diff options
Diffstat (limited to 'sq/tests/sq-sign.rs')
-rw-r--r-- | sq/tests/sq-sign.rs | 557 |
1 files changed, 270 insertions, 287 deletions
diff --git a/sq/tests/sq-sign.rs b/sq/tests/sq-sign.rs index 97d0a40b..b9208c8a 100644 --- a/sq/tests/sq-sign.rs +++ b/sq/tests/sq-sign.rs @@ -1,9 +1,8 @@ use std::fs::{self, File}; use std::io; -use assert_cmd::Command; -use assert_cli::Assert; use tempfile::TempDir; +use assert_cmd::Command; use sequoia_openpgp as openpgp; use openpgp::Fingerprint; @@ -33,15 +32,14 @@ fn sq_sign() { let sig = tmp_dir.path().join("sig0"); // Sign message. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--signer-key", - &artifact("keys/dennis-simon-anton-private.pgp"), - "--output", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .args(["--signer-key", &artifact("keys/dennis-simon-anton-private.pgp")]) + .args(["--output", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -68,13 +66,13 @@ fn sq_sign() { assert!(&content[..].starts_with(b"-----BEGIN PGP MESSAGE-----\n\n")); // Verify signed message. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/dennis-simon-anton.pgp"), - &sig.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/dennis-simon-anton.pgp")]) + .arg(&*sig.to_string_lossy()) + .assert() + .success(); } #[test] @@ -83,18 +81,17 @@ fn sq_sign_with_notations() { let sig = tmp_dir.path().join("sig0"); // Sign message. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--signer-key", - &artifact("keys/dennis-simon-anton-private.pgp"), - "--output", - &sig.to_string_lossy(), - "--notation", "foo", "bar", - "--notation", "!foo", "xyzzy", - "--notation", "hello@example.org", "1234567890", - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .args(["--signer-key", &artifact("keys/dennis-simon-anton-private.pgp")]) + .args(["--output", &sig.to_string_lossy()]) + .args(["--notation", "foo", "bar"]) + .args(["--notation", "!foo", "xyzzy"]) + .args(["--notation", "hello@example.org", "1234567890"]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -146,14 +143,14 @@ fn sq_sign_with_notations() { assert!(&content[..].starts_with(b"-----BEGIN PGP MESSAGE-----\n\n")); // Verify signed message. - Assert::cargo_binary("sq") - .with_args( - &["--known-notation", "foo", - "verify", - "--signer-cert", - &artifact("keys/dennis-simon-anton.pgp"), - &sig.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .args(["--known-notation", "foo"]) + .arg("verify") + .args(["--signer-cert", &artifact("keys/dennis-simon-anton.pgp")]) + .arg(&*sig.to_string_lossy()) + .assert() + .success(); } #[test] @@ -162,15 +159,14 @@ fn sq_sign_append() { let sig0 = tmp_dir.path().join("sig0"); // Sign message. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--signer-key", - &artifact("keys/dennis-simon-anton-private.pgp"), - "--output", - &sig0.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .args(["--signer-key", &artifact("keys/dennis-simon-anton-private.pgp")]) + .args(["--output", &sig0.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -197,26 +193,26 @@ fn sq_sign_append() { assert!(&content[..].starts_with(b"-----BEGIN PGP MESSAGE-----\n\n")); // Verify signed message. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/dennis-simon-anton.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/dennis-simon-anton.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); // Now add a second signature with --append. let sig1 = tmp_dir.path().join("sig1"); - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--append", - "--signer-key", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp"), - "--output", - &sig1.to_string_lossy(), - &sig0.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--append") + .args(["--signer-key", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) + .arg("--output") + .arg(&*sig1.to_string_lossy()) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -256,20 +252,20 @@ fn sq_sign_append() { assert!(&content[..].starts_with(b"-----BEGIN PGP MESSAGE-----\n\n")); // Verify both signatures of the signed message. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/dennis-simon-anton.pgp"), - &sig1.to_string_lossy()]) - .unwrap(); - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp"), - &sig1.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/dennis-simon-anton.pgp")]) + .arg(&*sig1.to_string_lossy()) + .assert() + .success(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp")]) + .arg(&*sig1.to_string_lossy()) + .assert() + .success(); } #[test] @@ -324,27 +320,26 @@ fn sq_sign_append_on_compress_then_sign() { } // Verify signed message. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/dennis-simon-anton.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/dennis-simon-anton.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); // Now add a second signature with --append. let sig1 = tmp_dir.path().join("sig1"); - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--append", - "--signer-key", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp"), - "--output", - &sig1.to_string_lossy(), - &sig0.to_string_lossy()]) - .fails() // XXX: Currently, this is not implemented. - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--append") + .args(["--signer-key", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) + .arg("--output") + .arg(&*sig1.to_string_lossy()) + .arg(&*sig0.to_string_lossy()) + .assert() + .failure(); // XXX: Currently, this is not implemented. // XXX: Currently, this is not implemented in sq. return; @@ -387,20 +382,21 @@ fn sq_sign_append_on_compress_then_sign() { assert!(&content[..].starts_with(b"-----BEGIN PGP MESSAGE-----\n\n")); // Verify both signatures of the signed message. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/dennis-simon-anton.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/dennis-simon-anton.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); + + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); } #[test] @@ -409,16 +405,15 @@ fn sq_sign_detached() { let sig = tmp_dir.path().join("sig0"); // Sign detached. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--detached", - "--signer-key", - &artifact("keys/dennis-simon-anton-private.pgp"), - "--output", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--detached") + .args(["--signer-key", &artifact("keys/dennis-simon-anton-private.pgp")]) + .args(["--output", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -434,15 +429,14 @@ fn sq_sign_detached() { assert!(&content[..].starts_with(b"-----BEGIN PGP SIGNATURE-----\n\n")); // Verify detached. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/dennis-simon-anton.pgp"), - "--detached", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/dennis-simon-anton.pgp")]) + .args(["--detached", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); } #[test] @@ -451,16 +445,15 @@ fn sq_sign_detached_append() { let sig = tmp_dir.path().join("sig0"); // Sign detached. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--detached", - "--signer-key", - &artifact("keys/dennis-simon-anton-private.pgp"), - "--output", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--detached") + .args(["--signer-key", &artifact("keys/dennis-simon-anton-private.pgp")]) + .args(["--output", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -476,41 +469,37 @@ fn sq_sign_detached_append() { assert!(&content[..].starts_with(b"-----BEGIN PGP SIGNATURE-----\n\n")); // Verify detached. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/dennis-simon-anton.pgp"), - "--detached", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/dennis-simon-anton.pgp")]) + .args(["--detached", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); // Check that we don't blindly overwrite signatures. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--detached", - "--signer-key", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp"), - "--output", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .fails() - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--detached") + .args(["--signer-key", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) + .args(["--output", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .failure(); // Now add a second signature with --append. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--detached", - "--append", - "--signer-key", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp"), - "--output", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--detached") + .arg("--append") + .args(["--signer-key", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) + .args(["--output", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -531,40 +520,37 @@ fn sq_sign_detached_append() { assert!(&content[..].starts_with(b"-----BEGIN PGP SIGNATURE-----\n\n")); // Verify both detached signatures. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/dennis-simon-anton.pgp"), - "--detached", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp"), - "--detached", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/dennis-simon-anton.pgp")]) + .args(["--detached", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); + + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp")]) + .args(["--detached", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .success(); // Finally, check that we don't truncate the file if something // goes wrong. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--detached", - "--append", - "--signer-key", - // Not a private key => signing will fail. - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp521.pgp"), - "--output", - &sig.to_string_lossy(), - &artifact("messages/a-cypherpunks-manifesto.txt")]) - .fails() - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--detached") + .arg("--append") + .arg("--signer-key") // Not a private key => signing will fail. + .arg(&artifact("keys/erika-corinna-daniela-simone-antonia-nistp521.pgp")) + .args(["--output", &sig.to_string_lossy()]) + .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) + .assert() + .failure(); // Check that the content is still sane. let packets: Vec<Packet> = @@ -590,16 +576,15 @@ fn sq_sign_append_a_notarization() { let sig0 = tmp_dir.path().join("sig0"); // Now add a third signature with --append to a notarized message. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--append", - "--signer-key", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp"), - "--output", - &sig0.to_string_lossy(), - &artifact("messages/signed-1-notarized-by-ed25519.pgp")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--append") + .args(["--signer-key", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) + .args(["--output", &sig0.to_string_lossy()]) + .arg(&artifact("messages/signed-1-notarized-by-ed25519.pgp")) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -651,27 +636,27 @@ fn sq_sign_append_a_notarization() { assert!(&content[..].starts_with(b"-----BEGIN PGP MESSAGE-----\n\n")); // Verify both notarizations and the signature. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/neal.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/emmelie-dorothea-dina-samantha-awina-ed25519.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/neal.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/emmelie-dorothea-dina-samantha-awina-ed25519.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); } #[test] @@ -680,16 +665,15 @@ fn sq_sign_notarize() { let sig0 = tmp_dir.path().join("sig0"); // Now add a third signature with --append to a notarized message. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--notarize", - "--signer-key", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp"), - "--output", - &sig0.to_string_lossy(), - &artifact("messages/signed-1.gpg")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--notarize") + .args(["--signer-key", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) + .args(["--output", &sig0.to_string_lossy()]) + .arg(&artifact("messages/signed-1.gpg")) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -729,20 +713,20 @@ fn sq_sign_notarize() { assert!(&content[..].starts_with(b"-----BEGIN PGP MESSAGE-----\n\n")); // Verify both notarizations and the signature. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/neal.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/neal.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); } #[test] @@ -751,16 +735,15 @@ fn sq_sign_notarize_a_notarization() { let sig0 = tmp_dir.path().join("sig0"); // Now add a third signature with --append to a notarized message. - Assert::cargo_binary("sq") - .with_args( - &["sign", - "--notarize", - "--signer-key", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp"), - "--output", - &sig0.to_string_lossy(), - &artifact("messages/signed-1-notarized-by-ed25519.pgp")]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("sign") + .arg("--notarize") + .args(["--signer-key", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) + .args(["--output", &sig0.to_string_lossy()]) + .arg(&artifact("messages/signed-1-notarized-by-ed25519.pgp")) + .assert() + .success(); // Check that the content is sane. let packets: Vec<Packet> = @@ -812,27 +795,27 @@ fn sq_sign_notarize_a_notarization() { assert!(&content[..].starts_with(b"-----BEGIN PGP MESSAGE-----\n\n")); // Verify both notarizations and the signature. - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/neal.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/emmelie-dorothea-dina-samantha-awina-ed25519.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); - Assert::cargo_binary("sq") - .with_args( - &["verify", - "--signer-cert", - &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp"), - &sig0.to_string_lossy()]) - .unwrap(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/neal.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/emmelie-dorothea-dina-samantha-awina-ed25519.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); + Command::cargo_bin("sq") + .unwrap() + .arg("verify") + .args(["--signer-cert", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256.pgp")]) + .arg(&*sig0.to_string_lossy()) + .assert() + .success(); } #[test] |