From cb64f8865c407543c01dbc3646e9eb1667996dae Mon Sep 17 00:00:00 2001 From: Art O Cathain Date: Sun, 29 Jun 2014 12:18:16 +0100 Subject: [PATCH] work in progress --- .../keychain/testsupport/KeyringBuilder.java | 168 +++++++++++ .../keychain/testsupport/TestDataUtil.java | 66 ++++- .../UncachedKeyringTestingHelper.java | 278 ++++++++++++++++++ .../test/java/tests/UncachedKeyringTest.java | 37 +++ 4 files changed, 548 insertions(+), 1 deletion(-) create mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringBuilder.java create mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/UncachedKeyringTestingHelper.java create mode 100644 OpenKeychain/src/test/java/tests/UncachedKeyringTest.java diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringBuilder.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringBuilder.java new file mode 100644 index 000000000..bbbe45ba2 --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringBuilder.java @@ -0,0 +1,168 @@ +package org.sufficientlysecure.keychain.testsupport; + +import org.spongycastle.bcpg.CompressionAlgorithmTags; +import org.spongycastle.bcpg.HashAlgorithmTags; +import org.spongycastle.bcpg.MPInteger; +import org.spongycastle.bcpg.PublicKeyAlgorithmTags; +import org.spongycastle.bcpg.PublicKeyPacket; +import org.spongycastle.bcpg.RSAPublicBCPGKey; +import org.spongycastle.bcpg.SignaturePacket; +import org.spongycastle.bcpg.SignatureSubpacket; +import org.spongycastle.bcpg.SignatureSubpacketTags; +import org.spongycastle.bcpg.SymmetricKeyAlgorithmTags; +import org.spongycastle.bcpg.UserIDPacket; +import org.spongycastle.bcpg.sig.Features; +import org.spongycastle.bcpg.sig.IssuerKeyID; +import org.spongycastle.bcpg.sig.KeyFlags; +import org.spongycastle.bcpg.sig.PreferredAlgorithms; +import org.spongycastle.bcpg.sig.SignatureCreationTime; +import org.spongycastle.bcpg.sig.SignatureExpirationTime; +import org.spongycastle.openpgp.PGPException; +import org.spongycastle.openpgp.PGPPublicKey; +import org.spongycastle.openpgp.PGPPublicKeyRing; +import org.spongycastle.openpgp.PGPSignature; +import org.spongycastle.openpgp.operator.bc.BcKeyFingerprintCalculator; +import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; + +import java.math.BigInteger; +import java.util.Date; + +/** + * Created by art on 05/07/14. + */ +public class KeyringBuilder { + + + private static final BigInteger modulus = new BigInteger( + "cbab78d90d5f2cc0c54dd3c3953005a1" + + "e6b521f1ffa5465a102648bf7b91ec72" + + "f9c180759301587878caeb7333215620" + + "9f81ca5b3b94309d96110f6972cfc56a" + + "37fd6279f61d71f19b8f64b288e33829" + + "9dce133520f5b9b4253e6f4ba31ca36a" + + "fd87c2081b15f0b283e9350e370e181a" + + "23d31379101f17a23ae9192250db6540" + + "2e9cab2a275bc5867563227b197c8b13" + + "6c832a94325b680e144ed864fb00b9b8" + + "b07e13f37b40d5ac27dae63cd6a470a7" + + "b40fa3c7479b5b43e634850cc680b177" + + "8dd6b1b51856f36c3520f258f104db2f" + + "96b31a53dd74f708ccfcefccbe420a90" + + "1c37f1f477a6a4b15f5ecbbfd93311a6" + + "47bcc3f5f81c59dfe7252e3cd3be6e27" + , 16 + ); + + private static final BigInteger exponent = new BigInteger("010001", 16); + + public static UncachedKeyRing ring1() { + return ringForModulus(new Date(1404566755), "user1@example.com"); + } + + public static UncachedKeyRing ring2() { + return ringForModulus(new Date(1404566755), "user1@example.com"); + } + + private static UncachedKeyRing ringForModulus(Date date, String userIdString) { + + try { + PGPPublicKey publicKey = createPgpPublicKey(modulus, date); + UserIDPacket userId = createUserId(userIdString); + SignaturePacket