tests: Add export test.
authorJustus Winter <justus@g10code.com>
Tue, 19 Apr 2016 11:40:46 +0000 (13:40 +0200)
committerJustus Winter <justus@g10code.com>
Mon, 23 May 2016 14:06:53 +0000 (16:06 +0200)
* tests/openpgp/Makefile.am (TESTS): Add new file.
* tests/openpgp/export.test: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
tests/openpgp/Makefile.am
tests/openpgp/export.test [new file with mode: 0755]

index bab0b7d..6dc4d5b 100644 (file)
@@ -57,6 +57,7 @@ TESTS = version.test mds.test \
        import.test ecc.test 4gb-packet.test \
        $(sqlite3_dependent_tests) \
        gpgtar.test use-exact-key.test default-key.test \
+       export.test \
        finish.test
 
 
diff --git a/tests/openpgp/export.test b/tests/openpgp/export.test
new file mode 100755 (executable)
index 0000000..08b8272
--- /dev/null
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+. $srcdir/defs.inc || exit 3
+
+check_exported_public_key()
+{
+    $GPG --list-packets $1 >$1.packets
+    grep '^:public key packet:' $1.packets >/dev/null
+    grep "^    keyid: .*$KEY$" $1.packets >/dev/null
+    grep '^:user ID packet:' $1.packets >/dev/null
+    grep "^:signature packet:.*keyid.*$KEY" $1.packets >/dev/null
+    rm $1.packets
+}
+
+check_armored_public_key()
+{
+    grep '^-----BEGIN PGP PUBLIC KEY BLOCK-----$' $1 >/dev/null
+    grep '^-----END PGP PUBLIC KEY BLOCK-----$' $1 >/dev/null
+    check_exported_public_key $1
+}
+
+check_exported_private_key()
+{
+    $GPG --list-packets $1 >$1.packets
+    grep '^:secret key packet:' $1.packets >/dev/null
+    grep "^    keyid: .*$KEY$" $1.packets >/dev/null
+    grep '^:user ID packet:' $1.packets >/dev/null
+    grep "^:signature packet:.*keyid.*$KEY" $1.packets >/dev/null
+    rm $1.packets
+}
+
+check_armored_private_key()
+{
+    grep '^-----BEGIN PGP PRIVATE KEY BLOCK-----$' $1 >/dev/null
+    grep '^-----END PGP PRIVATE KEY BLOCK-----$' $1 >/dev/null
+    check_exported_private_key $1
+}
+
+# XXX: Currently, gpg does not allow one to export private keys
+# without a passphrase (issue2070, issue2324), and our fake pinentry
+# only allows us to specify one passphrase.  We therefore use the
+# passphrase of our first key to unlock it (the other keys are not
+# protected), and also use the same passphrase for the exported keys.
+export PINENTRY_USER_DATA="$usrpass1"
+
+info "Checking key export."
+for KEY in D74C5F22 C40FDECF ECABF51D
+do
+    progress $KEY
+
+    $GPG --export $KEY >$KEY.public
+    check_exported_public_key $KEY.public
+    rm $KEY.public
+
+    $GPG --armor --export $KEY >$KEY.public
+    check_armored_public_key $KEY.public
+    rm $KEY.public
+
+    $GPG --export-secret-keys $KEY >$KEY.private
+    check_exported_private_key $KEY.private
+    rm $KEY.private
+
+    $GPG --armor --export-secret-keys $KEY >$KEY.private
+    check_armored_private_key $KEY.private
+    rm $KEY.private
+done
+
+progress_end