mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-23 12:52:07 +01:00
Add revocation certificate test
This commit is contained in:
parent
151d3c7b96
commit
c9c84a2dc5
3 changed files with 68 additions and 10 deletions
|
@ -207,5 +207,13 @@ public final class RevocationAttributes {
|
||||||
public RevocationAttributes withDescription(@Nonnull String description) {
|
public RevocationAttributes withDescription(@Nonnull String description) {
|
||||||
return new RevocationAttributes(reason, description);
|
return new RevocationAttributes(reason, description);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set an empty human-readable description.
|
||||||
|
* @return revocation attributes
|
||||||
|
*/
|
||||||
|
public RevocationAttributes withoutDescription() {
|
||||||
|
return withDescription("");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,46 @@
|
||||||
|
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
||||||
|
//
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package org.pgpainless.key.modification;
|
||||||
|
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
|
import org.bouncycastle.openpgp.PGPSignature;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.pgpainless.PGPainless;
|
||||||
|
import org.pgpainless.key.TestKeys;
|
||||||
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
|
import org.pgpainless.key.util.KeyRingUtils;
|
||||||
|
import org.pgpainless.key.util.RevocationAttributes;
|
||||||
|
|
||||||
|
public class RevocationCertificateTest {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void createRevocationCertificateTest() throws PGPException, IOException {
|
||||||
|
PGPSecretKeyRing secretKeys = TestKeys.getEmilSecretKeyRing();
|
||||||
|
|
||||||
|
PGPSignature revocation = PGPainless.modifyKeyRing(secretKeys)
|
||||||
|
.createRevocationCertificate(SecretKeyRingProtector.unprotectedKeys(),
|
||||||
|
RevocationAttributes.createKeyRevocation()
|
||||||
|
.withReason(RevocationAttributes.Reason.KEY_RETIRED)
|
||||||
|
.withoutDescription());
|
||||||
|
|
||||||
|
assertNotNull(revocation);
|
||||||
|
|
||||||
|
assertTrue(PGPainless.inspectKeyRing(secretKeys).isKeyValidlyBound(secretKeys.getPublicKey().getKeyID()));
|
||||||
|
|
||||||
|
// merge key and revocation certificate
|
||||||
|
PGPSecretKeyRing revokedKey = KeyRingUtils.keysPlusSecretKey(
|
||||||
|
secretKeys,
|
||||||
|
KeyRingUtils.secretKeyPlusSignature(secretKeys.getSecretKey(), revocation));
|
||||||
|
|
||||||
|
assertFalse(PGPainless.inspectKeyRing(revokedKey).isKeyValidlyBound(secretKeys.getPublicKey().getKeyID()));
|
||||||
|
}
|
||||||
|
}
|
|
@ -4,6 +4,14 @@
|
||||||
|
|
||||||
package org.pgpainless.key.modification;
|
package org.pgpainless.key.modification;
|
||||||
|
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||||
|
|
||||||
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.util.NoSuchElementException;
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
@ -11,17 +19,8 @@ import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.key.info.KeyRingInfo;
|
import org.pgpainless.key.info.KeyRingInfo;
|
||||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
import org.pgpainless.key.util.RevocationAttributes;
|
import org.pgpainless.key.util.RevocationAttributes;
|
||||||
import org.pgpainless.signature.subpackets.RevocationSignatureSubpackets;
|
|
||||||
import org.pgpainless.util.selection.userid.SelectUserId;
|
import org.pgpainless.util.selection.userid.SelectUserId;
|
||||||
|
|
||||||
import java.security.InvalidAlgorithmParameterException;
|
|
||||||
import java.security.NoSuchAlgorithmException;
|
|
||||||
import java.util.NoSuchElementException;
|
|
||||||
|
|
||||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
|
||||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
|
||||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
|
||||||
|
|
||||||
public class RevokeUserIdsTest {
|
public class RevokeUserIdsTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -41,7 +40,12 @@ public class RevokeUserIdsTest {
|
||||||
assertTrue(info.isUserIdValid("Alice <alice@example.org>"));
|
assertTrue(info.isUserIdValid("Alice <alice@example.org>"));
|
||||||
|
|
||||||
secretKeys = PGPainless.modifyKeyRing(secretKeys)
|
secretKeys = PGPainless.modifyKeyRing(secretKeys)
|
||||||
.revokeUserIds(SelectUserId.containsEmailAddress("alice@example.org"), protector, (RevocationSignatureSubpackets.Callback) null)
|
.revokeUserIds(
|
||||||
|
SelectUserId.containsEmailAddress("alice@example.org"),
|
||||||
|
protector,
|
||||||
|
RevocationAttributes.createCertificateRevocation()
|
||||||
|
.withReason(RevocationAttributes.Reason.USER_ID_NO_LONGER_VALID)
|
||||||
|
.withoutDescription())
|
||||||
.done();
|
.done();
|
||||||
|
|
||||||
info = PGPainless.inspectKeyRing(secretKeys);
|
info = PGPainless.inspectKeyRing(secretKeys);
|
||||||
|
|
Loading…
Reference in a new issue