[Rt-commit] rt branch, 4.2/gpg-encrypted-attachment-tests, created. rt-4.2.13-72-ga9b9361

Alex Vandiver alexmv at bestpractical.com
Tue Nov 29 18:50:45 EST 2016


The branch, 4.2/gpg-encrypted-attachment-tests has been created
        at  a9b9361d1cb6d381cd94580a677c81c9d16d1254 (commit)

- Log -----------------------------------------------------------------
commit a24f4358480d8665b985f9ccddbec2d1cb724388
Author: Alex Vandiver <alex at chmrr.net>
Date:   Tue Nov 29 12:23:49 2016 -0500

    For GPG attachment tests on create, use CC, not requestor
    
    If only the requestor is set, only the Autoreply template is used --
    which does not set `RT-Attach-Message`, and thus attachments are never
    sent.  Because this test is only ever called with `Encrypt => 1`,
    however, it only tested that the plaintext attachment content was
    lacking -- which it always was, because the attachment was never
    involved at all.

diff --git a/t/web/gnupg-select-keys-on-create.t b/t/web/gnupg-select-keys-on-create.t
index e30b264..b111013 100644
--- a/t/web/gnupg-select-keys-on-create.t
+++ b/t/web/gnupg-select-keys-on-create.t
@@ -245,7 +245,8 @@ diag "check encrypting of attachments";
     ok $m->goto_create_ticket( $queue ), "UI -> create ticket";
     $m->form_name('TicketCreate');
     $m->tick( Encrypt => 1 );
-    $m->field( Requestors => 'rt-test at example.com' );
+    $m->field( Requestors => '' );
+    $m->field( Cc => 'rt-test at example.com' );
     $m->field( Content => 'Some content' );
     $m->field( Attach => $0 );
     $m->submit;

commit f1c247a2b029d15cc9b6fc738d5a2b645b6aff86
Author: Alex Vandiver <alex at chmrr.net>
Date:   Tue Nov 29 12:29:36 2016 -0500

    Actually include the tested-for text in the attachment
    
    2bf9cb4b refactored the check_text_emails methods out of the two
    `gnupg-select-keys-on-___` files.  However, the tests attach $0, the
    test file itself -- since the checks are for "Attachment content",
    which no longer appears in the test files, this broke the tests.
    Since the only use of this string was via `unlike`, it broke them such
    that the tests could never fail.
    
    Hardcode the string to search for in the function call, so it exists
    in the file that is attached.

diff --git a/lib/RT/Test/GnuPG.pm b/lib/RT/Test/GnuPG.pm
index e5a08b7..fdeac16 100644
--- a/lib/RT/Test/GnuPG.pm
+++ b/lib/RT/Test/GnuPG.pm
@@ -204,7 +204,7 @@ sub check_text_emails {
 
             my $content = $type eq 'email'
                         ? "Some content"
-                        : "Attachment content";
+                        : $args{Attachment};
 
             if ( $args{'Encrypt'} ) {
                 unlike $mail, qr/$content/, "outgoing $type was encrypted";
diff --git a/t/web/gnupg-select-keys-on-create.t b/t/web/gnupg-select-keys-on-create.t
index b111013..8c2309f 100644
--- a/t/web/gnupg-select-keys-on-create.t
+++ b/t/web/gnupg-select-keys-on-create.t
@@ -269,7 +269,7 @@ diag "check encrypting of attachments";
 
     my @mail = RT::Test->fetch_caught_mails;
     ok @mail, 'there are some emails';
-    check_text_emails( { Encrypt => 1, Attachment => 1 }, @mail );
+    check_text_emails( { Encrypt => 1, Attachment => "Attachment content" }, @mail );
 
     $m->no_warnings_ok;
 }
diff --git a/t/web/gnupg-select-keys-on-update.t b/t/web/gnupg-select-keys-on-update.t
index a666851..1cac92b 100644
--- a/t/web/gnupg-select-keys-on-update.t
+++ b/t/web/gnupg-select-keys-on-update.t
@@ -290,7 +290,7 @@ diag "check encrypting of attachments";
 
     my @mail = RT::Test->fetch_caught_mails;
     ok @mail, 'there are some emails';
-    check_text_emails( { Encrypt => 1, Attachment => 1 }, @mail );
+    check_text_emails( { Encrypt => 1, Attachment => "Attachment content" }, @mail );
 
     $m->no_warnings_ok;
 }

commit d9feec6fa4685efc9b229e3e5e7f314d41e45df9
Author: Alex Vandiver <alex at chmrr.net>
Date:   Tue Nov 29 12:38:40 2016 -0500

    Test the unencrypted versions of attachment generation, as well
    
    These tests failed to test what they believed the did because they
    only tested the encrypted form; had they tested the unencrypted form,
    the lack of the "Attachment content" plaintext, and the lack of
    attachments on Autoreply would have been evident.
    
