From 675e8e2015000ae406758436628a5c9f67212e8b Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Tue, 23 Sep 2014 14:53:44 +0200 Subject: [PATCH] add test case to make sure s2k IVs are different per subkey --- .../keychain/pgp/PgpKeyOperationTest.java | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java index de8ab1693..6a1caa0db 100644 --- a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java +++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java @@ -54,9 +54,11 @@ import org.sufficientlysecure.keychain.util.TestingUtils; import java.io.ByteArrayInputStream; import java.io.IOException; +import java.nio.ByteBuffer; import java.security.Security; import java.util.ArrayList; import java.util.Date; +import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Random; @@ -924,6 +926,23 @@ public class PgpKeyOperationTest { parcel.mNewPassphrase = otherPassphrase; modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB, ""); + Assert.assertEquals("exactly three packets should have been modified (the secret keys)", + 3, onlyB.size()); + + { // quick check to make sure no two secret keys have the same IV + HashSet ivs = new HashSet(); + for (int i = 0; i < 3; i++) { + SecretKeyPacket p = (SecretKeyPacket) new BCPGInputStream( + new ByteArrayInputStream(onlyB.get(i).buf)).readPacket(); + ByteBuffer iv = ByteBuffer.wrap(p.getIV()); + Assert.assertFalse( + "no two secret keys should have the same s2k iv (slightly non-deterministic!)", + ivs.contains(iv) + ); + ivs.add(iv); + } + } + RawPacket sKeyWithPassphrase = onlyB.get(1); Assert.assertEquals("extracted packet should be a secret subkey", PacketTags.SECRET_SUBKEY, sKeyNoPassphrase.tag);