Example 1 with TestKey
use of com.google.gerrit.gpg.testing.TestKey in project gerrit by GerritCodeReview.
the class GerritPublicKeyCheckerTest method checkValidTrustChainAndCorrectExternalIds.
@Test
public void checkValidTrustChainAndCorrectExternalIds() throws Exception {
// A---Bx
// \
// \---C---D
// \
// \---Ex
//
// The server ultimately trusts B and D.
// D and E trust C to be a valid introducer of depth 2.
IdentifiedUser userB = addUser("userB");
TestKey keyA = add(keyA(), user);
TestKey keyB = add(keyB(), userB);
add(keyC(), addUser("userC"));
add(keyD(), addUser("userD"));
add(keyE(), addUser("userE"));
// Checker for A, checking A.
PublicKeyChecker checkerA = checkerFactory.create(user, store);
assertNoProblems(checkerA.check(keyA.getPublicKey()));
// Checker for B, checking B. Trust chain and IDs are correct, so the only
// problem is with the key itself.
PublicKeyChecker checkerB = checkerFactory.create(userB, store);
assertProblems(checkerB.check(keyB.getPublicKey()), Status.BAD, "Key is expired");
}
Also used :
TestKey(com.google.gerrit.gpg.testing.TestKey)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
Test(org.junit.Test)
Example 2 with TestKey
use of com.google.gerrit.gpg.testing.TestKey in project gerrit by GerritCodeReview.
the class GerritPublicKeyCheckerTest method defaultGpgCertificationMatchesEmail.
@Test
public void defaultGpgCertificationMatchesEmail() throws Exception {
TestKey key = validKeyWithSecondUserId();
PublicKeyChecker checker = checkerFactory.create(user, store).disableTrust();
assertProblems(checker.check(key.getPublicKey()), Status.BAD, "Key must contain a valid certification for one of the following " + "identities:\n" + " gerrit:user\n" + " username:user");
addExternalId("test", "test", "test5@example.com");
checker = checkerFactory.create(user, store).disableTrust();
assertNoProblems(checker.check(key.getPublicKey()));
}Example 3 with TestKey
use of com.google.gerrit.gpg.testing.TestKey in project gerrit by GerritCodeReview.
the class GerritPublicKeyCheckerTest method keyLaterInTrustChainMissingUserId.
@Test
public void keyLaterInTrustChainMissingUserId() throws Exception {
// A---Bx
// \
// \---C
//
// The server ultimately trusts B.
// C signed A's key but is not in the store.
TestKey keyA = add(keyA(), user);
PGPPublicKeyRing keyRingB = keyB().getPublicKeyRing();
PGPPublicKey keyB = keyRingB.getPublicKey();
keyB = PGPPublicKey.removeCertification(keyB, keyB.getUserIDs().next());
keyRingB = PGPPublicKeyRing.insertPublicKey(keyRingB, keyB);
add(keyRingB, addUser("userB"));
PublicKeyChecker checkerA = checkerFactory.create(user, store);
assertProblems(checkerA.check(keyA.getPublicKey()), Status.OK, "No path to a trusted key", "Certification by " + keyToString(keyB) + " is valid, but key is not trusted", "Key D24FE467 used for certification is not in store");
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
TestKey(com.google.gerrit.gpg.testing.TestKey)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
Test(org.junit.Test)
Example 4 with TestKey
use of com.google.gerrit.gpg.testing.TestKey in project gerrit by GerritCodeReview.
the class PublicKeyStoreTest method assertKeys.
private void assertKeys(long keyId, TestKey... expected) throws Exception {
Set<String> expectedStrings = new TreeSet<>();
for (TestKey k : expected) {
expectedStrings.add(keyToString(k.getPublicKey()));
}
PGPPublicKeyRingCollection actual = store.get(keyId);
Set<String> actualStrings = new TreeSet<>();
for (PGPPublicKeyRing k : actual) {
actualStrings.add(keyToString(k.getPublicKey()));
}
assertEquals(expectedStrings, actualStrings);
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
TestKey(com.google.gerrit.gpg.testing.TestKey)
PGPPublicKeyRingCollection(org.bouncycastle.openpgp.PGPPublicKeyRingCollection)
TreeSet(java.util.TreeSet)
PublicKeyStore.keyToString(com.google.gerrit.gpg.PublicKeyStore.keyToString)
PublicKeyStore.keyIdToString(com.google.gerrit.gpg.PublicKeyStore.keyIdToString)
Example 5 with TestKey
use of com.google.gerrit.gpg.testing.TestKey in project gerrit by GerritCodeReview.
the class PublicKeyStoreTest method remove.
@Test
public void remove() throws Exception {
TestKey key1 = validKeyWithoutExpiration();
store.add(key1.getPublicKeyRing());
assertEquals(RefUpdate.Result.NEW, store.save(newCommitBuilder()));
assertKeys(key1.getKeyId(), key1);
store.remove(key1.getPublicKey().getFingerprint());
assertEquals(RefUpdate.Result.FAST_FORWARD, store.save(newCommitBuilder()));
assertKeys(key1.getKeyId());
}Aggregations
TestKey (com.google.gerrit.gpg.testing.TestKey)44
Test (org.junit.Test)41
AbstractDaemonTest (com.google.gerrit.acceptance.AbstractDaemonTest)9
PublicKeyStore.keyToString (com.google.gerrit.gpg.PublicKeyStore.keyToString)9
PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)7
PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)6
AccountIndexedCounter (com.google.gerrit.acceptance.AccountIndexedCounter)5
Registration (com.google.gerrit.acceptance.ExtensionRegistry.Registration)5
ResourceNotFoundException (com.google.gerrit.extensions.restapi.ResourceNotFoundException)3
PushCertificate (org.eclipse.jgit.transport.PushCertificate)3
GerritConfig (com.google.gerrit.acceptance.config.GerritConfig)2
GpgKeyInfo (com.google.gerrit.extensions.common.GpgKeyInfo)2
ResourceConflictException (com.google.gerrit.extensions.restapi.ResourceConflictException)2
PublicKeyStore.keyIdToString (com.google.gerrit.gpg.PublicKeyStore.keyIdToString)2
Date (java.util.Date)2
HashMap (java.util.HashMap)2
ObjectReader (org.eclipse.jgit.lib.ObjectReader)2
RevWalk (org.eclipse.jgit.revwalk.RevWalk)2
StopStrategies (com.github.rholder.retry.StopStrategies)1
FluentIterable (com.google.common.collect.FluentIterable)1
