1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-31 20:08:43 +01:00
gnupg/tests/openpgp/defs.inc

266 lines
5.9 KiB
PHP
Raw Normal View History

# Definitions for the OpenPGP test scripts -*- sh -*-
# Copyright 1998,1999,2000,2001,2002,2003,2004,2005,2006,
2010-10-14 10:32:55 +02:00
# 2007, 2010 Free Software Foundation, Inc.
# This file is free software; as a special exception the author gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved. This file is
# distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY, to the extent permitted by law; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#--------------------------------
#------ constants ---------------
#--------------------------------
2010-10-14 18:34:31 +02:00
usrname1="one@example.com"
usrpass1="def"
2010-10-14 18:34:31 +02:00
usrname2="two@example.com"
usrpass2=""
2010-10-14 18:34:31 +02:00
usrname3="three@example.com"
usrpass3=""
dsa_usrname1="pgp5"
2010-10-14 18:34:31 +02:00
# we use the sub key because we do not yet have the logic to to derive
# the first encryption key from a keyblock (I guess) (Well of course
# we have this by now and the notation below will lookup the primary
gpg: Remove all support for v3 keys and always create v4-signatures. * g10/build-packet.c (do_key): Remove support for building v3 keys. * g10/parse-packet.c (read_protected_v3_mpi): Remove. (parse_key): Remove support for v3-keys. Add dedicated warnings for v3-key packets. * g10/keyid.c (hash_public_key): Remove v3-key support. (keyid_from_pk): Ditto. (fingerprint_from_pk): Ditto. * g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs. * g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs, oForceV4Certs, oNoForceV4Certs. (opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs, --no-force-v4-certs int dummy options. (main): Remove setting of the force_v3_sigs force_v4_certs flags. * g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs. * g10/sign.c (hash_uid): Remove support for v3-signatures (hash_sigversion_to_magic): Ditto. (only_old_style): Remove this v3-key function. (write_signature_packets): Remove support for creating v3-signatures. (sign_file): Ditto. (sign_symencrypt_file): Ditto. (clearsign_file): Ditto. Remove code to emit no Hash armor line if only v3-keys are used. (make_keysig_packet): Remove arg SIGVERSION and force using v4-signatures. Change all callers to not pass a value for this arg. Remove all v3-key related code. (update_keysig_packet): Remove v3-signature support. * g10/keyedit.c (sign_uids): Always create v4-signatures. * g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and change caller. -- v3 keys are deprecated for about 15 years and due the severe weaknesses of MD5 it does not make any sense to keep code around to use these old and broken keys. Users who need to decrypt old messages should use gpg 1.4 and best re-encrypt them to modern standards. verification of old (i.e. PGP2) created signatures is thus also not anymore possible but such signatures have no values anyway - MD5 is just too broken. We have also kept support for v3 signatures until now. With the removal of support for v3 keys it is questionable whether it makes any sense to keep support for v3-signatures. What we do now is to keep support for verification of v3-signatures but we force the use of v4-signatures. The latter makes the --pgp6 and --pgp7 switch a bit obsolete because those PGP versions require v3-signatures for messages. These versions of PGP are also really old and not anymore maintained so they have not received any bug fixes and should not be used anyway. Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-12 20:07:12 +02:00
# first and then search for the encryption subkey.)
dsa_usrname2="0xCB879DE9"
plain_files="plain-1 plain-2 plain-3"
data_files="data-500 data-9000 data-32000 data-80000"
exp_files=""
