diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am
index 532cdb33e..3cdf3d1ca 100644
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@@ -1,212 +1,215 @@
# Makefile.am - For tests/openpgp
# Copyright (C) 1998, 1999, 2000, 2001, 2003,
# 2010 Free Software Foundation, Inc.
#
# This file is part of GnuPG.
#
# GnuPG is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# GnuPG is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see .
# Process this file with automake to create Makefile.in
# Programs required before we can run these tests.
required_pgms = ../../g10/gpg$(EXEEXT) ../../agent/gpg-agent$(EXEEXT) \
../../tools/gpg-connect-agent$(EXEEXT) \
../gpgscm/gpgscm$(EXEEXT)
AM_CPPFLAGS = -I$(top_srcdir)/common
include $(top_srcdir)/am/cmacros.am
AM_CFLAGS =
noinst_PROGRAMS = fake-pinentry
fake_pinentry_SOURCES = fake-pinentry.c
TMP ?= /tmp
TESTS_ENVIRONMENT = LC_ALL=C \
EXEEXT=$(EXEEXT) \
PATH=../gpgscm:$(PATH) \
TMP=$(TMP) \
srcdir=$(abs_srcdir) \
objdir=$(abs_top_builddir) \
GPGSCM_PATH=$(abs_top_srcdir)/tests/gpgscm:$(abs_top_srcdir)/tests/openpgp
XTESTS = \
version.scm \
mds.scm \
decrypt.scm \
decrypt-dsa.scm \
sigs.scm \
sigs-dsa.scm \
encrypt.scm \
encrypt-dsa.scm \
seat.scm \
clearsig.scm \
encryptp.scm \
detach.scm \
detachm.scm \
armsigs.scm \
armencrypt.scm \
armencryptp.scm \
signencrypt.scm \
signencrypt-dsa.scm \
armsignencrypt.scm \
armdetach.scm \
armdetachm.scm \
genkey1024.scm \
conventional.scm \
conventional-mdc.scm \
multisig.scm \
verify.scm \
gpgv-forged-keyring.scm \
armor.scm \
import.scm \
ecc.scm \
4gb-packet.scm \
tofu.scm \
gpgtar.scm \
use-exact-key.scm \
default-key.scm \
export.scm \
ssh-import.scm \
+ ssh-export.scm \
quick-key-manipulation.scm \
key-selection.scm \
issue2015.scm \
issue2346.scm \
issue2417.scm \
issue2419.scm
# XXX: Currently, one cannot override automake's 'check' target. As a
# workaround, we avoid defining 'TESTS', thus automake will not emit
# the 'check' target. For extra robustness, we merely define a
# dependency on 'xcheck', so this hack should also work even if
# automake would emit the 'check' target, as adding dependencies to
# targets is okay.
check: xcheck
.PHONY: xcheck
xcheck:
$(TESTS_ENVIRONMENT) $(abs_top_builddir)/tests/gpgscm/gpgscm \
run-tests.scm $(TESTFLAGS) $(XTESTS)
TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \
plain-1.asc plain-2.asc plain-3.asc plain-1-pgp.asc \
plain-largeo.asc \
pubring.pkr.asc secring.skr.asc secdemo.asc pubdemo.asc \
gpg.conf.tmpl gpg-agent.conf.tmpl \
bug537-test.data.asc bug894-test.asc \
bug1223-good.asc bug1223-bogus.asc 4gb-packet.asc \
tofu-keys.asc tofu-keys-secret.asc \
tofu-2183839A-1.txt tofu-BC15C85A-1.txt tofu-EE37CF96-1.txt \
tofu/cross-sigs/EC38277E-secret.gpg \
tofu/cross-sigs/EC38277E-1.gpg \
tofu/cross-sigs/EC38277E-1.txt \
tofu/cross-sigs/EC38277E-2.gpg \
tofu/cross-sigs/EC38277E-2.txt \
tofu/cross-sigs/EC38277E-3.txt \
tofu/cross-sigs/871C2247-secret.gpg \
tofu/cross-sigs/871C2247-1.gpg \
tofu/cross-sigs/871C2247-1.txt \
tofu/cross-sigs/871C2247-2.gpg \
tofu/cross-sigs/871C2247-2.txt \
tofu/cross-sigs/871C2247-3.gpg \
tofu/cross-sigs/871C2247-3.txt \
tofu/cross-sigs/871C2247-4.gpg \
tofu/cross-sigs/README \
key-selection/0.asc \
key-selection/1.asc \
key-selection/2.asc \
key-selection/3.asc \
key-selection/4.asc
data_files = data-500 data-9000 data-32000 data-80000 plain-large
priv_keys = privkeys/50B2D4FA4122C212611048BC5FC31BD44393626E.asc \
privkeys/7E201E28B6FEB2927B321F443205F4724EBE637E.asc \
privkeys/13FDB8809B17C5547779F9D205C45F47CE0217CE.asc \
privkeys/343D8AF79796EE107D645A2787A9D9252F924E6F.asc \
privkeys/8B5ABF3EF9EB8D96B91A0B8C2C4401C91C834C34.asc \
privkeys/0D6F6AD4C4C803B25470F9104E9F4E6A4CA64255.asc \
privkeys/FD692BD59D6640A84C8422573D469F84F3B98E53.asc \
privkeys/76F7E2B35832976B50A27A282D9B87E44577EB66.asc \
privkeys/A0747D5F9425E6664F4FFBEED20FBCA79FDED2BD.asc \
privkeys/0DD40284FF992CD24DC4AAC367037E066FCEE26A.asc \
privkeys/2BC997C0B8691D41D29A4EC81CCBCF08454E4961.asc \
privkeys/3C9D5ECA70130C2DBB1FC6AC0076BEEEC197716F.asc \
privkeys/449E644892C951A37525654730DD32C202079926.asc \
privkeys/58FFE844087634E62440224908BDE44BEA7EB730.asc \
privkeys/4DF9172D6FF428C97A0E9AA96F03E8BCE3B2F188.asc \
privkeys/9D7CD8F53F2F14C3E2177D1E9D1D11F39513A4A4.asc \
privkeys/6E6B7ED0BD4425018FFC54F3921D5467A3AE00EB.asc \
privkeys/C905D0AB6AE9655C5A35975939997BBF3325D6DD.asc \
privkeys/B2BAA7144303DF19BB6FDE23781DD3FDD97918D4.asc \
privkeys/CF60965BF51F67CF80DECE853E0D2D343468571D.asc \
privkeys/DF00E361D34F80868D06879AC21D7A7D4E4FAD76.asc \
privkeys/00FE67F28A52A8AA08FFAED20AF832DA916D1985.asc \
privkeys/1DF48228FEFF3EC2481B106E0ACA8C465C662CC5.asc \
privkeys/A2832820DC9F40751BDCD375BB0945BA33EC6B4C.asc \
