mirror of
https://codeberg.org/scip/pcp.git
synced 2025-12-17 03:50:57 +01:00
517 lines
12 KiB
HTML
517 lines
12 KiB
HTML
# -*-html-*-
|
|
#
|
|
# This file is part of Pretty Curved Privacy (pcp1).
|
|
#
|
|
# Copyright (C) 2013 T.Linden.
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
#
|
|
# You can contact me by mail: <tlinden AT cpan DOT org>.
|
|
#
|
|
|
|
pcp = ../src/pcp1
|
|
vault = v1
|
|
passwd = xxx
|
|
md5msg = 66b8c4ca9e5d2a7e3c0559c3cdea3d50
|
|
|
|
include keys.cfg
|
|
|
|
<test check-dependencies>
|
|
<test check-dependencies-pcp>
|
|
cmd = ls $pcp
|
|
expect = /pcp/
|
|
</test>
|
|
</test>
|
|
|
|
|
|
<test check-show-help>
|
|
cmd = $pcp -h
|
|
expect = /export/
|
|
</test>
|
|
|
|
<test check-if-fail-without-vault>
|
|
prepare = rm -f $vault
|
|
cmd = $pcp -V $vault -l
|
|
expect = /doesn't contain any keys so far/
|
|
</test>
|
|
|
|
<test check-generate-secret-key>
|
|
cmd = $pcp -V $vault -k -x $passwd
|
|
input = <<EOF
|
|
Dexter Morgan
|
|
dxmorg@florida.cops.gov
|
|
EOF
|
|
expect = /Generated new secret key/
|
|
</test>
|
|
|
|
|
|
<test check-if-vault-contains-secret>
|
|
cmd = $pcp -V $vault -l
|
|
expect = /Dexter Morgan/
|
|
</test>
|
|
|
|
<test check-secret-key-info>
|
|
cmd = $pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -t -i
|
|
expect = /Serial Number/
|
|
</test>
|
|
|
|
<test check-export-public-key>
|
|
cmd = $pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -p -x $passwd -z -i
|
|
expect = /PUBLIC KEY/
|
|
</test>
|
|
|
|
<test check-export-public-key-tofile>
|
|
cmd = $pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -p -x $passwd -O testkey-self -i
|
|
expect-file = testkey-self
|
|
</test>
|
|
|
|
<test check-export-public-key-filecontent>
|
|
cmd = /usr/bin/true # file is already there
|
|
expect-file-contains = testkey-self Dexter
|
|
</test>
|
|
|
|
<test check-import-public-key>
|
|
cmd = $pcp -V $vault -P -I bart.pub
|
|
expect = /key $bartid added/
|
|
</test>
|
|
|
|
<test check-imported-public-key-info>
|
|
cmd = $pcp -V $vault -t -i $bartid
|
|
expect = /Serial Number: $bartserial/
|
|
</test>
|
|
|
|
<test check-if-delete-public-key-works>
|
|
cmd = $pcp -V $vault -R -i $bartid
|
|
expect = /Public key deleted/
|
|
</test>
|
|
|
|
<test check-if-vault-still-valid>
|
|
cmd = $pcp -V $vault -t
|
|
expect = /Vault version: 00000002/
|
|
</test>
|
|
|
|
<test check-if-deleted-public-key-is-away>
|
|
cmd = $pcp -V $vault -t
|
|
expect = /Public keys: 0/
|
|
</test>
|
|
|
|
|
|
#
|
|
# test file determination
|
|
/* doesnt work currently, disabled.
