From e7abe7e9090cb1d201ef7d0bd122e9c2ccd3eef7 Mon Sep 17 00:00:00 2001 From: David Shaw Date: Wed, 31 Dec 2003 19:00:35 +0000 Subject: [PATCH] * clearsig.test, conventional-mdc.test, conventional.test, defs.inc, encrypt-dsa.test, encrypt.test, genkey1024.test, plain-1.asc, plain-1-pgp.asc, plain-2.asc, plain-3.asc, pubring.asc, secring.asc, sigs.test: Rework tests to work properly with a gpg binary that doesn't have all ciphers and all pk algos. Basically, we test for the ciphers we have, only test signing with non-160-bit hashes with RSA (we test all hashes as hashes). Test all key lengths of AES. --- checks/ChangeLog | 11 + checks/clearsig.test | 25 +- checks/conventional-mdc.test | 25 +- checks/conventional.test | 29 +- checks/defs.inc | 19 + checks/encrypt-dsa.test | 36 +- checks/encrypt.test | 34 +- checks/genkey1024.test | 6 +- checks/plain-1-pgp.asc | 48 +- checks/plain-1.asc | 47 +- checks/plain-2.asc | 58 +- checks/plain-3.asc | 21 +- checks/pubring.asc | 1411 +++++++++++++++++----------------- checks/secring.asc | 112 +-- checks/sigs.test | 32 +- 15 files changed, 1041 insertions(+), 873 deletions(-) diff --git a/checks/ChangeLog b/checks/ChangeLog index 38947408c..63b7e05a4 100644 --- a/checks/ChangeLog +++ b/checks/ChangeLog @@ -1,3 +1,14 @@ +2003-12-31 David Shaw + + * clearsig.test, conventional-mdc.test, conventional.test, + defs.inc, encrypt-dsa.test, encrypt.test, genkey1024.test, + plain-1.asc, plain-1-pgp.asc, plain-2.asc, plain-3.asc, + pubring.asc, secring.asc, sigs.test: Rework tests to work properly + with a gpg binary that doesn't have all ciphers and all pk algos. + Basically, we test for the ciphers we have, only test signing with + non-160-bit hashes with RSA (we test all hashes as hashes). Test + all key lengths of AES. + 2003-12-05 David Shaw * Makefile.am: Reenable tests now that the Elgamal signature keys diff --git a/checks/clearsig.test b/checks/clearsig.test index 89d323317..b1eb125f2 100755 --- a/checks/clearsig.test +++ b/checks/clearsig.test @@ -1,13 +1,9 @@ #!/bin/sh - # Fixme: we should not only do a --verify but also the output. - - . $srcdir/defs.inc || exit 3 - # ====================================== # I can't compare the out because plain-3 has no LF as last charcater # but the output has always one. I do not thinkl this is a bug, because @@ -18,14 +14,17 @@ for i in $plain_files plain-large ; do $GPG --verify x done + # ====================================== # and once more to check rfc1991 # ====================================== -for i in $plain_files plain-large ; do - echo "$usrpass1" | $GPG --passphrase-fd 0 \ - --rfc1991 --digest-algo md5 -sat -o x --yes $i - $GPG --verify x -done + +if have_cipher_algo "RSA"; then + for i in $plain_files plain-large ; do + $GPG -u $usrkeyid3 --rfc1991 --digest-algo md5 -sat -o x --yes $i + $GPG --verify x + done +fi # ====================================== # and one with long lines @@ -38,6 +37,7 @@ EOF echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y $GPG --verify x + # ====================================== # and one with only one long lines # ====================================== @@ -46,6 +46,8 @@ xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx EOF echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y $GPG --verify x + + # ====================================== # and one with an empty body # ====================================== @@ -54,6 +56,7 @@ EOF echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y $GPG --verify x + # ====================================== # and one with one empty line at the end # ====================================== @@ -97,7 +100,3 @@ EOF echo "$usrpass1" | $GPG --passphrase-fd 0 \ --not-dash-escaped --clearsign -o x --yes y $GPG --verify x - - - - diff --git a/checks/conventional-mdc.test b/checks/conventional-mdc.test index 463e0c49f..95a6ba476 100755 --- a/checks/conventional-mdc.test +++ b/checks/conventional-mdc.test @@ -2,9 +2,31 @@ . $srcdir/defs.inc || exit 3 +algos="3des" + +if have_cipher_algo "idea"; then + algos="$algos idea" +fi + +if have_cipher_algo "cast5"; then + algos="$algos idea" +fi + +if have_cipher_algo "blowfish"; then + algos="$algos idea" +fi + +if have_cipher_algo "aes"; then + algos="$algos aes aes192 aes256" +fi + +if have_cipher_algo "twofish"; then + algos="$algos twofish" +fi + #info Checking conventional encryption for i in 0 1 2 3 9 10 11 19 20 21 22 23 39 40 41 8192 32000 ; do - for ciph in 3des cast5 blowfish twofish rijndael; do + for ciph in $algos; do # *BSD's dd can't cope with a count of 0 if test "$i" = "0"; then : >z @@ -18,4 +40,3 @@ for i in 0 1 2 3 9 10 11 19 20 21 22 23 39 40 41 8192 32000 ; do cmp z y || error "$ciph/$i: mismatch" done done - diff --git a/checks/conventional.test b/checks/conventional.test index 87aeb9c56..255f6ce0b 100755 --- a/checks/conventional.test +++ b/checks/conventional.test @@ -2,10 +2,6 @@ . $srcdir/defs.inc || exit 3 -# temp. hack cause the format for 128 bit blocksize messages may change -GNUPG_ENABLE_TWOFISH=1 -export GNUPG_ENABLE_TWOFISH - #info Checking conventional encryption for i in plain-2 data-32000 ; do echo "Hier spricht HAL" | $GPG --passphrase-fd 0 -c -o x --yes $i @@ -13,7 +9,29 @@ for i in plain-2 data-32000 ; do cmp $i y || error "$i: mismatch" done -for a in cast5 3des twofish; do +algos="3des" + +if have_cipher_algo "idea"; then + algos="$algos idea" +fi + +if have_cipher_algo "cast5"; then + algos="$algos idea" +fi + +if have_cipher_algo "blowfish"; then + algos="$algos idea" +fi + +if have_cipher_algo "aes"; then + algos="$algos aes aes192 aes256" +fi + +if have_cipher_algo "twofish"; then + algos="$algos twofish" +fi + +for a in $algos; do for i in plain-1 data-80000 ; do echo "Hier spricht HAL" | $GPG --passphrase-fd 0 \ --cipher-algo $a -c -o x --yes $i @@ -21,4 +39,3 @@ for a in cast5 3des twofish; do cmp $i y || error "$i: ($a) mismatch" done done - diff --git a/checks/defs.inc b/checks/defs.inc index e5ef1a393..3f87085cd 100755 --- a/checks/defs.inc +++ b/checks/defs.inc @@ -9,6 +9,8 @@ usrname1="one" usrpass1="def" usrname2="two" usrpass2="" +usrname3="three" +usrpass3="" dsa_usrname1="pgp5" @@ -80,6 +82,23 @@ echo_n () { # cleanup_files="$cleanup_files $*" #} +have_pubkey_algo () { + if ../g10/gpg --homedir . --version | grep "Pubkey:.*$1" >/dev/null + then + true + else + false + fi +} + +have_cipher_algo () { + if ../g10/gpg --homedir . --version | grep "Cipher:.*$1" >/dev/null + then + true + else + false + fi +} have_hash_algo () { if ../g10/gpg --homedir . --version | grep "Hash:.*$1" >/dev/null diff --git a/checks/encrypt-dsa.test b/checks/encrypt-dsa.test index 27891bf01..0c6333c21 100755 --- a/checks/encrypt-dsa.test +++ b/checks/encrypt-dsa.test @@ -9,11 +9,33 @@ for i in $plain_files $data_files ; do cmp $i y || error "$i: mismatch" done -# and with cast -for i in $plain_files $data_files ; do - $GPG $dsa_keyrings --always-trust --cipher-algo cast5 -e \ - -o x --yes -r "$dsa_usrname2" $i - $GPG $dsa_keyrings -o y --yes x - cmp $i y || error "$i: mismatch" -done +algos="3des" +if have_cipher_algo "idea"; then + algos="$algos idea" +fi + +if have_cipher_algo "cast5"; then + algos="$algos idea" +fi + +if have_cipher_algo "blowfish"; then + algos="$algos idea" +fi + +if have_cipher_algo "aes"; then + algos="$algos aes aes192 aes256" +fi + +if have_cipher_algo "twofish"; then + algos="$algos twofish" +fi + +for ca in $algos ; do + for i in $plain_files $data_files ; do + $GPG $dsa_keyrings --always-trust --cipher-algo $ca -e \ + -o x --yes -r "$dsa_usrname2" $i + $GPG $dsa_keyrings -o y --yes x + cmp $i y || error "$i: mismatch" + done +done diff --git a/checks/encrypt.test b/checks/encrypt.test index 4e5c5c042..44f26a17a 100755 --- a/checks/encrypt.test +++ b/checks/encrypt.test @@ -8,9 +8,33 @@ for i in $plain_files $data_files ; do $GPG -o y --yes x cmp $i y || error "$i: mismatch" done -for i in $plain_files $data_files ; do - $GPG --always-trust -e -o x --yes -r "$usrname2" --cipher-algo cast5 $i - $GPG -o y --yes x - cmp $i y || error "$i: mismatch" -done +algos="3des" + +if have_cipher_algo "idea"; then + algos="$algos idea" +fi + +if have_cipher_algo "cast5"; then + algos="$algos idea" +fi + +if have_cipher_algo "blowfish"; then + algos="$algos idea" +fi + +if have_cipher_algo "aes"; then + algos="$algos aes aes192 aes256" +fi + +if have_cipher_algo "twofish"; then + algos="$algos twofish" +fi + +for ca in $algos ; do + for i in $plain_files $data_files ; do + $GPG --always-trust -e -o x --yes -r "$usrname2" --cipher-algo $ca $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" + done +done diff --git a/checks/genkey1024.test b/checks/genkey1024.test index e9852d7b6..48d02da32 100755 --- a/checks/genkey1024.test +++ b/checks/genkey1024.test @@ -13,6 +13,10 @@ Name-Email: hh@@ddorf.de Expire-Date: 1 Passphrase: abc %commit +EOF + +if have_pubkey_algo "RSA"; then +../g10/gpg --quiet --batch --quick-random --homedir . --gen-key < -ssb 1024g/39A28DE3 2003-12-05 -sec 1024R/2E4BBF50 2003-12-05 Test two (no pp) +sec 1024D/D74C5F22 2003-12-31 Test one (pp=def) +ssb 1024g/47BE2775 2003-12-31 + +sec 1024D/C40FDECF 2003-12-31 Test two (no pp) +ssb 1024g/B27907AA 2003-12-31 + +sec 1024R/ECABF51D 2003-12-31 Test three (no pp) -----BEGIN PGP PRIVATE KEY BLOCK----- -Version: GnuPG v1.2.4rc1 (GNU/Linux) +Version: GnuPG v1.3.5-cvs (GNU/Linux) -lQH8BD/QD5YBBADCMlfBdv6UYURjCN9BCvqFbT/mm2PMWmnVniQkNqj2XxyfBjqb -zyQotcFIDEdzQ84OssEGXNOOnpNzMO9Ae8yTN8g+GcW1dpVQqav9RK5BMiPcz2SW -XMUBMwvm9GxYryiIaIWJehLLtrYaz13ssXOi7v3EmllgNv0GLYL2A3VPmwAGKf4D -AwIzPhEDdNh2Q2AjfyaeF75kjNLag1BU0zaJk/75wvNO/j0aGsbxbpAANiJUhYQo -Z6cguKhSrrNFCH4NKSI0leREVYSNdxhBuGuxZkWXxUwuEeP0FZHz5DAqVM24PSNQ -lmJ+og7rMZBZRvleEdiFPJQ5hQOb3gRSU7fi88vlvc0FUwrUpt0RYAC2ok+Qiu5s -0CqjJl1CqpX6nm0AniCzASwW9KyU//ZXkyEVmiVIlUOve1Ye9r19rCCsLtx3uMPh -snHYR6Hco5wHMXqCwKAOkUwsIgX8kWoHYNNpuRXMvxJHy0p1utZtxVbVvHOYzZ2k -Xfc25QeBjDth+9quuUE//Rt4Ndk7eHilTJXv3YpDEmer3gbNwj/JxKzuH4u+9MqZ -udnJVpS1IQw1B3zgh2vYqzgkrDQkGJiTXX0gOGLvjMzUb7UgPwkX9WU08QHqnTYx -e1RFqrg/RaGMfeQzIdtsIYOg9rFZLf/fQa6R43cCrLQjVGVzdCBvbmUgKHBwPWRl -ZikgPG9uZUBleGFtcGxlLmNvbT6ItAQTAQIAHgUCP9APlgIbAwYLCQgHAwIDFQID -AxYCAQIeAQIXgAAKCRD4gUdpLVdM0MGEBACOzlVRWm8XEmARfqqKErbssoQ4ac4E -/sWqWNK5zi043YvyWow8zXx13xPz9LvkPRe7DfDvydGDCS4YwDnkPCL2bbCW0AQw -8k3v41Dahg75lPH6K/lMM+HvRrQEDaCR2kshm9E1BWGaZA487ysjqYgTdQHbEHbs -4ymlE3Oc8P1UnJ0BWAQ/0BAoEAQAnBAah2r5RipdPgo6x0ib88oT9UEdaOzQxAh8 -t6UYpjybRZuNnCVbM47iWy2ZsBCFrvo7QgqY7XjC7eMxZaYOsyBblQW+OFC+ZbtO -SNi17xsloMkbpmufRAnT3IGMZfWj2QZunweJ2mi8pABhymxEFRDWwRbNIdsAZEI0 -jaQyH4MAAwUD/1yuqmZ3tO9eIvzaJ50fLH++iuIu/GglGJKfoW9dTRYlYlMQO5Ae -3NWRfe1c84meryLxYvEj9SN9EoFw03OzpCBXH01w+x+XKqf90B7TJFOGf3+v2xEF -8/mB+oyFpmwi1dWouMWoby5Q6QY11VHb5AcLSeLOz4hxpEfagnvro+tu/gMDAgnt -wH2JvYsSYEZaoxEV9Kq8CPJi5NHdbO2NI4zLDdS8/7o5KuTTZ9liWJc4qw1Z2/R4 -+CLyVhMeVYTmnFCc++xG3iggrXrQiJ8EGAECAAkFAj/QECgCGwwACgkQ+IFHaS1X -TNCBTwP8D59hI28OPKTX8c8ACCkxK8G1Hhb3NLSxzPGoF8+RI5EQ8KAW9+kz+dXp -erRme+/EShlAkcUVJh3rtQHNuHmRCjD1X7r/aJ0fOVYOLJjZzCuxbOoz1eCLbhSq -nICtdpvZjqf6LwZo/9YhkLLgZdOouZrzS1A/6aNeRyyqCTDlvMKVAdYEP9AQAgEE -AK3z6eNFE5e5vPaxZ1Apzr2K6dwWSBv8jG1NOC3ZRODSB/Vi5lkrwd0tvWRP8xYB -vPelQtFMXRB2y+772Q74eTRrQkmSKNQk4ENstVIcn9QbNkI3VtnN+GoVQXfovh/A -MWSa7KMEdev39I/BOzMNqWxHyyQXdryxKpxMl0QrOfdbAAYpAAP8CeZWJ/2v8b2P -9RBXDOMo52elPnn7x1D5bDRDt6601Jl7P+qSUABosQKaY14LwLtqfnvga6av9ofN -Kr0pfbrjg+4JJabTDzAzfaVUdP7/13Rh7eyZrqcPMbvQmD/rJ+D9vlSEbnaZuPvk -+3ap+mDRw2QF7At8ZtM0UcFv5oXbliECAMXwrcit0xpCWwNHQTrJJx2fqMVupTrD -B+X8LEIosKuYEti45wRJOzis0MooiVFfsxvQU2KCpFdufahdLE4N3tcCAOD6BjGQ -rQTL/34Pv/NrvpLd1w/uExu8ryaGRh7fIBDliodl3dwx2b5HDq1n5/J2K05uL1jX -5P8kyziwadGr7x0CALeQgqf7FMJtwuAjcIqxRIGt5UjIqZjR68iNxRFl8kVUIkVO -oG3+EIWrjfmDMJQRJkp5bbfir13xih4OCHeVGVapIbQiVGVzdCB0d28gKG5vIHBw -KSA8dHdvQGV4YW1wbGUuY29tPoi0BBMBAgAeBQI/0BACAhsPBgsJCAcDAgMVAgMD -FgIBAh4BAheAAAoJEP3n9KQuS79QMg4EAIbyx/P/q8M99voXUCn6id9bHLWgrWAr -+bzQg5mCyjR9JFdZ5BIj1PkW2CTrOl62oh+vEcSxubz7Oca4Fvelc5MVPAEilVnz -POlBRmx3we1yrcxbCgrnlXIuQjmc1MGZJMmA8jYi268IFZKfceZ80SPuGX2gy2Jn -6BV6BXB2SLkY -=gop2 +lQHhBD/yNQgRBAC/KSfe6uVfDgA3BrGpNLhVxT/ytwXMpBI8pEdTiY0jWnYrb/Yu +8wtCeZ9GAux/ZA/ted+7pdibHXfX5PzDfgUTZwrIJa57OUpWwI878AzZxNsnVv1I +P6ufGyESKME4PUQO5heKhwAb0gQwFwArS3v4oeYrEljhJ79kpt319JEAEwCg+hTk +nylYwYGT/PEVQ4JlLPoWmqUEAJn1HX1Od5tyoK4OEAM5G+wHz3SBj4FMonZNWs1I +t03JKHoM5ulQ2FgEWmBVIPTKSDm/jQXPYApz5DpxpoGYbTCaEo6zfE32AEzoXDmG +AZE90Xhq/wcEN+JcHpHytAA/n+hYaR3sYegQ52mWMR+vdd99KO0V0jLRcckgBA7Z +2jlFA/98cyy2nYt0QI5Tf+t/d4WBeib2yNWVtZH/j7XpDqHLZDgVAYkazCA6ZF7B +vLddBEqVAh1X5tqua4AXX9L4SGYb7B0LRV72alhYiWWHez126KjVgwRTUxtEJ4En +HmYJRReLlXosPIRhXSz7HFAqalPXJ0DvC9kzTQnnjPOylyMPTf4CAwJkfa7fzYfs +BWBdwH11VHPRv4hkbVaS7Vw6TTmc9D+ZEFv6pw+gTLldIfEZU3+24eoVkMjdwGF2 +dXN/V7QjVGVzdCBvbmUgKHBwPWRlZikgPG9uZUBleGFtcGxlLmNvbT6IWgQTEQIA +GgUCP/I1CAIbAwILAgMVAgMDFgIBAh4BAheAAAoJEA73cJbXTF8iUO4AnA8wHb3e +rMrfWV3ij0d/cEiSJAYFAJ9fcbShgTXDN1dIVZvLSW5E93TfC50BVwQ/8jUNEAQA +6AJLWnjvNx15zRS9ULSmF7BqUdRTp/ua6VavSPRljVFTQg4/XwcB5Psg1zA9xRpS +8L0ph6deZhu87WLuw01QI6wpRqbCD6hI0xxszcDA3DGWCBPIlLU3pbMhfsyNEtSV +Sq1stGE8MaUKW23rJ4CNLSllPrjpMA1oEOJEiCT3gAMAAwUD/0aHZfVLL7gin9G0 +wkM9k5j5jqxZQ3s6IzYGR1SYIs6Zo5V+CuwR68p1IEGPShVY3zVTTaLuNDOGEAje +1kwUmY/+GUXsCVLkdJouPb63WccAorLvRCGyQg1HjUIK/2wcBzmA3Vatjk0Ol4jX +YaaqxYw9BU9QexNN7RCxPpdsfO8L/gIDAmR9rt/Nh+wFYEvXzcetbmRUtlnyX2e0 +2F35hsF4RxXrHAYepLiQbk+oWnYH8mWL5IED80PzjUifsIxDH9AWHUBvD+4NjxWI +SQQYEQIACQUCP/I1DQIbDAAKCRAO93CW10xfInB4AKDKD5BulHRXb04ynP6YWel6 +I2g3fQCgqJEJLoUNcIF3tp2jF2jBr80WmM2VAbsEP/JSaxEEAKxxqlg9Kz9DZ/3N +52BC0w+JtYKke39vpdWVDHR3MHmMJ/31Y2iSpm0fvRs3h1j9/fBVmLOZglNQyH62 +SxdJyZwCelkZzfUy/qLm9Qaqi7wpg0p4EbmWdoFF/A1Zg/MU7D5w5xu+EA1J77Z6 +QyALN9rIOXZ7rLLa64lw/MV4LdIPAKC449htJbbp5rkJHvBDs4YxEIkk5wP/X4hP +GlIw5PlHrsG7hdahhTudV5hRGlvosnwsrYJXvKAQLAV1EV26SIYUH5pM/ycXrG25 +dqVoG56uQqnhBdUqo4iSnsxY3ZMA46D14REc9P//CGvJ/j2Z41gw8u8oB7rS50dj +voaWb5myj7bhacTBdfah3U8dVXcIi1ZFvtiaGAYD+gIF7eNIdpaYiB0427un4ggc +26+Y9nkF93DaMnZEaYSeum6g/g7D1vwINFgQkMYEWi4DK3W+uH0E/n8o20wS2wvM +rbeYaQm5v6ucd001wwFDY6AdwpwP7UCLQcu6qqvwNHdxWYK6+gIsSufLmeMGrsvC +0WQqYeu1GfGpHIMCZJlZAACff9jWuNkBIYwr0gZvXL9kMpPTORMJ4LQiVGVzdCB0 +d28gKG5vIHBwKSA8dHdvQGV4YW1wbGUuY29tPohfBBMRAgAfBQI/8lJrAhsDBwsJ +CAcDAgEDFQIDAxYCAQIeAQIXgAAKCRCXPVDhxA/ez4BDAJ9sPyWbgc4424/Rt291 +voaJYdMdFwCdFAxAg7wN6d8qoZKEWJZUiopPvzGdATEEP/JSbxAEAMzYsfnax02A +jMUvDYlGTaVUxp1n8zI8QqlcmWLfQhJuwOCXH0m4EVKaairp8K3rg5pjRhXNVvpU +9aC37yWg4v6EP6Lm4CHKtBGeYDlMnWo/etT1d5bTZmmlEmbCeo0cWmtBQdXIMehF +QfPIEeiQeJgDOClfgrf3/UMz79kzEvKrAAMGA/43c6bZ7IidduMk1uXsIb1FaZgx +rk/QrgN4IFuuW4zoX62r1+a3xzAlyz1zDVxYKQNNdr4IVcLp/3pJI+/68WqWZpRN +vGKUg4/D8J/5ZKjQI8uOujMvsFHqAoIO5hIP++YrNqICs8dS+dp2suwRpn0uNeZu +wQY1h7IlAOikbRV7dQAA92kVxs7SWBQ/iTexM19Ih/AEK3xjAFOY+TlruFMjjLYO +TohJBBgRAgAJBQI/8lJvAhsMAAoJEJc9UOHED97PLL4An2KG78IRsthGnHJOtnQP +QrYoxb27AJ41qvZyQw0V5ClIAtEtd+JqUnxHmJUB1gQ/8lO9AQQAqFJWduzk11/m +0Ac/K/mab0kzzr3UUor1bkxh4vcxJHOTZF3a9Y6t1WUpwlOXeCNkY98tRYUg6A40 +wFgkKz/4jdOaiDtHW2bOqrvJmJ/wH/5zdmDpthu53JEgXUKP/+j2dfrvYTZYxy2m +11DA68QK9iPSBmksglFMQE2IJatwEAEACQEBAAP4vKABRIX7dtUOm2y6VyGsESE5 +D4YI1AhL0EWodt84EPEUvC1o61UuYbAe28JIHwjIKDLgDiedZ6hTBV3K5cI1aFHL +421hDE0qtD+mVZhcRGnR2RHhr9gX6qX+4P8mV0w1nhdShwUhlFO1GuwQ2/dWKwYd +XGbDW7P58LIiudGWuQIAwzxYBjmWvVl1Kqvf2s2qe0tmqhdU7g2Jt3lPDej/ckxU +n/ESozKSu517zueU8IAkw+Vf2CM/UHntSZHE3yYY2QIA3LWUXwDxr0OL1MMRuLrK +PZ2wrRZRmGU0IDDx3zBX5VMsR/WNMwPLo8iimBT2F7ez3umPqqrugRtJj6ryF3t3 +aQH+Kfst9psjWkmpBrEO99j4Gq6orYHnzd4fSnnOJEv4/ObdXrGBGwvV5RZblXCF +A2kB3ShaYowpengtqBVzpD0cCZ6ntCZUZXN0IHRocmVlIChubyBwcCkgPHRocmVl +QGV4YW1wbGUuY29tPoi1BBMBAgAfBQI/8lO9AhsDBwsJCAcDAgEDFQIDAxYCAQIe +AQIXgAAKCRDRILYm7Kv1HWpDA/9sINfVYaTW7TOQolYn9Vee4feOTpl6+S4dkgLC +OWoDG/V17k/cl7Jr/iQ+YRBOi0S/fFwMBn72kEvdOtmiUAqHGQFnTyXhBLLvqTJ/ +yEHR6hnZK+zsusY8EmvoIdfSTIOJqkeACEEpCr0aE0qkgBm4voMrZ05pAO2hFJba +IHWHiQ== +=52aT -----END PGP PRIVATE KEY BLOCK----- diff --git a/checks/sigs.test b/checks/sigs.test index 38cabe64d..a0ae955dd 100755 --- a/checks/sigs.test +++ b/checks/sigs.test @@ -9,15 +9,8 @@ for i in $plain_files $data_files; do cmp $i y || error "$i: mismatch" done -# TODO: add the new SHAs here once we allow them to be used in new -# documents. - -hash_algo_list="ripemd160 sha1 md5" -if have_hash_algo "SHA256"; then - hash_algo_list="$hash_algo_list sha256" -fi - -for da in $hash_algo_list ; do +# Using the DSA sig key - only 160 bit hashes +for da in ripemd160 sha1 ; do for i in $plain_files; do echo "$usrpass1" | $GPG --passphrase-fd 0 --digest-algo $da \ -s -o x --yes $i @@ -27,3 +20,24 @@ for da in $hash_algo_list ; do break done done + +# TODO: add the new SHAs here once we allow them to be used in new +# documents. + +if have_cipher_algo "RSA"; then + # Using the RSA sig key - all hashes + hash_algo_list="ripemd160 sha1 md5" + if have_hash_algo "SHA256"; then + hash_algo_list="$hash_algo_list sha256" + fi + + for da in $hash_algo_list ; do + for i in $plain_files; do + $GPG -u $usrkeyid3 --digest-algo $da -s -o x --yes $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" + # process only the first one + break + done + done +fi