tests: Extend tests with an ultimately trusted key

* tests/gpg/Makefile.am (gpg-sample.stamp, pubring-stamp): Unify usage of tabs. (pubring-stamp): Import owner trust values. * tests/gpg/ownertrust.txt: New. * tests/gpg/t-decrypt-verify.c, tests/gpg/t-verify.c: Update expected values for signature summary and validity. * tests/gpg/t-keylist-secret-sig.c, tests/gpg/t-keylist-sig.c, tests/gpg/t-keylist.c: Update expected values of owner trust and uid validity. -- This change marks the "Alpha Test" test key as ultimately trusted which makes it possible to check for correct values derived from this, i.e. key owner trust, user id validity, signature summary and signature validity. GnuPG-bug-id: 6342
author: Ingo Klöcker <[email protected]> 2023-02-08 12:46:17 +0000
committer: Ingo Klöcker <[email protected]> 2023-02-08 12:46:17 +0000
commit: fcefc78f749a8f39cc587636647b24f8fa48efad (patch)
tree: 7aff21c5303e0629f7afa5d7d6283875c66ec707 /tests
parent: tests: Make t-edit-sign idempotent (diff)
download: gpgme-fcefc78f749a8f39cc587636647b24f8fa48efad.tar.gz
gpgme-fcefc78f749a8f39cc587636647b24f8fa48efad.zip
7 files changed, 56 insertions, 42 deletions
diff --git a/tests/gpg/Makefile.am b/tests/gpg/Makefile.am
index 6d995391..c4a4ce42 100644
--- a/tests/gpg/Makefile.am
+++ b/tests/gpg/Makefile.am
@@ -99,15 +99,17 @@ gpg-sample.stamp: $(srcdir)/$(private_keys)
 	-$(TESTS_ENVIRONMENT) gpgconf --kill all
 	$(MKDIR_P) ./private-keys-v1.d
 	for k in $(private_keys); do \
-          cp $(srcdir)/$$k private-keys-v1.d/$$k.key; \
-        done
+	  cp $(srcdir)/$$k private-keys-v1.d/$$k.key; \
+	done
 	echo x > ./gpg-sample.stamp
 
 pubring-stamp: $(srcdir)/pubdemo.asc gpg-sample.stamp
 	$(TESTS_ENVIRONMENT) $(GPG) --batch --no-permission-warning \
-               --import $(srcdir)/pubdemo.asc
+		--import $(srcdir)/pubdemo.asc
 	-$(TESTS_ENVIRONMENT) $(GPG) --batch --no-permission-warning \
 		--import $(srcdir)/secdemo.asc
+	-$(TESTS_ENVIRONMENT) $(GPG) --batch --no-permission-warning \
+		--import-ownertrust $(srcdir)/ownertrust.txt
 	echo x > ./pubring-stamp
 
 gpg.conf: $(srcdir)/gpg.conf.in
diff --git a/tests/gpg/ownertrust.txt b/tests/gpg/ownertrust.txt
new file mode 100644
index 00000000..0f31f9e4
--- /dev/null
+++ b/tests/gpg/ownertrust.txt
@@ -0,0 +1,3 @@
+# List of assigned trustvalues, created Mi 08 Feb 2023 09:52:04 CET
+# (Use "gpg --import-ownertrust" to restore them)
+A0FF4590BB6122EDEF6E3C542D727CC768697734:6:
diff --git a/tests/gpg/t-decrypt-verify.c b/tests/gpg/t-decrypt-verify.c
index cbd6cc70..211f8129 100644
--- a/tests/gpg/t-decrypt-verify.c
+++ b/tests/gpg/t-decrypt-verify.c
@@ -38,7 +38,7 @@
 
 static void
 check_verify_result (gpgme_verify_result_t result, unsigned int summary,
-		     const char *fpr, gpgme_error_t status)
+		     const char *fpr, gpgme_error_t status, int validity)
 {
   gpgme_signature_t sig;
 
@@ -79,10 +79,11 @@ check_verify_result (gpgme_verify_result_t result, unsigned int summary,
 	       __FILE__, __LINE__);
       exit (1);
     }
-  if (sig->validity != GPGME_VALIDITY_UNKNOWN)
+  if (sig->validity != validity)
     {
-      fprintf (stderr, "%s:%i: Unexpected validity: %i\n",
-	       __FILE__, __LINE__, sig->validity);
+      fprintf (stderr, "%s:%i: Unexpected validity: "
+               "want=%i have=%i\n",
+	       __FILE__, __LINE__, validity, sig->validity);
       exit (1);
     }
   if (gpgme_err_code (sig->validity_reason) != GPG_ERR_NO_ERROR)
@@ -134,9 +135,9 @@ main (int argc, char *argv[])
     }
   print_data (out);
   verify_result = gpgme_op_verify_result (ctx);
-  check_verify_result (verify_result, 0,
+  check_verify_result (verify_result, GPGME_SIGSUM_VALID|GPGME_SIGSUM_GREEN,
 		       "A0FF4590BB6122EDEF6E3C542D727CC768697734",
-		       GPG_ERR_NO_ERROR);
+		       GPG_ERR_NO_ERROR, GPGME_VALIDITY_FULL);
 
