diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2018-09-19 12:23:46 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2018-09-20 13:37:23 +0200 |
commit | 71c442e5312804f882b96527fd8ba02afbbfb4ac (patch) | |
tree | f4faba1b5a0b32740158f40f940e83cf1304908c /tool/tests | |
parent | a7185042ee6a3181235bdb657c5857f95c009331 (diff) |
tool: Implement appending signatures to detached signatures.
- See #67.
Diffstat (limited to 'tool/tests')
-rw-r--r-- | tool/tests/sq-sign.rs | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/tool/tests/sq-sign.rs b/tool/tests/sq-sign.rs index e8788e8e..d832a419 100644 --- a/tool/tests/sq-sign.rs +++ b/tool/tests/sq-sign.rs @@ -104,3 +104,137 @@ fn sq_sign_detached() { &p("messages/a-cypherpunks-manifesto.txt")]) .unwrap(); } + +#[test] +fn sq_sign_detached_append() { + let tmp_dir = TempDir::new().unwrap(); + let sig = tmp_dir.path().join("sig0"); + + // Sign detached. + Assert::cargo_binary("sq") + .with_args( + &["sign", + "--detached", + "--secret-key-file", + &p("keys/dennis-simon-anton-private.pgp"), + "--output", + &sig.to_string_lossy(), + &p("messages/a-cypherpunks-manifesto.txt")]) + .unwrap(); + + // Check that the content is sane. + let packets: Vec<Packet> = + PacketPile::from_reader(Reader::from_file(&sig).unwrap()) + .unwrap().into_children().collect(); + assert_eq!(packets.len(), 1); + if let Packet::Signature(ref sig) = packets[0] { + assert_eq!(sig.sigtype(), SignatureType::Binary); + } else { + panic!("expected signature"); + } + + let content = fs::read(&sig).unwrap(); + assert!(&content[..].starts_with(b"-----BEGIN PGP SIGNATURE-----\n\n")); + + // Verify detached. + Assert::cargo_binary("sqv") + .with_args( + &["--keyring", + &p("keys/dennis-simon-anton.pgp"), + &sig.to_string_lossy(), + &p("messages/a-cypherpunks-manifesto.txt")]) + .unwrap(); + + // Check that we don't blindly overwrite signatures. + Assert::cargo_binary("sq") + .with_args( + &["sign", + "--detached", + "--secret-key-file", + &p("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp"), + "--output", + &sig.to_string_lossy(), + &p("messages/a-cypherpunks-manifesto.txt")]) + .fails() + .unwrap(); + + // Now add a second signature with --append. + Assert::cargo_binary("sq") + .with_args( + &["sign", + "--detached", + "--append", + "--secret-key-file", + &p("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp"), + "--output", + &sig.to_string_lossy(), + &p("messages/a-cypherpunks-manifesto.txt")]) + .unwrap(); + + // Check that the content is sane. + let packets: Vec<Packet> = + PacketPile::from_reader(Reader::from_file(&sig).unwrap()) + .unwrap().into_children().collect(); + assert_eq!(packets.len(), 2); + if let Packet::Signature(ref sig) = packets[0] { + assert_eq!(sig.sigtype(), SignatureType::Binary); + } else { + panic!("expected signature"); + } + if let Packet::Signature(ref sig) = packets[1] { + assert_eq!(sig.sigtype(), SignatureType::Binary); + } else { + panic!("expected signature"); + } + + let content = fs::read(&sig).unwrap(); + assert!(&content[..].starts_with(b"-----BEGIN PGP SIGNATURE-----\n\n")); + + // Verify both detached signatures. + Assert::cargo_binary("sqv") + .with_args( + &["--keyring", + &p("keys/dennis-simon-anton.pgp"), + &sig.to_string_lossy(), + &p("messages/a-cypherpunks-manifesto.txt")]) + .unwrap(); + Assert::cargo_binary("sqv") + .with_args( + &["--keyring", + &p("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp"), + &sig.to_string_lossy(), + &p("messages/a-cypherpunks-manifesto.txt")]) + .unwrap(); + + // Finally, check that we don't truncate the file if something + // goes wrong. + Assert::cargo_binary("sq") + .with_args( + &["sign", + "--detached", + "--append", + "--secret-key-file", + // Not a private key => signing will fail. + &p("keys/erika-corinna-daniela-simone-antonia-nistp521.pgp"), + "--output", + &sig.to_string_lossy(), + &p("messages/a-cypherpunks-manifesto.txt")]) + .fails() + .unwrap(); + + // Check that the content is still sane. + let packets: Vec<Packet> = + PacketPile::from_reader(Reader::from_file(&sig).unwrap()) + .unwrap().into_children().collect(); + assert_eq!(packets.len(), 2); + if let Packet::Signature(ref sig) = packets[0] { + assert_eq!(sig.sigtype(), SignatureType::Binary); + } else { + panic!("expected signature"); + } + if let Packet::Signature(ref sig) = packets[1] { + assert_eq!(sig.sigtype(), SignatureType::Binary); + } else { + panic!("expected signature"); + } +} |