From 091b5f9a5e19e1605e2981f440958d7f4952ef65 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Thu, 10 Apr 2025 15:26:00 +0200
Subject: [PATCH] Add test for certifying with revoked key

---
 .../operation/CertifyValidateUserIdTest.java  | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/sop-java-testfixtures/src/main/java/sop/testsuite/operation/CertifyValidateUserIdTest.java b/sop-java-testfixtures/src/main/java/sop/testsuite/operation/CertifyValidateUserIdTest.java
index 488db9a..e05923c 100644
--- a/sop-java-testfixtures/src/main/java/sop/testsuite/operation/CertifyValidateUserIdTest.java
+++ b/sop-java-testfixtures/src/main/java/sop/testsuite/operation/CertifyValidateUserIdTest.java
@@ -119,4 +119,35 @@ public class CertifyValidateUserIdTest {
                 .subjects(bobWithPetName),
                 "Bob does not accept the pet-name Alice gave him");
     }
+
+    @ParameterizedTest
+    @MethodSource("provideInstances")
+    public void certifyWithRevokedKey(SOP sop) throws IOException {
+        byte[] aliceKey = sop.generateKey()
+                .userId("Alice <alice@pgpainless.org>")
+                .generate()
+                .getBytes();
+        byte[] aliceRevokedCert = sop.revokeKey()
+                .keys(aliceKey)
+                .getBytes();
+        byte[] aliceRevokedKey = sop.updateKey()
+                .mergeCerts(aliceRevokedCert)
+                .key(aliceKey)
+                .getBytes();
+
+        byte[] bobKey = sop.generateKey()
+                .userId("Bob <bob@pgpainless.org>")
+                .generate()
+                .getBytes();
+        byte[] bobCert = sop.extractCert()
+                .key(bobKey)
+                .getBytes();
+
+        assertThrows(SOPGPException.KeyCannotCertify.class, () ->
+                sop.certifyUserId()
+                        .userId("Bob <bob@pgpainless.org>")
+                        .keys(aliceRevokedKey)
+                        .certs(bobCert)
+                        .getBytes());
+    }
 }