tests: Add test suite for gpgsm.

* configure.ac (AC_CONFIG_FILES): Add new file.
* tests/Makefile.am (SUBDIRS): Add new directory.
* tests/gpgsm/32100C27173EF6E9C4E9A25D3D69F86D37A4F939: New file.
* tests/gpgsm/Makefile.am: Likewise.
* tests/gpgsm/cert_dfn_pca01.der: Likewise.
* tests/gpgsm/cert_dfn_pca15.der: Likewise.
* tests/gpgsm/cert_g10code_test1.der: Likewise.
* tests/gpgsm/decrypt.scm: Likewise.
* tests/gpgsm/encrypt.scm: Likewise.
* tests/gpgsm/export.scm: Likewise.
* tests/gpgsm/gpgsm-defs.scm: Likewise.
* tests/gpgsm/import.scm: Likewise.
* tests/gpgsm/plain-1.cms.asc: Likewise.
* tests/gpgsm/plain-2.cms.asc: Likewise.
* tests/gpgsm/plain-3.cms.asc: Likewise.
* tests/gpgsm/plain-large.cms.asc: Likewise.
* tests/gpgsm/run-tests.scm: Likewise.
* tests/gpgsm/setup.scm: Likewise.
* tests/gpgsm/shell.scm: Likewise.
* tests/gpgsm/sign.scm: Likewise.
* tests/gpgsm/verify.scm: Likewise.
--
The certificates and keys are taken from GPGME's test suite.

Signed-off-by: Justus Winter <justus@g10code.com>

configure.ac

@@ -1894,6 +1894,7 @@ tests/Makefile
 tests/gpgscm/Makefile
 tests/openpgp/Makefile
 tests/migrations/Makefile
+tests/gpgsm/Makefile
 tests/gpgme/Makefile
 tests/pkits/Makefile
 g10/gpg.w32-manifest

tests/Makefile.am

@@ -18,7 +18,7 @@
 
 ## Process this file with automake to produce Makefile.in
 
-SUBDIRS = gpgscm openpgp migrations gpgme pkits .
+SUBDIRS = gpgscm openpgp migrations gpgsm gpgme pkits .
 
 GPGSM = ../sm/gpgsm
 

tests/gpgsm/32100C27173EF6E9C4E9A25D3D69F86D37A4F939

@@ -0,0 +1,10 @@
+(private-key
+ (oid.1.2.840.113549.1.1.1
+  (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa2d1ff95a7f542465c6c0c19d276e4526ce048868a7a914fd343cc3a87dd74291ffc565506d5bbb25cbac6a0e2dd1f8bcaab0d4a29c2f37c950f363484bf269f7891440464baf79827e03a36e70b814938eebdc63e964247be75dc58b014b7ea251#)
+  (e #010001#)
+  (d #046129F2489D71579BE0A75FE029BD6CDB574EBF57EA8A5B0FDA942CAB943B117D7BB95E5D28875E0F9FC5FCC06A72F6D502464DABDED78EF6B716177B83D5BDC543DC5D3FED932E59F5897E92E6F58A0F33424106A3B6FA2CBF877510E4AC21C3EE47851E97D12996222AC3566D4CCB0B83D164074ABF7DE655FC2446DA1781#)
+  (p #00e861b700e17e8afe6837e7512e35b6ca11d0ae47d8b85161c67baf64377213fe52d772f2035b3ca830af41d8a4120e1c1c70d12cc22f00d28d31dd48a8d424f1#)
+  (q #00f7a7ca5367c661f8e62df34f0d05c10c88e5492348dd7bddc942c9a8f369f935a07785d2db805215ed786e4285df1658eed3ce84f469b81b50d358407b4ad361#)
+  (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891eebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)
+ )
+)

