PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-12-07 04:41:12 +01:00
Code Issues Releases Wiki Activity

Replace SignatureVerifier usage with BC API

Browse source
This commit is contained in:
Paul Schaub 2025-03-31 09:52:49 +02:00
parent b88440028a
commit 20282a0576
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 18 additions and 762 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pgpainless-core/src/test/java/org/pgpainless/key/certification/CertifyCertificateTest.java
View file

@ -27,10 +27,8 @@ import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.algorithm.Trustworthiness;
import org.pgpainless.key.info.KeyRingInfo;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.signature.consumer.SignatureVerifier;
import org.pgpainless.signature.subpackets.CertificationSubpackets;
import org.pgpainless.util.CollectionUtils;
import org.pgpainless.util.DateUtil;
import javax.annotation.Nonnull;
@ -57,8 +55,7 @@ public class CertifyCertificateTest {
assertEquals(SignatureType.GENERIC_CERTIFICATION, SignatureType.requireFromCode(signature.getSignatureType()));
assertEquals(alice.getPrimaryKey().getPGPPublicKey().getKeyID(), signature.getKeyID());
assertTrue(SignatureVerifier.verifyUserIdCertification(
bobUserId, signature, alice.getPrimaryKey().getPGPPublicKey(), bob.getPrimaryKey().getPGPPublicKey(), api.getAlgorithmPolicy(), DateUtil.now()));
assertTrue(result.getCertifiedCertificate().getUserId("Bob <bob@pgpainless.org>").getCertificationBy(alice).isValid());
OpenPGPCertificate bobCertified = result.getCertifiedCertificate();
PGPPublicKey bobCertifiedKey = bobCertified.getPrimaryKey().getPGPPublicKey();
@ -99,8 +96,7 @@ public class CertifyCertificateTest {
assertTrue(trustworthiness.isIntroducer());
assertFalse(trustworthiness.canIntroduce(1));
assertTrue(SignatureVerifier.verifyDirectKeySignature(
pgpSignature, alice.getPrimaryKey().getPGPPublicKey(), bob.getPrimaryKey().getPGPPublicKey(), api.getAlgorithmPolicy(), DateUtil.now()));
assertTrue(result.getCertifiedCertificate().getDelegationBy(alice).isValid());
OpenPGPCertificate bobCertified = result.getCertifiedCertificate();
PGPPublicKey bobCertifiedKey = bobCertified.getPrimaryKey().getPGPPublicKey();

32
pgpainless-core/src/test/java/org/pgpainless/signature/SignatureOverUserAttributesTest.java
View file

@ -4,18 +4,12 @@
package org.pgpainless.signature;
import static org.junit.jupiter.api.Assertions.assertThrows;
import java.io.IOException;
import java.util.Date;
import java.util.List;
import org.bouncycastle.bcpg.attr.ImageAttribute;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.PGPUserAttributeSubpacketVector;
import org.bouncycastle.openpgp.PGPUserAttributeSubpacketVectorGenerator;
import org.bouncycastle.openpgp.*;
import org.bouncycastle.openpgp.api.OpenPGPCertificate;
import org.bouncycastle.openpgp.api.OpenPGPImplementation;
import org.bouncycastle.openpgp.api.OpenPGPKey;
@ -23,11 +17,11 @@ import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.exception.SignatureValidationException;
import org.pgpainless.key.TestKeys;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.protection.UnlockSecretKey;
import org.pgpainless.signature.consumer.SignatureVerifier;
import static org.junit.jupiter.api.Assertions.*;
public class SignatureOverUserAttributesTest {
@ -53,6 +47,7 @@ public class SignatureOverUserAttributesTest {
public void createAndVerifyUserAttributeCertification() throws PGPException, IOException {
PGPainless api = PGPainless.getInstance();
OpenPGPKey secretKeys = TestKeys.getEmilKey();
OpenPGPKey.OpenPGPSecretKey secretKey = secretKeys.getPrimarySecretKey();
OpenPGPCertificate.OpenPGPComponentKey publicKey = secretKey.getPublicKey();
OpenPGPKey.OpenPGPPrivateKey privateKey = UnlockSecretKey.unlockSecretKey(secretKey, SecretKeyRingProtector.unprotectedKeys());
@ -65,9 +60,12 @@ public class SignatureOverUserAttributesTest {
PGPSignature signature = generator.generateCertification(attribute, publicKey.getPGPPublicKey());
PGPPublicKey pgpPublicKey = PGPPublicKey.addCertification(publicKey.getPGPPublicKey(), attribute, signature);
SignatureVerifier.verifyUserAttributesCertification(attribute, signature, pgpPublicKey, api.getAlgorithmPolicy(), new Date());
pgpPublicKey = PGPPublicKey.addCertification(pgpPublicKey, invalidAttribute, signature);
OpenPGPCertificate withUserAttribute = api.toCertificate(PGPPublicKeyRing.insertPublicKey(secretKeys.getPGPPublicKeyRing(), pgpPublicKey));
List<OpenPGPCertificate.OpenPGPIdentityComponent> identities = withUserAttribute.getIdentities();
assertThrows(SignatureValidationException.class, () -> SignatureVerifier.verifyUserAttributesCertification(invalidAttribute, signature, pgpPublicKey, api.getAlgorithmPolicy(), new Date()));
assertTrue(identities.get(1).isBound()); // valid
assertFalse(identities.get(2).isBound()); // invalid
}
@Test
@ -86,9 +84,11 @@ public class SignatureOverUserAttributesTest {
PGPSignature signature = generator.generateCertification(attribute, publicKey.getPGPPublicKey());
PGPPublicKey pgpPublicKey = PGPPublicKey.addCertification(publicKey.getPGPPublicKey(), attribute, signature);
SignatureVerifier.verifyUserAttributesRevocation(attribute, signature, pgpPublicKey, api.getAlgorithmPolicy(), new Date());
assertThrows(SignatureValidationException.class, () ->
SignatureVerifier.verifyUserAttributesCertification(
invalidAttribute, signature, pgpPublicKey, api.getAlgorithmPolicy(), new Date()));
OpenPGPCertificate withRevocation = api.toCertificate(PGPPublicKeyRing.insertPublicKey(secretKeys.getPGPPublicKeyRing(), pgpPublicKey));
List<OpenPGPCertificate.OpenPGPIdentityComponent> identities = withRevocation.getIdentities();
OpenPGPCertificate.OpenPGPComponentSignature revocation = identities.get(1).getRevocation(new Date());
revocation.verify(api.getImplementation());
assertTrue(revocation.isRevocation());
assertTrue(revocation.isTestedCorrect());
}
}