List of usage examples for org.bouncycastle.bcpg PacketTags SIGNATURE
int SIGNATURE
To view the source code for org.bouncycastle.bcpg PacketTags SIGNATURE.
Click Source Link
From source file:com.google.e2e.bcdriver.KeyChecker.java
License:Apache License
private static final boolean isGoodBackSignature(PGPSignature sig, PGPPublicKey signer, PGPPublicKey target, StringBuilder errors) throws PGPException, SignatureException, IOException { SignatureSubpacket esigpack = null;/*from w w w . j a va 2 s. c o m*/ // Prefer to get it from the hashed subpacket. PGPSignatureSubpacketVector svec = sig.getHashedSubPackets(); if (svec != null) { esigpack = svec.getSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE); } if (esigpack == null) { svec = sig.getUnhashedSubPackets(); if (svec != null) { esigpack = svec.getSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE); } } if (esigpack == null) { errors.append("Rejecting " + niceSig(sig) + " for subkey " + nicePk(target) + " because it doesn't have a cross-certification.\n" + "See https://www.gnupg.org/faq/subkey-cross-certify.html\n"); return false; } // Unfortunately, since PGPSignature(byte[]) is not public, we // have to go through this ugly contortion to get a signature. ByteArrayOutputStream baout = new ByteArrayOutputStream(); // dump out an old-style header. int hdr = 0x80 | (PacketTags.SIGNATURE << 2); int len = esigpack.getData().length; if (len <= 0xff) { baout.write(hdr); baout.write(len); } else if (len <= 0xffff) { baout.write(hdr | 0x01); baout.write((len >> 8) & 0xff); baout.write(len & 0xff); } else { baout.write(hdr | 0x02); baout.write((len >> 24) & 0xff); baout.write((len >> 16) & 0xff); baout.write((len >> 8) & 0xff); baout.write(len & 0xff); } baout.write(esigpack.getData()); baout.close(); PGPObjectFactory fact = new PGPObjectFactory(new ByteArrayInputStream(baout.toByteArray()), new BcKeyFingerprintCalculator()); Object obj = fact.nextObject(); if (!(obj instanceof PGPSignatureList)) { errors.append("Rejecting " + niceSig(sig) + " for subkey " + nicePk(target) + " because no usable embedded signature is available.\n"); return false; } PGPSignatureList esiglist = (PGPSignatureList) obj; if (esiglist.size() != 1) { errors.append("Rejecting " + niceSig(sig) + " for subkey " + nicePk(target) + " because no usable embedded signature is available.\n"); return false; } PGPSignature esig = esiglist.get(0); if (esig.getSignatureType() != PGPSignature.PRIMARYKEY_BINDING) { errors.append("Rejecting " + niceSig(sig) + " for subkey " + nicePk(target) + " because the embedded " + niceSig(esig) + " is not a proper backsignature.\n"); return false; } esig.init(new BcPGPContentVerifierBuilderProvider(), target); return esig.verifyCertification(signer, target) && isSignatureCurrent(esig, errors); }
From source file:org.sufficientlysecure.keychain.pgp.PgpKeyOperationTest.java
License:Open Source License
@Test public void testSubkeyModify() throws Exception { long expiry = new Date().getTime() / 1000 + 1024; long keyId = KeyringTestingHelper.getSubkeyId(ring, 1); UncachedKeyRing modified = ring;//from ww w.j av a2 s .co m { parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, expiry)); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); Assert.assertEquals("one extra packet in original", 1, onlyA.size()); Assert.assertEquals("one extra packet in modified", 1, onlyB.size()); Assert.assertEquals("old packet must be signature", PacketTags.SIGNATURE, onlyA.get(0).tag); Packet p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket(); Assert.assertTrue("first new packet must be signature", p instanceof SignaturePacket); Assert.assertEquals("signature type must be subkey binding certificate", PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType()); Assert.assertEquals("signature must have been created by master key", ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID()); Assert.assertNotNull("modified key must have an expiry date", modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting()); Assert.assertEquals("modified key must have expected expiry date", expiry, modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting().getTime() / 1000); Assert.assertEquals("modified key must have same flags as before", ring.getPublicKey(keyId).getKeyUsage(), modified.getPublicKey(keyId).getKeyUsage()); } { // change expiry expiry += 60 * 60 * 24; parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, expiry)); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); Assert.assertNotNull("modified key must have an expiry date", modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting()); Assert.assertEquals("modified key must have expected expiry date", expiry, modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting().getTime() / 1000); Assert.assertEquals("modified key must have same flags as before", ring.getPublicKey(keyId).getKeyUsage(), modified.getPublicKey(keyId).getKeyUsage()); } { int flags = KeyFlags.SIGN_DATA | KeyFlags.ENCRYPT_COMMS; parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, flags, null)); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); Assert.assertEquals("old packet must be signature", PacketTags.SIGNATURE, onlyA.get(0).tag); Packet p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket(); Assert.assertTrue("first new packet must be signature", p instanceof SignaturePacket); Assert.assertEquals("signature type must be subkey binding certificate", PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType()); Assert.assertEquals("signature must have been created by master key", ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID()); Assert.assertEquals("modified key must have expected flags", flags, (long) modified.getPublicKey(keyId).getKeyUsage()); Assert.assertNotNull("key must retain its expiry", modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting()); Assert.assertEquals("key expiry must be unchanged", expiry, modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting().getTime() / 1000); } { // expiry of 0 should be "no expiry" parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, 0L)); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); Assert.assertEquals("old packet must be signature", PacketTags.SIGNATURE, onlyA.get(0).tag); Packet p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket(); Assert.assertTrue("first new packet must be signature", p instanceof SignaturePacket); Assert.assertEquals("signature type must be subkey binding certificate", PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType()); Assert.assertEquals("signature must have been created by master key", ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID()); Assert.assertNull("key must not expire anymore", modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting()); } { // a past expiry should fail parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, new Date().getTime() / 1000 - 10)); assertModifyFailure("setting subkey expiry to a past date should fail", ring, parcel, LogType.MSG_MF_ERROR_PAST_EXPIRY); } { // modifying nonexistent subkey should fail parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(123, null, null)); assertModifyFailure("modifying non-existent subkey should fail", ring, parcel, LogType.MSG_MF_ERROR_SUBKEY_MISSING); } }
From source file:org.sufficientlysecure.keychain.pgp.PgpKeyOperationTest.java
License:Open Source License