privkeys/ADE710D74409777B7729A7653373D820F67892E0.asc \
privkeys/CEFC51AF91F68A2904FBFF62C4F075A4785B803F.asc \
privkeys/1E28F20E41B54C2D1234D896096495FF57E08D18.asc \
privkeys/EB33B687EB8581AB64D04852A54453E85F3DF62D.asc \
privkeys/C6A6390E9388CDBAD71EAEA698233FE5E04F001E.asc \
privkeys/D69102E0F5AC6B6DB8E4D16DA8E18CF46D88CAE3.asc
sample_keys = samplekeys/README \
samplekeys/ecc-sample-1-pub.asc \
samplekeys/ecc-sample-2-pub.asc \
samplekeys/ecc-sample-3-pub.asc \
samplekeys/ecc-sample-1-sec.asc \
samplekeys/ecc-sample-2-sec.asc \
samplekeys/ecc-sample-3-sec.asc \
samplekeys/eddsa-sample-1-pub.asc \
samplekeys/eddsa-sample-1-sec.asc \
samplekeys/dda252ebb8ebe1af-1.asc \
samplekeys/dda252ebb8ebe1af-2.asc \
samplekeys/whats-new-in-2.1.asc \
samplekeys/e2e-p256-1-clr.asc \
samplekeys/e2e-p256-1-prt.asc \
samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc \
samplekeys/rsa-rsa-sample-1.asc \
samplekeys/ed25519-cv25519-sample-1.asc \
samplekeys/silent-running.asc \
samplekeys/ssh-dsa.key \
samplekeys/ssh-ecdsa.key \
samplekeys/ssh-ed25519.key \
samplekeys/ssh-rsa.key \
- samplekeys/issue2346.gpg
+ samplekeys/issue2346.gpg \
+ samplekeys/authenticate-only.pub.asc \
+ samplekeys/authenticate-only.sec.asc
sample_msgs = samplemsgs/issue2419.asc
EXTRA_DIST = defs.scm $(XTESTS) $(TEST_FILES) \
mkdemodirs signdemokey $(priv_keys) $(sample_keys) \
$(sample_msgs) ChangeLog-2011 run-tests.scm \
setup.scm shell.scm
CLEANFILES = prepared.stamp x y yy z out err $(data_files) \
plain-1 plain-2 plain-3 trustdb.gpg *.lock .\#lk* \
*.log gpg_dearmor gpg.conf gpg-agent.conf S.gpg-agent \
pubring.gpg pubring.gpg~ pubring.kbx pubring.kbx~ \
secring.gpg pubring.pkr secring.skr \
gnupg-test.stop random_seed gpg-agent.log tofu.db \
passphrases sshcontrol S.gpg-agent.ssh
clean-local:
-rm -rf private-keys-v1.d openpgp-revocs.d tofu.d gpgtar.d
# We need to depend on a couple of programs so that the tests don't
# start before all programs are built.
all-local: $(required_pgms)
diff --git a/tests/openpgp/samplekeys/authenticate-only.pub.asc b/tests/openpgp/samplekeys/authenticate-only.pub.asc
new file mode 100644
index 000000000..a08a003dc
--- /dev/null
+++ b/tests/openpgp/samplekeys/authenticate-only.pub.asc
@@ -0,0 +1,31 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFg8F68BCAC5VS/59Nrg5mw+wEAnk/vi0CGI+K5rGTmyAruy/aiS4kYfUJiE
