1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

531 Commits

Author SHA1 Message Date
Justus Winter
4994153924 tests: Add support for a passphrase queue to fake pinentry.
* tests/openpgp/fake-pinentry.c (get_passphrase): New function.
(main): Add option --passphrasefile and read passphrases from it.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-05-23 16:06:53 +02:00
Justus Winter
41b10c66ec tests: Add logging to fake pinentry.
* tests/openpgp/fake-pinentry.c (log_stream): New variable.
(reply): New function.
(spacep,skip_options,option_value): Copy from common.
(main): Parse arguments, add --logfile option, write logfile.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-05-23 16:06:53 +02:00
Justus Winter
a54e89a585 tests: Add export test.
* tests/openpgp/Makefile.am (TESTS): Add new file.
* tests/openpgp/export.test: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-05-23 16:06:53 +02:00
Werner Koch
d696eb396a
tests: Disable the migrations tests
* tests/Makefile.am (SUBDIRS): Remove migrations.
* configure.ac (AC_CONFIG_FILES): Remove migrations Makefile.
--

The tests introduced with commit defbc70b require some non-portable
tools like mktemp and basename.  They further fail with "make
distcheck".  Removed for now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-04 11:35:24 +02:00
Werner Koch
33aacc3d4b
tests: Silence output of some tests.
* common/t-exechelp.c (print_open_fds): Silence non-verbose output.
(test_close_all_fds): Ditto.
* common/t-session-env.c (show_stdnames): Indent output.
* g10/test.c (TEST): Silence non-verbose okay output.
(exit_tests): Ditto.
* tools/gpg-zip.in (tar_verbose_opt): Add option --quiet.
* tests/openpgp/gpgtar.test (GPGZIP): Pass option --quiet.
* tests/openpgp/mds.test: Indent MD5 notice.
* tests/openpgp/version.test: Indent --version output.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-03 11:26:06 +02:00
Justus Winter
12af2630cf common: Add support for the new extended private key format.
* agent/findkey.c (write_extended_private_key): New function.
(agent_write_private_key): Detect if an existing file is in extended
format and update the key within if it is.
(read_key_file): Handle the new format.
* agent/keyformat.txt: Document the new format.
* common/Makefile.am: Add the new files.
* common/private-keys.c: New file.
* common/private-keys.h: Likewise.
* common/t-private-keys.c: Likewise.
* common/util.h (alphap, alnump): New macros.
* tests/migrations: Add test demonstrating that we can cope with the
new format.

--
GnuPG 2.3+ will use a new format to store private keys that is both
more flexible and easier to read and edit by human beings.  The new
format stores name,value-pairs using the common mail and http header
convention.

This patch adds the parser and support code and prepares GnuPG 2.1 for
the new format.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Justus Winter
0c35e09278 tests: Make migration test more robust and silent.
* tests/migrations/from-classic.test: Fix in-tree build, silence test.

Fixes-commit: defbc70b
Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Justus Winter
f8adf1a323 agent: Sanitize permissions of the private key directory.
* agent/gpg-agent.c (create_private_keys_directory): Set permissions.
* common/sysutils.c (modestr_to_mode): New function.
(gnupg_mkdir): Use new function.
(gnupg_chmod): New function.
* common/sysutils.h (gnupg_chmod): New prototype.
* tests/migrations/from-classic.test: Test migration with existing
directory.

GnuPG-bug-id: 2312
Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-20 15:02:37 +02:00
Justus Winter
defbc70b4a tests: Test the migration from a classic GnuPG home directory.
* configure.ac: Add new directory.
* tests/Makefile.am (SUBDIRS): Likewise.
* tests/migrations/Makefile.am: New file.
* tests/migrations/from-classic.gpghome/pubring.gpg.asc: Likewise.
* tests/migrations/from-classic.gpghome/secring.gpg.asc: Likewise.
* tests/migrations/from-classic.gpghome/trustdb.gpg.asc: Likewise.
* tests/migrations/from-classic.test: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-20 15:02:37 +02:00
Werner Koch
94504b3d5a
tests: Set fake-pinentry's stdout and stdin to _IOLBF.
* tests/openpgp/fake-pinentry.c (main): Call setvbuf.  Show passphrase
at startup.  Increase buffer.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-14 09:37:45 +02:00
Werner Koch
96bcd4220f
Now build "gpg" binary but install as "gpg2"
* configure.ac (USE_GPG2_HACK): New ac_define am_conditional.
* common/homedir.c (gnupg_module_name): Replace use of macro
NAME_OF_INSTALLED_GPG.
* g10/keygen.c (generate_keypair): Ditto.
* g10/Makefile.am (bin_PROGRAMS): Remove.
(noinst_PROGRAMS): Add gpg or gpg2 and gpgv or gpg2.
(gpg2_hack_list): New.
(use_gpg2_hack): New.
(gpg2_SOURCES): Rename to gpg_SOURCES.
(gpgv2_SOURCES): Rename to gpgv_SOURCES.
(gpg2_LDADD): Rename to gpg_LDADD.
(gpgv2_LDADD): Rename to gpgv_LDADD.
(gpg2_LDFLAGS): Rename to gpg_LDFLAGS.
(gpgv2_LDFLAGS): Rename to gpgv2_LDFLAGS.
(install-exec-hook): Remove WinCE specific rules and add new rules.
(uninstall-local): Uninstall gpg/gpg2 and gpgv/gpgv2.
* tests/openpgp/Makefile.am (required_pgms): s/gpg2/gpg/.
* tests/openpgp/defs.inc: Ditto.
* tests/openpgp/gpgtar.test: Ditto.
* tests/openpgp/mkdemodirs: Ditto.
* tests/openpgp/signdemokey: Ditto.

* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Remove obsolete
--enable-mailto, add --enable-gpg2-is-gpg.
--

Although we need to duplicate some automake generated code this method
allows to easily switch the name of the installed target using the
configure option "--enable-gpg2-is-gpg".

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-04 18:40:25 +02:00
Werner Koch
c6ed863491
tests: Add missing file.
* tests/openpgp/Makefile.am (TEST_FILES): Add plain-largeo.asc.
--

Fixes-commit: 785a7f463ec4e937304ce1263c5e6a46e8079137
2016-04-04 18:40:25 +02:00
Justus Winter
dd5902cc45 tests: Fix default key test.
* tests/openpgp/default-key.test: Avoid using the option
'--trust-model' unconditionally.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-04 13:10:28 +02:00
Justus Winter
a883d4c0f8 tests/openpgp: Skip gpgtar test if it has not been built.
* tests/openpgp/gpgtar.test: Check if executable exists.

GnuPG-bug-id: 2261
Signed-off-by: Justus Winter <justus@g10code.com>
2016-03-03 12:24:24 +01:00
Uldis Anšmits
1cdb744d91 tests/openpgp: Make tests more portable.
* tests/openpgp/default-key.test: Avoid 'grep -q'.
* tests/openpgp/gpgtar.test: Avoid 'grep -qe' and 'diff -q'.
* tests/openpgp/use-exact-key.test: Avoid 'grep -q'.

