if (!sig.verifyCertification(secretDSAKey.getPublicKey(), secretKey.getPublicKey()))
{
fail("subkey binding verification failed.");
}
PGPSignatureSubpacketVector hashedPcks = sig.getHashedSubPackets();
PGPSignatureSubpacketVector unhashedPcks = sig.getUnhashedSubPackets();
if (hashedPcks.size() != 6)
{
fail("wrong number of hashed packets found.");
}
if (unhashedPcks.size() != 1)
{
fail("wrong number of unhashed packets found.");
}
if (!hashedPcks.getSignerUserID().equals(TEST_USER_ID))
{
fail("test userid not matching");
}
if (hashedPcks.getSignatureExpirationTime() != TEST_EXPIRATION_TIME)
{
fail("test signature expiration time not matching");
}
if (unhashedPcks.getIssuerKeyID() != secretDSAKey.getKeyID())
{
fail("wrong issuer key ID found in certification");
}
int[] prefAlgs = hashedPcks.getPreferredCompressionAlgorithms();
preferredAlgorithmCheck("compression", PREFERRED_COMPRESSION_ALGORITHMS, prefAlgs);
prefAlgs = hashedPcks.getPreferredHashAlgorithms();
preferredAlgorithmCheck("hash", PREFERRED_HASH_ALGORITHMS, prefAlgs);
prefAlgs = hashedPcks.getPreferredSymmetricAlgorithms();
preferredAlgorithmCheck("symmetric", PREFERRED_SYMMETRIC_ALGORITHMS, prefAlgs);
int[] criticalHashed = hashedPcks.getCriticalTags();
if (criticalHashed.length != 1)
{
fail("wrong number of critical packets found.");
}
if (criticalHashed[0] != SignatureSubpacketTags.SIGNER_USER_ID)
{
fail("wrong critical packet found in tag list.");
}
//
// no packets passed
//
sGen = new PGPSignatureGenerator(PublicKeyAlgorithmTags.DSA, HashAlgorithmTags.SHA1, "BC");
sGen.initSign(PGPSignature.SUBKEY_BINDING, pgpPrivDSAKey);
sGen.setHashedSubpackets(null);
sGen.setUnhashedSubpackets(null);
sig = sGen.generateCertification(TEST_USER_ID, secretKey.getPublicKey());
sig.initVerify(secretDSAKey.getPublicKey(), "BC");
if (!sig.verifyCertification(TEST_USER_ID, secretKey.getPublicKey()))
{
fail("subkey binding verification failed.");
}
hashedPcks = sig.getHashedSubPackets();
if (hashedPcks.size() != 1)
{
fail("found wrong number of hashed packets");
}
unhashedPcks = sig.getUnhashedSubPackets();
if (unhashedPcks.size() != 1)
{
fail("found wrong number of unhashed packets");
}
try
{
sig.verifyCertification(secretKey.getPublicKey());
fail("failed to detect non-key signature.");
}
catch (IllegalStateException e)
{
// expected
}
//
// override hash packets
//
sGen = new PGPSignatureGenerator(PublicKeyAlgorithmTags.DSA, HashAlgorithmTags.SHA1, "BC");
sGen.initSign(PGPSignature.SUBKEY_BINDING, pgpPrivDSAKey);
hashedGen = new PGPSignatureSubpacketGenerator();
hashedGen.setSignatureCreationTime(false, new Date(0L));
sGen.setHashedSubpackets(hashedGen.generate());
sGen.setUnhashedSubpackets(null);
sig = sGen.generateCertification(TEST_USER_ID, secretKey.getPublicKey());
sig.initVerify(secretDSAKey.getPublicKey(), "BC");
if (!sig.verifyCertification(TEST_USER_ID, secretKey.getPublicKey()))
{
fail("subkey binding verification failed.");
}
hashedPcks = sig.getHashedSubPackets();
if (hashedPcks.size() != 1)
{
fail("found wrong number of hashed packets in override test");
}
if (!hashedPcks.hasSubpacket(SignatureSubpacketTags.CREATION_TIME))
{
fail("hasSubpacket test for creation time failed");
}
if (!hashedPcks.getSignatureCreationTime().equals(new Date(0L)))
{
fail("creation of overriden date failed.");
}
prefAlgs = hashedPcks.getPreferredCompressionAlgorithms();
preferredAlgorithmCheck("compression", NO_PREFERENCES, prefAlgs);
prefAlgs = hashedPcks.getPreferredHashAlgorithms();
preferredAlgorithmCheck("hash", NO_PREFERENCES, prefAlgs);
prefAlgs = hashedPcks.getPreferredSymmetricAlgorithms();
preferredAlgorithmCheck("symmetric", NO_PREFERENCES, prefAlgs);
if (hashedPcks.getKeyExpirationTime() != 0)
{
fail("unexpected key expiration time found");
}
if (hashedPcks.getSignatureExpirationTime() != 0)
{
fail("unexpected signature expiration time found");
}
if (hashedPcks.getSignerUserID() != null)
{
fail("unexpected signer user ID found");
}
criticalHashed = hashedPcks.getCriticalTags();
if (criticalHashed.length != 0)
{
fail("critical packets found when none expected");
}
unhashedPcks = sig.getUnhashedSubPackets();
if (unhashedPcks.size() != 1)
{
fail("found wrong number of unhashed packets in override test");
}
//