1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-09 21:28:51 +01:00
gnupg/tests/openpgp/tofu.scm

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

421 lines
15 KiB
Scheme
Raw Normal View History

#!/usr/bin/env gpgscm
;; Copyright (C) 2016 g10 Code GmbH
;;
;; This file is part of GnuPG.
;;
;; GnuPG is free software; you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation; either version 3 of the License, or
;; (at your option) any later version.
;;
;; GnuPG is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;;
;; You should have received a copy of the GNU General Public License
;; along with this program; if not, see <http://www.gnu.org/licenses/>.
(load (in-srcdir "tests" "openpgp" "defs.scm"))
(load (with-path "time.scm"))
tests: Move environment creation and teardown into each test. * tests/gpgscm/tests.scm (log): New function. * tests/openpgp/run-tests.scm (run-tests-parallel): Do not run the startup and teardown scripts. (run-tests-sequential): Likewise. * tests/openpgp/setup.scm: Move all functions... * tests/openpgp/defs.scm: ... here and make them less verbose. (setup-environment): New function. (setup-legacy-environment): Likewise. (start-agent): Make less verbose, run 'stop-agent' at interpreter exit. (stop-agent): Make less verbose. * tests/openpgp/finish.scm: Drop file. * tests/openpgp/Makefile.am (EXTRA_DIST): Drop removed file. * tests/openpgp/4gb-packet.scm: Use 'setup-environment' or 'setup-legacy-environment' as appropriate. * tests/openpgp/armdetach.scm: Likewise. * tests/openpgp/armdetachm.scm: Likewise. * tests/openpgp/armencrypt.scm: Likewise. * tests/openpgp/armencryptp.scm: Likewise. * tests/openpgp/armor.scm: Likewise. * tests/openpgp/armsignencrypt.scm: Likewise. * tests/openpgp/armsigs.scm: Likewise. * tests/openpgp/clearsig.scm: Likewise. * tests/openpgp/conventional-mdc.scm: Likewise. * tests/openpgp/conventional.scm: Likewise. * tests/openpgp/decrypt-dsa.scm: Likewise. * tests/openpgp/decrypt.scm: Likewise. * tests/openpgp/default-key.scm: Likewise. * tests/openpgp/detach.scm: Likewise. * tests/openpgp/detachm.scm: Likewise. * tests/openpgp/ecc.scm: Likewise. * tests/openpgp/encrypt-dsa.scm: Likewise. * tests/openpgp/encrypt.scm: Likewise. * tests/openpgp/encryptp.scm: Likewise. * tests/openpgp/export.scm: Likewise. * tests/openpgp/finish.scm: Likewise. * tests/openpgp/genkey1024.scm: Likewise. * tests/openpgp/gpgtar.scm: Likewise. * tests/openpgp/gpgv-forged-keyring.scm: Likewise. * tests/openpgp/import.scm: Likewise. * tests/openpgp/issue2015.scm: Likewise. * tests/openpgp/issue2417.scm: Likewise. * tests/openpgp/issue2419.scm: Likewise. * tests/openpgp/key-selection.scm: Likewise. * tests/openpgp/mds.scm: Likewise. * tests/openpgp/multisig.scm: Likewise. * tests/openpgp/quick-key-manipulation.scm: Likewise. * tests/openpgp/seat.scm: Likewise. * tests/openpgp/shell.scm: Likewise. * tests/openpgp/signencrypt-dsa.scm: Likewise. * tests/openpgp/signencrypt.scm: Likewise. * tests/openpgp/sigs-dsa.scm: Likewise. * tests/openpgp/sigs.scm: Likewise. * tests/openpgp/ssh.scm: Likewise. * tests/openpgp/tofu.scm: Likewise. * tests/openpgp/use-exact-key.scm: Likewise. * tests/openpgp/verify.scm: Likewise. * tests/openpgp/version.scm: Likewise. * tests/openpgp/issue2346.scm: Likewise and simplify. -- The previous Bourne Shell-based test suite created the environment before running all tests, and tore it down after executing them. When we created the Scheme-based test suite, we kept this design at first, but introduced a way to run each test in its own environment to prevent tests from interfering with each other. Nevertheless, every test started out with the same environment. Move the creation of the test environment into each test. This gives us finer control over the environment each test is run in. It also makes it possible to run each test by simply executing it using gpgscm without the use of the runner. Furthermore, it has the neat side-effect of speeding up the test suite if run in parallel. Signed-off-by: Justus Winter <justus@g10code.com>
2016-11-07 16:21:21 +01:00
(setup-environment)
(define GPGTIME 1480943782)
;; Generate a --faked-system-time parameter for a particular offset.
