {@link PGPSecretKeyRing}. * Extract a {@link PGPPublicKeyRing} containing all public keys from the provided {@link PGPSecretKeyRing}.
* *