mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-02 12:01:32 +01:00
Add ECC import regression tests and fixed a regression.
The import test imports the keys as needed and because they are passphrase protected we now need a pinentry script to convey the passphrase to gpg-agent.
This commit is contained in:
parent
ba23e88faa
commit
d290f2914a
@ -1,6 +1,6 @@
|
||||
2011-02-09 Werner Koch <wk@g10code.com>
|
||||
|
||||
* ks-engine-kdns.c: New. Based on the former gpgkeys_kdns.
|
||||
* ks-engine-kdns.c: New but only the framework.
|
||||
|
||||
* server.c (cmd_keyserver): Add option --help.
|
||||
(dirmngr_status_help): New.
|
||||
|
79
dirmngr/ks-engine-kdns.c
Normal file
79
dirmngr/ks-engine-kdns.c
Normal file
@ -0,0 +1,79 @@
|
||||
/* ks-engine-kdns.c - KDNS OpenPGP key access
|
||||
* Copyright (C) 2011 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include "dirmngr.h"
|
||||
#include "misc.h"
|
||||
#include "userids.h"
|
||||
#include "ks-engine.h"
|
||||
|
||||
/* Print a help output for the schemata supported by this module. */
|
||||
gpg_error_t
|
||||
ks_kdns_help (ctrl_t ctrl, parsed_uri_t uri)
|
||||
{
|
||||
const char const data[] =
|
||||
"This keyserver engine accepts URLs of the form:\n"
|
||||
" kdns://[NAMESERVER]/[ROOT][?at=STRING]\n"
|
||||
"with\n"
|
||||
" NAMESERVER used for queries (default: system standard)\n"
|
||||
" ROOT a DNS name appended to the query (default: none)\n"
|
||||
" STRING a string to replace the '@' (default: \".\")\n"
|
||||
"If a long answer is expected add the parameter \"usevc=1\".\n"
|
||||
"Supported methods: fetch\n"
|
||||
"Example:\n"
|
||||
"A query for \"hacker@gnupg.org\" with\n"
|
||||
" kdns://10.0.0.1/example.net?at=_key_&usevc=1\n"
|
||||
"setup as --auto-key-lookup in gpg does a CERT record query\n"
|
||||
"with type PGP on the nameserver 10.0.0.1 for\n"
|
||||
" hacker._key_.gnupg.org.example.net";
|
||||
gpg_error_t err;
|
||||
|
||||
if (!uri)
|
||||
err = ks_print_help (ctrl, " kdns");
|
||||
else if (!strcmp (uri->scheme, "kdns"))
|
||||
err = ks_print_help (ctrl, data);
|
||||
else
|
||||
err = 0;
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
|
||||
/* Get the key from URI which is expected to specify a kdns scheme.
|
||||
On success R_FP has an open stream to read the data. */
|
||||
gpg_error_t
|
||||
ks_kdns_fetch (ctrl_t ctrl, parsed_uri_t uri, estream_t *r_fp)
|
||||
{
|
||||
gpg_error_t err;
|
||||
|
||||
(void)ctrl;
|
||||
*r_fp = NULL;
|
||||
|
||||
if (strcmp (uri->scheme, "kdns"))
|
||||
return gpg_error (GPG_ERR_INV_ARG);
|
||||
|
||||
err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
|
||||
return err;
|
||||
}
|
@ -1,3 +1,8 @@
|
||||
2011-02-10 Werner Koch <wk@g10code.com>
|
||||
|
||||
* seskey.c (encode_md_value): Change last fix to avoid a
|
||||
regression for DSA with SHA-2 hashes.
|
||||
|
||||
2011-02-09 Werner Koch <wk@g10code.com>
|
||||
|
||||
* keyserver.c: Replace all printf by es_printf.
|
||||
|
28
g10/seskey.c
28
g10/seskey.c
@ -297,18 +297,17 @@ encode_md_value (PKT_public_key *pk, gcry_md_hd_t md, int hash_algo)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* Check if we're too short. Too long is safe as we'll
|
||||
automatically left-truncate.
|
||||
|
||||
FIXME: Check against FIPS.