tests/gpgsm/Makefile.am

@@ -0,0 +1,78 @@
+# Makefile.am - For tests/gpgme
+# Copyright (C) 2016 g10 Code GmbH
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <https://www.gnu.org/licenses/>.
+# Process this file with automake to create Makefile.in
+
+
+# Programs required before we can run these tests.
+required_pgms = ../../g10/gpg$(EXEEXT) ../../agent/gpg-agent$(EXEEXT) \
+                ../../tools/gpg-connect-agent$(EXEEXT) \
+		../gpgscm/gpgscm$(EXEEXT)
+
+AM_CPPFLAGS = -I$(top_srcdir)/common
+include $(top_srcdir)/am/cmacros.am
+
+AM_CFLAGS =
+
+TMP ?= /tmp
+
+TESTS_ENVIRONMENT = LC_ALL=C \
+	EXEEXT=$(EXEEXT) \
+	PATH=../gpgscm:$(PATH) \
+	TMP=$(TMP) \
+	srcdir=$(abs_srcdir) \
+	objdir=$(abs_top_builddir) \
+	GPGSCM_PATH=$(abs_top_srcdir)/tests/gpgscm:$(abs_top_srcdir)/tests/openpgp:$(abs_top_srcdir)/tests/gpgsm
+
+XTESTS = \
+	import.scm \
+	encrypt.scm \
+	verify.scm \
+	decrypt.scm \
+	sign.scm \
+	export.scm
+
+# XXX: Currently, one cannot override automake's 'check' target.  As a
+# workaround, we avoid defining 'TESTS', thus automake will not emit
+# the 'check' target.  For extra robustness, we merely define a
+# dependency on 'xcheck', so this hack should also work even if
+# automake would emit the 'check' target, as adding dependencies to
+# targets is okay.
+check: xcheck
+
+.PHONY: xcheck
+xcheck:
+	$(TESTS_ENVIRONMENT) $(abs_top_builddir)/tests/gpgscm/gpgscm \
+	  $(abs_srcdir)/run-tests.scm $(TESTFLAGS) $(XTESTS)
+
+KEYS =	32100C27173EF6E9C4E9A25D3D69F86D37A4F939
+CERTS =	cert_g10code_test1.der \
+	cert_dfn_pca01.der \
+	cert_dfn_pca15.der
+TEST_FILES = plain-1.cms.asc \
+	plain-2.cms.asc \
+	plain-3.cms.asc \
+	plain-large.cms.asc
+
+EXTRA_DIST = $(XTESTS) $(KEYS) $(CERTS) $(TEST_FILES) \
+	gpgsm-defs.scm run-tests.scm setup.scm
+
+CLEANFILES = *.log
+
+# We need to depend on a couple of programs so that the tests don't
+# start before all programs are built.
+all-local: $(required_pgms)

tests/gpgsm/decrypt.scm

@@ -0,0 +1,30 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "gpgsm-defs.scm"))
+(setup-gpgsm-environment)
+
+(for-each-p
+ "Checking decryption of supplied files."
+ (lambda (name)
+   (tr:do
+    (tr:open (in-srcdir (string-append name ".cms.asc")))
+    (tr:gpgsm "" '(--decrypt))
+    (tr:assert-identity name)))
+ plain-files)

tests/gpgsm/encrypt.scm

@@ -0,0 +1,39 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "gpgsm-defs.scm"))
+(setup-gpgsm-environment)
+
+(for-each-p
+ "Checking encryption"
+ (lambda (source)
+   (for-each-p
+    "with arguments..."
+    (lambda (args)
+      (tr:do
+       (tr:open source)
+       (tr:gpgsm "" `(--encrypt --recipient ,certs::test-1::uid::CN
+				,@args))
+       (tr:gpgsm "" `(--decrypt ,@(if (member '--base64 args)
+				      '(--assume-base64) '())))
+       (tr:assert-identity source)))
+    `(()
+      (--armor --cipher-algo ,(cadr (force all-cipher-algos)))
+      (--base64 --digest-algo ,(car (force all-hash-algos))))))
+ all-files)

tests/gpgsm/export.scm

@@ -0,0 +1,32 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "gpgsm-defs.scm"))
+(setup-gpgsm-environment)
+
+(for-each-p'
+ "Checking certificate export."
+ (lambda (cert)
+   (lettmp (exported)
+     (call-check `(,@gpgsm --output ,exported --export ,cert::uid::CN))
+     (with-ephemeral-home-directory
+      (call-check `(,@gpgsm --import ,exported))
+      (assert (sm-have-public-key? cert)))))
+ (lambda (cert) cert::uid::CN)
+ all-certs)