|
|
<test check-determine-pub>
|
|
cmd = $pcp -t -I unknown1
|
|
expect = /Niemand/
|
|
</test>
|
|
|
|
<test check-determine-sec>
|
|
cmd = $pcp -t -I unknown2
|
|
expect = /secret key/
|
|
</test>
|
|
*/
|
|
<test check-determine-empty-vault>
|
|
cmd = $pcp -t -I unknown3
|
|
expect = /empty/
|
|
</test>
|
|
/*
|
|
temporarily disabled
|
|
<test check-determine-encrypted-file>
|
|
cmd = $pcp -t -I unknown4
|
|
expect = /encrypted/
|
|
</test>
|
|
*/
|
|
#
|
|
# encryption tests
|
|
<test check-crypto-alicia-init>
|
|
# alicias part
|
|
prepare = echo ${md5msg} > testmessage
|
|
<test check-crypto-alicia-import-secret>
|
|
cmd = $pcp -V va -S -I key-alicia-sec -x a
|
|
expect = /${idalicia}/
|
|
</test>
|
|
|
|
<test check-crypto-alicia-import-bobbys-key>
|
|
cmd = $pcp -V va -P -I key-bobby-pub
|
|
expect = /${idbobby}/
|
|
</test>
|
|
|
|
<test check-crypto-alicia-encrypt>
|
|
cmd = $pcp -V va -e -i ${idbobby} -I testmessage -O testencrypted -x a
|
|
expect = /for ${idbobby} successfully/
|
|
</test>
|
|
</test>
|
|
|
|
<test check-crypto-bobby-init>
|
|
# bobbys part
|
|
<test check-crypto-bobby-import-secret>
|
|
cmd = $pcp -V vb -S -I key-bobby-sec -x b
|
|
expect = /${idbobby}/
|
|
</test>
|
|
|
|
<test check-crypto-alicia-import-alicias-key>
|
|
cmd = $pcp -V vb -P -I key-alicia-pub
|
|
expect = /${idalicia}/
|
|
</test>
|
|
|
|
<test check-crypto-bobby-decrypt>
|
|
cmd = $pcp -V vb -d -O testdecrypted -I testencrypted -x b
|
|
expect = /successfully/
|
|
</test>
|
|
|
|
<test check-crypto-alicia-encrypted-file>
|
|
cmd = cat testdecrypted
|
|
expect = /${md5msg}/
|
|
</test>
|
|
</test>
|
|
|
|
#
|
|
# symetric encryption test
|
|
# FIXME: we currently use -V ve, but this one has to work without a vault
|
|
<test check-sym-encrypt>
|
|
cmd = echo HELLOWORLD | $pcp -V ve -e -O testsymencrypted -x a
|
|
expect = /symetrically/
|
|
</test>
|
|
<test check-sym-decrypt>
|
|
cmd = $pcp -V ve -d -I testsymencrypted -x a
|
|
expect = /HELLO/
|
|
</test>
|
|
|
|
#
|
|
# check usage of unencrypted secret key
|
|
<test vcl>
|
|
prepare = rm -f vb2 vcl
|
|
<test check-vcl-crypto-unencrypted-secret>
|
|
cmd = (echo dau; echo foo; echo yes) | $pcp -V vcl -k -x "n/a"
|
|
expect = /added to/
|
|
</test>
|
|
|
|
<test check-vcl-crypto-unencrypted-secret-yaml>
|
|
cmd = $pcp -V vcl -y
|
|
expect = /encrypted: no/
|
|
</test>
|
|
|
|
<test check-vcl-prepare-import-bpub>
|
|
cmd = $pcp -V vcl -I key-bobby-pub -P
|
|
expect = /added/
|
|
</test>
|
|
|
|
<test check-vcl-export-unencrypted-pubkey>
|
|
cmd = $pcp -V vcl -p -O testkeyvcl
|
|
expect = /exported/
|
|
</test>
|
|
|
|
<test check-vcl-import-bsecret>
|
|
cmd = $pcp -V vb2 -S -I key-bobby-sec -x b
|
|
expect = /${idbobby}/
|
|
</test>
|
|
|
|
<test check-vcl-import-unencrypted-pubkey>