GnuPG-bug-id: 2262
Signed-off-by: Justus Winter <justus@g10code.com>
2016-03-02 17:59:38 +01:00
Justus Winter
ede0061feb tests/openpgp: Qualify executables with extension.
* tests/openpgp/Makefile.am (required_pgms): Qualify executables with
'$EXEEXT'.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:52 +01:00
Justus Winter
01dcc2cf2f tests/openpgp: Reimplement 'pinentry.sh' in c.
* tests/openpgp/Makefile.am: Build new program.
* tests/openpgp/defs.inc: Use the new program.
* tests/openpgp/fake-pinentry.c: New file.
--
Building an executable that does not require an interpreter makes it
easier to use on Windows.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:52 +01:00
Justus Winter
785a7f463e tests/openpgp: Avoid dependency on source files.
* tests/openpgp/plain-largeo.asc: New file.
* tests/openpgp/version.test: Dearmor the new file instead of relying
on the source being present.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:52 +01:00
Justus Winter
629284120f tests/openpgp: Fix file removal.
* tests/openpgp/version.test: Fix file removal.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:52 +01:00
Werner Koch
d711f5c769
tests: Remove some harmless warnings in regression tests.
* tests/openpgp/gpg-agent.conf.tmpl: Remove --use-standard-socket.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-02-13 17:06:15 +01:00
Werner Koch
1fbfa1bf0a
tests: Use info and error instead of a plain echo.
* tests/openpgp/4gb-packet.test: Use error and info.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:34:14 +01:00
Neal H. Walfield
dc52995d85 gpg: Lazily evaluate --default-key.
* g10/gpg.c (main): If --encrypt-to-default-key is specified, don't
add --default-key's value to REMUSR here...
* g10/pkclist.c (build_pk_list): ... do it here.
* tests/openpgp/Makefile.am (TESTS): Add default-key.test.
* tests/openpgp/default-key.test: New file.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-22 15:03:54 +01:00
Justus Winter
1c8eae95a8 tests: Add some more gpgtar tests.
* tests/openpgp/gpgtar.test: Add more tests.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-07 13:05:01 +01:00
Justus Winter
582e684a48 tools/gpgtar: Implement symmetric encryption.
* tests/openpgp/gpgtar.test: Add test case.
* tools/gpgtar-create.c (gpgtar_create): Pass '--symmetric' flag to
gpg.
* tools/gpgtar.c (parse_arguments): We do handle the argument now.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:52:40 +01:00
Justus Winter
45c814f348 tools/gpgtar: Implement signing.
* tests/openpgp/gpgtar.test: Test signing.
* tools/gpgtar-create.c (gpgtar_create): Add 'sign' option, add the
appropriate gpg arguments to implement signing and selecting the local
user.
* tools/gpgtar.c (parse_options): We do handle '--local-user' now.
(main): Handle signing, encrypting, and doing both when creating an
archive.
* tools/gpgtar.h (gpgtar_create): Update prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:52:40 +01:00
Neal H. Walfield
cedbd4709e gpg: Use the matching key if the search description is exact.
* g10/gpg.c (check_user_ids): If the search description is for an
exact match (a keyid or fingerprint that ends in '!'), then use the
matching key, not the primary key.
* tests/openpgp/Makefile.am (TESTS): Add use-exact-key.test.
(priv_keys): Add privkeys/00FE67F28A52A8AA08FFAED20AF832DA916D1985.asc,
privkeys/1DF48228FEFF3EC2481B106E0ACA8C465C662CC5.asc,
privkeys/A2832820DC9F40751BDCD375BB0945BA33EC6B4C.asc,
privkeys/ADE710D74409777B7729A7653373D820F67892E0.asc and
privkeys/CEFC51AF91F68A2904FBFF62C4F075A4785B803F.asc.
(sample_keys): Add
samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc.
* tests/openpgp/privkeys/00FE67F28A52A8AA08FFAED20AF832DA916D1985.asc:
New file.
* tests/openpgp/privkeys/1DF48228FEFF3EC2481B106E0ACA8C465C662CC5.asc:
New file.
* tests/openpgp/privkeys/A2832820DC9F40751BDCD375BB0945BA33EC6B4C.asc:
New file.
* tests/openpgp/privkeys/ADE710D74409777B7729A7653373D820F67892E0.asc:
New file.
* tests/openpgp/privkeys/CEFC51AF91F68A2904FBFF62C4F075A4785B803F.asc:
New file.
* tests/openpgp/samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc:
New file.
* tests/openpgp/use-exact-key.test: New file.
* tests/openpgp/version.test: Install the new private keys.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Reported-by: Reported-by: Kristian Fiskerstrand
  <kristian.fiskerstrand@sumptuouscapital.com>
Fixes-commit: 10cca02
2015-12-03 00:00:54 +01:00
Justus Winter
69a8440f44 tools/gpgtar: Handle '--gpg-args'.
* tools/gpgtar-create.c (gpgtar_create): Use given arguments.
* tools/gpgtar-extract.c (gpgtar_extract): Likewise.
* tools/gpgtar-list.c (gpgtar_list): Likewise.
* tools/gpgtar.c (enum cmd_and_opt_values): New value.
(opts): Add 'gpg-args'.
(parse_arguments): Handle arguments.
* tools/gpgtar.h (opt): Add field 'gpg_arguments'.
* tests/openpgp/gpgtar.test: Simplify accordingly.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-26 15:36:52 +01:00
Justus Winter
2eb3248058 tools/gpgtar: Handle '--tar-args' for compatibility with gpg-zip.
* tools/gpgtar.c (enum cmd_and_opt_values): New value.
(opts): Add new group for tar options, rearrange a little, add
'--tar-args'.
(tar_opts): New variable.
(shell_parse_stringlist): New function.
(shell_parse_argv): Likewise.
(parse_arguments): Add option argument, handle '--tar-args'.
(main): Fix invokation of 'parse_arguments'.
* tests/openpgp/gpgtar.test: Simplify decryption.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-26 14:28:22 +01:00
Justus Winter
556e8c4426 tests: Add tests for gpgtar and gpg-zip.
* tests/openpgp/Makefile.am (TESTS): Add new file.
* tests/openpgp/gpgtar.test: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-25 18:38:45 +01:00
Neal H. Walfield
770c06ed4e gpg: If sqlite is not available, don't build things depending on it.
* configure.ac: Define the automake conditional SQLITE3.
* tests/openpgp/Makefile.am (TESTS): Move the sqlite3 dependent tests
to...
(sqlite3_dependent_tests): ... this new variable.  If SQLITE3 is not
defined, then clear this variable.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-11-23 12:42:31 +01:00
Neal H. Walfield
f77913e0ff g10: Add TOFU support.
* configure.ac: Check for sqlite3.
(SQLITE3_CFLAGS): AC_SUBST it.
(SQLITE3_LIBS): Likewise.
* g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS).
(gpg2_SOURCES): Add tofu.h and tofu.c.
(gpg2_LDADD): Add $(SQLITE3_LIBS).
* g10/tofu.c: New file.
* g10/tofu.h: New file.
* g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP.
(tofu_db_format): Define.
* g10/packet.h (PKT_signature): Add fields digest and digest_len.
* g10/gpg.c: Include "tofu.h".
(cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy,
oTOFUDBFormat.
(opts): Add them.
(parse_trust_model): Recognize the tofu and tofu+pgp trust models.
(parse_tofu_policy): New function.
(parse_tofu_db_format): New function.
(main): Initialize opt.tofu_default_policy and opt.tofu_db_format.
Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat.
* g10/mainproc.c (do_check_sig): If the signature is good, copy the
hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately.
* g10/trustdb.h (get_validity): Add arguments sig and may_ask.  Update
callers.
(tdb_get_validity_core): Add arguments sig and may_ask.  Update
callers.
* g10/trust.c (get_validity) Add arguments sig and may_ask.  Pass them
to tdb_get_validity_core.
* g10/trustdb.c: Include "tofu.h".
(trust_model_string): Handle TM_TOFU and TM_TOFU_PGP.
(tdb_get_validity_core): Add arguments sig and may_ask.  If
OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust
level.  Combine it with the computed PGP trust level, if appropriate.
* g10/keyedit.c: Include "tofu.h".
(show_key_with_all_names_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/keylist.c: Include "tofu.h".
(public_key_list): Also show the PGP stats if the trust model is
TM_TOFU_PGP.
(list_keyblock_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/pkclist.c: Include "tofu.h".
* g10/gpgv.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* g10/test-stubs.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* doc/DETAILS: Describe the TOFU Policy field.
* doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu,
--trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format.
* tests/openpgp/Makefile.am (TESTS): Add tofu.test.
(TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc,
tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt.
(CLEANFILES): Add tofu.db.
(clean-local): Add tofu.d.
* tests/openpgp/tofu.test: New file.
* tests/openpgp/tofu-2183839A-1.txt: New file.
* tests/openpgp/tofu-BC15C85A-1.txt: New file.
* tests/openpgp/tofu-EE37CF96-1.txt: New file.
* tests/openpgp/tofu-keys.asc: New file.
* tests/openpgp/tofu-keys-secret.asc: New file.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-18 18:45:40 +02:00
Werner Koch
4584125802
gpg: Try hard to use MDC also for sign+symenc.
* g10/encrypt.c (use_mdc): Make it a global func.
* g10/sign.c (sign_symencrypt_file): Use that function to decide
whether to use an MDC.
* tests/openpgp/conventional-mdc.test: Add a simple test case.
--

We used --force-mdc in sign+symenc mode (-cs) only with --force-mdc.
That broke our assumption from commit 625e292 (GnuPG 2.1.9) that all
uses of modern ciphers are using MDC.