(define (faketime delta)
(string-append "--faked-system-time=" (number->string (+ GPGTIME delta))))
g10: Cache the effective policy. Recompute it when required. * g10/tofu.c (initdb): Add column effective_policy to the bindings table. (record_binding): New parameters effective_policy and set_conflict. Save the effective policy. If SET_CONFLICT is set, then set conflict according to CONFLICT. Otherwise, preserve the current value of conflict. Update callers. (get_trust): Don't compute the effective policy here... (get_policy): ... do it here, if it was not cached. Take new parameters, PK, the public key, and NOW, the time that the operation started. Update callers. (show_statistics): New parameter PK. Pass it to get_policy. Update callers. (tofu_notice_key_changed): New function. * g10/gpgv.c (tofu_notice_key_changed): New stub. * g10/import.c (import_revoke_cert): Take additional argument CTRL. Pass it to keydb_update_keyblock. * g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL. Update callers. [USE_TOFU]: Call tofu_notice_key_changed. * g10/test-stubs.c (tofu_notice_key_changed): New stub. * tests/openpgp/tofu.scm: Assume that manually setting a binding's policy to auto does not cause the tofu engine to forget about any conflict. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> We now store the computed policy in the tofu DB (in the effective_policy column of the bindings table) to avoid computing it every time, which is expensive. Further, policy is never overridden in case of a conflict. Instead, we detect a conflict if CONFLICT is not empty. This change is backwards compatible to existing DBs. The only minor incompatibility is that unresolved conflicts won't be automatically resolved in case we import a direct signature, or cross signatures.
2016-11-21 22:47:30 +01:00
;; Redefine GPG without --always-trust and a fixed time.
(define GPG `(,(tool 'gpg) --no-permission-warning ,(faketime 0)))
(catch (skip "Tofu not supported")
(call-check `(,@GPG --trust-model=tofu --list-config)))
(let ((trust-model (gpg-config 'gpg "trust-model")))
(trust-model::update "tofu"))
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(define KEYS '("1C005AF3" "BE04EB2B" "B662E42F"))
;; Import the test keys.
(for-each (lambda (keyid)
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(call-check `(,@GPG --import
,(in-srcdir "tests" "openpgp" "tofu" "conflicting"
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(string-append keyid ".gpg"))))
(catch (fail "Missing key" keyid)
(call-check `(,@GPG --list-keys ,keyid))))
KEYS)
;; Get tofu policy for KEYID. Any remaining arguments are simply
;; passed to GPG.
;;
;; This function only supports keys with a single user id.
(define (getpolicy keyid . args)
(let ((policy
(list-ref (assoc "tfs" (gpg-with-colons
`(--with-tofu-info
,@args
--list-keys ,keyid))) 5)))
(unless (member policy '("auto" "good" "unknown" "bad" "ask"))
(fail "Bad policy:" policy))
policy))
;; Check that KEYID's tofu policy matches EXPECTED-POLICY. Any
;; remaining arguments are simply passed to GPG.
;;
;; This function only supports keys with a single user id.
