pcp/tests/unittests.cfg

# -*-html-*-
#
#    This file is part of Pretty Curved Privacy (pcp1).
#
#    Copyright (C) 2013 T.Linden.
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
#    You can contact me by mail: <tlinden AT cpan DOT org>.
#

pcp   = ../src/pcp1
vault = v1
passwd = xxx
md5msg   = 66b8c4ca9e5d2a7e3c0559c3cdea3d50

include keys.cfg

<test check-dependencies>
  <test check-dependencies-pcp>
    cmd = ls $pcp
    expect = /pcp/
  </test>
</test>


<test check-streams>
  <test check-streams-8-8>
    md5 = `md5 -q ../COPYING`
    cmd = ./pipetest 8 8 e < ../COPYING | ./pipetest 8 8 d | md5 -q
    expect = /$md5/
  </test>
  <test check-streams-8-16>
    md5 = `md5 -q ../COPYING`
    cmd = ./pipetest 8 16 e < ../COPYING | ./pipetest 8 16 d | md5 -q
    expect = /$md5/
  </test>
  <test check-streams-16-8>
    md5 = `md5 -q ../COPYING`
    cmd = ./pipetest 16 8 e < ../COPYING | ./pipetest 16 8 d | md5 -q
    expect = /$md5/
  </test>
  <test check-streams-64-32>
    md5 = `md5 -q ../COPYING`
    cmd = ./pipetest 64 32 e < ../COPYING | ./pipetest 64 32 d | md5 -q
    expect = /$md5/
  </test>
  <test check-streams-32-64>
    md5 = `md5 -q ../COPYING`
    cmd = ./pipetest 32 64 e < ../COPYING | ./pipetest 32 64 d | md5 -q
    expect = /$md5/
  </test>
  <test check-streams-64-64>
    md5 = `md5 -q ../COPYING`
    cmd = ./pipetest 64 64 e < ../COPYING | ./pipetest 64 64 d | md5 -q
    expect = /$md5/
  </test>
</test>

<test check-z85>
  <test check-z85-1-compliant>
    cmd = ./decodertest 1
    expect = /ok/
  </test>

  <test check-z85-2-compliant-no-newlines>
    cmd = ./decodertest 2
    expect = /ok/
  </test>

  <test check-z85-3-compliant-no-begin-header>
    cmd = ./decodertest 3
    expect = /ok/
  </test>

  <test check-z85-4-uncompliant-empty-comment>
    cmd = ./decodertest 4
    expect = /ok/
  </test>

  <test check-z85-5-uncompliant-missing-char>
    cmd = ./decodertest 5
    expect = /ok/
  </test>
</test>

<test check-show-help>
  cmd    = $pcp -h
  expect = /export/
</test>

<test check-if-fail-without-vault>
  prepare = rm -f $vault
  cmd     = $pcp -V $vault -l
  expect  = /doesn't contain any keys so far/
</test>

<test check-generate-secret-key>
  cmd  = $pcp -V $vault -k -x $passwd
  input = <<EOF
Dexter Morgan
dxmorg@florida.cops.gov
  EOF
  expect = /Generated new secret key/	     
</test>


<test check-if-vault-contains-secret>
  cmd = $pcp -V $vault -l
  expect = /Dexter Morgan/
</test>

<test check-secret-key-info>
  cmd = $pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -t -i
  expect = /Serial Number/
</test>

<test check-export-public-key>
  cmd = $pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -p -x $passwd -z -i 
  expect = /PUBLIC KEY/
</test>

<test check-export-public-key-tofile>
  cmd = $pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -p -x $passwd -O testkey-self -i 
  expect-file = testkey-self
</test>

<test check-export-public-key-filecontent>
  cmd = /usr/bin/true # file is already there
  expect-file-contains = testkey-self Dexter
</test>

<test check-import-public-key>
  cmd = $pcp -V $vault -K -I bart.pub
  expect = /key $bartid added/
</test>

<test check-imported-public-key-info>
  cmd = $pcp -V $vault -t -i $bartid
  expect = /Serial Number: $bartserial/
</test>

