From a54e89a58576108fcae10ceeb4fc65822aecc170 Mon Sep 17 00:00:00 2001
From: Justus Winter <justus@g10code.com>
Date: Tue, 19 Apr 2016 13:40:46 +0200
Subject: [PATCH] tests: Add export test.

* tests/openpgp/Makefile.am (TESTS): Add new file.
* tests/openpgp/export.test: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
---
 tests/openpgp/Makefile.am |  1 +
 tests/openpgp/export.test | 68 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 69 insertions(+)
 create mode 100755 tests/openpgp/export.test

diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am
index bab0b7d37..6dc4d5b36 100644
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@@ -57,6 +57,7 @@ TESTS = version.test mds.test \
 	import.test ecc.test 4gb-packet.test \
 	$(sqlite3_dependent_tests) \
 	gpgtar.test use-exact-key.test default-key.test \
+	export.test \
 	finish.test
 
 
diff --git a/tests/openpgp/export.test b/tests/openpgp/export.test
new file mode 100755
index 000000000..08b827219
--- /dev/null
+++ b/tests/openpgp/export.test
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+. $srcdir/defs.inc || exit 3
+
+check_exported_public_key()
+{
+    $GPG --list-packets $1 >$1.packets
+    grep '^:public key packet:' $1.packets >/dev/null
+    grep "^	keyid: .*$KEY$" $1.packets >/dev/null
+    grep '^:user ID packet:' $1.packets >/dev/null
+    grep "^:signature packet:.*keyid.*$KEY" $1.packets >/dev/null
+    rm $1.packets
+}
+
+check_armored_public_key()
+{
+    grep '^-----BEGIN PGP PUBLIC KEY BLOCK-----$' $1 >/dev/null
+    grep '^-----END PGP PUBLIC KEY BLOCK-----$' $1 >/dev/null
+    check_exported_public_key $1
+}
+
+check_exported_private_key()
+{
+    $GPG --list-packets $1 >$1.packets
+    grep '^:secret key packet:' $1.packets >/dev/null
+    grep "^	keyid: .*$KEY$" $1.packets >/dev/null
+    grep '^:user ID packet:' $1.packets >/dev/null
+    grep "^:signature packet:.*keyid.*$KEY" $1.packets >/dev/null
+    rm $1.packets
+}
+
+check_armored_private_key()
+{
+    grep '^-----BEGIN PGP PRIVATE KEY BLOCK-----$' $1 >/dev/null
+    grep '^-----END PGP PRIVATE KEY BLOCK-----$' $1 >/dev/null
+    check_exported_private_key $1
+}
+
+# XXX: Currently, gpg does not allow one to export private keys
+# without a passphrase (issue2070, issue2324), and our fake pinentry
+# only allows us to specify one passphrase.  We therefore use the
+# passphrase of our first key to unlock it (the other keys are not
+# protected), and also use the same passphrase for the exported keys.
+export PINENTRY_USER_DATA="$usrpass1"
+
+info "Checking key export."
+for KEY in D74C5F22 C40FDECF ECABF51D
+do
+    progress $KEY
+
+    $GPG --export $KEY >$KEY.public
+    check_exported_public_key $KEY.public
+    rm $KEY.public
+
+    $GPG --armor --export $KEY >$KEY.public
+    check_armored_public_key $KEY.public
+    rm $KEY.public
+
+    $GPG --export-secret-keys $KEY >$KEY.private
+    check_exported_private_key $KEY.private
+    rm $KEY.private
+
+    $GPG --armor --export-secret-keys $KEY >$KEY.private
+    check_armored_private_key $KEY.private
+    rm $KEY.private
+done
+
+progress_end