aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/gpg/t-verify.c146
-rw-r--r--tests/run-decrypt.c42
-rw-r--r--tests/run-encrypt.c79
-rw-r--r--tests/run-verify.c32
4 files changed, 201 insertions, 98 deletions
diff --git a/tests/gpg/t-verify.c b/tests/gpg/t-verify.c
index f955cc9d..fa0164ac 100644
--- a/tests/gpg/t-verify.c
+++ b/tests/gpg/t-verify.c
@@ -31,31 +31,14 @@
#include <gpgme.h>
+#define PGM "t-verify"
#include "t-support.h"
+
static const char test_text1[] = "Just GNU it!\n";
static const char test_text1f[]= "Just GNU it?\n";
static const char test_sig1[] =
-#if 0
-"-----BEGIN PGP SIGNATURE-----\n"
-"\n"
-"iEYEABECAAYFAjoKgjIACgkQLXJ8x2hpdzQMSwCeO/xUrhysZ7zJKPf/FyXA//u1\n"
-"ZgIAn0204PBR7yxSdQx6CFxugstNqmRv\n"
-"=yku6\n"
-"-----END PGP SIGNATURE-----\n"
-#elif 0
-"-----BEGIN PGP SIGNATURE-----\n"
-"Version: GnuPG v1.0.4-2 (GNU/Linux)\n"
-"Comment: For info see http://www.gnupg.org\n"
-"\n"
-"iJcEABECAFcFAjoS8/E1FIAAAAAACAAkZm9vYmFyLjF0aGlzIGlzIGEgbm90YXRp\n"
-"b24gZGF0YSB3aXRoIDIgbGluZXMaGmh0dHA6Ly93d3cuZ3Uub3JnL3BvbGljeS8A\n"
-"CgkQLXJ8x2hpdzQLyQCbBW/fgU8ZeWSlWPM1F8umHX17bAAAoIfSNDSp5zM85XcG\n"
-"iwxMrf+u8v4r\n"
-"=88Zo\n"
-"-----END PGP SIGNATURE-----\n"
-#elif 1
"-----BEGIN PGP SIGNATURE-----\n"
"\n"
"iN0EABECAJ0FAjoS+i9FFIAAAAAAAwA5YmFyw7bDpMO8w58gZGFzIHdhcmVuIFVt\n"
@@ -64,9 +47,24 @@ static const char test_sig1[] =
"Oi8vd3d3Lmd1Lm9yZy9wb2xpY3kvAAoJEC1yfMdoaXc0JBIAoIiLlUsvpMDOyGEc\n"
"dADGKXF/Hcb+AKCJWPphZCphduxSvrzH0hgzHdeQaA==\n"
"=nts1\n"
-"-----END PGP SIGNATURE-----\n"
-#endif
-;
+"-----END PGP SIGNATURE-----\n";
+
+/* The same as test_sig1 but with a second signature for which we do
+ * not have the public key (deleted after signature creation). */
+static const char test_sig1_plus_unknown_key[] =
+"-----BEGIN PGP SIGNATURE-----\n"
+"\n"
+"iN0EABECAJ0FAjoS+i9FFIAAAAAAAwA5YmFyw7bDpMO8w58gZGFzIHdhcmVuIFVt\n"
+"bGF1dGUgdW5kIGpldHp0IGVpbiBwcm96ZW50JS1aZWljaGVuNRSAAAAAAAgAJGZv\n"
+"b2Jhci4xdGhpcyBpcyBhIG5vdGF0aW9uIGRhdGEgd2l0aCAyIGxpbmVzGhpodHRw\n"
+"Oi8vd3d3Lmd1Lm9yZy9wb2xpY3kvAAoJEC1yfMdoaXc0JBIAoIiLlUsvpMDOyGEc\n"
+"dADGKXF/Hcb+AKCJWPphZCphduxSvrzH0hgzHdeQaIh1BAAWCAAdFiEENuwqcMZC\n"
+"brD85btN+RyY8EnUIEwFAlrPR4cACgkQ+RyY8EnUIEyiuAEAm41LJTGUFDzhavRm\n"
+"jNwqUZxGGOySduW+u/X1lEfV+MYA/2lJOo75rHtD1EG+tkFVWt4Ukj0rjhR132vZ\n"
+"IOtrYAcG\n"
+"=yYwZ\n"
+"-----END PGP SIGNATURE-----\n";
+
static const char test_sig2[] =
"-----BEGIN PGP MESSAGE-----\n"
"\n"
@@ -91,37 +89,57 @@ static const char double_plaintext_sig[] =
+/* NO_OF_SIGS is the expected number of signatures. SKIP_SKIPS is
+ * which of these signatures to check (0 based). */
static void
-check_result (gpgme_verify_result_t result, unsigned int summary,
- const char *fpr,
+check_result (gpgme_verify_result_t result, int no_of_sigs, int skip_sigs,
+ unsigned int summary, const char *fpr,
gpgme_error_t status, int notation)
{
gpgme_signature_t sig;
+ int n;
sig = result->signatures;
- if (!sig || sig->next)
