@Test
  /**
   * Tests a master key which may sign, but is stripped. In this case, if there is a different
   * subkey available which can sign, that one should be selected.
   */
  public void testImportStrippedFlags() throws Exception {

    UncachedKeyRing key = readRingFromResource("/test-keys/stripped_flags.asc");
    long masterKeyId = key.getMasterKeyId();

    SaveKeyringResult result;

    result = mProviderHelper.saveSecretKeyRing(key, new ProgressScaler());
    Assert.assertTrue("import of keyring should succeed", result.success());

    long signId;
    {
      CanonicalizedSecretKeyRing ring = mProviderHelper.getCanonicalizedSecretKeyRing(masterKeyId);
      Assert.assertTrue("master key should have sign flag", ring.getPublicKey().canSign());
      Assert.assertTrue("master key should have encrypt flag", ring.getPublicKey().canEncrypt());

      signId = ring.getSecretSignId();
      Assert.assertNotEquals("encrypt id should not be 0", 0, signId);
      Assert.assertNotEquals(
          "encrypt key should be different from master key", masterKeyId, signId);
    }

    {
      CachedPublicKeyRing ring = mProviderHelper.getCachedPublicKeyRing(masterKeyId);
      Assert.assertEquals(
          "signing key should be same id cached as uncached", signId, ring.getSecretSignId());
    }
  }
  @Test
  public void testImportBadEncodedUserId() throws Exception {

    UncachedKeyRing key = readRingFromResource("/test-keys/bad_user_id_encoding.asc");
    long keyId = key.getMasterKeyId();

    SaveKeyringResult result;

    result = mProviderHelper.savePublicKeyRing(key, new ProgressScaler(), null);
    Assert.assertTrue("import of keyring should succeed", result.success());

    CanonicalizedPublicKeyRing ring = mProviderHelper.getCanonicalizedPublicKeyRing(keyId);
    boolean found = false;
    byte[] badUserId =
        Hex.decode(
            "436c61757320467261656e6b656c203c436c6175732e4672e46e6b656c4068616c696661782e727774682d61616368656e2e64653e");
    for (byte[] rawUserId :
        new IterableIterator<byte[]>(ring.getUnorderedRawUserIds().iterator())) {
      if (Arrays.equals(rawUserId, badUserId)) {
        found = true;
      }
    }

    Assert.assertTrue("import of the badly encoded user id should succeed", found);
  }
  @Test
  public void testImportNoFlagKey() throws Exception {

    UncachedKeyRing pub = readRingFromResource("/test-keys/mailvelope_07_no_key_flags.asc");
    long keyId = pub.getMasterKeyId();
    Assert.assertEquals(
        "key flags should be zero",
        0,
        (long) pub.canonicalize(new OperationLog(), 0).getPublicKey().getKeyUsage());

    mProviderHelper.savePublicKeyRing(pub);

    CachedPublicKeyRing cachedRing = mProviderHelper.getCachedPublicKeyRing(keyId);
    CanonicalizedPublicKeyRing pubRing = mProviderHelper.getCanonicalizedPublicKeyRing(keyId);

    Assert.assertEquals("master key should be encryption key", keyId, pubRing.getEncryptId());
    Assert.assertEquals(
        "master key should be encryption key (cached)", keyId, cachedRing.getEncryptId());

    Assert.assertEquals(
        "canonicalized key flags should be zero", 0, (long) pubRing.getPublicKey().getKeyUsage());
    Assert.assertTrue("master key should be able to certify", pubRing.getPublicKey().canCertify());
    Assert.assertTrue("master key should be allowed to sign", pubRing.getPublicKey().canSign());
    Assert.assertTrue("master key should be able to encrypt", pubRing.getPublicKey().canEncrypt());
  }
Example #4
0
  protected void writeIt(File uploadFile, OutputStream entityStream) throws IOException {
    InputStream inputStream = new BufferedInputStream(new FileInputStream(uploadFile));

    try {
      ProviderHelper.writeTo(inputStream, entityStream);
    } finally {
      inputStream.close();
    }
  }
  public void writeTo(
      File uploadFile,
      Class<?> type,
      Type genericType,
      Annotation[] annotations,
      MediaType mediaType,
      MultivaluedMap<String, Object> httpHeaders,
      OutputStream entityStream)
      throws IOException {
    InputStream inputStream = new BufferedInputStream(new FileInputStream(uploadFile));

    try {
      ProviderHelper.writeTo(inputStream, entityStream);
    } finally {
      inputStream.close();
    }
  }
Example #6
0
  public File readFrom(
      Class<File> type,
      Type genericType,
      Annotation[] annotations,
      MediaType mediaType,
      MultivaluedMap<String, String> httpHeaders,
      InputStream entityStream)
      throws IOException {
    File downloadedFile = null;

    if (_downloadDirectory != null) {
      try {
        downloadedFile = File.createTempFile(PREFIX, SUFFIX, new File(_downloadDirectory));
      } catch (final IOException ex) {
        // could make this configurable, so we fail on fault rather than
        // default.

