From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Sat, 16 Nov 2019 17:39:50 +0000 (+0000)
Subject: test-example: Test new long-term key arrangements
X-Git-Tag: v0.6.0~74
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=commitdiff_plain;h=c9538f0540842730c5ba823edeba7dbe995a4d9e;hp=8c9b0fba1ab3c124a7e51cc4782ad64b8861cada;p=secnet.git

test-example: Test new long-term key arrangements

Finally we can test this!

Specifically, we switch the defaults to the privkeys directories,
which affects the existing t-basic-kex test.  We introduce two new
tests for testing the old arrangements.

The consequences for the t-basic-kex test are:
 * Use the sites file generated with --install-pubkeys, thus
   testing the new make-secnet-sites.
 * Use peer-keys, so testing secnet's new pubkey loading
   mechanisms.
 * Use priv-cache, so testing secnet's new privkey loading
   mechanisms.
 * Test the new public key choice negotation mechanism.

The old tests tests the compatibility of the key choice negotiation
mechanism, as well as the capability to generate
old-style (compatible) sites.conf files.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/stest/common.tcl b/stest/common.tcl
index 65c39b4..fb98c2e 100644
--- a/stest/common.tcl
+++ b/stest/common.tcl
@@ -25,8 +25,8 @@ set extra(inside) {
 }
 set extra(outside) {}
 
-set privkey(inside) test-example/inside.key
-set privkey(outside) test-example/outside.key
+set privkey(inside) test-example/inside.privkeys/
+set privkey(outside) test-example/outside.privkeys/
 
 proc mkconf {location site} {
     global tmp
diff --git a/stest/t-nonnego-on b/stest/t-nonnego-on
new file mode 100755
index 0000000..813d2f8
--- /dev/null
+++ b/stest/t-nonnego-on
@@ -0,0 +1,12 @@
+#! /usr/bin/tclsh
+
+source stest/common.tcl
+
+# `non-negotiating' ends:
+set privkey(inside) test-example/inside.key
+# So old, new; ie -on
+
+# There is no -no because the sites file tells a new inside to expect
+# a different key.
+
+test-kex
diff --git a/stest/t-nonnego-oo b/stest/t-nonnego-oo
new file mode 100755
index 0000000..b471844
--- /dev/null
+++ b/stest/t-nonnego-oo
@@ -0,0 +1,13 @@
+#! /usr/bin/tclsh
+
+source stest/common.tcl
+
+# `non-negotiating' ends:
+set privkey(inside) test-example/inside.key
+set privkey(outside) test-example/outside.key
+# So old, old; ie -oo
+
+# There is no -no because the sites file tells a new inside to expect
+# a different key.
+
+test-kex