    Add an additional set of tests for enencrypted mails.

diff --git a/t/web/gnupg-select-keys-on-create.t b/t/web/gnupg-select-keys-on-create.t
index 8c2309f..271561a 100644
--- a/t/web/gnupg-select-keys-on-create.t
+++ b/t/web/gnupg-select-keys-on-create.t
@@ -1,7 +1,7 @@
 use strict;
 use warnings;
 
-use RT::Test::GnuPG tests => 79, gnupg_options => { passphrase => 'rt-test' };
+use RT::Test::GnuPG tests => undef, gnupg_options => { passphrase => 'rt-test' };
 use RT::Action::SendEmail;
 
 my $queue = RT::Test->load_or_create_queue(
@@ -239,38 +239,44 @@ diag "check that key selector works and we can select trusted key";
 }
 
 diag "check encrypting of attachments";
-{
+for my $encrypt (0, 1) {
     RT::Test->clean_caught_mails;
 
     ok $m->goto_create_ticket( $queue ), "UI -> create ticket";
     $m->form_name('TicketCreate');
-    $m->tick( Encrypt => 1 );
+    $m->tick( Encrypt => 1 ) if $encrypt;
     $m->field( Requestors => '' );
     $m->field( Cc => 'rt-test at example.com' );
     $m->field( Content => 'Some content' );
     $m->field( Attach => $0 );
     $m->submit;
-    $m->content_contains(
-        'You are going to encrypt outgoing email messages',
-        'problems with keys'
-    );
-    $m->content_contains(
-        'There are several keys suitable for encryption',
-        'problems with keys'
-    );
 
-    my $form = $m->form_name('TicketCreate');
-    ok my $input = $form->find_input( 'UseKey-rt-test at example.com' ), 'found key selector';
-    is scalar $input->possible_values, 2, 'two options';
+    if ($encrypt) {
+        $m->content_contains(
+            'You are going to encrypt outgoing email messages',
+            'problems with keys'
+        );
+        $m->content_contains(
+            'There are several keys suitable for encryption',
+            'problems with keys'
+        );
+
+        my $form = $m->form_name('TicketCreate');
+        ok my $input = $form->find_input( 'UseKey-rt-test at example.com' ), 'found key selector';
+        is scalar $input->possible_values, 2, 'two options';
+
+        $m->select( 'UseKey-rt-test at example.com' => $fpr1 );
+        $m->submit;
+    }
 
-    $m->select( 'UseKey-rt-test at example.com' => $fpr1 );
-    $m->submit;
     $m->content_like( qr/Ticket \d+ created in queue/i, 'ticket created' );
 
     my @mail = RT::Test->fetch_caught_mails;
     ok @mail, 'there are some emails';
-    check_text_emails( { Encrypt => 1, Attachment => "Attachment content" }, @mail );
+    check_text_emails( { Encrypt => $encrypt, Attachment => "Attachment content" }, @mail );
 
     $m->no_warnings_ok;
 }
 
+undef $m;
+done_testing;
diff --git a/t/web/gnupg-select-keys-on-update.t b/t/web/gnupg-select-keys-on-update.t
index 1cac92b..da7009c 100644
--- a/t/web/gnupg-select-keys-on-update.t
+++ b/t/web/gnupg-select-keys-on-update.t
@@ -1,7 +1,7 @@
 use strict;
 use warnings;
 
-use RT::Test::GnuPG tests => 86, gnupg_options => { passphrase => 'rt-test' };
+use RT::Test::GnuPG tests => undef, gnupg_options => { passphrase => 'rt-test' };
 
 use RT::Action::SendEmail;
 