+ for (n=0; sig; sig = sig->next)
+ n++;
+ if (n != no_of_sigs)
+ {
+ fprintf (stderr, "%s:%i: Unexpected number of signatures"
+ " (got %d expected %d)\n", PGM, __LINE__, n, no_of_sigs);
+ exit (1);
+ }
+ if (skip_sigs >= n)
{
- fprintf (stderr, "%s:%i: Unexpected number of signatures\n",
- __FILE__, __LINE__);
+ fprintf (stderr, "%s:%i: oops SKIPP_SIGS to high\n", PGM, __LINE__);
exit (1);
}
+
+ for (n=0, sig = result->signatures; n < skip_sigs; sig = sig->next, n++)
+ ;
+
if (sig->summary != summary)
{
- fprintf (stderr, "%s:%i: Unexpected signature summary: "
+ fprintf (stderr, "%s:%i:sig-%d: Unexpected signature summary: "
"want=0x%x have=0x%x\n",
- __FILE__, __LINE__, summary, sig->summary);
+ PGM, __LINE__, skip_sigs, summary, sig->summary);
exit (1);
}
if (strcmp (sig->fpr, fpr))
{
- fprintf (stderr, "%s:%i: Unexpected fingerprint: %s\n",
- __FILE__, __LINE__, sig->fpr);
- exit (1);
+ if (strlen (sig->fpr) == 16 && strlen (fpr) == 40
+ && !strncmp (sig->fpr, fpr + 24, 16))
+ ; /* okay because gnupg < 2.2.6 only shows the keyid. */
+ else
+ {
+ fprintf (stderr, "%s:%i:sig-%d: Unexpected fingerprint: %s\n",
+ PGM, __LINE__, skip_sigs, sig->fpr);
+ exit (1);
+ }
}
if (gpgme_err_code (sig->status) != status)
{
- fprintf (stderr, "%s:%i: Unexpected signature status: %s\n",
- __FILE__, __LINE__, gpgme_strerror (sig->status));
+ fprintf (stderr, "%s:%i:sig-%d: Unexpected signature status: %s\n",
+ PGM, __LINE__, skip_sigs, gpgme_strerror (sig->status));
exit (1);
}
if (notation)
@@ -166,8 +184,8 @@ check_result (gpgme_verify_result_t result, unsigned int summary,
}
if (!any)
{
- fprintf (stderr, "%s:%i: Unexpected notation data\n",
- __FILE__, __LINE__);
+ fprintf (stderr, "%s:%i:sig-%d: Unexpected notation data\n",
+ PGM, __LINE__, skip_sigs);
exit (1);
}
}
@@ -175,28 +193,30 @@ check_result (gpgme_verify_result_t result, unsigned int summary,
{
if (expected_notations[i].seen != 1)
{
- fprintf (stderr, "%s:%i: Missing or duplicate notation data\n",
- __FILE__, __LINE__);
+ fprintf (stderr, "%s:%i:sig-%d: "
+ "Missing or duplicate notation data\n",
+ PGM, __LINE__, skip_sigs);
exit (1);
}
}
}
if (sig->wrong_key_usage)
{
- fprintf (stderr, "%s:%i: Unexpectedly wrong key usage\n",
- __FILE__, __LINE__);
+ fprintf (stderr, "%s:%i:sig-%d: Unexpectedly wrong key usage\n",
+ PGM, __LINE__, skip_sigs);
exit (1);
}
if (sig->validity != GPGME_VALIDITY_UNKNOWN)
{
- fprintf (stderr, "%s:%i: Unexpected validity: %i\n",
- __FILE__, __LINE__, sig->validity);
+ fprintf (stderr, "%s:%i:sig-%d: Unexpected validity: %i\n",
+ PGM, __LINE__, skip_sigs, sig->validity);
exit (1);
}
if (gpgme_err_code (sig->validity_reason) != GPG_ERR_NO_ERROR)
{
- fprintf (stderr, "%s:%i: Unexpected validity reason: %s\n",
- __FILE__, __LINE__, gpgme_strerror (sig->validity_reason));
+ fprintf (stderr, "%s:%i:sig-%d: Unexpected validity reason: %s\n",
+ PGM, __LINE__, skip_sigs,
+ gpgme_strerror (sig->validity_reason));
exit (1);
}
}
@@ -227,7 +247,7 @@ main (int argc, char *argv[])
err = gpgme_op_verify (ctx, sig, text, NULL);
fail_if_err (err);
result = gpgme_op_verify_result (ctx);
- check_result (result, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
+ check_result (result, 1, 0, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
GPG_ERR_NO_ERROR, 1);
/* Checking a manipulated message. */
@@ -238,9 +258,29 @@ main (int argc, char *argv[])
err = gpgme_op_verify (ctx, sig, text, NULL);
fail_if_err (err);
result = gpgme_op_verify_result (ctx);
- check_result (result, GPGME_SIGSUM_RED, "2D727CC768697734",
+ check_result (result, 1, 0, GPGME_SIGSUM_RED, "2D727CC768697734",
GPG_ERR_BAD_SIGNATURE, 0);
+ /* Checking a valid message. Bu that one has a second signature
+ * made by an unknown key. */
+ gpgme_data_release (text);
+ gpgme_data_release (sig);
+ err = gpgme_data_new_from_mem (&text, test_text1, strlen (test_text1), 0);
+ fail_if_err (err);
+ err = gpgme_data_new_from_mem (&sig, test_sig1_plus_unknown_key,
+ strlen (test_sig1_plus_unknown_key), 0);
+ fail_if_err (err);
+ err = gpgme_op_verify (ctx, sig, text, NULL);
+ fail_if_err (err);
+ result = gpgme_op_verify_result (ctx);
+ check_result (result, 2, 0, 0,
+ "A0FF4590BB6122EDEF6E3C542D727CC768697734",
+ GPG_ERR_NO_ERROR, 1);
+ check_result (result, 2, 1, GPGME_SIGSUM_KEY_MISSING,
+ "36EC2A70C6426EB0FCE5BB4DF91C98F049D4204C",
+ GPG_ERR_NO_PUBKEY, 0);
+
+
/* Checking a normal signature. */
gpgme_data_release (sig);
gpgme_data_release (text);
@@ -251,7 +291,7 @@ main (int argc, char *argv[])
err = gpgme_op_verify (ctx, sig, NULL, text);
fail_if_err (err);
result = gpgme_op_verify_result (ctx);
- check_result (result, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
+ check_result (result, 1, 0, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734",
GPG_ERR_NO_ERROR, 0);
@@ -267,7 +307,7 @@ main (int argc, char *argv[])
if (gpgme_err_code (err) != GPG_ERR_BAD_DATA)
{
fprintf (stderr, "%s:%i: Double plaintext message not detected\n",
- __FILE__, __LINE__);
+ PGM, __LINE__);
exit (1);
}
@@ -278,7 +318,7 @@ main (int argc, char *argv[])
if (!s || strcmp (s, "[email protected]"))
{
fprintf (stderr, "%s:%i: gpgme_{set,get}_sender mismatch\n",
- __FILE__, __LINE__);
+ PGM, __LINE__);
exit (1);
}
@@ -288,7 +328,7 @@ main (int argc, char *argv[])
if (!s || strcmp (s, "[email protected]"))
{
fprintf (stderr, "%s:%i: gpgme_{set,get}_sender mismatch\n",
- __FILE__, __LINE__);
+ PGM, __LINE__);
exit (1);
}
@@ -298,7 +338,7 @@ main (int argc, char *argv[])
if (!s || strcmp (s, "[email protected]"))
{
fprintf (stderr, "%s:%i: gpgme_{set,get}_sender mismatch\n",
- __FILE__, __LINE__);
+ PGM, __LINE__);
exit (1);
}
@@ -306,7 +346,7 @@ main (int argc, char *argv[])
if (gpgme_err_code (err) != GPG_ERR_INV_VALUE)
{
fprintf (stderr, "%s:%i: gpgme_set_sender didn't detect bogus address\n",
- __FILE__, __LINE__);
+ PGM, __LINE__);
exit (1);
}
/* (the former address should still be there.) */