signaturePacket = createSignaturePacket(date); + + byte[] publicKeyEncoded = publicKey.getEncoded(); + byte[] userIdEncoded = userId.getEncoded(); + byte[] signaturePacketEncoded = signaturePacket.getEncoded(); + byte[] encodedRing = TestDataUtil.concatAll( + publicKeyEncoded, + userIdEncoded, + signaturePacketEncoded + ); + + PGPPublicKeyRing pgpPublicKeyRing = new PGPPublicKeyRing( + encodedRing, new BcKeyFingerprintCalculator()); + + return UncachedKeyRing.decodeFromData(pgpPublicKeyRing.getEncoded()); + + } catch (Exception e) { + throw new RuntimeException(e); + } + } + + private static SignaturePacket createSignaturePacket(Date date) { + int signatureType = PGPSignature.POSITIVE_CERTIFICATION; + long keyID = 1; + int keyAlgorithm = SignaturePacket.RSA_GENERAL; + int hashAlgorithm = HashAlgorithmTags.SHA1; + + SignatureSubpacket[] hashedData = new SignatureSubpacket[]{ + new SignatureCreationTime(true, date), + new KeyFlags(true, KeyFlags.SIGN_DATA & KeyFlags.CERTIFY_OTHER), + new SignatureExpirationTime(true, date.getTime() + 24 * 60 * 60 * 2), + new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_SYM_ALGS, true, new int[]{ + SymmetricKeyAlgorithmTags.AES_256, + SymmetricKeyAlgorithmTags.AES_192, + SymmetricKeyAlgorithmTags.AES_128, + SymmetricKeyAlgorithmTags.CAST5, + SymmetricKeyAlgorithmTags.TRIPLE_DES + }), + new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_HASH_ALGS, true, new int[]{ + HashAlgorithmTags.SHA256, + HashAlgorithmTags.SHA1, + HashAlgorithmTags.SHA384, + HashAlgorithmTags.SHA512, + HashAlgorithmTags.SHA224 + }), + new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_COMP_ALGS, true, new int[]{ + CompressionAlgorithmTags.ZLIB, + CompressionAlgorithmTags.BZIP2, + CompressionAlgorithmTags.ZLIB + }), + new Features(false, Features.FEATURE_MODIFICATION_DETECTION), + // can't do keyserver prefs + }; + SignatureSubpacket[] unhashedData = new SignatureSubpacket[]{ + new IssuerKeyID(true, new BigInteger("15130BCF071AE6BF", 16).toByteArray()) + }; + byte[] fingerPrint = new BigInteger("522c", 16).toByteArray(); + MPInteger[] signature = new MPInteger[]{ + new MPInteger(new BigInteger( + "b065c071d3439d5610eb22e5b4df9e42" + + "ed78b8c94f487389e4fc98e8a75a043f" + + "14bf57d591811e8e7db2d31967022d2e" + + "e64372829183ec51d0e20c42d7a1e519" + + "e9fa22cd9db90f0fd7094fd093b78be2" + + "c0db62022193517404d749152c71edc6" + + "fd48af3416038d8842608ecddebbb11c" + + "5823a4321d2029b8993cb017fa8e5ad7" + + "8a9a618672d0217c4b34002f1a4a7625" + + "a514b6a86475e573cb87c64d7069658e" + + "627f2617874007a28d525e0f87d93ca7" + + "b15ad10dbdf10251e542afb8f9b16cbf" + + "7bebdb5fe7e867325a44e59cad0991cb" + + "239b1c859882e2ebb041b80e5cdc3b40" + + "ed259a8a27d63869754c0881ccdcb50f" + + "0564fecdc6966be4a4b87a3507a9d9be", 16 + )) + }; + return new SignaturePacket(signatureType, + keyID, + keyAlgorithm, + hashAlgorithm, + hashedData, + unhashedData, + fingerPrint, + signature); + } + + private static PGPPublicKey createPgpPublicKey(BigInteger modulus, Date date) throws PGPException { + PublicKeyPacket publicKeyPacket = new PublicKeyPacket(PublicKeyAlgorithmTags.RSA_SIGN, date, new RSAPublicBCPGKey(modulus, exponent)); + return new PGPPublicKey( + publicKeyPacket, new BcKeyFingerprintCalculator()); + } + + private static UserIDPacket createUserId(String userId) { + return new UserIDPacket(userId); + } + +} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java index 9e6ede761..338488e1f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java @@ -4,6 +4,7 