   gpgme_data_release (in);
   gpgme_data_release (out);
diff --git a/tests/gpg/t-keylist-secret-sig.c b/tests/gpg/t-keylist-secret-sig.c
index c0ef5c0c..d9c88eaf 100644
--- a/tests/gpg/t-keylist-secret-sig.c
+++ b/tests/gpg/t-keylist-secret-sig.c
@@ -167,7 +167,7 @@ main (void)
 		   key->chain_id);
 	  exit (1);
 	}
-      if (key->owner_trust != GPGME_VALIDITY_UNKNOWN)
+      if (key->owner_trust != GPGME_VALIDITY_ULTIMATE)
 	{
 	  fprintf (stderr, "Key has unexpected owner trust: %i\n",
 		   key->owner_trust);
@@ -349,7 +349,7 @@ main (void)
 	  fprintf (stderr, "First user ID unexpectedly invalid\n");
 	  exit (1);
 	}
-      if (key->uids && key->uids->validity != GPGME_VALIDITY_UNKNOWN)
+      if (key->uids && key->uids->validity != GPGME_VALIDITY_ULTIMATE)
 	{
 	  fprintf (stderr, "First user ID has unexpectedly validity: %i\n",
 		   key->uids->validity);
@@ -435,7 +435,7 @@ main (void)
 	  exit (1);
 	}
       if (key->uids && key->uids->next
-	  && key->uids->next->validity != GPGME_VALIDITY_UNKNOWN)
+	  && key->uids->next->validity != GPGME_VALIDITY_ULTIMATE)
 	{
 	  fprintf (stderr, "Second user ID has unexpectedly validity: %i\n",
 		   key->uids->next->validity);
@@ -526,7 +526,7 @@ main (void)
 	  exit (1);
 	}
       if (key->uids && key->uids->next && key->uids->next->next
-	  && key->uids->next->next->validity != GPGME_VALIDITY_UNKNOWN)
+	  && key->uids->next->next->validity != GPGME_VALIDITY_ULTIMATE)
 	{
 	  fprintf (stderr, "Third user ID has unexpectedly validity: %i\n",
 		   key->uids->next->next->validity);
diff --git a/tests/gpg/t-keylist-sig.c b/tests/gpg/t-keylist-sig.c
index 390ff41a..250214c1 100644
--- a/tests/gpg/t-keylist-sig.c
+++ b/tests/gpg/t-keylist-sig.c
@@ -167,7 +167,7 @@ main (void)
 		   key->chain_id);
 	  exit (1);
 	}
-      if (key->owner_trust != GPGME_VALIDITY_UNKNOWN)
+      if (key->owner_trust != GPGME_VALIDITY_ULTIMATE)
 	{
 	  fprintf (stderr, "Key has unexpected owner trust: %i\n",
 		   key->owner_trust);
@@ -349,7 +349,7 @@ main (void)
 	  fprintf (stderr, "First user ID unexpectedly invalid\n");
 	  exit (1);
 	}
-      if (key->uids && key->uids->validity != GPGME_VALIDITY_UNKNOWN)
+      if (key->uids && key->uids->validity != GPGME_VALIDITY_ULTIMATE)
 	{
 	  fprintf (stderr, "First user ID has unexpectedly validity: %i\n",
 		   key->uids->validity);
@@ -435,7 +435,7 @@ main (void)
 	  exit (1);
 	}
       if (key->uids && key->uids->next
-	  && key->uids->next->validity != GPGME_VALIDITY_UNKNOWN)
+	  && key->uids->next->validity != GPGME_VALIDITY_ULTIMATE)
 	{
 	  fprintf (stderr, "Second user ID has unexpectedly validity: %i\n",
 		   key->uids->next->validity);
@@ -526,7 +526,7 @@ main (void)
 	  exit (1);
 	}
       if (key->uids && key->uids->next && key->uids->next->next
-	  && key->uids->next->next->validity != GPGME_VALIDITY_UNKNOWN)
+	  && key->uids->next->next->validity != GPGME_VALIDITY_ULTIMATE)
 	{
 	  fprintf (stderr, "Third user ID has unexpectedly validity: %i\n",
 		   key->uids->next->next->validity);
diff --git a/tests/gpg/t-keylist.c b/tests/gpg/t-keylist.c
index 3b4fea18..fc9fc1b7 100644
--- a/tests/gpg/t-keylist.c
+++ b/tests/gpg/t-keylist.c
@@ -43,8 +43,10 @@ struct key_info_s
     const char *name;
     const char *comment;
     const char *email;
+    gpgme_validity_t validity;
   } uid[3];
   int n_subkeys;
+  gpgme_validity_t owner_trust;
   void (*misc_check)(struct key_info_s *keyinfo, gpgme_key_t key);
 };
 
