sequoia-sq/tests/sq-packet-decrypt.rs
Neal H. Walfield 27093c1709
Add support for using a key store.
- Support using keys managed by `sequoia-keystore`.

  - When decrypting a message, have `sq` automatically ask the
    key store to decrypt the PKESKs.

  - Extend `sq sign` and `sq encrypt` with the `--signer-key`
    parameter to use a key managed by the keystore.

  - Add two top-level options: `--no-key-store`, which disables the
    use of the key store, and `--key-store`, which uses an alternate
    key store instance.

  - Add `sq key list` to list keys on the key store.
2024-02-18 15:24:02 +01:00

92 lines
3.0 KiB
Rust

#[cfg(test)]
mod sq_packet_decrypt {
use assert_cmd::Command;
use predicates::prelude::*;
use openpgp::Result;
use sequoia_openpgp as openpgp;
fn artifact(filename: &str) -> String {
format!("tests/data/{}", filename)
}
// Integration tests should be done with subplot.
// However, at this time, subplot does not support static binary files in tests.
// Generating the test files would mean encrypting some static text symmetrically
// and then extracting the session key, which means parsing of human readabe cli output.
// So, for now, the tests go here.
#[test]
fn session_key() -> Result<()> {
Command::cargo_bin("sq")
.unwrap()
.arg("--no-cert-store")
.arg("--no-key-store")
.arg("toolbox")
.arg("packet")
.arg("decrypt")
.args(["--session-key", "1FE820EC21FB5D7E33D83367106D1D3747DCD48E6320C1AEC57EE7D18FC437D4"])
.arg(artifact("messages/rsa.msg.pgp"))
.assert()
.success()
.stderr(predicate::str::contains("Encrypted with Session Key"));
Ok(())
}
#[test]
fn session_key_with_prefix() -> Result<()> {
Command::cargo_bin("sq")
.unwrap()
.arg("--no-cert-store")
.arg("--no-key-store")
.arg("toolbox")
.arg("packet")
.arg("decrypt")
.args(["--session-key", "9:1FE820EC21FB5D7E33D83367106D1D3747DCD48E6320C1AEC57EE7D18FC437D4"])
.arg(artifact("messages/rsa.msg.pgp"))
.assert()
.success()
.stderr(predicate::str::contains("Decryption failed").not());
Ok(())
}
#[test]
fn session_key_multiple() -> Result<()> {
Command::cargo_bin("sq")
.unwrap()
.arg("--no-cert-store")
.arg("--no-key-store")
.arg("toolbox")
.arg("packet")
.arg("decrypt")
.args(["--session-key", "2FE820EC21FB5D7E33D83367106D1D3747DCD48E6320C1AEC57EE7D18FC437D4"])
.args(["--session-key", "9:1FE820EC21FB5D7E33D83367106D1D3747DCD48E6320C1AEC57EE7D18FC437D4"])
.args(["--session-key", "3FE820EC21FB5D7E33D83367106D1D3747DCD48E6320C1AEC57EE7D18FC437D4"])
.arg(artifact("messages/rsa.msg.pgp"))
.assert()
.success()
.stderr(predicate::str::contains("Decryption failed").not());
Ok(())
}
#[test]
fn session_key_wrong_key() -> Result<()> {
Command::cargo_bin("sq")
.unwrap()
.arg("--no-cert-store")
.arg("--no-key-store")
.arg("toolbox")
.arg("packet")
.arg("decrypt")
.args(["--session-key", "BB9CCB8EDE22DC222C83BD1C63AEB97335DDC7B696DB171BD16EAA5784CC0478"])
.arg(artifact("messages/rsa.msg.pgp"))
.assert()
.failure()
.stderr(predicate::str::contains("No key to decrypt message"));
Ok(())
}
}