aboutsummaryrefslogtreecommitdiffstats
path: root/tests/cms (unfollow)
Commit message (Collapse)AuthorFilesLines
2024-04-03tests: Add a sample PDF with a signatureWerner Koch1-0/+0
--
2024-01-23tests: Add two more sample p12 filesWerner Koch4-0/+14
-- GnuPG-bug-id: 6940
2024-01-12speedo: Patch ELF binaries to use built librariesWerner Koch1-0/+1
* build-aux/speedo.mk: Remove GUI stuff. Add patchelf feature. * Makefile.am (speedo): New target. -- GnuPG-bug-id: 6710
2023-10-24sm: Another partly rewrite of minip12.cWerner Koch2-0/+6
* sm/minip12.c (struct tlv_ctx_s): Add origbuffer and origbufsize. Remove pop_count. Rename offset to length. (dump_tag_info, _dump_tag_info): Rewrite. (dump_tlv_ctx, _dump_tlv_ctx): Rewrite. (tlv_new): Init origbuffer. (_tlv_peek): Add arg ti. (tlv_peek): New. (tlv_peek_null): New. (_tlv_push): Rewrite. (_tlv_pop): Rewrite. (tlv_next): New macro. Move old code to ... (_tlv_next): this. Add arg lno. Pop remaining end tags. (tlv_popped): Remove. (tlv_expect_object): Handle ndef. (tlv_expect_octet_string): Ditto. (parse_bag_encrypted_data): Use nesting level to control the inner loop. (parse_shrouded_key_bag): Likewise. (parse_bag_data): Handle surplus octet strings. (p12_parse): Ditto. * sm/minip12.c (decrypt_block): Strip the padding. (tlv_expect_top_sequence): Remove. Replace callers by tlv_expect_sequence. * tests/cms/samplekeys/t6752-ov-user-ff.p12: New sample key. * tests/cms/samplekeys/Description-p12: Add its description -- This patch improves the BER parser by simplifying it. Now tlv_next pops off and thus closes all containers regardless on whether they are length bounded or ndef. tlv_set_pending is now always used to undo the effect of a tlv_next in a loop condition which was terminated by a nesting level change. Instead of using the length as seen in the decrypted container we now remove the padding and let the BER parser do its work. This might have a negative effect on pkcs#12 objects which are not correctly padded but we don't have any example of such broken objects. GnuPG-bug-id: 6752
2023-10-06sm: Support more HMAC algos in the pkcs#12 parser.Werner Koch3-0/+7
* sm/minip12.c (oid_hmacWithSHA1): New. Also for the SHA-2 algos. (digest_algo_from_oid): New. (set_key_iv_pbes2): Add arg digest_algo. (crypt_block): Ditto. (decrypt_block): Ditto. (parse_bag_encrypted_data): Parse the optional prf part and get the hmac algorithm. (parse_shrouded_key_bag): Ditto. (p12_build): Pass SHA1 for digest_algo. * sm/t-minip12.c (run_one_test): Print failed values in verbose mode. * tests/cms/samplekeys/nistp256-openssl-self-signed.p12: New. * tests/cms/samplekeys/Description-p12: Add this one. * tests/cms/Makefile.am (EXTRA_DIST): Ditto. -- This supports the modern algorithms, i.e. using SHA256 for the KDF which is the default in openssl unless the -legacy option is used. GnuPG-bug-id: 6536
2023-10-05sm: Improve the octet string cramming for pkcs#12Werner Koch3-0/+11
* sm/minip12.c (need_octet_string_cramming): New. (tlv_expect_object, tlv_expect_octet_string): Run the test before cramming. * sm/minip12.c (ENABLE_DER_STRUCT_DUMPING): New but undefined macro for debug purposes. (bag_decrypted_data_p, bag_data_p): Use macro to allow dumping. -- This bug was exhibited by importing a gpgsm exported EC certificate. We use an extra test instead of retrying to allow retruning an error from malloc failure. And well, for easier reading of the code. GnuPG-bug-id: 6536
