PGPainless/sop-java
1
0
Fork 0
mirror of https://codeberg.org/PGPainless/sop-java.git synced 2025-09-10 10:49:48 +02:00
Code Issues Projects Releases Packages Wiki Activity

Move testfixtures to own artifact

Browse source
This commit is contained in:
Paul Schaub 2024-12-13 16:41:01 +01:00
parent ca65cbe668
commit b3b8da4e35
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
30 changed files with 29 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

62
sop-java-testfixtures/src/main/java/sop/testsuite/operation/AbstractSOPTest.java Normal file
View file

@ -0,0 +1,62 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.Named;
import org.junit.jupiter.api.extension.ExtendWith;
import org.junit.jupiter.params.provider.Arguments;
import sop.SOP;
import sop.testsuite.AbortOnUnsupportedOption;
import sop.testsuite.AbortOnUnsupportedOptionExtension;
import sop.testsuite.SOPInstanceFactory;
import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.stream.Stream;
@ExtendWith(AbortOnUnsupportedOptionExtension.class)
@AbortOnUnsupportedOption
public abstract class AbstractSOPTest {
private static final List<Arguments> backends = new ArrayList<>();
static {
initBackends();
}
// populate instances list via configured test subject factory
private static void initBackends() {
String factoryName = System.getenv("test.implementation");
if (factoryName == null) {
return;
}
SOPInstanceFactory factory;
try {
Class<?> testSubjectFactoryClass = Class.forName(factoryName);
factory = (SOPInstanceFactory) testSubjectFactoryClass
.getDeclaredConstructor().newInstance();
} catch (ClassNotFoundException | InstantiationException | IllegalAccessException |
InvocationTargetException | NoSuchMethodException e) {
throw new RuntimeException(e);
}
Map<String, SOP> testSubjects = factory.provideSOPInstances();
for (String key : testSubjects.keySet()) {
backends.add(Arguments.of(Named.of(key, testSubjects.get(key))));
}
}
public static Stream<Arguments> provideBackends() {
return backends.stream();
}
public static boolean hasBackends() {
return !backends.isEmpty();
}
}

243
sop-java-testfixtures/src/main/java/sop/testsuite/operation/ArmorDearmorTest.java Normal file
View file

@ -0,0 +1,243 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.SOP;
import sop.testsuite.JUtils;
import sop.testsuite.TestData;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class ArmorDearmorTest {
static Stream<Arguments> provideInstances() {
return AbstractSOPTest.provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void dearmorArmorAliceKey(SOP sop) throws IOException {
byte[] aliceKey = TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8);
byte[] dearmored = sop.dearmor()
.data(aliceKey)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK));
byte[] armored = sop.armor()
.data(dearmored)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(armored, TestData.END_PGP_PRIVATE_KEY_BLOCK);
// assertAsciiArmorEquals(aliceKey, armored);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void dearmorArmorAliceCert(SOP sop) throws IOException {
byte[] aliceCert = TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8);
byte[] dearmored = sop.dearmor()
.data(aliceCert)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
byte[] armored = sop.armor()
.data(dearmored)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(armored, TestData.END_PGP_PUBLIC_KEY_BLOCK);
// assertAsciiArmorEquals(aliceCert, armored);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void dearmorArmorBobKey(SOP sop) throws IOException {
byte[] bobKey = TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8);
byte[] dearmored = sop.dearmor()
.data(bobKey)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK));
byte[] armored = sop.armor()
.data(dearmored)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(armored, TestData.END_PGP_PRIVATE_KEY_BLOCK);
// assertAsciiArmorEquals(bobKey, armored);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void dearmorArmorBobCert(SOP sop) throws IOException {
byte[] bobCert = TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8);
byte[] dearmored = sop.dearmor()
.data(bobCert)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
byte[] armored = sop.armor()
.data(dearmored)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(armored, TestData.END_PGP_PUBLIC_KEY_BLOCK);
// assertAsciiArmorEquals(bobCert, armored);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void dearmorArmorCarolKey(SOP sop) throws IOException {
byte[] carolKey = TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8);
byte[] dearmored = sop.dearmor()
.data(carolKey)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK));
byte[] armored = sop.armor()
.data(dearmored)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(armored, TestData.END_PGP_PRIVATE_KEY_BLOCK);
// assertAsciiArmorEquals(carolKey, armored);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void dearmorArmorCarolCert(SOP sop) throws IOException {
byte[] carolCert = TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8);
byte[] dearmored = sop.dearmor()
.data(carolCert)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
byte[] armored = sop.armor()
.data(dearmored)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(armored, TestData.END_PGP_PUBLIC_KEY_BLOCK);
// assertAsciiArmorEquals(carolCert, armored);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void dearmorArmorMessage(SOP sop) throws IOException {
byte[] message = ("-----BEGIN PGP MESSAGE-----\n" +
"\n" +
"wV4DR2b2udXyHrYSAQdAMZy9Iqb1IxszjI3v+TsfK//0lnJ9PKHDqVAB5ohp+RMw\n" +
"8fmuL3phS9uISFT/DrizC8ALJhMqw5R+lLB/RvTTA/qS6tN5dRyL+YLFU3/N0CRF\n" +
"0j8BtQEsMmRo60LzUq/OBI0dFjwFq1efpfOGkpRYkuIzndCjBEgnLUkrHzUc1uD9\n" +
"CePQFpprprnGEzpE3flQLUc=\n" +
"=ZiFR\n" +
"-----END PGP MESSAGE-----\n").getBytes(StandardCharsets.UTF_8);
byte[] dearmored = sop.dearmor()
.data(message)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_MESSAGE));
byte[] armored = sop.armor()
.data(dearmored)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_MESSAGE);
JUtils.assertArrayEndsWithIgnoreNewlines(armored, TestData.END_PGP_MESSAGE);
// assertAsciiArmorEquals(message, armored);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void dearmorArmorSignature(SOP sop) throws IOException {
byte[] signature = ("-----BEGIN PGP SIGNATURE-----\n" +
"\n" +
"wr0EABYKAG8FgmPBdRAJEPIxVQxPR+OORxQAAAAAAB4AIHNhbHRAbm90YXRpb25z\n" +
"LnNlcXVvaWEtcGdwLm9yZ2un17fF3C46Adgzp0mU4RG8Txy/T/zOBcBw/NYaLGrQ\n" +
"FiEE64W7X6M6deFelE5j8jFVDE9H444AAMiEAP9LBQWLo4oP5IrFZPuSUQSPsUxB\n" +
"c+Qu1raXDKzS/8Q9IAD+LnHIjRHcqNPobNHXF/saXIYXeZR+LJKszTJozzwqdQE=\n" +
"=GHvQ\n" +
"-----END PGP SIGNATURE-----\n").getBytes(StandardCharsets.UTF_8);
byte[] dearmored = sop.dearmor()
.data(signature)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_SIGNATURE));
byte[] armored = sop.armor()
.data(dearmored)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_SIGNATURE);
JUtils.assertArrayEndsWithIgnoreNewlines(armored, TestData.END_PGP_SIGNATURE);
JUtils.assertAsciiArmorEquals(signature, armored);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void testDearmoringTwiceIsIdempotent(SOP sop) throws IOException {
byte[] dearmored = sop.dearmor()
.data(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.getBytes();
byte[] dearmoredAgain = sop.dearmor()
.data(dearmored)
.getBytes();
assertArrayEquals(dearmored, dearmoredAgain);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void testArmoringTwiceIsIdempotent(SOP sop) throws IOException {
byte[] armored = ("-----BEGIN PGP SIGNATURE-----\n" +
"\n" +
"wr0EABYKAG8FgmPBdRAJEPIxVQxPR+OORxQAAAAAAB4AIHNhbHRAbm90YXRpb25z\n" +
"LnNlcXVvaWEtcGdwLm9yZ2un17fF3C46Adgzp0mU4RG8Txy/T/zOBcBw/NYaLGrQ\n" +
"FiEE64W7X6M6deFelE5j8jFVDE9H444AAMiEAP9LBQWLo4oP5IrFZPuSUQSPsUxB\n" +
"c+Qu1raXDKzS/8Q9IAD+LnHIjRHcqNPobNHXF/saXIYXeZR+LJKszTJozzwqdQE=\n" +
"=GHvQ\n" +
"-----END PGP SIGNATURE-----\n").getBytes(StandardCharsets.UTF_8);
byte[] armoredAgain = sop.armor()
.data(armored)
.getBytes();
JUtils.assertAsciiArmorEquals(armored, armoredAgain);
}
}