Reported-by: Ben Kibbey <bjk@luxsci.net>
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-12 09:31:44 +02:00
Werner Koch
0bae2ff599
tests: Two new OpenPGP test keys from E2E.
--
2015-10-05 10:58:00 +02:00
Werner Koch
7a0c3cc760
tests: Silence the 5gb-packet test.
* tests/openpgp/4gb-packet.test: Send output to /dev/null.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-09-10 18:12:22 +02:00
Neal H. Walfield
09f2a7bca6 common: Don't incorrectly reject 4 GB - 1 sized packets.
* g10/parse-packet.c (parse): Don't reject 4 GB - 1 sized packets.
Add the constraint that the type must be 63.
* kbx/keybox-openpgp.c (next_packet): Likewise.
* tests/openpgp/4gb-packet.asc: New file.
* tests/openpgp/4gb-packet.test: New file.
* tests/openpgp/Makefile.am (TESTS): Add 4gb-packet.test.
(TEST_FILES): Add 4gb-packet.asc.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-21 14:21:13 +02:00
Werner Koch
5038276fc4
tests: More OpenPGP test keys
--
2015-05-16 12:20:02 +02:00
Werner Koch
9546aa3cc8 tests: Speed up the genkey1024.test by using not so strong random.
* agent/gpg-agent.c (oDebugQuickRandom): New.
(opts): New option --debug-quick-random.
(main): Use new option.
* common/asshelp.c (start_new_gpg_agent): Add hack to pass an
additional argument for the agent name.
* tests/openpgp/defs.inc: Pass --debug-quick-random to the gpg-agent
starting parameters.
* tests/openpgp/version.test: Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-30 09:55:51 +01:00
Werner Koch
8fd150b05b gpg: Remove all support for v3 keys and always create v4-signatures.
* g10/build-packet.c (do_key): Remove support for building v3 keys.
* g10/parse-packet.c (read_protected_v3_mpi): Remove.
(parse_key): Remove support for v3-keys.  Add dedicated warnings for
v3-key packets.
* g10/keyid.c (hash_public_key): Remove v3-key support.
(keyid_from_pk): Ditto.
(fingerprint_from_pk): Ditto.

* g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs.
* g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs,
oForceV4Certs, oNoForceV4Certs.
(opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs,
--no-force-v4-certs int dummy options.
(main): Remove setting of the force_v3_sigs force_v4_certs flags.
* g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs.
* g10/sign.c (hash_uid): Remove support for v3-signatures
(hash_sigversion_to_magic): Ditto.
(only_old_style): Remove this v3-key function.
(write_signature_packets): Remove support for creating v3-signatures.
(sign_file): Ditto.
(sign_symencrypt_file): Ditto.
(clearsign_file): Ditto.  Remove code to emit no Hash armor line if
only v3-keys are used.
(make_keysig_packet): Remove arg SIGVERSION and force using
v4-signatures.  Change all callers to not pass a value for this arg.
Remove all v3-key related code.
(update_keysig_packet): Remove v3-signature support.
* g10/keyedit.c (sign_uids): Always create v4-signatures.

* g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and
change caller.
--

v3 keys are deprecated for about 15 years and due the severe
weaknesses of MD5 it does not make any sense to keep code around to
use these old and broken keys.  Users who need to decrypt old messages
should use gpg 1.4 and best re-encrypt them to modern standards.
verification of old (i.e. PGP2) created signatures is thus also not
anymore possible but such signatures have no values anyway - MD5 is
just too broken.

We have also kept support for v3 signatures until now.  With the
removal of support for v3 keys it is questionable whether it makes any
sense to keep support for v3-signatures.  What we do now is to keep
support for verification of v3-signatures but we force the use of
v4-signatures.  The latter makes the --pgp6 and --pgp7 switch a bit
obsolete because those PGP versions require v3-signatures for
messages.  These versions of PGP are also really old and not anymore
maintained so they have not received any bug fixes and should not be
used anyway.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-17 13:32:16 +02:00
Werner Koch
fab89f159b gpg: Remove extra RSA import status line.
* g10/import.c (stats_s): Remove field "imported_rsa".
(import_print_stats): Do not print separate value for RSA.
(import_one): Remove the RSA counter.
--

RSA is the standard key format and thus there is no more need to have
a separate counter.  This is a remain from the RSA patent times.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-13 15:08:58 +02:00
Werner Koch
c60814a5ce gpg: Allow importing keys with duplicated long key ids.
* g10/keydb.c (keydb_handle): Add field no_caching.
(keyblock_cache): Repalce field kid by fpr.
(keydb_disable_caching): New.
(keydb_search): Use the fingerprint as cache index.

* g10/import.c (import_one): Use the fingerprint and not the kid to
lookup the key.  Call keydb_disable_caching beofre re-searching for
update.