+Pq/JZYCeNQ9GTbJN5M+Fiv1bhw6xeEfl4FAC/A0Uo39fvUSLJH2V+8lT3GxXt8KR
+Yx8MvotvoKiG1DRvgnwRh1qibX6+htJahPwHDViUuFz0ZeEPWiCwuoMOELmiTsuE
+VZbQsv08BwCOzIc3M8s63TtwMCUe+MBhqfRjEu6/Gt7miuGGVFXB96ao2O9u1HsR
+7cUjgVQp6JwGLgIIijjy167Ms+fKZetqA9tzu1C1SAtNYiqmAUoqGG1YEjS7oApo
+AKmHD+LGCMUPg5d6bhw+NyHjDAFWJEYv3kG3ABEBAAG0NVRlc3QgS2V5IChkbyBu
+b3QgdXNlKSA8YXV0aGVudGljYXRlLW9ubHlAZXhhbXBsZS5vcmc+iQFOBBMBCAA4
+FiEEkn7zd/0aG295XkDAKoeRfY/7pJ8FAlg8F68CGwEFCwkIBwIGFQgJCgsCBBYC
+AwECHgECF4AACgkQKoeRfY/7pJ9+zAf9FVZknDCWCNY42+RIR36fq2l1Gs8KfMsX
+rNXtfYPtLqioP8fz2LE0LoudSsZMLVygonPG0ZAxdIUHXcFdUqPrEzs4fEyR4xae
+OSxui2Q/u6+9bi7eilYYzVNRWkuyx2TrRQZEjMXMnuJcWptGbRWs/ipRUZBHWfLl
+2udLl+0TRIL7hni06xVCHbwE5szcLoyzzvIowGVADXFqeG7nty7uRNZNAD+ZWMH2
+J0vspZlUSVi7z1VygzDI3U42SMJmVqnRmICsB3QLI8Ns4nxWXO2z8fheSFcrP+LA
+cY3W6JgnLCzvyuogxnWmd4fzr1iB3E2Hcy/sr0cgQ5wtuseQRhmTlrkBDQRYPBfZ
+AQgAtKcbBYrIqh3cRTqyZjMxw492RVQoFawYmpr1bQ4HphVGnT4IhJZQ4DAm1JJZ
+QjzwDQiZMc1wD9Om6UC/g8gUBuFCpLCobwBzjH4an/G3Cfa8zGz5ANAROo5i5T1j
+vgoFEFdVue/GpAmMNixz+0ItQBh9jiOC6IYk1yyv/OsTzsj6AHnH0XiDpGoTNkca
+tb6Mu1VcXTMNf620Mxj6c7WE7awxL6MwKIa7XQSgXaO+JnbB+5Szz1wZ1ZhlnDp3
+KOurlfcXIbZirEaqmRByb+V21Dj3icXOJEj1RUbyVNqBS8rhw17kSxcehw/6ZAMW
+ehDmhXO98VVUknS0Mf+OJBi2JwARAQABiQE2BBgBCAAgFiEEkn7zd/0aG295XkDA
+KoeRfY/7pJ8FAlg8F9kCGyAACgkQKoeRfY/7pJ+sawf/eSjxxAglAdolF9lK070u
+VmMgq4GFPqJ3RqJPUFjwEFFSYLXkiALnMGXDSmOfPqCQ4c+PWwumFhKCz4MXVDD8
+x6mi9Z+HlEwIMaCnckrSTuQ5OgwO/6vkhz42OcgMZ3WQnWfNVM8jbNP9vX1vroPe
+HLFaPGy9KJMM0Z/hlCIIeyK/a90zWlT5UMfRoqNQRbY/iiYdmpvf69I9PobGVbo/
+7ahZTumPWwjiGOztNXeuo5UUaAVVxMQBYKp2w3wil2sHzYfTfYUSMyh+oUFx4Xlz
+WF3bLzsafRaeuK1h5+JuvIcimvU5zWZtn0hOpiIXpZOoJvvM9r5D4ZRT5UX2blQ8
+Pw==
+=vt5C
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/openpgp/samplekeys/authenticate-only.sec.asc b/tests/openpgp/samplekeys/authenticate-only.sec.asc
new file mode 100644
index 000000000..109a7a1b5
--- /dev/null
+++ b/tests/openpgp/samplekeys/authenticate-only.sec.asc
@@ -0,0 +1,60 @@
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+lQPGBFg8F68BCAC5VS/59Nrg5mw+wEAnk/vi0CGI+K5rGTmyAruy/aiS4kYfUJiE
+Pq/JZYCeNQ9GTbJN5M+Fiv1bhw6xeEfl4FAC/A0Uo39fvUSLJH2V+8lT3GxXt8KR
+Yx8MvotvoKiG1DRvgnwRh1qibX6+htJahPwHDViUuFz0ZeEPWiCwuoMOELmiTsuE
+VZbQsv08BwCOzIc3M8s63TtwMCUe+MBhqfRjEu6/Gt7miuGGVFXB96ao2O9u1HsR
+7cUjgVQp6JwGLgIIijjy167Ms+fKZetqA9tzu1C1SAtNYiqmAUoqGG1YEjS7oApo