124
sop-java-testfixtures/src/main/java/sop/testsuite/operation/ChangeKeyPasswordTest.java Normal file
View file

@ -0,0 +1,124 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.SOP;
import sop.exception.SOPGPException;
import sop.testsuite.JUtils;
import sop.testsuite.TestData;
import sop.util.UTF8Util;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertThrows;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class ChangeKeyPasswordTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return AbstractSOPTest.provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void changePasswordFromUnprotectedToProtected(SOP sop) throws IOException {
byte[] unprotectedKey = sop.generateKey().generate().getBytes();
byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
byte[] protectedKey = sop.changeKeyPassword().newKeyPassphrase(password).keys(unprotectedKey).getBytes();
sop.sign().withKeyPassword(password).key(protectedKey).data("Test123".getBytes(StandardCharsets.UTF_8));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void changePasswordFromUnprotectedToUnprotected(SOP sop) throws IOException {
byte[] unprotectedKey = sop.generateKey().noArmor().generate().getBytes();
byte[] stillUnprotectedKey = sop.changeKeyPassword().noArmor().keys(unprotectedKey).getBytes();
assertArrayEquals(unprotectedKey, stillUnprotectedKey);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void changePasswordFromProtectedToUnprotected(SOP sop) throws IOException {
byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
byte[] protectedKey = sop.generateKey().withKeyPassword(password).generate().getBytes();
byte[] unprotectedKey = sop.changeKeyPassword()
.oldKeyPassphrase(password)
.keys(protectedKey).getBytes();
sop.sign().key(unprotectedKey).data("Test123".getBytes(StandardCharsets.UTF_8));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void changePasswordFromProtectedToDifferentProtected(SOP sop) throws IOException {
byte[] oldPassword = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
byte[] newPassword = "0r4ng3".getBytes(UTF8Util.UTF8);
byte[] protectedKey = sop.generateKey().withKeyPassword(oldPassword).generate().getBytes();
byte[] reprotectedKey = sop.changeKeyPassword()
.oldKeyPassphrase(oldPassword)
.newKeyPassphrase(newPassword)
.keys(protectedKey).getBytes();
sop.sign().key(reprotectedKey).withKeyPassword(newPassword).data("Test123".getBytes(StandardCharsets.UTF_8));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void changePasswordWithWrongOldPasswordFails(SOP sop) throws IOException {
byte[] oldPassword = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
byte[] newPassword = "monkey123".getBytes(UTF8Util.UTF8);
byte[] wrongPassword = "0r4ng3".getBytes(UTF8Util.UTF8);
byte[] protectedKey = sop.generateKey().withKeyPassword(oldPassword).generate().getBytes();
assertThrows(SOPGPException.KeyIsProtected.class, () -> sop.changeKeyPassword()
.oldKeyPassphrase(wrongPassword)
.newKeyPassphrase(newPassword)
.keys(protectedKey).getBytes());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void nonUtf8PasswordsFail(SOP sop) {
assertThrows(SOPGPException.PasswordNotHumanReadable.class, () ->
sop.changeKeyPassword().oldKeyPassphrase(new byte[] {(byte) 0xff, (byte) 0xfe}));
assertThrows(SOPGPException.PasswordNotHumanReadable.class, () ->
sop.changeKeyPassword().newKeyPassphrase(new byte[] {(byte) 0xff, (byte) 0xfe}));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void testNoArmor(SOP sop) throws IOException {
byte[] oldPassword = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
byte[] newPassword = "0r4ng3".getBytes(UTF8Util.UTF8);
byte[] protectedKey = sop.generateKey().withKeyPassword(oldPassword).generate().getBytes();
byte[] armored = sop.changeKeyPassword()
.oldKeyPassphrase(oldPassword)
.newKeyPassphrase(newPassword)
.keys(protectedKey)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
byte[] unarmored = sop.changeKeyPassword()
.noArmor()
.oldKeyPassphrase(oldPassword)
.newKeyPassphrase(newPassword)
.keys(protectedKey)
.getBytes();
assertFalse(JUtils.arrayStartsWith(unarmored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK));
}
}

65
sop-java-testfixtures/src/main/java/sop/testsuite/operation/DecryptWithSessionKeyTest.java Normal file
View file