        System.err.println(
            "Could not bind to specified download directory "
                + _downloadDirectory
                + " so will use temp dir.");
      }
    }

    if (downloadedFile == null) downloadedFile = File.createTempFile(PREFIX, SUFFIX);

    if (NoContent.isContentLengthZero(httpHeaders)) return downloadedFile;
    OutputStream output = new BufferedOutputStream(new FileOutputStream(downloadedFile));

    try {
      ProviderHelper.writeTo(entityStream, output);
    } finally {
      output.close();
    }

    return downloadedFile;
  }
  @Test
  public void testImportDivertToCard() throws Exception {

    UncachedKeyRing sec = readRingFromResource("/test-keys/divert_to_card_sec.asc");
    long keyId = sec.getMasterKeyId();

    SaveKeyringResult result;

    result = mProviderHelper.saveSecretKeyRing(sec, new ProgressScaler());
    Assert.assertTrue("import of secret keyring should succeed", result.success());

    // make sure both the CanonicalizedSecretKeyRing as well as the CachedPublicKeyRing correctly
    // indicate the secret key type
    CachedPublicKeyRing cachedRing = mProviderHelper.getCachedPublicKeyRing(keyId);
    CanonicalizedSecretKeyRing secRing = mProviderHelper.getCanonicalizedSecretKeyRing(keyId);

    Iterator<CanonicalizedSecretKey> it = secRing.secretKeyIterator().iterator();

    { // first subkey
      Assert.assertTrue("keyring should have 3 subkeys (1)", it.hasNext());
      CanonicalizedSecretKey key = it.next();
      Assert.assertEquals(
          "first subkey should be of type sign+certify",
          KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA,
          (int) key.getKeyUsage());
      Assert.assertEquals(
          "first subkey should be divert-to-card",
          SecretKeyType.DIVERT_TO_CARD,
          key.getSecretKeyType());
      Assert.assertTrue("canCertify() should be true", key.canCertify());
      Assert.assertTrue("canSign() should be true", key.canSign());

      // cached
      Assert.assertEquals(
          "all subkeys from CachedPublicKeyRing should be divert-to-key",
          SecretKeyType.DIVERT_TO_CARD,
          cachedRing.getSecretKeyType(key.getKeyId()));
    }

    { // second subkey
      Assert.assertTrue("keyring should have 3 subkeys (2)", it.hasNext());
      CanonicalizedSecretKey key = it.next();
      Assert.assertEquals(
          "second subkey should be of type authenticate",
          KeyFlags.AUTHENTICATION,
          (int) key.getKeyUsage());
      Assert.assertEquals(
          "second subkey should be divert-to-card",
          SecretKeyType.DIVERT_TO_CARD,
          key.getSecretKeyType());
      Assert.assertTrue("canAuthenticate() should be true", key.canAuthenticate());

      // cached
      Assert.assertEquals(
          "all subkeys from CachedPublicKeyRing should be divert-to-key",
          SecretKeyType.DIVERT_TO_CARD,
          cachedRing.getSecretKeyType(key.getKeyId()));
    }

    { // third subkey
      Assert.assertTrue("keyring should have 3 subkeys (3)", it.hasNext());
      CanonicalizedSecretKey key = it.next();
      Assert.assertEquals(
          "first subkey should be of type encrypt (both types)",
          KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE,
          (int) key.getKeyUsage());
      Assert.assertEquals(
          "third subkey should be divert-to-card",
          SecretKeyType.DIVERT_TO_CARD,
          key.getSecretKeyType());
      Assert.assertTrue("canEncrypt() should be true", key.canEncrypt());

      // cached
      Assert.assertEquals(
          "all subkeys from CachedPublicKeyRing should be divert-to-key",
          SecretKeyType.DIVERT_TO_CARD,
          cachedRing.getSecretKeyType(key.getKeyId()));
    }

    Assert.assertFalse("keyring should have 3 subkeys (4)", it.hasNext());
  }