tests/gpgsm/gpgsm-defs.scm

@@ -0,0 +1,103 @@
+;; Common definitions for the GPGSM test scripts.
+;;
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "defs.scm"))
+
+;; This is the list of certificates that we install in the test
+;; environment.
+(define certs
+  (package
+   (define (new fpr issuer-fpr uid)
+     (package))
+   (define (new-uid CN OU O L C)
+     (package))
+   (define test-1 (new "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E"
+		       "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E"
+		       (new-uid "test cert 1"
+				"Aegypten Project"
+				"g10 Code GmbH"
+				"Düsseldorf"
+				"DE")))))
+(define all-certs (list certs::test-1))
+
+(define gpgsm `(,(tool 'gpgsm) --yes)) ;; more/less options
+
+(define (tr:gpgsm input args)
+  (tr:spawn input `(,@gpgsm --output **out** ,@args **in**)))
+
+(define (pipe:gpgsm args)
+  (pipe:spawn `(,@gpgsm --output - ,@args -)))
+
+(define (gpgsm-with-colons args)
+  (let ((s (call-popen `(,@gpgsm --with-colons ,@args) "")))
+    (map (lambda (line) (string-split line #\:))
+	 (string-split-newlines s))))
+
+(define (sm-have-public-key? key)
+  (catch #f
+	 (pair? (filter (lambda (l) (and (equal? 'fpr (:type l))
+					 (equal? key::fpr (:fpr l))))
+			(gpgsm-with-colons `(--list-keys ,key::fpr))))))
+
+(define (sm-have-secret-key? key)
+  (catch #f
+	 (pair? (filter (lambda (l) (and (equal? 'fpr (:type l))
+					 (equal? key::fpr (:fpr l))))
+			(gpgsm-with-colons `(--list-secret-keys ,key::fpr))))))
+
+(define (create-file name . lines)
+  (letfd ((fd (open name (logior O_WRONLY O_CREAT O_BINARY) #o600)))
+    (let ((port (fdopen fd "wb")))
+      (for-each (lambda (line) (display line port) (newline port))
+		lines))))
+
+(define (create-gpgsmhome)
+  (create-file "gpgsm.conf"
+	       "disable-crl-checks"
+	       "faked-system-time 1008241200")
+  (create-file "gpg-agent.conf"
+	       (string-append "pinentry-program " (tool 'pinentry)))
+  (create-file
+   "trustlist.txt"
+   "32100C27173EF6E9C4E9A25D3D69F86D37A4F939"
+   "# CN=test cert 1,OU=Aegypten Project,O=g10 Code GmbH,L=Düsseldorf,C=DE"
+   "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E S")
+
+  (log "Storing private keys")
+  (mkdir "private-keys-v1.d" "-rwx")
+  (for-each
+   (lambda (name)
+     (file-copy (in-srcdir name)
+		(path-join "private-keys-v1.d"
+			   (string-append name ".key"))))
+   '("32100C27173EF6E9C4E9A25D3D69F86D37A4F939"))
+
+  (log "Importing public demo and test keys")
+  (call-check `(,@gpgsm --import ,(in-srcdir "cert_g10code_test1.der")))
+
+  (create-sample-files)
+  (stop-agent))
+
+;; Initialize the test environment, install appropriate configuration
+;; and start the agent, with the keys from the legacy test suite.
+(define (setup-gpgsm-environment)
+  (if (member "--unpack-tarball" *args*)
+      (call-check `(,(tool 'gpgtar) --extract --directory=. ,(cadr *args*)))
+      (create-gpgsm-gpghome))
+  (start-agent))

tests/gpgsm/import.scm

@@ -0,0 +1,53 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "gpgsm-defs.scm"))
+(setup-gpgsm-environment)
+
+(define certs-for-import
+  (list (list "cert_dfn_pca01.der"
+	      (certs::new
+	       "DFA56FB5FC41E3A8921F77AD1622EEFD9152A5AD"
+	       "DFA56FB5FC41E3A8921F77AD1622EEFD9152A5AD"
+	       (certs::new-uid "DFN Top Level Certification Authority"
+			       "DFN-PCA"
+			       "Deutsches Forschungsnetz"
+			       ""
+			       "DE")))
+	(list "cert_dfn_pca15.der"
+	      (certs::new
+	       "2C8F3C356AB761CB3674835B792CDA52937F9285"
+	       "DFA56FB5FC41E3A8921F77AD1622EEFD9152A5AD"
+	       (certs::new-uid "DFN Server Certification Authority"
+			       "DFN-PCA"
+			       "Deutsches Forschungsnetz"
+			       ""
+			       "DE")))))
+
+(define :name car)
+(define :cert cadr)
+
+(for-each-p'
+ "Checking certificate import."
+ (lambda (test)
+   (assert (not (sm-have-public-key? (:cert test))))
+   (call-check `(,@gpgsm --import ,(in-srcdir (:name test))))
+   (assert (sm-have-public-key? (:cert test))))
+ (lambda (test) (:name test))
+ certs-for-import)

