* tests/gpgscm/ffi.scm: Move the customized exception handling and
atexit logic...
* tests/gpgscm/init.scm: ... here.
(throw): Record the current history.
(throw'): New function that is history-aware.
(rethrow): New function.
(*error-hook*): Use the new throw'.
* tests/gpgscm/main.c (load): Fix error handling.
(main): Save and use the 'sc->retcode' as exit code.
* tests/gpgscm/repl.scm (repl): Print call history.
* tests/gpgscm/scheme.c (_Error_1): Make a snapshot of the history,
use it to provide a accurate location of the expression causing the
error at runtime, and hand the history trace to the '*error-hook*'.
(opexe_5): Tag all lists at parse time with the current location.
* tests/gpgscm/tests.scm: Update calls to 'throw', use 'rethrow'.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/init.scm (vm-history-print): New function.
* tests/gpgscm/opdefines.h: New opcodes 'CALLSTACK_POP', 'APPLY_CODE',
and 'VM_HISTORY'.
* tests/gpgscm/scheme-private.h (struct history): New definition.
(struct scheme): New field 'history'.
* tests/gpgscm/scheme.c (gc): Mark objects in the history.
(history_free): New function.
(history_init): Likewise.
(history_mark): Likewise.
(add_mod): New macro.
(sub_mod): Likewise.
(tailstack_clear): New function.
(callstack_pop): Likewise.
(callstack_push): Likewise.
(tailstack_push): Likewise.
(tailstack_flatten): Likewise.
(callstack_flatten): Likewise.
(history_flatten): Likewise.
(opexe_0): New variable 'callsite', keep track of the expression if it
is a call, implement the new opcodes, record function applications in
the history.
(opexe_6): Implement new opcode.
(scheme_init_custom_alloc): Initialize history.
(scheme_deinit): Free history.
* tests/gpgscm/scheme.h (USE_HISTORY): New macro.
--
This patch makes TinySCHEME keep a history of function calls. This
history can be used to produce helpful error messages. The history
data structure is inspired by MIT/GNU Scheme.
Signed-off-by: Justus Winter <justus@g10code.com>
fu history
* tests/gpgscm/scheme.c (S_FLAG_TAIL_CONTEXT): New macro. This flag
indicates that the interpreter is evaluating an expression in a tail
context (see R5RS, section 3.5).
(opexe_0): Clear and set the flag according to the rules layed out in
R5RS, section 3.5.
(opexe_1): Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme-private.h (struct scheme): Add field 'flags'.
* tests/gpgscm/scheme.c (S_OP_MASK): New macro.
(S_FLAG_MASK, s_set_flag, s_clear_flag, s_get_flag): Likewise.
(_s_return): Unpack the encoded opcode and flags.
(s_save): Encode the flags along with the opcode. Use normal
integers to encode the result.
(scheme_init_custom_alloc): Initialize 'op' and 'flags'.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/opdefines.h: Add opcodes to create and retrieve tags.
* tests/gpgscm/scheme.c (T_TAGGED): New macro.
(mk_tagged_value): New function.
(has_tag): Likewise.
(get_tag): Likewise.
(mark): Mark tag.
(opexe_4): Implement new opcodes.
* tests/gpgscm/scheme.h (USE_TAGS): New macro.
--
Tags are similar to property lists, but property lists can only be
attached to symbols. Tags can not be attached to an existing object,
but a tagged copy can be created. Once done, the tag can be
manipulated in constant time.
Using this during parsing will enable us to produce meaningful error
messages.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/quick-key-manipulation.scm: Do not update the trust
database, rather be more specific when filtering the user ids.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/tofu-2183839A-1.txt: Remove file.
* tests/openpgp/tofu-BC15C85A-1.txt: Remove file.
* tests/openpgp/tofu-EE37CF96-1.txt: Remove file.
* tests/openpgp/tofu-keys-secret.asc: Remove file.
* tests/openpgp/tofu-keys.asc: Remove file.
* tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F.gpg: New file.
* tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file.
* tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file.
* tests/openpgp/tofu/conflicting/README: New file.
* tests/openpgp/tofu.scm: Update accordingly.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
There are two motivations for this change. First, we decided that
test data should live in a subdirectory rather than in tests/openpgp.
Second, secret key material is password protected, and I don't
remember the password that I used. (The new data is not password
protected.) I have also added some new examples of signed messages.
* tests/openpgp/Makefile.am (sample_msgs): Add messages required for
the new test 'verify-multifile.scm'.
Fixes-commit: 12af8e84a32df728462da09a00a8bec24a487720
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/trustdb.c (tdb_utks): New function.
* g10/tofu.c (check_utks): New function.
(initdb): Call it.
