From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id mIkjM/pqUmGaKwEAgWs5BA (envelope-from ) for ; Tue, 28 Sep 2021 03:08:10 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id wL+mLvpqUmH2PQAAbx9fmQ (envelope-from ) for ; Tue, 28 Sep 2021 01:08:10 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 7084A2896B for ; Tue, 28 Sep 2021 03:08:10 +0200 (CEST) Received: from localhost ([::1]:53734 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mV1bN-00061b-JN for larch@yhetil.org; Mon, 27 Sep 2021 21:08:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:50424) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mV1bG-00061A-R4 for guix-patches@gnu.org; Mon, 27 Sep 2021 21:08:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:59927) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mV1bG-0004MF-Jr for guix-patches@gnu.org; Mon, 27 Sep 2021 21:08:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mV1bG-0006UR-Dm; Mon, 27 Sep 2021 21:08:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#50814] [PATCH 2/4] tests: Move keys into ./tests/keys/ and add a third ed25519 key. Resent-From: Attila Lendvai Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 28 Sep 2021 01:08:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 50814 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 50814@debbugs.gnu.org Cc: Attila Lendvai Received: via spool by 50814-submit@debbugs.gnu.org id=B50814.163279127924917 (code B ref 50814); Tue, 28 Sep 2021 01:08:02 +0000 Received: (at 50814) by debbugs.gnu.org; 28 Sep 2021 01:07:59 +0000 Received: from localhost ([127.0.0.1]:43233 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1b2-0006TP-Lz for submit@debbugs.gnu.org; Mon, 27 Sep 2021 21:07:58 -0400 Received: from mail-ed1-f50.google.com ([209.85.208.50]:38673) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mV1b0-0006T2-CF for 50814@debbugs.gnu.org; Mon, 27 Sep 2021 21:07:47 -0400 Received: by mail-ed1-f50.google.com with SMTP id dj4so76755381edb.5 for <50814@debbugs.gnu.org>; Mon, 27 Sep 2021 18:07:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=aJEoCIEEpzageVMJefshkaispmlhREh+N3ffEi8R0Qk=; b=dNOhEz/CMOLDaZVvl5VPtyzykFGqA9p0NYqMI29NU2HTnUtgk+j8kSXmOzaqVawDOx /i6dIRyfLJ95HJtjvrFsdPWHIymdivwvLM4K/aj7MGfGV1sTBEWlwSGJO0pJYpjo6Xv/ lMfDcYPOmBdy2HblLeYUyUSzW8R12tA2Mugep5fbazX7LDpAvWvRhjM7b9Ub+HTzYAlL MIU6/TT6lmTER8AA8y4QyMDxBzCEH4asVjeYYzzc9hvljj5086RD5l1nQRDTziqOtKUW WQHSBIpzBpwXPkQ7j3cOXvqxxjg44vSxkVkuplIwIE9hNN/3wrfyFD4M3NQGn5nY3mHm 3ZPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=aJEoCIEEpzageVMJefshkaispmlhREh+N3ffEi8R0Qk=; b=sp7lCoMayN0hPijH2Hv/YE7w+Sk0gNfTltOUJvRtFpxwwcp/1wJaqFVmRCa7dTPIRi sLAEsGbEvLDMsIdLKvazHfsjCCGVhCFjd9EWEmicN4kybstlpq8dxm4jsdiqwmMTbCKJ I6TQSCPswyLvLI6qljEeUaW+hGC0ah7iP9xcfbY2lvGuxm33ITL/Bx+E4MMY6w33Yk32 l914kieNQ6lhielJFP5b15LWzod7tFaug+rvOPeZadJQcAnBy04xqXkCn9Y59KT9p2t1 trItr8+C7JE7JJ6KNX8LNAmw/xXHIOIkjR/0b1UC2JB0NIbfYrx/ml8AWbHd//0hhRNN H+qQ== X-Gm-Message-State: AOAM530NQHdjRDTYtkjntolCDwicubs0VM9H9O5zK8TkUnttpJSZ/WLm QtZWs166T0Jga0nKC1LnB3zkYzUhAmQ= X-Google-Smtp-Source: ABdhPJy9tX7Pjj2dPvJm63TR4NsLdVZpkfGdMsD44UUyWqpYpoF6jUizxlQDRfhPqhTLnKtRx58jTA== X-Received: by 2002:a05:6402:3128:: with SMTP id dd8mr4010947edb.383.1632791260694; Mon, 27 Sep 2021 18:07:40 -0700 (PDT) Received: from lelap.lan (catv-213-222-131-28.catv.broadband.hu. [213.222.131.28]) by smtp.gmail.com with ESMTPSA id c5sm11989558edx.81.2021.09.27.18.07.