<test check-if-delete-public-key-works>
  cmd = $pcp -V $vault -R -i $bartid
  expect = /Public key deleted/
</test>

<test check-if-vault-still-valid>
  cmd = $pcp -V $vault -t
  expect = /Vault version: 00000002/
</test>

<test check-if-deleted-public-key-is-away>
  cmd = $pcp -V $vault -t
  expect = /Public keys: 0/
</test>


#
# test file determination
/* doesnt work currently, disabled.
<test check-determine-pub>
  cmd = $pcp -t -I unknown1
  expect = /Niemand/
</test>

<test check-determine-sec>
  cmd = $pcp -t -I unknown2
  expect = /secret key/
</test>
*/
<test check-determine-empty-vault>
  cmd = $pcp -t -I unknown3
  expect = /empty/
</test>
/*
temporarily disabled
<test check-determine-encrypted-file>
  cmd = $pcp -t -I unknown4
  expect = /encrypted/
</test>
*/
#
# encryption tests
<test check-crypto-alicia-init>
  # alicias part
  prepare = echo ${md5msg} > testmessage
  <test check-crypto-alicia-import-secret>
    cmd = $pcp -V va -K -I key-alicia-sec -x a
    expect = /${idalicia}/
  </test>

  <test check-crypto-alicia-import-bobbys-key>
    cmd = $pcp -V va -K -I key-bobby-pub
    expect = /${idbobby}/
  </test>

  <test check-crypto-alicia-encrypt>
    cmd = $pcp -V va -e -i ${idbobby} -I testmessage -O testencrypted -x a
    expect = /for ${idbobby} successfully/
  </test>
</test>

<test check-crypto-bobby-init>
  # bobbys part
  <test check-crypto-bobby-import-secret>
    cmd = $pcp -V vb -K -I key-bobby-sec -x b
    expect = /${idbobby}/
  </test>

  <test check-crypto-alicia-import-alicias-key>
    cmd = $pcp -V vb -K -I key-alicia-pub
    expect = /${idalicia}/
  </test>

  <test check-crypto-bobby-decrypt>
    cmd = $pcp -V vb -d -O testdecrypted -I testencrypted -x b
    expect = /successfully/
  </test>

  <test check-crypto-alicia-encrypted-file>
    cmd = cat testdecrypted
    expect = /${md5msg}/
  </test>
</test>

#
# symetric encryption test
# FIXME: we currently use -V ve, but this one has to work without a vault
<test check-sym-encrypt>
  cmd = echo HELLOWORLD | $pcp -V ve -e -O testsymencrypted -x a
  expect = /symetrically/
</test>
<test check-sym-decrypt>
  cmd = $pcp -V ve -d -I testsymencrypted -x a
  expect = /HELLO/
</test>

#
# check usage of unencrypted secret key
<test vcl>
  prepare = rm -f vb2 vcl
  <test check-vcl-crypto-unencrypted-secret>
    cmd = (echo dau; echo foo; echo yes) | $pcp -V vcl -k -x "n/a"
    expect = /added to/
  </test>
  
  <test check-vcl-crypto-unencrypted-secret-yaml>
    cmd = $pcp -V vcl -y
    expect = /encrypted:  no/
  </test>

  <test check-vcl-prepare-import-bpub>
    cmd = $pcp -V vcl -I key-bobby-pub -K
    expect = /added/
  </test>

  <test check-vcl-export-unencrypted-pubkey>
    cmd = $pcp -V vcl -p -O testkeyvcl
    expect = /exported/
  </test>

  <test check-vcl-import-bsecret>
    cmd = $pcp -V vb2 -K -I key-bobby-sec -x b
    expect = /${idbobby}/
  </test>

  <test check-vcl-import-unencrypted-pubkey>
    cmd =  $pcp -V vb2 -K -I testkeyvcl
    expect = /added/
  </test>

  <test check-vcl-crypto-unencrypted-secret-message>
    cmd     = echo HALLO | $pcp -V vcl -e -O testencrypted -i ${idbobby}
    expect  = /success/
  </test>