(define (checkpolicy keyid expected-policy . args)
(let ((policy (apply getpolicy `(,keyid ,@args))))
(unless (string=? policy expected-policy)
(fail keyid ": Expected policy to be" expected-policy
"but got" policy))))
;; Set key KEYID's policy to POLICY. Any remaining arguments are
;; passed as options to gpg.
(define (setpolicy keyid policy . args)
(call-check `(,@GPG ,@args
--tofu-policy ,policy ,keyid)))
(info "Checking tofu policies and trust...")
;; Carefully remove the TOFU db.
(catch '() (unlink (path-join GNUPGHOME "tofu.db")))
;; Verify a message. There should be no conflict and the trust
;; policy should be set to auto.
(call-check `(,@GPG --verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "1C005AF3-1.txt")))
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(checkpolicy "1C005AF3" "auto")
;; Check default trust.
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(checktrust "1C005AF3" "m")
;; Trust should be derived lazily. Thus, if the policy is set to
;; auto and we change --tofu-default-policy, then the trust should
;; change as well. Try it.
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(checktrust "1C005AF3" "f" '--tofu-default-policy=good)
(checktrust "1C005AF3" "-" '--tofu-default-policy=unknown)
(checktrust "1C005AF3" "n" '--tofu-default-policy=bad)
(checktrust "1C005AF3" "q" '--tofu-default-policy=ask)
;; Change the policy to something other than auto and make sure the
;; policy and the trust are correct.
(for-each-p
"Setting a fixed policy..."
(lambda (policy)
(let ((expected-trust
(cond
((string=? "good" policy) "f")
((string=? "unknown" policy) "-")
(else "n"))))
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(setpolicy "1C005AF3" policy)
;; Since we have a fixed policy, the trust level shouldn't
;; change if we change the default policy.
(for-each-p
""
(lambda (default-policy)
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(checkpolicy "1C005AF3" policy
'--tofu-default-policy default-policy)
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(checktrust "1C005AF3" expected-trust
'--tofu-default-policy default-policy))
'("auto" "good" "unknown" "bad" "ask"))))
'("good" "unknown" "bad"))
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
;; At the end, 1C005AF3's policy should be bad.
(checkpolicy "1C005AF3" "bad")
g10: Cache the effective policy. Recompute it when required. * g10/tofu.c (initdb): Add column effective_policy to the bindings table. (record_binding): New parameters effective_policy and set_conflict. Save the effective policy. If SET_CONFLICT is set, then set conflict according to CONFLICT. Otherwise, preserve the current value of conflict. Update callers. (get_trust): Don't compute the effective policy here... (get_policy): ... do it here, if it was not cached. Take new parameters, PK, the public key, and NOW, the time that the operation started. Update callers. (show_statistics): New parameter PK. Pass it to get_policy. Update callers. (tofu_notice_key_changed): New function. * g10/gpgv.c (tofu_notice_key_changed): New stub. * g10/import.c (import_revoke_cert): Take additional argument CTRL. Pass it to keydb_update_keyblock. * g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL. Update callers. [USE_TOFU]: Call tofu_notice_key_changed. * g10/test-stubs.c (tofu_notice_key_changed): New stub. * tests/openpgp/tofu.scm: Assume that manually setting a binding's policy to auto does not cause the tofu engine to forget about any conflict. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> We now store the computed policy in the tofu DB (in the effective_policy column of the bindings table) to avoid computing it every time, which is expensive. Further, policy is never overridden in case of a conflict. Instead, we detect a conflict if CONFLICT is not empty. This change is backwards compatible to existing DBs. The only minor incompatibility is that unresolved conflicts won't be automatically resolved in case we import a direct signature, or cross signatures.