|
|
cmd = $pcp -V vb2 -P -I testkeyvcl
|
|
expect = /added/
|
|
</test>
|
|
|
|
<test check-vcl-crypto-unencrypted-secret-message>
|
|
cmd = echo HALLO | $pcp -V vcl -e -O testencrypted -i ${idbobby}
|
|
expect = /success/
|
|
</test>
|
|
|
|
<test check-vcl-crypto-unencrypted-secret-read>
|
|
cmd = $pcp -V vb2 -d -I testencrypted -x b
|
|
expect = /HALLO/
|
|
</test>
|
|
</test>
|
|
|
|
#
|
|
# signature tests
|
|
<test check-sign-detached-to-bobby>
|
|
cmd = $pcp -V va -g -I README -f testsig -x a
|
|
expect-file testsig
|
|
</test>
|
|
<test check-verify-detached-signature>
|
|
cmd = $pcp -V vb -c -f testsig -I README -i $idalicia
|
|
expect = /verified/
|
|
</test>
|
|
<test check-sign-armored-to-bobby>
|
|
prepare = rm -f testsig
|
|
cmd = $pcp -V va -g -I README -O testsig -x a -z
|
|
expect-file testsig
|
|
</test>
|
|
<test check-verify-armored-signature>
|
|
cmd = $pcp -V vb -c -I testsig -i $idalicia -z
|
|
expect = /verified/
|
|
</test>
|
|
<test check-sign-bin-to-bobby>
|
|
prepare = rm -f testsig
|
|
cmd = $pcp -V va -g -I README -O testsig -x a
|
|
expect-file testsig
|
|
</test>
|
|
<test check-verify-bin-signature>
|
|
cmd = $pcp -V vb -c -I testsig -i $idalicia
|
|
expect = /verified/
|
|
</test>
|
|
|
|
#
|
|
# sign+encrypt tests
|
|
<test check-sign-crypt-to-bobby>
|
|
cmd = $pcp -V va -g -e -I README -O testsig -r Bobby -x a
|
|
expect = /Encrypted/
|
|
</test>
|
|
<test check-verify-decrypt-from-alicia>
|
|
cmd = $pcp -V vb -c -d -I testsig -x b
|
|
expect = /Verified.*Unittests/s
|
|
</test>
|
|
|
|
#
|
|
# yaml export test
|
|
<test check-export-yaml>
|
|
cmd = $pcp -V va -y | perl -Ilib -MYAML -MData::Dumper -e "print Dumper(Load(join('',<>)))"
|
|
expect = /VAR1/
|
|
</test>
|
|
|
|
#
|
|
# raw C test with prepared keys, message and cipher
|
|
<test check-raw-decrypt>
|
|
cmd = ./statictest
|
|
expect = /ok/
|
|
</test>
|
|
|
|
|
|
#
|
|
# negative tests, check for error handling
|
|
<test check-if-catch-conflicting-params>
|
|
cmd = $pcp -V $vault -S -P
|
|
expect = /invalid combination of commandline parameters/
|
|
</test>
|
|
|
|
<test check-infile-error>
|
|
cmd = $pcp -V $vault -I nonexist -P
|
|
expect = /Could not open input file nonexist/
|
|
</test>
|
|
|
|
<test check-import-without-id-error>
|
|
cmd = $pcp -V $vault -R
|
|
expect = /You need to specify a key id/
|
|
</test>
|
|
|
|
<test check-catch-invalid-short-keyid>
|
|
cmd = $pcp -V $vault -R -i 0x1
|
|
expect = /is too short/
|
|
</test>
|
|
|
|
<test check-catch-invalid-long-keyid>
|
|
cmd = $pcp -V $vault -R -i 0x1111111111111111111111111
|
|
expect = /is too long/
|
|
</test>
|
|
|
|
<test check-catch-invalid-long-keyid-without-0x>
|
|
cmd = $pcp -V $vault -R -i 11111111111111111
|
|
expect = /is too long/
|
|
