1 files changed, 66 insertions, 0 deletions

diff --git a/src/mailman_pgp/commands/tests/test_key.py b/src/mailman_pgp/commands/tests/test_key.py
index ec535ec..d89c43d 100644
--- a/src/mailman_pgp/commands/tests/test_key.py
+++ b/src/mailman_pgp/commands/tests/test_key.py
@@ -872,6 +872,72 @@ class TestAfterSubscription(unittest.TestCase):
                 'Need a key which can be used to encrypt communications.',
                 results_msg.get_payload())
 
+    def test_revoke_resets(self):
+        bart = getUtility(IUserManager).create_address('bart@example.com',
+                                                       'Bart Person')
+        with transaction() as t:
+            pgp_address = PGPAddress(bart)
+            pgp_address.key = self.bart_key.pubkey
+            pgp_address.key_confirmed = True
+            t.add(pgp_address)
+
+        revoc = self.bart_key.revoke(self.bart_key)
+
+        message = _create_mixed('bart@example.com', 'test@example.com',
+                                'key revoke')
+        wrapped_message = MIMEWrapper(message)
+        message = wrapped_message.attach_revocs(revoc)
+
+        mm_config.switchboards['command'].enqueue(message,
+                                                  listid='test.example.com')
+        make_testable_runner(CommandRunner, 'command').run()
+        items = get_queue_messages('virgin', expected_count=1)
+        results_msg = items[0].msg
+
+        self.assertIn('Key needs to be reset.', results_msg.get_payload())
+
+    def test_revoke_updates(self):
+        bart = getUtility(IUserManager).create_address('bart@example.com',
+                                                       'Bart Person')
+
+        test_key = PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 1024)
+        uid = PGPUID.new('Some Name', email='anne@example.org')
+        test_key.add_uid(uid,
+                         usage={KeyFlags.Certify,
+                                KeyFlags.EncryptCommunications,
+                                KeyFlags.Sign},
+                         hashes=[HashAlgorithm.SHA256,
+                                 HashAlgorithm.SHA512],
+                         ciphers=[SymmetricKeyAlgorithm.AES256],
+                         compression=[CompressionAlgorithm.ZLIB])
+        sub = PGPKey.new(PubKeyAlgorithm.ECDH, EllipticCurveOID.SECP256K1)
+        test_key.add_subkey(sub, usage={KeyFlags.EncryptCommunications})
+
+        with transaction() as t:
+            pgp_address = PGPAddress(bart)
+            pgp_address.key = test_key.pubkey
+            pgp_address.key_confirmed = True
+            t.add(pgp_address)
+
+        revoc = test_key.revoke(sub.pubkey)
+
+        message = _create_mixed('bart@example.com', 'test@example.com',
+                                'key revoke')
+        wrapped_message = MIMEWrapper(message)
+        message = wrapped_message.attach_revocs(revoc)
+
+        mm_config.switchboards['command'].enqueue(message,
+                                                  listid='test.example.com')
+        make_testable_runner(CommandRunner, 'command').run()
+        items = get_queue_messages('virgin', expected_count=1)
+        results_msg = items[0].msg
+
+        self.assertIn('Key succesfully updated.', results_msg.get_payload())
+        sub = next(iter(pgp_address.key.subkeys.values()))
+        revocs = list(sub.revocation_signatures)
+        self.assertEqual(len(revocs), 1)
+        self.assertEqual(revoc.hash2, revocs[0].hash2)
+
 
 class TestGeneral(unittest.TestCase):
     layer = PGPConfigLayer