|
||||
This checks would require the use of SHA512 with ECDSA 512. I
|
||||
think this is overkill to fail in this case. Therefore,
|
||||
relax the check, but only for ECDSA keys. We may need to
|
||||
adjust it later for general case. (Note that the check will
|
||||
never pass for ECDSA 521 anyway as the only hash that
|
||||
intended to match it is SHA 512, but 512 < 521). */
|
||||
/* ECDSA 521 is special has it is larger than the largest hash
|
||||
we have (SHA-512). Thus we chnage the size for further
|
||||
processing to 512. */
|
||||
if (pkalgo == GCRY_PK_ECDSA && qbits > 512)
|
||||
qbits = 512;
|
||||
|
||||
/* Check if we're too short. Too long is safe as we'll
|
||||
automatically left-truncate. */
|
||||
mdlen = gcry_md_get_algo_dlen (hash_algo);
|
||||
if (mdlen < ((pkalgo == GCRY_PK_ECDSA && qbits > 521) ? 512: qbits)/8)
|
||||
if (mdlen < qbits/8)
|
||||
{
|
||||
log_error (_("%s key %s requires a %zu bit or larger hash "
|
||||
"(hash is %s\n"),
|
||||
@ -318,13 +317,10 @@ encode_md_value (PKT_public_key *pk, gcry_md_hd_t md, int hash_algo)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* By passing MDLEN as length to mpi_scan, we do the truncation
|
||||
of the hash.
|
||||
|
||||
Note that in case of ECDSA 521 the hash is always smaller
|
||||
than the key size. */
|
||||
/* Note that we do the truncation by passing QBITS/8 as length to
|
||||
mpi_scan. */
|
||||
if (gcry_mpi_scan (&frame, GCRYMPI_FMT_USG,
|
||||
gcry_md_read (md, hash_algo), mdlen, NULL))
|
||||
gcry_md_read (md, hash_algo), qbits/8, NULL))
|
||||
BUG();
|
||||
}
|
||||
else
|
||||
|
@ -1,3 +1,12 @@
|
||||
2011-02-10 Werner Koch <wk@g10code.com>
|
||||
|
||||
* ecc.test: New.
|
||||
* pinentry.sh: New.
|
||||
* defs.inc: Do not create a log when running tests with envvar
|
||||
verbose > 1. Add pinentry-program to gpg-agent.conf.
|
||||
* Makefile.am (sample_keys): New.
|
||||
(EXTRA_DIST): Add them.
|
||||
|
||||
2010-10-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* Makefile.am (clean-local): New.
|
||||
@ -154,7 +163,7 @@
|
||||
* verify.test: More tests.
|
||||
* multisig.test: Better error printing.
|
||||
(sig_1ls1ls_valid, sig_ls_valid): Moved to the non-valid group.
|
||||
|
||||
|
||||
2006-02-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* verify.test: New.
|
||||
@ -236,7 +245,7 @@
|
||||
2002-05-10 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* Makefile.am: Add gpg_dearmor to all targets where it is used.
|
||||
Noted by Andreas Haumer.
|
||||
Noted by Andreas Haumer.
|
||||
|
||||
2002-04-19 Werner Koch <wk@gnupg.org>
|
||||
|
||||
@ -264,7 +273,7 @@
|
||||
|
||||
2001-09-28 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* defs.inc: Write a log file for each test.
|
||||
* defs.inc: Write a log file for each test.
|
||||
* run-gpg, run-gpgm, run-gpg.patterns: Removed. Replaced in all
|
||||
tests by a simple macro from defs.inc.
|
||||
* Makefile.am (CLEANFILES): Remove log files.
|
||||
@ -275,7 +284,7 @@
|
||||
armencryptp.test, armencrypt.test, encryptp.test, seat.test,
|
||||
encrypt-dsa.test, encrypt.test: Use --always-trust because the
|
||||
test are not designed to check the validity.
|
||||
|
||||
|
||||
2001-09-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* genkey1024.test: Simplified by using a parameter file.
