cedd9687d1
- Extend `sq toolbox keyring merge` to merge bare revocation certificates. - Fixes #50.
76 lines
2.4 KiB
Rust
76 lines
2.4 KiB
Rust
use std::fs::File;
|
|
|
|
use sequoia_openpgp as openpgp;
|
|
use openpgp::Packet;
|
|
use openpgp::Result;
|
|
use openpgp::cert::prelude::*;
|
|
use openpgp::serialize::Serialize;
|
|
use openpgp::types::RevocationStatus;
|
|
|
|
use super::common::Sq;
|
|
use super::common::STANDARD_POLICY;
|
|
|
|
#[test]
|
|
fn toolbox_keyring_merge_revocation() -> Result<()> {
|
|
let sq = Sq::new();
|
|
|
|
// Generate a key. (We don't use sq on purpose: we want to make
|
|
// sure we have a bare revocation certificate.)
|
|
let (alice_cert, alice_rev) = CertBuilder::general_purpose(
|
|
None, Some("alice@example.org"))
|
|
.set_creation_time(sq.now())
|
|
.generate()?;
|
|
|
|
// Write out the certificate.
|
|
let alice_cert_file = sq.scratch_file("alice_cert");
|
|
alice_cert.as_tsk().serialize(&mut File::create(&alice_cert_file)?)?;
|
|
|
|
// Write out the revocation certificate.
|
|
let alice_rev_file = sq.scratch_file("alice_rev");
|
|
Packet::from(alice_rev).serialize(&mut File::create(&alice_rev_file)?)?;
|
|
|
|
let (_bob, bob_cert_file, _bob_rev_file)
|
|
= sq.key_generate(&[], &["bob"]);
|
|
|
|
// "Merge" a single cert.
|
|
let certs = sq.toolbox_keyring_merge(
|
|
&[ &alice_cert_file ][..],
|
|
None, None);
|
|
assert_eq!(certs.len(), 1);
|
|
assert!(! matches!(
|
|
certs[0].revocation_status(STANDARD_POLICY, sq.now()),
|
|
RevocationStatus::Revoked(_)));
|
|
|
|
// "Merge" two certs.
|
|
let certs = sq.toolbox_keyring_merge(
|
|
&[ &alice_cert_file, &bob_cert_file ][..],
|
|
None, None);
|
|
assert_eq!(certs.len(), 2);
|
|
assert!(! matches!(
|
|
certs[0].revocation_status(STANDARD_POLICY, sq.now()),
|
|
RevocationStatus::Revoked(_)));
|
|
|
|
// "Merge" a single cert and its revocation certificate.
|
|
let certs = sq.toolbox_keyring_merge(
|
|
&[ &alice_rev_file, &alice_cert_file ][..],
|
|
None, None);
|
|
assert_eq!(certs.len(), 1);
|
|
assert!(matches!(
|
|
certs[0].revocation_status(STANDARD_POLICY, sq.now()),
|
|
RevocationStatus::Revoked(_)));
|
|
|
|
// Merging a revocation certificate without the certificate should
|
|
// result in an error.
|
|
assert!(sq.toolbox_keyring_merge_maybe(
|
|
&[ &alice_rev_file ][..],
|
|
None, None).is_err());
|
|
|
|
// Merging a revocation certificate without the certificate should
|
|
// result in an error.
|
|
assert!(sq.toolbox_keyring_merge_maybe(
|
|
&[ &alice_rev_file, &bob_cert_file ][..],
|
|
None, None).is_err());
|
|
|
|
Ok(())
|
|
}
|