tests/gpgsm/plain-1.cms.asc

@@ -0,0 +1,33 @@
+-----BEGIN ENCRYPTED MESSAGE-----
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggELMIIBBwIBADBwMGsxCzAJBgNVBAYTAkRF
+MRMwEQYDVQQHFApE/HNzZWxkb3JmMRYwFAYDVQQKEw1nMTAgQ29kZSBHbWJIMRkw
+FwYDVQQLExBBZWd5cHRlbiBQcm9qZWN0MRQwEgYDVQQDEwt0ZXN0IGNlcnQgMQIB
+ADANBgkqhkiG9w0BAQEFAASBgL5yhIZiKo+Fggz7hHOSSHQT4lOlN4Lj6WQ3SS9E
+BI4AZNGyCt0SnvKaKdICalD1bXJtS48eKGoGKUGiKyIlF6rz9ACqvC6oySkVLYps
+KWNIVfEBoCqOezat7AwQqDT/JH7m2+cwr77c5EcGPPUCz35D8+8Y+sNmbtvp9nlU
+rkutMIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEI7gXhxM1Ge2sUpb9JTKrvig
+gASCBFBnuKhIUsSe9VlVDK7M3mUYBbkVuAVffGImDGjI/+LidNIK5ZM7vW3AmZEb
+ckHUG/le0b1OjNe56E9VHozPoglHYTwrDhkNfBhTaGkICxs+pKHUBCAO+s1EoU3q
+tRkUq/KeG+ju2rvIPg9gBHmtmZNm3YPgWpPkMsp+/VHFOtO8M/ryIwJZMf6c53Xf
++S2VH3ZUozqCm54H8acPoNrVWEhh9EaCoZgLije78I5fd791KvPVx9GUO4pVvW02
+JHVBh8ewo1kh43Ahqjv/ky+XbJnWdRvZ01KHLxRl/goM/OQl7Zvq9wiW7vASt3bW
+ZxejPVTgocmQlj326ATranoiJnG28LEtad61cfQcvn8q+G6uJJEC/CCbeJfIGssg
+eK6BotbINPMbXfJKKQUs362TLV++xFETS7z33kt2ffRwbl4SegyjEghoIJYSLzM0
+t2vn83gkQEBZJiOxGM7YE0qe1oQXbsrQtZmwqyITUrPgPqunociCaKkHyEKL/RiE
+AshrgKEWrlwD1BMyaKTq1G6aemYByHedbPw2jHH6W6DJyqcAcWjwFmj8goI0va44
+koGEaRvz5uy7OjKlHnKFUAcy6jdOx38i7vau9PdQ7u4SSicPUI1tmXXcD/BgRtRP
+YvF50pQoa8a7Mq+Qs0EOdfG3t5SFfUpvrmT6WZJFEn+8HHfJepFW76DG8KC1PRkE
+Sk2B+pIGsAGIOUrENLW/M9SYi8N393g0lFSW6iV7lRAzd6k550hM44FreJn7tj5N
+D5D9MyIA8XVvPSWVWqBOBVGkxfN55ZseEOMLY5eQGXF6NtVbG+e9UK2Vd6C0hmrx
+3Cq6ixExeCAcbizC3rgFc7+IJLrrwbV+kDuKb9VTB+L0RdVKghNW9E8azCAXxZKh
+6HjaOGNLP9zmfgDeL8MpONuB8EnC3Ql7UPCh/O1BwjnWo+82/e6QWLJ7oGUlUPq3
+gmOXAME9lsbUTc5785VBDWA2EIWcrPRv+z9B/PwWyTh7SxfNyah8DR+7WFYAvhCp
+q0/FjXJkAzyQpb0AXEItJq8jweWYuvv6j5g/i8Mgbr2OejBAKKWfhMQZkYT7RpNt
+k2PN2nSg1MhJfmp0tE3p0jiFMnDd20cQJxOfDoBv3aOLN30R98Kcg+V+Mp/0YcTC
+PYzDGPPNtuJ8DrW1Ht128NU6uDFuvb2JXAYwbxgfM4B3wn+jNPAGMtrhaR6EzUkp
+EmjS6ne8CjjgjxAK9FhnblPmLJe3XcekQC+JqX9b4AY+nqHQCdFxS9ZltdK/S2yH
+TKzypVOCpz7rkPYt0M4rtdVXFt6dcnbhl2Gd5LEG8CP18AE4igDG1oq79MIcQ8pi
+q4KWVDS+2umcxvNf6yuWQFqTEHJEK0px7CzXZbwOFyiOsvYxSmITRYPoSjx2QxMF
+LjgSd13TFQBgnhZViS/JnpA6r47nD2p9bOLk3OMpRSOoBuTYz2+0aEGaagAv8hAv
++YUxeUoEEITfNVFznAhrIBjgPtGYwk4AAAAAAAAAAAAA
+-----END ENCRYPTED MESSAGE-----