|
||||
@ -303,7 +312,7 @@
|
||||
|
||||
2001-03-20 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* Makefile.am: Import the pubdemo.asc file
|
||||
* Makefile.am: Import the pubdemo.asc file
|
||||
|
||||
* sigs.test (hash_algo_list): s/tiger/tiger192/
|
||||
|
||||
@ -402,5 +411,3 @@ Mon May 18 15:40:02 1998 Werner Koch (wk@isil.d.shuttle.de)
|
||||
This file is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
|
||||
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
|
||||
|
@ -8,12 +8,12 @@
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
#
|
||||
# GnuPG is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
# Process this file with automake to create Makefile.in
|
||||
@ -38,7 +38,7 @@ TESTS = version.test mds.test \
|
||||
armdetachm.test detachm.test genkey1024.test \
|
||||
conventional.test conventional-mdc.test \
|
||||
multisig.test verify.test armor.test \
|
||||
import.test finish.test
|
||||
import.test ecc.test finish.test
|
||||
|
||||
|
||||
TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \
|
||||
@ -60,15 +60,21 @@ priv_keys = privkeys/50B2D4FA4122C212611048BC5FC31BD44393626E.asc \
|
||||
privkeys/76F7E2B35832976B50A27A282D9B87E44577EB66.asc \
|
||||
privkeys/A0747D5F9425E6664F4FFBEED20FBCA79FDED2BD.asc
|
||||
|
||||
sample_keys = samplekeys/ecc-sample-1-pub.asc \
|
||||
samplekeys/ecc-sample-2-pub.asc \
|
||||
samplekeys/ecc-sample-3-pub.asc \
|
||||
samplekeys/ecc-sample-1-sec.asc \
|
||||
samplekeys/ecc-sample-2-sec.asc \
|
||||
samplekeys/ecc-sample-3-sec.asc
|
||||
|
||||
EXTRA_DIST = defs.inc $(TESTS) $(TEST_FILES) \
|
||||
mkdemodirs signdemokey $(priv_keys)
|
||||
EXTRA_DIST = defs.inc pinentry.sh $(TESTS) $(TEST_FILES) \
|
||||
mkdemodirs signdemokey $(priv_keys) $(sample_keys)
|
||||
|
||||
CLEANFILES = prepared.stamp x y yy z out err $(data_files) \
|
||||
plain-1 plain-2 plain-3 trustdb.gpg *.lock .\#lk* \
|
||||
*.test.log gpg_dearmor gpg.conf gpg-agent.conf S.gpg-agent \
|
||||
pubring.gpg secring.gpg pubring.pkr secring.skr \
|
||||
gnupg-test.stop pubring.gpg~ random_seed
|
||||
gnupg-test.stop pubring.gpg~ random_seed gpg-agent.log
|
||||
|
||||
clean-local:
|
||||
-rm -rf private-keys-v1.d
|
||||
@ -77,5 +83,3 @@ clean-local:
|
||||
# We need to depend on a couple of programs so that the tests don't
|
||||
# start before all programs are built.
|
||||
all-local: $(required_pgms)
|
||||
|
||||
|
||||
|
@ -58,7 +58,7 @@ error () {
|
||||
defs_error_seen=yes
|
||||
echo "$pgmname:" $* >&5
|
||||
if [ x$defs_stop_on_error != xyes ]; then
|
||||
exit 1
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
@ -163,12 +163,12 @@ pgmname=`basename $0`
|
||||
|
||||
[ -z "$srcdir" ] && fatal "not called from make"
|
||||
|
||||
#
|
||||
#
|
||||
if [ -f gnupg-test.stop ]; then
|
||||
if [ $pgmname = "version.test" ]; then
|
||||
rm gnupg-test.stop
|
||||
else
|
||||
# Skip the rest of the tests.
|
||||
# Skip the rest of the tests.
|
||||
exit 77
|
||||
fi
|
||||
fi
|
||||
@ -195,22 +195,33 @@ GPG_CONNECT_AGENT="../../tools/gpg-connect-agent"
|
||||
GPGCONF="../../tools/gpgconf"
|
||||
GPG_PRESET_PASSPHRASE="../../agent/gpg-preset-passphrase"
|
||||
MKTDATA="../../tools/mk-tdata"
|
||||
PINENTRY="$(cd $srcdir && /bin/pwd)/pinentry.sh"
|
||||
# Default to empty passphrase for pinentry.sh
|
||||
PINENTRY_USER_DATA=
|
||||
|
||||
# Make sure we have a valid option files even with VPATH builds.
|
||||
for f in gpg.conf gpg-agent.conf ; do
|
||||
for f in gpg.conf gpg-agent.conf ; do
|
||||
if [ -f ./$f ]; then
|
||||
:
|
||||
elif [ -f $srcdir/$f.tmpl ]; then
|
||||
cat $srcdir/$f.tmpl >$f
|
||||
if [ "$f" = "gpg.conf" ]; then
|
||||
echo "agent-program $GPG_AGENT" >>gpg.conf
|
||||
fi
|
||||
case "$f" in
|
||||
gpg.conf)
|
||||
echo "agent-program $GPG_AGENT" >>"$f"
|
||||
;;
|
||||
gpg-agent.conf)
|
||||
echo "pinentry-program $PINENTRY" >>"$f"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Test: $pgmname" > ${pgmname}.log
|
||||
echo "GNUPGHOME=$GNUPGHOME" >> ${pgmname}.log
|
||||
exec 5>&2 2>>${pgmname}.log
|
||||
|
||||
if [ "${verbose:-0}" -gt "1" ]; then
|
||||
exec 5>/dev/null
|
||||
else
|
||||
echo "Test: $pgmname" > ${pgmname}.log
|
||||
echo "GNUPGHOME=$GNUPGHOME" >> ${pgmname}.log
|
||||
exec 5>&2 2>>${pgmname}.log
|
||||
fi
|
||||
:
