mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-24 15:17:02 +01:00
113 lines
2.1 KiB
Plaintext
113 lines
2.1 KiB
Plaintext
|
# sm-verify
|
||
|
#
|
||
|
# Verify a few distributed signatures.
|
||
|
# Requirements:
|
||
|
#
|
||
|
|
||
|
# Check an opaque signature
|
||
|
sig = openfile text-1.osig.pem
|
||
|
out = createfile msg.unsig
|
||
|
pipeserver $GPGSM
|
||
|
send INPUT FD=$sig
|
||
|
expect-ok
|
||
|
send OUTPUT FD=$out
|
||
|
expect-ok
|
||
|
badsig = count-status BADSIG
|
||
|
goodsig = count-status GOODSIG
|
||
|
trusted = count-status TRUST_FULLY
|
||
|
send VERIFY
|
||
|
expect-ok
|
||
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
||
|
fail-if $badsig
|
||
|
fail-if !$goodsig
|
||
|
fail-if !$trusted
|
||
|
send BYE
|
||
|
expect-ok
|
||
|
|
||
|
sig =
|
||
|
out =
|
||
|
cmpfiles text-1.txt msg.unsig
|
||
|
fail-if !$?
|
||
|
|
||
|
# Check a detached signature.
|
||
|
sig = openfile text-1.dsig.pem
|
||
|
plain = openfile text-1.txt
|
||
|
pipeserver $GPGSM
|
||
|
send INPUT FD=$sig
|
||
|
expect-ok
|
||
|
send MESSAGE FD=$plain
|
||
|
expect-ok
|
||
|
badsig = count-status BADSIG
|
||
|
goodsig = count-status GOODSIG
|
||
|
trusted = count-status TRUST_FULLY
|
||
|
send VERIFY
|
||
|
expect-ok
|
||
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
||
|
fail-if $badsig
|
||
|
fail-if !$goodsig
|
||
|
fail-if !$trusted
|
||
|
send BYE
|
||
|
expect-ok
|
||
|
|
||
|
# Check a tampered opaque message
|
||
|
sig = openfile text-1.osig-bad.pem
|
||
|
out = createfile msg.unsig
|
||
|
|
||
|
pipeserver $GPGSM
|
||
|
send INPUT FD=$sig
|
||
|
expect-ok
|
||
|
send OUTPUT FD=$out
|
||
|
expect-ok
|
||
|
badsig = count-status BADSIG
|
||
|
goodsig = count-status GOODSIG
|
||
|
trusted = count-status TRUST_FULLY
|
||
|
send VERIFY
|
||
|
expect-ok
|
||
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
||
|
fail-if $goodsig
|
||
|
fail-if !$badsig
|
||
|
fail-if $trusted
|
||
|
send BYE
|
||
|
expect-ok
|
||
|
|
||
|
# Check another opaque signature but without asking for the output.
|
||
|
sig = openfile text-2.osig.pem
|
||
|
|
||
|
pipeserver $GPGSM
|
||
|
send INPUT FD=$sig
|
||
|
expect-ok
|
||
|
badsig = count-status BADSIG
|
||
|
goodsig = count-status GOODSIG
|
||
|
trusted = count-status TRUST_FULLY
|
||
|
send VERIFY
|
||
|
expect-ok
|
||
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
||
|
fail-if $badsig
|
||
|
fail-if !$goodsig
|
||
|
fail-if !$trusted
|
||
|
send BYE
|
||
|
expect-ok
|
||
|
|
||
|
# We als have tampered version.
|
||
|
sig = openfile text-2.osig-bad.pem
|
||
|
|
||
|
pipeserver $GPGSM
|
||
|
send INPUT FD=$sig
|
||
|
expect-ok
|
||
|
badsig = count-status BADSIG
|
||
|
goodsig = count-status GOODSIG
|
||
|
trusted = count-status TRUST_FULLY
|
||
|
send VERIFY
|
||
|
expect-ok
|
||
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
||
|
fail-if $goodsig
|
||
|
fail-if !$badsig
|
||
|
fail-if $trusted
|
||
|
send BYE
|
||
|
expect-ok
|
||
|
|
||
|
|
||
|
quit
|
||
|
|
||
|
|