age
The atago project wrote these specs on its own initiative and runs them in its own CI, to exercise atago against a real program. They are not age’s official test suite, and the age project is not affiliated with atago.
Summary #
2 suites · 6 scenarios
Contents #
- age (modern file encryption) — 5 scenarios
- age + changes (single-artifact generator) — 1 scenario
age (modern file encryption) #
Source: test/e2e/thirdparty/age/age.atago.yaml
Scenario: keygen writes a key and reports the public half #
only when age --version succeeds
When #
age-keygen -o key.txt
age-keygen -y key.txt
Then #
- after
age-keygen -o key.txt:- exit code is
0 - stderr contains
Public key: - file
key.txtcontainsAGE-SECRET-KEY-1
- exit code is
- after
age-keygen -y key.txt:- exit code is
0 - stdout matches
/(?m)^age1[a-z0-9]+$/
- exit code is
Scenario: encrypt then decrypt round-trips binary bytes exactly #
only when age --version succeeds
Given #
- Fixture file
data.binis created.
When #
age-keygen -o key.txt
age-keygen -y key.txt
# capture ${pubkey} from stdout
age -r ${pubkey} -o secret.age data.bin
age -d -i key.txt -o out.bin secret.age
cmp data.bin out.bin
Then #
- after
age-keygen -o key.txt:- exit code is
0
- exit code is
- after
age -r ${pubkey} -o secret.age data.bin:- exit code is
0
- exit code is
- after
age -d -i key.txt -o out.bin secret.age:- exit code is
0
- exit code is
- after
cmp data.bin out.bin:- exit code is
0
- exit code is
Scenario: armored output is PEM-wrapped #
only when age --version succeeds
Given #
- Fixture file
msg.txtis created.
Inputs #
Fixture msg.txt:
armor me
When #
age-keygen -o key.txt
age-keygen -y key.txt
# capture ${pubkey} from stdout
age -a -r ${pubkey} -o armored.age msg.txt
Then #
- after
age-keygen -o key.txt:- exit code is
0
- exit code is
- after
age -a -r ${pubkey} -o armored.age msg.txt:- exit code is
0 - file
armored.agecontains-----BEGIN AGE ENCRYPTED FILE-----
- exit code is
Scenario: decrypting with the wrong identity fails #
only when age --version succeeds
Given #
- Fixture file
msg.txtis created.
Inputs #
Fixture msg.txt:
for the right key only
When #
age-keygen -o key.txt
age-keygen -y key.txt
# capture ${pubkey} from stdout
age -r ${pubkey} -o secret.age msg.txt
age-keygen -o other.txt
age -d -i other.txt secret.age
Then #
- after
age-keygen -o key.txt:- exit code is
0
- exit code is
- after
age -r ${pubkey} -o secret.age msg.txt:- exit code is
0
- exit code is
- after
age-keygen -o other.txt:- exit code is
0
- exit code is
- after
age -d -i other.txt secret.age:- exit code is
1 - stderr contains
no identity matched
- exit code is
Scenario: passphrase mode encrypts and decrypts interactively #
only when age --version succeeds · skipped on Windows
Given #
- Fixture file
msg.txtis created.
Inputs #
Fixture msg.txt:
passphrase protected
When #
# interactive (pty): age -p -o secret.age msg.txt
# interactive (pty): age -d -o out.txt secret.age
Then #
- exit code is
0 - file
secret.ageexists - exit code is
0 - file
out.txtcontainspassphrase protected
Generated artifacts #
secret.age
age + changes (single-artifact generator) #
Source: test/e2e/thirdparty/age/changes.atago.yaml
Scenario: age-keygen writes exactly the key file (HOME untouched) #
only when age --version succeeds
Given #
- The command runs with an isolated home under
${workdir}/.atago-home(HOME/XDG or APPDATA redirected).
When #
age-keygen -o key.txt
Then #
- exit code is
0 - the step changed exactly created
key.txt, modified nothing, deleted nothing - file
key.txtcontainsAGE-SECRET-KEY-1