@@ -260,37 +260,44 @@ diag "check that key selector works and we can select trusted key";
 }
 
 diag "check encrypting of attachments";
-{
+for my $encrypt (0, 1) {
     RT::Test->clean_caught_mails;
 
     ok $m->goto_ticket( $tid ), "UI -> ticket #$tid";
     $m->follow_link_ok( { text => 'Reply' }, 'ticket -> reply' );
     $m->form_name('TicketUpdate');
-    $m->tick( Encrypt => 1 );
+    $m->tick( Encrypt => 1 ) if $encrypt;
     $m->field( UpdateCc => 'rt-test at example.com' );
     $m->field( UpdateContent => 'Some content' );
     $m->field( Attach => $0 );
     $m->click('SubmitTicket');
-    $m->content_contains(
-        'You are going to encrypt outgoing email messages',
-        'problems with keys'
-    );
-    $m->content_contains(
-        'There are several keys suitable for encryption',
-        'problems with keys'
-    );
 
-    my $form = $m->form_name('TicketUpdate');
-    ok my $input = $form->find_input( 'UseKey-rt-test at example.com' ), 'found key selector';
-    is scalar $input->possible_values, 2, 'two options';
+    if ($encrypt) {
+        $m->content_contains(
+            'You are going to encrypt outgoing email messages',
+            'problems with keys'
+        );
+        $m->content_contains(
+            'There are several keys suitable for encryption',
+            'problems with keys'
+        );
+
+        my $form = $m->form_name('TicketUpdate');
+        ok my $input = $form->find_input( 'UseKey-rt-test at example.com' ), 'found key selector';
+        is scalar $input->possible_values, 2, 'two options';
+
+        $m->select( 'UseKey-rt-test at example.com' => $fpr1 );
+        $m->click('SubmitTicket');
+    }
 
-    $m->select( 'UseKey-rt-test at example.com' => $fpr1 );
-    $m->click('SubmitTicket');
     $m->content_contains('Correspondence added', 'Correspondence added' );
 
     my @mail = RT::Test->fetch_caught_mails;
     ok @mail, 'there are some emails';
-    check_text_emails( { Encrypt => 1, Attachment => "Attachment content" }, @mail );
+    check_text_emails( { Encrypt => $encrypt, Attachment => "Attachment content" }, @mail );
 
     $m->no_warnings_ok;
 }
+
+undef $m;
+done_testing;

commit a3e11d047dc6cfa5c5c9e5b9dd48f68e11a4b91a
Author: Alex Vandiver <alex at chmrr.net>
Date:   Tue Nov 29 14:15:33 2016 -0500

    Ensure that parse_mail does not GC still-active attachments
    
    Each call to `RT::EmailParser->ParseMIMEEntity*` makes a new
    MIME::Parser object, with its own temporary directory (either under
    the system tmpdir or under /opt/rt4/var).  These are all removed when
    the RT::EmailParser object goes out of scope, via both the tmpdir's
    `CLEANUP => 1` as well as via an explicit RT::EmailParser->DESTROY
    method.  Thus, if the parsed entities contain attachments. and are not
    done being examined by the time their generating RT::EmailParser goes
    out of scope, their contents fail to be readable.
    
    Use the same trick that is used in RT::Crypto::GnuPG, where the parsed
    MIME::Entity outlives the scope of the RT::EmailParser that generated
    it, by storing a reference to the parser inside the generated entity.
    
    This is a stopgap solution; the proper fix requires larger-scale
    changes which may be backwards-incompatible.

diff --git a/lib/RT/Test.pm b/lib/RT/Test.pm
index 257eea5..fe13bd0 100644
--- a/lib/RT/Test.pm
+++ b/lib/RT/Test.pm
@@ -1733,7 +1733,9 @@ sub parse_mail {
     require RT::EmailParser;
     my $parser = RT::EmailParser->new;
     $parser->ParseMIMEEntityFromScalar( $mail );
-    return $parser->Entity;
+    my $entity = $parser->Entity;
+    $entity->{__store_link_to_object_to_avoid_early_cleanup} = $parser;
+    return $entity;
 }
 
 sub works {

commit a9b9361d1cb6d381cd94580a677c81c9d16d1254
Author: Alex Vandiver <alex at chmrr.net>
Date:   Tue Nov 29 12:42:04 2016 -0500

    Test that expected-encrypted mail is encrypted, with expected contents
    
    Previously, the only test on encrypted content was that it didn't
    contain the plaintext.  This fails to verify that it was indeed
    encrypted to the right recipient, and that it can successfully be
    decrypted to reveal the right content.  Specifically, this makes the
    encrypted attachment tests useless, as they cannot prove that the
    intended attachment was attached, merely that it was not sent in
    plaintext.
    
    Verify that the contents of the outgoing mail can be decrypted, and
    that the decrypted text contains the expected string.  This requires
    loading not just the public part of the rt-test at example.com user
    during tests, but the full secret key as well so that it can be used
    to decrypt the data.
    