# The testscripts expect the original language
LANG=
LANGUAGE=
LC_ALL=
LC_MESSAGES=
# Internal use.
defs_stop_on_error=no
defs_error_seen=no
defs_progress_active=no
#--------------------------------
#------ utility functions -------
#--------------------------------
progress_cancel () {
if [ x$defs_progress_active = xyes ]; then
echo
defs_progress_active=no
fi
}
fatal () {
progress_cancel
echo "$pgmname: fatal:" $* >&2
echo "$pgmname: fatal:" $* >&5
2010-10-14 18:34:31 +02:00
echo stop >gnupg-test.stop
exit 1;
}
error () {
progress_cancel
echo "$pgmname:" $* >&2
defs_error_seen=yes
echo "$pgmname:" $* >&5
if [ x$defs_stop_on_error != xyes ]; then
exit 1
fi
}
# Call this at the start of a test and resume_error at the end to keep
# on running all subtests without immediately exiting on error.
suspend_error () {
defs_stop_on_error=yes
}
resume_error () {
if [ x$defs_error_seen = xyes ]; then
exit 1
fi
defs_stop_on_error=no
defs_error_seen=no
}
info () {
progress_cancel
echo "$pgmname:" $* >&2
if [ -n "${verbose+set}" ]; then
echo "$pgmname:" $* >&5
fi
}
linefeed () {
echo >&2
}
echo_n_init=no
echo_n () {
if test "$echo_n_init" = "no"; then
if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then
if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then
echo_n_n=
echo_n_c='
'
else
echo_n_n='-n'
echo_n_c=
fi
else
echo_n_n=
echo_n_c='\c'
fi
echo_n_init=yes
fi
echo $echo_n_n "${1}$echo_n_c"
}
progress_end () {
if [ x$defs_progress_active = xyes ]; then
echo "<"
defs_progress_active=no
fi
}
progress () {
if [ x$defs_progress_active != xyes ]; then
echo_n " > "
defs_progress_active=yes
fi
echo_n "$* "
}
#cleanup () {
# rm $cleanup_files 2>/dev/null || true
# echo "#empty" >./gpg.conf
#}
#add_cleanup () {
# cleanup_files="$cleanup_files $*"
#}
have_pubkey_algo () {
2010-10-14 18:34:31 +02:00
if $GPG --version | grep "Pubkey:.*$1" >/dev/null
then
true
else
false
fi
}
have_cipher_algo () {
2010-10-14 18:34:31 +02:00
if $GPG --version | grep "Cipher:.*$1" >/dev/null
then
true
else
false
fi
}
have_hash_algo () {
2010-10-14 18:34:31 +02:00
if $GPG --version | grep "Hash:.*$1" >/dev/null
then
true
else
false
fi
}
all_cipher_algos () {
2010-10-14 18:34:31 +02:00
$GPG --with-colons --list-config ciphername \
| sed 's/^cfg:ciphername://; s/;/ /g'
}
all_hash_algos () {
2010-10-14 18:34:31 +02:00
$GPG --with-colons --list-config digestname \
| sed 's/^cfg:digestname://; s/;/ /g'
}
set -e
pgmname=`basename $0`
#trap cleanup SIGHUP SIGINT SIGQUIT
[ -z "$srcdir" ] && fatal "not called from make"
#
2010-10-14 18:34:31 +02:00
if [ -f gnupg-test.stop ]; then
if [ $pgmname = "version.test" ]; then
rm gnupg-test.stop
else
# Skip the rest of the tests.
2010-10-14 18:34:31 +02:00
exit 77
fi
fi
# Always work in the current directory. We set GNUPGHOME only if it
# has not been set already. Usually it is set through the Makefile's
# TESTS_ENVIRONMENT macro.
if [ -z "$GNUPGHOME" ]; then
2010-10-14 10:32:55 +02:00
GNUPGHOME=`/bin/pwd`
export GNUPGHOME
2010-10-14 10:32:55 +02:00
elif [ "$GNUPGHOME" != `/bin/pwd` ]; then
echo "$pgmname: GNUPGHOME not set to the cwd" $* >&2
exit 1
fi
2010-10-14 18:34:31 +02:00
# We don't use GPG_AGENT_INFO anymore - better reset it.
unset GPG_AGENT_INFO
# (--no-permission-warning makes only sense on the commandline)
GPG="../../g10/gpg2 --no-permission-warning "
