### -*-autotest-*-
###
### Test script for key-management
###
### (c) 2008 Straylight/Edgeware
###
###----- Licensing notice ---------------------------------------------------
###
### This file is part of Trivial IP Encryption (TrIPE).
###
### TrIPE is free software: you can redistribute it and/or modify it under
### the terms of the GNU General Public License as published by the Free
### Software Foundation; either version 3 of the License, or (at your
### option) any later version.
###
### TrIPE is distributed in the hope that it will be useful, but WITHOUT
### ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
### FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
### for more details.
###
### You should have received a copy of the GNU General Public License
### along with TrIPE. If not, see .
AT_SETUP([key management])
AT_KEYWORDS([keys python])
###--------------------------------------------------------------------------
### Make sure that this has a chance of working.
AT_CHECK([
case "$HAVE_PYTHON_TRUE$HAVE_PYCATACOMB_TRUE" in
"") ;;
*) exit 77 ;;
esac
])
AT_TESTED([curl key catsign rsync])
###--------------------------------------------------------------------------
### Create the initial environment.
work=$(pwd)
mkdir alice bob stage dist
cd "$work"/alice
cat <tripe-keys.master
## Distribution parameters.
base-url = file://$work/dist/
base-dir = $work/stage/
upload-hook = rsync -aI --delete $work/stage/ $work/dist/
## Cryptographic parameters.
kx = ec
kx-expire = now + 1 year
sig-fresh = 1 month ago
sig-expire now + 1 year
master-keygen-flags =
## Master key integrity.
master-sequence = @MASTER-SEQUENCE@
hk-master = @HK-MASTER@
EOF
###--------------------------------------------------------------------------
### Simple key establishment.
## Alice sets up her repository and generates a key.
AT_CHECK([BUILDDIR/tripe-keys setup && test -d repos],, [ignore])
AT_CHECK([BUILDDIR/tripe-keys generate alice],, [ignore])
AT_CHECK([test -r peer-alice.pub])
cp peer-alice.pub repos/
AT_CHECK([BUILDDIR/tripe-keys rebuild],, [ignore])
AT_CHECK([BUILDDIR/tripe-keys upload],, [ignore])
## Bob fetches a copy and generates his own key.
cd "$work"/bob
AT_CHECK([test -r "$work"/dist/tripe-keys.conf])
cp "$work"/dist/tripe-keys.conf .
AT_CHECK([BUILDDIR/tripe-keys update],, [ignore])
AT_CHECK([BUILDDIR/tripe-keys generate bob],, [ignore])
AT_CHECK([test -r peer-bob.pub])
## Alice collects Bob's key and installs it.
cd "$work/alice"
cp "$work"/bob/peer-bob.pub repos/
AT_CHECK([BUILDDIR/tripe-keys rebuild],, [ignore])
AT_CHECK([BUILDDIR/tripe-keys upload],, [ignore])
## Bob fetches the new update and checks that his key's there.
cd "$work"/bob
AT_CHECK([BUILDDIR/tripe-keys update],, [ignore])
AT_CHECK([cmp peer-bob.pub repos/peer-bob.pub])
###--------------------------------------------------------------------------
### Alice rolls over her master key.
## Alice generates a new master key and publishes it.
cd "$work"/alice
AT_CHECK([BUILDDIR/tripe-keys newmaster],, [ignore])
AT_CHECK([BUILDDIR/tripe-keys upload],, [ignore])
cd "$work"/dist
AT_CHECK([test -r tripe-keys.sig-0 && test -r tripe-keys.sig-1])
## Bob fetches a new copy. He gets warned that something unusual has
## happened.
cd "$work"/bob
AT_CHECK([BUILDDIR/tripe-keys update],, [ignore],
[tripe-keys: configuration file changed: recommend running another update
])
## Alice can now destroy her old master key.
cd "$work"/alice
AT_CHECK([key -kmaster delete master-0])
AT_CHECK([BUILDDIR/tripe-keys upload],, [ignore])
## This is OK because Bob has rolled over to the new key.
cd "$work"/bob
AT_CHECK([BUILDDIR/tripe-keys update],, [ignore])
###--------------------------------------------------------------------------
### Check good behaviour on signature verification failures.
## Corrupt the distribution tarball.
cd "$work"/dist
mkdir tmp
cd tmp
tar xfz ../tripe-keys.tar.gz
touch repos/bogus-file
tar cfz ../tripe-keys.tar.gz *
## Bob tries fetching again. The update will notice the problem; none of his
## files will change.
cd "$work"/bob
md5sum repos/* keyring keyring.pub tripe-keys.conf >old-state.md5
AT_CHECK([BUILDDIR/tripe-keys update], [1], [ignore], [ignore])
AT_CHECK([md5sum -c old-state.md5],, [ignore])
###----- That's all, folks --------------------------------------------------
AT_CLEANUP