    Fixes: I#32460

diff --git a/lib/RT/Test/GnuPG.pm b/lib/RT/Test/GnuPG.pm
index fdeac16..7419572 100644
--- a/lib/RT/Test/GnuPG.pm
+++ b/lib/RT/Test/GnuPG.pm
@@ -207,10 +207,14 @@ sub check_text_emails {
                         : $args{Attachment};
 
             if ( $args{'Encrypt'} ) {
-                unlike $mail, qr/$content/, "outgoing $type was encrypted";
+                unlike $mail, qr/$content/, "outgoing $type is not in plaintext";
+                my $entity = RT::Test::parse_mail($mail);
+                my @res = RT::Crypt->VerifyDecrypt(Entity => $entity);
+                like $res[0]{'status'}, qr/DECRYPTION_OKAY/, "Decrypts OK";
+                like $entity->as_string, qr/$content/, "outgoing decrypts to contain $type content";
             } else {
                 like $mail, qr/$content/, "outgoing $type was not encrypted";
-            } 
+            }
 
             next unless $type eq 'email';
 
diff --git a/t/mail/gnupg-outgoing-encrypted-plaintext.t b/t/mail/gnupg-outgoing-encrypted-plaintext.t
index 35cfced..7f0f7ac 100644
--- a/t/mail/gnupg-outgoing-encrypted-plaintext.t
+++ b/t/mail/gnupg-outgoing-encrypted-plaintext.t
@@ -2,7 +2,7 @@ use strict;
 use warnings;
 
 use RT::Test::GnuPG
-  tests          => 104,
+  tests          => undef,
   text_templates => 1,
   gnupg_options  => {
     passphrase    => 'rt-test',
@@ -10,7 +10,7 @@ use RT::Test::GnuPG
   };
 
 RT::Test->import_gnupg_key('rt-recipient at example.com');
-RT::Test->import_gnupg_key( 'rt-test at example.com', 'public' );
+RT::Test->import_gnupg_key( 'rt-test at example.com' );
 
 my $queue = RT::Test->load_or_create_queue(
     Name              => 'Regression',
@@ -25,3 +25,5 @@ ok $m->login, 'logged in';
 
 create_and_test_outgoing_emails( $queue, $m );
 
+undef $m;
+done_testing;
diff --git a/t/mail/gnupg-outgoing-encrypted.t b/t/mail/gnupg-outgoing-encrypted.t
index 96c7487..dc6a55d 100644
--- a/t/mail/gnupg-outgoing-encrypted.t
+++ b/t/mail/gnupg-outgoing-encrypted.t
@@ -2,14 +2,14 @@ use strict;
 use warnings;
 
 use RT::Test::GnuPG
-  tests         => 103,
+  tests         => undef,
   gnupg_options => {
     passphrase    => 'rt-test',
     'trust-model' => 'always',
   };
 
 RT::Test->import_gnupg_key('rt-recipient at example.com');
-RT::Test->import_gnupg_key( 'rt-test at example.com', 'public' );
+RT::Test->import_gnupg_key( 'rt-test at example.com' );
 
 my $queue = RT::Test->load_or_create_queue(
     Name              => 'Regression',
@@ -24,3 +24,5 @@ ok $m->login, 'logged in';
 
 create_and_test_outgoing_emails( $queue, $m );
 
+undef $m;
+done_testing;
diff --git a/t/mail/gnupg-outgoing-plain-plaintext.t b/t/mail/gnupg-outgoing-plain-plaintext.t
index 32e7d5d..baf51e4 100644
--- a/t/mail/gnupg-outgoing-plain-plaintext.t
+++ b/t/mail/gnupg-outgoing-plain-plaintext.t
@@ -2,7 +2,7 @@ use strict;
 use warnings;
 
 use RT::Test::GnuPG
-  tests          => 104,
+  tests          => undef,
   text_templates => 1,
   gnupg_options  => {
     passphrase    => 'rt-test',
@@ -10,7 +10,7 @@ use RT::Test::GnuPG
   };
 
