mirrors
/
jgit
mirror of https://github.com/eclipse/jgit.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 204 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8231 Commits
49 Branches
Tree: bdc48aeac7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'bdc48aeac7'
${ noResults }
jgit/org.eclipse.jgit.gpg.bc.test/tst/org/eclipse/jgit/gpg/bc/internal/keys/SecretKeysTest.java

SecretKeysTest.java 4.6KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155 
  1. /*

  2.  * Copyright (C) 2021 Thomas Wolf <thomas.wolf@paranor.ch> and others

  3.  *

  4.  * This program and the accompanying materials are made available under the

  5.  * terms of the Eclipse Distribution License v. 1.0 which is available at

  6.  * https://www.eclipse.org/org/documents/edl-v10.php.

  7.  *

  8.  * SPDX-License-Identifier: BSD-3-Clause

  9.  */

  10. package org.eclipse.jgit.gpg.bc.internal.keys;

  11. 

  12. import static org.junit.Assert.assertEquals;

  13. import static org.junit.Assert.assertFalse;

  14. import static org.junit.Assert.assertNotNull;

  15. import static org.junit.Assert.assertTrue;

  16. 

  17. import java.io.BufferedInputStream;

  18. import java.io.IOException;

  19. import java.io.InputStream;

  20. import java.security.Security;

  21. import java.util.Iterator;

  22. 

  23. import javax.crypto.Cipher;

  24. 

  25. import org.bouncycastle.jce.provider.BouncyCastleProvider;

  26. import org.bouncycastle.openpgp.PGPException;

  27. import org.bouncycastle.openpgp.PGPPublicKey;

  28. import org.bouncycastle.openpgp.PGPPublicKeyRing;

  29. import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;

  30. import org.bouncycastle.openpgp.PGPSecretKey;

  31. import org.bouncycastle.openpgp.PGPUtil;

  32. import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;

  33. import org.bouncycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;

  34. import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;

  35. import org.junit.BeforeClass;

  36. import org.junit.Test;

  37. import org.junit.runner.RunWith;

  38. import org.junit.runners.Parameterized;

  39. import org.junit.runners.Parameterized.Parameter;

  40. import org.junit.runners.Parameterized.Parameters;

  41. 

  42. @RunWith(Parameterized.class)

  43. public class SecretKeysTest {

  44. 

  45. 	@BeforeClass

  46. 	public static void ensureBC() {

  47. 		if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {

  48. 			Security.addProvider(new BouncyCastleProvider());

  49. 		}

  50. 	}

  51. 

  52. 	private static volatile Boolean haveOCB;

  53. 

  54. 	private static boolean ocbAvailable() {

  55. 		Boolean haveIt = haveOCB;

  56. 		if (haveIt != null) {

  57. 			return haveIt.booleanValue();

  58. 		}

  59. 		try {

  60. 			Cipher c = Cipher.getInstance("AES/OCB/NoPadding"); //$NON-NLS-1$

  61. 			if (c == null) {

  62. 				haveOCB = Boolean.FALSE;

  63. 				return false;

  64. 			}

  65. 		} catch (NoClassDefFoundError | Exception e) {

  66. 			haveOCB = Boolean.FALSE;

  67. 			return false;

  68. 		}

  69. 		haveOCB = Boolean.TRUE;

  70. 		return true;

  71. 	}

  72. 

  73. 	private static class TestData {

  74. 

  75. 		final String name;

  76. 

  77. 		final boolean encrypted;

  78. 

  79. 		TestData(String name, boolean encrypted) {

  80. 			this.name = name;

  81. 			this.encrypted = encrypted;

  82. 		}

  83. 

  84. 		@Override

  85. 		public String toString() {

  86. 			return name;

  87. 		}

  88. 	}

  89. 

  90. 	@Parameters(name = "{0}")

  91. 	public static TestData[] initTestData() {

  92. 		return new TestData[] {

  93. 				new TestData("2FB05DBB70FC07CB84C13431F640CA6CEA1DBF8A", false),

  94. 				new TestData("66CCECEC2AB46A9735B10FEC54EDF9FD0F77BAF9", true),

  95. 				new TestData("F727FAB884DA3BD402B6E0F5472E108D21033124", true),

  96. 				new TestData("faked", false) };

  97. 	}

  98. 

  99. 	private static byte[] readTestKey(String filename) throws Exception {

  100. 		try (InputStream in = new BufferedInputStream(

  101. 				SecretKeysTest.class.getResourceAsStream(filename))) {

  102. 			return SecretKeys.keyFromNameValueFormat(in);

  103. 		}

  104. 	}

  105. 

  106. 	private static PGPPublicKey readAsc(InputStream in)

  107. 			throws IOException, PGPException {

  108. 		PGPPublicKeyRingCollection pgpPub = new PGPPublicKeyRingCollection(

  109. 			PGPUtil.getDecoderStream(in), new JcaKeyFingerprintCalculator());

  110. 

  111. 		Iterator<PGPPublicKeyRing> keyRings = pgpPub.getKeyRings();

  112. 		while (keyRings.hasNext()) {

  113. 			PGPPublicKeyRing keyRing = keyRings.next();

  114. 

  115. 			Iterator<PGPPublicKey> keys = keyRing.getPublicKeys();

  116. 			if (keys.hasNext()) {

  117. 				return keys.next();

  118. 			}

  119. 		}

  120. 		return null;

  121. 	}

  122. 

  123. 	// Injected by JUnit

  124. 	@Parameter

  125. 	public TestData data;

  126. 

  127. 	@Test

  128. 	public void testKeyRead() throws Exception {

  129. 		byte[] bytes = readTestKey(data.name + ".key");

  130. 		assertEquals('(', bytes[0]);

  131. 		assertEquals(')', bytes[bytes.length - 1]);

  132. 		try (InputStream pubIn = this.getClass()

  133. 				.getResourceAsStream(data.name + ".asc")) {

  134. 			if (pubIn != null) {

  135. 				PGPPublicKey publicKey = readAsc(pubIn);

  136. 				// Do a full test trying to load the secret key.

  137. 				PGPDigestCalculatorProvider calculatorProvider = new JcaPGPDigestCalculatorProviderBuilder()

  138. 						.build();

  139. 				try (InputStream in = new BufferedInputStream(this.getClass()

  140. 						.getResourceAsStream(data.name + ".key"))) {

  141. 					PGPSecretKey secretKey = SecretKeys.readSecretKey(in,

  142. 							calculatorProvider, () -> "nonsense".toCharArray(),

  143. 							publicKey);

  144. 					assertNotNull(secretKey);

  145. 				} catch (PGPException e) {

  146. 					// Currently we may not be able to load OCB-encrypted keys.

  147. 					assertTrue(e.getMessage().contains("OCB"));

  148. 					assertTrue(data.encrypted);

  149. 					assertFalse(ocbAvailable());

  150. 				}

  151. 			}

  152. 		}

  153. 	}

  154. 

  155. }