tests/gpgsm/plain-2.cms.asc

@@ -0,0 +1,43 @@
+-----BEGIN ENCRYPTED MESSAGE-----
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggELMIIBBwIBADBwMGsxCzAJBgNVBAYTAkRF
+MRMwEQYDVQQHFApE/HNzZWxkb3JmMRYwFAYDVQQKEw1nMTAgQ29kZSBHbWJIMRkw
+FwYDVQQLExBBZWd5cHRlbiBQcm9qZWN0MRQwEgYDVQQDEwt0ZXN0IGNlcnQgMQIB
+ADANBgkqhkiG9w0BAQEFAASBgNNVdwz2fHBegSnHl22mIghWxrOpZJXwgKclpDei
+p1sJIYIYZomKsstTeqJqEY8Iv6VDRo/vmG6kcVvk6hnJCRGMQjCcydyWcQJfnHp6
+H7CxEC8VZo+gopazyk+6JmHxidX/107l2Is4HUJBMRm6GDzY6uaLOkEYgB/hKxi7
+wvz4MIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEIti6W5457FV4m43QcFeUPKg
+gASCBhDHqxnjciT7IsyZfKRjGf3BHbwqk7dhRY5uyEb7QdwH70wl4aoq1F8w0s88
+nV+LLsyVFb4lAk6XSzdeLOBmbcPMQ/Hq47H92aEZkbIBrxnSoFG92o7YH3SFUjzw
+1d96Td0ORGeLWjbHRwHKGM+ZGBKBdqvWlrtOb81WbtY5q7uUJMSyQ4vgFBD92R99
+0d+tWHbFls+EV7Lv9qewKe6nEpDZIFN+Jj8BrNGSXvQbA4Wle4hiiUgZySedHv1W
+dbZME2VYKjjILZ3REI65Zy1tyGdJuRGSblNKGGXWbsGXHCKtj634Xz3wTYU/EaBP
+heJ1MR03WDmOcA6sqiypzdWhYeKAEOa/KXTCjB98Y6cPXQjDefX+Up28T1N2W/FK
+1eEKXFvRLAXJoJaJW9+XvaR17Vp+xuhi5xgb+1GIXC6AWqI37IFPRM/le3sG56IW
+S95t6C6qUTisfM/DwFcYUhunsXjzO2YDifU7C3pAdUnplNbzVHGBQL9p6s5hvCYT
+D8WwdRPCD6Aixx2wjxfveYsaohaMz1xYFuL87n/9UowbPNmVxKWqVeqPbwio/1mW
+/fofwd3gTd45+2tLaEKIE3bEOjvDwFhCBjlGKP1cQnNerJ1L9fC2pmjE3xaJJNfX
+1bBMkaVT97jWZvTjbT5EsZrB1DxTQB1CgCyjNW072lbqGuDPBZ9OqzoqALvhaC5u
+NIrEOu7/5jSxaL0EFncOEh6DK7ss70FtR7VVkb5JqX4/ARY1yOyfayZjJoLSVFXo
+VBPh5v8S0Ep4scXBan9LWqwWwhoWHMAdMDgjrrok4EijIHnd3PGzaHMq8gjWCBvX
++6uAMl0ImbojDsclVPcOBiO69jBcVU8d+gs03zGev9lICDXIu089MA6qHB0wh+CM
+ObLKw2XxyoayKHKH67B+E6gD1FqTOQAgetKfPihn1n3SI5zaD75L/pLBKjZ1/Jg8
+0sFDXRMh2T4S4ad236+sMldVAPBmlpDfpDJjkAZTR5kQwXaAcPjJ2aMPLJz4lgx+
+lRVGL/FWlm5nyKgzTStKg4GtrZVR3ZFSsu+jCvNEfujAeoZi9KPT7f0GcZUHNe9c
+VTEvMMhJzyeCpfbNdZI7qeXYjokDCMmi4Xc53us1cp7pG2nnF47q7h4WkSJIPNXb
+yGMwT1v/d9qd6h0mrlpJholgd9vLxLJm6BnpG6VpQ9Om9r/XHiofjxNvN0axxCAm
+rG8a1BzjLHW2Rxqg4dOtS8Zt4TC3Dm0oKiPNW+4keqmKXrPRfJ++xZthpJZ7xsLr
+a2Gn7Cp3f7KS4kUkL0qJvDpWZzFVu6H2F136NBK0jRF7B6eAesTXqlKDXUZzA9qX
+Ttb8JYv4SRpfmevHKhdG7G3oihK323kW2TbpUdOtC5oHGpw4EgJbSkCbevZY5BhB
+P2KpUG2JI3QvpqN1ut6PmH6zLwGnx/DCxC0HyRWDEC7DlNBrIXM0zPdCvYuZYhXV
+bPzFqYKipIaFXnyKGEv3PYyJ5RtyMqogOldZOXJKfT1OOddXGKaWKK9DsdeSOdyb
+zgokIP38m365gS1elOFaKdVvgS4yPkyZwShP/q3YwMTg24fVGUWOb2xnDkutX9gQ
+5OA7+ObWb+CaiESVAO3OaKDFbV+0HjUyCwolThUUSC9eHsN8/xK9LdpzIVwC5kap
+dFyN1kJ3BEHz2VjPT8wEBE0rDizOC1irexIERwyTrXSXgqgOsbbr8V62o9UCgm2g
+jYKr7UgVqCZWGFRoXpshOeTsLU2FGU71MGOUjaeeBxsOpKif95UzuHnGjmOGV+KV
+LFtJkAzqH+7OTAe3uNx8DR9vT3SEIOgWhiGuOjTJEEMjneVWL8ApkvL/7FkE54Fz
+tHllSJvOePLqlr6IfBt//8XW3d1Dk2Q8XKITUASoYKN2RTxmjwIadOcGuucR4Q0p
+/EKZH1rZoynGicKmmLfmO+KnO5rybdecLlZ39CEiuKeTIl+TeQU7wHaauFqtQYCE
+Vt97K1XSo5ardDNYBEnUvzmTahzu6JTZILlMGIwY/HgXeovBO8rKMxjLCZuHYWH1
+uVi5IcJeK5jqkwUdAi5E/WUNisgJBBBXo2FMcmlPIZJw3pGkJGQXAAAAAAAAAAAA
+AA==
+-----END ENCRYPTED MESSAGE-----

