1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-23 12:52:07 +01:00

Add revocation certificate test

This commit is contained in:
Paul Schaub 2021-11-27 14:59:12 +01:00
parent 151d3c7b96
commit c9c84a2dc5
3 changed files with 68 additions and 10 deletions

View file

@ -207,5 +207,13 @@ public final class RevocationAttributes {
public RevocationAttributes withDescription(@Nonnull String description) { public RevocationAttributes withDescription(@Nonnull String description) {
return new RevocationAttributes(reason, description); return new RevocationAttributes(reason, description);
} }
/**
* Set an empty human-readable description.
* @return revocation attributes
*/
public RevocationAttributes withoutDescription() {
return withDescription("");
}
} }
} }

View file

@ -0,0 +1,46 @@
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.key.modification;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
import java.io.IOException;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSignature;
import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.key.TestKeys;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.util.KeyRingUtils;
import org.pgpainless.key.util.RevocationAttributes;
public class RevocationCertificateTest {
@Test
public void createRevocationCertificateTest() throws PGPException, IOException {
PGPSecretKeyRing secretKeys = TestKeys.getEmilSecretKeyRing();
PGPSignature revocation = PGPainless.modifyKeyRing(secretKeys)
.createRevocationCertificate(SecretKeyRingProtector.unprotectedKeys(),
RevocationAttributes.createKeyRevocation()
.withReason(RevocationAttributes.Reason.KEY_RETIRED)
.withoutDescription());
assertNotNull(revocation);
assertTrue(PGPainless.inspectKeyRing(secretKeys).isKeyValidlyBound(secretKeys.getPublicKey().getKeyID()));
// merge key and revocation certificate
PGPSecretKeyRing revokedKey = KeyRingUtils.keysPlusSecretKey(
secretKeys,
KeyRingUtils.secretKeyPlusSignature(secretKeys.getSecretKey(), revocation));
assertFalse(PGPainless.inspectKeyRing(revokedKey).isKeyValidlyBound(secretKeys.getPublicKey().getKeyID()));
}
}

View file

@ -4,6 +4,14 @@
package org.pgpainless.key.modification; package org.pgpainless.key.modification;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.NoSuchElementException;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
@ -11,17 +19,8 @@ import org.pgpainless.PGPainless;
import org.pgpainless.key.info.KeyRingInfo; import org.pgpainless.key.info.KeyRingInfo;
import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.util.RevocationAttributes; import org.pgpainless.key.util.RevocationAttributes;
import org.pgpainless.signature.subpackets.RevocationSignatureSubpackets;
import org.pgpainless.util.selection.userid.SelectUserId; import org.pgpainless.util.selection.userid.SelectUserId;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.NoSuchElementException;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
public class RevokeUserIdsTest { public class RevokeUserIdsTest {
@Test @Test
@ -41,7 +40,12 @@ public class RevokeUserIdsTest {
assertTrue(info.isUserIdValid("Alice <alice@example.org>")); assertTrue(info.isUserIdValid("Alice <alice@example.org>"));
secretKeys = PGPainless.modifyKeyRing(secretKeys) secretKeys = PGPainless.modifyKeyRing(secretKeys)
.revokeUserIds(SelectUserId.containsEmailAddress("alice@example.org"), protector, (RevocationSignatureSubpackets.Callback) null) .revokeUserIds(
SelectUserId.containsEmailAddress("alice@example.org"),
protector,
RevocationAttributes.createCertificateRevocation()
.withReason(RevocationAttributes.Reason.USER_ID_NO_LONGER_VALID)
.withoutDescription())
.done(); .done();
info = PGPainless.inspectKeyRing(secretKeys); info = PGPainless.inspectKeyRing(secretKeys);