@ -0,0 +1,65 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.ByteArrayAndResult;
import sop.DecryptionResult;
import sop.SOP;
import sop.SessionKey;
import sop.testsuite.TestData;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertEquals;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class DecryptWithSessionKeyTest extends AbstractSOPTest {
private static final String CIPHERTEXT = "-----BEGIN PGP MESSAGE-----\n" +
"\n" +
"wV4DR2b2udXyHrYSAQdAy+Et2hCh4ubh8KsmM8ctRDN6Pee+UHVVcI6YXpY9S2cw\n" +
"1QEROCgfm6xGb+hgxmoFrWhtZU03Arb27ZmpWA6e6Ha9jFdB4/DDbqbhlVuFOmti\n" +
"0j8BqGjEvEYAon+8F9TwMaDbPjjy9SdgQBorlM88ChIW14KQtpG9FZN+r+xVKPG1\n" +
"8EIOxI4qOZaH3Wejraca31M=\n" +
"=1imC\n" +
"-----END PGP MESSAGE-----\n";
private static final String SESSION_KEY = "9:ED682800F5FEA829A82E8B7DDF8CE9CF4BF9BB45024B017764462EE53101C36A";
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void testDecryptAndExtractSessionKey(SOP sop) throws IOException {
ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
.withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.ciphertext(CIPHERTEXT.getBytes(StandardCharsets.UTF_8))
.toByteArrayAndResult();
assertEquals(SESSION_KEY, bytesAndResult.getResult().getSessionKey().get().toString());
Assertions.assertArrayEquals(TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8), bytesAndResult.getBytes());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void testDecryptWithSessionKey(SOP sop) throws IOException {
byte[] decrypted = sop.decrypt()
.withSessionKey(SessionKey.fromString(SESSION_KEY))
.ciphertext(CIPHERTEXT.getBytes(StandardCharsets.UTF_8))
.toByteArrayAndResult()
.getBytes();
Assertions.assertArrayEquals(TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8), decrypted);
}
}

312
sop-java-testfixtures/src/main/java/sop/testsuite/operation/DetachedSignDetachedVerifyTest.java Normal file
View file

@ -0,0 +1,312 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.SOP;
import sop.Verification;
import sop.enums.SignAs;
import sop.enums.SignatureMode;
import sop.exception.SOPGPException;
import sop.testsuite.JUtils;
import sop.testsuite.TestData;
import sop.testsuite.assertions.VerificationListAssert;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.List;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertThrows;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signVerifyWithAliceKey(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = sop.detachedSign()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.toByteArrayAndResult()
.getBytes();
List<Verification> verificationList = sop.detachedVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signature)
.data(message);
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT)
.hasModeOrNull(SignatureMode.binary);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signVerifyTextModeWithAliceKey(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = sop.detachedSign()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.mode(SignAs.text)
.data(message)
.toByteArrayAndResult()
.getBytes();
List<Verification> verificationList = sop.detachedVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signature)
.data(message);
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT)
.hasModeOrNull(SignatureMode.text);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void verifyKnownMessageWithAliceCert(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = TestData.ALICE_DETACHED_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
List<Verification> verificationList = sop.detachedVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signature)
.data(message);
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signVerifyWithBobKey(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = sop.detachedSign()
.key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.toByteArrayAndResult()
.getBytes();
List<Verification> verificationList = sop.detachedVerify()
.cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signature)
.data(message);
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.BOB_SIGNING_FINGERPRINT, TestData.BOB_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signVerifyWithCarolKey(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = sop.detachedSign()
.key(TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.toByteArrayAndResult()
.getBytes();
List<Verification> verificationList = sop.detachedVerify()
.cert(TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signature)
.data(message);
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.CAROL_SIGNING_FINGERPRINT, TestData.CAROL_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signVerifyWithEncryptedKey(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = sop.detachedSign()
.key(TestData.PASSWORD_PROTECTED_KEY.getBytes(StandardCharsets.UTF_8))
.withKeyPassword(TestData.PASSWORD)
.data(message)
.toByteArrayAndResult()
.getBytes();
JUtils.assertArrayStartsWith(signature, TestData.BEGIN_PGP_SIGNATURE);
List<Verification> verificationList = sop.detachedVerify()
.cert(TestData.PASSWORD_PROTECTED_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signature)
.data(message);
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.PASSWORD_PROTECTED_SIGNING_FINGERPRINT, TestData.PASSWORD_PROTECTED_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signArmorVerifyWithBobKey(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = sop.detachedSign()
.key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
.noArmor()
.data(message)
.toByteArrayAndResult()
.getBytes();
byte[] armored = sop.armor()
.data(signature)
.getBytes();
List<Verification> verificationList = sop.detachedVerify()
.cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(armored)
.data(message);
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.BOB_SIGNING_FINGERPRINT, TestData.BOB_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void verifyNotAfterThrowsNoSignature(SOP sop) {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = TestData.ALICE_DETACHED_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
Date beforeSignature = new Date(TestData.ALICE_DETACHED_SIGNED_MESSAGE_DATE.getTime() - 1000); // 1 sec before sig
assertThrows(SOPGPException.NoSignature.class, () -> sop.detachedVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.notAfter(beforeSignature)
.signatures(signature)
.data(message));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void verifyNotBeforeThrowsNoSignature(SOP sop) {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = TestData.ALICE_DETACHED_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
Date afterSignature = new Date(TestData.ALICE_DETACHED_SIGNED_MESSAGE_DATE.getTime() + 1000); // 1 sec after sig
assertThrows(SOPGPException.NoSignature.class, () -> sop.detachedVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.notBefore(afterSignature)
.signatures(signature)
.data(message));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signWithAliceVerifyWithBobThrowsNoSignature(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signatures = sop.detachedSign()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.toByteArrayAndResult()
.getBytes();
assertThrows(SOPGPException.NoSignature.class, () -> sop.detachedVerify()
.cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signatures)
.data(message));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signVerifyWithEncryptedKeyWithoutPassphraseFails(SOP sop) {
assertThrows(SOPGPException.KeyIsProtected.class, () ->
sop.detachedSign()
.key(TestData.PASSWORD_PROTECTED_KEY.getBytes(StandardCharsets.UTF_8))
.data(TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8))
.toByteArrayAndResult()
.getBytes());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signWithProtectedKeyAndMultiplePassphrasesTest(SOP sop)
throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signature = sop.sign()
.key(TestData.PASSWORD_PROTECTED_KEY.getBytes(StandardCharsets.UTF_8))
.withKeyPassword("wrong")
.withKeyPassword(TestData.PASSWORD) // correct
.withKeyPassword("wrong2")
.data(message)
.toByteArrayAndResult()
.getBytes();
List<Verification> verificationList = sop.verify()
.cert(TestData.PASSWORD_PROTECTED_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signature)
.data(message);
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.PASSWORD_PROTECTED_SIGNING_FINGERPRINT, TestData.PASSWORD_PROTECTED_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void verifyMissingCertCausesMissingArg(SOP sop) {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
assertThrows(SOPGPException.MissingArg.class, () ->
sop.verify()
.signatures(TestData.ALICE_DETACHED_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8))
.data(message));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void signVerifyWithMultipleKeys(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signatures = sop.detachedSign()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.toByteArrayAndResult()
.getBytes();
List<Verification> verificationList = sop.detachedVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signatures)
.data(message);
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.sizeEquals(2)
.containsVerificationBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT)
.containsVerificationBy(TestData.BOB_SIGNING_FINGERPRINT, TestData.BOB_PRIMARY_FINGERPRINT);
}
}