  <test check-vcl-crypto-unencrypted-secret-read>
    cmd = $pcp -V vb2 -d -I testencrypted -x b
    expect  = /HALLO/
  </test>
</test>

#
# signature tests
<test check-sign-detached-to-bobby>
  cmd = $pcp -V va -g -I README -f testsig -x a
  expect-file testsig
</test>
<test check-verify-detached-signature>
  cmd = $pcp -V vb -c -f testsig -I README -i $idalicia
  expect = /verified/
</test>
<test check-sign-armored-to-bobby>
  prepare = rm -f testsig
  cmd = $pcp -V va -g -I README -O testsig -x a -z
  expect-file testsig
</test>
<test check-verify-armored-signature>
  cmd = $pcp -V vb -c -I testsig -i $idalicia -z
  expect = /verified/
</test>
<test check-sign-bin-to-bobby>
  prepare = rm -f testsig
  cmd = $pcp -V va -g -I README -O testsig -x a
  expect-file testsig
</test>
<test check-verify-bin-signature>
  cmd = $pcp -V vb -c -I testsig -i $idalicia
  expect = /verified/
</test>

#
# sign+encrypt tests
<test check-sign-crypt-to-bobby>
  cmd = $pcp -V va -g -e -I README -O testsig -r Bobby -x a
  expect = /Encrypted/
</test>
<test check-verify-decrypt-from-alicia>
  cmd = $pcp -V vb -c -d -I testsig -x b
  expect = /Verified.*Unittests/s
</test>

#
# yaml export test
<test check-export-yaml>
  cmd = $pcp -V va -y | perl -Ilib -MYAML -MData::Dumper -e "print Dumper(Load(join('',<>)))"
  expect = /VAR1/
</test>

#
# raw C test with prepared keys, message and cipher
<test check-raw-decrypt>
  cmd = ./statictest
  expect = /ok/
</test>


#
# negative tests, check for error handling
<test check-if-catch-conflicting-params>
  cmd = $pcp -V $vault -K -K
  expect = /invalid combination of commandline parameters/
</test>

<test check-infile-error>
  cmd = $pcp -V $vault -I nonexist -K
  expect = /Could not open input file nonexist/
</test>

<test check-import-without-id-error>
  cmd = $pcp -V $vault -R
  expect = /You need to specify a key id/
</test>

<test check-catch-invalid-short-keyid>
  cmd = $pcp -V $vault -R -i 0x1
  expect = /is too short/
</test>

<test check-catch-invalid-long-keyid>
  cmd = $pcp -V $vault -R -i 0x1111111111111111111111111
  expect = /is too long/
</test>

<test check-catch-invalid-long-keyid-without-0x>
  cmd = $pcp -V $vault -R -i 11111111111111111
  expect = /is too long/
</test>

<test check-catch-delete-nonexist>
  cmd = $pcp -V $vault -R -i 0x0101010101010101
  expect = /No key with id 0x010101/
</test>

<test check-if-export-secret-catch-nonexistent-keyid>
  cmd = $pcp -V $vault -s -i 0x0101010101010101
  expect = /Could not find a secret key with id 0x010101/
</test>

<test check-if-export-secret-catch-no-primary>
  prepare = $pcp -V v2 -l # so we've got just an empty vault
  cmd = $pcp -V v2 -s
  expect = /no primary secret key in the vault/
</test>

<test check-if-export-secret-catch-outfile-error>
  cmd =  $pcp -V $vault -l | grep primary |cut -d ' ' -f 1 \
         | xargs $pcp -V $vault -s -O nonexistentdir/keyfile -i
  expect = /Could not create output file nonexistentdir/
</test>


<test check-if-export-public-catch-nonexistent-keyid>
  cmd = $pcp -V $vault -p -i 0x0101010101010101
  expect = /Could not find a key with id 0x010101/
</test>

<test check-if-export-public-catch-no-primary>
  prepare = $pcp -V v3 -l # so we've got just an empty vault
  cmd = $pcp -V v3 -p
  expect = /no primary secret key in the vault/
</test>

