Test for badly encoded user ids

2024-11-23 17:22:16 -05:00 · 2014-09-13 20:46:44 +02:00 · 2014-09-13 20:46:44 +02:00 · 143cd2bd13
commit 143cd2bd13
parent a8a1f352a8
2 changed files with 31 additions and 1 deletions
--- a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/provider/ProviderHelperSaveTest.java
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/provider/ProviderHelperSaveTest.java
@ -25,14 +25,18 @@ import org.junit.runner.RunWith;
 import org.robolectric.Robolectric;
 import org.robolectric.RobolectricTestRunner;
 import org.robolectric.shadows.ShadowLog;
+import org.spongycastle.util.encoders.Hex;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
 import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
 import org.sufficientlysecure.keychain.service.results.SaveKeyringResult;
+import org.sufficientlysecure.keychain.util.IterableIterator;
 import org.sufficientlysecure.keychain.util.ProgressScaler;

+import java.util.Arrays;
+
@RunWith(RobolectricTestRunner.class)
@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19
 public class ProviderHelperSaveTest {
@ -102,7 +106,6 @@ public class ProviderHelperSaveTest {

        SaveKeyringResult result;

-        // insert both keys, second should fail
        result = mProviderHelper.saveSecretKeyRing(sec, new ProgressScaler());
        Assert.assertTrue("import of secret keyring should succeed", result.success());

@ -119,6 +122,32 @@ public class ProviderHelperSaveTest {

    }

+    @Test public void testImportBadEncodedUserId() throws Exception {
+
+        UncachedKeyRing key =
+                readRingFromResource("/test-keys/bad_user_id_encoding.asc");
+        long keyId = key.getMasterKeyId();
+
+        SaveKeyringResult result;
+
+        result = mProviderHelper.savePublicKeyRing(key, new ProgressScaler());
+        Assert.assertTrue("import of keyring should succeed", result.success());
+
+        // make sure both the CanonicalizedSecretKeyRing as well as the CachedPublicKeyRing correctly
+        // indicate the secret key type
+        CanonicalizedPublicKeyRing ring = mProviderHelper.getCanonicalizedPublicKeyRing(keyId);
+        boolean found = false;
+        byte[] badUserId = Hex.decode("436c61757320467261656e6b656c203c436c6175732e4672e46e6b656c4068616c696661782e727774682d61616368656e2e64653e");
+        for (byte[] rawUserId : new IterableIterator<byte[]>(
+                ring.getUnorderedRawUserIds().iterator())) {
+            if (Arrays.equals(rawUserId, badUserId)) {
+                found = true;
+            }
+        }
+
+        Assert.assertTrue("import of the badly encoded user id should succeed", found);
+    }
+
    UncachedKeyRing readRingFromResource(String name) throws Exception {
        return UncachedKeyRing.fromStream(ProviderHelperSaveTest.class.getResourceAsStream(name)).next();
    }
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
@ -34,6 +34,7 @@ import org.spongycastle.openpgp.PGPSignatureList;
 import org.spongycastle.openpgp.PGPUtil;
 import org.spongycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;
 import org.spongycastle.util.Strings;
+import org.spongycastle.util.encoders.Hex;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.service.results.OperationResultParcel.LogLevel;