From 7c7ba217148d0560744fd417c4e76726df3ffec7 Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <valodim@mugenguild.com>
Date: Sat, 16 Aug 2014 07:06:07 +0200
Subject: [PATCH] tests: add test for master key revocation

---
 .../keychain/pgp/PgpKeyOperationTest.java     | 25 +++++++++++++++++++
 .../keychain/pgp/UncachedKeyRing.java         |  3 +--
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java
index 10a42b80f..deec1cf3a 100644
--- a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java
@@ -582,6 +582,31 @@ public class PgpKeyOperationTest {
 
     }
 
+    @Test
+    public void testMasterRevoke() throws Exception {
+
+        parcel.reset();
+        parcel.mRevokeSubKeys.add(ring.getMasterKeyId());
+
+        UncachedKeyRing modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
+
+        Assert.assertEquals("no extra packets in original", 0, onlyA.size());
+        Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
+
+        Packet p;
+
+        p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+        Assert.assertTrue("first new packet must be secret subkey", p instanceof SignaturePacket);
+        Assert.assertEquals("signature type must be subkey binding certificate",
+                PGPSignature.KEY_REVOCATION, ((SignaturePacket) p).getSignatureType());
+        Assert.assertEquals("signature must have been created by master key",
+                ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+        Assert.assertTrue("subkey must actually be revoked",
+                modified.getPublicKey().isRevoked());
+
+    }
+
     @Test
     public void testSubkeyRevoke() throws Exception {
 
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
index 0a59ba9f8..ababd39e0 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
@@ -271,13 +271,12 @@ public class UncachedKeyRing {
             for (PGPSignature zert : new IterableIterator<PGPSignature>(masterKey.getKeySignatures())) {
                 int type = zert.getSignatureType();
 
-                // Disregard certifications on user ids, we will deal with those later
+                // These should most definitely not be here...
                 if (type == PGPSignature.NO_CERTIFICATION
                         || type == PGPSignature.DEFAULT_CERTIFICATION
                         || type == PGPSignature.CASUAL_CERTIFICATION
                         || type == PGPSignature.POSITIVE_CERTIFICATION
                         || type == PGPSignature.CERTIFICATION_REVOCATION) {
-                    // These should not be here...
                     log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TYPE_UID, indent);
                     modified = PGPPublicKey.removeCertification(modified, zert);
                     badCerts += 1;