@@ -314,7 +354,7 @@ main (int argc, char *argv[])
if (!s || strcmp (s, "[email protected]"))
{
fprintf (stderr, "%s:%i: gpgme_{set,get}_sender mismatch\n",
- __FILE__, __LINE__);
+ PGM, __LINE__);
exit (1);
}
diff --git a/tests/run-decrypt.c b/tests/run-decrypt.c
index f4c47544..69de139c 100644
--- a/tests/run-decrypt.c
+++ b/tests/run-decrypt.c
@@ -53,19 +53,21 @@ print_result (gpgme_decrypt_result_t result)
gpgme_recipient_t recp;
int count = 0;
- printf ("Original file name: %s\n", nonnull(result->file_name));
- printf ("Wrong key usage: %i\n", result->wrong_key_usage);
- printf ("Unsupported algorithm: %s\n",
- nonnull(result->unsupported_algorithm));
- if (result->session_key)
- printf ("Session key: %s\n", result->session_key);
-
- for (recp = result->recipients; recp->next; recp = recp->next)
+ printf ("Original file name .: %s\n", nonnull(result->file_name));
+ printf ("Wrong key usage ....: %s\n", result->wrong_key_usage? "yes":"no");
+ printf ("Compliance de-vs ...: %s\n", result->is_de_vs? "yes":"no");
+ printf ("MIME flag ..........: %s\n", result->is_mime? "yes":"no");
+ printf ("Unsupported algo ...: %s\n", nonnull(result->unsupported_algorithm));
+ printf ("Session key ........: %s\n", nonnull (result->session_key));
+ printf ("Symmetric algorithm : %s\n", result->symkey_algo);
+
+ for (recp = result->recipients; recp && recp->next; recp = recp->next)
{
- printf ("recipient %d\n", count++);
+ printf ("Recipient ...: %d\n", count++);
printf (" status ....: %s\n", gpgme_strerror (recp->status));
- printf (" keyid: %s\n", nonnull (recp->keyid));
- printf (" algo ...: %s\n", gpgme_pubkey_algo_name (recp->pubkey_algo));
+ printf (" keyid .....: %s\n", nonnull (recp->keyid));
+ printf (" algo ......: %s\n",
+ gpgme_pubkey_algo_name (recp->pubkey_algo));
}
}
@@ -82,6 +84,7 @@ show_usage (int ex)
" --export-session-key show the session key\n"
" --override-session-key STRING use STRING as session key\n"
" --request-origin STRING use STRING as request origin\n"
+ " --no-symkey-cache disable the use of that cache\n"
" --unwrap remove only the encryption layer\n"
, stderr);
exit (ex);
@@ -104,6 +107,7 @@ main (int argc, char **argv)
int export_session_key = 0;
const char *override_session_key = NULL;
const char *request_origin = NULL;
+ int no_symkey_cache = 0;
int raw_output = 0;
if (argc)
@@ -160,6 +164,11 @@ main (int argc, char **argv)
request_origin = *argv;
argc--; argv++;
}
+ else if (!strcmp (*argv, "--no-symkey-cache"))
+ {
+ no_symkey_cache = 1;
+ argc--; argv++;
+ }
else if (!strcmp (*argv, "--unwrap"))
{
flags |= GPGME_DECRYPT_UNWRAP;
@@ -226,6 +235,17 @@ main (int argc, char **argv)
}
}
+ if (no_symkey_cache)
+ {
+ err = gpgme_set_ctx_flag (ctx, "no-symkey-cache", "1");
+ if (err)
+ {
+ fprintf (stderr, PGM ": error setting no-symkey-cache: %s\n",
+ gpgme_strerror (err));
+ exit (1);
+ }
+ }
+
err = gpgme_data_new_from_stream (&in, fp_in);
if (err)
{
