tests: add test for master key revocation

2024-11-27 11:12:15 -05:00 · 2014-08-16 07:06:07 +02:00 · 2014-08-16 07:06:07 +02:00 · 7c7ba21714
commit 7c7ba21714
parent 6e84c72801
2 changed files with 26 additions and 2 deletions
--- a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java
@ -582,6 +582,31 @@ public class PgpKeyOperationTest {

    }

+    @Test
+    public void testMasterRevoke() throws Exception {
+
+        parcel.reset();
+        parcel.mRevokeSubKeys.add(ring.getMasterKeyId());
+
+        UncachedKeyRing modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
+
+        Assert.assertEquals("no extra packets in original", 0, onlyA.size());
+        Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
+
+        Packet p;
+
+        p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+        Assert.assertTrue("first new packet must be secret subkey", p instanceof SignaturePacket);
+        Assert.assertEquals("signature type must be subkey binding certificate",
+                PGPSignature.KEY_REVOCATION, ((SignaturePacket) p).getSignatureType());
+        Assert.assertEquals("signature must have been created by master key",
+                ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+        Assert.assertTrue("subkey must actually be revoked",
+                modified.getPublicKey().isRevoked());
+
+    }
+
    @Test
    public void testSubkeyRevoke() throws Exception {

--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
@ -271,13 +271,12 @@ public class UncachedKeyRing {
            for (PGPSignature zert : new IterableIterator<PGPSignature>(masterKey.getKeySignatures())) {
                int type = zert.getSignatureType();

-                // Disregard certifications on user ids, we will deal with those later
+                // These should most definitely not be here...
                if (type == PGPSignature.NO_CERTIFICATION
                        || type == PGPSignature.DEFAULT_CERTIFICATION
                        || type == PGPSignature.CASUAL_CERTIFICATION
                        || type == PGPSignature.POSITIVE_CERTIFICATION
                        || type == PGPSignature.CERTIFICATION_REVOCATION) {
-                    // These should not be here...
                    log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TYPE_UID, indent);
                    modified = PGPPublicKey.removeCertification(modified, zert);
                    badCerts += 1;