|
||||
# end
|
||||
|
89
tests/openpgp/ecc.test
Executable file
89
tests/openpgp/ecc.test
Executable file
@ -0,0 +1,89 @@
|
||||
#!/bin/sh
|
||||
# Copyright 2011 Free Software Foundation, Inc.
|
||||
# This file is free software; as a special exception the author gives
|
||||
# unlimited permission to copy and/or distribute it, with or without
|
||||
# modifications, as long as this notice is preserved. This file is
|
||||
# distributed in the hope that it will be useful, but WITHOUT ANY
|
||||
# WARRANTY, to the extent permitted by law; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
. $srcdir/defs.inc || exit 3
|
||||
|
||||
keygrips='8E06A180EFFE4C65B812150CAF19BF30C0689A4C
|
||||
E4403F3FD7A443FAC29FEF288FA0D20AC212851E
|
||||
0B7554421FFB14A06CB9F63FB49A85A58E97ABAC
|
||||
303ACC892C2D786C8A789677C0BE54DA8538F903
|
||||
9FE5C36985351524B6AFA19FDCBC1A3A750B6F5F
|
||||
145A52CC7ED3FD41C5B0A26BE220FEED36AF24DE'
|
||||
mainkeyids='BAA59D9C
|
||||
0F54719F
|
||||
45AF2FFE'
|
||||
|
||||
|
||||
if have_pubkey_algo "ECDH"; then
|
||||
:
|
||||
else
|
||||
info "No ECC support due to an old Libgcrypt"
|
||||
exit 77
|
||||
fi
|
||||
|
||||
|
||||
info "Preparing for ECC test."
|
||||
for i in $keygrips ; do
|
||||
rm private-keys-v1.d/$i.key 2>/dev/null || true
|
||||
$GPG_PRESET_PASSPHRASE --preset -P ecc $i
|
||||
done
|
||||
|
||||
|
||||
info "Importing ECC public keys."
|
||||
for k in $mainkeyids ; do
|
||||
$GPG --delete-key --batch --yes $k 2>/dev/null || true
|
||||
done
|
||||
for i in 1 2 3; do
|
||||
k="ecc-sample-$i-pub.asc"
|
||||
if $GPG --import $srcdir/samplekeys/$k; then
|
||||
:
|
||||
else
|
||||
error "$k: import failed"
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
info "Importing ECC secret keys."
|
||||
# Note that the PGP generated secret keys are not self-signed, thus we
|
||||
# need to pass an appropriate option.
|
||||
for i in 1 2 3; do
|
||||
k="ecc-sample-$i-sec.asc"
|
||||
if [ "$i" -gt "1" ]; then
|
||||
extraopts="--allow-non-selfsigned-uid"
|
||||
else
|
||||
extraopts=""
|
||||
fi
|
||||
if PINENTRY_USER_DATA=ecc $GPG $extraopts --import $srcdir/samplekeys/$k; then
|
||||
:
|
||||
else
|
||||
error "$k: import failed"
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
info "Importing ECC secret keys directly."
|
||||
for i in $keygrips ; do
|
||||
rm private-keys-v1.d/$i.key 2>/dev/null || true
|
||||
done
|
||||
for k in $mainkeyids ; do
|
||||
$GPG --delete-key --batch --yes $k 2>/dev/null || true
|
||||
done
|
||||
for i in 1 2 3; do
|
||||
k="ecc-sample-$i-sec.asc"
|
||||
if [ "$i" -gt "1" ]; then
|
||||
extraopts="--allow-non-selfsigned-uid"
|
||||
else
|
||||
extraopts=""
|
||||
fi
|
||||
if PINENTRY_USER_DATA=ecc $GPG $extraopts --import $srcdir/samplekeys/$k; then
|
||||
:
|
||||
else
|
||||
error "$k: import failed"
|
||||
fi
|
||||
done
|
30
tests/openpgp/pinentry.sh
Executable file
30
tests/openpgp/pinentry.sh
Executable file
@ -0,0 +1,30 @@
|
||||
#!/bin/sh
|
||||
# Copyright 2011 Free Software Foundation, Inc.
|
||||
# This file is free software; as a special exception the author gives
|
||||
# unlimited permission to copy and/or distribute it, with or without
|
||||
# modifications, as long as this notice is preserved. This file is
|
||||
# distributed in the hope that it will be useful, but WITHOUT ANY
|
||||
# WARRANTY, to the extent permitted by law; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
||||
exec 2>>/tmp/pinentry.err
|
||||
|
||||
echo "OK - what's up?"
|
||||
while read cmd rest; do
|
||||
echo "cmd=$cmd rest=$rest" >&2
|
||||
case "$cmd" in
|
||||
\#*)
|
||||
;;
|
||||
GETPIN)
|
||||
echo "D ${PINENTRY_USER_DATA}"
|
||||
echo "OK"
|
||||
;;
|
||||
BYE)
|
||||
echo "OK"
|
||||
exit 0
|
||||
;;
|
||||
*)
|
||||
echo "OK"
|
||||
;;
|
||||
esac
|
||||
done
|
@ -1,5 +1,112 @@
|
||||
|
||||
no-creation-time.gpg A key with a zero creation time.