diff --git a/tests/run-encrypt.c b/tests/run-encrypt.c
index e949d760..94084694 100644
--- a/tests/run-encrypt.c
+++ b/tests/run-encrypt.c
@@ -37,6 +37,19 @@
static int verbose;
+static char *
+xstrdup (const char *string)
+{
+ char *p = strdup (string);
+ if (!p)
+ {
+ fprintf (stderr, "strdup failed\n");
+ exit (2);
+ }
+ return p;
+}
+
+
static gpg_error_t
status_cb (void *opaque, const char *keyword, const char *value)
{
@@ -80,17 +93,19 @@ show_usage (int ex)
{
fputs ("usage: " PGM " [options] FILE\n\n"
"Options:\n"
- " --verbose run in verbose mode\n"
- " --status print status lines from the backend\n"
- " --progress print progress info\n"
- " --openpgp use the OpenPGP protocol (default)\n"
- " --cms use the CMS protocol\n"
- " --uiserver use the UI server\n"
- " --loopback use a loopback pinentry\n"
- " --key NAME encrypt to key NAME\n"
- " --throw-keyids use this option\n"
- " --wrap assume input is valid OpenPGP message\n"
- " --symmetric encrypt symmetric (OpenPGP only)\n"
+ " --verbose run in verbose mode\n"
+ " --status print status lines from the backend\n"
+ " --progress print progress info\n"
+ " --openpgp use the OpenPGP protocol (default)\n"
+ " --cms use the CMS protocol\n"
+ " --uiserver use the UI server\n"
+ " --loopback use a loopback pinentry\n"
+ " --key NAME encrypt to key NAME\n"
+ " --keystring NAMES encrypt to ';' delimited NAMES\n"
+ " --throw-keyids use this option\n"
+ " --no-symkey-cache disable the use of that cache\n"
+ " --wrap assume input is valid OpenPGP message\n"
+ " --symmetric encrypt symmetric (OpenPGP only)\n"
, stderr);
exit (ex);
}
@@ -102,7 +117,6 @@ main (int argc, char **argv)
int last_argc = -1;
gpgme_error_t err;
gpgme_ctx_t ctx;
- const char *key_string = NULL;
gpgme_protocol_t protocol = GPGME_PROTOCOL_OpenPGP;
gpgme_data_t in, out;
gpgme_encrypt_result_t result;
@@ -112,9 +126,11 @@ main (int argc, char **argv)
char *keyargs[10];
gpgme_key_t keys[10+1];
int keycount = 0;
+ char *keystring = NULL;
int i;
gpgme_encrypt_flags_t flags = GPGME_ENCRYPT_ALWAYS_TRUST;
gpgme_off_t offset;
+ int no_symkey_cache = 0;
if (argc)
{ argc--; argv++; }
@@ -172,6 +188,17 @@ main (int argc, char **argv)
keyargs[keycount++] = *argv;
argc--; argv++;
}
+ else if (!strcmp (*argv, "--keystring"))
+ {
+ argc--; argv++;
+ if (!argc)
+ show_usage (1);
+ keystring = xstrdup (*argv);
+ for (i=0; keystring[i]; i++)
+ if (keystring[i] == ';')
+ keystring[i] = '\n';
+ argc--; argv++;
+ }
else if (!strcmp (*argv, "--throw-keyids"))
{
flags |= GPGME_ENCRYPT_THROW_KEYIDS;
@@ -192,6 +219,11 @@ main (int argc, char **argv)
flags |= GPGME_ENCRYPT_SYMMETRIC;
argc--; argv++;
}
+ else if (!strcmp (*argv, "--no-symkey-cache"))
+ {
+ no_symkey_cache = 1;
+ argc--; argv++;
+ }
else if (!strncmp (*argv, "--", 2))
show_usage (1);
@@ -200,15 +232,6 @@ main (int argc, char **argv)
if (argc != 1)
show_usage (1);
- if (key_string && protocol == GPGME_PROTOCOL_UISERVER)
- {
