1 files changed, 72 insertions, 0 deletions

diff --git a/src/mailman_pgp/commands/tests/test_key.py b/src/mailman_pgp/commands/tests/test_key.py
index a9d021b..cfda3e8 100644
--- a/src/mailman_pgp/commands/tests/test_key.py
+++ b/src/mailman_pgp/commands/tests/test_key.py
@@ -26,6 +26,10 @@ from mailman.interfaces.usermanager import IUserManager
 from mailman.runners.command import CommandRunner
 from mailman.testing.helpers import get_queue_messages, make_testable_runner
 from mailman.utilities.datetime import now
+from pgpy import PGPKey, PGPUID
+from pgpy.constants import (PubKeyAlgorithm, KeyFlags, EllipticCurveOID,
+                            HashAlgorithm, SymmetricKeyAlgorithm,
+                            CompressionAlgorithm)
 from zope.component import getUtility
 
 from mailman_pgp.config import mm_config
@@ -114,6 +118,20 @@ class TestPreSubscription(unittest.TestCase):
         self.bart_key = load_key('rsa_1024.priv.asc')
         self.anne_key = load_key('ecc_p256.priv.asc')
 
+        self.unusable_key = PGPKey.new(PubKeyAlgorithm.ECDSA,
+                                       EllipticCurveOID.SECP256K1)
+        uid = PGPUID.new('Bart Person', email='bart@example.com')
+        self.unusable_key.add_uid(uid,
+                                  usage={KeyFlags.Certify,
+                                         KeyFlags.Authentication,
+                                         KeyFlags.Sign},
+                                  hashes=[HashAlgorithm.SHA256,
+                                          HashAlgorithm.SHA512],
+                                  ciphers=[SymmetricKeyAlgorithm.AES256],
+                                  compression=[CompressionAlgorithm.ZLIB,
+                                               CompressionAlgorithm.Uncompressed]
+                                  )
+
     def test_set(self):
         self.mlist.subscription_policy = OpenSubscriptionPolicy
         bart = getUtility(IUserManager).create_address('bart@example.com',
@@ -256,6 +274,22 @@ class TestPreSubscription(unittest.TestCase):
         self.assertIn('You probably wanted to send your public key only.',
                       results_msg.get_payload())
 
+    def test_set_no_encrypt_key(self):
+        set_message = _create_mixed('bart@example.com', 'test@example.com',
+                                    'Re: key set token')
+        wrapped_set_message = MIMEWrapper(set_message)
+        set_message = wrapped_set_message.attach_key(self.unusable_key.pubkey)
+
+        mm_config.switchboards['command'].enqueue(set_message,
+                                                  listid='test.example.com')
+        make_testable_runner(CommandRunner, 'command').run()
+        items = get_queue_messages('virgin', expected_count=1)
+        results_msg = items[0].msg
+
+        self.assertIn(
+                'Need a key which can be used to encrypt communications.',
+                results_msg.get_payload())
+
     def test_set_no_email(self):
         message = _create_mixed('', 'test@example.com', 'key set token')
         wrapped_message = MIMEWrapper(message)
@@ -567,6 +601,20 @@ class TestAfterSubscription(unittest.TestCase):
         self.bart_key = load_key('rsa_1024.priv.asc')
         self.bart_new_key = load_key('ecc_p256.priv.asc')
 
+        self.unusable_key = PGPKey.new(PubKeyAlgorithm.ECDSA,
+                                       EllipticCurveOID.SECP256K1)
+        uid = PGPUID.new('Bart Person', email='bart@example.com')
+        self.unusable_key.add_uid(uid,
+                                  usage={KeyFlags.Certify,
+                                         KeyFlags.Authentication,
+                                         KeyFlags.Sign},
+                                  hashes=[HashAlgorithm.SHA256,
+                                          HashAlgorithm.SHA512],
+                                  ciphers=[SymmetricKeyAlgorithm.AES256],
+                                  compression=[CompressionAlgorithm.ZLIB,
+                                               CompressionAlgorithm.Uncompressed]
+                                  )
+
     def test_change(self):
         bart = getUtility(IUserManager).create_address('bart@example.com',
                                                        'Bart Person')
@@ -798,6 +846,30 @@ class TestAfterSubscription(unittest.TestCase):
         self.assertIn('You probably wanted to send your public key only.',
                       results_msg.get_payload())
 
+    def test_change_no_encrypt_key(self):
+        bart = getUtility(IUserManager).create_address('bart@example.com',
+                                                       'Bart Person')
+        with transaction() as t:
+            pgp_address = PGPAddress(bart)
+            pgp_address.key = self.bart_key.pubkey
+            pgp_address.key_confirmed = True
+            t.add(pgp_address)
+
+        message = _create_mixed('bart@example.com', 'test@example.com',
+                                'key change')
+        wrapped_message = MIMEWrapper(message)
+        message = wrapped_message.attach_key(self.unusable_key.pubkey)
+
+        mm_config.switchboards['command'].enqueue(message,
+                                                  listid='test.example.com')
+        make_testable_runner(CommandRunner, 'command').run()
+        items = get_queue_messages('virgin', expected_count=1)
+        results_msg = items[0].msg
+
+        self.assertIn(
+                'Need a key which can be used to encrypt communications.',
+                results_msg.get_payload())
+
 
 class TestGeneral(unittest.TestCase):
     layer = PGPConfigLayer