Configure private-key-data for import tests in the toml configuration

card-functionality/config/test-cards-example.toml

@@ -25,6 +25,8 @@
 #backend.pcsc = "FFFE:F1420A7A"
 backend.scdc = "D276000124010200FFFEF1420A7A0000"
 config.keygen = ["RSA2k/32", "NIST256", "Curve25519"]
+config.import = ["data/rsa2k.sec", "data/rsa4k.sec",
+    "data/25519.sec", "data/nist256.sec", "data/nist521.sec"]
 
 [card.yubikey5]
 backend.pcsc = "0006:16019180"
@@ -34,3 +36,5 @@ config.keygen = [
     "NIST256", "NIST384", "NIST521",
     "Curve25519"
 ]
+config.import = ["data/rsa2k.sec", "data/rsa4k.sec",
+    "data/25519.sec", "data/nist256.sec", "data/nist521.sec"]

card-functionality/src/cards.rs

@@ -27,6 +27,7 @@ pub struct Card {
 #[derive(Clone, Debug, Deserialize)]
 pub struct Config {
     pub keygen: Option<Vec<String>>,
+    pub import: Option<Vec<String>>,
 }
 
 /// An "opened" card, via one particular backend, with test-metadata

card-functionality/src/import.rs

@@ -2,9 +2,13 @@
 // SPDX-License-Identifier: MIT OR Apache-2.0
 
 use anyhow::Result;
+use std::str::FromStr;
+
+use sequoia_openpgp::Cert;
 
 use card_functionality::cards::TestConfig;
 use card_functionality::tests::*;
+use card_functionality::util;
 
 fn main() -> Result<()> {
     env_logger::init();
@@ -23,16 +27,20 @@ fn main() -> Result<()> {
         let userdata_out = run_test(&mut card, test_set_user_data, &[])?;
         println!(" {:x?}", userdata_out);
 
-        for (key, ciphertext) in [
+        let key_files = {
-            ("data/rsa2k.sec", "data/encrypted_to_rsa2k.asc"),
+            let config = card.get_config();
-            ("data/rsa4k.sec", "data/encrypted_to_rsa4k.asc"),
+            if let Some(import) = &config.import {
-            ("data/25519.sec", "data/encrypted_to_25519.asc"),
+                import.clone()
-            ("data/nist256.sec", "data/encrypted_to_nist256.asc"),
+            } else {
-            ("data/nist521.sec", "data/encrypted_to_nist521.asc"),
+                vec![]
-        ] {
+            }
+        };
+
+        for key_file in &key_files {
             // upload keys
-            print!("Upload key '{}'", key);
+            print!("Upload key '{}'", key_file);
-            let upload_res = run_test(&mut card, test_upload_keys, &[key]);
+            let upload_res =
+                run_test(&mut card, test_upload_keys, &[key_file]);
 
             if let Err(TestError::KeyUploadError(_file, err)) = &upload_res {
                 // The card doesn't support this key type, so skip to the
@@ -46,20 +54,17 @@ fn main() -> Result<()> {
             let upload_out = upload_res?;
             println!(" {:x?}", upload_out);
 
-            let key = std::fs::read_to_string(key)
+            let key = std::fs::read_to_string(key_file)
                 .expect("Unable to read ciphertext");
 
             // decrypt
             print!("  Decrypt");
-            let msg =
-                std::fs::read_to_string(ciphertext).unwrap_or_else(|_| {
-                    panic!(
-                        "Unable to read ciphertext from file {}",
-                        ciphertext
-                    )
-                });
 
-            let dec_out = run_test(&mut card, test_decrypt, &[&key, &msg])?;
+            let c = Cert::from_str(&key)?;
+            let ciphertext = util::encrypt_to("Hello world!\n", &c)?;
+
+            let dec_out =
+                run_test(&mut card, test_decrypt, &[&key, &ciphertext])?;
             println!(" {:x?}", dec_out);
 
             // sign