From c9c84a2dc53f20363e5e9b7aa2a45b50e9827888 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Sat, 27 Nov 2021 14:59:12 +0100 Subject: [PATCH] Add revocation certificate test --- .../key/util/RevocationAttributes.java | 8 ++++ .../RevocationCertificateTest.java | 46 +++++++++++++++++++ .../key/modification/RevokeUserIdsTest.java | 24 ++++++---- 3 files changed, 68 insertions(+), 10 deletions(-) create mode 100644 pgpainless-core/src/test/java/org/pgpainless/key/modification/RevocationCertificateTest.java diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/util/RevocationAttributes.java b/pgpainless-core/src/main/java/org/pgpainless/key/util/RevocationAttributes.java index 972fe7dc..98b486d4 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/util/RevocationAttributes.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/util/RevocationAttributes.java @@ -207,5 +207,13 @@ public final class RevocationAttributes { public RevocationAttributes withDescription(@Nonnull String description) { return new RevocationAttributes(reason, description); } + + /** + * Set an empty human-readable description. + * @return revocation attributes + */ + public RevocationAttributes withoutDescription() { + return withDescription(""); + } } } diff --git a/pgpainless-core/src/test/java/org/pgpainless/key/modification/RevocationCertificateTest.java b/pgpainless-core/src/test/java/org/pgpainless/key/modification/RevocationCertificateTest.java new file mode 100644 index 00000000..ec518847 --- /dev/null +++ b/pgpainless-core/src/test/java/org/pgpainless/key/modification/RevocationCertificateTest.java @@ -0,0 +1,46 @@ +// SPDX-FileCopyrightText: 2021 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package org.pgpainless.key.modification; + +import static org.junit.jupiter.api.Assertions.assertFalse; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertTrue; + +import java.io.IOException; + +import org.bouncycastle.openpgp.PGPException; +import org.bouncycastle.openpgp.PGPSecretKeyRing; +import org.bouncycastle.openpgp.PGPSignature; +import org.junit.jupiter.api.Test; +import org.pgpainless.PGPainless; +import org.pgpainless.key.TestKeys; +import org.pgpainless.key.protection.SecretKeyRingProtector; +import org.pgpainless.key.util.KeyRingUtils; +import org.pgpainless.key.util.RevocationAttributes; + +public class RevocationCertificateTest { + + @Test + public void createRevocationCertificateTest() throws PGPException, IOException { + PGPSecretKeyRing secretKeys = TestKeys.getEmilSecretKeyRing(); + + PGPSignature revocation = PGPainless.modifyKeyRing(secretKeys) + .createRevocationCertificate(SecretKeyRingProtector.unprotectedKeys(), + RevocationAttributes.createKeyRevocation() + .withReason(RevocationAttributes.Reason.KEY_RETIRED) + .withoutDescription()); + + assertNotNull(revocation); + + assertTrue(PGPainless.inspectKeyRing(secretKeys).isKeyValidlyBound(secretKeys.getPublicKey().getKeyID())); + + // merge key and revocation certificate + PGPSecretKeyRing revokedKey = KeyRingUtils.keysPlusSecretKey( + secretKeys, + KeyRingUtils.secretKeyPlusSignature(secretKeys.getSecretKey(), revocation)); + + assertFalse(PGPainless.inspectKeyRing(revokedKey).isKeyValidlyBound(secretKeys.getPublicKey().getKeyID())); + } +} diff --git a/pgpainless-core/src/test/java/org/pgpainless/key/modification/RevokeUserIdsTest.java b/pgpainless-core/src/test/java/org/pgpainless/key/modification/RevokeUserIdsTest.java index 4be6c245..e416bf04 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/key/modification/RevokeUserIdsTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/key/modification/RevokeUserIdsTest.java @@ -4,6 +4,14 @@ package org.pgpainless.key.modification; +import static org.junit.jupiter.api.Assertions.assertFalse; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; + +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.util.NoSuchElementException; + import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.junit.jupiter.api.Test; @@ -11,17 +19,8 @@ import org.pgpainless.PGPainless; import org.pgpainless.key.info.KeyRingInfo; import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.util.RevocationAttributes; -import org.pgpainless.signature.subpackets.RevocationSignatureSubpackets; import org.pgpainless.util.selection.userid.SelectUserId; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.util.NoSuchElementException; - -import static org.junit.jupiter.api.Assertions.assertFalse; -import static org.junit.jupiter.api.Assertions.assertThrows; -import static org.junit.jupiter.api.Assertions.assertTrue; - public class RevokeUserIdsTest { @Test @@ -41,7 +40,12 @@ public class RevokeUserIdsTest { assertTrue(info.isUserIdValid("Alice ")); secretKeys = PGPainless.modifyKeyRing(secretKeys) - .revokeUserIds(SelectUserId.containsEmailAddress("alice@example.org"), protector, (RevocationSignatureSubpackets.Callback) null) + .revokeUserIds( + SelectUserId.containsEmailAddress("alice@example.org"), + protector, + RevocationAttributes.createCertificateRevocation() + .withReason(RevocationAttributes.Reason.USER_ID_NO_LONGER_VALID) + .withoutDescription()) .done(); info = PGPainless.inspectKeyRing(secretKeys);