341
sop-java-testfixtures/src/main/java/sop/testsuite/operation/EncryptDecryptTest.java Normal file
View file

@ -0,0 +1,341 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.ByteArrayAndResult;
import sop.DecryptionResult;
import sop.EncryptionResult;
import sop.SOP;
import sop.SessionKey;
import sop.Verification;
import sop.enums.EncryptAs;
import sop.enums.SignatureMode;
import sop.exception.SOPGPException;
import sop.testsuite.TestData;
import sop.testsuite.assertions.VerificationListAssert;
import sop.util.Optional;
import sop.util.UTCUtil;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.text.ParseException;
import java.util.Date;
import java.util.List;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class EncryptDecryptTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void encryptDecryptRoundTripPasswordTest(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
ByteArrayAndResult<EncryptionResult> encResult = sop.encrypt()
.withPassword("sw0rdf1sh")
.plaintext(message)
.toByteArrayAndResult();
byte[] ciphertext = encResult.getBytes();
Optional<SessionKey> encSessionKey = encResult.getResult().getSessionKey();
ByteArrayAndResult<DecryptionResult> decResult = sop.decrypt()
.withPassword("sw0rdf1sh")
.ciphertext(ciphertext)
.toByteArrayAndResult();
byte[] plaintext = decResult.getBytes();
Optional<SessionKey> decSessionKey = decResult.getResult().getSessionKey();
assertArrayEquals(message, plaintext);
if (encSessionKey.isPresent() && decSessionKey.isPresent()) {
assertEquals(encSessionKey.get(), decSessionKey.get());
}
}
@ParameterizedTest
@MethodSource("provideInstances")
public void encryptDecryptRoundTripAliceTest(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] ciphertext = sop.encrypt()
.withCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.plaintext(message)
.toByteArrayAndResult()
.getBytes();
ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
.withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.ciphertext(ciphertext)
.toByteArrayAndResult();
byte[] plaintext = bytesAndResult.getBytes();
assertArrayEquals(message, plaintext);
DecryptionResult result = bytesAndResult.getResult();
assertNotNull(result.getSessionKey().get());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void encryptDecryptRoundTripBobTest(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] ciphertext = sop.encrypt()
.withCert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
.plaintext(message)
.toByteArrayAndResult()
.getBytes();
byte[] plaintext = sop.decrypt()
.withKey(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
.ciphertext(ciphertext)
.toByteArrayAndResult()
.getBytes();
assertArrayEquals(message, plaintext);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void encryptDecryptRoundTripCarolTest(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] ciphertext = sop.encrypt()
.withCert(TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8))
.plaintext(message)
.toByteArrayAndResult()
.getBytes();
byte[] plaintext = sop.decrypt()
.withKey(TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8))
.ciphertext(ciphertext)
.toByteArrayAndResult()
.getBytes();
assertArrayEquals(message, plaintext);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void encryptNoArmorThenArmorThenDecryptRoundTrip(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] ciphertext = sop.encrypt()
.withCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.noArmor()
.plaintext(message)
.toByteArrayAndResult()
.getBytes();
byte[] armored = sop.armor()
.data(ciphertext)
.getBytes();
ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
.withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.ciphertext(armored)
.toByteArrayAndResult();
byte[] plaintext = bytesAndResult.getBytes();
assertArrayEquals(message, plaintext);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void encryptSignDecryptVerifyRoundTripAliceTest(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] ciphertext = sop.encrypt()
.withCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.signWith(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.mode(EncryptAs.binary)
.plaintext(message)
.toByteArrayAndResult()
.getBytes();
ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
.withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.verifyWithCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.ciphertext(ciphertext)
.toByteArrayAndResult();
byte[] plaintext = bytesAndResult.getBytes();
assertArrayEquals(message, plaintext);
DecryptionResult result = bytesAndResult.getResult();
assertNotNull(result.getSessionKey().get());
List<Verification> verificationList = result.getVerifications();
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT)
.hasModeOrNull(SignatureMode.binary);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void encryptSignAsTextDecryptVerifyRoundTripAliceTest(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] ciphertext = sop.encrypt()
.withCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.signWith(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.mode(EncryptAs.text)
.plaintext(message)
.toByteArrayAndResult()
.getBytes();
ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
.withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.verifyWithCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.ciphertext(ciphertext)
.toByteArrayAndResult();
byte[] plaintext = bytesAndResult.getBytes();
assertArrayEquals(message, plaintext);
DecryptionResult result = bytesAndResult.getResult();
assertNotNull(result.getSessionKey().get());
List<Verification> verificationList = result.getVerifications();
VerificationListAssert.assertThatVerificationList(verificationList)
.hasSingleItem()
.issuedBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT)
.hasModeOrNull(SignatureMode.text);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void encryptSignDecryptVerifyRoundTripWithFreshEncryptedKeyTest(SOP sop) throws IOException {
byte[] keyPassword = "sw0rdf1sh".getBytes(StandardCharsets.UTF_8);
byte[] key = sop.generateKey()
.withKeyPassword(keyPassword)
.userId("Alice <alice@openpgp.org>")
.generate()
.getBytes();
byte[] cert = sop.extractCert()
.key(key)
.getBytes();
byte[] message = "Hello, World!\n".getBytes(StandardCharsets.UTF_8);
byte[] ciphertext = sop.encrypt()
.withCert(cert)
.signWith(key)
.withKeyPassword(keyPassword)
.plaintext(message)
.toByteArrayAndResult()
.getBytes();
ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
.withKey(key)
.withKeyPassword(keyPassword)
.verifyWithCert(cert)
.ciphertext(ciphertext)
.toByteArrayAndResult();
List<Verification> verifications = bytesAndResult.getResult().getVerifications();
VerificationListAssert.assertThatVerificationList(verifications)
.isNotEmpty()
.hasSingleItem();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void decryptVerifyNotAfterTest(SOP sop) throws ParseException {
byte[] message = ("-----BEGIN PGP MESSAGE-----\n" +
"\n" +
"wV4DR2b2udXyHrYSAQdAwlOwwyxFDJta5+H9abgSj8jum9v7etUc9usdrElESmow\n" +
"2Hka48AFVfOezYh0OFn9R8+DMcpuE+e4nw3XnnX5nKs/j3AC2IW6zRHUkRcF3ZCq\n" +
"0sBNAfjnTYCMjuBmqdcCLzaZT4Hadnpg6neP1UecT/jP14maGfv8nwt0IDGR0Bik\n" +
"0WC/UJLpWyJ/6TgRrA5hNfANVnfiFBzIiThiVBRWPT2StHr2cOAvFxQK4Uk07rK9\n" +
"9aTUak8FpML+QA83U8I3qOk4QbzGVBP+IDJ+AKmvDz+0V+9kUhKp+8vyXsBmo9c3\n" +
"SAXjhFSiPQkU7ORsc6gQHL9+KPOU+W2poPK87H3cmaGiusnXMeLXLIUbkBUJTswd\n" +
"JNrA2yAkTTFP9QabsdcdTGoeYamq1c29kHF3GOTTcEqXw4WWXngcF7Kbcf435kkL\n" +
"4iSJnCaxTPftKUxmiGqMqLef7ICVnq/lz3HrH1VD54s=\n" +
"=Ebi3\n" +
"-----END PGP MESSAGE-----").getBytes(StandardCharsets.UTF_8);
Date signatureDate = UTCUtil.parseUTCDate("2023-01-13T16:09:32Z");
Date beforeSignature = new Date(signatureDate.getTime() - 1000); // 1 sec before signing date
assertThrows(SOPGPException.NoSignature.class, () -> {
ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
.withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.verifyWithCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.verifyNotAfter(beforeSignature)
.ciphertext(message)
.toByteArrayAndResult();
// Some implementations do not throw NoSignature and instead return an empty list.
if (bytesAndResult.getResult().getVerifications().isEmpty()) {
throw new SOPGPException.NoSignature("No verifiable signature found.");
}
});
}
@ParameterizedTest
@MethodSource("provideInstances")
public void decryptVerifyNotBeforeTest(SOP sop) throws ParseException {
byte[] message = ("-----BEGIN PGP MESSAGE-----\n" +
"\n" +
"wV4DR2b2udXyHrYSAQdAwlOwwyxFDJta5+H9abgSj8jum9v7etUc9usdrElESmow\n" +
"2Hka48AFVfOezYh0OFn9R8+DMcpuE+e4nw3XnnX5nKs/j3AC2IW6zRHUkRcF3ZCq\n" +
"0sBNAfjnTYCMjuBmqdcCLzaZT4Hadnpg6neP1UecT/jP14maGfv8nwt0IDGR0Bik\n" +
"0WC/UJLpWyJ/6TgRrA5hNfANVnfiFBzIiThiVBRWPT2StHr2cOAvFxQK4Uk07rK9\n" +
"9aTUak8FpML+QA83U8I3qOk4QbzGVBP+IDJ+AKmvDz+0V+9kUhKp+8vyXsBmo9c3\n" +
"SAXjhFSiPQkU7ORsc6gQHL9+KPOU+W2poPK87H3cmaGiusnXMeLXLIUbkBUJTswd\n" +
"JNrA2yAkTTFP9QabsdcdTGoeYamq1c29kHF3GOTTcEqXw4WWXngcF7Kbcf435kkL\n" +
"4iSJnCaxTPftKUxmiGqMqLef7ICVnq/lz3HrH1VD54s=\n" +
"=Ebi3\n" +
"-----END PGP MESSAGE-----").getBytes(StandardCharsets.UTF_8);
Date signatureDate = UTCUtil.parseUTCDate("2023-01-13T16:09:32Z");
Date afterSignature = new Date(signatureDate.getTime() + 1000); // 1 sec after signing date
assertThrows(SOPGPException.NoSignature.class, () -> {
ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
.withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.verifyWithCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.verifyNotBefore(afterSignature)
.ciphertext(message)
.toByteArrayAndResult();
// Some implementations do not throw NoSignature and instead return an empty list.
if (bytesAndResult.getResult().getVerifications().isEmpty()) {
throw new SOPGPException.NoSignature("No verifiable signature found.");
}
});
}
@ParameterizedTest
@MethodSource("provideInstances")
public void missingArgsTest(SOP sop) {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
assertThrows(SOPGPException.MissingArg.class, () -> sop.encrypt()
.plaintext(message)
.toByteArrayAndResult()
.getBytes());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void passingSecretKeysForPublicKeysFails(SOP sop) {
assertThrows(SOPGPException.BadData.class, () ->
sop.encrypt()
.withCert(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.plaintext(TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8))
.toByteArrayAndResult()
.getBytes());
}
}

117
sop-java-testfixtures/src/main/java/sop/testsuite/operation/ExtractCertTest.java Normal file
View file

