# Test age-keylookup against the actual age-keyserver

# Start witness
exec witnessctl add-log -origin example.com
exec witnessctl add-key -origin example.com -key example.com+5800330c+ARPRGiaIwfx6xka5nXhdD/rqojPMjrjhm7OCuy+03Ymz
env SSH_AUTH_SOCK=$WORK/sock
! exec ssh-agent -a $SSH_AUTH_SOCK -D & # ssh-agent always exits 2
waitfor $SSH_AUTH_SOCK
chmod 600 witness_key.pem
exec ssh-add witness_key.pem
exec litewitness -ssh-agent=$SSH_AUTH_SOCK -listen localhost:7391 -name=example.com/witness -key=e933707e0e36c30f01d94b5d81e742da373679d88eb0f85f959ccd80b83b992a &
waitfor localhost:7391

# Start age-keyserver
env HCAPTCHA_SECRET=0x0000000000000000000000000000000000000000
env AGE_KEYSERVER_URL=http://localhost:13893
env AGE_KEYSERVER_HMAC_FILE=$WORK/hmac.txt
env LOG_KEY=PRIVATE+KEY+example.com+5800330c+AaAoObvamoDOmN6c30Xh9pH1e/xqKcsU+fNmthQ8qmvM
env LOG_WITNESS_POLICY=policy.txt
env VRF_KEY=vni5C6++aVMFR5tg3bwvLamWlhJEmVrtNT7uNeyo6gQ=
env AGE_KEYSERVER_VRFKEY=cmJCh5QTwp9VqN+QVV+BRxKLKmCFRuVAx+dahotxqw0=
env AGE_KEYSERVER_POLICY=policy.txt
exec age-keyserver -db=$WORK/test.sqlite3 -listen=localhost:13893 &srv&
waitfor http://localhost:13893/

# Insert a test key via HTTP endpoint
insertkey http://localhost:13893 test@example.com age1m0lsd7ywk3c66a3pwxsrj86sw0v8sxzwpxf97xhseepsud6fkues0rxq9h

# Lookup the key using the CLI
exec age-keylookup test@example.com
stdout 'age1m0lsd7ywk3c66a3pwxsrj86sw0v8sxzwpxf97xhseepsud6fkues0rxq9h'

# Test lookup for non-existent key (should fail)
! exec age-keylookup nonexistent@example.com
stderr 'no key found'

# Insert multiple keys
insertkey http://localhost:13893 alice@example.com age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p
insertkey http://localhost:13893 bob@example.com age1lggyhqrw2nlhcxprm67z43rta597azn8gknawjehu9d9dl0jq3yqqvfafg
insertkey http://localhost:13893 charlie@example.com age1v9mqpk5wx65vxqz429s93uamfu2z0rm8y9az4kfkt4dp6tua8dhqvh3lff

# Lookup each key
exec age-keylookup alice@example.com
stdout 'age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p'

exec age-keylookup bob@example.com
stdout 'age1lggyhqrw2nlhcxprm67z43rta597azn8gknawjehu9d9dl0jq3yqqvfafg'

exec age-keylookup charlie@example.com
stdout 'age1v9mqpk5wx65vxqz429s93uamfu2z0rm8y9az4kfkt4dp6tua8dhqvh3lff'

# Stop the server
killall
wait srv
stderr 'shutting down'


-- witness_key.pem --
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtz
c2gtZWQyNTUxOQAAACBkhIrYq+1uhZgbOzh1slK4dn67SwL3A6yjsecbvWqOUAAA
AIgN5+09DeftPQAAAAtzc2gtZWQyNTUxOQAAACBkhIrYq+1uhZgbOzh1slK4dn67
SwL3A6yjsecbvWqOUAAAAEAx/8IRbsvgA6yqgAq3B1e9fVMgbj/r72ptB5bZVTCz
T2SEitir7W6FmBs7OHWyUrh2frtLAvcDrKOx5xu9ao5QAAAAAAECAwQF
-----END OPENSSH PRIVATE KEY-----


-- policy.txt --
log example.com+5800330c+ARPRGiaIwfx6xka5nXhdD/rqojPMjrjhm7OCuy+03Ymz
witness W example.com/witness+10a1c019+BGSEitir7W6FmBs7OHWyUrh2frtLAvcDrKOx5xu9ao5Q http://localhost:7391
quorum W