2023-06-29sm: Adding missing stuff to the PKCS#12 parser rewrite.Werner Koch4-1/+19
* sm/minip12.c (struct bufferlist_s): New. (struct tlv_ctx_s): Add bufferlist. (tlv_register_buffer): New. (tlv_release): Release bufferlist. (tlv_expect_object): Handle octet string cramming. (tlv_expect_octet_string): Ditto. (cram_octet_string): Changed interface. We don't need the input_consumed value anymore. * sm/minip12.c (parse_shrouded_key_bag): Also parse the attribute set. * sm/t-minip12.c (main): Add option --no-extra. (cert_collect_cb, run_tests_from_file): Fix memory leak * tests/cms/samplekeys/t5793-openssl.pfx: New from T5793. * tests/cms/samplekeys/t5793-test.pfx: Ditto. * tests/cms/samplekeys/Description-p12: Add them. * tests/cms/Makefile.am (EXTRA_DIST): Add samplekeys. -- This should finish the rewrite of the pkcsc#12 parser for now. More fun is likely to come. GnuPG-bug-id: 6536, 5793
2023-06-28sm: Major rewrite of the PKCS#12 parserWerner Koch2-7/+21
* sm/minip12.c: Reworked most of the parser. (p12_set_verbosity): Add arg debug and change all callers. * sm/t-minip12.c: Major rewrite to run regression tests unattended. * sm/Makefile.am (module_maint_tests): Move t-Minit to ... (module_tests): here. * tests/cms/samplekeys/Description-p12: New. -- Note that cram_octet_string stuff has not yet been reworked. I need to locate the sample files first. GnuPG-bug-id: 6536
2022-12-01tests: More fix for semihosted environment.NIIBE Yutaka1-0/+2
* common/all-tests.scm: Conditionalize by *win32*. * tests/cms/Makefile.am (GPGSM): Add missing GPGSM. * tests/pkits/Makefile.am (TESTS_ENVIRONMENT): Add EXEEXT. -- Signed-off-by: NIIBE Yutaka <[email protected]>
2022-12-01tests: Fix tests under cms.NIIBE Yutaka1-2/+0
* tests/cms/all-tests.scm: Remove merge mistake. -- Fixes-commit: 1246e16432b4240ad81c0bd757d7458b609dfd96 Signed-off-by: NIIBE Yutaka <[email protected]>
2022-12-01tests,w32: Fix for semihosted environment.NIIBE Yutaka1-1/+1
* tests/cms/Makefile.am (OLD_TESTS_ENVIRONMENT): Add EXEEXT. -- Signed-off-by: NIIBE Yutaka <[email protected]>
2022-11-24tests: Fix to support --enable-all-tests and variants.NIIBE Yutaka2-0/+6
* tests/gpgscm/tests.scm (test::scm): Add VARIANT argument. (tests::new): Likewise. (open-log-file, report): Support VARIANT. * tests/gpgme/all-tests.scm (setup-c, setup-py): Follow the change. * tests/cms/all-tests.scm: Likewise. * tests/cms/run-tests.scm: Likewise. * tests/migrations/all-tests.scm: Likewise. * tests/migrations/run-tests.scm: Likewise. * tests/openpgp/all-tests.scm: Likewise. * tests/openpgp/run-tests.scm: Likewise. -- Forward port from 2.2 branch of: 0fd7a902070ad9bdd835fa57dbadff25917bca42 Fixes-commit: 1c88104a3f00f7ca3790fbaab8f67b2b68cd6e18 Signed-off-by: NIIBE Yutaka <[email protected]>
2022-09-14tests: Restrict the use of gpgconf.ctl to make check.Werner Koch1-0/+2
* common/homedir.c (unix_rootdir): Add ".enable" statement to gpgconf.ctl * tests/gpgconf.ctl.in: Use this statement. * tests/cms/Makefile.am (OLD_TESTS_ENVIRONMENT): Enable .enable. (TESTS_ENVIRONMENT): Ditto. * tests/gpgme/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/migrations/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/openpgp/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/pkits/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Ditto. -- Without that it was required to delete the gpgconf.ctl to run manual tests. What a hack.