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.util.Collection; +import java.util.Iterator; /** * Misc support functions. Would just use Guava / Apache Commons but @@ -37,8 +38,71 @@ public class TestDataUtil { return output.toByteArray(); } - public static InputStream getResourceAsStream(String resourceName) { return TestDataUtil.class.getResourceAsStream(resourceName); } + + /** + * Null-safe equivalent of {@code a.equals(b)}. + */ + public static boolean equals(Object a, Object b) { + return (a == null) ? (b == null) : a.equals(b); + } + + public static boolean iterEquals(Iterator a, Iterator b, EqualityChecker comparator) { + while (a.hasNext()) { + T aObject = a.next(); + if (!b.hasNext()) { + return false; + } + T bObject = b.next(); + if (!comparator.areEquals(aObject, bObject)) { + return false; + } + } + + if (b.hasNext()) { + return false; + } + + return true; + } + + + public static boolean iterEquals(Iterator a, Iterator b) { + return iterEquals(a, b, new EqualityChecker() { + @Override + public boolean areEquals(T lhs, T rhs) { + return TestDataUtil.equals(lhs, rhs); + } + }); + } + + public static interface EqualityChecker { + public boolean areEquals(T lhs, T rhs); + } + + public static byte[] concatAll(byte[]... byteArrays) { + if (byteArrays.length == 1) { + return byteArrays[0]; + } else if (byteArrays.length == 2) { + return concat(byteArrays[0], byteArrays[1]); + } else { + byte[] first = concat(byteArrays[0], byteArrays[1]); + byte[][] remainingArrays = new byte[byteArrays.length - 1][]; + remainingArrays[0] = first; + System.arraycopy(byteArrays, 2, remainingArrays, 1, byteArrays.length - 2); + return concatAll(remainingArrays); + } + } + + private static byte[] concat(byte[] a, byte[] b) { + int aLen = a.length; + int bLen = b.length; + byte[] c = new byte[aLen + bLen]; + System.arraycopy(a, 0, c, 0, aLen); + System.arraycopy(b, 0, c, aLen, bLen); + return c; + } + } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/UncachedKeyringTestingHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/UncachedKeyringTestingHelper.java new file mode 100644 index 000000000..e0580a86a --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/UncachedKeyringTestingHelper.java @@ -0,0 +1,278 @@ +package org.sufficientlysecure.keychain.testsupport; + +import org.spongycastle.bcpg.BCPGKey; +import org.spongycastle.bcpg.PublicKeyAlgorithmTags; +import org.spongycastle.bcpg.PublicKeyPacket; +import org.spongycastle.bcpg.RSAPublicBCPGKey; +import org.spongycastle.bcpg.SignatureSubpacket; +import org.spongycastle.openpgp.PGPException; +import org.spongycastle.openpgp.PGPPublicKey; +import org.spongycastle.openpgp.PGPPublicKeyRing; +import org.spongycastle.openpgp.PGPSignature; +import org.spongycastle.openpgp.PGPSignatureSubpacketVector; +import org.spongycastle.openpgp.PGPUserAttributeSubpacketVector; +import org.spongycastle.openpgp.operator.bc.BcKeyFingerprintCalculator; +import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; +import org.sufficientlysecure.keychain.pgp.UncachedPublicKey; + +import java.math.BigInteger; +import java.util.Arrays; +import java.util.Date; + +/** + * Created by art on 28/06/14. + */ +public class UncachedKeyringTestingHelper { + + public static boolean compareRing(UncachedKeyRing keyRing1, UncachedKeyRing keyRing2) { + return TestDataUtil.iterEquals(keyRing1.getPublicKeys(), keyRing2.getPublicKeys(), new + TestDataUtil.EqualityChecker() { + @Override + public boolean areEquals(UncachedPublicKey lhs, UncachedPublicKey rhs) { + return comparePublicKey(lhs, rhs); + } + }); + } + + public static