+AKmHD+LGCMUPg5d6bhw+NyHjDAFWJEYv3kG3ABEBAAH+BwMCzWzbxiWo+krZWBSs
+jFH7f5mn3T/L0PBesTdqiwKwUOj8Fltri+6OY9G028CJB4UlTrEmvD4zdu7HFlvo
+XgrNhZiE8INjEY6QDrNTKNX474dWcCQDDinz6NIwitYNMkv//Ct19qhrqd9WpGVH
+QtKVe0BOHimiokpqu3YBMvV8tZmM2Am8vN32nn/lHo8G/UhSRVnYewazSvAjCSPG
+OqJAPuD3vldssTgpPA2BhBeh6Q7jDkghGfd97a1LkB+JpuDF6UNXs1OxVthONb7q
+ScEsxUhiYne7LrglzZhfDdqsRWcyQyaTzIg/3tOh69hRI2I+8EoJJ9PeLx4rMGFJ
+Z0DkgSbUwXDYYa8GgewT5yZSkfJyhcx/q8eI3PW39TB0YI48TaN3KufzqS+U8ITz
+bQygpzX2WGBXKcwXV0zDXjpapqd/77m600FhvrrIJuJNGmNNSQ1eWAYmY13rmR1R
+7aXRrocVlF3ZPfWzKLi6DophmW0vfcwlt9XxgQ2VxF0rk2f6OF4WcTYbaOCwh8M3
+Ffo98i3OO+upHsJLKyvQRrM1/LVeecGTxV9cXOnE+YB+aU36AS+AjeLRTqM2ZbzU
+UgNTdkcs6+8B4q3XMWtTojXXCYfHMpFYu2FuKT+cXi1UEKWF7/Rhu2i3aeRahRLF
+zdtSwWhbx0WNqH4BL4hhGZ85BUXKrOwdDiRyzgzKQilwWXu1ZEJuaWrY+vxdqdxi
+PyikwO7/JXlBgcICO7v5hKDVuHGll8jP1CQU3hvfcSKuzny++ComI3ND2H2Wj3Jh
+ocz9/7Z+hAp/RMeE2MbptvnJTzeTEg/Wk2aMt6ArxEKCpcpvXlvm5TENl20/oejo
+H/o6DNJhtU75AI5tQZ315cXfK56ae0Swc90UGPImTDl3LiG+qTgQbcHdNV+I0zL9
+FeqvLZg5ZgpBtDVUZXN0IEtleSAoZG8gbm90IHVzZSkgPGF1dGhlbnRpY2F0ZS1v
+bmx5QGV4YW1wbGUub3JnPokBTgQTAQgAOBYhBJJ+83f9GhtveV5AwCqHkX2P+6Sf
+BQJYPBevAhsBBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJECqHkX2P+6SffswH
+/RVWZJwwlgjWONvkSEd+n6tpdRrPCnzLF6zV7X2D7S6oqD/H89ixNC6LnUrGTC1c
+oKJzxtGQMXSFB13BXVKj6xM7OHxMkeMWnjksbotkP7uvvW4u3opWGM1TUVpLssdk
+60UGRIzFzJ7iXFqbRm0VrP4qUVGQR1ny5drnS5ftE0SC+4Z4tOsVQh28BObM3C6M
+s87yKMBlQA1xanhu57cu7kTWTQA/mVjB9idL7KWZVElYu89VcoMwyN1ONkjCZlap
+0ZiArAd0CyPDbOJ8Vlzts/H4XkhXKz/iwHGN1uiYJyws78rqIMZ1pneH869YgdxN
+h3Mv7K9HIEOcLbrHkEYZk5adA8YEWDwX2QEIALSnGwWKyKod3EU6smYzMcOPdkVU
+KBWsGJqa9W0OB6YVRp0+CISWUOAwJtSSWUI88A0ImTHNcA/TpulAv4PIFAbhQqSw
+qG8Ac4x+Gp/xtwn2vMxs+QDQETqOYuU9Y74KBRBXVbnvxqQJjDYsc/tCLUAYfY4j
+guiGJNcsr/zrE87I+gB5x9F4g6RqEzZHGrW+jLtVXF0zDX+ttDMY+nO1hO2sMS+j
+MCiGu10EoF2jviZ2wfuUs89cGdWYZZw6dyjrq5X3FyG2YqxGqpkQcm/ldtQ494nF
+ziRI9UVG8lTagUvK4cNe5EsXHocP+mQDFnoQ5oVzvfFVVJJ0tDH/jiQYticAEQEA
+Af4HAwLbL5r0DsoKEtmeahTDsYhsRTH/hmOPCGKyjhblVfWoNVQjmrDNsRVrPx+2
+CVj304Npu9XpkKsgp/U20pv6y00xET/l+FfftyN5zUTdGC4qi0gN3AXE5amQkbnJ
+/ItzUTnf8YPYenSKioiQSrk39Q+ikRZ3WBIPVQcMR2bPnzAobNupit5fgS7e/aRA
+0vswD12SeqqNM82JWAuSFJc51F+Gn8xTkWnnK2AdA8Rz351qqUHpmFwg8kaRVhVe
+TwSP7nAN5JPS7lrr91vvp3jRlH84XgaUxFk/8Gm8pSNN4tyxNjo9Cv6YaG0PR/rO
+skg6G/9AfqVtAuRyaRNu1HP/JPDyuGGEqOt7mfMr2vd43a5LTVO3EkO5OfQkXg1/
+t2HXn6dzc0hBolq0pWAUU+sVwZD9h2F8pEWPPyeInv5H4c95J9HU466tro9VJpvm