2022-04-06w32: Fix for make check.NIIBE Yutaka1-1/+1
* common/Makefile.am (module_tests): Exclude t-exechelp and t-exectool. * common/t-stringhelp.c (mygetcwd): Convert '\' to '/'. * tests/cms/Makefile.am: Add $(EXEEXT). * tests/gpgme/Makefile.am: Likewise. * tests/migrations/Makefile.am: Likewise. * tests/openpgp/Makefile.am: Likewise. -- Signed-off-by: NIIBE Yutaka <[email protected]>
2021-10-12tests: New way to make use of gpgconf.ctl in tests.Werner Koch1-2/+2
* Makefile.am (all-local): New to setup symlinks. (distclean-local): New. * tests/Makefile.am: Remove the gpgconf related targets. Just keep gpgconf.ctl.in in EXTRA_DIST * tests/cms/Makefile.am (GNUPG_BUILD_ROOT): * tests/gpgme/Makefile.am (GPGSCM_PATH): * tests/openpgp/Makefile.am (GNUPG_BUILD_ROOT): * tests/pkits/Makefile.am (GNUPG_BUILD_ROOT): * tests/tpm2dtests/defs.scm (tools): Revert to the former values. * tests/openpgp/defs.scm (tools): Ditto. -- This Fixes-commit: 399ebf6d873d4178c1d527aa4df34bf16a76360e Fixes-commit: 84fcd8e6eb7e0786399e1f6461c3f60b0db2d070 because we ran into problems with the idea of first doing a test-install for the checks. "make distcheck" turned out to be too problematic. Symlinks are a better way of doing this. Also fixes GnuPG-bug-id: 5634
2021-10-01build: Prepare for using installed versions for tests.Werner Koch1-0/+2
* tests/gpgconf.ctl.in: New. * tests/Makefile.am (EXTRA_DIST): Add new file. (TESTINST_DIRS): New. (clean-local): New. (clean-local-testinst): New. (check-recursive): New hook. (bin/gpgconf.ctl): Run a test install. * tests/cms/Makefile.am (TESTS_ENVIRONMENT): Set new envvar GNUPG_BUILD_ROOT. * tests/gpgme/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/openpgp/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/pkits/Makefile.am (TESTS_ENVIRONMENT): Ditto. * tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Ditto. -- Right now this helps only with the global configuraion dir which is now not set and thus the build host'ss own /etc/gnupg does not anymore affect the build. Signed-off-by: Werner Koch <[email protected]>
2021-06-02common: Allow for GCM decryption in de-vs mode.Werner Koch2-1/+1
* common/compliance.c (gnupg_cipher_is_allowed): Allow GCM for gpgsm in decrypt mode. * tests/cms/samplemsgs/pwri-sample.gcm.p7m: Remove duplicated authtag -- We allow GCM in de-vs mode for decryption although this has not been evaluation. It is decryption and thus no serious harm may happen.
2021-06-02sm: Support AES-GCM decryption.Werner Koch5-0/+10
* tests/cms/samplemsgs/: Add sample messages. * sm/gpgsm.c (main): Use gpgrt_fcancel on decryption error. * sm/decrypt.c (decrypt_gcm_filter): New. (gpgsm_decrypt): Use this filter if requested. Check authtag. -- Note that the sample message pwri-sample.gcm.p7m is broken: The authtag is duplicated to the authEncryptedContentInfo. I used a temporary code during testing hack to that test message out.
2021-05-31tests: Rename subdir gpgsm to cms and move sample dirs.Werner Koch67-0/+6247
-- It does not make sense to have the cms stuff at the top level but the openpgp at a dedicated directory. This patch fixes that.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-11 03:37:25 +0000