PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-12-06 20:31:08 +01:00
Code Issues Releases Wiki Activity

Rename new CertifyCertificate API methods and add revocation methods

Browse source
This commit is contained in:
Paul Schaub 2025-03-26 15:01:30 +01:00
parent a8cbd36a52
commit 8c58ca620d
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 47 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pgpainless-core/src/test/java/org/pgpainless/key/certification/CertifyCertificateTest.java
View file

@ -47,7 +47,7 @@ public class CertifyCertificateTest {
OpenPGPCertificate bobCertificate = bob.toCertificate();
CertifyCertificate.CertificationResult result = api.generateCertification()
.userIdOnCertificate(bobUserId, bobCertificate)
.certifyUserId(bobUserId, bobCertificate)
.withKey(alice, protector)
.build();
@ -82,7 +82,7 @@ public class CertifyCertificateTest {
OpenPGPCertificate bobCertificate = bob.toCertificate();
CertifyCertificate.CertificationResult result = api.generateCertification()
.certificate(bobCertificate, Trustworthiness.fullyTrusted().introducer())
.delegateTrust(bobCertificate, Trustworthiness.fullyTrusted().introducer())
.withKey(alice, protector)
.build();
@ -125,7 +125,7 @@ public class CertifyCertificateTest {
String petName = "Bobby";
CertifyCertificate.CertificationResult result = api.generateCertification()
.userIdOnCertificate(petName, bobCert)
.certifyUserId(petName, bobCert)
.withKey(aliceKey, SecretKeyRingProtector.unprotectedKeys())
.buildWithSubpackets(new CertificationSubpackets.Callback() {
@Override
@ -155,7 +155,7 @@ public class CertifyCertificateTest {
OpenPGPCertificate caCert = caKey.toCertificate();
CertifyCertificate.CertificationResult result = api.generateCertification()
.certificate(caCert, Trustworthiness.fullyTrusted().introducer())
.delegateTrust(caCert, Trustworthiness.fullyTrusted().introducer())
.withKey(aliceKey, SecretKeyRingProtector.unprotectedKeys())
.buildWithSubpackets(new CertificationSubpackets.Callback() {
@Override

40
pgpainless-core/src/test/java/org/pgpainless/key/certification/CertifyV6CertificateTest.java
View file

@ -5,6 +5,7 @@
package org.pgpainless.key.certification;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSignatureException;
import org.bouncycastle.openpgp.api.OpenPGPCertificate;
import org.bouncycastle.openpgp.api.OpenPGPKey;
import org.junit.jupiter.api.Test;
@ -19,7 +20,7 @@ import static org.junit.jupiter.api.Assertions.assertTrue;
public class CertifyV6CertificateTest {
@Test
public void testCertifyV6CertWithV6Key() throws PGPException {
public void testCertifyV6UIDWithV6Key() throws PGPException {
PGPainless api = PGPainless.getInstance();
OpenPGPKey aliceKey = api.generateKey(OpenPGPKeyVersion.v6)
@ -31,7 +32,7 @@ public class CertifyV6CertificateTest {
// Create a certification on Bobs certificate
OpenPGPCertificate bobCertified = api.generateCertification()
.userIdOnCertificate("Bob <bob@pgpainless.org>", bobCert)
.certifyUserId("Bob <bob@pgpainless.org>", bobCert)
.withKey(aliceKey, SecretKeyRingProtector.unprotectedKeys())
.build().getCertifiedCertificate();
@ -43,7 +44,6 @@ public class CertifyV6CertificateTest {
assertTrue(signatureChain.isValid());
// Revoke Alice' key and...
OpenPGPKey aliceRevoked = api.modify(aliceKey)
.revoke(SecretKeyRingProtector.unprotectedKeys())
@ -64,7 +64,7 @@ public class CertifyV6CertificateTest {
// Instead, revoke the certification itself and...
bobCertified = api.generateCertification()
.revokeUserIdOnCertificate("Bob <bob@pgpainless.org>", bobCertified)
.revokeCertifiedUserId("Bob <bob@pgpainless.org>", bobCertified)
.withKey(aliceKey, SecretKeyRingProtector.unprotectedKeys())
.build().getCertifiedCertificate();
@ -75,4 +75,36 @@ public class CertifyV6CertificateTest {
assertNotNull(brokenChain);
assertTrue(brokenChain.isValid());
}
@Test
public void testCertifyV6CertificateWithV6Key() throws PGPSignatureException {
PGPainless api = PGPainless.getInstance();
OpenPGPKey aliceKey = api.generateKey(OpenPGPKeyVersion.v6)
.modernKeyRing("Alice <alice@pgpainless.org>");
OpenPGPKey bobKey = api.generateKey(OpenPGPKeyVersion.v6)
.modernKeyRing("Bob <bob@pgpainless.org>");
OpenPGPCertificate bobCert = bobKey.toCertificate();
// Alice delegates trust to Bob
OpenPGPCertificate bobDelegated = api.generateCertification()
.delegateTrust(bobCert)
.withKey(aliceKey, SecretKeyRingProtector.unprotectedKeys())
.build().getCertifiedCertificate();
// Check that Bob is actually delegated to by Alice
OpenPGPCertificate.OpenPGPSignatureChain delegation = bobDelegated.getDelegationBy(aliceKey.toCertificate());
assertNotNull(delegation);
assertTrue(delegation.isValid());
// Alice revokes the delegation
OpenPGPCertificate bobRevoked = api.generateCertification()
.revokeDelegatedTrust(bobDelegated)
.withKey(aliceKey, SecretKeyRingProtector.unprotectedKeys())
.build().getCertifiedCertificate();
OpenPGPCertificate.OpenPGPSignatureChain revocation = bobRevoked.getRevocationBy(aliceKey.toCertificate());
assertNotNull(revocation);
assertTrue(revocation.isValid());
}
}

2
pgpainless-core/src/test/java/org/pgpainless/key/generation/GenerateKeyWithoutPrimaryKeyFlagsTest.java
View file

@ -61,7 +61,7 @@ public class GenerateKeyWithoutPrimaryKeyFlagsTest {
// Key without CERTIFY_OTHER flag cannot be used to certify other keys
OpenPGPCertificate thirdPartyCert = TestKeys.getCryptieCertificate();
assertThrows(KeyException.UnacceptableThirdPartyCertificationKeyException.class, () ->
api.generateCertification().certificate(thirdPartyCert)
api.generateCertification().delegateTrust(thirdPartyCert)
.withKey(key, SecretKeyRingProtector.unprotectedKeys()));
// Key without CERTIFY_OTHER flags is usable for encryption and signing