@ -0,0 +1,117 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.SOP;
import sop.testsuite.JUtils;
import sop.testsuite.TestData;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.stream.Stream;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class ExtractCertTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void extractArmoredCertFromArmoredKeyTest(SOP sop) throws IOException {
InputStream keyIn = sop.generateKey()
.userId("Alice <alice@openpgp.org>")
.generate()
.getInputStream();
byte[] cert = sop.extractCert().key(keyIn).getBytes();
JUtils.assertArrayStartsWith(cert, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(cert, TestData.END_PGP_PUBLIC_KEY_BLOCK);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void extractAliceCertFromAliceKeyTest(SOP sop) throws IOException {
byte[] armoredCert = sop.extractCert()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.getBytes();
JUtils.assertAsciiArmorEquals(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8), armoredCert);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void extractBobsCertFromBobsKeyTest(SOP sop) throws IOException {
byte[] armoredCert = sop.extractCert()
.key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
.getBytes();
JUtils.assertAsciiArmorEquals(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8), armoredCert);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void extractCarolsCertFromCarolsKeyTest(SOP sop) throws IOException {
byte[] armoredCert = sop.extractCert()
.key(TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8))
.getBytes();
JUtils.assertAsciiArmorEquals(TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8), armoredCert);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void extractUnarmoredCertFromArmoredKeyTest(SOP sop) throws IOException {
InputStream keyIn = sop.generateKey()
.userId("Alice <alice@openpgp.org>")
.generate()
.getInputStream();
byte[] cert = sop.extractCert()
.noArmor()
.key(keyIn)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(cert, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void extractArmoredCertFromUnarmoredKeyTest(SOP sop) throws IOException {
InputStream keyIn = sop.generateKey()
.userId("Alice <alice@openpgp.org>")
.noArmor()
.generate()
.getInputStream();
byte[] cert = sop.extractCert()
.key(keyIn)
.getBytes();
JUtils.assertArrayStartsWith(cert, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(cert, TestData.END_PGP_PUBLIC_KEY_BLOCK);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void extractUnarmoredCertFromUnarmoredKeyTest(SOP sop) throws IOException {
InputStream keyIn = sop.generateKey()
.noArmor()
.userId("Alice <alice@openpgp.org>")
.generate()
.getInputStream();
byte[] cert = sop.extractCert()
.noArmor()
.key(keyIn)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(cert, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
}
}

121
sop-java-testfixtures/src/main/java/sop/testsuite/operation/GenerateKeyTest.java Normal file
View file

@ -0,0 +1,121 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.SOP;
import sop.exception.SOPGPException;
import sop.testsuite.JUtils;
import sop.testsuite.TestData;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertThrows;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class GenerateKeyTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void generateKeyTest(SOP sop) throws IOException {
byte[] key = sop.generateKey()
.userId("Alice <alice@openpgp.org>")
.generate()
.getBytes();
JUtils.assertArrayStartsWith(key, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(key, TestData.END_PGP_PRIVATE_KEY_BLOCK);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void generateKeyNoArmor(SOP sop) throws IOException {
byte[] key = sop.generateKey()
.userId("Alice <alice@openpgp.org>")
.noArmor()
.generate()
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(key, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void generateKeyWithMultipleUserIdsTest(SOP sop) throws IOException {
byte[] key = sop.generateKey()
.userId("Alice <alice@openpgp.org>")
.userId("Bob <bob@openpgp.org>")
.generate()
.getBytes();
JUtils.assertArrayStartsWith(key, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(key, TestData.END_PGP_PRIVATE_KEY_BLOCK);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void generateKeyWithoutUserIdTest(SOP sop) throws IOException {
byte[] key = sop.generateKey()
.generate()
.getBytes();
JUtils.assertArrayStartsWith(key, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(key, TestData.END_PGP_PRIVATE_KEY_BLOCK);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void generateKeyWithPasswordTest(SOP sop) throws IOException {
byte[] key = sop.generateKey()
.userId("Alice <alice@openpgp.org>")
.withKeyPassword("sw0rdf1sh")
.generate()
.getBytes();
JUtils.assertArrayStartsWith(key, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(key, TestData.END_PGP_PRIVATE_KEY_BLOCK);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void generateKeyWithMultipleUserIdsAndPassword(SOP sop) throws IOException {
byte[] key = sop.generateKey()
.userId("Alice <alice@openpgp.org>")
.userId("Bob <bob@openpgp.org>")
.withKeyPassword("sw0rdf1sh")
.generate()
.getBytes();
JUtils.assertArrayStartsWith(key, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
JUtils.assertArrayEndsWithIgnoreNewlines(key, TestData.END_PGP_PRIVATE_KEY_BLOCK);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void generateSigningOnlyKey(SOP sop) throws IOException {
byte[] signingOnlyKey = sop.generateKey()
.signingOnly()
.userId("Alice <alice@pgpainless.org>")
.generate()
.getBytes();
byte[] signingOnlyCert = sop.extractCert()
.key(signingOnlyKey)
.getBytes();
assertThrows(SOPGPException.CertCannotEncrypt.class, () ->
sop.encrypt().withCert(signingOnlyCert)
.plaintext(TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8)));
}
}

96
sop-java-testfixtures/src/main/java/sop/testsuite/operation/InlineSignInlineDetachDetachedVerifyTest.java Normal file
View file

@ -0,0 +1,96 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.ByteArrayAndResult;
import sop.SOP;
import sop.Signatures;
import sop.Verification;
import sop.testsuite.JUtils;
import sop.testsuite.TestData;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class InlineSignInlineDetachDetachedVerifyTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void inlineSignThenDetachThenDetachedVerifyTest(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.getBytes();
ByteArrayAndResult<Signatures> bytesAndResult = sop.inlineDetach()
.message(inlineSigned)
.toByteArrayAndResult();
byte[] plaintext = bytesAndResult.getBytes();
assertArrayEquals(message, plaintext);
byte[] signatures = bytesAndResult.getResult()
.getBytes();
List<Verification> verifications = sop.detachedVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(signatures)
.data(plaintext);
assertFalse(verifications.isEmpty());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void inlineSignThenDetachNoArmorThenArmorThenDetachedVerifyTest(SOP sop) throws IOException {
byte[] message = "Hello, World!\n".getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.getBytes();
ByteArrayAndResult<Signatures> bytesAndResult = sop.inlineDetach()
.noArmor()
.message(inlineSigned)
.toByteArrayAndResult();
byte[] plaintext = bytesAndResult.getBytes();
assertArrayEquals(message, plaintext);
byte[] signatures = bytesAndResult.getResult()
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(signatures, TestData.BEGIN_PGP_SIGNATURE));
byte[] armored = sop.armor()
.data(signatures)
.getBytes();
JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_SIGNATURE);
List<Verification> verifications = sop.detachedVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.signatures(armored)
.data(plaintext);
assertFalse(verifications.isEmpty());
}
}

240
sop-java-testfixtures/src/main/java/sop/testsuite/operation/InlineSignInlineVerifyTest.java Normal file
View file