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Sep 2021 18:07:40 -0700 (PDT) From: Attila Lendvai Date: Tue, 28 Sep 2021 03:05:36 +0200 Message-Id: <20210928010537.4241-2-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210928010537.4241-1-attila@lendvai.name> References: <20210928010537.4241-1-attila@lendvai.name> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1632791290; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=aJEoCIEEpzageVMJefshkaispmlhREh+N3ffEi8R0Qk=; b=hRNJmobg0SmQjsXsmaOd82beRW/rn1jtcFPFKx/VIhmO447pCqftOmMI0kiofCLjS9x58T 4/57UzZMRklkgInXBYZ4WUADCPf7OPI6ADea9/vJyzLmXIPYXmS0rsjhyGwMLoN1eE1VZm OY6Z9CmOAa6Y6AYPG6wHUP36tlokEZXuE+XLJWrbyv280jY6LDeBNaGgjQmT+gyHmBzGDI Fv2kmRxA4ga9BUH/QJ3FFNQBgSlNtVw3iT6JieqPPdafzA5d4WrWFgN3/fc/WHaGgXvEd3 IajwMe5JJ6ROR9xa3WPZvyuptXKTb0iC02cClcxJHBn5Y+0ECLiRuPRdjDpElg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1632791290; a=rsa-sha256; cv=none; b=i6iV+shKGot6PYw5dG0r1iWmbIr6yL5t1qpRfk5zwghEZFkQb6q/m5HojA+Bj9vY9Y2l/L no8w6FHzETxSULUbcYGtHmNctrzQYahSe7b6aWbw6v0axDmMyp3EivSsD5SRYMStBFyhvr 8UC2sAyDw0QysFXe/bWDgAUpaanv1dhOEcvCmU/+pP+oW/NkqKaUKXpyIIC4yjNt7kCO1n yBnJaitTWpXhf3/dExVNXpzsS2XZupKAZKsi8Ah4yxRf03XrrxaFI44zs2zN37Sub/I/QN sBl2gGn8/e+8tYZjwBsXOy0EjzTfhrey4nf8vgTIDEmJ/Ck4HtRDT3zy1gKfyg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b="dNOhEz/C"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Spam-Score: 3.21 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b="dNOhEz/C"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 7084A2896B X-Spam-Score: 3.21 X-Migadu-Scanner: scn1.migadu.com X-TUID: jtbBmD97YofV The third key will be used in an upcoming commit. Rename public keys to .pub. * guix/tests/gnupg.scm (%ed25519-3-public-key-file): New variable. (%ed25519-3-secret-key-file): New variable. (%ed25519-2-public-key-file): Renamed from %ed25519bis-public-key-file. (%ed25519-2-secret-key-file): Renamed from %ed25519bis-secret-key-file. * tests/keys/ed25519-3.key: New file. * tests/keys/ed25519-3.sec: New file. --- Makefile.am | 20 +++++----- build-aux/test-env.in | 6 +-- guix/tests/gnupg.scm | 22 ++++++---- tests/channels.scm | 18 ++++----- tests/git-authenticate.scm | 23 +++++------ tests/guix-authenticate.sh | 4 +- tests/{civodul.key => keys/civodul.pub} | 0 tests/{dsa.key => keys/dsa.pub} | 0 tests/{ed25519bis.key => keys/ed25519-2.pub} | 0 tests/{ed25519bis.sec => keys/ed25519-2.sec} | 0 tests/keys/ed25519-3.pub | 9 +++++ tests/keys/ed25519-3.sec | 10 +++++ tests/{ed25519.key => keys/ed25519.pub} | 0 tests/{ => keys}/ed25519.sec | 0 tests/{rsa.key => keys/rsa.pub} | 0 tests/{ => keys}/signing-key.pub | 0 tests/{ => keys}/signing-key.sec | 0 tests/openpgp.scm | 42 +++++++++++--------- 18 files changed, 93 insertions(+), 61 deletions(-) rename tests/{civodul.key => keys/civodul.pub} (100%) rename tests/{dsa.key => keys/dsa.pub} (100%) rename tests/{ed25519bis.key => keys/ed25519-2.pub} (100%) rename tests/{ed25519bis.sec => keys/ed25519-2.sec} (100%) create mode 100644 tests/keys/ed25519-3.pub create mode 100644 tests/keys/ed25519-3.sec rename tests/{ed25519.key => keys/ed25519.pub} (100%) rename tests/{ => keys}/ed25519.sec (100%) rename tests/{rsa.key => keys/rsa.pub} (100%) rename tests/{ => keys}/signing-key.pub (100%) rename tests/{ => keys}/signing-key.sec (100%) diff --git