* tests/openpgp/import.test: Add a test case.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-13 14:01:29 +02:00
Werner Koch
a256722537 tests: Add sample keys with colliding long keu ids.
--

Thanks to David Leon Gil <coruus@gmail.com> who posted these keys to
openpgp@ietf.org on Fri, 13 Dec 2013 07:09:54 -0800 (PST).
2014-10-13 13:57:00 +02:00
Werner Koch
2543f0ab9c tests: Speed up conventional encryption tests for gpg.
* tests/openpgp/conventional-mdc.test: Add an s2k-count option.
* tests/openpgp/conventional.test: Ditto.
--

Due to measuring the iteration count for the passphrase hashing, the
conventional encryption tests are running quite slow.  This patch
fixes it by using a fixed and lower value for the iteration count.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-13 11:45:34 +02:00
Werner Koch
ade531acac Some doc fixes and a fix for "make distcheck".
--
2014-10-03 13:02:23 +02:00
Werner Koch
83c2d2396c gpg: Use algorithm id 22 for EdDSA.
* common/openpgpdefs.h (PUBKEY_ALGO_EDDSA): Change to 22.
* g10/keygen.c (ask_curve): Reword the Curve25519 warning note.
--

In the hope that the IETF will eventually assign 22 for EdDSA using
the draft-koch-eddsa-for-openpgp-01 specs we start using this number.
2014-09-12 11:31:49 +02:00
Werner Koch
3259862cb4 tests: Re-enable OpenPGP ecc test.
--
2014-08-18 12:55:54 +02:00
Werner Koch
2b8d8369d5 gpg: Remove options --pgp2 and --rfc1991.
* g10/gpg.c (oRFC1991, oPGP2): Remove
(opts): Remove --pgp2 and --rfc1991.
* g10/options.h (CO_PGP2, CO_RFC1991): Remove.  Remove all users.
(RFC2440, PGP2): Remove.  Remove all code only enabled by these
conditions.
* tests/openpgp/clearsig.test: Remove --rfc1991 test.
--

The use of PGP 2.c is considered insecure for quite some time
now (e.g. due to the use of MD5).  Thus we remove all support for
_creating_ PGP 2 compatible messages.
2014-08-14 11:03:55 +02:00
Werner Koch
03018ef9ee gpg: Auto-create revocation certificates.
* configure.ac (GNUPG_OPENPGP_REVOC_DIR): New config define.
* g10/revoke.c (create_revocation): Add arg "leadin".
(gen_standard_revoke): New.
* g10/openfile.c (get_openpgp_revocdir): New.
(open_outfile): Add MODE value 3.
* g10/keyid.c (hexfingerprint): New.
* g10/keygen.c (do_generate_keypair): Call gen_standard_revoke.
--

GnuPG-bug-id: 1042
2014-06-30 16:40:55 +02:00
Werner Koch
8fee6c1ce6 gpg: Finish experimental support for Ed25519.
* agent/cvt-openpgp.c (try_do_unprotect_arg_s): Add field "curve".
(get_keygrip): Add and use arg CURVE.
(convert_secret_key): Ditto.
(convert_transfer_key): Ditto.
(get_npkey_nskey): New.
(prepare_unprotect): Replace gcrypt functions by
get_npkey_nskey.  Allow opaque MPIs.
(do_unprotect): Use CURVE instead of parameters.
(convert_from_openpgp_main): Ditto.
(convert_to_openpgp):  Simplify.
* g10/import.c (one_mpi_from_pkey): Remove.
(transfer_secret_keys): Rewrite to use the curve instead of the
parameters.
* g10/parse-packet.c (parse_key): Mark protected MPIs with USER1 flag.

* common/openpgp-oid.c (openpgp_curve_to_oid): Allow the use of
 "NIST P-256" et al.
* g10/keygen.c (ask_curve): Add arg ALGO.
(generate_keypair): Rewrite the ECC key logic.

* tests/openpgp/ecc.test: Provide the "ecc" passphrase.
2014-05-07 13:27:43 +02:00
Werner Koch
f90cfe6b66 gpg: Reject signatures made with MD5.
* g10/gpg.c: Add option --allow-weak-digest-algos.
(main): Set option also in PGP2 mode.
* g10/options.h (struct opt): Add flags.allow_weak_digest_algos.
* g10/sig-check.c (do_check): Reject MD5 signatures.
* tests/openpgp/defs.inc: Add allow_weak_digest_algos to gpg.conf.
2014-03-17 18:14:23 +01:00
Werner Koch
62fb86c658 gpg: Allow building without any trust model support.
* configure.ac: Add option --disable-trust-models
(NO_TRUST_MODELS): New ac_define and am_conditional.
* g10/Makefile.am (trust_source): New.
(gpg2_SOURCES): Factor some files out to above.  Add trust.c.
* g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust,
--import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb,
--list-trustdb, --trustdb-name, --auto-check-trustdb,
--no-auto-check-trustdb, and --force-ownertrust.
(parse_trust_model) [NO_TRUST_MODELS]: Do not build.
(main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all
trustdb related option code.
* g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust",
"enable", and "disable".
* g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print
"tru" record.

