From 8ebe171819966753072c65743fd9b1c9e7f090a5 Mon Sep 17 00:00:00 2001
From: David Hook <dgh@bouncycastle.org>
Date: Sun, 23 May 2021 19:27:59 +1000
Subject: github #23 added method for handling signing subkey

---
 crypto/test/src/openpgp/test/PgpKeyRingTest.cs | 42 +++++++++++++++++++++++---
 1 file changed, 38 insertions(+), 4 deletions(-)

(limited to 'crypto/test')

diff --git a/crypto/test/src/openpgp/test/PgpKeyRingTest.cs b/crypto/test/src/openpgp/test/PgpKeyRingTest.cs
index 5f1d83459..aed750318 100644
--- a/crypto/test/src/openpgp/test/PgpKeyRingTest.cs
+++ b/crypto/test/src/openpgp/test/PgpKeyRingTest.cs
@@ -2261,7 +2261,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
         }
 
         [Test]
-        public void GenerateSha1Test()
+        public void GenerateSha256Test()
         {
             char[] passPhrase = "hello".ToCharArray();
 
@@ -2296,11 +2296,14 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 
             PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow);
             PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow);
+            PgpKeyPair dsaSubKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKpg.GenerateKeyPair(), DateTime.UtcNow);
 
             PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair,
                 "test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, Random);
 
-            keyRingGen.AddSubKey(elgKeyPair);
+            keyRingGen.AddSubKey(elgKeyPair, HashAlgorithmTag.Sha256);
+
+            keyRingGen.AddSubKey(dsaSubKeyPair, HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha256);
 
             PgpSecretKeyRing keyRing = keyRingGen.GenerateSecretKeyRing();
 
@@ -2310,6 +2313,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 
             PgpPublicKey vKey = null;
             PgpPublicKey sKey = null;
+            PgpPublicKey sdKey = null;
 
             foreach (PgpPublicKey pk in pubRing.GetPublicKeys())
             {
@@ -2319,7 +2323,14 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
                 }
                 else
                 {
-                    sKey = pk;
+                    if (pk.IsEncryptionKey)
+                    {
+                        sKey = pk;
+                    }
+                    else
+                    {
+                        sdKey = pk;
+                    }
                 }
             }
 
@@ -2336,6 +2347,29 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
                     }
                 }
             }
+
+            foreach (PgpSignature sig in sdKey.GetSignatures())
+            {
+                if (sig.KeyId == vKey.KeyId
+                    && sig.SignatureType == PgpSignature.SubkeyBinding)
+                {
+                    sig.InitVerify(vKey);
+
+                    if (!sig.VerifyCertification(vKey, sdKey))
+                    {
+                        Fail("failed to verify dsa sub-key signature.");
+                    }
+
+                    PgpSignature bindSig = sig.GetHashedSubPackets().GetEmbeddedSignatures()[0];
+
+                    bindSig.InitVerify(sdKey);
+
+                    if (!bindSig.VerifyCertification(vKey, sdKey))
+                    {
+                        Fail("failed to verify dsa sub-key primary binding signature.");
+                    }
+                }
+            }
         }
 
         [Test]
@@ -2574,7 +2608,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             PerformTest11();
 
             GenerateTest();
-            GenerateSha1Test();
+            GenerateSha256Test();
             RewrapTest();
             PublicKeyRingWithX509Test();
             SecretKeyRingWithPersonalCertificateTest();
-- 
cgit 1.4.1