From 5702581b9a92ea2fc02190d66ad9a274011eebe4 Mon Sep 17 00:00:00 2001
From: Michał Górny <mgorny@gentoo.org>
Date: Sun, 22 Jan 2023 10:08:05 +0100
Subject: test_openpgp: Add more tests for the multi-signature case
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michał Górny <mgorny@gentoo.org>
---
 tests/keydata.py      | 1 +
 tests/test_openpgp.py | 8 ++++++++
 2 files changed, 9 insertions(+)

diff --git a/tests/keydata.py b/tests/keydata.py
index 6384c97..c889c4d 100644
--- a/tests/keydata.py
+++ b/tests/keydata.py
@@ -213,6 +213,7 @@ SECOND_VALID_PUBLIC_KEY = SECOND_PUBLIC_KEY + SECOND_UID + SECOND_KEY_SIG
 SECOND_KEY_FINGERPRINT = "758E3E9C8CFB1C687D9B242553708F69B348B4CC"
 
 TWO_SIGNATURE_PUBLIC_KEYS = VALID_PUBLIC_KEY + SECOND_VALID_PUBLIC_KEY
+TWO_KEYS_ONE_EXPIRED = EXPIRED_PUBLIC_KEY + SECOND_VALID_PUBLIC_KEY
 
 
 if __name__ == "__main__":
diff --git a/tests/test_openpgp.py b/tests/test_openpgp.py
index e29dbed..6702471 100644
--- a/tests/test_openpgp.py
+++ b/tests/test_openpgp.py
@@ -48,6 +48,7 @@ from tests.keydata import (
     UNSIGNED_SUBKEY, FORGED_SUBKEY, SIG_TIMESTAMP, SUBKEY_FINGERPRINT,
     SUBKEY_SIG_TIMESTAMP, UNEXPIRE_PUBLIC_KEY, OLD_UNEXPIRE_PUBLIC_KEY,
     FORGED_UNEXPIRE_KEY, TWO_SIGNATURE_PUBLIC_KEYS, SECOND_KEY_FINGERPRINT,
+    SECOND_VALID_PUBLIC_KEY, TWO_KEYS_ONE_EXPIRED,
     )
 from tests.test_recursiveloader import INSECURE_HASH_TESTS
 from tests.testutil import HKPServer
@@ -238,6 +239,8 @@ _ = FORGED_SUBKEY
 _ = FORGED_UNEXPIRE_KEY
 _ = OLD_UNEXPIRE_PUBLIC_KEY
 _ = OTHER_VALID_PUBLIC_KEY
+_ = SECOND_VALID_PUBLIC_KEY
+_ = TWO_KEYS_ONE_EXPIRED
 _ = TWO_SIGNATURE_PUBLIC_KEYS
 _ = UNEXPIRE_PUBLIC_KEY
 _ = UNSIGNED_PUBLIC_KEY
@@ -384,6 +387,11 @@ MANIFEST_VARIANTS = [
     ('SUBKEY_SIGNED_MANIFEST', 'VALID_KEY_SUBKEY', None),
     # == Manifest with two signatures ==
     ("TWO_SIGNATURE_MANIFEST", "TWO_SIGNATURE_PUBLIC_KEYS", None),
+    ("TWO_SIGNATURE_MANIFEST", "VALID_PUBLIC_KEY", OpenPGPVerificationFailure),
+    ("TWO_SIGNATURE_MANIFEST", "SECOND_VALID_PUBLIC_KEY",
+     OpenPGPVerificationFailure),
+    ("TWO_SIGNATURE_MANIFEST", "TWO_KEYS_ONE_EXPIRED",
+     OpenPGPExpiredKeyFailure),
     # == using private key ==
     ('SIGNED_MANIFEST', 'PRIVATE_KEY', None),
     # == bad manifests ==
-- 
cgit v1.2.3