diff options
Diffstat (limited to 'OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java')
-rw-r--r-- | OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java | 143 |
1 files changed, 65 insertions, 78 deletions
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java index 5c6072c25..4f6694049 100644 --- a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java +++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java @@ -19,12 +19,13 @@ import org.spongycastle.bcpg.sig.KeyFlags; import org.spongycastle.openpgp.PGPSignature; import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.Constants.choice.algorithm; +import org.sufficientlysecure.keychain.pgp.CanonicalizedKeyRing; +import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing; import org.sufficientlysecure.keychain.pgp.PgpKeyOperation; import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; import org.sufficientlysecure.keychain.pgp.UncachedPublicKey; -import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing; import org.sufficientlysecure.keychain.pgp.WrappedSignature; -import org.sufficientlysecure.keychain.service.OperationResultParcel; +import org.sufficientlysecure.keychain.service.OperationResultParcel.OperationLog; import org.sufficientlysecure.keychain.service.SaveKeyringParcel; import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd; import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyChange; @@ -82,8 +83,7 @@ public class PgpKeyOperationTest { parcel.mNewPassphrase = passphrase; PgpKeyOperation op = new PgpKeyOperation(null); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - staticRing = op.createSecretKeyRing(parcel, log, 0); + staticRing = op.createSecretKeyRing(parcel).getRing(); Assert.assertNotNull("initial test key creation must succeed", staticRing); @@ -107,9 +107,7 @@ public class PgpKeyOperationTest { } @Test - public void testAlgorithmChoice() { - - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); + public void createSecretKeyRingTests() { { parcel.reset(); @@ -118,7 +116,7 @@ public class PgpKeyOperationTest { parcel.mAddUserIds.add("shy"); parcel.mNewPassphrase = passphrase; - UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0); + UncachedKeyRing ring = op.createSecretKeyRing(parcel).getRing(); Assert.assertNull("creating ring with < 512 bytes keysize should fail", ring); } @@ -130,7 +128,7 @@ public class PgpKeyOperationTest { parcel.mAddUserIds.add("shy"); parcel.mNewPassphrase = passphrase; - UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0); + UncachedKeyRing ring = op.createSecretKeyRing(parcel).getRing(); Assert.assertNull("creating ring with ElGamal master key should fail", ring); } @@ -142,7 +140,7 @@ public class PgpKeyOperationTest { parcel.mAddUserIds.add("shy"); parcel.mNewPassphrase = passphrase; - UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0); + UncachedKeyRing ring = op.createSecretKeyRing(parcel).getRing(); Assert.assertNull("creating ring with bad algorithm choice should fail", ring); } @@ -153,7 +151,7 @@ public class PgpKeyOperationTest { parcel.mAddUserIds.add("shy"); parcel.mNewPassphrase = passphrase; - UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0); + UncachedKeyRing ring = op.createSecretKeyRing(parcel).getRing(); Assert.assertNull("creating ring with non-certifying master key should fail", ring); } @@ -163,7 +161,7 @@ public class PgpKeyOperationTest { Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null)); parcel.mNewPassphrase = passphrase; - UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0); + UncachedKeyRing ring = op.createSecretKeyRing(parcel).getRing(); Assert.assertNull("creating ring without user ids should fail", ring); } @@ -172,7 +170,7 @@ public class PgpKeyOperationTest { parcel.mAddUserIds.add("shy"); parcel.mNewPassphrase = passphrase; - UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0); + UncachedKeyRing ring = op.createSecretKeyRing(parcel).getRing(); Assert.assertNull("creating ring without subkeys should fail", ring); } @@ -186,11 +184,10 @@ public class PgpKeyOperationTest { parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd( Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA, null)); parcel.mAddUserIds.add("luna"); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - ring = op.createSecretKeyRing(parcel, log, 0); + ring = op.createSecretKeyRing(parcel).getRing(); Assert.assertEquals("the keyring should contain only the master key", - 1, ring.getAvailableSubkeys().size()); + 1, KeyringTestingHelper.itToList(ring.getPublicKeys()).size()); Assert.assertEquals("first (master) key must have both flags", KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA, ring.getPublicKey().getKeyUsage()); @@ -212,7 +209,7 @@ public class PgpKeyOperationTest { 2, ring.getPublicKey().getUnorderedUserIds().size()); Assert.assertEquals("number of subkeys must be three", - 3, ring.getAvailableSubkeys().size()); + 3, KeyringTestingHelper.itToList(ring.getPublicKeys()).size()); Assert.assertTrue("key ring should have been created in the last 120 seconds", ring.getPublicKey().getCreationTime().after(new Date(new Date().getTime()-1000*120))); @@ -250,9 +247,8 @@ public class PgpKeyOperationTest { parcel.mMasterKeyId = ring.getMasterKeyId() -1; parcel.mFingerprint = ring.getFingerprint(); - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("keyring modification with bad master key id should fail", modified); } @@ -263,9 +259,8 @@ public class PgpKeyOperationTest { parcel.mMasterKeyId = null; parcel.mFingerprint = ring.getFingerprint(); - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("keyring modification with null master key id should fail", modified); } @@ -277,9 +272,8 @@ public class PgpKeyOperationTest { // some byte, off by one parcel.mFingerprint[5] += 1; - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("keyring modification with bad fingerprint should fail", modified); } @@ -289,17 +283,19 @@ public class PgpKeyOperationTest { parcel.mMasterKeyId = ring.getMasterKeyId(); parcel.mFingerprint = null; - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("keyring modification with null fingerprint should