2016-11-21 22:47:30 +01:00
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
;; 1C005AF3 and BE04EB2B conflict. A policy setting of "auto"
;; (BE04EB2B's state) will result in an effective policy of ask. But,
g10: Cache the effective policy. Recompute it when required. * g10/tofu.c (initdb): Add column effective_policy to the bindings table. (record_binding): New parameters effective_policy and set_conflict. Save the effective policy. If SET_CONFLICT is set, then set conflict according to CONFLICT. Otherwise, preserve the current value of conflict. Update callers. (get_trust): Don't compute the effective policy here... (get_policy): ... do it here, if it was not cached. Take new parameters, PK, the public key, and NOW, the time that the operation started. Update callers. (show_statistics): New parameter PK. Pass it to get_policy. Update callers. (tofu_notice_key_changed): New function. * g10/gpgv.c (tofu_notice_key_changed): New stub. * g10/import.c (import_revoke_cert): Take additional argument CTRL. Pass it to keydb_update_keyblock. * g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL. Update callers. [USE_TOFU]: Call tofu_notice_key_changed. * g10/test-stubs.c (tofu_notice_key_changed): New stub. * tests/openpgp/tofu.scm: Assume that manually setting a binding's policy to auto does not cause the tofu engine to forget about any conflict. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> We now store the computed policy in the tofu DB (in the effective_policy column of the bindings table) to avoid computing it every time, which is expensive. Further, policy is never overridden in case of a conflict. Instead, we detect a conflict if CONFLICT is not empty. This change is backwards compatible to existing DBs. The only minor incompatibility is that unresolved conflicts won't be automatically resolved in case we import a direct signature, or cross signatures.
2016-11-21 22:47:30 +01:00
;; a policy setting of "bad" will result in an effective policy of
;; bad.
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(setpolicy "BE04EB2B" "auto")
(checkpolicy "BE04EB2B" "ask")
(checkpolicy "1C005AF3" "bad")
;; 1C005AF3, B662E42F, and BE04EB2B conflict. We change BE04EB2B's
;; policy to auto and leave 1C005AF3's policy at bad. This conflict
;; should cause BE04EB2B's effective policy to be ask (since it is
;; auto), but not affect 1C005AF3's policy.
(setpolicy "BE04EB2B" "auto")
(checkpolicy "BE04EB2B" "ask")
(call-check `(,@GPG --verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "B662E42F-1.txt")))
tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages.
2016-12-06 11:17:13 +01:00
(checkpolicy "BE04EB2B" "ask")
(checkpolicy "1C005AF3" "bad")
(checkpolicy "B662E42F" "ask")
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
;; Check that the stats are emitted correctly.
(display "Checking TOFU stats...\n")
(define (check-counts keyid expected-sigs expected-sig-days
expected-encs expected-enc-days . args)
(let*
((tfs (assoc "tfs"
(gpg-with-colons
`(--with-tofu-info ,@args --list-keys ,keyid))))
(sigs (string->number (list-ref tfs 3)))
(sig-days (string->number (list-ref tfs 11)))
(encs (string->number (list-ref tfs 4)))
(enc-days (string->number (list-ref tfs 12)))
)
; (display keyid) (display ": ") (display tfs) (display "\n")
(unless (= sigs expected-sigs)
(fail keyid ": # signatures (" sigs ") does not match expected"
"# signatures (" expected-sigs ").\n"))
(unless (= sig-days expected-sig-days)
(fail keyid ": # signature days (" sig-days ")"
"does not match expected"
"# signature days (" expected-sig-days ").\n"))
(unless (= encs expected-encs)
(fail keyid ": # encryptions (" encs ") does not match expected"
"# encryptions (" expected-encs ").\n"))
(unless (= enc-days expected-enc-days)
(fail keyid ": # encryption days (" encs ")"
"does not match expected"
"# encryption days (" expected-enc-days ").\n"))
))
;; Carefully remove the TOFU db.
(catch '() (unlink (path-join GNUPGHOME "tofu.db")))
(check-counts "1C005AF3" 0 0 0 0)
(check-counts "BE04EB2B" 0 0 0 0)
(check-counts "B662E42F" 0 0 0 0)
;; Verify a message. The signature count should increase by 1.