+p/iw55evDiBRAu+nNkCI8eyFEpB06d3ikjxLAJ5xS3Fb6Vj3PX0TdZMieRNHQXlt
+Gpi8UQOpOLhj+lytW9NYCGG3SYcy2ytYVgs2IoIycx37c4tz5+v1yi8/FvnQPPTf
+8LjLZUrrFL6GRJm0fNtp0I3jm5Ic/oESQ4UDrVmQO1+G6/+9iOalgA7x67+X13rD
+6nz0Et0WBH0HpZrOEFe2b07livdfs5gS3xtyqyMBRLu4lKYDWYJ55R0nbMiwQ1dQ
+EG5U/ur0E1ENJeFDE2MmL06RIXtizVcGmoU23m/tAEShNJBaHGe1qKKDGk8lutmF
+9S4UN5eXE3qzBJmqWQTG4/z2N+QRB/Nj6h1IbKPvAMML2c5vdI1V1LniCa55vytJ
+F6Ngtyw6f7M2UVqyPr6FZmzZyw6SPxjGqFUcp/o30Pqm6k0AYr3HVQLLnCM9vpCY
+Y73QV1EOpBNPNIPTyiWWFSnrXID6xoObHg2JATYEGAEIACAWIQSSfvN3/Robb3le
+QMAqh5F9j/uknwUCWDwX2QIbIAAKCRAqh5F9j/ukn6xrB/95KPHECCUB2iUX2UrT
+vS5WYyCrgYU+ondGok9QWPAQUVJgteSIAucwZcNKY58+oJDhz49bC6YWEoLPgxdU
+MPzHqaL1n4eUTAgxoKdyStJO5Dk6DA7/q+SHPjY5yAxndZCdZ81UzyNs0/29fW+u
+g94csVo8bL0okwzRn+GUIgh7Ir9r3TNaVPlQx9Gio1BFtj+KJh2am9/r0j0+hsZV
+uj/tqFlO6Y9bCOIY7O01d66jlRRoBVXExAFgqnbDfCKXawfNh9N9hRIzKH6hQXHh
+eXNYXdsvOxp9Fp64rWHn4m68hyKa9TnNZm2fSE6mIhelk6gm+8z2vkPhlFPlRfZu
+VDw/
+=vLFX
+-----END PGP PRIVATE KEY BLOCK-----
diff --git a/tests/openpgp/ssh-export.scm b/tests/openpgp/ssh-export.scm
new file mode 100755
index 000000000..322620eed
--- /dev/null
+++ b/tests/openpgp/ssh-export.scm
@@ -0,0 +1,52 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see .
+
+(load (with-path "defs.scm"))
+(setup-environment)
+
+(define key
+ `(,(in-srcdir "samplekeys" "authenticate-only.sec.asc")
+ "927EF377FD1A1B6F795E40C02A87917D8FFBA49F"
+ "72360FDB6380212D5DAF2FA9E51185A9253C496D"
+ "ssh-rsa"))
+
+(define :file car)
+(define :fpr cadr)
+(define :subkey-fpr caddr)
+(define :kind cadddr)
+
+;; Return true if a-str and b-str share a suffix of length n.
+(define (string-common-suffix? n a-str b-str)
+ (let ((a-len (string-length a-str))
+ (b-len (string-length b-str)))
+ (if (> n (min a-len b-len))
+ #f
+ (string=? (substring a-str (- a-len n) a-len)
+ (substring b-str (- b-len n) b-len)))))
+
+(info "Checking ssh export...")
+(call-check `(,@GPG --yes --import ,(:file key)))
+
+(let* ((result (call-check `(,@GPG --export-ssh-key ,(:fpr key))))
+ ;; XXX: We should split at any whitespace here.
+ (parts (string-split (string-trim char-whitespace? result) #\space)))
+ (assert (string=? (car parts) (:kind key)))
+ ;; XXX: We should not use a short keyid as the comment when
+ ;; exporting an ssh key.
+ (assert (string-common-suffix? 8 (caddr parts) (:subkey-fpr key))))