a/Makefile.am b/Makefile.am index 042cf28464..c0a5b14f02 100644 --- a/Makefile.am +++ b/Makefile.am @@ -640,16 +640,18 @@ EXTRA_DIST += \ build-aux/update-guix-package.scm \ build-aux/update-NEWS.scm \ tests/test.drv \ - tests/signing-key.pub \ - tests/signing-key.sec \ tests/cve-sample.json \ - tests/civodul.key \ - tests/rsa.key \ - tests/dsa.key \ - tests/ed25519.key \ - tests/ed25519.sec \ - tests/ed25519bis.key \ - tests/ed25519bis.sec \ + tests/keys/signing-key.pub \ + tests/keys/signing-key.sec \ + tests/keys/civodul.pub \ + tests/keys/rsa.pub \ + tests/keys/dsa.pub \ + tests/keys/ed25519.pub \ + tests/keys/ed25519.sec \ + tests/keys/ed25519-2.pub \ + tests/keys/ed25519-2.sec \ + tests/keys/ed25519-3.pub \ + tests/keys/ed25519-3.sec \ build-aux/config.rpath \ bootstrap \ doc/build.scm \ diff --git a/build-aux/test-env.in b/build-aux/test-env.in index 7efc43206c..ca786437e9 100644 --- a/build-aux/test-env.in +++ b/build-aux/test-env.in @@ -73,9 +73,9 @@ then # Copy the keys so that the secret key has the right permissions (the # daemon errors out when this is not the case.) mkdir -p "$GUIX_CONFIGURATION_DIRECTORY" - cp "@abs_top_srcdir@/tests/signing-key.sec" \ - "@abs_top_srcdir@/tests/signing-key.pub" \ - "$GUIX_CONFIGURATION_DIRECTORY" + cp "@abs_top_srcdir@/tests/keys/signing-key.sec" \ + "@abs_top_srcdir@/tests/keys/signing-key.pub" \ + "$GUIX_CONFIGURATION_DIRECTORY" chmod 400 "$GUIX_CONFIGURATION_DIRECTORY/signing-key.sec" fi diff --git a/guix/tests/gnupg.scm b/guix/tests/gnupg.scm index c7630db912..09f02a2b67 100644 --- a/guix/tests/gnupg.scm +++ b/guix/tests/gnupg.scm @@ -28,8 +28,10 @@ %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file + %ed25519-2-public-key-file + %ed25519-2-secret-key-file + %ed25519-3-public-key-file + %ed25519-3-secret-key-file read-openpgp-packet key-fingerprint @@ -64,13 +66,17 @@ process is terminated afterwards." (call-with-fresh-gnupg-setup imported (lambda () exp ...))) (define %ed25519-public-key-file - (search-path %load-path "tests/ed25519.key")) + (search-path %load-path "tests/keys/ed25519.pub")) (define %ed25519-secret-key-file - (search-path %load-path "tests/ed25519.sec")) -(define %ed25519bis-public-key-file - (search-path %load-path "tests/ed25519bis.key")) -(define %ed25519bis-secret-key-file - (search-path %load-path "tests/ed25519bis.sec")) + (search-path %load-path "tests/keys/ed25519.sec")) +(define %ed25519-2-public-key-file + (search-path %load-path "tests/keys/ed25519-2.pub")) +(define %ed25519-2-secret-key-file + (search-path %load-path "tests/keys/ed25519-2.sec")) +(define %ed25519-3-public-key-file + (search-path %load-path "tests/keys/ed25519-3.pub")) +(define %ed25519-3-secret-key-file + (search-path %load-path "tests/keys/ed25519-3.sec")) (define (read-openpgp-packet file) (get-openpgp-packet diff --git a/tests/channels.scm b/tests/channels.scm index 3e82315b0c..d45c450241 100644 --- a/tests/channels.scm +++ b/tests/channels.scm @@ -480,8 +480,8 @@ #t (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add ".guix-channel" ,(object->string @@ -507,7 +507,7 @@ (commit-id-string commit1) (openpgp-public-key-fingerprint (read-openpgp-packet - %ed25519bis-public-key-file)))) ;different key + %ed25519-2-public-key-file)))) ;different key (channel (channel (name 'example) (url (string-append "file://" directory)) (introduction intro)))) @@ -519,7 +519,7 @@ (oid->string (commit-id commit1)) (key-fingerprint %ed25519-public-key-file) (key-fingerprint - %ed25519bis-public-key-file)))))) + %ed25519-2-public-key-file)))))) (authenticate-channel channel directory (commit-id-string commit2) #:keyring-reference-prefix "") @@ -530,8 +530,8 @@ #t (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add ".guix-channel" ,(object->string @@ -552,12 +552,12 @@ (signer ,(key-fingerprint %ed25519-public-key-file))) (add "c.txt" "C") (commit "third commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file))) + (signer ,(key-fingerprint %ed25519-2-public-key-file))) (branch "channel-keyring") (checkout "channel-keyring") (add "signer.key" ,(call-with-input-file %ed25519-public-key-file get-string-all)) - (add "other.key" ,(call-with-input-file %ed25519bis-public-key-file + (add "other.key" ,(call-with-input-file %ed25519-2-public-key-file get-string-all)) (commit "keyring commit") (checkout "master")) @@ -588,7 +588,7 @@ (unauthorized-commit-error-signing-key c)) (openpgp-public-key-fingerprint (read-openpgp-packet - %ed25519bis-public-key-file)))))) + %ed25519-2-public-key-file)))))) (authenticate-channel channel directory (commit-id-string commit3) #:keyring-reference-prefix "") diff --git a/tests/git-authenticate.scm b/tests/git-authenticate.scm index d87eacc659..f66ef191b0 100644 --- a/tests/git-authenticate.scm +++ b/tests/git-authenticate.scm @@ -161,14 +161,14 @@ (test-assert "signed commits, .guix-authorizations, unauthorized merge" (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add "signer1.key" ,(call-with-input-file %ed25519-public-key-file get-string-all)) (add "signer2.key" - ,(call-with-input-file %ed25519bis-public-key-file + ,(call-with-input-file %ed25519-2-public-key-file get-string-all)) (add ".guix-authorizations" ,(object->string @@ -184,7 +184,7 @@ (checkout "devel") (add "devel/1.txt" "1") (commit "first devel commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file))) + (signer ,(key-fingerprint %ed25519-2-public-key-file))) (checkout "master") (add "b.txt" "B") (commit "second commit" @@ -203,7 +203,7 @@ (openpgp-public-key-fingerprint (unauthorized-commit-error-signing-key c)) (openpgp-public-key-fingerprint - (read-openpgp-packet %ed25519bis-public-key-file))))) + (read-openpgp-packet %ed25519-2-public-key-file))))) (and (authenticate-commits repository (list master1 master2) #:keyring-reference "master") @@ -230,14 +230,14 @@ (test-assert "signed commits, .guix-authorizations, authorized merge" (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add "signer1.key" ,(call-with-input-file %ed25519-public-key-file get-string-all)) (add "signer2.key" - ,(call-with-input-file %ed25519bis-public-key-file + ,(call-with-input-file %ed25519-2-public-key-file get-string-all)) (add ".guix-authorizations" ,(object->string @@ -258,12 +258,12 @@ %ed25519-public-key-file) (name "Alice")) (,(key-fingerprint - %ed25519bis-public-key-file)))))) + %ed25519-2-public-key-file)))))) (commit "first devel commit" (signer ,(key-fingerprint %ed25519-public-key-file))) (add "devel/2.txt" "2") (commit "second devel commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file))) + (signer ,(key-fingerprint %ed25519-2-public-key-file))) (checkout "master") (add "b.txt" "B") (commit "second commit" @@ -273,7 +273,7 @@ ;; After the merge, the second signer