1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 14:22:05 +01:00

Add user-id revocation example

This commit is contained in:
Paul Schaub 2021-06-26 18:27:14 +02:00
parent f6ffc4c28d
commit fc14a86d9c

View file

@ -45,6 +45,10 @@ import org.pgpainless.key.protection.UnlockSecretKey;
import org.pgpainless.util.Passphrase;
import org.pgpainless.util.TestUtils;
/**
* PGPainless offers a simple API to modify keys by adding and replacing signatures and/or subkeys.
* The main entry point to this API is {@link PGPainless#modifyKeyRing(PGPSecretKeyRing)}.
*/
public class ModifyKeys {
private final String userId = "alice@pgpainless.org";
@ -191,12 +195,17 @@ public class ModifyKeys {
assertEquals(TestUtils.formatUTCDate(expirationDate), TestUtils.formatUTCDate(info.getExpirationDateForUse(KeyFlag.SIGN_DATA)));
}
/**
* This example demonstrates how to set an expiration date for single subkeys.
*
* @throws PGPException
*/
@Test
public void setSubkeyExpirationDate() throws PGPException {
Date expirationDate = TestUtils.getUTCDate("2032-01-13 22:30:01 UTC");
SecretKeyRingProtector protector = SecretKeyRingProtector
.unlockAllKeysWith(Passphrase.fromPassword(originalPassphrase), secretKey);
secretKey = PGPainless.modifyKeyRing(secretKey)
.setExpirationDate(
new OpenPgpV4Fingerprint(secretKey.getPublicKey(encryptionSubkeyId)),
@ -211,4 +220,25 @@ public class ModifyKeys {
assertNull(info.getExpirationDateForUse(KeyFlag.SIGN_DATA));
assertEquals(TestUtils.formatUTCDate(expirationDate), TestUtils.formatUTCDate(info.getExpirationDateForUse(KeyFlag.ENCRYPT_COMMS)));
}
/**
* This example demonstrates how to revoke a user-id on a key.
*
* @throws PGPException
*/
@Test
public void revokeUserId() throws PGPException {
secretKey = PGPainless.modifyKeyRing(secretKey)
.addUserId("alcie@pgpainless.org", SecretKeyRingProtector.unprotectedKeys())
.done();
// Initially the user-id is valid
assertTrue(PGPainless.inspectKeyRing(secretKey).isUserIdValid("alcie@pgpainless.org"));
// Revoke the second user-id
secretKey = PGPainless.modifyKeyRing(secretKey)
.revokeUserId("alcie@pgpainless.org", SecretKeyRingProtector.unprotectedKeys())
.done();
// Now the user-id is no longer valid
assertFalse(PGPainless.inspectKeyRing(secretKey).isUserIdValid("alcie@pgpainless.org"));
}
}