* g10/trust.c: New.
* g10/trustdb.c (struct key_item): Move to trustdb.h.
(register_trusted_keyid): Rename to tdb_register_trusted_keyid.
(register_trusted_key): Rename to tdb_register_trusted_key.
(trust_letter, uid_trust_string_fixed, trust_value_to_string)
(string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info)
(get_ownertrust_string, get_validity_info, get_validity_string)
(clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c.
(mark_usable_uid_certs): Move to trust.c and make global.
(is_in_klist): Move as inline to trustdb.h.
(trustdb_check_or_update): Rename to tdb_check_or_update
(revalidation_mark): Rename to tdb_revalidation_mark.
(get_ownertrust): Rename to tdb_get_ownertrust.
(get_min_ownertrust): Rename to tdb_get_min_ownertrust.
(update_ownertrust): Rename to tdb_update_ownertrust.
(clear_ownertrusts): Rename to tdb_clear_ownertrusts.
(cache_disabled_value): Rename to tdb_cache_disabled_value.
(check_trustdb_stale): Rename to tdb_check_trustdb_stale.
(get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and
factor some code out to ...
* trust.c (get_validity): ...new.
(check_or_update_trustdb): New wrapper.
(revalidation_mark): New wrapper.
(get_ownertrust): New wrapper.
(get_ownertrust_with_min): New wrapper.
(update_ownertrust): New wrapper.
(clear_ownertrusts): New wrapper.
(cache_disabled_value): New wrapper.
(check_trustdb_stale): New wrapper.

* tests/openpgp/defs.inc (opt_always): New.  Use in all tests instead
of --always-trust.
2014-02-10 17:46:40 +01:00
Werner Koch
ea7f895319 tests: Handle disabled algorithms.
* tests/openpgp/mds.test: Skip disabled algorithms.
* tests/openpgp/signencrypt-dsa.test: Ditto.
* tests/openpgp/sigs-dsa.test: Ditto.
2014-02-10 10:41:48 +01:00
Werner Koch
a0102a548d Fix minor compiler warnings.
--
2013-11-15 15:49:34 +01:00
Werner Koch
096e7457ec Change all quotes in strings and comments to the new GNU standard.
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems.  We now use two \x27 characters ('...').

The proper solution would be to use the correct Unicode symmetric
quotes here.  However this has the disadvantage that the system
requires Unicode support.  We don't want that today.  If Unicode is
available a generated po file can be used to output proper quotes.  A
simple sed script like the one used for en@quote is sufficient to
change them.

The changes have been done by applying

  sed -i "s/\`\([^'\`]*\)'/'\1'/g"

to most files and fixing obvious problems by hand.  The msgid strings in
the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
Werner Koch
f1e1387bee Do not mix test result with progress lines.
This makes parsing of the results easier.  Fixes bug#1400.

* tests/openpgp/defs.inc (progress_cancel, progress_end)
(progress_new): New.
* tests/openpgp/conventional-mdc.test: Use progress functions
* tests/openpgp/conventional.test: Ditto.
* tests/openpgp/encrypt-dsa.test: Ditto.
* tests/openpgp/encrypt.test: Ditto.
* tests/openpgp/sigs.test: Ditto.
--
The new output style is now:

      > MD5 SHA1 RIPEMD160 SHA256 SHA384 SHA512 SHA224 <
  PASS: sigs.test

or if the test fails:

      > MD5 SHA1
  sigs.test: ooops
  FAIL: sigs.test
2012-04-05 20:36:04 +02:00
Werner Koch
fe2f182699 Add the STEED Self-Signing Nonthority certificate.
* doc/com-certs.pem: Install it when creating a keybox.
2011-12-20 15:35:42 +01:00
Werner Koch
2336b09779 Generate the ChangeLog from commit logs.
* scripts/gitlog-to-changelog: New script.  Taken from gnulib.
* scripts/git-log-fix: New file.
* scripts/git-log-footer: New file.
* doc/HACKING: Describe the ChangeLog policy
* ChangeLog: New file.
* Makefile.am (EXTRA_DIST): Add new files.
(gen-ChangeLog): New.
(dist-hook): Run gen-ChangeLog.

Rename all ChangeLog files to ChangeLog-2011.
2011-12-01 11:09:02 +01:00
Jim Meyering
850f09b2e3 tests: avoid use of freed pointer
[spotted by coverity]

This is only in tests/, but easy to fix, so...
I've included extra context so you can see how var->value would
be used in the following atoi call.

>From cf9ae83fd2da8d7a289b048ef0feed4096f6d263 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Tue, 20 Sep 2011 16:32:59 +0200
Subject: [PATCH] avoid use of free'd pointer

* asschk.c (set_type_var): Set var->value to NULL after freeing it,
to avoid subsequent use of freed pointer.
2011-09-20 18:14:51 +02:00
Werner Koch
7d5ba080be Add ECC sign, verify, encrypt and decrypt tests 2011-02-11 09:59:16 +01:00
Werner Koch
cfbb5760d9 Remove debug code from regression test pinentry
Also updated de.po
2011-02-10 20:54:37 +01:00
Werner Koch
d290f2914a Add ECC import regression tests and fixed a regression.
The import test imports the keys as needed and because they are
passphrase protected we now need a pinentry script to convey the
passphrase to gpg-agent.
2011-02-10 20:45:37 +01:00
Werner Koch
b008274afd Nuked almost all trailing white space.
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces.  In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much.  For future commits the pre-commit scripts
checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Werner Koch
4659c923a0 Sample ECC keys and message do now work.
Import and export of secret keys does now work.  Encryption has been
fixed to be compatible with the sample messages.