|
||||
ecc-sample-1-pub.asc The first ECC sample key.
|
||||
ecc-sample-1-sec.asc The first ECC sample key (secret).
|
||||
ecc-sample-1-pub.asc A NIST P-256 ECC sample key.
|
||||
ecc-sample-1-sec.asc Ditto, but the secret keyblock.
|
||||
ecc-sample-2-pub.asc A NIST P-384 ECC sample key.
|
||||
ecc-sample-2-sec.asc Ditto, but the secret keyblock.
|
||||
ecc-sample-3-pub.asc A NIST P-521 ECC sample key.
|
||||
ecc-sample-3-sec.asc Ditto, but the secret keyblock.
|
||||
|
||||
|
||||
|
||||
Signed message
|
||||
|
||||
The following is an opaque ECDSA signature on a message "This is one
|
||||
line\n" (17 byte long) by the master key:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: GnuPG v2.1.0-ecc (GNU/Linux)
|
||||
|
||||
owGbwMvMwCHMvVT3w66lc+cwrlFK4k5N1k3KT6nUK6ko8Zl8MSEkI7NYAYjy81IV
|
||||
cjLzUrk64lgYhDkY2FiZQNIMXJwCMO31rxgZ+tW/zesUPxWzdKWrtLGW/LkP5rXL
|
||||
V/Yvnr/EKjBbQuvZSYa/klsum6XFmTze+maVgclT6Rc6hzqqxNy6o6qdTTmLJuvp
|
||||
AQA=
|
||||
=GDv4
|
||||
-----END PGP MESSAGE----
|
||||
|
||||
Encrypted message
|
||||
|
||||
The following block encrypts the text "This is one line\n", 17 bytes,
|
||||
with the subkey 0x4089AB73.
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: GnuPG v2.1.0-ecc (GNU/Linux)
|
||||
|
||||
hH4Dd863o0CJq3MSAgMEHdIYZQx+rV1cjy7qitIOEICFFzp4cjsRX4r+rDdMcQUs
|
||||
h7VZmbP1c9C0s9sgCKwubWfkcYUl2ZOju4gy+s4MYTBb4/j8JjnJ9Bqn6LWutTXJ
|
||||
zwsdP13VIJLnhiNqISdR3/6xWQ0ICRYzwb95nUZ1c1DSVgFpjPgUvi4pgYbTpcDB
|
||||
jzILKWBfBDT/jck169XE8vgtbcqVQYZ7lZpaY9CzEbC+4dXZmV1gm5MafpTyFWgH
|
||||
VnyrZB4gad9Lp9e0RKHHcOOE7s/NeLuu
|
||||
=odUZ
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
|
||||
|
||||
|
||||
Signed message
|
||||
|
||||
The following is an opaque ECDSA signature on a message "This is one
|
||||
line\n" (17 byte long) by the master key:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DIqwE7wsvMwCnM2WDcwR9SOJ/xtFISd25qcXFieqpeSUUJAxCEZGQWKwBR
|
||||
fl6qQk5mXirXoXJmVgbfYC5xmC5hzsDPjHXqbDLzpXpTBXSZV3L6bAgP3Kq7Ykmo
|
||||
7Ds1v4UfBS+3CSSon7Pzq79WLjzXXEH54MkjPxnrw+8cfMVnY7Bi18J702Nnsa7a
|
||||
9lMv/PM0/ao9CZ3KX7Q+Tv1rllTZ5Hj4V1frw431QnHfAA==
|
||||
=elKT
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
Encrypted message
|
||||
|
||||
The following block encrypts the text "This is one line\n", 17 bytes,
|
||||
with the subkey:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DBngOqi5OPmiAZRhIDAwQqIr/00cJyf+QP+VA4QKVkk77KMHdz9OVaR2XK
|
||||
0VYu0F/HPm89vL2orfm2hrAZxY9G2R0PG4Wk5Lg04UjKca/O72uWtjdPYulFidmo
|
||||
uB0QpzXFz22ZZinxeVPLPEr19Pow0EwCc95cg4HAgrD0nV9vRcTJ/+juVfvsJhAO
|
||||
isMKqrFNMvwnK5A1ECeyVXe7oLZl0lUBRhLr59QTtvf85QJjg/m5kaGy8XCJvLv3
|
||||
61pZa6KUmw89PjtPak7ebcjnINL01vwmyeg1PAyW/xjeGGvcO+R4P1b4ewyFnJyR
|
||||
svzIJcP7d4DqYOw7
|
||||
=oiTJ
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
|
||||
|
||||
Signed message
|
||||
|
||||
The following is an opaque ECDSA signature on a message "This is one
|
||||
