Add tests for pet name certification and scoped delegation

pgpainless-core/src/test/java/org/pgpainless/key/certification/CertifyCertificateTest.java

@@ -23,10 +23,13 @@ import org.bouncycastle.openpgp.PGPSignature;
 import org.bouncycastle.util.Arrays;
 import org.junit.jupiter.api.Test;
 import org.pgpainless.PGPainless;
+import org.pgpainless.algorithm.CertificationType;
 import org.pgpainless.algorithm.SignatureType;
 import org.pgpainless.algorithm.Trustworthiness;
+import org.pgpainless.key.info.KeyRingInfo;
 import org.pgpainless.key.protection.SecretKeyRingProtector;
 import org.pgpainless.signature.consumer.SignatureVerifier;
+import org.pgpainless.signature.subpackets.CertificationSubpackets;
 import org.pgpainless.util.CollectionUtils;
 import org.pgpainless.util.DateUtil;
 
@@ -105,4 +108,58 @@ public class CertifyCertificateTest {
 
         assertFalse(Arrays.areEqual(bobCertificate.getEncoded(), bobCertified.getEncoded()));
     }
+
+    @Test
+    public void testPetNameCertification() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
+        PGPSecretKeyRing aliceKey = PGPainless.generateKeyRing()
+                .modernKeyRing("Alice <alice@pgpainless.org>");
+        PGPSecretKeyRing bobKey = PGPainless.generateKeyRing()
+                .modernKeyRing("Bob <bob@pgpainless.org>");
+
+        PGPPublicKeyRing bobCert = PGPainless.extractCertificate(bobKey);
+        String petName = "Bobby";
+
+        CertifyCertificate.CertificationResult result = PGPainless.certify()
+                .userIdOnCertificate(petName, bobCert)
+                .withKey(aliceKey, SecretKeyRingProtector.unprotectedKeys())
+                .buildWithSubpackets(new CertificationSubpackets.Callback() {
+                    @Override
+                    public void modifyHashedSubpackets(CertificationSubpackets hashedSubpackets) {
+                        hashedSubpackets.setExportable(false);
+                    }
+                });
+
+        PGPSignature certification = result.getCertification();
+        assertEquals(aliceKey.getPublicKey().getKeyID(), certification.getKeyID());
+        assertEquals(CertificationType.GENERIC.asSignatureType().getCode(), certification.getSignatureType());
+
+        PGPPublicKeyRing certWithPetName = result.getCertifiedCertificate();
+        KeyRingInfo info = PGPainless.inspectKeyRing(certWithPetName);
+        assertTrue(info.getUserIds().contains(petName));
+        assertFalse(info.getValidUserIds().contains(petName));
+    }
+
+    @Test
+    public void testScopedDelegation() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException {
+        PGPSecretKeyRing aliceKey = PGPainless.generateKeyRing()
+                .modernKeyRing("Alice <alice@pgpainless.org>");
+        PGPSecretKeyRing caKey = PGPainless.generateKeyRing()
+                .modernKeyRing("CA <ca@example.com>");
+        PGPPublicKeyRing caCert = PGPainless.extractCertificate(caKey);
+
+        CertifyCertificate.CertificationResult result = PGPainless.certify()
+                .certificate(caCert, Trustworthiness.fullyTrusted().introducer())
+                .withKey(aliceKey, SecretKeyRingProtector.unprotectedKeys())
+                .buildWithSubpackets(new CertificationSubpackets.Callback() {
+                    @Override
+                    public void modifyHashedSubpackets(CertificationSubpackets hashedSubpackets) {
+                        hashedSubpackets.setRegularExpression("^.*<.+@example.com>.*$");
+                    }
+                });
+
+        PGPSignature certification = result.getCertification();
+        assertEquals(SignatureType.DIRECT_KEY.getCode(), certification.getSignatureType());
+        assertEquals("^.*<.+@example.com>.*$",
+                certification.getHashedSubPackets().getRegularExpression().getRegex());
+    }
 }