From c7d174c930e868f37c0be11e7b5231f4419f4203 Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <look@my.amazin.horse>
Date: Thu, 9 Mar 2017 19:45:23 +0100
Subject: [PATCH] handle unknown key algorithms using opaque keys

---
 .../keychain/pgp/OpaqueKeyTest.java           |  80 ++++++++++++++++++
 .../test-keys/eddsa-sample-1-pub.asc          |  15 ++++
 .../resources/test-keys/eddsa-subkey.pub.asc  | Bin 0 -> 1114 bytes
 .../resources/test-keys/eddsa-subkey.sec.asc  | Bin 0 -> 1894 bytes
 extern/bouncycastle                           |   2 +-
 5 files changed, 96 insertions(+), 1 deletion(-)
 create mode 100644 OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/OpaqueKeyTest.java
 create mode 100644 OpenKeychain/src/test/resources/test-keys/eddsa-sample-1-pub.asc
 create mode 100644 OpenKeychain/src/test/resources/test-keys/eddsa-subkey.pub.asc
 create mode 100644 OpenKeychain/src/test/resources/test-keys/eddsa-subkey.sec.asc

diff --git a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/OpaqueKeyTest.java b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/OpaqueKeyTest.java
new file mode 100644
index 000000000..37c605613
--- /dev/null
+++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/OpaqueKeyTest.java
@@ -0,0 +1,80 @@
+/*
+ * Copyright (C) 2017 Vincent Breitmoser <v.breitmoser@mugenguild.com>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package org.sufficientlysecure.keychain.pgp;
+
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.robolectric.shadows.ShadowLog;
+import org.sufficientlysecure.keychain.KeychainTestRunner;
+import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
+import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
+import org.sufficientlysecure.keychain.support.TestDataUtil;
+
+import static junit.framework.Assert.assertNotNull;
+import static junit.framework.Assert.assertTrue;
+import static org.junit.Assert.assertArrayEquals;
+
+
+@SuppressWarnings("WeakerAccess")
+@RunWith(KeychainTestRunner.class)
+public class OpaqueKeyTest {
+    @BeforeClass
+    public static void setUpOnce() throws Exception {
+        ShadowLog.stream = System.out;
+    }
+
+    @Test
+    public void testOpaqueSubKey__canonicalize__shouldFail() throws Exception {
+        // key from GnuPG's test suite, sample msg generated using GnuPG v2.1.18
+        // TODO use for actual tests once eddsa is supported!
+        UncachedKeyRing ring = readRingFromResource("/test-keys/eddsa-sample-1-pub.asc");
+
+        OperationLog log = new OperationLog();
