diff --git a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CertificateWithMissingSecretKeyTest.java b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CertificateWithMissingSecretKeyTest.java index 70f655ef..0536a03f 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CertificateWithMissingSecretKeyTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CertificateWithMissingSecretKeyTest.java @@ -17,8 +17,9 @@ import java.nio.charset.StandardCharsets; import org.bouncycastle.bcpg.KeyIdentifier; import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing; +import org.bouncycastle.openpgp.api.OpenPGPCertificate; +import org.bouncycastle.openpgp.api.OpenPGPKey; import org.bouncycastle.util.io.Streams; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; @@ -62,45 +63,46 @@ public class CertificateWithMissingSecretKeyTest { "=eTh7\n" + "-----END PGP PRIVATE KEY BLOCK-----"; - private static final long signingSubkeyId = -7647663290973502178L; - private static PGPSecretKeyRing missingSigningSecKey; + private static final KeyIdentifier signingSubkeyId = new KeyIdentifier(-7647663290973502178L); + private static OpenPGPKey missingSigningSecKey; private static KeyIdentifier encryptionSubkeyId; - private static PGPSecretKeyRing missingDecryptionSecKey; + private static OpenPGPKey missingDecryptionSecKey; private static final SecretKeyRingProtector protector = SecretKeyRingProtector.unprotectedKeys(); @BeforeAll public static void prepare() throws IOException { + PGPainless api = PGPainless.getInstance(); // missing signing sec key we read from bytes - missingSigningSecKey = PGPainless.readKeyRing().secretKeyRing(MISSING_SIGNING_SECKEY); + missingSigningSecKey = api.readKey().parseKey(MISSING_SIGNING_SECKEY); // missing encryption sec key we generate on the fly - PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing() - .modernKeyRing("Missing Decryption Key ") - .getPGPSecretKeyRing(); - encryptionSubkeyId = PGPainless.inspectKeyRing(secretKeys) + OpenPGPKey secretKeys = api.generateKey() + .modernKeyRing("Missing Decryption Key "); + encryptionSubkeyId = api.inspect(secretKeys) .getEncryptionSubkeys(EncryptionPurpose.ANY).get(0).getKeyIdentifier(); // remove the encryption/decryption secret key - missingDecryptionSecKey = KeyRingUtils.stripSecretKey(secretKeys, encryptionSubkeyId.getKeyId()); + PGPSecretKeyRing withSecretKeyStripped = KeyRingUtils.stripSecretKey(secretKeys.getPGPSecretKeyRing(), encryptionSubkeyId); + missingDecryptionSecKey = api.toKey(withSecretKeyStripped); } @Test public void assureMissingSigningSecKeyOnlyContainSigningPubKey() { - assertNotNull(missingSigningSecKey.getPublicKey(signingSubkeyId)); + assertNotNull(missingSigningSecKey.getKey(signingSubkeyId)); assertNull(missingSigningSecKey.getSecretKey(signingSubkeyId)); - KeyRingInfo info = PGPainless.inspectKeyRing(missingSigningSecKey); + KeyRingInfo info = PGPainless.getInstance().inspect(missingSigningSecKey); assertFalse(info.getSigningSubkeys().isEmpty()); // This method only tests for pub keys. } @Test public void assureMissingDecryptionSecKeyOnlyContainsEncryptionPubKey() { - assertNotNull(missingDecryptionSecKey.getPublicKey(encryptionSubkeyId)); + assertNotNull(missingDecryptionSecKey.getKey(encryptionSubkeyId)); assertNull(missingDecryptionSecKey.getSecretKey(encryptionSubkeyId)); - KeyRingInfo info = PGPainless.inspectKeyRing(missingDecryptionSecKey); + KeyRingInfo info = PGPainless.getInstance().inspect(missingDecryptionSecKey); assertFalse(info.getEncryptionSubkeys(EncryptionPurpose.ANY).isEmpty()); // pub key is still there } @@ -119,12 +121,14 @@ public class CertificateWithMissingSecretKeyTest { ByteArrayInputStream in = new ByteArrayInputStream("Hello, World!