Allow user-supplied secret key backup passphrases

Instead of passing the passphrase back to the user via a DisplayBackupCodeCallback, we directly return the passphrase which is now represented by a class. Also we now allow the user to provide the passphrase.
2025-12-06 21:21:08 +01:00 · 2020-07-15 22:22:42 +02:00 · 2020-07-15 22:22:42 +02:00 · 6e57ea0873
commit 6e57ea0873
parent 075e65ad40
8 changed files with 183 additions and 87 deletions
--- a/smack-openpgp/src/test/java/org/jivesoftware/smackx/ox/OpenPgpSecretKeyBackupPassphraseTest.java
+++ b/smack-openpgp/src/test/java/org/jivesoftware/smackx/ox/OpenPgpSecretKeyBackupPassphraseTest.java
@ -0,0 +1,57 @@
+/**
+ *
+ * Copyright 2020 Paul Schaub.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jivesoftware.smackx.ox;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThrows;
+
+import org.jivesoftware.smackx.ox.util.SecretKeyBackupHelper;
+
+import org.junit.jupiter.api.Test;
+
+public class OpenPgpSecretKeyBackupPassphraseTest {
+
+    @Test
+    public void secretKeyPassphraseConstructorTest() {
+        OpenPgpSecretKeyBackupPassphrase valid =
+                new OpenPgpSecretKeyBackupPassphrase("TWNK-KD5Y-MT3T-E1GS-DRDB-KVTW");
+
+        assertNotNull(valid);
+        for (int i = 0; i < 50; i++) {
+            assertNotNull(SecretKeyBackupHelper.generateBackupPassword());
+        }
+
+        assertThrows(IllegalArgumentException.class,
+                () -> new OpenPgpSecretKeyBackupPassphrase("TWNKKD5YMT3TE1GSDRDBKVTW"));
+
+        assertThrows(IllegalArgumentException.class,
+                () -> new OpenPgpSecretKeyBackupPassphrase("0123-4567-89AB-CDEF-GHIJ-KLMN"));
+
+        assertThrows(IllegalArgumentException.class,
+                () -> new OpenPgpSecretKeyBackupPassphrase("CONT-AINS-ILLE-GALL-ETTE-RSO0"));
+
+        assertThrows(IllegalArgumentException.class,
+                () -> new OpenPgpSecretKeyBackupPassphrase("TWNK-KD5Y-MT3T-E1GS-DRDB-"));
+
+        assertThrows(IllegalArgumentException.class,
+                () -> new OpenPgpSecretKeyBackupPassphrase("TWNK-KD5Y-MT3T-E1GS-DRDB-KVTW-ADDD"));
+
+        assertThrows(IllegalArgumentException.class,
+                () -> new OpenPgpSecretKeyBackupPassphrase("TWNK KD5Y MT3T E1GS DRDB KVTW"));
+
+    }
+}
--- a/smack-openpgp/src/test/java/org/jivesoftware/smackx/ox/SecretKeyBackupHelperTest.java
+++ b/smack-openpgp/src/test/java/org/jivesoftware/smackx/ox/SecretKeyBackupHelperTest.java
@ -1,6 +1,6 @@
 /**
 *
- * Copyright 2018 Paul Schaub.
+ * Copyright 2018-2020 Paul Schaub.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -18,17 +18,16 @@ package org.jivesoftware.smackx.ox;

 import static junit.framework.TestCase.assertEquals;
 import static junit.framework.TestCase.assertTrue;
+import static org.junit.Assert.assertArrayEquals;

 import java.io.File;
 import java.io.IOException;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
-import java.util.Arrays;
 import java.util.Collections;

 import org.jivesoftware.smack.test.util.SmackTestSuite;
-
 import org.jivesoftware.smackx.ox.crypto.PainlessOpenPgpProvider;
 import org.jivesoftware.smackx.ox.element.SecretkeyElement;
 import org.jivesoftware.smackx.ox.exception.InvalidBackupCodeException;
@ -60,7 +59,7 @@ public class SecretKeyBackupHelperTest extends SmackTestSuite {
    public void backupPasswordGenerationTest() {
        final String alphabet = "123456789ABCDEFGHIJKLMNPQRSTUVWXYZ";

-        String backupCode = SecretKeyBackupHelper.generateBackupPassword();
+        OpenPgpSecretKeyBackupPassphrase backupCode = SecretKeyBackupHelper.generateBackupPassword();
        assertEquals(29, backupCode.length());
        for (int i = 0; i < backupCode.length(); i++) {
            if ((i + 1) % 5 == 0) {
@ -86,12 +85,13 @@ public class SecretKeyBackupHelperTest extends SmackTestSuite {
        provider.getStore().importSecretKey(jid, keyRing.getSecretKeys());

        // Create encrypted backup
-        String backupCode = SecretKeyBackupHelper.generateBackupPassword();
-        SecretkeyElement element = SecretKeyBackupHelper.createSecretkeyElement(provider, jid, Collections.singleton(new OpenPgpV4Fingerprint(keyRing.getSecretKeys())), backupCode);
+        OpenPgpSecretKeyBackupPassphrase backupCode = SecretKeyBackupHelper.generateBackupPassword();
+        SecretkeyElement element = SecretKeyBackupHelper.createSecretkeyElement(provider, jid,
+                Collections.singleton(new OpenPgpV4Fingerprint(keyRing.getSecretKeys())), backupCode);

        // Decrypt backup and compare
        PGPSecretKeyRing secretKeyRing = SecretKeyBackupHelper.restoreSecretKeyBackup(element, backupCode);
-        assertTrue(Arrays.equals(keyRing.getSecretKeys().getEncoded(), secretKeyRing.getEncoded()));
+        assertArrayEquals(keyRing.getSecretKeys().getEncoded(), secretKeyRing.getEncoded());
    }

    @AfterClass