This version tests for new Libgcrypt function and thus needs to be
build with a new Libgcrypt installed.
2011-02-02 15:48:54 +01:00
Werner Koch
d1bdc3f6ea Tweaks to make make distcheck work. 2010-10-15 09:16:39 +00:00
Werner Koch
23d0334d82 Remove debug options 2010-10-14 16:36:47 +00:00
Werner Koch
764e88d4df All tests work are again working 2010-10-14 16:34:31 +00:00
Werner Koch
fd19a84c80 Some tweaks to the agent startup. 2010-10-14 08:32:55 +00:00
Werner Koch
08f78839cf . 2010-07-23 12:19:35 +00:00
Werner Koch
c8eb7bd839 Change OpenPGP test framework to run under the control of the agent. 2010-06-07 15:11:35 +00:00
Werner Koch
bbe388b5db Add unfinished gpgtar.
Collected changes and ports of bug fixes from stable.
2010-06-07 13:33:02 +00:00
Werner Koch
f5551672fb Update tests. 2010-05-11 18:00:31 +00:00
Werner Koch
b9f2c0daaf Fix for bug 1223 2010-05-07 13:13:56 +00:00
Werner Koch
be45bf3d54 Add dummu option --passwd for gpg.
Collected changes.
2010-01-08 19:18:49 +00:00
Werner Koch
9b345f2a8a Replace C99 style vararg macro which was anyway not correct. 2009-10-13 09:11:47 +00:00
David Shaw
6f287d4e3f * defs.inc: Improved all_cipher_algos and all_hash_algos to work when
there are more than one line of algorithms.  From 1.4.
2009-06-05 13:54:08 +00:00
Werner Koch
82d26564dc Fix problem with incompatible gpg.conf files. 2009-04-19 16:34:21 +00:00
Werner Koch
cccda0c269 Arggg, forgot one other place. 2009-03-03 09:47:48 +00:00
Werner Koch
e240750936 fix for pkits. 2009-03-03 09:21:25 +00:00
Werner Koch
310f45b618 Fix bug 1001.
Documentation updates.
2009-02-19 16:19:16 +00:00
Werner Koch
38251aa74f Add a sample key.
Detect and show the card type.
2009-01-13 14:01:56 +00:00
Werner Koch
0a5f742466 Marked all unused args on non-W32 platforms. 2008-10-20 13:53:23 +00:00
Werner Koch
8381a43ca7 Add gpgsm server command GETINFO agent-check.
Fix tests.
2008-09-30 10:30:20 +00:00
Werner Koch
322e879e6a Add executable flag to test scripts. 2008-04-15 15:57:39 +00:00
Werner Koch
b2dd413cfa Last minute cleanups. 2008-03-26 09:38:42 +00:00
Werner Koch
c2a8254be7 Fix a bug in the ambigious name detection.
Minor cleanups.
2008-03-20 15:31:43 +00:00
Werner Koch
f5f14d6556 Add some tests. 2008-02-22 15:47:18 +00:00
Werner Koch
898a341f50 Fixed release creation. 2008-02-19 12:58:34 +00:00
Werner Koch
f13c5a48fc Improve certificate chain construction.
Extend PKITS framework
2008-02-19 10:33:35 +00:00
Werner Koch
a75c21ed8a We better save the description of PKITS along with the test data. 2008-02-18 14:31:46 +00:00
Werner Koch
c3b9005ec3 Typo fixes.
Portability fix for asschk.c
2008-01-26 22:12:23 +00:00
Werner Koch
a6549ca548 Preparing a release candidate. 2007-12-14 16:08:53 +00:00
Werner Koch
598a3d0ab4 [W32] Changed default socket for dirmngr.
[W32] Add some code for event notifications 
      between scdaemon and gpg-agent.
2007-11-27 08:01:19 +00:00
Werner Koch
cd2d9288aa Ported changes from 1.4.
Add copyright notices.
2007-10-25 09:06:21 +00:00
Werner Koch
503f91e0ae tryu harder to ignore duplicate specified keyrings and -boxes.
Documentation updates.
2007-08-24 09:34:39 +00:00
Werner Koch
93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
David Shaw
19df6dc9e3 * conventional.test, encrypt.test, encrypt-dsa.test,
conventional-mdc.test: Fix some broken tests that were only testing
3DES instead of all available ciphers.
2007-05-03 00:54:28 +00:00
Werner Koch
9491ab44c5 Ported multiple-messages protection. 2007-03-05 14:56:31 +00:00
Werner Koch
5885142c83 Made some PIN pads work.
Some cleanups for 64 bit CPUs.
2006-11-20 16:49:41 +00:00
Werner Koch
10d563da08 Collected fixes. 2006-11-05 15:08:58 +00:00
Werner Koch
3fafc72583 Fix for make distcheck 2006-10-04 17:42:14 +00:00
Werner Koch
4b48bcacc9 Fix for bug 537 2006-10-02 11:54:35 +00:00
Marcus Brinkmann
088c35b2ee 2006-09-06 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: New automake conditional RUN_GPG_TESTS.

tests/
2006-09-06  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (openpgp): New variable.
	(SUBDIRS): Conditionalize openpgp on RUN_GPG_TESTS.
2006-09-06 21:09:36 +00:00
Werner Koch
0ebd23fa76 Migrated more stuff to doc/
Migrated the gpg regression tests.
Some changes tp the gpg code to fix bugs and
for the use in testing. 
make distcheck works now with gpg enabled.
2006-08-21 20:20:23 +00:00
Werner Koch
b37c1ce1b9 Create bag attributes so that Mozilla will accept these files.
Tested with using a CAcert generated certificate.
2006-07-24 11:20:33 +00:00
Werner Koch
f98537733a Updated FSF's address. 2006-06-20 17:21:37 +00:00
Marcus Brinkmann
384cba431a 2006-06-08 Marcus Brinkmann <marcus@g10code.de>
* asschk.c (__func__) [__STDC_VERSION__ < 199901L && __GNUC__ >= 2]:
	Define macro to __FUNCTION__.
	(die): Use __func__ instead of __FUNCTION__.
2006-06-08 12:17:38 +00:00
Werner Koch
61756ae3a7 Added sample certificates. 2006-05-16 09:54:41 +00:00
Werner Koch
b794bb683f Repackaged PKITS_data.tar.bz2 2006-05-02 08:19:59 +00:00
Marcus Brinkmann
d7a1e30b30 2005-10-07 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (TESTS_ENVIRONMENT): Remove LD_LIBRARY_PATH hack.
	It's the responsibility of the person building the software to set
	it properly.
2005-10-07 13:09:20 +00:00
Werner Koch
3af261572b * gpg-agent.c (handle_connections): Need to check for events if
select returns with -1.