is authorized. (add "c.txt" "C") (commit "third commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file)))) + (signer ,(key-fingerprint %ed25519-2-public-key-file)))) (with-repository directory repository (let ((master1 (find-commit repository "first commit")) (master2 (find-commit repository "second commit")) @@ -328,4 +328,3 @@ 'failed))))))) (test-end "git-authenticate") - diff --git a/tests/guix-authenticate.sh b/tests/guix-authenticate.sh index 3a05b232c1..0de6da1878 100644 --- a/tests/guix-authenticate.sh +++ b/tests/guix-authenticate.sh @@ -28,7 +28,7 @@ rm -f "$sig" "$hash" trap 'rm -f "$sig" "$hash"' EXIT -key="$abs_top_srcdir/tests/signing-key.sec" +key="$abs_top_srcdir/tests/keys/signing-key.sec" key_len="`echo -n $key | wc -c`" # A hexadecimal string as long as a sha256 hash. @@ -67,7 +67,7 @@ test "$code" -ne 0 # encoded independently of the current locale: . hash="636166e9636166e9636166e9636166e9636166e9636166e9636166e9636166e9" latin1_cafe="caf$(printf '\351')" -echo "sign 21:tests/signing-key.sec 64:$hash" | guix authenticate \ +echo "sign 26:tests/keys/signing-key.sec 64:$hash" | guix authenticate \ | LC_ALL=C grep "hash sha256 \"$latin1_cafe" # Test for : make sure 'guix authenticate' produces diff --git a/tests/civodul.key b/tests/keys/civodul.pub similarity index 100% rename from tests/civodul.key rename to tests/keys/civodul.pub diff --git a/tests/dsa.key b/tests/keys/dsa.pub similarity index 100% rename from tests/dsa.key rename to tests/keys/dsa.pub diff --git a/tests/ed25519bis.key b/tests/keys/ed25519-2.pub similarity index 100% rename from tests/ed25519bis.key rename to tests/keys/ed25519-2.pub diff --git a/tests/ed25519bis.sec b/tests/keys/ed25519-2.sec similarity index 100% rename from tests/ed25519bis.sec rename to tests/keys/ed25519-2.sec diff --git a/tests/keys/ed25519-3.pub b/tests/keys/ed25519-3.pub new file mode 100644 index 0000000000..72f311984c --- /dev/null +++ b/tests/keys/ed25519-3.pub @@ -0,0 +1,9 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEYVH/7xYJKwYBBAHaRw8BAQdALMLeUhjEG2/UPCJj2j/debFwwAK5gT3G0l5d +ILfFldm0FTxleGFtcGxlQGV4YW1wbGUuY29tPoiWBBMWCAA+FiEEjO6M85jMSK68 +7tINGBzA7NyoagkFAmFR/+8CGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwECHgEC +F4AACgkQGBzA7Nyoagl3lgEAw6yqIlX11lTqwxBGhZk/Oy34O13cbJSZCGv+m0ja ++hcA/3DCNOmT+oXjgO/w6enQZUQ1m/d6dUjCc2wOLlLz+ZoG +=+r3i +-----END PGP PUBLIC KEY BLOCK----- diff --git a/tests/keys/ed25519-3.sec b/tests/keys/ed25519-3.sec new file mode 100644 index 0000000000..04128a4131 --- /dev/null +++ b/tests/keys/ed25519-3.sec @@ -0,0 +1,10 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lFgEYVH/7xYJKwYBBAHaRw8BAQdALMLeUhjEG2/UPCJj2j/debFwwAK5gT3G0l5d +ILfFldkAAP92goSbbzQ0ttElr9lr5Cm6rmQtqUZ2Cu/Jk9fvfZROwxI0tBU8ZXhh +bXBsZUBleGFtcGxlLmNvbT6IlgQTFggAPhYhBIzujPOYzEiuvO7SDRgcwOzcqGoJ +BQJhUf/vAhsDBQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEBgcwOzc +qGoJd5YBAMOsqiJV9dZU6sMQRoWZPzst+Dtd3GyUmQhr/ptI2voXAP9wwjTpk/qF +44Dv8Onp0GVENZv3enVIwnNsDi5S8/maBg== +=EmOt +-----END PGP PRIVATE KEY BLOCK----- diff --git a/tests/ed25519.key b/tests/keys/ed25519.pub similarity index 100% rename from tests/ed25519.key rename to tests/keys/ed25519.pub diff --git a/tests/ed25519.sec b/tests/keys/ed25519.sec similarity index 100% rename from tests/ed25519.sec rename to tests/keys/ed25519.sec diff --git a/tests/rsa.key