* tests/gpg/gpg.conf.in: New.
* tests/gpg/Makefile.am (gpg.conf): Copy gpg.conf.in instead of using
echo to fill gpg.conf.
--
This change ensures that gpg.conf is updated whenever new options are
added for some tests.
* tests/gpg/t-edit-sign.c (sign_key, verify_key_signature): New.
(main): Factored out signing and verifying the result.
--
Factoring the two steps of the test into different functions fixes the
use-after-free issue that was caused by accidentaly using a variable
of the first step in the second step.
GnuPG-bug-id: 5509
* src/context.h (struct gpgme_context): Add 'cert_expire'.
* src/engine-gpg.c (append_args_from_cert_expire): New.
(gpg_edit): Set option according to the new flag.
* src/gpgme.c (gpgme_release): Free 'cert_expire'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "cert-expire".
* tests/gpg/Makefile.am (c_tests): Add new test.
(gpg.conf): Write "allow-weak-key-signatures" to gpg.conf.
* tests/gpg/t-edit-sign.c: New.
--
The new context flag "cert-expire" allows setting the expiration date
for key signatures created with gpgme_op_interact.
GnuPG-bug-id: 5336, 5505
* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.
* src/conversion.c (_gpgme_wipememory): New. Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.
* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--
GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/run-keylist.c (main): Print all infos from the primary key.
--
The test tool printed only the computed infos for the key and not the
detailed one fro the primary key. The new output better reflects the
data structure.
Related to
GnuPG-bug-id: 5454
* tests/run-verify.c (main): Remove C99-only syntax.
* tests/run-threaded.c (start_keylistings): Ditto.
--
Older gcc's do not grok this and there is no real need for it.
run-verify.c:324: error: ‘for’ loop initial declarations are only
allowed in C99 mode
run-verify.c:324: note: use option -std=c99 or -std=gnu99 to compile
your code
Reported-by: Lars Hecking
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--
The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.
GnuPG-bug-id: 5245, 5419
* tests/json/t-json.c: Remove var definitions inside a for statement.
--
This useful C99 feature seems to work only in recent gcc versions. We
can't use it; see gnupg/doc/HACKING.
GnuPG-bug-id: 5088
* src/engine-assuan.c (inquire_cb): Implement returning data.
* tests/opassuan/t-command.c (inq_cb): Send some test data.
--
The old code only allowed to send an empty response which was good
enough for scdaemon's KNOWNCARDP inquire but not to send actual data.
A quick test using a test smartcard might be
./t-command 'scd setattr --inquire PRIVATE-DO-1'
and then reading the data back using
gpg-connect-agent 'scd getattr PRIVATE-DO-1' /bye
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme.h.in (gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/genkey.c (setexpire): New.
(gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/engine.h, src/engine.c: (_gpgme_engine_op_setexpire): New.
* src/engine-backend.h (engine_ops): Add 'setexpire' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setexpire): New.
(_gpgme_engine_ops_gpg): Set setexpire to gpg_setexpire.
* doc/gpgme.texi: Document new functions.
* tests/run-genkey.c: Add option --setexpire.
--
This extends GPGME to support the --quick-set-expire command
added by GnuPG 2.1.22. This allows changing subkeys expiry
date without going through the editinteractor interface.
Co-authored-by: Andre Heinecke <aheinecke@gnupg.org>
GnuPG-bug-id: 4999
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member. Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--
This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago. It was anyway marked as
experimental. We keep the API and ABI, though.
GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/json/t-keylist-secret.out.json: Do not check for keygrip
of bravo key.
--
Since GnuPG 2.2.19 the keygrip is not emitted for public keys
in a keylisting --with-secret.
As the GPGME test suite should pass with several versions
the json test cannot test this as the suite does not allow
version checks for different output.
What the intended behavior is might still be up for discussion,
always adding --with-keygip is not a good solution because
it slows down keylistings for large keyrings.
GnuPG-Bug-Id: T4820
* tests/json/t-keylist-secret.out.json
--
Since at least 2.2.19 GnuPG no longer emits secret = true
for keys where it does not have a secret. To avoid
failures with older versions we remove the check altogether.
GnuPG-Bug-Id: T4820
* src/gpgme.h.in (struct _gpgme_user_id): Add field 'uidhash'.
* src/key.c (gpgme_key_unref): Free it.
* src/keylist.c (keylist_colon_handler): Set it.
* tests/run-keylist.c (main): Print it.