fail", modified); } { - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, "bad passphrase", log, 0); + String badphrase = ""; + if (badphrase.equals(passphrase)) { + badphrase = "a"; + } + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, badphrase).getRing(); Assert.assertNull("keyring modification with bad passphrase should fail", modified); } @@ -352,11 +348,11 @@ public class PgpKeyOperationTest { { // bad keysize should fail parcel.reset(); - parcel.mAddSubKeys.add(new SubkeyAdd(algorithm.rsa, 77, KeyFlags.SIGN_DATA, null)); + parcel.mAddSubKeys.add(new SubkeyAdd( + algorithm.rsa, new Random().nextInt(512), KeyFlags.SIGN_DATA, null)); - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("creating a subkey with keysize < 512 should fail", modified); } @@ -366,9 +362,8 @@ public class PgpKeyOperationTest { parcel.mAddSubKeys.add(new SubkeyAdd(algorithm.rsa, 1024, KeyFlags.SIGN_DATA, new Date().getTime()/1000-10)); - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("creating subkey with past expiry date should fail", modified); } @@ -379,12 +374,7 @@ public class PgpKeyOperationTest { public void testSubkeyModify() throws Exception { long expiry = new Date().getTime()/1000 + 1024; - long keyId; - { - Iterator<UncachedPublicKey> it = ring.getPublicKeys(); - it.next(); - keyId = it.next().getKeyId(); - } + long keyId = KeyringTestingHelper.getSubkeyId(ring, 1); UncachedKeyRing modified = ring; { @@ -440,9 +430,8 @@ public class PgpKeyOperationTest { parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, new Date().getTime()/1000-10)); - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("setting subkey expiry to a past date should fail", modified); } @@ -451,9 +440,8 @@ public class PgpKeyOperationTest { parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(123, null, null)); - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("modifying non-existent subkey should fail", modified); } @@ -463,13 +451,7 @@ public class PgpKeyOperationTest { @Test public void testSubkeyRevoke() throws Exception { - long keyId; - { - Iterator<UncachedPublicKey> it = ring.getPublicKeys(); - it.next(); - keyId = it.next().getKeyId(); - } - + long keyId = KeyringTestingHelper.getSubkeyId(ring, 1); int flags = ring.getPublicKey(keyId).getKeyUsage(); UncachedKeyRing modified; @@ -479,9 +461,8 @@ public class PgpKeyOperationTest { parcel.reset(); parcel.mRevokeSubKeys.add(123L); - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - UncachedKeyRing otherModified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + UncachedKeyRing otherModified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("revoking a nonexistent subkey should fail", otherModified); @@ -582,9 +563,8 @@ public class PgpKeyOperationTest { parcel.reset(); parcel.mChangePrimaryUserId = uid; - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(modified.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - UncachedKeyRing otherModified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(modified.getEncoded(), false, 0); + UncachedKeyRing otherModified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("setting primary user id to a revoked user id should fail", otherModified); @@ -629,6 +609,14 @@ public class PgpKeyOperationTest { @Test public void testUserIdAdd() throws Exception { + { + parcel.mAddUserIds.add(""); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); + Assert.assertNull("adding an empty user id should fail", modified); + } + + parcel.reset(); parcel.mAddUserIds.add("rainbow"); UncachedKeyRing modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB); @@ -689,10 +677,12 @@ public class PgpKeyOperationTest { parcel.reset(); //noinspection SpellCheckingInspection parcel.mChangePrimaryUserId = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; + if (parcel.mChangePrimaryUserId.equals(passphrase)) { + parcel.mChangePrimaryUserId += "A"; + } - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + modified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNull("changing primary user id to a non-existent one should fail", modified); } @@ -716,14 +706,14 @@ public class PgpKeyOperationTest { ArrayList<RawPacket> onlyB, boolean canonicalize, boolean constantCanonicalize) { + try { Assert.assertTrue("modified keyring must be secret", ring.isSecret()); - WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0); + CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); PgpKeyOperation op = new PgpKeyOperation(null); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - UncachedKeyRing rawModified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0); + UncachedKeyRing rawModified = op.modifySecretKeyRing(secretRing, parcel, passphrase).getRing(); Assert.assertNotNull("key modification failed", rawModified); if (!canonicalize) { @@ -732,7 +722,7 @@ public class PgpKeyOperationTest { return rawModified; } - UncachedKeyRing modified = rawModified.canonicalize(log, 0); + CanonicalizedKeyRing modified = rawModified.canonicalize(new OperationLog(), 0); if (constantCanonicalize) { Assert.assertTrue("key must be constant through canonicalization", !KeyringTestingHelper.diffKeyrings( @@ -741,7 +731,8 @@ public class PgpKeyOperationTest { } Assert.assertTrue("keyring must differ from original", KeyringTestingHelper.diffKeyrings( ring.getEncoded(), modified.getEncoded(), onlyA, onlyB)); - return modified; + + return modified.getUncachedKeyRing(); } catch (IOException e) { throw new AssertionFailedError("error during encoding!"); @@ -754,12 +745,8 @@ public class PgpKeyOperationTest { UncachedKeyRing expectedKeyRing = KeyringBuilder.correctRing(); UncachedKeyRing inputKeyRing = KeyringBuilder.ringWithExtraIncorrectSignature(); - OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog(); - UncachedKeyRing canonicalizedRing = inputKeyRing.canonicalize(log, 0); - - if (canonicalizedRing == null) { - throw new AssertionError("Canonicalization failed; messages: [" + log + "]"); - } + CanonicalizedKeyRing canonicalized = inputKeyRing.canonicalize(new OperationLog(), 0); + Assert.assertNotNull("canonicalization must succeed", canonicalized); ArrayList onlyA = new ArrayList<RawPacket>(); ArrayList onlyB = new ArrayList<RawPacket>(); |