@@ -56,9 +58,12 @@ static void check_whisky (struct key_info_s *keyinfo, gpgme_key_t key);
 struct key_info_s keys[] =
   {
     { "A0FF4590BB6122EDEF6E3C542D727CC768697734", "6AE6D7EE46A871F8",
-      { { "Alfa Test", "demo key", "[email protected]" },
-        { "Alpha Test", "demo key", "[email protected]" },
-	{ "Alice", "demo key", NULL } }, 1 },
+      { { "Alfa Test", "demo key", "[email protected]",
+	  GPGME_VALIDITY_ULTIMATE },
+        { "Alpha Test", "demo key", "[email protected]",
+	    GPGME_VALIDITY_ULTIMATE },
+	{ "Alice", "demo key", NULL, GPGME_VALIDITY_ULTIMATE } }, 1,
+	GPGME_VALIDITY_ULTIMATE },
     { "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2", "5381EA4EE29BA37F",
       { { "Bob", "demo key", NULL },
 	{ "Bravo Test", "demo key", "[email protected]" } }, 1 },
@@ -107,7 +112,7 @@ struct key_info_s keys[] =
       { { "Victor Test", "demo key", "[email protected]" } }, 1 },
     { "E8D6C90B683B0982BD557A99DEF0F7B8EC67DBDE", "D7FBB421FD6E27F6",
       { { "Whisky Test", "demo key", "[email protected]" } }, 3,
-          check_whisky },
+	GPGME_VALIDITY_UNKNOWN, check_whisky },
     { "04C1DF62EFA0EBB00519B06A8979A6C5567FB34A", "5CC6F87F41E408BE",
       { { "XRay Test", "demo key", "[email protected]" } }, 1 },
     { "ED9B316F78644A58D042655A9EEF34CD4B11B25F", "5ADFD255F7B080AD",
@@ -219,10 +224,10 @@ main (int argc, char **argv)
 		   key->chain_id);
 	  exit (1);
 	}
-      if (key->owner_trust != GPGME_VALIDITY_UNKNOWN)
+      if (key->owner_trust != keys[i].owner_trust)
 	{
-	  fprintf (stderr, "Key has unexpected owner trust: %i\n",
-		   key->owner_trust);
+	  fprintf (stderr, "Key `%s' has unexpected owner trust: %i\n",
+		   keys[i].uid[0].name, key->owner_trust);
 	  exit (1);
 	}
 
@@ -426,10 +431,10 @@ main (int argc, char **argv)
 	  fprintf (stderr, "First user ID unexpectedly invalid\n");
 	  exit (1);
 	}
-      if (key->uids && key->uids->validity != GPGME_VALIDITY_UNKNOWN)
+      if (key->uids && key->uids->validity != keys[i].uid[0].validity)
 	{
-	  fprintf (stderr, "First user ID has unexpectedly validity: %i\n",
-		   key->uids->validity);
+	  fprintf (stderr, "First user ID `%s' has unexpectedly validity: %i\n",
+		   key->uids->name, key->uids->validity);
 	  exit (1);
 	}
       if (key->uids && key->uids->signatures)
@@ -469,7 +474,7 @@ main (int argc, char **argv)
 	  exit (1);
 	}
       if (key->uids && key->uids->next
-	  && key->uids->next->validity != GPGME_VALIDITY_UNKNOWN)
+	  && key->uids->next->validity != keys[i].uid[1].validity)
 	{
 	  fprintf (stderr, "Second user ID has unexpectedly validity: %i\n",
 		   key->uids->next->validity);
@@ -514,7 +519,7 @@ main (int argc, char **argv)
 	  exit (1);
 	}
       if (key->uids && key->uids->next && key->uids->next->next
-	  && key->uids->next->next->validity != GPGME_VALIDITY_UNKNOWN)
+	  && key->uids->next->next->validity != keys[i].uid[2].validity)
 	{
 	  fprintf (stderr, "Third user ID has unexpectedly validity: %i\n",
 		   key->uids->next->next->validity);
diff --git a/tests/gpg/t-verify.c b/tests/gpg/t-verify.c
index 695a994e..c89e4973 100644
--- a/tests/gpg/t-verify.c
+++ b/tests/gpg/t-verify.c
@@ -94,7 +94,7 @@ static const char double_plaintext_sig[] =
 static void
 check_result (gpgme_verify_result_t result, int no_of_sigs, int skip_sigs,
               unsigned int summary, const char *fpr,
-	      gpgme_error_t status, int notation)
+	      gpgme_error_t status, int notation, int validity)
 {
   gpgme_signature_t sig;
   int n;
@@ -206,10 +206,11 @@ check_result (gpgme_verify_result_t result, int no_of_sigs, int skip_sigs,
 	       PGM, __LINE__, skip_sigs);
       exit (1);
     }
-  if (sig->validity != GPGME_VALIDITY_UNKNOWN)
+  if (sig->validity != validity)
     {
-      fprintf (stderr, "%s:%i:sig-%d: Unexpected validity: %i\n",
-	       PGM, __LINE__, skip_sigs, sig->validity);
+      fprintf (stderr, "%s:%i:sig-%d: Unexpected validity: "
+               "want=%i have=%i\n",
+	       PGM, __LINE__, skip_sigs, validity, sig->validity);
       exit (1);
     }
   if (gpgme_err_code (sig->validity_reason) != GPG_ERR_NO_ERROR)
@@ -247,8 +248,9 @@ main (int argc, char *argv[])
   err = gpgme_op_verify (ctx, sig, text, NULL);
   fail_if_err (err);
   result = gpgme_op_verify_result (ctx);
-  check_result (result, 1, 0, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
-		GPG_ERR_NO_ERROR, 1);
+  check_result (result, 1, 0, GPGME_SIGSUM_VALID|GPGME_SIGSUM_GREEN,
+                "A0FF4590BB6122EDEF6E3C542D727CC768697734",
+		GPG_ERR_NO_ERROR, 1, GPGME_VALIDITY_FULL);
 