line\n" (17 byte long) by the master key:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DIwA8BO8LLzMAlnO3Y8tB1vf4/xtNKSdy5qcXFiempeiUVJQxAEJKRWawA
|
||||
RPl5qQo5mXmpXIdmMLMy+AaLnoLpEubatpeJY2Lystd7Qt32q2UcvRS5kNPWtDB7
|
||||
ryufvcrWtFM7Jx8qXKDxZuqr7b9PGv1Ssk+I8TzB2O9dZC+n/jv+PAdbuu7mLe33
|
||||
Gf9pLd3weV3Qno6FOqxGa5ZszQx+uer2xH3/El9x/2pVeO4l15ScsL7qWMTmffmG
|
||||
Ic1RdzgeCfosMF+l/zVRchcLKzenEQA=
|
||||
=ATtX
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
Encrypted message
|
||||
|
||||
The following block encrypts the text "This is one line\n", 17 bytes,
|
||||
with the subkey:
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
qANQR1DBwAIDB+qqSKgcSDgSBCMEAKpzTUxB4c56C7g09ekD9I+ttC5ER/xzDmXU
|
||||
OJmFqU5w3FllhFj4TgGxxdH+8fv4W2Ag0IKoJvIY9V1V7oUCClfqAR01QbN7jGH/
|
||||
I9GFFnH19AYEgMKgFmh14ZwN1BS6/VHh+H4apaYqapbx8/09EL+DV9zWLX4GRLXQ
|
||||
VqCR1N2rXE29MJFzGmDOCueQNkUjcbuenoCSKcNT+6xhO27U9IYVCg4BhRUDGfD6
|
||||
dhfRzBLxL+bKR9JVAe46+K8NLjRVu/bd4Iounx4UF5dBk8ERy+/8k9XantDoQgo6
|
||||
RPqCad4Dg/QqkpbK3y574ds3VFNJmc4dVpsXm7lGV5w0FBxhVNPoWNhhECMlTroX
|
||||
Rg==
|
||||
=5GqW
|
||||
-----END PGP MESSAGE-----
|
||||
|
25
tests/openpgp/samplekeys/ecc-sample-2-pub.asc
Normal file
25
tests/openpgp/samplekeys/ecc-sample-2-pub.asc
Normal file
@ -0,0 +1,25 @@
|
||||
ECC NIST P-384 key taken from
|
||||
https://sites.google.com/site/brainhub/pgpecckeys
|
||||
|
||||
The sample key has ECDSA top key 0x098033880F54719F and a single ECDH
|
||||
encryption subkey 0xAA8B938F9A201946. ECDH subkey uses SHA-384 and
|
||||
AES-256 with KDF.
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
mQBvBE1TBZITBSuBBAAiAwME9rjFrO1bhO+fSiCdsuSp37cNKMuMEOzVdnSp+lpn
|
||||
OJlCti1eUTZ99Me/0/jlAP7s8H7SZaYhqOu75T6UfseMZ366FDvRUzwrNQ4cKfgj
|
||||
E+HhEI66Bjvh5ksQ5pUOeZwttCRlY19kc2FfZGhfMzg0IDxvcGVucGdwQGJyYWlu
|
||||
aHViLm9yZz6JAMsEEBMJAFMFAk1TBZIwFIAAAAAAIAAHcHJlZmVycmVkLWVtYWls
|
||||
LWVuY29kaW5nQHBncC5jb21wZ3BtaW1lBAsJCAcCGQEFGwMAAAACFgIFHgEAAAAE
|
||||
FQkKCAAKCRAJgDOID1Rxn8orAYCqNzUJaL1fEVr9jOe8exA4IhUtv/BtCvzag1Mp
|
||||
UQkFuYy0abogj6q4fHQSt5nntjMBf1g2TqSA6KGj8lOgxfIsRG6L6an85iEBNu4w
|
||||
gRq71JE53ii1vfjcNtBq50hXnp/1A7kAcwRNUwWSEgUrgQQAIgMDBC+qhAJKILZz
|
||||
XEiX76W/tBv4W37v6rXKDLn/yOoEpGrLJVNKV3aU+eJTQKSrUiOp3R7aUwyKouZx
|
||||
jbENfmclWMdzb+CTaepXOaKjVUvxbUH6pQVi8RxtObvV3/trmp7JGAMBCQmJAIQE
|
||||
GBMJAAwFAk1TBZIFGwwAAAAACgkQCYAziA9UcZ+AlwGA7uem2PzuQe5PkonfF/m8
|
||||
+dlV3KJcWDuUM286Ky1Jhtxc9Be40tyG90Gp4abSNsDjAX0cdldUWKDPuTroorJ0
|
||||
/MZc7s16ke7INla6EyGZafBpRbSMVr0EFSw6BVPF8vS9Emc=
|
||||
=I76R
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
22
tests/openpgp/samplekeys/ecc-sample-2-sec.asc
Normal file
22
tests/openpgp/samplekeys/ecc-sample-2-sec.asc
Normal file
@ -0,0 +1,22 @@
|
||||
ECC NIST P-384 key taken from
|
||||
https://sites.google.com/site/brainhub/pgpecckeys
|
||||
|
||||
The sample key has ECDSA top key 0x098033880F54719F and a single ECDH
|
||||
encryption subkey 0xAA8B938F9A201946. ECDH subkey uses SHA-384 and
|
||||
AES-256 with KDF. The password for the key is "ecc".