+        ring.canonicalize(log, 0);
+
+        assertTrue(log.containsType(LogType.MSG_KC_ERROR_MASTER_ALGO));
+    }
+
+    @Test
+    public void testOpaqueSubKey__canonicalize__shouldStrip() throws Exception {
+        UncachedKeyRing ring = readRingFromResource("/test-keys/eddsa-subkey.pub.asc");
+
+        OperationLog log = new OperationLog();
+        CanonicalizedKeyRing canonicalizedKeyRing = ring.canonicalize(log, 0);
+
+        assertNotNull(canonicalizedKeyRing);
+        assertTrue(log.containsType(LogType.MSG_KC_SUB_UNKNOWN_ALGO));
+    }
+
+    @Test
+    public void testOpaqueSubKey__reencode__shouldBeIdentical() throws Exception {
+        byte[] rawKeyData = TestDataUtil.readFully(
+                OpaqueKeyTest.class.getResourceAsStream("/test-keys/eddsa-subkey.pub.asc"));
+
+        UncachedKeyRing ring = UncachedKeyRing.decodeFromData(rawKeyData);
+
+        assertArrayEquals(rawKeyData, ring.getEncoded());
+    }
+
+    UncachedKeyRing readRingFromResource(String name) throws Exception {
+        return UncachedKeyRing.fromStream(OpaqueKeyTest.class.getResourceAsStream(name)).next();
+    }
+
+}
\ No newline at end of file
diff --git a/OpenKeychain/src/test/resources/test-keys/eddsa-sample-1-pub.asc b/OpenKeychain/src/test/resources/test-keys/eddsa-sample-1-pub.asc
new file mode 100644
index 000000000..5a65453ef
--- /dev/null
+++ b/OpenKeychain/src/test/resources/test-keys/eddsa-sample-1-pub.asc
@@ -0,0 +1,15 @@
+pub   ed25519/97965A9A 2014-08-19
+      Key fingerprint = C959 BDBA FA32 A2F8 9A15  3B67 8CFD E121 9796 5A9A
+      Keygrip = 0DD40284FF992CD24DC4AAC367037E066FCEE26A
+uid       [ unknown] EdDSA sample key 1 (draft-koch-eddsa-for-openpgp-00)
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2
+
+mDMEU/NfCxYJKwYBBAHaRw8BAQdAPwmJlL3ZFu1AUxl5NOSofIBzOhKA1i+AEJku
+Q+47JAa0NEVkRFNBIHNhbXBsZSBrZXkgMSAoZHJhZnQta29jaC1lZGRzYS1mb3It
+b3BlbnBncC0wMCmIeQQTFggAIQUCU/NfCwIbAwULCQgHAgYVCAkKCwIEFgIDAQIe
+AQIXgAAKCRCM/eEhl5ZamnNOAP9pKn5wz3jPsgy9p65zxz1+xJEr/cczFQx/tYkk
+49tkeAD+P9jJE4SFD2lVofxn1e22H7YLvcVyHDOA9gpYWTNXiAU=
+=Jbi7
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/OpenKeychain/src/test/resources/test-keys/eddsa-subkey.pub.asc b/OpenKeychain/src/test/resources/test-keys/eddsa-subkey.pub.asc
new file mode 100644
index 0000000000000000000000000000000000000000..f5f6faad19a1bc0763f6f894c655b8e82a22e780
GIT binary patch
literal 1114
zcmbQq$jcIOaGo_I2gB=<e{~9K%!$(s*6LNRy`PhGqJ5TuL6EsY>H`N6za72@w(!lY
zu{ft&@A7(@t6kh?-2&a+50=`#`BoXBA|M=9`YC^s$qBbRw*$Tg8tuOSe!@!mr3WpK
