- add better test for verification

diff --git a/src/credential/test_credential_lookup.sh b/src/credential/test_credential_lookup.sh
deleted file mode 100755 (executable)
index fc6a59c..0000000
--- a/src/credential/test_credential_lookup.sh
+++ /dev/null
@@ -1,66 +0,0 @@
-#!/bin/bash
-trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
-
-LOCATION=$(which gnunet-config)
-if [ -z $LOCATION ]
-then
-  LOCATION="gnunet-config"
-fi
-$LOCATION --version 1> /dev/null
-if test $? != 0
-then
-       echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
-       exit 77
-fi
-
-rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
-
-#  (1) PKEY1.user -> PKEY2.resu.user
-#  (2) PKEY2.resu -> PKEY3
-#  (3) PKEY3.user -> PKEY4
-
-
-which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
-TEST_ISSUER="PKEY1"
-TEST_ATTR="user"
-TEST_SUB_ATTR="resu"
-TEST_DELEGATION_SUBJECT="PKEY2"
-TEST_DELEGATION_ATTR="$TEST_SUB_ATTR.$TEST_ATTR"
-TEST_SUBDELEGATION_SUBJECT="PKEY3"
-TEST_SUBJECT="PKEY4"
-TEST_CREDENTIAL="c1"
-gnunet-arm -s -c test_credential_lookup.conf
-gnunet-identity -C testone -c test_credential_lookup.conf
-gnunet-identity -C testtwo -c test_credential_lookup.conf
-gnunet-identity -C testthree -c test_credential_lookup.conf
-gnunet-identity -C testfour -c test_credential_lookup.conf
-
-#TODO1 Get credential and store it with subject (3)
-CRED=`$DO_TIMEOUT gnunet-credential --issue --issuer=$TEST_SUBDELEGATION_SUBJECT --attribute=$TEST_SUB_ATTR --expiration 1m -c test_credential_lookup.conf`
-gnunet-namestore -p -z testfour -a -n $TEST_CREDENTIAL -t CRED -V $CRED -e 5m -c test_credential_lookup.conf
-
-# (1)
-gnunet-namestore -p -z testone -a -n $TEST_ATTR -t ATTR -V "$TEST_DELEGATION_SUBJECT $TEST_DELEGATION_ATTR"
-
-# (2)
-gnunet-namestore -p -z testtwo -a -n $TEST_SUB_ATTR -t ATTR -V "$TEST_SUBDELEGATION_SUBJECT"
-
-
-#TODO2 Add -z swich like in gnunet-gns
-RES_IP=`$DO_TIMEOUT gnunet-credential --verify --issuer=$TEST_ISSUER --attribute="$TEST_DELEGATION_ATTR" --subject=$TEST_SUBJECT --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf`
-
-#TODO cleanup properly
-gnunet-namestore -z testsubject -d -n newcred -t CRED -e never -c test_credential_lookup.conf
-gnunet-identity -D testsubject -c test_credential_lookup.conf
-gnunet-arm -e -c test_credential_lookup.conf
-
-#TODO3 proper test
-exit 0
-
-#if [ "$RES_IP" == "$TEST_CRED" ]
-#then
-#  exit 0
-#else
-#  echo "FAIL: Failed to resolve to proper IP, got $RES_IP."
-#  exit 1
-#fi

diff --git a/src/credential/test_credential_verify.sh b/src/credential/test_credential_verify.sh
new file mode 100755 (executable)
index 0000000..6e5ba46
--- /dev/null
+++ b/src/credential/test_credential_verify.sh
@@ -0,0 +1,62 @@
+#!/bin/bash
+trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+  LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+       echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+       exit 77
+fi
+
+rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
+
+#  (1) Authority.test -> Intermediate.org.user
+#  (2) Intermediate.org -> Issuer
+#  (3) Issuer.user -> Subject
+
+
+which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
+gnunet-arm -s -c test_credential_lookup.conf
+gnunet-identity -C testissuer -c test_credential_lookup.conf
+gnunet-identity -C testsubject -c test_credential_lookup.conf
+gnunet-identity -C testintermediate -c test_credential_lookup.conf
+gnunet-identity -C testauthority -c test_credential_lookup.conf
+
+TEST_ATTR="user"
+INTERMEDIATE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testintermediate | awk '{print $3}')
+SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}')
+ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}')
+CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR -c test_credential_lookup.conf`
+
+TEST_CREDENTIAL="t1"
+gnunet-namestore -p -z testsubject -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
+
+INTERMEDIATE_ATTR="org"
+gnunet-namestore -p -z testintermediate -a -n $INTERMEDIATE_ATTR -t ATTR -V "$ISSUER_KEY" -e 5m -c test_credential_lookup.conf
+
+AUTHORITY_ATTR="test"
+gnunet-namestore -p -z testauthority -a -n $AUTHORITY_ATTR -t ATTR -V "$INTERMEDIATE_KEY $INTERMEDIATE_ATTR.$TEST_ATTR" -e 5m -c test_credential_lookup.conf
+
+#TODO2 Add -z swich like in gnunet-gns
+#RES_CRED=`$DO_TIMEOUT gnunet-credential --verify --issuer=$ISSUER_KEY --attribute="$TEST_ATTR" --subject=$SUBJECT_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf`
+valgrind gnunet-credential --verify --issuer=$AUTHORITY_KEY --attribute=$AUTHORITY_ATTR --subject=$SUBJECT_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf
+
+#TODO cleanup properly
+gnunet-namestore -z testsubject -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf
+gnunet-arm -e -c test_credential_lookup.conf
+
+#TODO3 proper test
+exit 0
+
+if [ "$RES_CRED" == "Ok!" ]
+then
+  exit 0
+else
+  echo "FAIL: Failed to verify credential $RES_IP."
+  exit 1
+fi