(call-check `(,@GPG --verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "1C005AF3-1.txt")))
(check-counts "1C005AF3" 1 1 0 0)
;; Verify the same message. The signature count should remain the
;; same.
(call-check `(,@GPG --verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "1C005AF3-1.txt")))
(check-counts "1C005AF3" 1 1 0 0)
;; Verify another message.
(call-check `(,@GPG --verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "1C005AF3-2.txt")))
(check-counts "1C005AF3" 2 1 0 0)
;; Verify another message.
(call-check `(,@GPG --verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "1C005AF3-3.txt")))
(check-counts "1C005AF3" 3 1 0 0)
;; Verify a message from a different sender. The signature count
;; should increase by 1 for that key.
(call-check `(,@GPG --verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "BE04EB2B-1.txt")))
(check-counts "1C005AF3" 3 1 0 0)
(check-counts "BE04EB2B" 1 1 0 0)
(check-counts "B662E42F" 0 0 0 0)
;; Verify another message on a new day. (Recall: we are interested in
;; when the message was first verified, not when the signer claimed
;; that it was signed.)
(call-check `(,@GPG ,(faketime (days->seconds 2))
--verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "1C005AF3-4.txt")))
(check-counts "1C005AF3" 4 2 0 0)
(check-counts "BE04EB2B" 1 1 0 0)
(check-counts "B662E42F" 0 0 0 0)
;; And another.
(call-check `(,@GPG ,(faketime (days->seconds 2))
--verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "1C005AF3-5.txt")))
(check-counts "1C005AF3" 5 2 0 0)
(check-counts "BE04EB2B" 1 1 0 0)
(check-counts "B662E42F" 0 0 0 0)
;; Another, but for a different key.
(call-check `(,@GPG ,(faketime (days->seconds 2))
--verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "BE04EB2B-2.txt")))
(check-counts "1C005AF3" 5 2 0 0)
(check-counts "BE04EB2B" 2 2 0 0)
(check-counts "B662E42F" 0 0 0 0)
;; And add a third day.
(call-check `(,@GPG ,(faketime (days->seconds 4))
--verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "BE04EB2B-3.txt")))
(check-counts "1C005AF3" 5 2 0 0)
(check-counts "BE04EB2B" 3 3 0 0)
(check-counts "B662E42F" 0 0 0 0)
(call-check `(,@GPG ,(faketime (days->seconds 4))
--verify ,(in-srcdir "tests" "openpgp" "tofu" "conflicting" "BE04EB2B-4.txt")))
(check-counts "1C005AF3" 5 2 0 0)
(check-counts "BE04EB2B" 4 3 0 0)
(check-counts "B662E42F" 0 0 0 0)
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
;; Check that we detect the following attack:
;;
;; Alice and Bob each have a key and cross sign them. Bob then adds a
;; new user id, "Alice". TOFU should now detect a conflict, because
;; Alice only signed Bob's "Bob" user id.
(display "Checking cross sigs...\n")
(define GPG `(,(tool 'gpg) --no-permission-warning
--faked-system-time=1476304861))
;; Carefully remove the TOFU db.
(catch '() (unlink (path-join GNUPGHOME "tofu.db")))
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
(define DIR "tofu/cross-sigs")
;; The test keys.