b/tests/keys/rsa.pub similarity index 100% rename from tests/rsa.key rename to tests/keys/rsa.pub diff --git a/tests/signing-key.pub b/tests/keys/signing-key.pub similarity index 100% rename from tests/signing-key.pub rename to tests/keys/signing-key.pub diff --git a/tests/signing-key.sec b/tests/keys/signing-key.sec similarity index 100% rename from tests/signing-key.sec rename to tests/keys/signing-key.sec diff --git a/tests/openpgp.scm b/tests/openpgp.scm index c2be26fa49..1f20466772 100644 --- a/tests/openpgp.scm +++ b/tests/openpgp.scm @@ -59,18 +59,22 @@ vBSFjNSiVHsuAA== (define %civodul-fingerprint "3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5") -(define %civodul-key-id #x090B11993D9AEBB5) ;civodul.key - -;; Test keys. They were generated in a container along these lines: -;; guix environment -CP --ad-hoc gnupg pinentry -;; then, within the container: -;; mkdir ~/.gnupg -;; echo pinentry-program ~/.guix-profile/bin/pinentry-tty > ~/.gnupg/gpg-agent.conf -;; gpg --quick-gen-key '' rsa -;; or similar. -(define %rsa-key-id #xAE25DA2A70DEED59) ;rsa.key -(define %dsa-key-id #x587918047BE8BD2C) ;dsa.key -(define %ed25519-key-id #x771F49CBFAAE072D) ;ed25519.key +(define %civodul-key-id #x090B11993D9AEBB5) ;civodul.pub + +#| +Test keys in ./tests/keys. They were generated in a container along these lines: + guix environment -CP --ad-hoc gnupg pinentry coreutils +then, within the container: + mkdir ~/.gnupg && chmod -R og-rwx ~/.gnupg + gpg --batch --passphrase '' --quick-gen-key '' ed25519 + gpg --armor --export example@example.com + gpg --armor --export-secret-key example@example.com + # echo pinentry-program ~/.guix-profile/bin/pinentry-curses > ~/.gnupg/gpg-agent.conf +or similar. +|# +(define %rsa-key-id #xAE25DA2A70DEED59) ;rsa.pub +(define %dsa-key-id #x587918047BE8BD2C) ;dsa.pub +(define %ed25519-key-id #x771F49CBFAAE072D) ;ed25519.pub (define %rsa-key-fingerprint (base16-string->bytevector @@ -168,7 +172,7 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0= (not (port-ascii-armored? (open-bytevector-input-port %binary-sample)))) (test-assert "get-openpgp-keyring" - (let* ((key (search-path %load-path "tests/civodul.key")) + (let* ((key (search-path %load-path "tests/keys/civodul.pub")) (keyring (get-openpgp-keyring (open-bytevector-input-port (call-with-input-file key read-radix-64))))) @@ -228,8 +232,10 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0= (verify-openpgp-signature signature keyring (open-input-string "Hello!\n")))) (list status (openpgp-public-key-id key))))) - (list "tests/rsa.key" "tests/dsa.key" - "tests/ed25519.key" "tests/ed25519.key" "tests/ed25519.key") + (list "tests/keys/rsa.pub" "tests/keys/dsa.pub" + "tests/keys/ed25519.pub" + "tests/keys/ed25519.pub" + "tests/keys/ed25519.pub") (list %hello-signature/rsa %hello-signature/dsa %hello-signature/ed25519/sha256 %hello-signature/ed25519/sha512 @@ -248,9 +254,9 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0= (call-with-input-file key read-radix-64)) keyring))) %empty-keyring - '("tests/rsa.key" "tests/dsa.key" - "tests/ed25519.key" "tests/ed25519.key" - "tests/ed25519.key")))) + '("tests/keys/rsa.pub" "tests/keys/dsa.pub" + "tests/keys/ed25519.pub" "tests/keys/ed25519.pub" + "tests/keys/ed25519.pub")))) (map (lambda (signature) (let ((signature (string->openpgp-packet signature))) (let-values (((status key) -- 2.33.0