@ -0,0 +1,240 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.ByteArrayAndResult;
import sop.SOP;
import sop.Verification;
import sop.enums.InlineSignAs;
import sop.enums.SignatureMode;
import sop.exception.SOPGPException;
import sop.testsuite.JUtils;
import sop.testsuite.TestData;
import sop.testsuite.assertions.VerificationListAssert;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.List;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
import static org.junit.jupiter.api.Assertions.assertThrows;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class InlineSignInlineVerifyTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void inlineSignVerifyAlice(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.getBytes();
JUtils.assertArrayStartsWith(inlineSigned, TestData.BEGIN_PGP_MESSAGE);
ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.data(inlineSigned)
.toByteArrayAndResult();
assertArrayEquals(message, bytesAndResult.getBytes());
List<Verification> verificationList = bytesAndResult.getResult();
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void inlineSignVerifyAliceNoArmor(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.noArmor()
.data(message)
.getBytes();
Assertions.assertFalse(JUtils.arrayStartsWith(inlineSigned, TestData.BEGIN_PGP_MESSAGE));
ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.data(inlineSigned)
.toByteArrayAndResult();
assertArrayEquals(message, bytesAndResult.getBytes());
List<Verification> verificationList = bytesAndResult.getResult();
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void clearsignVerifyAlice(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] clearsigned = sop.inlineSign()
.key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
.mode(InlineSignAs.clearsigned)
.data(message)
.getBytes();
JUtils.assertArrayStartsWith(clearsigned, TestData.BEGIN_PGP_SIGNED_MESSAGE);
ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.data(clearsigned)
.toByteArrayAndResult();
assertArrayEquals(message, bytesAndResult.getBytes());
List<Verification> verificationList = bytesAndResult.getResult();
VerificationListAssert.assertThatVerificationList(verificationList)
.hasSingleItem()
.issuedBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT)
.hasModeOrNull(SignatureMode.text);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void inlineVerifyCompareSignatureDate(SOP sop) throws IOException {
byte[] message = TestData.ALICE_INLINE_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
Date signatureDate = TestData.ALICE_INLINE_SIGNED_MESSAGE_DATE;
ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.data(message)
.toByteArrayAndResult();
List<Verification> verificationList = bytesAndResult.getResult();
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.isCreatedAt(signatureDate)
.issuedBy(TestData.ALICE_SIGNING_FINGERPRINT, TestData.ALICE_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void assertNotBeforeThrowsNoSignature(SOP sop) {
byte[] message = TestData.ALICE_INLINE_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
Date signatureDate = TestData.ALICE_INLINE_SIGNED_MESSAGE_DATE;
Date afterSignature = new Date(signatureDate.getTime() + 1000); // 1 sec before sig
assertThrows(SOPGPException.NoSignature.class, () -> sop.inlineVerify()
.notBefore(afterSignature)
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.data(message)
.toByteArrayAndResult());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void assertNotAfterThrowsNoSignature(SOP sop) {
byte[] message = TestData.ALICE_INLINE_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
Date signatureDate = TestData.ALICE_INLINE_SIGNED_MESSAGE_DATE;
Date beforeSignature = new Date(signatureDate.getTime() - 1000); // 1 sec before sig
assertThrows(SOPGPException.NoSignature.class, () -> sop.inlineVerify()
.notAfter(beforeSignature)
.cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
.data(message)
.toByteArrayAndResult());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void inlineSignVerifyBob(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.getBytes();
JUtils.assertArrayStartsWith(inlineSigned, TestData.BEGIN_PGP_MESSAGE);
ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
.cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
.data(inlineSigned)
.toByteArrayAndResult();
assertArrayEquals(message, bytesAndResult.getBytes());
List<Verification> verificationList = bytesAndResult.getResult();
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.BOB_SIGNING_FINGERPRINT, TestData.BOB_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void inlineSignVerifyCarol(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.key(TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8))
.data(message)
.getBytes();
JUtils.assertArrayStartsWith(inlineSigned, TestData.BEGIN_PGP_MESSAGE);
ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
.cert(TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8))
.data(inlineSigned)
.toByteArrayAndResult();
assertArrayEquals(message, bytesAndResult.getBytes());
List<Verification> verificationList = bytesAndResult.getResult();
VerificationListAssert.assertThatVerificationList(verificationList)
.isNotEmpty()
.hasSingleItem()
.issuedBy(TestData.CAROL_SIGNING_FINGERPRINT, TestData.CAROL_PRIMARY_FINGERPRINT);
}
@ParameterizedTest
@MethodSource("provideInstances")
public void inlineSignVerifyProtectedKey(SOP sop) throws IOException {
byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] inlineSigned = sop.inlineSign()
.withKeyPassword(TestData.PASSWORD)
.key(TestData.PASSWORD_PROTECTED_KEY.getBytes(StandardCharsets.UTF_8))
.mode(InlineSignAs.binary)
.data(message)
.getBytes();
ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
.cert(TestData.PASSWORD_PROTECTED_CERT.getBytes(StandardCharsets.UTF_8))
.data(inlineSigned)
.toByteArrayAndResult();
List<Verification> verificationList = bytesAndResult.getResult();
VerificationListAssert.assertThatVerificationList(verificationList)
.hasSingleItem()
.issuedBy(TestData.PASSWORD_PROTECTED_SIGNING_FINGERPRINT, TestData.PASSWORD_PROTECTED_PRIMARY_FINGERPRINT);
}
}

53
sop-java-testfixtures/src/main/java/sop/testsuite/operation/ListProfilesTest.java Normal file
View file

@ -0,0 +1,53 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.Profile;
import sop.SOP;
import sop.exception.SOPGPException;
import java.util.List;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertThrows;
public class ListProfilesTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void listGenerateKeyProfiles(SOP sop) {
List<Profile> profiles = sop
.listProfiles()
.generateKey();
assertFalse(profiles.isEmpty());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void listEncryptProfiles(SOP sop) {
List<Profile> profiles = sop
.listProfiles()
.encrypt();
assertFalse(profiles.isEmpty());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void listUnsupportedProfiles(SOP sop) {
assertThrows(SOPGPException.UnsupportedProfile.class, () -> sop
.listProfiles()
.subcommand("invalid"));
}
}

132
sop-java-testfixtures/src/main/java/sop/testsuite/operation/RevokeKeyTest.java Normal file
View file

