2024-06-03 16:57:19 +02:00
use openpgp ::Result ;
use sequoia_openpgp as openpgp ;
2024-08-15 13:38:43 +02:00
use super ::common ::FileOrKeyHandle ;
use super ::common ::Sq ;
2024-06-03 16:57:19 +02:00
#[ test ]
fn sq_key_password ( ) -> Result < ( ) > {
2024-07-05 22:02:35 +02:00
let mut sq = Sq ::new ( ) ;
2024-06-03 16:57:19 +02:00
2024-07-05 22:02:35 +02:00
let ( cert , cert_path , _rev_path ) = sq . key_generate ( & [ ] , & [ " alice " ] ) ;
let orig_password = sq . scratch_file ( " orig-password.txt " ) ;
std ::fs ::write ( & orig_password , " t00 ez " ) . unwrap ( ) ;
2024-06-03 17:12:47 +02:00
2024-07-05 22:02:35 +02:00
let new_password = sq . scratch_file ( " new-password.txt " ) ;
std ::fs ::write ( & new_password , " crazy passw0rd " ) . unwrap ( ) ;
2024-06-03 17:12:47 +02:00
2024-07-05 22:02:35 +02:00
let msg_txt = sq . scratch_file ( " msg.txt " ) ;
std ::fs ::write ( & msg_txt , " hello world " ) . unwrap ( ) ;
2024-06-03 17:12:47 +02:00
2024-07-05 22:02:35 +02:00
for keystore in [ false , true ] {
eprintln! ( " Keystore: {} " , keystore ) ;
2024-06-03 17:12:47 +02:00
// Two days go by.
sq . tick ( 2 * 24 * 60 * 60 ) ;
if keystore {
sq . key_import ( & cert_path ) ;
}
2024-07-05 22:02:35 +02:00
let cert_handle = if keystore {
FileOrKeyHandle ::from ( cert . fingerprint ( ) )
2024-06-03 17:12:47 +02:00
} else {
2024-07-05 22:02:35 +02:00
cert_path . as_path ( ) . into ( )
} ;
// Sign a message. No password should be required.
sq . sign ( & cert_handle , None , msg_txt . as_path ( ) , None ) ;
2024-06-03 17:12:47 +02:00
// Change the key's password.
eprintln! ( " Change the key's password. " ) ;
2024-07-05 22:02:35 +02:00
let cert_updated = sq . scratch_file ( " cert-updated " ) ;
let cert = sq . key_password (
& cert_handle ,
None , Some ( & new_password ) ,
if keystore { None } else { Some ( cert_updated . as_path ( ) ) } ,
true )
. expect ( " can set password " ) ;
assert! ( cert . keys ( ) . all ( | ka | {
ka . has_secret ( )
& & ! ka . has_unencrypted_secret ( )
} ) ) ;
let cert_handle = if keystore {
FileOrKeyHandle ::from ( cert . fingerprint ( ) )
2024-06-03 17:12:47 +02:00
} else {
2024-07-05 22:02:35 +02:00
cert_updated . as_path ( ) . into ( )
} ;
2024-06-03 17:12:47 +02:00
// Sign a message.
2024-07-05 22:02:35 +02:00
sq . sign ( & cert_handle ,
Some ( new_password . as_path ( ) ) ,
msg_txt . as_path ( ) , None ) ;
2024-06-03 17:12:47 +02:00
// Clear the key's password.
eprintln! ( " Clear the key's password. " ) ;
2024-07-05 22:02:35 +02:00
let cert_updated2 = sq . scratch_file ( " cert-updated2 " ) ;
let cert = sq . key_password (
& cert_handle ,
Some ( & new_password ) , None ,
if keystore { None } else { Some ( cert_updated2 . as_path ( ) ) } ,
true )
. expect ( " can set password " ) ;
assert! ( cert . keys ( ) . all ( | ka | ka . has_unencrypted_secret ( ) ) ) ;
let cert_handle = if keystore {
FileOrKeyHandle ::from ( cert . fingerprint ( ) )
2024-06-03 17:12:47 +02:00
} else {
2024-07-05 22:02:35 +02:00
cert_updated2 . as_path ( ) . into ( )
} ;
2024-06-03 17:12:47 +02:00
// Sign a message.
2024-07-05 22:02:35 +02:00
sq . sign ( & cert_handle , None , msg_txt . as_path ( ) , None ) ;
2024-06-03 17:12:47 +02:00
}
2024-06-03 16:57:19 +02:00
Ok ( ( ) )
}