zulLqcP|be&_tl9r9Q_+Fw*6XRUZ;KTLuG1IQFr}{8?R=(xl}m&ea9lj#fv^P@Ns)(
z`D#Whr51=OCbGJR6_uV^BI&QPqQ7Wf!VTfFi!--INd;M0g{-$MR+;5BIrrq;&^YCz
z3-eCL7%l3%%d}_P^50uZ<abY*Sflz~;*6Eq%~=H(KG&6H7pc!xi&qX?Q*kjvaVOvG
z$A99ZVxBaw(!SVuGm~f0!WBF_G<8lh2r@D-ZsAEyNhwZL$W1IRNiFJR3}F!l292GV
zB1`KP?X6w>pWPo?H7~g6sl+N`dS8~62^4lr(#))!%!kq$Sh+bl*qPWwIXJnvnOMY_
zm>HSm7@5Qy7`QkEU|OusaWE{}QZXsj#d7!5oi_9Br#q!h-}~N8X$k9IjjUIOk7i$=
zdM`r$nue-$*(I$TbyxHL-ihwMezNu9Z3p|GE7w)(DT+M&)?iw*A(`#2%LJ>H;ad!}
zK0H};>TA!v=L>dJ-j2RJQ(I%(21Y$gZd2VN`+m`fx9&bYIr08^nd__v9URxsSd_fS
ziR=2ioe{@wW&B*?6241cIPcS3QT?k6HubXXmOOQp^F~D7+QZU&k9*I(#JGm_&^({A
z{5|J)?@jQn@}1|miM!!S|8Mo`@`aa#I?eOjv}_kePk9vkpnFmHr{8Z@O*kxG*0v`^
z@2KyxT7#AX_VpGlXO{D2?sAhj(3^DL;@n|Qsnt7-L20f^j8mJ9k%jS=J3k{MyTdDq
z&ly(Ud##II*I%rAIi+#t_do3`^rs$_F<DzU$N7h8C*xWc31D0(;ERhYCTS*yMnq_r
zDX>V2aWKdN_4w?~Ii9b!E#mf}_C0Tf`F1mhsqX;CUlk~NU?P3*85ve9i+);qNbRhe
z_N?2L=Nn~aDmkT|KXdGAUT|5ZlgIo{Muzsgm2))or(b+~Wi4;dtalUTG<Ilj5ZiIr
zD}?DzL$5j$ZyNjm$hEvr4{J`Fzdi2whRR1JY(ZLY0zUmd%JHFk4+G!L*ZZb_Py9ZQ
zTjP|@N&9RG>Hg(0n;&cx{@PX3Wyr+7BiT_(=<?nZzISR17G0^9&yKLv=lrpL?UAap
zbxAj7?|2t;Jn_NY<4dQo?QK7>{N=jhqiY;iypM@`acZ}0=9I_N*G3Dk-=fa=y{b3k
zcfM1);34Z1zxPkwBAHvdu-uLRH@oBoC#(H(hk9q|2JlMHxqBo*BkS)nCaGMR$Q>y=
zul6glO}q3@r}BKTVA)A)U5yPpr-;O?GoP@;M}fg9V5W9ec7d{z=d9?xw-(1UP4!LQ
a*A#4!5EK!v7x<~DcecLt8XK)co45hVQ}HYS

literal 0
HcmV?d00001

diff --git a/OpenKeychain/src/test/resources/test-keys/eddsa-subkey.sec.asc b/OpenKeychain/src/test/resources/test-keys/eddsa-subkey.sec.asc
new file mode 100644
index 0000000000000000000000000000000000000000..bd4f04de3b96aa72884d5557b3b84ea6838d3f65
GIT binary patch
literal 1894
zcmV-s2buVl1I7ec!Jaz-2mtGJ{(c}P17VghtuA@3-)v&Yhng@jQa3PV;6M~kxJ|&c
z4w-y7&MkjL>y|}6Ub8K5ExX{QJ?!>*SR@b=T6OYok~GLh+}lv~Q8K&V?~th<rNKGJ
zuS+T*C2QsV>d4FpkFn8)`lvU4E6(tFWm<BJf2i2%nC#MVo9~FCA)})3fDQ{vYE3Cy
zB4uzEAz=kaR&sU9q!~{nsE=}<VAvCO(V4Yc8d5kqRIfR6B$`T-ZONTgUL(b!Zp&OU
zqK@4Hytb$Nv~(Z4l#zTT_ZZANHrbkR(DQzFYjP)@CSM~~ta#CAA-N8l<NRM*T;zkQ
zE75`3X$+#Fs0_F%EXx290RRF12Ll2u^Ase|z$i=cg0NeoAMZNOpcuYSq02<kZM1VH
z!M!l1GsAQ2^)Y&lVVB>Rbp;n&t1-$x)L4^v1>@ZO-J6+TGb5E;%V6#`GO$h~Iu!w2
z-(m+7+VvtcW3FxAPE931O91$!{IaR^!i_S7f!V|-oyNi+7`@)X@3#9cwrANFhyM6y
zjJgkfU?97(fqs}0N(cw`H=1_Mj9rDKn$C!BaI(Q8e~#B#ftUJE7K=yCYsv+~&SP|U
zZts>j_qmNB^Ez~qqI{q+J_^mprMaS2{{X6YJF`SH<7}Z_QpiSl&z&pHA42=tGiMdD
z#8fFCm@dNu1Oyy33zzlP10Z)dD1zuaD*DZC-8hu(Cphb0l4_r*eN_eQ8nqmIjl(wk
z(P}c7-UWI`nupcGP6~lMnEyW7)j8d?&!0wb-@7*mGV6O5@P>F{2&T~V<e$oitIOGH
zp|e5RbLt3_QV0;|1*i9|fNxo#gj^e(0kBp->W4}<wnaj1?8ue}zG2B=Z9#)794|r!
