PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-14 12:49:39 +02:00
Code Issues Releases Wiki Activity

Reject subkeys with predating binding signatures

Browse source
This commit is contained in:
Paul Schaub 2022-03-07 12:17:45 +01:00
parent 5d3646cd36
commit 9d160ef047
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 45 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

31
pgpainless-core/src/test/java/org/pgpainless/key/generation/GenerateKeyWithCustomCreationDateTest.java
View file

@ -4,6 +4,14 @@
package org.pgpainless.key.generation;
import static org.junit.jupiter.api.Assertions.assertFalse;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.Calendar;
import java.util.Date;
import java.util.Iterator;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSecretKey;
@ -13,15 +21,11 @@ import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.ecc.EllipticCurve;
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
import org.pgpainless.key.generation.type.xdh.XDHSpec;
import org.pgpainless.util.DateUtil;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.Iterator;
public class GenerateKeyWithCustomCreationDateTest {
@Test
@ -43,4 +47,21 @@ public class GenerateKeyWithCustomCreationDateTest {
// subkey has no creation date override, so it was generated "just now"
JUtils.assertDateNotEquals(creationDate, subkey.getCreationTime());
}
@Test
public void generateSubkeyWithFutureKeyCreationDate() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.YEAR, 20);
Date future = calendar.getTime();
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
.addSubkey(KeySpec.getBuilder(KeyType.ECDH(EllipticCurve._P384), KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE).setKeyCreationDate(future))
.setPrimaryKey(KeySpec.getBuilder(KeyType.ECDSA(EllipticCurve._P384), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
.addUserId("Captain Future <cpt@futu.re>")
.build();
// Subkey has future key creation date, so its binding will predate the key -> no usable encryption key left
assertFalse(PGPainless.inspectKeyRing(secretKeys)
.isUsableForEncryption());
}
}