 RT::Test->import_gnupg_key('rt-recipient at example.com');
-RT::Test->import_gnupg_key( 'rt-test at example.com', 'public' );
+RT::Test->import_gnupg_key( 'rt-test at example.com' );
 
 my $queue = RT::Test->load_or_create_queue(
     Name              => 'Regression',
@@ -23,3 +23,5 @@ my ( $baseurl, $m ) = RT::Test->started_ok;
 ok $m->login, 'logged in';
 
 create_and_test_outgoing_emails( $queue, $m );
+undef $m;
+done_testing;
diff --git a/t/mail/gnupg-outgoing-plain.t b/t/mail/gnupg-outgoing-plain.t
index 62ae0ed..f8f87e1 100644
--- a/t/mail/gnupg-outgoing-plain.t
+++ b/t/mail/gnupg-outgoing-plain.t
@@ -2,14 +2,14 @@ use strict;
 use warnings;
 
 use RT::Test::GnuPG
-  tests         => 103,
+  tests         => undef,
   gnupg_options => {
     passphrase    => 'rt-test',
     'trust-model' => 'always',
   };
 
 RT::Test->import_gnupg_key('rt-recipient at example.com');
-RT::Test->import_gnupg_key( 'rt-test at example.com', 'public' );
+RT::Test->import_gnupg_key( 'rt-test at example.com' );
 
 my $queue = RT::Test->load_or_create_queue(
     Name              => 'Regression',
@@ -22,3 +22,5 @@ my ( $baseurl, $m ) = RT::Test->started_ok;
 ok $m->login, 'logged in';
 
 create_and_test_outgoing_emails( $queue, $m );
+undef $m;
+done_testing;
diff --git a/t/mail/gnupg-outgoing-signed-plaintext.t b/t/mail/gnupg-outgoing-signed-plaintext.t
index cf46edd..0ff06d1 100644
--- a/t/mail/gnupg-outgoing-signed-plaintext.t
+++ b/t/mail/gnupg-outgoing-signed-plaintext.t
@@ -2,7 +2,7 @@ use strict;
 use warnings;
 
 use RT::Test::GnuPG
-  tests          => 104,
+  tests          => undef,
   text_templates => 1,
   gnupg_options  => {
     passphrase    => 'rt-test',
@@ -10,7 +10,7 @@ use RT::Test::GnuPG
   };
 
 RT::Test->import_gnupg_key('rt-recipient at example.com');
-RT::Test->import_gnupg_key( 'rt-test at example.com', 'public' );
+RT::Test->import_gnupg_key( 'rt-test at example.com' );
 
 my $queue = RT::Test->load_or_create_queue(
     Name              => 'Regression',
@@ -25,3 +25,5 @@ ok $m->login, 'logged in';
 
 create_and_test_outgoing_emails( $queue, $m );
 
+undef $m;
+done_testing;
diff --git a/t/mail/gnupg-outgoing-signed.t b/t/mail/gnupg-outgoing-signed.t
index 4aa262b..00d292a 100644
--- a/t/mail/gnupg-outgoing-signed.t
+++ b/t/mail/gnupg-outgoing-signed.t
@@ -2,14 +2,14 @@ use strict;
 use warnings;
 
 use RT::Test::GnuPG
-  tests         => 103,
+  tests         => undef,
   gnupg_options => {
     passphrase    => 'rt-test',
     'trust-model' => 'always',
   };
 
 RT::Test->import_gnupg_key('rt-recipient at example.com');
-RT::Test->import_gnupg_key( 'rt-test at example.com', 'public' );
+RT::Test->import_gnupg_key( 'rt-test at example.com' );
 
 my $queue = RT::Test->load_or_create_queue(
     Name              => 'Regression',
@@ -24,3 +24,5 @@ ok $m->login, 'logged in';
 
 create_and_test_outgoing_emails( $queue, $m );
 
+undef $m;
+done_testing;
diff --git a/t/mail/gnupg-outgoing-signed_encrypted-plaintext.t b/t/mail/gnupg-outgoing-signed_encrypted-plaintext.t
index c2753d0..b21b344 100644
--- a/t/mail/gnupg-outgoing-signed_encrypted-plaintext.t
+++ b/t/mail/gnupg-outgoing-signed_encrypted-plaintext.t
@@ -2,7 +2,7 @@ use strict;
 use warnings;
 
 use RT::Test::GnuPG
-  tests          => 104,
+  tests          => undef,
   text_templates => 1,
   gnupg_options  => {
     passphrase    => 'rt-test',
@@ -10,7 +10,7 @@ use RT::Test::GnuPG
   };
 