tests/gpgsm/plain-3.cms.asc

@@ -0,0 +1,11 @@
+-----BEGIN ENCRYPTED MESSAGE-----
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggELMIIBBwIBADBwMGsxCzAJBgNVBAYTAkRF
+MRMwEQYDVQQHFApE/HNzZWxkb3JmMRYwFAYDVQQKEw1nMTAgQ29kZSBHbWJIMRkw
+FwYDVQQLExBBZWd5cHRlbiBQcm9qZWN0MRQwEgYDVQQDEwt0ZXN0IGNlcnQgMQIB
+ADANBgkqhkiG9w0BAQEFAASBgB8adQNvg/lKghatZ/Wy+tMUrarqYmTHB3SDKoDh
+B+riZDDxj/j/xR6utjmukvrAz6gz3BzKxU+AjAmXLpNesN1kv+oDS2DmAluFzg5e
+j/Ppo+Dudq2uJjZOsMry6xniMIwOhHsLhkLs2cuEb0eB6XAVfMzJvdTawuLaMeLN
+fGmVMIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEECIzN1lVNsKXkPAEySzCpUWg
+gAQgzfoRhxREyicy4Vf6dfDJ+X4kaB4tGwsKGKYVV1uITjEEEFpk2DxEsIIxH66o
+pfqG9W4AAAAAAAAAAAAA
+-----END ENCRYPTED MESSAGE-----