</test>
|
|
|
|
<test check-catch-delete-nonexist>
|
|
cmd = $pcp -V $vault -R -i 0x0101010101010101
|
|
expect = /No key with id 0x010101/
|
|
</test>
|
|
|
|
<test check-if-export-secret-catch-nonexistent-keyid>
|
|
cmd = $pcp -V $vault -s -i 0x0101010101010101
|
|
expect = /Could not find a secret key with id 0x010101/
|
|
</test>
|
|
|
|
<test check-if-export-secret-catch-no-primary>
|
|
prepare = $pcp -V v2 -l # so we've got just an empty vault
|
|
cmd = $pcp -V v2 -s
|
|
expect = /no primary secret key in the vault/
|
|
</test>
|
|
|
|
<test check-if-export-secret-catch-outfile-error>
|
|
cmd = $pcp -V $vault -l | grep primary |cut -d ' ' -f 1 \
|
|
| xargs $pcp -V $vault -s -O nonexistentdir/keyfile -i
|
|
expect = /Could not create output file nonexistentdir/
|
|
</test>
|
|
|
|
|
|
<test check-if-export-public-catch-nonexistent-keyid>
|
|
cmd = $pcp -V $vault -p -i 0x0101010101010101
|
|
expect = /Could not find a key with id 0x010101/
|
|
</test>
|
|
|
|
<test check-if-export-public-catch-no-primary>
|
|
prepare = $pcp -V v3 -l # so we've got just an empty vault
|
|
cmd = $pcp -V v3 -p
|
|
expect = /no primary secret key in the vault/
|
|
</test>
|
|
|
|
<test check-if-export-public-catch-outfile-error>
|
|
prepare = $pcp -V $vault -P -I bart.pub
|
|
cmd = $pcp -V $vault -l | grep public | cut -d ' ' -f 1 \
|
|
| tail -1 | xargs $pcp -V $vault -p -O nonexistentdir/keyfile
|
|
expect = /Could not create output file nonexistentdir/
|
|
</test>
|
|
|
|
<test check-if-catch-empty-input>
|
|
prepare = touch testfile-empty
|
|
cmd = $pcp -V $vault -P -I testfile-empty
|
|
expect = /file is empty/
|
|
</test>
|
|
|
|
<test check-if-catch-missing-newlines>
|
|
prepare = perl -e 'print "X" x 5000; print "\n"' > testfile-toolong
|
|
cmd = $pcp -V $vault -P -I testfile-toolong
|
|
expect = /failed/
|
|
</test>
|
|
|
|
/*
|
|
* Currently disabled, because ZeroMQ's zmq_z85_decode() doesn't really
|
|
* catch invalid z85, it only checks the input length and not the actual
|
|
* encoding. Re-enable, once that bug is fixed.
|
|
<test check-if-catch-invalid-z85>
|
|
prepare = ./jot 30 | while read ignore; do \
|
|
echo XXXXXXXXXXXXXXXXXX; done > testfile-noz85
|
|
cmd = $pcp -V $vault -P -I testfile-noz85
|
|
expect = /could not decode input/
|
|
</test>
|
|
*/
|
|
|
|
<test check-if-catch-nokey-behind-z85>
|
|
prepare = ./jot 30 | while read ignore; do echo XXXXX; done \
|
|
| $pcp -z > testfile-nokey
|
|
cmd = $pcp -V $vault -P -I testfile-nokey
|
|
expect = /failed/
|
|
</test>
|
|
|
|
<test check-if-sanity-catch-nosecret>
|
|
cmd = $pcp -V $vault -S -I bart.pub -x a
|
|
expect = /failed/
|
|
</test>
|
|
|
|
<test check-if-sanity-catch-keyexists>
|
|
cmd = $pcp -V $vault -P -I bart.pub
|
|
expect = /there already exists a key/
