diff options
Diffstat (limited to 'OpenKeychain-Test/src/test/java')
| -rw-r--r-- | OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java | 59 |
1 files changed, 51 insertions, 8 deletions
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java index 056165e01..312875229 100644 --- a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java +++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java @@ -50,6 +50,7 @@ import org.sufficientlysecure.keychain.service.SaveKeyringParcel.ChangeUnlockPar import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd; import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyChange; import org.sufficientlysecure.keychain.service.input.CryptoInputParcel; +import org.sufficientlysecure.keychain.service.input.RequiredInputParcel.RequiredInputType; import org.sufficientlysecure.keychain.support.KeyringBuilder; import org.sufficientlysecure.keychain.support.KeyringTestingHelper; import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket; @@ -95,7 +96,7 @@ public class PgpKeyOperationTest { parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd( Algorithm.DSA, 1024, null, KeyFlags.SIGN_DATA, 0L)); parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd( - Algorithm.ELGAMAL, 1024, null, KeyFlags.ENCRYPT_COMMS, 0L)); + Algorithm.RSA, 2048, null, KeyFlags.ENCRYPT_COMMS, 0L)); parcel.mAddUserIds.add("twi"); parcel.mAddUserIds.add("pink"); @@ -754,7 +755,7 @@ public class PgpKeyOperationTest { public void testSubkeyStrip() throws Exception { long keyId = KeyringTestingHelper.getSubkeyId(ring, 1); - parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, null)); + parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, false)); applyModificationWithChecks(parcel, ring, onlyA, onlyB); Assert.assertEquals("one extra packet in original", 1, onlyA.size()); @@ -780,7 +781,7 @@ public class PgpKeyOperationTest { public void testMasterStrip() throws Exception { long keyId = ring.getMasterKeyId(); - parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, null)); + parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, false)); applyModificationWithChecks(parcel, ring, onlyA, onlyB); Assert.assertEquals("one extra packet in original", 1, onlyA.size()); @@ -807,9 +808,9 @@ public class PgpKeyOperationTest { long keyId = KeyringTestingHelper.getSubkeyId(ring, 1); UncachedKeyRing modified; - { // we should be able to change the stripped/divert status of subkeys without passphrase + { // we should be able to change the stripped status of subkeys without passphrase parcel.reset(); - parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, null)); + parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, false)); modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB, new CryptoInputParcel()); Assert.assertEquals("one extra packet in modified", 1, onlyB.size()); Packet p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket(); @@ -818,15 +819,57 @@ public class PgpKeyOperationTest { Assert.assertEquals("new packet should have GNU_DUMMY protection mode stripped", S2K.GNU_PROTECTION_MODE_NO_PRIVATE_KEY, ((SecretKeyPacket) p).getS2K().getProtectionMode()); } + } + + @Test + public void testKeyToCard() throws Exception { + + UncachedKeyRing modified; + + { // keytocard should fail with BAD_NFC_SIZE when presented with the RSA-1024 key + long keyId = KeyringTestingHelper.getSubkeyId(ring, 0); + parcel.reset(); + parcel.mChangeSubKeys.add(new SubkeyChange(keyId, false, true)); + + assertModifyFailure("keytocard operation should fail on invalid key size", ring, + parcel, cryptoInput, LogType.MSG_MF_ERROR_BAD_NFC_SIZE); + } - { // and again, changing to divert-to-card + { // keytocard should fail with BAD_NFC_ALGO when presented with the DSA-1024 key + long keyId = KeyringTestingHelper.getSubkeyId(ring, 1); parcel.reset(); + parcel.mChangeSubKeys.add(new SubkeyChange(keyId, false, true)); + + assertModifyFailure("keytocard operation should fail on invalid key algorithm", ring, + parcel, cryptoInput, LogType.MSG_MF_ERROR_BAD_NFC_ALGO); + } + + { // keytocard should return a pending NFC_KEYTOCARD result when presented with the RSA-2048 + // key, and then make key divert-to-card when it gets a serial in the cryptoInputParcel. + long keyId = KeyringTestingHelper.getSubkeyId(ring, 2); + parcel.reset(); + parcel.mChangeSubKeys.add(new SubkeyChange(keyId, false, true)); + + CanonicalizedSecretKeyRing secretRing = + new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0); + PgpKeyOperation op = new PgpKeyOperation(null); + PgpEditKeyResult result = op.modifySecretKeyRing(secretRing, cryptoInput, parcel); + Assert.assertTrue("keytocard operation should be pending", result.isPending()); + Assert.assertEquals("required input should be RequiredInputType.NFC_KEYTOCARD", + result.getRequiredInputParcel().mType, RequiredInputType.NFC_KEYTOCARD); + + // Create a cryptoInputParcel that matches what the NFCOperationActivity would return. + byte[] keyIdBytes = new byte[8]; + ByteBuffer buf = ByteBuffer.wrap(keyIdBytes); + buf.putLong(keyId).rewind(); byte[] serial = new byte[] { 0x6a, 0x6f, 0x6c, 0x6f, 0x73, 0x77, 0x61, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; - parcel.mChangeSubKeys.add(new SubkeyChange(keyId, false, serial)); - modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB, new CryptoInputParcel()); + CryptoInputParcel inputParcel = new CryptoInputParcel(); + inputParcel.addCryptoData(keyIdBytes, serial); + + modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB, inputParcel); Assert.assertEquals("one extra packet in modified", 1, onlyB.size()); Packet p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket(); Assert.assertEquals("new packet should have GNU_DUMMY S2K type", |