|
||||
|
||||
-----BEGIN PGP PRIVATE KEY BLOCK-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
lQDSBE1TBZITBSuBBAAiAwME9rjFrO1bhO+fSiCdsuSp37cNKMuMEOzVdnSp+lpn
|
||||
OJlCti1eUTZ99Me/0/jlAP7s8H7SZaYhqOu75T6UfseMZ366FDvRUzwrNQ4cKfgj
|
||||
E+HhEI66Bjvh5ksQ5pUOeZwt/gcDAkrFTsfF6LKsqD/tW6Eot2DDE8znJjnQQ/Nr
|
||||
H98XT1WQ9V0ED8l9DDIIj7z80ED3NR8XMSI8Ew/A/0w6NDPL978BX0MGvpaeBaWV
|
||||
tEuH1EPAxiA+hFALwftY+a8s1zLktCRlY19kc2FfZGhfMzg0IDxvcGVucGdwQGJy
|
||||
YWluaHViLm9yZz6dANYETVMFkhIFK4EEACIDAwQvqoQCSiC2c1xIl++lv7Qb+Ft+
|
||||
7+q1ygy5/8jqBKRqyyVTSld2lPniU0Ckq1Ijqd0e2lMMiqLmcY2xDX5nJVjHc2/g
|
||||
k2nqVzmio1VL8W1B+qUFYvEcbTm71d/7a5qeyRgDAQkJ/gkDAqqmkngPLoJGqI4O
|
||||
rHyyU3wrrPzDDDURkseoUEZlDZINjyto26A8N825mqLqeFytJuuABYH1UnLs4d2x
|
||||
ZJZIYjEoFMPcFPuUtx+IZnECa1Vcyq2aRFCixVO0G/xrSFar
|
||||
=a4k3
|
||||
-----END PGP PRIVATE KEY BLOCK-----
|
28
tests/openpgp/samplekeys/ecc-sample-3-pub.asc
Normal file
28
tests/openpgp/samplekeys/ecc-sample-3-pub.asc
Normal file
@ -0,0 +1,28 @@
|
||||
ECC NIST P-521 key taken from
|
||||
https://sites.google.com/site/brainhub/pgpecckeys
|
||||
|
||||
The sample key has ECDSA top key 0x6B4184E145AF2FFE and a single ECDH
|
||||
encryption subkey 0x07EAAA48A81C4838. ECDH subkey uses SHA-512 and
|
||||
AES-256 with KDF.
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
mQCTBE1TFQITBSuBBAAjBCMEAWuwULfE2XoQmJhSQZ8rT5Ecr/kooudn4043gXHy
|
||||
NZEdTeFfY2G7kwEaxj8TXfd1U1b4PkEoqhzKxhz/MHK/lwi2ARzW1XQiJ1/kFPsv
|
||||
IUnQI1CUS099WKKQhD8JMPPyje1dKfjFjm2gzyF3TOMX1Cyy8wFyF0MiHVgB3ezb
|
||||
w7C6jY+3tCRlY19kc2FfZGhfNTIxIDxvcGVucGdwQGJyYWluaHViLm9yZz6JAO0E
|
||||
EBMKAFMFAk1TFQIwFIAAAAAAIAAHcHJlZmVycmVkLWVtYWlsLWVuY29kaW5nQHBn
|
||||
cC5jb21wZ3BtaW1lBAsJCAcCGQEFGwMAAAACFgIFHgEAAAAEFQoJCAAKCRBrQYTh
|
||||
Ra8v/sm3Agjl0YO73iEpu1z1wGtlUnACi21ti2PJNGlyi84yvDQED0+mxhhTRQYz
|
||||
3ESaS1s/+4psP4aH0jeVQhce15a9RqfX+AIHam7i8K/tiKFweEjpyMCB594zLzY6
|
||||
lWbUf1/1a+tNv3B6yuIwFB1LY1B4HNrze5DUnngEOkmQf2esw/4nQGB87Rm5AJcE
|
||||
TVMVAhIFK4EEACMEIwQBsRFES0RLIOcCyO18cq2GaphSGXqZtyvtHQt7PKmVNrSw
|
||||
UuxNClntOe8/DLdq5mYDwNsbT8vi08PyQgiNsdJkcIgAlAayAGB556GKHEmP1JC7
|
||||
lCUxRi/2ecJS0bf6iTTqTqZWEFhYs2aXESwFFt3V4mga/OyTGXOpnauHZ22pVLCz
|
||||
6kADAQoJiQCoBBgTCgAMBQJNUxUCBRsMAAAAAAoJEGtBhOFFry/++p0CCQFJgUCn