<test check-if-export-public-catch-outfile-error>
  prepare = $pcp -V $vault -K -I bart.pub
  cmd =  $pcp -V $vault -l | grep public | cut -d ' ' -f 1 \
         | tail -1 | xargs $pcp -V $vault -p -O nonexistentdir/keyfile
  expect = /Could not create output file nonexistentdir/
</test>

<test check-if-catch-empty-input>
  prepare = touch testfile-empty
  cmd = $pcp -V $vault -K -I testfile-empty
  expect = /file is empty/
</test>

<test check-if-catch-missing-newlines>
  prepare = perl -e 'print "X" x 5000; print "\n"' > testfile-toolong
  cmd = $pcp -V $vault -K -I testfile-toolong -x x
  expect = /failed/
</test>

/*
 * Currently disabled, because ZeroMQ's zmq_z85_decode() doesn't really
 * catch invalid z85, it only checks the input length and not the actual
 * encoding. Re-enable, once that bug is fixed.
<test check-if-catch-invalid-z85>
  prepare = ./jot 30 | while read ignore; do \
            echo XXXXXXXXXXXXXXXXXX; done > testfile-noz85
  cmd = $pcp -V $vault -K -I testfile-noz85
  expect = /could not decode input/
</test>
*/

<test check-if-catch-nokey-behind-z85>
  prepare = ./jot 30 | while read ignore; do echo XXXXX; done \
            | $pcp -z > testfile-nokey
  cmd = $pcp -V $vault -K -I testfile-nokey -x x
  expect = /failed/
</test>

<test check-if-sanity-catch-keyexists>
  cmd = $pcp -V $vault -K -I bart.pub
  expect = /there already exists a key/
</test>

<test check-if-catch-nokeys>
  prepare = $pcp -V v3 -l
  cmd = $pcp -V v3 -l
  expect = /contain any keys so far/
</test>

<test invalid>
  prepare = ./invalidkeys

<test check-testkey-wrong-version>
  cmd = $pcp -V $vault -K -I testkey-wrong-version -x xxx
  expect = /unknown key version/
</test>

<test check-testkey-wrong-serial>
  cmd = $pcp -V $vault -K -I testkey-wrong-serial -x xxx
  expect = /invalid serial number/
</test>
<test check-testkey-wrong-ctime>
  cmd = $pcp -V $vault -K -I testkey-invalid-ctime -x xxx
  expect = /invalid creation timestamp/
</test>
/*
<test check-testpubkey-wrong-type>
  cmd = $pcp -V $vault -K -I testpubkey-wrong-type
  expect = /key type is not PUBLIC/
</test>

<test check-testpubkey-wrong-version>
  cmd = $pcp -V $vault -K -I testpubkey-wrong-version
  expect = /unknown key version/
</test>
*/
</test>

<test check-vault-invalid-header>
    prepare = ./invalidkeys
  cmd = $pcp -V testvault-invalidheader -l
  expect = /Unexpected vault file format/
</test>

<test check-vault-invalid-version>
  cmd = $pcp -V testvault-invalidversion -l
  expect = /Unexpected vault file format/
</test>

<test check-vault-invalid-itemtype>
  cmd = $pcp -V testvault-invaliditemtype -l
  expect = /invalid key type/
</test>

<test check-vault-invalid-keytype>
  cmd = $pcp -V testvault-invalidkeytype -l
  expect = /contain any keys so far./
</test>




#
# input handling tests
<test check-large-meta>
  cmd = (./jot 300 | while read m; do echo -n m; done; echo xxx) \
        | $pcp -V $vault -k -x $passwd
  expect = /Generated new secret key/
</test>


#
# test the c++ api
<test check-cpp-crypto>
  cmd = ./cpptest 0
  expect = /ok/
</test>

<test check-cpp-vault>
  cmd = ./cpptest 1
  expect = /ok/
</test>

<test check-cpp-import-pub>
  cmd = ./cpptest 2
  expect = /ok/
</test>

<test check-cpp-signature>
  cmd = ./cpptest 3
  expect = /ok/
</test>

<test check-buffer>
  cmd = ./cpptest 4
  expect = /ok/
</test>