\n".getBytes(StandardCharsets.UTF_8)); ByteArrayOutputStream out = new ByteArrayOutputStream(); - PGPPublicKeyRing certificate = PGPainless.extractCertificate(missingDecryptionSecKey); + PGPainless api = PGPainless.getInstance(); + + OpenPGPCertificate certificate = missingDecryptionSecKey.toCertificate(); ProducerOptions producerOptions = ProducerOptions.encrypt( - EncryptionOptions.encryptCommunications() + EncryptionOptions.encryptCommunications(api) .addRecipient(certificate)); // we can still encrypt, since the pub key is still there - EncryptionStream encryptionStream = PGPainless.encryptAndOrSign() + EncryptionStream encryptionStream = api.generateMessage() .onOutputStream(out) .withOptions(producerOptions); @@ -136,7 +140,7 @@ public class CertificateWithMissingSecretKeyTest { // Test decryption ByteArrayInputStream cipherIn = new ByteArrayInputStream(out.toByteArray()); - ConsumerOptions consumerOptions = ConsumerOptions.get() + ConsumerOptions consumerOptions = ConsumerOptions.get(api) .addDecryptionKey(missingDecryptionSecKey); assertThrows(MissingDecryptionMethodException.class, () -> diff --git a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CleartextSignatureVerificationTest.java b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CleartextSignatureVerificationTest.java index d9b4c809..457c7fa7 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CleartextSignatureVerificationTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CleartextSignatureVerificationTest.java @@ -19,9 +19,9 @@ import java.nio.charset.StandardCharsets; import java.util.Random; import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPublicKeyRing; -import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSignature; +import org.bouncycastle.openpgp.api.OpenPGPCertificate; +import org.bouncycastle.openpgp.api.OpenPGPKey; import org.bouncycastle.util.io.Streams; import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; @@ -36,7 +36,6 @@ import org.pgpainless.exception.WrongConsumingMethodException; import org.pgpainless.key.TestKeys; import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.signature.SignatureUtils; -import org.pgpainless.util.ArmorUtils; import org.pgpainless.util.TestUtils; public class CleartextSignatureVerificationTest { @@ -73,13 +72,14 @@ public class CleartextSignatureVerificationTest { public static final String alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; public static final Random random = new Random(); + private static final PGPainless api = PGPainless.getInstance(); @Test public void cleartextSignVerification_InMemoryMultiPassStrategy() throws IOException, PGPException { - PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing(); - ConsumerOptions options = ConsumerOptions.get() - .addVerificationCert(signingKeys); + OpenPGPCertificate signingCert = TestKeys.getEmilCertificate(); + ConsumerOptions options = ConsumerOptions.get(api) + .addVerificationCert(signingCert); InMemoryMultiPassStrategy multiPassStrategy = MultiPassStrategy.keepMessageInMemory(); options.setMultiPassStrategy(multiPassStrategy); @@ -97,16 +97,16 @@ public class CleartextSignatureVerificationTest { PGPSignature signature = result.getVerifiedSignatures().iterator().next().getSignature(); - assertEquals(signature.getKeyID(), signingKeys.getPublicKey().getKeyID()); + assertTrue(signature.hasKeyIdentifier(signingCert.getKeyIdentifier())); assertArrayEquals(MESSAGE_BODY, out.toByteArray()); } @Test public void cleartextSignVerification_FileBasedMultiPassStrategy() throws IOException, PGPException { - PGPPublicKeyRing signingKeys = TestKeys.getEmilPublicKeyRing(); - ConsumerOptions options = ConsumerOptions.get() - .addVerificationCert(signingKeys); + OpenPGPCertificate signingCert = TestKeys.getEmilCertificate(); + ConsumerOptions options = ConsumerOptions.get(api) + .addVerificationCert(signingCert); File tempDir = TestUtils.createTempDirectory(); File file = new File(tempDir, "file"); @@ -125,7 +125,7 @@ public class CleartextSignatureVerificationTest { PGPSignature signature = result.getVerifiedSignatures().iterator().next().getSignature(); - assertEquals(signature.getKeyID(), signingKeys.getPublicKey().getKeyID()); + assertTrue(signature.hasKeyIdentifier(signingCert.getKeyIdentifier())); FileInputStream fileIn = new FileInputStream(file); ByteArrayOutputStream bytes = new ByteArrayOutputStream(); Streams.pipeAll(fileIn, bytes); @@ -135,8 +135,8 @@ public class CleartextSignatureVerificationTest { public static void main(String[] args) throws IOException { // CHECKSTYLE:OFF - PGPPublicKeyRing keys = TestKeys.getEmilPublicKeyRing(); - System.out.println(ArmorUtils.toAsciiArmoredString(keys)); + OpenPGPCertificate cert = TestKeys.getEmilCertificate(); + System.out.println(cert.toAsciiArmoredString()); System.out.println(new String(MESSAGE_SIGNED)); System.out.println(new String(MESSAGE_BODY)); System.out.println(new String(SIGNATURE)); @@ -148,8 +148,8 @@ public class CleartextSignatureVerificationTest { throws IOException, PGPException { PGPSignature signature = SignatureUtils.readSignatures(SIGNATURE).get(0); - ConsumerOptions options = ConsumerOptions.get() - .addVerificationCert(TestKeys.getEmilPublicKeyRing()) + ConsumerOptions options = ConsumerOptions.get(api) + .addVerificationCert(TestKeys.getEmilCertificate()) .addVerificationOfDetachedSignature(signature); DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify() @@ -170,10 +170,10 @@ public class CleartextSignatureVerificationTest { String message = "Foo\nBar"; // PGPUtil.getDecoderStream() would have mistaken this for base64 data ByteArrayInputStream msgIn = new ByteArrayInputStream(message.getBytes(StandardCharsets.UTF_8)); - PGPSecretKeyRing secretKey = TestKeys.getEmilSecretKeyRing(); + OpenPGPKey secretKey = TestKeys.getEmilKey(); ByteArrayOutputStream signedOut = new ByteArrayOutputStream(); - EncryptionStream signingStream = PGPainless.encryptAndOrSign().onOutputStream(signedOut) - .withOptions(ProducerOptions.sign(SigningOptions.get() + EncryptionStream signingStream = api.generateMessage().onOutputStream(signedOut) + .withOptions(ProducerOptions.sign(SigningOptions.get(api) .addDetachedSignature(SecretKeyRingProtector.unprotectedKeys(), secretKey, DocumentSignatureType.CANONICAL_TEXT_DOCUMENT)) .setCleartextSigned()); @@ -185,8 +185,8 @@ public class CleartextSignatureVerificationTest { ByteArrayInputStream signedIn = new ByteArrayInputStream(signed.getBytes(StandardCharsets.UTF_8)); DecryptionStream verificationStream = PGPainless.decryptAndOrVerify() .onInputStream(signedIn) - .withOptions(ConsumerOptions.get() - .addVerificationCert(TestKeys.getEmilPublicKeyRing())); + .withOptions(ConsumerOptions.get(api) + .addVerificationCert(TestKeys.getEmilCertificate())); ByteArrayOutputStream msgOut = new ByteArrayOutputStream(); Streams.pipeAll(verificationStream, msgOut); @@ -201,13 +201,12 @@ public class CleartextSignatureVerificationTest { throws PGPException, IOException { String message = randomString(28, 4000); - PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing().modernKeyRing("Alice") - .getPGPSecretKeyRing(); + OpenPGPKey secretKeys = api.generateKey().modernKeyRing("Alice"); ByteArrayOutputStream out = new ByteArrayOutputStream(); - EncryptionStream encryptionStream = PGPainless.encryptAndOrSign() + EncryptionStream encryptionStream = api.generateMessage() .onOutputStream(out) .withOptions(ProducerOptions.sign( - SigningOptions.get() + SigningOptions.get(api) .addDetachedSignature(SecretKeyRingProtector.unprotectedKeys(), secretKeys, DocumentSignatureType.CANONICAL_TEXT_DOCUMENT) ).setCleartextSigned()); @@ -221,7 +220,7 @@ public class CleartextSignatureVerificationTest { DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify() .onInputStream(in) .withOptions(ConsumerOptions.get() - .addVerificationCert(PGPainless.extractCertificate(secretKeys))); + .addVerificationCert(secretKeys.toCertificate())); out = new ByteArrayOutputStream(); Streams.pipeAll(decryptionStream, out); diff --git a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CustomPublicKeyDataDecryptorFactoryTest.java b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CustomPublicKeyDataDecryptorFactoryTest.java index 1f1f65ff..947b6980 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CustomPublicKeyDataDecryptorFactoryTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CustomPublicKeyDataDecryptorFactoryTest.java @@ -5,15 +5,11 @@ package org.pgpainless.decryption_verification; import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPrivateKey; -import org.bouncycastle.openpgp.PGPPublicKeyRing; -import org.bouncycastle.openpgp.PGPSecretKey; -import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.api.OpenPGPCertificate; +import org.bouncycastle.openpgp.api.OpenPGPKey; import org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory; import org.bouncycastle.openpgp.operator.bc.BcPublicKeyDataDecryptorFactory; import org.bouncycastle.util.io.Streams; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.EncryptionPurpose; @@ -35,22 +31,21 @@ import static org.junit.jupiter.api.Assertions.assertEquals; public class CustomPublicKeyDataDecryptorFactoryTest { @Test - @Disabled public void testDecryptionWithEmulatedHardwareDecryptionCallback() throws PGPException, IOException { - PGPSecretKeyRing secretKey = PGPainless.generateKeyRing().modernKeyRing("Alice") - .getPGPSecretKeyRing(); - PGPPublicKeyRing cert = PGPainless.extractCertificate(secretKey); - KeyRingInfo info = PGPainless.inspectKeyRing(secretKey); + PGPainless api = PGPainless.getInstance(); + OpenPGPKey secretKey = api.generateKey().modernKeyRing("Alice"); + OpenPGPCertificate cert = secretKey.toCertificate(); + KeyRingInfo info = api.inspect(secretKey); OpenPGPCertificate.OpenPGPComponentKey encryptionKey = info.getEncryptionSubkeys(EncryptionPurpose.ANY).get(0); // Encrypt a test message String plaintext = "Hello, World!\n"; ByteArrayOutputStream ciphertextOut = new ByteArrayOutputStream(); - EncryptionStream encryptionStream = PGPainless.encryptAndOrSign() + EncryptionStream encryptionStream = api.generateMessage() .onOutputStream(ciphertextOut) - .withOptions(ProducerOptions.encrypt(EncryptionOptions.get() + .withOptions(ProducerOptions.encrypt(EncryptionOptions.get(api) .addRecipient(cert))); encryptionStream.write(plaintext.getBytes(StandardCharsets.UTF_8)); encryptionStream.close(); @@ -61,9 +56,9 @@ public class CustomPublicKeyDataDecryptorFactoryTest { throws HardwareSecurity.HardwareSecurityException { // Emulate hardware decryption. try { - PGPSecretKey decryptionKey = secretKey.getSecretKey(encryptionKey.getKeyIdentifier()); - PGPPrivateKey privateKey = UnlockSecretKey.unlockSecretKey(decryptionKey, Passphrase.emptyPassphrase()); - PublicKeyDataDecryptorFactory internal = new BcPublicKeyDataDecryptorFactory(privateKey); + OpenPGPKey.OpenPGPSecretKey decryptionKey = secretKey.getSecretKey(encryptionKey.getKeyIdentifier()); + OpenPGPKey.OpenPGPPrivateKey privateKey = UnlockSecretKey.unlockSecretKey(decryptionKey, Passphrase.emptyPassphrase()); + PublicKeyDataDecryptorFactory internal = new BcPublicKeyDataDecryptorFactory(privateKey.getKeyPair().getPrivateKey()); return internal.recoverSessionData(keyAlgorithm, new byte[][] {sessionKeyData}, pkeskVersion); } catch (PGPException e) { throw new HardwareSecurity.HardwareSecurityException(); @@ -77,7 +72,7 @@ public class CustomPublicKeyDataDecryptorFactoryTest { .withOptions(ConsumerOptions.get() .addCustomDecryptorFactory( new HardwareSecurity.HardwareDataDecryptorFactory( - new SubkeyIdentifier(cert, encryptionKey.getKeyIdentifier()), + new SubkeyIdentifier(encryptionKey), hardwareDecryptionCallback))); ByteArrayOutputStream decryptedOut = new ByteArrayOutputStream();