@Test public void testMasterModify() throws Exception { long expiry = new Date().getTime() / 1000 + 1024; long keyId = ring.getMasterKeyId(); UncachedKeyRing modified = ring;//www. j a v a2 s. co m // to make this check less trivial, we add a user id, change the primary one and revoke one parcel.mAddUserIds.add("aloe"); parcel.mChangePrimaryUserId = "aloe"; parcel.mRevokeUserIds.add("pink"); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); { parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, expiry)); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); // this implies that only the two non-revoked signatures were changed! Assert.assertEquals("two extra packets in original", 2, onlyA.size()); Assert.assertEquals("two extra packets in modified", 2, onlyB.size()); Assert.assertEquals("first original packet must be a signature", PacketTags.SIGNATURE, onlyA.get(0).tag); Assert.assertEquals("second original packet must be a signature", PacketTags.SIGNATURE, onlyA.get(1).tag); Assert.assertEquals("first new packet must be signature", PacketTags.SIGNATURE, onlyB.get(0).tag); Assert.assertEquals("first new packet must be signature", PacketTags.SIGNATURE, onlyB.get(1).tag); Assert.assertNotNull("modified key must have an expiry date", modified.getPublicKey().getUnsafeExpiryTimeForTesting()); Assert.assertEquals("modified key must have expected expiry date", expiry, modified.getPublicKey().getUnsafeExpiryTimeForTesting().getTime() / 1000); Assert.assertEquals("modified key must have same flags as before", ring.getPublicKey().getKeyUsage(), modified.getPublicKey().getKeyUsage()); } { // change expiry expiry += 60 * 60 * 24; parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, expiry)); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); Assert.assertNotNull("modified key must have an expiry date", modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting()); Assert.assertEquals("modified key must have expected expiry date", expiry, modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting().getTime() / 1000); Assert.assertEquals("modified key must have same flags as before", ring.getPublicKey(keyId).getKeyUsage(), modified.getPublicKey(keyId).getKeyUsage()); Date date = modified.canonicalize(new OperationLog(), 0).getPublicKey().getExpiryTime(); Assert.assertNotNull("modified key must have an expiry date", date); Assert.assertEquals("modified key must have expected expiry date", expiry, date.getTime() / 1000); } { int flags = KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA; parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, flags, null)); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); Assert.assertEquals("modified key must have expected flags", flags, (long) modified.getPublicKey(keyId).getKeyUsage()); Assert.assertNotNull("key must retain its expiry", modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting()); Assert.assertEquals("key expiry must be unchanged", expiry, modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting().getTime() / 1000); } { // expiry of 0 should be "no expiry" // even if there is a non-expiring user id while all others are revoked, it doesn't count! // for this purpose we revoke one while they still have expiry times parcel.reset(); parcel.mRevokeUserIds.add("aloe"); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, 0L)); modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB); // for this check, it is relevant that we DON'T use the unsafe one! Assert.assertNull("key must not expire anymore", modified.canonicalize(new OperationLog(), 0).getPublicKey().getExpiryTime()); // make sure the unsafe one behaves incorrectly as expected Assert.assertNotNull("unsafe expiry must yield wrong result from revoked user id", modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting()); } { // if we revoke everything, nothing is left to properly sign... parcel.reset(); parcel.mRevokeUserIds.add("twi"); parcel.mRevokeUserIds.add("pink"); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, KeyFlags.CERTIFY_OTHER, null)); assertModifyFailure("master key modification with all user ids revoked should fail", ring, parcel, LogType.MSG_MF_ERROR_MASTER_NONE); } { // any flag not including CERTIFY_OTHER should fail parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, KeyFlags.SIGN_DATA, null)); assertModifyFailure("setting master key flags without certify should fail", ring, parcel, LogType.MSG_MF_ERROR_NO_CERTIFY); } { // a past expiry should fail parcel.reset(); parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, new Date().getTime() / 1000 - 10)); assertModifyFailure("setting subkey expiry to a past date should fail", ring, parcel, LogType.MSG_MF_ERROR_PAST_EXPIRY); } }