(define KEYA "1938C3A0E4674B6C217AC0B987DB2814EC38277E")
(define KEYB "DC463A16E42F03240D76E8BA8B48C6BD871C2247")
tests: Use shorter filenames. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-secret.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-4.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-secret.gpg: .. to this. * tests/openpgp/Makefile.am (TEST_FILES): Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> Fixed-commit: d2d936fbe86d61b89cead95df633b2b575690e05
2016-10-13 21:38:50 +02:00
(define KEYIDA (substring KEYA (- (string-length KEYA) 8)))
(define KEYIDB (substring KEYB (- (string-length KEYB) 8)))
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
(define (verify-messages)
(for-each
(lambda (key)
(for-each
(lambda (i)
(let ((fn (in-srcdir "tests" "openpgp" DIR (string-append key "-" i ".txt"))))
(call-check `(,@GPG --verify ,fn))))
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
(list "1" "2")))
tests: Use shorter filenames. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-secret.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-4.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-secret.gpg: .. to this. * tests/openpgp/Makefile.am (TEST_FILES): Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> Fixed-commit: d2d936fbe86d61b89cead95df633b2b575690e05
2016-10-13 21:38:50 +02:00
(list KEYIDA KEYIDB)))
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
;; Import the public keys.
(display " > Two keys. ")
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDA "-1.gpg"))))
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDB "-1.gpg"))))
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
;; Make sure the tofu engine registers the keys.
(verify-messages)
(display "<\n")
;; Since there is no conflict, the policy should be auto.
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
(checkpolicy KEYA "auto")
(checkpolicy KEYB "auto")
;; Import the cross sigs.
(display " > Adding cross signatures. ")
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDA "-2.gpg"))))
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDB "-2.gpg"))))
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
(verify-messages)
(display "<\n")
;; There is still no conflict, so the policy shouldn't have changed.
(checkpolicy KEYA "auto")
(checkpolicy KEYB "auto")
;; Import the conflicting user id.
(display " > Adding conflicting user id. ")
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDB "-3.gpg"))))
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
(verify-messages)
(display "<\n")
(checkpolicy KEYA "ask")
(checkpolicy KEYB "ask")
g10: Cache the effective policy. Recompute it when required. * g10/tofu.c (initdb): Add column effective_policy to the bindings table. (record_binding): New parameters effective_policy and set_conflict. Save the effective policy. If SET_CONFLICT is set, then set conflict according to CONFLICT. Otherwise, preserve the current value of conflict. Update callers. (get_trust): Don't compute the effective policy here... (get_policy): ... do it here, if it was not cached. Take new parameters, PK, the public key, and NOW, the time that the operation started. Update callers. (show_statistics): New parameter PK. Pass it to get_policy. Update callers. (tofu_notice_key_changed): New function. * g10/gpgv.c (tofu_notice_key_changed): New stub. * g10/import.c (import_revoke_cert): Take additional argument CTRL. Pass it to keydb_update_keyblock. * g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL. Update callers. [USE_TOFU]: Call tofu_notice_key_changed. * g10/test-stubs.c (tofu_notice_key_changed): New stub. * tests/openpgp/tofu.scm: Assume that manually setting a binding's policy to auto does not cause the tofu engine to forget about any conflict. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> We now store the computed policy in the tofu DB (in the effective_policy column of the bindings table) to avoid computing it every time, which is expensive. Further, policy is never overridden in case of a conflict. Instead, we detect a conflict if CONFLICT is not empty. This change is backwards compatible to existing DBs. The only minor incompatibility is that unresolved conflicts won't be automatically resolved in case we import a direct signature, or cross signatures.
2016-11-21 22:47:30 +01:00
;; Import Alice's signature on the conflicting user id. Since there
;; is now a cross signature, we should revert to the default policy.
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
(display " > Adding cross signature on user id. ")
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDB "-4.gpg"))))
g10: Be more careful when checking cross signatures. * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
2016-10-13 12:44:59 +02:00
(verify-messages)
(display "<\n")
(checkpolicy KEYA "auto")
(checkpolicy KEYB "auto")
;; Remove the keys.
(call-check `(,@GPG --delete-key ,KEYA))
(call-check `(,@GPG --delete-key ,KEYB))
;; Check that we detect the following attack:
;;
;; Alice has an ultimately trusted key and she signs Bob's key. Then
;; Bob adds a new user id, "Alice". TOFU should now detect a
;; conflict, because Alice only signed Bob's "Bob" user id.