--
The uidhash value is part of gpg's output since the year 2005. This
now adds support to gpgme. The application for uidhash is to select
a user id in an edit interactor: Instead of giving the number of the
user id, the uidhash value can be be used to avoid tracking the user
id numbers.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/json/t-decrypt-verify.out.json: Remove check with key of
04071FB807287134.
--
GnuPG 2.3 changes how public key decryption works; It collects list of
PUBKEY_ENC packets and then processes an ENCRYPTED* packet. At the
stage of processing an ENCRYPTED* packet, it checks if private keys
can decrypt any of PUBKEY_ENC packets. It does not necessarily
examine all of PUBKEY_ENC packets. Only when it finds a PUBKEY_ENC
packet cannot be decrypted, it reports STATUS_NO_SECKEY with keyid of
that packet.
GnuPG 2.2 or older tries PUBKEY_ENC packets in order, and the first
successful PUBKEY_ENC packet is used. Rest of PUBKEY_ENC packets are
not examined, but STATUS_NO_SECKEY with keyid is reported even when
there is a valid private key.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tests/run-threaded.c (random_data_close): Correct FD test.
--
An invalid DS is -1 and not 0; this fix is for correctness and does
not chnage anything in the real world.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/run-threaded.c (main): Handle allow-del.
(allow-del): New. Variable to allow deletion of keys.
(import): Delete key after import if allow-del is set.
(delete_impres): Delete keys from an import result.
(delete_fpr): Delete a key by fingerprint.
--
This is intended to test write access and locking of the
keyring by repeatedly importing and deleting pubkeys.
It is an option because it might cause keyring corruption
etc. so it should be explicitly enabled.
* tests/gpg/cipher-3.asc: add an encrypted file containing signatures
(one from a known key, and one from an unknown key)
* tests/gpg/cipher-no-sig.asc: add an encrypted file containing no
signatures at all
--
We currently aren't using these files yet, but they should be useful
for exercising the library in unusual circumstances (where the bugs
are).
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* tests/run-verify.c (print_result): Chack is_de_vs.
* tests/run-import.c (main): Fix bad parameter for format string.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/Makefile.am (run-threaded): Add.
* tests/run-threaded.c: New.
--
This test is intended to help detect race conditions
or other multithread problems. It can also be used
to put the whole GnuPG system under extreme load.
* tests/gpg/t-support.h (check_gpg_version, compare_versions),
(parse_version_string, parse_version_number): Remove version
check code.
* tests/json/t-json.c (check_gpg_version, compare_versions),
(parse_version_string, parse_version_number): Add.
--
t-support header was not a good place for this. It should
go into a library e.g. gpgrt in the future. For now we
can keep it close to where it is needed.
* t-config-opt.in.json,
t-config-opt.out.json,
t-import.in.json,
t-import.out.json,
t-sign.in.json,
t-sign.out.json: New.
--
These should actually have been in a previous commit as
they are already registered.
* tests/json/t-json.c (test_contains): Try all siblings of
the haystack child.
--
This fixes the case where we don't match against the
first child because the order might have changed or
a new element was inserted at the top. Then we
have to try out also all the siblings.
* t-json.c (tests): Register new tests.
* t-createkey.in.json,
t-createkey.out.json,
t-decrypt-verify.in.json,
t-decrypt-verify.out.json,
t-decrypt.in.json,
t-decrypt.out.json,
t-delete.in.json,
t-delete.out.json,
t-encrypt-sign.in.json,
t-encrypt-sign.out.json,
t-encrypt.in.json,
t-encrypt.out.json,
t-export-secret-info.in.json,
t-export-secret-info.out.json,
t-export.in.json,
t-export.out.json,
t-json.c,
t-keylist-secret.in.json,
t-keylist-secret.out.json,
t-keylist.in.json,
t-keylist.out.json,
t-verify.in.json,
t-verify.out.json,
t-version.in.json,
t-version.out.json: New.
--
Except for help and getmore there is now a test for each command.
* tests/json/t-json.c (test_contains): When searching for "*" accept
every string.
--
This allows it to write tests that check for the existence of
a string value but don't care about the contents. E.g. for Data.
* tests/json/t-json.c (main): Skip if version is not at least
2.2.0
--
In the past new tests often failed when a modern GPGME was
used with old GnuPG's.
This should avoid the hassle for packagers without the
requirement that we test against old versions.
* t-support.h (parse_version_number, parse_version_string)
(compare_versions): New. Copy&Paste from src/version.c
(check_gpg_version): New helper to check for a gpg version.
--
This should make it easier to write tests that e.g.
rely on modern gnupg features.