 RT::Test->import_gnupg_key('rt-recipient at example.com');
-RT::Test->import_gnupg_key( 'rt-test at example.com', 'public' );
+RT::Test->import_gnupg_key( 'rt-test at example.com' );
 
 my $queue = RT::Test->load_or_create_queue(
     Name              => 'Regression',
@@ -26,3 +26,5 @@ ok $m->login, 'logged in';
 
 create_and_test_outgoing_emails( $queue, $m );
 
+undef $m;
+done_testing;
diff --git a/t/mail/gnupg-outgoing-signed_encrypted.t b/t/mail/gnupg-outgoing-signed_encrypted.t
index 806f62d..1399c57 100644
--- a/t/mail/gnupg-outgoing-signed_encrypted.t
+++ b/t/mail/gnupg-outgoing-signed_encrypted.t
@@ -2,14 +2,14 @@ use strict;
 use warnings;
 
 use RT::Test::GnuPG
-  tests         => 103,
+  tests         => undef,
   gnupg_options => {
     passphrase    => 'rt-test',
     'trust-model' => 'always',
   };
 
 RT::Test->import_gnupg_key('rt-recipient at example.com');
-RT::Test->import_gnupg_key( 'rt-test at example.com', 'public' );
+RT::Test->import_gnupg_key( 'rt-test at example.com' );
 
 my $queue = RT::Test->load_or_create_queue(
     Name              => 'Regression',
@@ -25,3 +25,5 @@ ok $m->login, 'logged in';
 
 create_and_test_outgoing_emails( $queue, $m );
 
+undef $m;
+done_testing;
diff --git a/t/web/gnupg-select-keys-on-create.t b/t/web/gnupg-select-keys-on-create.t
index 271561a..131f4c5 100644
--- a/t/web/gnupg-select-keys-on-create.t
+++ b/t/web/gnupg-select-keys-on-create.t
@@ -73,7 +73,7 @@ diag "check that things don't work if there is no key";
 diag "import first key of rt-test\@example.com";
 my $fpr1 = '';
 {
-    RT::Test->import_gnupg_key('rt-test at example.com', 'public');
+    RT::Test->import_gnupg_key('rt-test at example.com', 'secret');
     my %res = RT::Crypt->GetKeysInfo( Key => 'rt-test at example.com' );
     is $res{'info'}[0]{'TrustLevel'}, 0, 'is not trusted key';
     $fpr1 = $res{'info'}[0]{'Fingerprint'};
@@ -122,7 +122,7 @@ diag "check that things still doesn't work if key is not trusted";
 diag "import a second key of rt-test\@example.com";
 my $fpr2 = '';
 {
-    RT::Test->import_gnupg_key('rt-test at example.com.2', 'public');
+    RT::Test->import_gnupg_key('rt-test at example.com.2', 'secret');
     my %res = RT::Crypt->GetKeysInfo( Key => 'rt-test at example.com' );
     is $res{'info'}[1]{'TrustLevel'}, 0, 'is not trusted key';
     $fpr2 = $res{'info'}[2]{'Fingerprint'};
diff --git a/t/web/gnupg-select-keys-on-update.t b/t/web/gnupg-select-keys-on-update.t
index da7009c..24d22e7 100644
--- a/t/web/gnupg-select-keys-on-update.t
+++ b/t/web/gnupg-select-keys-on-update.t
@@ -90,7 +90,7 @@ diag "check that things don't work if there is no key";
 diag "import first key of rt-test\@example.com";
 my $fpr1 = '';
 {
-    RT::Test->import_gnupg_key('rt-test at example.com', 'public');
+    RT::Test->import_gnupg_key('rt-test at example.com', 'secret');
     my %res = RT::Crypt->GetKeysInfo( Key => 'rt-test at example.com' );
     is $res{'info'}[0]{'TrustLevel'}, 0, 'is not trusted key';
     $fpr1 = $res{'info'}[0]{'Fingerprint'};
@@ -140,7 +140,7 @@ diag "check that things still doesn't work if key is not trusted";
 diag "import a second key of rt-test\@example.com";
 my $fpr2 = '';
 {
-    RT::Test->import_gnupg_key('rt-test at example.com.2', 'public');
+    RT::Test->import_gnupg_key('rt-test at example.com.2', 'secret');
     my %res = RT::Crypt->GetKeysInfo( Key => 'rt-test at example.com' );
     is $res{'info'}[1]{'TrustLevel'}, 0, 'is not trusted key';
     $fpr2 = $res{'info'}[2]{'Fingerprint'};

-----------------------------------------------------------------------


More information about the rt-commit mailing list