- fprintf (stderr, PGM ": ignoring --key in UI-server mode\n");
- key_string = NULL;
- }
-
- if (!key_string)
- key_string = "test";
-
init_gpgme (protocol);
err = gpgme_new (&ctx);
@@ -227,6 +250,16 @@ main (int argc, char **argv)
gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_LOOPBACK);
gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL);
}
+ if (no_symkey_cache)
+ {
+ err = gpgme_set_ctx_flag (ctx, "no-symkey-cache", "1");
+ if (err)
+ {
+ fprintf (stderr, PGM ": error setting no-symkey-cache: %s\n",
+ gpgme_strerror (err));
+ exit (1);
+ }
+ }
for (i=0; i < keycount; i++)
{
@@ -281,7 +314,8 @@ main (int argc, char **argv)
err = gpgme_data_new (&out);
fail_if_err (err);
- err = gpgme_op_encrypt (ctx, keycount ? keys : NULL, flags, in, out);
+ err = gpgme_op_encrypt_ext (ctx, keycount ? keys : NULL, keystring,
+ flags, in, out);
result = gpgme_op_encrypt_result (ctx);
if (result)
print_result (result);
@@ -301,5 +335,6 @@ main (int argc, char **argv)
for (i=0; i < keycount; i++)
gpgme_key_unref (keys[i]);
gpgme_release (ctx);
+ free (keystring);
return 0;
}
diff --git a/tests/run-verify.c b/tests/run-verify.c
index b22e6446..4a6c9601 100644
--- a/tests/run-verify.c
+++ b/tests/run-verify.c
@@ -136,10 +136,11 @@ print_result (gpgme_verify_result_t result)
gpgme_tofu_info_t ti;
int count = 0;
- printf ("Original file name: %s\n", nonnull(result->file_name));
+ printf ("Original file name .: %s\n", nonnull(result->file_name));
+ printf ("MIME flag ..........: %s\n", result->is_mime? "yes":"no");
for (sig = result->signatures; sig; sig = sig->next)
{
- printf ("Signature %d\n", count++);
+ printf ("Signature ...: %d\n", count++);
printf (" status ....: %s\n", gpgme_strerror (sig->status));
printf (" summary ...:"); print_summary (sig->summary); putchar ('\n');
printf (" fingerprint: %s\n", nonnull (sig->fpr));
@@ -163,17 +164,24 @@ print_result (gpgme_verify_result_t result)
);
for (nt = sig->notations; nt; nt = nt->next)
{
- printf (" notation ..: '%s'\n", nt->name);
- if (strlen (nt->name) != nt->name_len)
- printf (" warning : name larger (%d)\n", nt->name_len);
- printf (" flags ...:%s%s (0x%02x)\n",
- nt->critical? " critical":"",
- nt->human_readable? " human":"",
- nt->flags);
- if (nt->value)
- printf (" value ...: '%s'\n", nt->value);
+ if (nt->name)
+ {
+ printf (" notation ..: '%s'\n", nt->name);
+ if (strlen (nt->name) != nt->name_len)
+ printf (" warning .: name larger (%d)\n", nt->name_len);
+ printf (" flags ...:%s%s (0x%02x)\n",
+ nt->critical? " critical":"",
+ nt->human_readable? " human":"",
+ nt->flags);
+ if (nt->value)
+ printf (" value ...: '%s'\n", nt->value);
+ }
+ else
+ {
+ printf (" policy ....: '%s'\n", nt->value);
+ }
if ((nt->value?strlen (nt->value):0) != nt->value_len)
- printf (" warning : value larger (%d)\n", nt->value_len);
+ printf (" warning .: value larger (%d)\n", nt->value_len);
}
if (sig->key)
{
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-29 14:43:03 +0000