enforce --no-armor when exporting to openpgp2ssh in case weird gpg.conf options ...

[monkeysphere.git] / tests / keytrans

diff --git a/tests/keytrans b/tests/keytrans
index ab95f596d91bfe70abf5608c8c054549e2edcb37..411b42ec2b0c5cdc883a5530eb1f3d15c7c449e8 100755 (executable)
--- a/tests/keytrans
+++ b/tests/keytrans
@@ -22,8 +22,14 @@ export TESTDIR=$(cd $(dirname "$0") && pwd)
 
 source "$TESTDIR"/common
 
-## setup trap
-trap failed_cleanup EXIT
+perl -MCrypt::OpenSSL::RSA -e 1 2>/dev/null || { echo "You must have the perl module Crypt::OpenSSL::RSA installed to run this test.  
+On debian-derived systems, you can set this up with:
+  apt-get install libcrypt-openssl-rsa-perl" ; exit 1; }
+
+perl -MDigest::SHA -e 1 2>/dev/null || { echo "You must have the perl module Digest::SHA installed to run this test.  
+On debian-derived systems, you can set this up with:
+  apt-get install libdigest-sha1-perl" ; exit 1; }
+
 
 ######################################################################
 ### SETUP VARIABLES
@@ -37,11 +43,15 @@ TEMPDIR=$(mktemp -d "${TMPDIR:-$TESTDIR/tmp}/monkeyspheretest.XXXXXXX")
 mkdir "$TEMPDIR"/bin
 ln -s "$TESTDIR"/../src/share/keytrans "$TEMPDIR"/bin/openpgp2ssh
 ln -s "$TESTDIR"/../src/share/keytrans "$TEMPDIR"/bin/pem2openpgp
+ln -s "$TESTDIR"/../src/share/keytrans "$TEMPDIR"/bin/keytrans
 
 # Use the local copy of executables first, instead of system ones.
 # This should help us test without installing.
 export PATH="$TEMPDIR"/bin:"$PATH"
 
+## setup trap
+trap failed_cleanup EXIT
+
 ######################################################################
 ### TEST KEYTRANS
 
@@ -55,6 +65,7 @@ chmod 700 "$TEMPDIR"
 cat > "$TEMPDIR"/gpg.conf <<EOF
 default-preference-list SHA512 SHA384 SHA256 SHA224 RIPEMD160 SHA1 ZLIB BZIP2 ZIP AES256 AES192 AES CAST5 3DES
 cert-digest-algo SHA256
+list-options show-uid-validity,show-unusable-uids
 EOF
 
 # generate a key
@@ -95,6 +106,108 @@ diff -u \
     <(hd "$TEMPDIR"/secret.key) \
     <(hd "$TEMPDIR"/converted.secret.key)
 
+KEYFPR=$(gpg --fingerprint --with-colons --list-keys | grep ^fpr | cut -f10 -d:)
+KEYID=$(printf "%s" "$KEYFPR" | cut -b25-40)
+
+echo "conversions look good!"
+
+echo "Now working with key $KEYID at time $timestamp"
+
+gpg --check-trustdb
+gpg --list-keys
+
+
+echo "##################################################"
+echo "### test User ID addition..."
+< "$TEMPDIR"/secring.gpg \
+PEM2OPENPGP_TIMESTAMP="$timestamp" \
+    PEM2OPENPGP_USAGE_FLAGS=sign,certify \
+    keytrans adduserid "$KEYID" "monkeymonkey" | gpg --import
+
+gpg --check-trustdb
+gpg --list-keys
+
+cat >"$TEMPDIR"/expectedout <<EOF
+pub:u:1024:1:$KEYID:$timestamp:::u:::scSC:
+uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+uid:u::::$timestamp::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+EOF
+
+diff -u "$TEMPDIR"/expectedout <(gpg --check-sigs --with-colons --fixed-list-mode | grep -v ^tru)
+
+echo "##################################################"
+echo "### test User ID revocation ... "
+
+revtime=$(($timestamp + 1))
+
+< "$TEMPDIR"/secring.gpg \
+PEM2OPENPGP_TIMESTAMP="$revtime" \
+    keytrans revokeuserid "$KEYID" "testtest" | gpg --import
+
+gpg --check-trustdb
+gpg --list-keys
+
+cat >"$TEMPDIR"/expectedout <<EOF
+pub:u:1024:1:$KEYID:$timestamp:::u:::scSC:
+uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+uid:r::::::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+rev:!::1:$KEYID:$revtime::::monkeymonkey:30x:
+EOF
+
+
+diff -u "$TEMPDIR"/expectedout <(gpg --check-sigs --with-colons --fixed-list-mode | grep -v ^tru)
+
+
+echo "##################################################"
+echo "### test working with two primary keys ... "
+
+ssh-keygen -t rsa -b 1024 -N '' -f "$TEMPDIR"/newkey
+
+PEM2OPENPGP_USAGE_FLAGS=authenticate,certify \
+PEM2OPENPGP_TIMESTAMP="$(( $timestamp + 1 ))" pem2openpgp fubar \
+ < "$TEMPDIR"/newkey > "$TEMPDIR"/newkey.gpg
+
+NEWKEYFPR=$(< "$TEMPDIR"/newkey.gpg keytrans listfprs)
+NEWKEYID=$( printf "%s" "$NEWKEYFPR" | cut -b25-40)
+
+< "$TEMPDIR"/newkey.gpg gpg --import 
+
+< "$TEMPDIR"/secring.gpg \
+PEM2OPENPGP_TIMESTAMP="$timestamp" \
+    keytrans adduserid "$KEYID" "baz" | gpg --import
+
+cat >"$TEMPDIR"/expectedout <<EOF
+pub:u:1024:1:$KEYID:$timestamp:::u:::scSC:
+uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+uid:r::::::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+rev:!::1:$KEYID:$revtime::::monkeymonkey:30x:
+uid:u::::$timestamp::EDDC32D783E7F4C7B6982D9AE5DC4A61000648BA::baz:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+pub:-:1024:1:$NEWKEYID:$(($timestamp + 1)):::-:::caCA:
+uid:-::::$(($timestamp + 1))::A0D708F51CC257DEFC01AEDE1E0A5F329DFD8F16::fubar:
+sig:!::1:$NEWKEYID:$(($timestamp + 1))::::fubar:13x:
+EOF
+
+echo "test: diff expected gpg list output"
+diff -u "$TEMPDIR"/expectedout <(gpg --check-sigs --with-colons --fixed-list-mode | grep -v ^tru)
+
+sort >"$TEMPDIR"/expectedout <<EOF
+$KEYFPR
+$NEWKEYFPR
+EOF
+
+echo "test: diff expected keytrans listfpr output"
+diff -u "$TEMPDIR"/expectedout <( < "$TEMPDIR"/secring.gpg keytrans listfprs | sort )
+
+## FIXME: addtest: not testing subkeys at the moment.
+
+
 trap - EXIT
 
 echo "##################################################"