@ -0,0 +1,132 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import sop.SOP;
import sop.Verification;
import sop.exception.SOPGPException;
import sop.testsuite.JUtils;
import sop.testsuite.TestData;
import sop.testsuite.assertions.VerificationListAssert;
import sop.util.UTF8Util;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class RevokeKeyTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void revokeUnprotectedKey(SOP sop) throws IOException {
byte[] secretKey = sop.generateKey().userId("Alice <alice@pgpainless.org>").generate().getBytes();
byte[] revocation = sop.revokeKey().keys(secretKey).getBytes();
assertTrue(JUtils.arrayStartsWith(revocation, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
assertFalse(Arrays.equals(secretKey, revocation));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void revokeUnprotectedKeyNoArmor(SOP sop) throws IOException {
byte[] secretKey = sop.generateKey().userId("Alice <alice@pgpainless.org>").generate().getBytes();
byte[] revocation = sop.revokeKey().noArmor().keys(secretKey).getBytes();
assertFalse(JUtils.arrayStartsWith(revocation, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void revokeUnprotectedKeyUnarmored(SOP sop) throws IOException {
byte[] secretKey = sop.generateKey().userId("Alice <alice@pgpainless.org>").noArmor().generate().getBytes();
byte[] revocation = sop.revokeKey().noArmor().keys(secretKey).getBytes();
assertFalse(JUtils.arrayStartsWith(revocation, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
assertFalse(Arrays.equals(secretKey, revocation));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void revokeCertificateFails(SOP sop) throws IOException {
byte[] secretKey = sop.generateKey().generate().getBytes();
byte[] certificate = sop.extractCert().key(secretKey).getBytes();
assertThrows(SOPGPException.BadData.class, () -> sop.revokeKey().keys(certificate).getBytes());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void revokeProtectedKey(SOP sop) throws IOException {
byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
byte[] secretKey = sop.generateKey().withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
byte[] revocation = sop.revokeKey().withKeyPassword(password).keys(secretKey).getBytes();
assertFalse(Arrays.equals(secretKey, revocation));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void revokeProtectedKeyWithMultiplePasswordOptions(SOP sop) throws IOException {
byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
byte[] wrongPassword = "0r4ng3".getBytes(UTF8Util.UTF8);
byte[] secretKey = sop.generateKey().withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
byte[] revocation = sop.revokeKey().withKeyPassword(wrongPassword).withKeyPassword(password).keys(secretKey).getBytes();
assertFalse(Arrays.equals(secretKey, revocation));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void revokeProtectedKeyWithMissingPassphraseFails(SOP sop) throws IOException {
byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
byte[] secretKey = sop.generateKey().withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
assertThrows(SOPGPException.KeyIsProtected.class, () -> sop.revokeKey().keys(secretKey).getBytes());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void revokeProtectedKeyWithWrongPassphraseFails(SOP sop) throws IOException {
byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
String wrongPassword = "or4ng3";
byte[] secretKey = sop.generateKey().withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
assertThrows(SOPGPException.KeyIsProtected.class, () -> sop.revokeKey().withKeyPassword(wrongPassword).keys(secretKey).getBytes());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void revokeKeyIsNowHardRevoked(SOP sop) throws IOException {
byte[] key = sop.generateKey().generate().getBytes();
byte[] cert = sop.extractCert().key(key).getBytes();
// Sign a message with the key
byte[] msg = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
byte[] signedMsg = sop.inlineSign().key(key).data(msg).getBytes();
// Verifying the message with the valid cert works
List<Verification> result = sop.inlineVerify().cert(cert).data(signedMsg).toByteArrayAndResult().getResult();
VerificationListAssert.assertThatVerificationList(result).hasSingleItem();
// Now hard revoke the key and re-check signature, expecting no valid certification
byte[] revokedCert = sop.revokeKey().keys(key).getBytes();
assertThrows(SOPGPException.NoSignature.class, () -> sop.inlineVerify().cert(revokedCert).data(signedMsg).toByteArrayAndResult());
}
}

89
sop-java-testfixtures/src/main/java/sop/testsuite/operation/VersionTest.java Normal file
View file

@ -0,0 +1,89 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package sop.testsuite.operation;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import org.opentest4j.TestAbortedException;
import sop.SOP;
import sop.exception.SOPGPException;
import java.util.stream.Stream;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
public class VersionTest extends AbstractSOPTest {
static Stream<Arguments> provideInstances() {
return provideBackends();
}
@ParameterizedTest
@MethodSource("provideInstances")
public void versionNameTest(SOP sop) {
String name = sop.version().getName();
assertNotNull(name);
assertFalse(name.isEmpty());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void versionVersionTest(SOP sop) {
String version = sop.version().getVersion();
assertFalse(version.isEmpty());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void backendVersionTest(SOP sop) {
String backend = sop.version().getBackendVersion();
assertFalse(backend.isEmpty());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void extendedVersionTest(SOP sop) {
String extended = sop.version().getExtendedVersion();
assertFalse(extended.isEmpty());
}
@ParameterizedTest
@MethodSource("provideInstances")
public void sopSpecVersionTest(SOP sop) {
try {
sop.version().getSopSpecVersion();
} catch (RuntimeException e) {
throw new TestAbortedException("SOP backend does not support 'version --sop-spec' yet.");
}
String sopSpec = sop.version().getSopSpecVersion();
if (sop.version().isSopSpecImplementationIncomplete()) {
assertTrue(sopSpec.startsWith("~draft-dkg-openpgp-stateless-cli-"));
} else {
assertTrue(sopSpec.startsWith("draft-dkg-openpgp-stateless-cli-"));
}
int sopRevision = sop.version().getSopSpecRevisionNumber();
assertTrue(sop.version().getSopSpecRevisionName().endsWith("" + sopRevision));
}
@ParameterizedTest
@MethodSource("provideInstances")
public void sopVVersionTest(SOP sop) {
try {
sop.version().getSopVVersion();
} catch (SOPGPException.UnsupportedOption e) {
throw new TestAbortedException(
"Implementation does (gracefully) not provide coverage for any sopv interface version.");
} catch (RuntimeException e) {
throw new TestAbortedException("Implementation does not provide coverage for any sopv interface version.");
}
}
}

8
sop-java-testfixtures/src/main/java/sop/testsuite/operation/package-info.java Normal file
View file

@ -0,0 +1,8 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
/**
* SOP binary test suite.
*/
package sop.testsuite.operation;