aboutsummaryrefslogtreecommitdiffstats
path: root/OpenKeychain-Test
diff options
context:
space:
mode:
Diffstat (limited to 'OpenKeychain-Test')
-rw-r--r--OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java85
1 files changed, 69 insertions, 16 deletions
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java
index f87b27618..0cf16843a 100644
--- a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java
@@ -16,7 +16,6 @@ import org.spongycastle.bcpg.SecretSubkeyPacket;
import org.spongycastle.bcpg.SignaturePacket;
import org.spongycastle.bcpg.UserIDPacket;
import org.spongycastle.bcpg.sig.KeyFlags;
-import org.spongycastle.openpgp.PGPSecretKey;
import org.spongycastle.openpgp.PGPSignature;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.Constants.choice.algorithm;
@@ -68,6 +67,9 @@ public class PgpKeyOperationTest {
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
staticRing = op.createSecretKeyRing(parcel, log, 0);
+
+ // we sleep here for a second, to make sure all new certificates have different timestamps
+ Thread.sleep(1000);
}
@Before public void setUp() throws Exception {
@@ -294,30 +296,82 @@ public class PgpKeyOperationTest {
@Test
public void testSubkeyRevoke() throws Exception {
+ long keyId;
{
Iterator<UncachedPublicKey> it = ring.getPublicKeys();
it.next();
- parcel.mRevokeSubKeys.add(it.next().getKeyId());
+ keyId = it.next().getKeyId();
}
- applyModificationWithChecks(parcel, ring, onlyA, onlyB);
+ int flags = ring.getPublicKey(keyId).getKeyUsage();
- Assert.assertEquals("no extra packets in original", 0, onlyA.size());
- Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
+ UncachedKeyRing modified;
- Packet p;
+ { // revoked second subkey
- p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
- Assert.assertTrue("first new packet must be secret subkey", p instanceof SignaturePacket);
- Assert.assertEquals("signature type must be subkey binding certificate",
- PGPSignature.SUBKEY_REVOCATION, ((SignaturePacket) p).getSignatureType());
- Assert.assertEquals("signature must have been created by master key",
- ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+ parcel.mRevokeSubKeys.add(keyId);
+
+ modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
+
+ Assert.assertEquals("no extra packets in original", 0, onlyA.size());
+ Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
+
+ Packet p;
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("first new packet must be secret subkey", p instanceof SignaturePacket);
+ Assert.assertEquals("signature type must be subkey binding certificate",
+ PGPSignature.SUBKEY_REVOCATION, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ Assert.assertTrue("subkey must actually be revoked",
+ modified.getPublicKey(keyId).isRevoked());
+ }
+
+ { // re-add second subkey
+
+ parcel.reset();
+ parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, null));
+ modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
+
+ Assert.assertEquals("exactly two outdated packets in original", 2, onlyA.size());
+ Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
+
+ Packet p;
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyA.get(0).buf)).readPacket();
+ Assert.assertTrue("first outdated packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("first outdated signature type must be subkey binding certification",
+ PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("first outdated signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyA.get(1).buf)).readPacket();
+ Assert.assertTrue("second outdated packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("second outdated signature type must be subkey revocation",
+ PGPSignature.SUBKEY_REVOCATION, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("second outdated signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("new packet must be signature ", p instanceof SignaturePacket);
+ Assert.assertEquals("new signature type must be subkey binding certification",
+ PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ Assert.assertFalse("subkey must no longer be revoked",
+ modified.getPublicKey(keyId).isRevoked());
+ Assert.assertEquals("subkey must have the same usage flags as before",
+ flags, modified.getPublicKey(keyId).getKeyUsage());
+
+ }
}
@Test
- public void testUserIdRevokeRead() throws Exception {
+ public void testUserIdRevoke() throws Exception {
UncachedKeyRing modified;
String uid = ring.getPublicKey().getUnorderedUserIds().get(1);
@@ -343,11 +397,11 @@ public class PgpKeyOperationTest {
}
{ // re-add second user id
- // new parcel
+
parcel.reset();
parcel.mAddUserIds.add(uid);
- applyModificationWithChecks(parcel, modified, onlyA, onlyB, true, false);
+ applyModificationWithChecks(parcel, modified, onlyA, onlyB);
Assert.assertEquals("exactly two outdated packets in original", 2, onlyA.size());
Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
@@ -402,7 +456,6 @@ public class PgpKeyOperationTest {
"rainbow", ((UserIDPacket) p).getID());
p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(1).buf)).readPacket();
- System.out.println(p.getClass().getName());
Assert.assertTrue("second new packet must be signature", p instanceof SignaturePacket);
Assert.assertEquals("signature type must be positive certification",
PGPSignature.POSITIVE_CERTIFICATION, ((SignaturePacket) p).getSignatureType());