|
|
</test>
|
|
|
|
<test check-if-catch-nokeys>
|
|
prepare = $pcp -V v3 -l
|
|
cmd = $pcp -V v3 -l
|
|
expect = /contain any keys so far/
|
|
</test>
|
|
|
|
/*
|
|
disabled, need to re-design invalidkeys.c in order to catch up with new format
|
|
|
|
<test check-testkey-invalid-id>
|
|
prepare = ./invalidkeys
|
|
cmd = $pcp -V $vault -S -I testkey-invalid-id
|
|
expect /(invalid key id|could not decode input)/
|
|
</test>
|
|
|
|
<test check-testkey-not-encrypted>
|
|
cmd = $pcp -V $vault -S -I testkey-not-encrypted
|
|
expect = /secret key contained in key seems to be empty/
|
|
</test>
|
|
|
|
<test check-testkey-wrong-type>
|
|
cmd = $pcp -V $vault -S -I testkey-wrong-type
|
|
expect = /key type is not SECRET/
|
|
</test>
|
|
|
|
<test check-testkey-wrong-version>
|
|
cmd = $pcp -V $vault -S -I testkey-wrong-version
|
|
expect = /unknown key version/
|
|
</test>
|
|
|
|
|
|
|
|
<test check-testpubkey-invalid-id>
|
|
prepare = ./invalidkeys
|
|
cmd = $pcp -V $vault -P -I testpubkey-invalid-id
|
|
expect = /(invalid key id|could not decode input)/
|
|
</test>
|
|
|
|
<test check-testpubkey-wrong-type>
|
|
cmd = $pcp -V $vault -P -I testpubkey-wrong-type
|
|
expect = /key type is not PUBLIC/
|
|
</test>
|
|
|
|
<test check-testpubkey-wrong-version>
|
|
cmd = $pcp -V $vault -P -I testpubkey-wrong-version
|
|
expect = /unknown key version/
|
|
</test>
|
|
|
|
*/
|
|
|
|
<test check-vault-invalid-header>
|
|
prepare = ./invalidkeys
|
|
cmd = $pcp -V testvault-invalidheader -l
|
|
expect = /Unexpected vault file format/
|
|
</test>
|
|
|
|
<test check-vault-invalid-version>
|
|
cmd = $pcp -V testvault-invalidversion -l
|
|
expect = /Unexpected vault file format/
|
|
</test>
|
|
|
|
<test check-vault-invalid-itemtype>
|
|
cmd = $pcp -V testvault-invaliditemtype -l
|
|
expect = /invalid key type/
|
|
</test>
|
|
|
|
<test check-vault-invalid-keytype>
|
|
cmd = $pcp -V testvault-invalidkeytype -l
|
|
expect = /contain any keys so far./
|
|
</test>
|
|
|
|
<test check-encryptionkeys-dont-collide>
|
|
cmd = ./pwhashes
|
|
expect = /ok/
|
|
</test>
|
|
|
|
|
|
|
|
#
|
|
# input handling tests
|
|
<test check-large-meta>
|
|
cmd = (./jot 300 | while read m; do echo -n m; done; echo xxx) \
|
|
| $pcp -V $vault -k -x $passwd
|
|
expect = /Generated new secret key/
|
|
</test>
|
|
|
|
|
|
#
|
|
# test the c++ api
|
|
<test check-cpp-crypto>
|
|
cmd = ./cpptest 0
|
|
expect = /ok/
|
|
</test>
|
|
|
|
<test check-cpp-vault>
|
|
cmd = ./cpptest 1
|
|
expect = /ok/
|
|
</test>
|
|
|
|
<test check-cpp-import-pub>
|
|
cmd = ./cpptest 2
|
|
expect = /ok/
|
|
</test>
|
|
|
|
<test check-cpp-signature>
|
|
cmd = ./cpptest 3
|
|
expect = /ok/
|
|
</test>
|
|
|
|
<test check-buffer>
|
|
cmd = ./cpptest 4
|
|
expect = /ok/
|
|
</test>
|