PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-12-05 03:41:07 +01:00
Code Issues Releases Wiki Activity

Add test demonstrating signing message at a chosen point in time

Browse source
This commit is contained in:
Paul Schaub 2025-10-22 12:32:57 +02:00
parent 652dd5b30e
commit 3fc5669e56
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
1 changed files with 77 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

77
pgpainless-core/src/test/java/investigations/SignMessageWithCreationTimeOffsetTest.java Normal file
View file

@ -0,0 +1,77 @@
// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package investigations;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.api.OpenPGPKey;
import org.bouncycastle.util.io.Streams;
import org.jetbrains.annotations.NotNull;
import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.DocumentSignatureType;
import org.pgpainless.algorithm.OpenPGPKeyVersion;
import org.pgpainless.decryption_verification.ConsumerOptions;
import org.pgpainless.decryption_verification.DecryptionStream;
import org.pgpainless.decryption_verification.MessageMetadata;
import org.pgpainless.encryption_signing.EncryptionStream;
import org.pgpainless.encryption_signing.ProducerOptions;
import org.pgpainless.encryption_signing.SigningOptions;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.signature.subpackets.BaseSignatureSubpackets;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import static org.junit.jupiter.api.Assertions.assertTrue;
public class SignMessageWithCreationTimeOffsetTest {
@Test
public void signMessageInThePast() throws PGPException, IOException {
PGPainless api = PGPainless.getInstance();
Date now = new Date();
Date oneHourAgo = new Date(now.getTime() - (1000 * 60 * 60));
Date twoHoursAgo = new Date(now.getTime() - (2 * 1000 * 60 * 60));
OpenPGPKey key = api.generateKey(OpenPGPKeyVersion.v4, twoHoursAgo)
.modernKeyRing("Alice <alice@pgpainless.org>");
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
EncryptionStream encOut = api.generateMessage()
.onOutputStream(bOut)
.withOptions(ProducerOptions.sign(
SigningOptions.get()
.addInlineSignature(
SecretKeyRingProtector.unprotectedKeys(),
key,
null,
DocumentSignatureType.BINARY_DOCUMENT,
new BaseSignatureSubpackets.Callback() {
@Override
public void modifyHashedSubpackets(@NotNull BaseSignatureSubpackets hashedSubpackets) {
hashedSubpackets.setSignatureCreationTime(oneHourAgo);
}
})
));
encOut.write("Hello, World!\n".getBytes(StandardCharsets.UTF_8));
encOut.close();
ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray());
DecryptionStream decIn = api.processMessage()
.onInputStream(bIn)
.withOptions(ConsumerOptions.get()
.addVerificationCert(key.toCertificate()));
Streams.drain(decIn); // Or pipeAll to plaintext out
decIn.close();
MessageMetadata metadata = decIn.getMetadata();
assertTrue(metadata.isVerifiedSignedBy(key.toCertificate()));
}
}