From source file:org.sufficientlysecure.keychain.pgp.UncachedKeyringCanonicalizeTest.java
License:Open Source License
/** Make sure the assumptions made about the generated ring packet structure are valid. */ @Test/*from w ww .ja v a 2s.co m*/ public void testGeneratedRingStructure() throws Exception { Iterator<RawPacket> it = KeyringTestingHelper.parseKeyring(ring.getEncoded()); Assert.assertEquals("packet #0 should be secret key", PacketTags.SECRET_KEY, it.next().tag); Assert.assertEquals("packet #1 should be user id", PacketTags.USER_ID, it.next().tag); Assert.assertEquals("packet #2 should be signature", PacketTags.SIGNATURE, it.next().tag); Assert.assertEquals("packet #3 should be user id", PacketTags.USER_ID, it.next().tag); Assert.assertEquals("packet #4 should be signature", PacketTags.SIGNATURE, it.next().tag); Assert.assertEquals("packet #5 should be user id", PacketTags.USER_ATTRIBUTE, it.next().tag); Assert.assertEquals("packet #6 should be signature", PacketTags.SIGNATURE, it.next().tag); Assert.assertEquals("packet #7 should be secret subkey", PacketTags.SECRET_SUBKEY, it.next().tag); Assert.assertEquals("packet #8 should be signature", PacketTags.SIGNATURE, it.next().tag); Assert.assertEquals("packet #9 should be secret subkey", PacketTags.SECRET_SUBKEY, it.next().tag); Assert.assertEquals("packet #10 should be signature", PacketTags.SIGNATURE, it.next().tag); Assert.assertFalse("exactly 11 packets total", it.hasNext()); Assert.assertArrayEquals("created keyring should be constant through canonicalization", ring.getEncoded(), ring.canonicalize(log, 0).getEncoded()); }
From source file:org.sufficientlysecure.keychain.pgp.UncachedKeyringCanonicalizeTest.java
License:Open Source License
@Test public void testSubkeyDestroy() throws Exception { // signature for second key (first subkey) UncachedKeyRing modified = KeyringTestingHelper.removePacket(ring, 8); // canonicalization should fail, because there are no valid uids left CanonicalizedKeyRing canonicalized = modified.canonicalize(log, 0); Assert.assertTrue(/*from w w w . ja va 2 s. co m*/ "keyring with missing subkey binding sig should differ from intact one after canonicalization", KeyringTestingHelper.diffKeyrings(ring.getEncoded(), canonicalized.getEncoded(), onlyA, onlyB)); Assert.assertEquals("canonicalized keyring should have two extra packets", 2, onlyA.size()); Assert.assertEquals("canonicalized keyring should have no extra packets", 0, onlyB.size()); Assert.assertEquals("first missing packet should be the subkey", PacketTags.SECRET_SUBKEY, onlyA.get(0).tag); Assert.assertEquals("second missing packet should be subkey's signature", PacketTags.SIGNATURE, onlyA.get(1).tag); Assert.assertEquals("second missing packet should be next to subkey", onlyA.get(0).position + 1, onlyA.get(1).position); }
From source file:org.sufficientlysecure.keychain.pgp.UncachedKeyringCanonicalizeTest.java
License:Open Source License
@Test public void testSubkeyBindingRedundant() throws Exception { UncachedPublicKey pKey = KeyringTestingHelper.getNth(ring.getPublicKeys(), 2); subHashedPacketsGen.setKeyFlags(false, KeyFlags.ENCRYPT_COMMS); PGPSignature sig2 = forgeSignature(secretKey, PGPSignature.SUBKEY_BINDING, subHashedPacketsGen, secretKey.getPublicKey(), pKey.getPublicKey()); subHashedPacketsGen.setSignatureCreationTime(false, new Date(new Date().getTime() - 1000 * 1000)); PGPSignature sig1 = forgeSignature(secretKey, PGPSignature.SUBKEY_REVOCATION, subHashedPacketsGen, secretKey.getPublicKey(), pKey.getPublicKey()); subHashedPacketsGen = new PGPSignatureSubpacketGenerator(); subHashedPacketsGen.setSignatureCreationTime(false, new Date(new Date().getTime() - 100 * 1000)); PGPSignature sig3 = forgeSignature(secretKey, PGPSignature.SUBKEY_BINDING, subHashedPacketsGen, secretKey.getPublicKey(), pKey.getPublicKey()); UncachedKeyRing modified = KeyringTestingHelper.injectPacket(ring, sig1.getEncoded(), 10); modified = KeyringTestingHelper.injectPacket(modified, sig2.getEncoded(), 11); modified = KeyringTestingHelper.injectPacket(modified, sig1.getEncoded(), 12); modified = KeyringTestingHelper.injectPacket(modified, sig3.getEncoded(), 13); // canonicalize, and check if we lose the bad signature CanonicalizedKeyRing canonicalized = modified.canonicalize(log, 0); Assert.assertTrue("subkey binding signature should be gone after canonicalization", KeyringTestingHelper.diffKeyrings(modified.getEncoded(), canonicalized.getEncoded(), onlyA, onlyB)); Assert.assertEquals("canonicalized keyring should have lost two packets", 3, onlyA.size()); Assert.assertEquals("canonicalized keyring should have no extra packets", 0, onlyB.size()); Assert.assertEquals("first missing packet should be the subkey", PacketTags.SIGNATURE, onlyA.get(0).tag); Assert.assertEquals("second missing packet should be a signature", PacketTags.SIGNATURE, onlyA.get(1).tag); Assert.assertEquals("second missing packet should be a signature", PacketTags.SIGNATURE, onlyA.get(2).tag); }
From source file:org.sufficientlysecure.keychain.pgp.UncachedKeyringMergeTest.java
License:Open Source License
@Test public void testAddedUserIdSignature() throws Exception { final UncachedKeyRing pubRing = ringA.extractPublicKeyRing(); final UncachedKeyRing modified; {//from w w w. j a v a 2 s . c o m CanonicalizedPublicKeyRing publicRing = new CanonicalizedPublicKeyRing(pubRing.getEncoded(), 0); CanonicalizedSecretKey secretKey = new CanonicalizedSecretKeyRing(ringB.getEncoded(), false, 0) .getSecretKey(); secretKey.unlock(new Passphrase()); PgpCertifyOperation op = new PgpCertifyOperation(); CertifyAction action = new CertifyAction(pubRing.getMasterKeyId(), publicRing.getPublicKey().getUnorderedUserIds(), null); // sign all user ids PgpCertifyResult result = op.certify(secretKey, publicRing, new OperationLog(), 0, action, null, new Date()); Assert.assertTrue("certification must succeed", result.success()); Assert.assertNotNull("certification must yield result", result.getCertifiedRing()); modified = result.getCertifiedRing(); } { UncachedKeyRing merged = ringA.merge(modified, log, 0); Assert.assertNotNull("merge must succeed", merged); Assert.assertArrayEquals("foreign signatures should not be merged into secret key", ringA.getEncoded(), merged.getEncoded()); } { byte[] sig = KeyringTestingHelper .getNth(modified.getPublicKey().getSignaturesForRawId(Strings.toUTF8ByteArray("twi")), 1) .getEncoded(); // inject the (foreign!) signature into subkey signature position UncachedKeyRing moreModified = KeyringTestingHelper.injectPacket(modified, sig, 1); UncachedKeyRing merged = ringA.merge(moreModified, log, 0); Assert.assertNotNull("merge must succeed", merged); Assert.assertArrayEquals("foreign signatures should not be merged into secret key", ringA.getEncoded(), merged.getEncoded()); merged = pubRing.merge(moreModified, log, 0); Assert.assertNotNull("merge must succeed", merged); Assert.assertTrue("merged keyring should contain new signature", KeyringTestingHelper.diffKeyrings(pubRing.getEncoded(), merged.getEncoded(), onlyA, onlyB)); Assert.assertEquals("merged keyring should be missing no packets", 0, onlyA.size()); Assert.assertEquals("merged keyring should contain exactly two more packets", 2, onlyB.size()); Assert.assertEquals("first added packet should be a signature", PacketTags.SIGNATURE, onlyB.get(0).tag); Assert.assertEquals("first added packet should be in the position we injected it at", 1, onlyB.get(0).position); Assert.assertEquals("second added packet should be a signature", PacketTags.SIGNATURE, onlyB.get(1).tag); } { UncachedKeyRing merged = pubRing.merge(modified, log, 0); Assert.assertNotNull("merge must succeed", merged); Assert.assertFalse("merging keyring with extra signatures into its base should yield that same keyring", KeyringTestingHelper.diffKeyrings(merged.getEncoded(), modified.getEncoded(), onlyA, onlyB)); } }