|
||||
kiTKCNfP8Q/MO2BCp1QyESk53GJlCgIBAoa7U6X2fQxe2+OU+PNCjicJmZiSrV6x
|
||||
6nYfGJ5Jx753sqJWtwIJAc9ZxCQhj4V52FmbPYexZPPneIdeCDjtowD6KUZxiS0K
|
||||
eD8EzdmeJQWBQsnPtJC/JJL4zz6JyYMXf4jIb5JyGNQC
|
||||
=5yaB
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
24
tests/openpgp/samplekeys/ecc-sample-3-sec.asc
Normal file
24
tests/openpgp/samplekeys/ecc-sample-3-sec.asc
Normal file
@ -0,0 +1,24 @@
|
||||
ECC NIST P-521 key taken from
|
||||
https://sites.google.com/site/brainhub/pgpecckeys
|
||||
|
||||
The sample key has ECDSA top key 0x6B4184E145AF2FFE and a single ECDH
|
||||
encryption subkey 0x07EAAA48A81C4838. ECDH subkey uses SHA-512 and
|
||||
AES-256 with KDF. The password for the key is "ecc".
|
||||
|
||||
-----BEGIN PGP PRIVATE KEY BLOCK-----
|
||||
Version: PGP Command Line v10.0.0 (Linux)
|
||||
|
||||
lQEIBE1TFQITBSuBBAAjBCMEAWuwULfE2XoQmJhSQZ8rT5Ecr/kooudn4043gXHy
|
||||
NZEdTeFfY2G7kwEaxj8TXfd1U1b4PkEoqhzKxhz/MHK/lwi2ARzW1XQiJ1/kFPsv
|
||||
IUnQI1CUS099WKKQhD8JMPPyje1dKfjFjm2gzyF3TOMX1Cyy8wFyF0MiHVgB3ezb
|
||||
w7C6jY+3/gcDAv+CotECRPpSqGkqKrz+xAhAqswHXzFIBprFF0XiDooWktZSTAUR
|
||||
JVB2U6m28wC4rE3RkqFeR1B+kg4nxEAJ9k6BI8oDE0iyOY5aklF2TxPpTs/BA+N2
|
||||
O4hnXb1l5qXfuyd3bSwDeyfq3CdFe4TeKp7vtCRlY19kc2FfZGhfNTIxIDxvcGVu
|
||||
cGdwQGJyYWluaHViLm9yZz6dAQwETVMVAhIFK4EEACMEIwQBsRFES0RLIOcCyO18
|
||||
cq2GaphSGXqZtyvtHQt7PKmVNrSwUuxNClntOe8/DLdq5mYDwNsbT8vi08PyQgiN
|
||||
sdJkcIgAlAayAGB556GKHEmP1JC7lCUxRi/2ecJS0bf6iTTqTqZWEFhYs2aXESwF
|
||||
Ft3V4mga/OyTGXOpnauHZ22pVLCz6kADAQoJ/gkDAki71k/zBW2qqGyScDNNuWaA
|
||||
9A5aWhpNNyRrFembt7f/W+b591G3twdNmdCIh29VoOmQw3fO8wwgsPTUxQFgd8J3
|
||||
ncft0zciEcDZi/ztLZA3+rIIP2myZLIs9xLG+k+gf3nXpeED4uYqQX3GL+32PKwg
|
||||
=Qnd8
|
||||
-----END PGP PRIVATE KEY BLOCK-----
|
@ -28,7 +28,7 @@ else
|
||||
fi
|
||||
if [ -d private-keys-v1.d ]; then
|
||||
rm private-keys-v1.d/* 2>/dev/null || true
|
||||
rmdir private-keys-v1.d
|
||||
rmdir private-keys-v1.d
|
||||
fi
|
||||
for i in pubring.gpg pubring.gpg~ trustdb.gpg trustdb.gpg~ ; do
|
||||
[ -d "$i" ] && rm "$i"
|
||||
@ -102,5 +102,3 @@ info "Printing the GPG version"
|
||||
$GPG --version
|
||||
|
||||
#fixme: check that the output is as expected
|
||||
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user