Example 1 with TestKey
use of com.google.gerrit.gpg.testutil.TestKey in project gerrit by GerritCodeReview.
the class GerritPublicKeyCheckerTest method keyLaterInTrustChainMissingUserId.
@Test
public void keyLaterInTrustChainMissingUserId() throws Exception {
// A---Bx
// \
// \---C
//
// The server ultimately trusts B.
// C signed A's key but is not in the store.
TestKey keyA = add(keyA(), user);
PGPPublicKeyRing keyRingB = keyB().getPublicKeyRing();
PGPPublicKey keyB = keyRingB.getPublicKey();
keyB = PGPPublicKey.removeCertification(keyB, (String) keyB.getUserIDs().next());
keyRingB = PGPPublicKeyRing.insertPublicKey(keyRingB, keyB);
add(keyRingB, addUser("userB"));
PublicKeyChecker checkerA = checkerFactory.create(user, store);
assertProblems(checkerA.check(keyA.getPublicKey()), Status.OK, "No path to a trusted key", "Certification by " + keyToString(keyB) + " is valid, but key is not trusted", "Key D24FE467 used for certification is not in store");
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
TestKey(com.google.gerrit.gpg.testutil.TestKey)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
PublicKeyStore.keyToString(com.google.gerrit.gpg.PublicKeyStore.keyToString)
Test(org.junit.Test)
Example 2 with TestKey
use of com.google.gerrit.gpg.testutil.TestKey in project gerrit by GerritCodeReview.
the class GerritPublicKeyCheckerTest method defaultGpgCertificationMatchesEmail.
@Test
public void defaultGpgCertificationMatchesEmail() throws Exception {
TestKey key = validKeyWithSecondUserId();
PublicKeyChecker checker = checkerFactory.create(user, store).disableTrust();
assertProblems(checker.check(key.getPublicKey()), Status.BAD, "Key must contain a valid certification for one of the following " + "identities:\n" + " gerrit:user\n" + " username:user");
addExternalId("test", "test", "test5@example.com");
checker = checkerFactory.create(user, store).disableTrust();
assertNoProblems(checker.check(key.getPublicKey()));
}Example 3 with TestKey
use of com.google.gerrit.gpg.testutil.TestKey in project gerrit by GerritCodeReview.
the class PushCertificateCheckerTest method signatureByExpiredKeyBeforeExpiration.
@Test
public void signatureByExpiredKeyBeforeExpiration() throws Exception {
TestKey key3 = expiredKey();
Date now = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss Z").parse("2005-07-10 12:00:00 -0400");
PushCertificate cert = newSignedCert(validNonce(), key3, now);
assertNoProblems(cert);
}
Also used :
TestKey(com.google.gerrit.gpg.testutil.TestKey)
PushCertificate(org.eclipse.jgit.transport.PushCertificate)
SimpleDateFormat(java.text.SimpleDateFormat)
Date(java.util.Date)
Test(org.junit.Test)
Example 4 with TestKey
use of com.google.gerrit.gpg.testutil.TestKey in project gerrit by GerritCodeReview.
the class GerritPublicKeyCheckerTest method checkValidTrustChainAndCorrectExternalIds.
@Test
public void checkValidTrustChainAndCorrectExternalIds() throws Exception {
// A---Bx
// \
// \---C---D
// \
// \---Ex
//
// The server ultimately trusts B and D.
// D and E trust C to be a valid introducer of depth 2.
IdentifiedUser userB = addUser("userB");
TestKey keyA = add(keyA(), user);
TestKey keyB = add(keyB(), userB);
add(keyC(), addUser("userC"));
add(keyD(), addUser("userD"));
add(keyE(), addUser("userE"));
// Checker for A, checking A.
PublicKeyChecker checkerA = checkerFactory.create(user, store);
assertNoProblems(checkerA.check(keyA.getPublicKey()));
// Checker for B, checking B. Trust chain and IDs are correct, so the only
// problem is with the key itself.
PublicKeyChecker checkerB = checkerFactory.create(userB, store);
assertProblems(checkerB.check(keyB.getPublicKey()), Status.BAD, "Key is expired");
}
Also used :
TestKey(com.google.gerrit.gpg.testutil.TestKey)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
Test(org.junit.Test)
Example 5 with TestKey
use of com.google.gerrit.gpg.testutil.TestKey in project gerrit by GerritCodeReview.
the class PublicKeyCheckerTest method keyExpiringInFuture.
@Test
public void keyExpiringInFuture() throws Exception {
TestKey k = validKeyWithExpiration();
PublicKeyChecker checker = new PublicKeyChecker().setStore(store);
assertNoProblems(checker, k);
checker.setEffectiveTime(parseDate("2015-07-10 12:00:00 -0400"));
assertNoProblems(checker, k);
checker.setEffectiveTime(parseDate("2075-07-10 12:00:00 -0400"));
assertProblems(checker, k, "Key is expired");
}Aggregations
TestKey (com.google.gerrit.gpg.testutil.TestKey)40
Test (org.junit.Test)37
PublicKeyStore.keyToString (com.google.gerrit.gpg.PublicKeyStore.keyToString)10
AbstractDaemonTest (com.google.gerrit.acceptance.AbstractDaemonTest)7
PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)5
PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)4
GpgKeyInfo (com.google.gerrit.extensions.common.GpgKeyInfo)3
PushCertificate (org.eclipse.jgit.transport.PushCertificate)3
PublicKeyStore.keyIdToString (com.google.gerrit.gpg.PublicKeyStore.keyIdToString)2
SimpleDateFormat (java.text.SimpleDateFormat)2
RevWalk (org.eclipse.jgit.revwalk.RevWalk)2
Preconditions.checkNotNull (com.google.common.base.Preconditions.checkNotNull)1
FluentIterable (com.google.common.collect.FluentIterable)1
ImmutableList (com.google.common.collect.ImmutableList)1
ImmutableSet (com.google.common.collect.ImmutableSet)1
Iterables (com.google.common.collect.Iterables)1
BaseEncoding (com.google.common.io.BaseEncoding)1
Truth.assertThat (com.google.common.truth.Truth.assertThat)1
Truth.assert_ (com.google.common.truth.Truth.assert_)1
AtomicLongMap (com.google.common.util.concurrent.AtomicLongMap)1
