`994f5e1`

auth/gpgkey: regression test against real gpg fixtures

Authored by mfwolffe <wolffemf@dukes.jmu.edu> yesterday

SHA: 994f5e194dcb9bbae4404f2e87f6caa99c058371
Parents: 04e0987
Tree: 26efe5f

2 changed files

Status	File	+	-
M	`internal/auth/gpgkey/parse_test.go`	42	0
M	`internal/auth/gpgkey/testdata/README.md`	20	12

internal/auth/gpgkey/parse_test.gomodified

  import (
  	"bytes"
  	"errors"
 +	"os"
  	"strings"
  	"testing"
  	"time"
+ 	}
+ }
 +// ─── regression baseline: real gpg-produced fixtures ──────────────
 +//
 +// Exercises codec compatibility with output from `gpg (GnuPG)` 2.5+.
 +// See testdata/README.md for the generation recipe.
++
 +func TestParse_RealGPGFixtures(t *testing.T) {
 +	cases := []struct {
 +		name string
 +		path string
 +		algo string
 +	}{
 +		{"ed25519", "testdata/ed25519.asc", "ed25519"},
 +		{"rsa4096", "testdata/rsa4096.asc", "rsa4096"},
 +	}
 +	for _, tc := range cases {
 +		tc := tc
 +		t.Run(tc.name, func(t *testing.T) {
 +			blob, err := os.ReadFile(tc.path)
 +			if err != nil {
 +				t.Fatalf("ReadFile %s: %v", tc.path, err)
 +			}
 +			got, err := Parse("", string(blob))
 +			if err != nil {
 +				t.Fatalf("Parse %s: %v", tc.path, err)
 +			}
 +			if got.PrimaryAlgo != tc.algo {
 +				t.Errorf("PrimaryAlgo: got %q, want %q", got.PrimaryAlgo, tc.algo)
 +			}
 +			if !got.CanSign && !got.CanCertify {
 +				t.Errorf("expected sign or certify on real gpg primary; got both false")
 +			}
 +			if len(got.UIDs) == 0 {
 +				t.Error("expected at least one UID")
 +			}
 +			if len(got.Fingerprint) != 40 || !isHex(got.Fingerprint) {
 +				t.Errorf("Fingerprint malformed: %q", got.Fingerprint)
 +			}
 +		})
 +	}
 +}
++
  // ─── helpers ────────────────────────────────────────────────────────
  func isHex(s string) bool {

internal/auth/gpgkey/testdata/README.mdmodified

  # gpgkey testdata
 -This directory exists for future committed fixtures (real-world
 -`gpg`-produced ASCII-armored blocks that might be useful as
 -regression-test inputs). It is **empty by default**.
 +Two committed fixtures — real `gpg`-produced ASCII-armored blocks
 +serving as a regression baseline. The bulk of `parse_test.go` still
 +synthesizes fixtures in-memory via `github.com/ProtonMail/go-crypto/openpgp`
 +(no `gpg` dependency in CI, deterministic, no time-bomb expiry races),
 +but these two files exercise the **codec compatibility** with real-world
 +output from `gpg (GnuPG)`:
 -The current `parse_test.go` synthesizes its fixtures in-memory via
 -`github.com/ProtonMail/go-crypto/openpgp` so:
 +- `ed25519.asc` — `gpg --quick-gen-key 'shithub-test-ed25519 <ed25519@shithub.test>' default default 0` then `--armor --export`. ed25519 primary + curve25519 encryption subkey, no expiry.
 +- `rsa4096.asc` — `gpg --quick-gen-key 'shithub-test-rsa <rsa@shithub.test>' rsa4096 default 0` then `--armor --export`. RSA-4096 primary + RSA-4096 encryption subkey.
 -- Tests run without `gpg` installed (CI portability).
 -- Fixtures are deterministic (no time-bomb expiry races).
 -- The `private` and `signature` armor-block fixtures don't have to
 -  be committed as files (they're constructed on demand from synthesized
 -  entities).
 +Both are throwaway keys; no real-user material is ever committed here.
  If a future bug surfaces from a specific real-world key shape, drop the
  producing key here as `<shape>.asc` and reference it from
 -`parse_test.go` via `os.ReadFile`. Keep keys throwaway; never commit
 -material from a real user.
 +`parse_test.go` via `os.ReadFile`. Generation recipe (uses an isolated
 +GNUPGHOME so it doesn't pollute the host keyring):
++
 +```bash
 +TMPHOME=$(mktemp -d) && chmod 700 "$TMPHOME"
 +export GNUPGHOME=$TMPHOME
 +gpg --batch --pinentry-mode loopback --passphrase '' \
 +    --quick-gen-key '<your-test-id> <email@shithub.test>' <algo> <usage> 0
 +gpg --armor --export <email@shithub.test> > <shape>.asc
 +rm -rf "$TMPHOME"
 +```