;;
;;
;; The Alice key:
;; pub rsa2048 2016-10-11 [SC]
;; 1938C3A0E4674B6C217AC0B987DB2814EC38277E
;; uid [ultimate] Spy Cow <spy@cow.com>
;; sub rsa2048 2016-10-11 [E]
;;
;; The Bob key:
;;
;; pub rsa2048 2016-10-11 [SC]
;; DC463A16E42F03240D76E8BA8B48C6BD871C2247
;; uid [ full ] Spy R. Cow <spy@cow.com>
;; uid [ full ] Spy R. Cow <spy@cow.de>
;; sub rsa2048 2016-10-11 [E]
(display "Checking UTK sigs...\n")
(define GPG `(,(tool 'gpg) --no-permission-warning
--faked-system-time=1476304861))
;; Carefully remove the TOFU db.
(catch '() (unlink (path-join GNUPGHOME "tofu.db")))
(define DIR "tofu/cross-sigs")
;; The test keys.
(define KEYA "1938C3A0E4674B6C217AC0B987DB2814EC38277E")
(define KEYB "DC463A16E42F03240D76E8BA8B48C6BD871C2247")
tests: Use shorter filenames. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-secret.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-4.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-secret.gpg: .. to this. * tests/openpgp/Makefile.am (TEST_FILES): Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> Fixed-commit: d2d936fbe86d61b89cead95df633b2b575690e05
2016-10-13 21:38:50 +02:00
(define KEYIDA (substring KEYA (- (string-length KEYA) 8)))
(define KEYIDB (substring KEYB (- (string-length KEYB) 8)))
(define (verify-messages)
(for-each
(lambda (key)
(for-each
(lambda (i)
(let ((fn (in-srcdir "tests" "openpgp" DIR (string-append key "-" i ".txt"))))
(call-check `(,@GPG --verify ,fn))))
(list "1" "2")))
tests: Use shorter filenames. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-secret.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-4.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-secret.gpg: .. to this. * tests/openpgp/Makefile.am (TEST_FILES): Update accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> Fixed-commit: d2d936fbe86d61b89cead95df633b2b575690e05
2016-10-13 21:38:50 +02:00
(list KEYIDA KEYIDB)))
;; Import the public keys.
(display " > Two keys. ")
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDA "-1.gpg"))))
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDB "-1.gpg"))))
(display "<\n")
(checkpolicy KEYA "auto")
(checkpolicy KEYB "auto")
;; Import the cross sigs.
(display " > Adding cross signatures. ")
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDA "-2.gpg"))))
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDB "-2.gpg"))))
(display "<\n")
(checkpolicy KEYA "auto")
(checkpolicy KEYB "auto")
;; Make KEYA ultimately trusted.
(display (string-append " > Marking " KEYA " as ultimately trusted. "))
(pipe:do
(pipe:echo (string-append KEYA ":6:\n"))
(pipe:gpg `(--import-ownertrust)))
(display "<\n")
;; An ultimately trusted key's policy is good.
(checkpolicy KEYA "good")
;; A key signed by a UTK for which there is no policy gets the default
;; policy of good.
(checkpolicy KEYB "good")
;; Import the conflicting user id.
(display " > Adding conflicting user id. ")
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDB "-3.gpg"))))
(verify-messages)
(display "<\n")
(checkpolicy KEYA "good")
(checkpolicy KEYB "ask")
;; Import Alice's signature on the conflicting user id.
(display " > Adding cross signature on user id. ")
(call-check `(,@GPG --import ,(in-srcdir "tests" "openpgp" DIR (string-append KEYIDB "-4.gpg"))))
(verify-messages)
(display "<\n")
(checkpolicy KEYA "good")
(checkpolicy KEYB "good")
;; Remove the keys.
(call-check `(,@GPG --delete-key ,KEYA))
(call-check `(,@GPG --delete-key ,KEYB))