* tools.texi (gpg-connect-agent): New.

* app-openpgp.c (get_one_do): Never try to get a non cacheable
object from the cache.
(get_one_do): Add new arg to return an error code.  Changed all
callers.
(do_getattr): Let it return a proper error code.

* app.c (select_application): Return an error code and the
application context in an new arg.
* command.c (open_card): Adjusted for that.  Don't use the
fallback if no card is present.  Return an error if the card has
been removed without a reset.
(do_reset, cmd_serialno): Clear that error flag.
(TEST_CARD_REMOVAL): New. Use it with all command handlers.

* scdaemon.c (ticker_thread): Termintate if a shutdown is pending.

* apdu.c: Added some PCSC error codes.
(pcsc_error_to_sw): New.
(reset_pcsc_reader, pcsc_get_status, pcsc_send_apdu)
(open_pcsc_reader): Do proper error code mapping.

* gpg-connect-agent.c: New.
* Makefile.am: Add it.
2005-02-24 17:36:11 +00:00
Werner Koch
335b5e4ac4 Preparing a new release. Updated gettext 2004-09-30 14:34:34 +00:00
Werner Koch
53f7e372b9 tests/pkits: New directory 2004-08-17 15:32:56 +00:00
Werner Koch
066352a6a5 * import.c (check_and_store): Do a full validation if
--with-validation is set.

* certchain.c (gpgsm_basic_cert_check): Print more detailed error
messages.

* certcheck.c (do_encode_md): Partly support DSA.  Add new arg
PKALGO. Changed all callers to pass it.
(pk_algo_from_sexp): New.

tests/pkits: New directory
2004-08-17 15:26:22 +00:00
Werner Koch
c4663004d9 * Makefile.am: Reset GPG_AGENT_INFO here
* runtest: and not anymore here.
2004-02-20 13:46:35 +00:00
Werner Koch
d68674a77a More samples 2004-02-17 15:07:27 +00:00
Werner Koch
270576cf17 More stuff for testing 2004-02-12 09:30:37 +00:00
Repo Admin
7b6f1902d0 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2003-01-09 13:29:36 +00:00
Repo Admin
82a17c9fb3 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2002-10-19 07:55:27 +00:00
Neal Walfield
f27e05f3aa 2002-09-04 Neal H. Walfield <neal@g10code.de>
* Makefile.am (inittests.stamp): Do not set LD_LIBRARY_PATH, but
	rather prepend it.  Be more robust and prefer printf over echo -n.
2002-09-05 00:44:29 +00:00
Marcus Brinkmann
cfca45dcd5 2002-09-04 Marcus Brinkmann <marcus@g10code.de>
* asschk.c (start_server): Close the parent's file descriptors in
	the child.
	(read_assuan): Variable NREAD removed.  Cut off the received line
	currectly if more than one line was read.
2002-09-04 13:04:49 +00:00
Neal Walfield
836d63c0f5 2002-09-03 Neal H. Walfield <neal@cs.uml.edu>
* Makefile.am (inittests.stamp): Construct an LD_LIBRARY_PATH from
	LDFLAGS.
2002-09-04 03:16:09 +00:00
Werner Koch
dc4b9ab770 new test certs and messages 2002-09-03 14:54:18 +00:00
Werner Koch
beb0fef1ee Tweaked the build system so that make distcheck finanly said Well
Done.
2002-08-09 18:16:02 +00:00
Werner Koch
0e43a57953 Added distfiles kludge to distribute the content of the samplekeys directory. 2002-08-09 14:44:59 +00:00
Werner Koch
0b01b9cb62 * asschk.c: Added some new features.
* runtest, inittests: New.
* text-1.txt, text-2.txt, text-3.txt: New.
* text-1.osig.pem, text-1.dsig.pem, text-1.osig-bad.pem: New.
* text-2.osig.pem, text-2.osig-bad.pem: New.
* samplekeys : New directory
* sm-verify, sm-sign+verify: The first test scripts.
2002-08-08 16:32:01 +00:00
Werner Koch
c8b8326aae First test script. Still missing the environment setup. 2002-08-07 16:42:47 +00:00
Werner Koch
ce42e64a5a New Assuan testing tool. 2002-08-07 11:48:27 +00:00
Werner Koch
f2183cf081 released 0.3.5 2002-04-15 17:15:21 +00:00
Werner Koch
81a4a2527c yet another test certificate 2002-03-28 17:25:28 +00:00
Werner Koch
a09c4d0d12 A few test certificates 2002-01-29 15:46:55 +00:00
Werner Koch
f8c249a9d6 added test certificate and secret key 2001-12-06 20:19:52 +00:00
Werner Koch
a1b39ba850 Created configuration files 2001-10-31 11:47:04 +00:00