# (We may not use a relative name for gpg-agent.)
GPG_AGENT="$(cd ../../agent && /bin/pwd)/gpg-agent"
GPG_CONNECT_AGENT="../../tools/gpg-connect-agent"
GPGCONF="../../tools/gpgconf"
GPG_PRESET_PASSPHRASE="../../agent/gpg-preset-passphrase"
MKTDATA="../../tools/mk-tdata"
PINENTRY="$(cd $srcdir && /bin/pwd)/pinentry.sh"
# Default to empty passphrase for pinentry.sh
PINENTRY_USER_DATA=
2010-10-14 18:34:31 +02:00
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
# If --check-trustdb is not an option, GPG has been build without
# trust model support. Thus we can't use --always-trust and some
# other options.
if $GPG --dump-options | grep '^--check-trustdb$' >/dev/null ; then
opt_always="--always-trust"
else
opt_always=
fi
2010-10-14 10:32:55 +02:00
# Make sure we have a valid option files even with VPATH builds.
for f in gpg.conf gpg-agent.conf ; do
2010-10-14 10:32:55 +02:00
if [ -f ./$f ]; then
:
elif [ -f $srcdir/$f.tmpl ]; then
cat $srcdir/$f.tmpl >$f
case "$f" in
gpg.conf)
gpg: Allow building without any trust model support. * configure.ac: Add option --disable-trust-models (NO_TRUST_MODELS): New ac_define and am_conditional. * g10/Makefile.am (trust_source): New. (gpg2_SOURCES): Factor some files out to above. Add trust.c. * g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust, --import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb, --list-trustdb, --trustdb-name, --auto-check-trustdb, --no-auto-check-trustdb, and --force-ownertrust. (parse_trust_model) [NO_TRUST_MODELS]: Do not build. (main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all trustdb related option code. * g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust", "enable", and "disable". * g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print "tru" record. * g10/trust.c: New. * g10/trustdb.c (struct key_item): Move to trustdb.h. (register_trusted_keyid): Rename to tdb_register_trusted_keyid. (register_trusted_key): Rename to tdb_register_trusted_key. (trust_letter, uid_trust_string_fixed, trust_value_to_string) (string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info) (get_ownertrust_string, get_validity_info, get_validity_string) (clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c. (mark_usable_uid_certs): Move to trust.c and make global. (is_in_klist): Move as inline to trustdb.h. (trustdb_check_or_update): Rename to tdb_check_or_update (revalidation_mark): Rename to tdb_revalidation_mark. (get_ownertrust): Rename to tdb_get_ownertrust. (get_min_ownertrust): Rename to tdb_get_min_ownertrust. (update_ownertrust): Rename to tdb_update_ownertrust. (clear_ownertrusts): Rename to tdb_clear_ownertrusts. (cache_disabled_value): Rename to tdb_cache_disabled_value. (check_trustdb_stale): Rename to tdb_check_trustdb_stale. (get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and factor some code out to ... * trust.c (get_validity): ...new. (check_or_update_trustdb): New wrapper. (revalidation_mark): New wrapper. (get_ownertrust): New wrapper. (get_ownertrust_with_min): New wrapper. (update_ownertrust): New wrapper. (clear_ownertrusts): New wrapper. (cache_disabled_value): New wrapper. (check_trustdb_stale): New wrapper. * tests/openpgp/defs.inc (opt_always): New. Use in all tests instead of --always-trust.
2014-02-10 17:05:54 +01:00
[ -n "${opt_always}" ] && echo "no-auto-check-trustdb" >>"$f"
echo "agent-program ${GPG_AGENT}|--debug-quick-random" >>"$f"
echo "allow-weak-digest-algos" >>"$f"
;;
gpg-agent.conf)
echo "pinentry-program $PINENTRY" >>"$f"
;;
esac
2010-10-14 10:32:55 +02:00
fi
done
if [ "${verbose:-0}" -gt "1" ]; then
exec 5>/dev/null
else
echo "Test: $pgmname" > ${pgmname}.log
echo "GNUPGHOME=$GNUPGHOME" >> ${pgmname}.log
exec 5>&2 2>>${pgmname}.log
fi
:
# end