   /* Checking a manipulated message.  */
   gpgme_data_release (text);
@@ -259,9 +261,9 @@ main (int argc, char *argv[])
   fail_if_err (err);
   result = gpgme_op_verify_result (ctx);
   check_result (result, 1, 0, GPGME_SIGSUM_RED, "2D727CC768697734",
-		GPG_ERR_BAD_SIGNATURE, 0);
+		GPG_ERR_BAD_SIGNATURE, 0, GPGME_VALIDITY_UNKNOWN);
 
-  /* Checking a valid message.  Bu that one has a second signature
+  /* Checking a valid message.  But that one has a second signature
    * made by an unknown key.  */
   gpgme_data_release (text);
   gpgme_data_release (sig);
@@ -273,12 +275,12 @@ main (int argc, char *argv[])
   err = gpgme_op_verify (ctx, sig, text, NULL);
   fail_if_err (err);
   result = gpgme_op_verify_result (ctx);
-  check_result (result, 2, 0, 0,
+  check_result (result, 2, 0, GPGME_SIGSUM_VALID|GPGME_SIGSUM_GREEN,
                 "A0FF4590BB6122EDEF6E3C542D727CC768697734",
-		GPG_ERR_NO_ERROR, 1);
+		GPG_ERR_NO_ERROR, 1, GPGME_VALIDITY_FULL);
   check_result (result, 2, 1, GPGME_SIGSUM_KEY_MISSING,
                 "36EC2A70C6426EB0FCE5BB4DF91C98F049D4204C",
-		GPG_ERR_NO_PUBKEY, 0);
+		GPG_ERR_NO_PUBKEY, 0, GPGME_VALIDITY_UNKNOWN);
 
 
   /* Checking a normal signature.  */
@@ -291,8 +293,9 @@ main (int argc, char *argv[])
   err = gpgme_op_verify (ctx, sig, NULL, text);
   fail_if_err (err);
   result = gpgme_op_verify_result (ctx);
-  check_result (result, 1, 0, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
-		GPG_ERR_NO_ERROR, 0);
+  check_result (result, 1, 0, GPGME_SIGSUM_VALID|GPGME_SIGSUM_GREEN,
+                "A0FF4590BB6122EDEF6E3C542D727CC768697734",
+		GPG_ERR_NO_ERROR, 0, GPGME_VALIDITY_FULL);
 
 
   /* Checking an invalid message.  */
author	Ingo Klöcker <[email protected]>	2023-02-08 12:46:17 +0000
committer	Ingo Klöcker <[email protected]>	2023-02-08 12:46:17 +0000
commit	fcefc78f749a8f39cc587636647b24f8fa48efad (patch)
tree	7aff21c5303e0629f7afa5d7d6283875c66ec707 /tests
parent	tests: Make t-edit-sign idempotent (diff)
download	gpgme-fcefc78f749a8f39cc587636647b24f8fa48efad.tar.gz gpgme-fcefc78f749a8f39cc587636647b24f8fa48efad.zip