1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
#!/usr/bin/env gpgscm
;; Copyright (C) 2025 g10 Code GmbH
;;
;; This file is part of GnuPG.
;;
;; GnuPG is free software; you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation; either version 3 of the License, or
;; (at your option) any later version.
;;
;; GnuPG is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;;
;; You should have received a copy of the GNU General Public License
;; along with this program; if not, see <http://www.gnu.org/licenses/>.
(load (in-srcdir "tests" "openpgp" "defs.scm"))
(setup-legacy-environment)
;; Used keys
(define privkey1 "private-keys-v1.d/7E201E28B6FEB2927B321F443205F4724EBE637E.key")
(define privkey2 "private-keys-v1.d/8B5ABF3EF9EB8D96B91A0B8C2C4401C91C834C34.key")
;; Create encrypted copy of keys for key reimport
(call-check `(,@GPG --enarmor ,privkey1))
(call-check `(,@GPG --enarmor ,privkey2))
(for-each-p
"Checking add-recipient 0/2"
(lambda (source)
(lettmp (reference)
(tr:do
(tr:open source)
(tr:gpg "" `( --encrypt --recipient ,usrname1))
(tr:gpg "" `( --recipient ,usrname2 --add-recipient))
(tr:write-to reference)
;; Make usr1's priv unavailable
(tr:unlink privkey1)
(tr:spawn "" `(,@GPG --output **out** --decrypt ,reference))
(tr:assert-identity source)
;; Reset enviroment
(tr:spawn "" `(,@GPG -o ,privkey1 --dearmor ,(string-append privkey1 ".asc"))) ;;usrname1
)
)
)
(append all-files)
)
(for-each-p
"Checking change-recipient 1/2"
(lambda (source)
(lettmp (reference)
(tr:do
;; Encrypt to usr1
(tr:open source)
(tr:gpg "" `( --encrypt --recipient ,usrname1))
;; Change recipient to usr2
(tr:gpg "" `( --recipient ,usrname2 --change-recipient))
(tr:write-to reference)
;; Setup keys for check 1
(tr:unlink privkey2) ;;Remove key usr2
;; Check if usr1 can still decrypt if yes fail
(tr:call-with-content
(lambda (c)
(assert(failed? (call-check `(,@GPG --output **out** --decrypt ,reference))))
)
)
;; Setup keys for check 2
(tr:spawn "" `(,@GPG -o ,privkey2 --dearmor ,(string-append privkey2 ".asc"))) ;;Add key usr2
(tr:unlink privkey1) ;;Remove key usr1
;; Check if usr2 can decrypt if no fail
(tr:spawn "" `(,@GPG --output **out** --decrypt ,reference))
(tr:assert-identity source)
;; Reset enviroment
(tr:spawn "" `(,@GPG -o ,privkey1 --dearmor ,(string-append privkey1 ".asc"))) ;;Add key usr1
)
)
)
(append all-files)
)
(info "Checks complete 2/2")
|
