tests: Add test importing a revocation certificate.

* tests/openpgp/Makefile.am (XTESTS): Add new test. * tests/openpgp/import-revocation-certificate.scm: New file. * tests/openpgp/samplemsgs/revoke-2D727CC768697734.asc: Likewise. Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-06 15:15:52 +01:00 · 2016-12-06 15:15:52 +01:00 · e352ead43f
parent 5b5d881f47
commit e352ead43f
3 changed files with 48 additions and 1 deletions
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@ -77,6 +77,7 @@ XTESTS = \
 	gpgv-forged-keyring.scm \
 	armor.scm \
 	import.scm \
+	import-revocation-certificate.scm \
 	ecc.scm \
 	4gb-packet.scm \
 	tofu.scm \
@ -216,7 +217,8 @@ sample_keys = samplekeys/README \

 sample_msgs = samplemsgs/issue2419.asc \
 	      samplemsgs/clearsig-1-key-1.asc \
-	      samplemsgs/signed-1-key-1.asc
+	      samplemsgs/signed-1-key-1.asc \
+	      samplemsgs/revoke-2D727CC768697734.asc

 EXTRA_DIST = defs.scm $(XTESTS) $(TEST_FILES) \
 	     mkdemodirs signdemokey $(priv_keys) $(sample_keys)   \
--- a/tests/openpgp/import-revocation-certificate.scm
+++ b/tests/openpgp/import-revocation-certificate.scm
@ -0,0 +1,37 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "defs.scm"))
+(setup-legacy-environment)
+
+;; XXX because of --always-trust, the trustdb is not created.
+;; Therefore, we redefine GPG without --always-trust.
+(define gpg `(,(tool 'gpg) --no-permission-warning))
+
+(info "Checking key revocation.")
+(call-check `(,@gpg --import ,(in-srcdir "samplemsgs"
+					 "revoke-2D727CC768697734.asc")))
+(let loop ((output (gpg-with-colons '(--list-secret-keys "2D727CC768697734"))))
+  (unless (null? output)
+	  (let ((line (car output))
+		(rest (cdr output)))
+	    (when (member (car line) '("sec" "uid" "ssb"))
+		  (unless (equal? (cadr line) "r")
+			  (fail (car line) "not revoked.")))
+	    (loop rest))))
--- a/tests/openpgp/samplemsgs/revoke-2D727CC768697734.asc
+++ b/tests/openpgp/samplemsgs/revoke-2D727CC768697734.asc
@ -0,0 +1,8 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: This is a revocation certificate
+
+iGAEIBECACAWIQSg/0WQu2Ei7e9uPFQtcnzHaGl3NAUCWEaoMAIdAAAKCRAtcnzH
+aGl3NISuAJ9rsxoazHvPs89Ki33o/SgKMjOg/wCggbFG8V5wXU1njwuiviPUKap3
+uqA=
+=79yW
+-----END PGP PUBLIC KEY BLOCK-----