zsEO2eAp>k-?>3_b%53o-&2&#wX!zLHMx;wvB`B|Ar&kw@(d&HC-!MT39^6GZqWIU4
zBWYtbWR?wOYP<k5Ucy3h?7<1DOhEl8+(Xltugv(U-6*90{ucXb`u_fc6K<A^?&LZm
zpfO=d)_&x|32>S#RCXZ-(;oDggCuny@Nd~w-rb=CZ!T&RK1Tg9UKC0O{0nsWkYy`h
zNi!sjRS0YI#>dvL+-zEqs6>93#|XxY^OkCAG)mxU@_pHgQ$PIB7sFty>CQCGAEFh|
z6Zihy<`ac=2zC!XI=CGACa6sVh0g&5d{Lfo6M;fpysYPe!aH!CE(!(3>VdF%ZVHMn
zu1o4|rLkn~RW~lKpOVkpz)gh89*?jzf)0MzgN83SDHXLz%~QcHv<zirWOHF4ZDDhC
zWparDR0I<N2mn47Aq0igE47Lb^GD%2gP_q#A_WvR-yH=4Sizn<0viJb2?N4s00j#P
z2nPZN6$l9m3jzcd0s{d89svRufB*^!5Yb5@1r#;k9Xiek0HU;bl4V3WyOp^-pFfvE
zW|zJ1Mk1sIy(ntxG2)xomEKq%)+i+#cG4=?e${UM+*^y+$%WzDKtK7Zu6ZsY6yf%O
zHGHsR2HixEI;mH*Fe>omqRRD*-shmWdD~mlnJXx^umLVP3pFirKaUmR+TG>Jk>Af8
z*9E~qL9dviW4uBN*Y3Gk#@cB4q(oP`FB5L^ofR+Dpt6kwyBW&W3D{VEt-~9=$4i~k
z0jveWo=kRcywAJ6U`={Wo=&n0fYgusCwq6H(h`X`Z-y#8qFa>WUEqtNSMvMps*uAM
zc80uEF2zlzeK3S@2d_8;%%=`%x<(kljbhI@&cg{BtDJ@eSizop76~f`0R#csM-Kr3
z2SDl=^JqFty*qP7uhD+#l!2M|{D-J7mBAb|t#O<~_%;3q0|F}oFqXK;d#>?G3bkD1
z>Bd+q5UlV&CuKU74SJG&#=a>-w1Zqh>WW5j63EJ6V2nIb$s*G8ksKVEc1dsNb>B%G
z|B>E+o@BGFEzdl_Wr+c;1Q-Db03a421clTqwTch(N8vhypwUSp1r#;k9R&hd!Jc{o
z8v+1<2@ugqA_WvR-yL=!1Q`|x038+~1Wdhb$8RRKSlhyfyzLVXy8~7yxCH`O!Jc{m
z3JDPH6ArrrRwuZQ?*Ra-BNg(c!Y0ioE1KJR&w(77B0^=)%*NGjQ+9bmNS}!T0EgXq
zoG34s(e2c&4UC%Zksc_xE3g*0-AYsf+<=WI0u5#d|5>dK<-;kKpSNDeuzBKi22v{Q
zQ1bi52=IHn01nyfzL)o5_nr$V$}Gu0YZx1kr(Cn(u@m)*e2Osw2e@NF8WPjJ$W7dR
zaH7<EA8S}SFA4ast;BlGeqz|0xb9rXVc?y|rIZG}hrp-lu5-n#K&bCrTIkBV9ch%~
zm#te9ue2ut_j-+J`)@*L5yCsj`@fa68Eti;cSaBU2N}>pI=>#mjhHP^4I7-@#9%0D
z{iXsMZ5&y+WVzLkAqJMx{w#UVQxSH_J1r=%xs()Kt~ZdROdtS4P?;-wYj7hXNt#=|
g+M{0rl}%&5f>SVHQdn0mQSx$)n=c!zJSxJn3zgk*H2?qr

literal 0
HcmV?d00001

diff --git a/extern/bouncycastle b/extern/bouncycastle
index 0e2e96778..3153790ed 160000
--- a/extern/bouncycastle
+++ b/extern/bouncycastle
@@ -1 +1 @@
-Subproject commit 0e2e96778b2aaf55dc582748de9b7827ab01086f
+Subproject commit 3153790edfdb13d41a7cf6ef8d1a9313f4aa2a32