boolean comparePublicKey(UncachedPublicKey key1, UncachedPublicKey key2) { + boolean equal = true; + + if (key1.canAuthenticate() != key2.canAuthenticate()) { + return false; + } + if (key1.canCertify() != key2.canCertify()) { + return false; + } + if (key1.canEncrypt() != key2.canEncrypt()) { + return false; + } + if (key1.canSign() != key2.canSign()) { + return false; + } + if (key1.getAlgorithm() != key2.getAlgorithm()) { + return false; + } + if (key1.getBitStrength() != key2.getBitStrength()) { + return false; + } + if (!TestDataUtil.equals(key1.getCreationTime(), key2.getCreationTime())) { + return false; + } + if (!TestDataUtil.equals(key1.getExpiryTime(), key2.getExpiryTime())) { + return false; + } + if (!Arrays.equals(key1.getFingerprint(), key2.getFingerprint())) { + return false; + } + if (key1.getKeyId() != key2.getKeyId()) { + return false; + } + if (key1.getKeyUsage() != key2.getKeyUsage()) { + return false; + } + if (!TestDataUtil.equals(key1.getPrimaryUserId(), key2.getPrimaryUserId())) { + return false; + } + + // Ooops, getPublicKey is due to disappear. But then how to compare? + if (!keysAreEqual(key1.getPublicKey(), key2.getPublicKey())) { + return false; + } + + return equal; + } + + public static boolean keysAreEqual(PGPPublicKey a, PGPPublicKey b) { + + if (a.getAlgorithm() != b.getAlgorithm()) { + return false; + } + + if (a.getBitStrength() != b.getBitStrength()) { + return false; + } + + if (!TestDataUtil.equals(a.getCreationTime(), b.getCreationTime())) { + return false; + } + + if (!Arrays.equals(a.getFingerprint(), b.getFingerprint())) { + return false; + } + + if (a.getKeyID() != b.getKeyID()) { + return false; + } + + if (!pubKeyPacketsAreEqual(a.getPublicKeyPacket(), b.getPublicKeyPacket())) { + return false; + } + + if (a.getVersion() != b.getVersion()) { + return false; + } + + if (a.getValidDays() != b.getValidDays()) { + return false; + } + + if (a.getValidSeconds() != b.getValidSeconds()) { + return false; + } + + if (!Arrays.equals(a.getTrustData(), b.getTrustData())) { + return false; + } + + if (!TestDataUtil.iterEquals(a.getUserIDs(), b.getUserIDs())) { + return false; + } + + if (!TestDataUtil.iterEquals(a.getUserAttributes(), b.getUserAttributes(), + new TestDataUtil.EqualityChecker() { + public boolean areEquals(PGPUserAttributeSubpacketVector lhs, PGPUserAttributeSubpacketVector rhs) { + // For once, BC defines equals, so we use it implicitly. + return TestDataUtil.equals(lhs, rhs); + } + } + )) { + return false; + } + + + if (!TestDataUtil.iterEquals(a.getSignatures(), b.getSignatures(), + new TestDataUtil.EqualityChecker() { + public boolean areEquals(PGPSignature lhs, PGPSignature rhs) { + return signaturesAreEqual(lhs, rhs); + } + } + )) { + return false; + } + + return true; + } + + public static boolean signaturesAreEqual(PGPSignature a, PGPSignature b) { + + if (a.getVersion() != b.getVersion()) { + return false; + } + + if (a.getKeyAlgorithm() != b.getKeyAlgorithm()) { + return false; + } + + if (a.getHashAlgorithm() != b.getHashAlgorithm()) { + return false; + } + + if (a.getSignatureType() != b.getSignatureType()) { + return false; + } + + try { + if (!Arrays.equals(a.getSignature(), b.getSignature())) { + return false; + } + } catch (PGPException ex) { + throw new RuntimeException(ex); + } + + if (a.getKeyID() != b.getKeyID()) { + return false; + } + + if (!TestDataUtil.equals(a.getCreationTime(), b.getCreationTime())) { + return false; + } + + if (!Arrays.equals(a.getSignatureTrailer(), b.getSignatureTrailer())) { + return false; + } + + if (!subPacketVectorsAreEqual(a.getHashedSubPackets(), b.getHashedSubPackets())) { + return false; + } + + if (!subPacketVectorsAreEqual(a.getUnhashedSubPackets(), b.getUnhashedSubPackets())) { + return false; + } + + return true; + } + + private static boolean subPacketVectorsAreEqual(PGPSignatureSubpacketVector aHashedSubPackets, PGPSignatureSubpacketVector bHashedSubPackets) { + for (int i = 0; i < Byte.MAX_VALUE; i++) { + if (!TestDataUtil.iterEquals(Arrays.asList(aHashedSubPackets.getSubpackets(i)).iterator(), + Arrays.asList(bHashedSubPackets.getSubpackets(i)).iterator(), + new TestDataUtil.EqualityChecker() { + @Override + public boolean areEquals(SignatureSubpacket lhs, SignatureSubpacket rhs) { + return signatureSubpacketsAreEqual(lhs, rhs); + } + } + )) { + return false; + } + + } + return true; + } + + private static boolean signatureSubpacketsAreEqual(SignatureSubpacket lhs, SignatureSubpacket rhs) { + if (lhs.getType() != rhs.getType()) { + return false; + } + if (!Arrays.equals(lhs.getData(), rhs.getData())) { + return false; + } + return true; + } + + public static boolean pubKeyPacketsAreEqual(PublicKeyPacket a, PublicKeyPacket b) { + + if (a.getAlgorithm() != b.getAlgorithm()) { + return false; + } + + if (!bcpgKeysAreEqual(a.getKey(), b.getKey())) { + return false; + } + + if (!TestDataUtil.equals(a.getTime(), b.getTime())) { + return false; + } + + if (a.getValidDays() != b.getValidDays()) { + return false; + } + + if (a.getVersion() != b.getVersion()) { + return false; + } + + return true; + } + + public static boolean bcpgKeysAreEqual(BCPGKey a, BCPGKey b) { + + if (!TestDataUtil.equals(a.getFormat(), b.getFormat())) { + return false; + } + + if (!Arrays.equals(a.getEncoded(), b.getEncoded())) { + return false; + } + + return true; + } + + + public void doTestCanonicalize(UncachedKeyRing inputKeyRing, UncachedKeyRing expectedKeyRing) { + if (!compareRing(inputKeyRing, expectedKeyRing)) { + throw new AssertionError("Expected [" + inputKeyRing + "] to match [" + expectedKeyRing + "]"); + } + } + +} diff --git a/OpenKeychain/src/test/java/tests/UncachedKeyringTest.java b/OpenKeychain/src/test/java/tests/UncachedKeyringTest.java new file mode 100644 index 000000000..05a9c23ef --- /dev/null +++ b/OpenKeychain/src/test/java/tests/UncachedKeyringTest.java @@ -0,0 +1,37 @@ +package tests; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.robolectric.*; +import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; +import org.sufficientlysecure.keychain.testsupport.*; +import org.sufficientlysecure.keychain.testsupport.KeyringBuilder; +import org.sufficientlysecure.keychain.testsupport.TestDataUtil; + +@RunWith(RobolectricTestRunner.class) +@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19 +public class UncachedKeyringTest { + + @Test + public void testVerifySuccess() throws Exception { + UncachedKeyRing expectedKeyRing = KeyringBuilder.ring2(); +// Uncomment to prove it's working - the createdDate will then be different +// Thread.sleep(1500); + UncachedKeyRing inputKeyRing = KeyringBuilder.ring1(); + new UncachedKeyringTestingHelper().doTestCanonicalize( + inputKeyRing, expectedKeyRing); + } + + /** + * Just testing my own test code. Should really be using a library for this. + */ + @Test + public void testConcat() throws Exception { + byte[] actual = TestDataUtil.concatAll(new byte[]{1}, new byte[]{2,-2}, new byte[]{5},new byte[]{3}); + byte[] expected = new byte[]{1,2,-2,5,3}; + Assert.assertEquals(java.util.Arrays.toString(expected), java.util.Arrays.toString(actual)); + } + + +}