tests: add test for master key revocation

This commit is contained in:
Vincent Breitmoser 2014-08-16 07:06:07 +02:00
parent 6e84c72801
commit 7c7ba21714
2 changed files with 26 additions and 2 deletions

View File

@ -582,6 +582,31 @@ public class PgpKeyOperationTest {
} }
@Test
public void testMasterRevoke() throws Exception {
parcel.reset();
parcel.mRevokeSubKeys.add(ring.getMasterKeyId());
UncachedKeyRing modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
Assert.assertEquals("no extra packets in original", 0, onlyA.size());
Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
Packet p;
p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
Assert.assertTrue("first new packet must be secret subkey", p instanceof SignaturePacket);
Assert.assertEquals("signature type must be subkey binding certificate",
PGPSignature.KEY_REVOCATION, ((SignaturePacket) p).getSignatureType());
Assert.assertEquals("signature must have been created by master key",
ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
Assert.assertTrue("subkey must actually be revoked",
modified.getPublicKey().isRevoked());
}
@Test @Test
public void testSubkeyRevoke() throws Exception { public void testSubkeyRevoke() throws Exception {

View File

@ -271,13 +271,12 @@ public class UncachedKeyRing {
for (PGPSignature zert : new IterableIterator<PGPSignature>(masterKey.getKeySignatures())) { for (PGPSignature zert : new IterableIterator<PGPSignature>(masterKey.getKeySignatures())) {
int type = zert.getSignatureType(); int type = zert.getSignatureType();
// Disregard certifications on user ids, we will deal with those later // These should most definitely not be here...
if (type == PGPSignature.NO_CERTIFICATION if (type == PGPSignature.NO_CERTIFICATION
|| type == PGPSignature.DEFAULT_CERTIFICATION || type == PGPSignature.DEFAULT_CERTIFICATION
|| type == PGPSignature.CASUAL_CERTIFICATION || type == PGPSignature.CASUAL_CERTIFICATION
|| type == PGPSignature.POSITIVE_CERTIFICATION || type == PGPSignature.POSITIVE_CERTIFICATION
|| type == PGPSignature.CERTIFICATION_REVOCATION) { || type == PGPSignature.CERTIFICATION_REVOCATION) {
// These should not be here...
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TYPE_UID, indent); log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TYPE_UID, indent);
modified = PGPPublicKey.removeCertification(modified, zert); modified = PGPPublicKey.removeCertification(modified, zert);
badCerts += 1; badCerts += 1;