@Test public void testPromoteDivertSpecific() throws Exception { PromoteKeyOperation op = new PromoteKeyOperation( RuntimeEnvironment.application, new ProviderHelper(RuntimeEnvironment.application), null, null); byte[] aid = Hex.decode("D2760001240102000000012345670000"); // only promote the first, rest stays dummy long keyId = KeyringTestingHelper.getSubkeyId(mStaticRing, 1); PromoteKeyResult result = op.execute( new PromoteKeyringParcel(mStaticRing.getMasterKeyId(), aid, new long[] {keyId}), null); Assert.assertTrue("promotion must succeed", result.success()); { CanonicalizedSecretKeyRing ring = new ProviderHelper(RuntimeEnvironment.application) .getCanonicalizedSecretKeyRing(mStaticRing.getMasterKeyId()); for (CanonicalizedSecretKey key : ring.secretKeyIterator()) { if (key.getKeyId() == keyId) { Assert.assertEquals( "subkey must be divert-to-card", SecretKeyType.DIVERT_TO_CARD, key.getSecretKeyTypeSuperExpensive()); Assert.assertArrayEquals("subkey must have correct iv", aid, key.getIv()); } else { Assert.assertEquals( "some subkeys must be gnu dummy", SecretKeyType.GNU_DUMMY, key.getSecretKeyTypeSuperExpensive()); } } } }
@Test public void testImportDivertToCard() throws Exception { UncachedKeyRing sec = readRingFromResource("/test-keys/divert_to_card_sec.asc"); long keyId = sec.getMasterKeyId(); SaveKeyringResult result; result = mProviderHelper.saveSecretKeyRing(sec, new ProgressScaler()); Assert.assertTrue("import of secret keyring should succeed", result.success()); // make sure both the CanonicalizedSecretKeyRing as well as the CachedPublicKeyRing correctly // indicate the secret key type CachedPublicKeyRing cachedRing = mProviderHelper.getCachedPublicKeyRing(keyId); CanonicalizedSecretKeyRing secRing = mProviderHelper.getCanonicalizedSecretKeyRing(keyId); Iterator<CanonicalizedSecretKey> it = secRing.secretKeyIterator().iterator(); { // first subkey Assert.assertTrue("keyring should have 3 subkeys (1)", it.hasNext()); CanonicalizedSecretKey key = it.next(); Assert.assertEquals( "first subkey should be of type sign+certify", KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA, (int) key.getKeyUsage()); Assert.assertEquals( "first subkey should be divert-to-card", SecretKeyType.DIVERT_TO_CARD, key.getSecretKeyType()); Assert.assertTrue("canCertify() should be true", key.canCertify()); Assert.assertTrue("canSign() should be true", key.canSign()); // cached Assert.assertEquals( "all subkeys from CachedPublicKeyRing should be divert-to-key", SecretKeyType.DIVERT_TO_CARD, cachedRing.getSecretKeyType(key.getKeyId())); } { // second subkey Assert.assertTrue("keyring should have 3 subkeys (2)", it.hasNext()); CanonicalizedSecretKey key = it.next(); Assert.assertEquals( "second subkey should be of type authenticate", KeyFlags.AUTHENTICATION, (int) key.getKeyUsage()); Assert.assertEquals( "second subkey should be divert-to-card", SecretKeyType.DIVERT_TO_CARD, key.getSecretKeyType()); Assert.assertTrue("canAuthenticate() should be true", key.canAuthenticate()); // cached Assert.assertEquals( "all subkeys from CachedPublicKeyRing should be divert-to-key", SecretKeyType.DIVERT_TO_CARD, cachedRing.getSecretKeyType(key.getKeyId())); } { // third subkey Assert.assertTrue("keyring should have 3 subkeys (3)", it.hasNext()); CanonicalizedSecretKey key = it.next(); Assert.assertEquals( "first subkey should be of type encrypt (both types)", KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE, (int) key.getKeyUsage()); Assert.assertEquals( "third subkey should be divert-to-card", SecretKeyType.DIVERT_TO_CARD, key.getSecretKeyType()); Assert.assertTrue("canEncrypt() should be true", key.canEncrypt()); // cached Assert.assertEquals( "all subkeys from CachedPublicKeyRing should be divert-to-key", SecretKeyType.DIVERT_TO_CARD, cachedRing.getSecretKeyType(key.getKeyId())); } Assert.assertFalse("keyring should have 3 subkeys (4)", it.hasNext()); }