cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add test for multiple signing candidates case

Browse Source
This commit is contained in:
Vincent Breitmoser
2024-02-18 14:49:00 +01:00
parent 5cc2d88ab9
commit bcac9d3204
1 changed files with 68 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpEncryptDecryptTest.java
View File

@@ -46,14 +46,15 @@ import org.openintents.openpgp.OpenPgpSignatureResult;
import org.robolectric.RuntimeEnvironment; import org.robolectric.RuntimeEnvironment;
import org.robolectric.shadows.ShadowLog; import org.robolectric.shadows.ShadowLog;
import org.sufficientlysecure.keychain.KeychainTestRunner; import org.sufficientlysecure.keychain.KeychainTestRunner;
import org.sufficientlysecure.keychain.daos.KeyWritableRepository;
import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult; import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType; import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult; import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
import org.sufficientlysecure.keychain.pgp.SecurityProblem.InsecureBitStrength; import org.sufficientlysecure.keychain.pgp.SecurityProblem.InsecureBitStrength;
import org.sufficientlysecure.keychain.pgp.SecurityProblem.InsecureEncryptionAlgorithm; import org.sufficientlysecure.keychain.pgp.SecurityProblem.InsecureEncryptionAlgorithm;
import org.sufficientlysecure.keychain.pgp.SecurityProblem.MissingMdc; import org.sufficientlysecure.keychain.pgp.SecurityProblem.MissingMdc;
import org.sufficientlysecure.keychain.daos.KeyWritableRepository;
import org.sufficientlysecure.keychain.service.SaveKeyringParcel; import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyChange; import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyChange;
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel; import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
import org.sufficientlysecure.keychain.service.input.RequiredInputParcel; import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
@@ -403,13 +404,78 @@ public class PgpEncryptDecryptTest {
} }
@Test
public void testAsymmetricSignMultipleCandidates() {
String plaintext = "dies ist ein plaintext ☭";
byte[] detachedSignature;
{ // modify key, add extra signing subkey
SaveKeyringParcel.Builder builder = SaveKeyringParcel.buildChangeKeyringParcel(
mStaticRing1.getMasterKeyId(), mStaticRing1.getFingerprint());
builder.addSubkeyAdd(SaveKeyringParcel.SubkeyAdd.createSubkeyAdd(
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
UncachedKeyRing modified = PgpKeyOperationTest.applyModificationWithChecks(builder.build(), mStaticRing1,
new ArrayList<RawPacket>(), new ArrayList<RawPacket>(),
CryptoInputParcel.createCryptoInputParcel(new Date(), mKeyPhrase1));
KeyWritableRepository databaseInteractor =
KeyWritableRepository.create(RuntimeEnvironment.getApplication());
databaseInteractor.saveSecretKeyRing(modified);
}
{ // sign data with key
ByteArrayOutputStream out = new ByteArrayOutputStream();
ByteArrayInputStream in = new ByteArrayInputStream(plaintext.getBytes());
PgpSignEncryptOperation op = new PgpSignEncryptOperation(RuntimeEnvironment.getApplication(),
KeyWritableRepository.create(RuntimeEnvironment.getApplication()), null);
InputData data = new InputData(in, in.available());
PgpSignEncryptData.Builder pgpData = PgpSignEncryptData.builder();
// only sign, as cleartext
pgpData.setSignatureMasterKeyId(mStaticRing1.getMasterKeyId());
// do not select a subkey id for signing here
pgpData.setDetachedSignature(true);
PgpSignEncryptResult result = op.execute(pgpData.build(),
CryptoInputParcel.createCryptoInputParcel(mKeyPhrase1), data, out);
Assert.assertTrue("signing must succeed", result.success());
detachedSignature = result.getDetachedSignature();
}
{ // verification should succeed
ByteArrayOutputStream out = new ByteArrayOutputStream();
ByteArrayInputStream in = new ByteArrayInputStream(plaintext.getBytes());
InputData data = new InputData(in, in.available());
PgpDecryptVerifyOperation op = operationWithFakePassphraseCache(null, null, null);
PgpDecryptVerifyInputParcel input = PgpDecryptVerifyInputParcel.builder()
.setDetachedSignature(detachedSignature)
.build();
DecryptVerifyResult result = op.execute(input, CryptoInputParcel.createCryptoInputParcel(), data, out);
Assert.assertTrue("verification must succeed", result.success());
Assert.assertArrayEquals("verification text should equal plaintext (save for a newline)",
plaintext.getBytes(), out.toByteArray());
Assert.assertEquals("decryptionResult should be RESULT_NOT_ENCRYPTED",
OpenPgpDecryptionResult.RESULT_NOT_ENCRYPTED, result.getDecryptionResult().getResult());
Assert.assertEquals("signatureResult should be RESULT_VALID_CONFIRMED",
OpenPgpSignatureResult.RESULT_VALID_KEY_CONFIRMED, result.getSignatureResult().getResult());
}
}
@Test @Test
public void testAsymmetricSignDetached() { public void testAsymmetricSignDetached() {
String plaintext = "dies ist ein plaintext ☭"; String plaintext = "dies ist ein plaintext ☭";
byte[] detachedSignature; byte[] detachedSignature;
{ // encrypt data with key { // sign data with key
ByteArrayOutputStream out = new ByteArrayOutputStream(); ByteArrayOutputStream out = new ByteArrayOutputStream();
ByteArrayInputStream in = new ByteArrayInputStream(plaintext.getBytes()); ByteArrayInputStream in = new ByteArrayInputStream(plaintext.getBytes());