# -*-html-*- # # This file is part of Pretty Curved Privacy (pcp1). # # Copyright (C) 2013 T.Linden. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # # You can contact me by mail: . # pcp = ../src/pcp1 vault = v1 passwd = xxx md5msg = 66b8c4ca9e5d2a7e3c0559c3cdea3d50 include keys.cfg cmd = perl -MYAML -e 'print 1' expect = 1 cmd = which mdmfs expect = /mdmfs/ cmd = ls $pcp expect = /pcp/ cmd = $pcp -h expect = /export/ prepare = rm -f $vault cmd = $pcp -V $vault -l expect = /doesn't contain any keys so far/ cmd = $pcp -V $vault -k -x $passwd input = < cmd = $pcp -V $vault -l expect = /Dexter Morgan/ cmd = $pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -t -i expect = /BEGIN PCP SECRET KEY/ cmd = $pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -p -i expect = /BEGIN PCP PUBLIC KEY/ cmd = $pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -p -O testkey-self -i expect-file = testkey-self cmd = /usr/bin/true # file is already there expect-file-contains = testkey-self Dexter cmd = $pcp -V $vault -P -I bart.pub expect = /key $bartid added/ cmd = $pcp -V $vault -t -i $bartid expect = /Serial Number: $bartserial/ cmd = $pcp -V $vault -R -i $bartid expect = /Public key deleted/ cmd = $pcp -V $vault -t expect = /Vault version: 00000002/ cmd = $pcp -V $vault -t expect = /Public keys: 0/ # # encryption tests # alicias part prepare = echo ${md5msg} > testmessage cmd = $pcp -V va -S -I key-alicia-sec -x a expect = /${idalicia}/ cmd = $pcp -V va -P -I key-bobby-pub expect = /${idbobby}/ cmd = $pcp -V va -e -i ${idbobby} -I testmessage -O testencrypted -x a expect = /for ${idbobby} successfully/ cmd = cat testencrypted expect = /END PCP ENCRYPTED FILE/ # bobbys part cmd = $pcp -V vb -S -I key-bobby-sec -x b expect = /${idbobby}/ cmd = $pcp -V vb -P -I key-alicia-pub expect = /${idalicia}/ cmd = $pcp -V vb -d -O testdecrypted -I testencrypted -x b expect = /from ${idalicia} successfully/ cmd = cat testdecrypted expect = /${md5msg}/ # # same, now with derived keys, keypairs: # alicia bobby # secret: derived for bobby secret:primary # bobby's public: primary alicia's public: derived for him # # derived by name cmd = $pcp -V va -p -r Bobby -x a -O testpub-forbobby-name expect-file = testpub-forbobby-name cmd = $pcp -V vb -P -I testpub-forbobby-name expect = /added/ id = grep Key-ID testpub-forbobby-name | sed 's/^ //g' | cut -d' ' -f2 cmd = $pcp -V vb -e -i %{id} -I testmessage -O testencrypted-name -x b expect = /success/ cmd = $pcp -V va -d -I testencrypted-name -x a expect = /success/ # repeat, but now use derived keys in both directions cmd = $pcp -V vb -p -r Alicia -x b -O testpub-foralicia-name expect-file = testpub-foralicia-name cmd = $pcp -V va -P -I testpub-foralicia-name expect = /added/ id = grep Key-ID testpub-forbobby-name | sed 's/^ //g' | cut -d' ' -f2 cmd = $pcp -V vb -e -i %{id} -I testmessage -O testencrypted-name -x b -r Alicia expect = /success/ cmd = $pcp -V va -d -I testencrypted-name -x a expect = /success/ # # signature test cmd = $pcp -V va -g -I README -O testsig -x a expect-file testsig cmd = $pcp -V vb -c testsig -I README expect = /verified/ # # yaml export test cmd = $pcp -V va -y | perl -MYAML -MData::Dumper -e "print Dumper(Load(join('',<>)))" expect = /VAR1/ # # negative tests, check for error handling cmd = $pcp -V $vault -S -P expect = /invalid combination of commandline parameters/ cmd = $pcp -V $vault -I nonexist -P expect = /Could not open input file nonexist/ cmd = $pcp -V $vault -R expect = /You need to specify a key id/ cmd = $pcp -V $vault -R -i 0x1 expect = /is too short/ cmd = $pcp -V $vault -R -i 0x1111111111111111111111111 expect = /is too long/ cmd = $pcp -V $vault -R -i 11111111111111111 expect = /is too long/ cmd = $pcp -V $vault -R -i 0x0101010101010101 expect = /No key with id 0x010101/ cmd = $pcp -V $vault -s -i 0x0101010101010101 expect = /Could not find a secret key with id 0x010101/ prepare = $pcp -V v2 -l # so we've got just an empty vault cmd = $pcp -V v2 -s expect = /no primary secret key in the vault/ cmd = $pcp -V $vault -l | grep primary |cut -d ' ' -f 1 \ | xargs $pcp -V $vault -s -O nonexistentdir/keyfile -i expect = /Could not create output file nonexistentdir/ cmd = $pcp -V $vault -p -i 0x0101010101010101 expect = /Could not find a public key with id 0x010101/ prepare = $pcp -V v3 -l # so we've got just an empty vault cmd = $pcp -V v3 -p expect = /no primary secret key in the vault/ prepare = $pcp -V $vault -P -I bart.pub cmd = $pcp -V $vault -l | grep public | cut -d ' ' -f 1 \ | tail -1 | xargs $pcp -V $vault -p -O nonexistentdir/keyfile expect = /Could not create output file nonexistentdir/ prepare = echo -n > testfile-empty cmd = $pcp -V $vault -P -I testfile-empty expect = /file is empty/ prepare = ./jot 5000 | while read ignore; do echo -n X; done > testfile-toolong cmd = $pcp -V $vault -P -I testfile-toolong expect = /line is too long/ /* * Currently disabled, because ZeroMQ's zmq_z85_decode() doesn't really * catch invalid z85, it only checks the input length and not the actual * encoding. Re-enable, once that bug is fixed. prepare = ./jot 30 | while read ignore; do \ echo XXXXXXXXXXXXXXXXXX; done > testfile-noz85 cmd = $pcp -V $vault -P -I testfile-noz85 expect = /could not decode input/ */ prepare = ./jot 30 | while read ignore; do echo XXXXX; done \ | $pcp -z > testfile-nokey cmd = $pcp -V $vault -P -I testfile-nokey expect = /result to a proper sized key/ cmd = $pcp -V $vault -S -I bart.pub expect = /result to a proper sized key/ cmd = $pcp -V $vault -P -I bart.pub expect = /there already exists a key/ prepare = $pcp -V v3 -l cmd = $pcp -V v3 -l expect = /contain any keys so far/ prepare = ./invalidkeys cmd = $pcp -V $vault -S -I testkey-invalid-id expect /(invalid key id|could not decode input)/ cmd = $pcp -V $vault -S -I testkey-not-encrypted expect = /secret key contained in key seems to be empty/ cmd = $pcp -V $vault -S -I testkey-wrong-serial # sometimes the created key is invalid in another way expect = /(invalid serial number|could not decode input)/ cmd = $pcp -V $vault -S -I testkey-wrong-type expect = /key type is not SECRET/ cmd = $pcp -V $vault -S -I testkey-wrong-version expect = /unknown key version/ prepare = ./invalidkeys cmd = $pcp -V $vault -P -I testpubkey-invalid-id expect = /nvalid key id/ cmd = $pcp -V $vault -P -I testpubkey-wrong-serial expect = /invalid serial number/ cmd = $pcp -V $vault -P -I testpubkey-wrong-type expect = /key type is not PUBLIC/ cmd = $pcp -V $vault -P -I testpubkey-wrong-version expect = /unknown key version/ cmd = $pcp -V testvault-invalidheader -l expect = /Unexpected vault file format/ cmd = $pcp -V testvault-invalidversion -l expect = /Unexpected vault file format/ cmd = $pcp -V testvault-invaliditemtype -l expect = /invalid key type/ cmd = $pcp -V testvault-invalidkeytype -l expect = /contain any keys so far./ cmd = ./pwhashes expect = /ok/ # this one only works on freebsd for my user. sorrry prepare = sudo mdmfs -s 1M -w 1001:1001 md env && dd if=/dev/zero of=env/b bs=1024 count=700 cmd = ./jot 100 | while read N; do if ! (echo a; echo b) | $pcp -V env/v1 -k -x x; then break; fi; done expect = /Failed to copy/ # # input handling tests cmd = (./jot 300 | while read m; do echo -n m; done; echo xxx) \ | $pcp -V $vault -k -x $passwd expect = /Generated new secret key/