tests/gpgsm/run-tests.scm

@@ -0,0 +1,32 @@
+;; Test-suite runner.
+;;
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(if (string=? "" (getenv "srcdir"))
+    (begin
+      (echo "Environment variable 'srcdir' not set.  Please point it to"
+	    "tests/openpgp.")
+      (exit 2)))
+
+(let* ((tests (filter (lambda (arg) (not (string-prefix? arg "--"))) *args*))
+       (runner (if (and (member "--parallel" *args*)
+			(> (length tests) 1))
+		   run-tests-parallel
+		   run-tests-sequential)))
+  (runner (test::scm "setup.scm" "setup.scm")
+	  (map (lambda (t) (test::scm t t)) tests)))

tests/gpgsm/setup.scm

@@ -0,0 +1,29 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "gpgsm-defs.scm"))
+
+(define tarball (flag "--create-tarball" *args*))
+(unless (and tarball (not (null? tarball)))
+	(error "Usage: setup.scm --create-tarball <file> ..."))
+
+(with-ephemeral-home-directory
+ (create-gpgsmhome)
+ (stop-agent)
+ (call-check `(,(tool 'gpgtar) --create --output ,(car tarball) ".")))

tests/gpgsm/shell.scm

@@ -0,0 +1,30 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "gpgsm-defs.scm"))
+(setup-gpgsm-environment)
+
+;; This is not a test, but can be used to inspect the test
+;; environment.  Simply execute
+;;
+;;   make -Ctests/gpgsm check XTESTS=shell.scm
+;;
+;; to run it.
+
+(interactive-shell)

tests/gpgsm/sign.scm

@@ -0,0 +1,35 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "gpgsm-defs.scm"))
+(setup-gpgsm-environment)
+
+(for-each-p
+ "Checking signing."
+ (lambda (source)
+   (for-each-p
+    "with digest..."
+    (lambda (digest)
+      (tr:do
+       (tr:open source)
+       (tr:gpgsm "" `(--sign --digest-algo ,digest))
+       (tr:gpgsm "" '(--verify))
+       (tr:assert-identity source)))
+    (force all-hash-algos)))
+ all-files)

tests/gpgsm/verify.scm

@@ -0,0 +1,65 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (with-path "gpgsm-defs.scm"))
+(setup-gpgsm-environment)
+
+;;
+;; Two simple tests to check that verify fails for bad input data
+;;
+(for-each-p
+ "Checking bogus signature."
+ (lambda (char)
+   (lettmp (x)
+     (call-with-binary-output-file
+      x
+      (lambda (port)
+	(display (make-string 64 (integer->char (string->number char)))
+		 port)))
+     (assert (not (zero? (call `(,@gpgsm --verify ,x data-500)))))))
+ '("#x2d" "#xca"))
+
+(define test-text1 "Hallo Leute!\n")
+(define test-text1f "Hallo Leute?\n")
+(define test-sig1 "
+-----BEGIN CMS OBJECT-----
+MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAA
+MYIBOTCCATUCAQEwcDBrMQswCQYDVQQGEwJERTETMBEGA1UEBxQKRPxzc2VsZG9y
+ZjEWMBQGA1UEChMNZzEwIENvZGUgR21iSDEZMBcGA1UECxMQQWVneXB0ZW4gUHJv
+amVjdDEUMBIGA1UEAxMLdGVzdCBjZXJ0IDECAQAwBwYFKw4DAhqgJTAjBgkqhkiG
+9w0BCQQxFgQU7FC/ibH3lC9GE24RJJxa8zqP7wEwCwYJKoZIhvcNAQEBBIGAA3oC
+DUmKERmD1eoJYFw38y/qnncS/6ZPjWINDIphZeK8mzAANpvpIaRPf3sNBznb89QF
+mRgCXIWcjlHT0DTRLBf192Ve22IyKH00L52CqFsSN3a2sajqRUlXH8RY2D+Al71e
+MYdRclgjObCcoilA8fZ13VR4DiMJVFCxJL4qVWI=
+-----END CMS OBJECT-----")
+
+;;
+;; Now run the tests.
+;;
+(info "Checking that a valid signature is verified as such.")
+(lettmp (sig body)
+  (with-output-to-file sig (lambda () (display test-sig1)))
+  (with-output-to-file body (lambda () (display test-text1)))
+  (call-check `(,@gpgsm --verify ,sig ,body)))
+
+(info "Checking that an invalid signature is verified as such.")
+(lettmp (sig body)
+  (with-output-to-file sig (lambda () (display test-sig1)))
+  (with-output-to-file body (lambda () (display test-text1f)))
+  (assert (not (zero? (call `(,@gpgsm --verify ,sig ,body))))))