@Test /** * Tests a master key which may sign, but is stripped. In this case, if there is a different * subkey available which can sign, that one should be selected. */ public void testImportStrippedFlags() throws Exception { UncachedKeyRing key = readRingFromResource("/test-keys/stripped_flags.asc"); long masterKeyId = key.getMasterKeyId(); SaveKeyringResult result; result = mProviderHelper.saveSecretKeyRing(key, new ProgressScaler()); Assert.assertTrue("import of keyring should succeed", result.success()); long signId; { CanonicalizedSecretKeyRing ring = mProviderHelper.getCanonicalizedSecretKeyRing(masterKeyId); Assert.assertTrue("master key should have sign flag", ring.getPublicKey().canSign()); Assert.assertTrue("master key should have encrypt flag", ring.getPublicKey().canEncrypt()); signId = ring.getSecretSignId(); Assert.assertNotEquals("encrypt id should not be 0", 0, signId); Assert.assertNotEquals( "encrypt key should be different from master key", masterKeyId, signId); } { CachedPublicKeyRing ring = mProviderHelper.getCachedPublicKeyRing(masterKeyId); Assert.assertEquals( "signing key should be same id cached as uncached", signId, ring.getSecretSignId()); } }
@Test public void testImportBadEncodedUserId() throws Exception { UncachedKeyRing key = readRingFromResource("/test-keys/bad_user_id_encoding.asc"); long keyId = key.getMasterKeyId(); SaveKeyringResult result; result = mProviderHelper.savePublicKeyRing(key, new ProgressScaler(), null); Assert.assertTrue("import of keyring should succeed", result.success()); CanonicalizedPublicKeyRing ring = mProviderHelper.getCanonicalizedPublicKeyRing(keyId); boolean found = false; byte[] badUserId = Hex.decode( "436c61757320467261656e6b656c203c436c6175732e4672e46e6b656c4068616c696661782e727774682d61616368656e2e64653e"); for (byte[] rawUserId : new IterableIterator<byte[]>(ring.getUnorderedRawUserIds().iterator())) { if (Arrays.equals(rawUserId, badUserId)) { found = true; } } Assert.assertTrue("import of the badly encoded user id should succeed", found); }
@Test public void testImportNoFlagKey() throws Exception { UncachedKeyRing pub = readRingFromResource("/test-keys/mailvelope_07_no_key_flags.asc"); long keyId = pub.getMasterKeyId(); Assert.assertEquals( "key flags should be zero", 0, (long) pub.canonicalize(new OperationLog(), 0).getPublicKey().getKeyUsage()); mProviderHelper.savePublicKeyRing(pub); CachedPublicKeyRing cachedRing = mProviderHelper.getCachedPublicKeyRing(keyId); CanonicalizedPublicKeyRing pubRing = mProviderHelper.getCanonicalizedPublicKeyRing(keyId); Assert.assertEquals("master key should be encryption key", keyId, pubRing.getEncryptId()); Assert.assertEquals( "master key should be encryption key (cached)", keyId, cachedRing.getEncryptId()); Assert.assertEquals( "canonicalized key flags should be zero", 0, (long) pubRing.getPublicKey().getKeyUsage()); Assert.assertTrue("master key should be able to certify", pubRing.getPublicKey().canCertify()); Assert.assertTrue("master key should be allowed to sign", pubRing.getPublicKey().canSign()); Assert.assertTrue("master key should be able to encrypt", pubRing.getPublicKey().canEncrypt()); }
protected void writeIt(File uploadFile, OutputStream entityStream) throws IOException { InputStream inputStream = new BufferedInputStream(new FileInputStream(uploadFile)); try { ProviderHelper.writeTo(inputStream, entityStream); } finally { inputStream.close(); } }
public void writeTo( File uploadFile, Class<?> type, Type genericType, Annotation[] annotations, MediaType mediaType, MultivaluedMap<String, Object> httpHeaders, OutputStream entityStream) throws IOException { InputStream inputStream = new BufferedInputStream(new FileInputStream(uploadFile)); try { ProviderHelper.writeTo(inputStream, entityStream); } finally { inputStream.close(); } }
public File readFrom( Class<File> type, Type genericType, Annotation[] annotations, MediaType mediaType, MultivaluedMap<String, String> httpHeaders, InputStream entityStream) throws IOException { File downloadedFile = null; if (_downloadDirectory != null) { try { downloadedFile = File.createTempFile(PREFIX, SUFFIX, new File(_downloadDirectory)); } catch (final IOException ex) { // could make this configurable, so we fail on fault rather than // default. System.err.println( "Could not bind to specified download directory " + _downloadDirectory + " so will use temp dir."); } } if (downloadedFile == null) downloadedFile = File.createTempFile(PREFIX, SUFFIX); if (NoContent.isContentLengthZero(httpHeaders)) return downloadedFile; OutputStream output = new BufferedOutputStream(new FileOutputStream(downloadedFile)); try { ProviderHelper.writeTo(entityStream, output); } finally { output.close(); } return downloadedFile; }
@Test public void testImportDivertToCard() throws Exception { UncachedKeyRing sec = readRingFromResource("/test-keys/divert_to_card_sec.asc"); long keyId = sec.getMasterKeyId(); SaveKeyringResult result; result = mProviderHelper.saveSecretKeyRing(sec, new ProgressScaler()); Assert.assertTrue("import of secret keyring should succeed", result.success()); // make sure both the CanonicalizedSecretKeyRing as well as the CachedPublicKeyRing correctly // indicate the secret key type CachedPublicKeyRing cachedRing = mProviderHelper.getCachedPublicKeyRing(keyId); CanonicalizedSecretKeyRing secRing = mProviderHelper.getCanonicalizedSecretKeyRing(keyId); Iterator<CanonicalizedSecretKey> it = secRing.secretKeyIterator().iterator(); { // first subkey Assert.assertTrue("keyring should have 3 subkeys (1)", it.hasNext()); CanonicalizedSecretKey key = it.next(); Assert.assertEquals( "first subkey should be of type sign+certify", KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA, (int) key.getKeyUsage()); Assert.assertEquals( "first subkey should be divert-to-card", SecretKeyType.DIVERT_TO_CARD, key.getSecretKeyType()); Assert.assertTrue("canCertify() should be true", key.canCertify()); Assert.assertTrue("canSign() should be true", key.canSign()); // cached Assert.assertEquals( "all subkeys from CachedPublicKeyRing should be divert-to-key", SecretKeyType.DIVERT_TO_CARD, cachedRing.getSecretKeyType(key.getKeyId())); } { // second subkey Assert.assertTrue("keyring should have 3 subkeys (2)", it.hasNext()); CanonicalizedSecretKey key = it.next(); Assert.assertEquals( "second subkey should be of type authenticate", KeyFlags.AUTHENTICATION, (int) key.getKeyUsage()); Assert.assertEquals( "second subkey should be divert-to-card", SecretKeyType.DIVERT_TO_CARD, key.getSecretKeyType()); Assert.assertTrue("canAuthenticate() should be true", key.canAuthenticate()); // cached Assert.assertEquals( "all subkeys from CachedPublicKeyRing should be divert-to-key", SecretKeyType.DIVERT_TO_CARD, cachedRing.getSecretKeyType(key.getKeyId())); } { // third subkey Assert.assertTrue("keyring should have 3 subkeys (3)", it.hasNext()); CanonicalizedSecretKey key = it.next(); Assert.assertEquals( "first subkey should be of type encrypt (both types)", KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE, (int) key.getKeyUsage()); Assert.assertEquals( "third subkey should be divert-to-card", SecretKeyType.DIVERT_TO_CARD, key.getSecretKeyType()); Assert.assertTrue("canEncrypt() should be true", key.canEncrypt()); // cached Assert.assertEquals( "all subkeys from CachedPublicKeyRing should be divert-to-key", SecretKeyType.DIVERT_TO_CARD, cachedRing.getSecretKeyType(key.getKeyId())); } Assert.assertFalse("keyring should have 3 subkeys (4)", it.hasNext()); }