* tests/openpgp/tofu.scm: Modify test to check the effective policy of
keys whose effective policy changes when we change the set of UTKs.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
If the set of ultimately trusted keys changes, then it is possible
that a binding's effective policy changes. To deal with this, we
detect when the set of ultimately trusted keys changes and invalidate
all cached policies.
* tests/gpgscm/opdefines.h (put, get): Check arguments. Also rename
to 'set-symbol-property' and 'symbol-property', the names used by
Guile, because put and get are too unspecific.
* tests/gpgscm/scheme.c (hasprop): Only symbols have property lists.
(get_property): New function.
(set_property): Likewise.
(opexe_4): Use the new functions.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme-private.h (struct scheme): New fields for the
static integer cells.
* tests/gpgscm/scheme.c (_alloc_cellseg): New function.
(alloc_cellseg): Use the new function.
(MAX_SMALL_INTEGER): New macro.
(initialize_small_integers): New function.
(mk_small_integer): Likewise.
(mk_integer): Return a small integer if possible.
(_s_return): Do not free 'op' if it is a small integer.
(s_save): Use a small integer to box the opcode.
(scheme_init_custom_alloc): Initialize small integers.
(scheme_deinit): Free chunk of small integers.
* tests/gpgscm/scheme.h (USE_SMALL_INTEGERS): New macro.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/tofu.c (initdb): Add column effective_policy to the bindings
table.
(record_binding): New parameters effective_policy and set_conflict.
Save the effective policy. If SET_CONFLICT is set, then set conflict
according to CONFLICT. Otherwise, preserve the current value of
conflict. Update callers.
(get_trust): Don't compute the effective policy here...
(get_policy): ... do it here, if it was not cached. Take new
parameters, PK, the public key, and NOW, the time that the operation
started. Update callers.
(show_statistics): New parameter PK. Pass it to get_policy. Update
callers.
(tofu_notice_key_changed): New function.
* g10/gpgv.c (tofu_notice_key_changed): New stub.
* g10/import.c (import_revoke_cert): Take additional argument CTRL.
Pass it to keydb_update_keyblock.
* g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL.
Update callers.
[USE_TOFU]: Call tofu_notice_key_changed.
* g10/test-stubs.c (tofu_notice_key_changed): New stub.
* tests/openpgp/tofu.scm: Assume that manually setting a binding's
policy to auto does not cause the tofu engine to forget about any
conflict.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
We now store the computed policy in the tofu DB (in the
effective_policy column of the bindings table) to avoid computing it
every time, which is expensive. Further, policy is never overridden
in case of a conflict. Instead, we detect a conflict if CONFLICT is
not empty.
This change is backwards compatible to existing DBs. The only minor
incompatibility is that unresolved conflicts won't be automatically
resolved in case we import a direct signature, or cross signatures.
* tests/gpgscm/scheme.c (T_FINALIZE): New macro.
(mk_port): Use the new macro.
(mk_foreign_object): Likewise.
(mk_counted_string): Likewise.
(mk_empty_string): Likewise.
(gc): Only call 'finalize_cell' for cells with the new flag.
--
This speeds up the sweep phase of the garbage collector considerably
because most cells do not require finalization.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme-private.h (struct scheme): New fields
'inhibit_gc', 'reserved_cells', and 'reserved_lineno'.
* tests/gpgscm/scheme.c (GC_ENABLED): New macro.
(USE_GC_LOCKING): Likewise.
(gc_reservations): Likewise.
(gc_reservation_failure): New function.
(_gc_disable): Likewise.
(gc_disable): New macro.
(gc_enable): Likewise.
(gc_enabled): Likewise.
(gc_consume): Likewise.
(get_cell_x): Consume reserved cell if garbage collection is disabled.
(_get_cell): Assert that gc is enabled.
(get_cell): Only record cell in the list of recently allocated cells
if gc is enabled.
(get_vector_object): Likewise.
(gc): Assert that gc is enabled.
(s_return): Add comment, adjust call to '_s_return'.
(s_return_enable_gc): New macro.
(_s_return): Add flag 'enable_gc' and re-enable gc if set.
(oblist_add_by_name): Use the new facilities to protect the
allocations.
(new_frame_in_env): Likewise.
(new_slot_spec_in_env): Likewise.
(s_save): Likewise.
(opexe_0): Likewise.
(opexe_1): Likewise.
(opexe_2): Likewise.
(opexe_5): Likewise.
(opexe_6): Likewise.
(scheme_init_custom_alloc): Initialize the new fields.
--
Every time a cell is allocated, the interpreter may run out of free
cells and do a garbage collection. This is problematic because it
might garbage collect objects that have been allocated, but are not
yet made available to the interpreter.
Previously, we would plug such newly allocated cells into the list of
newly allocated objects rooted at car(sc->sink), but that requires
allocating yet another cell increasing pressure on the memory
management system.
A faster alternative is to preallocate the cells needed for an
operation and make sure the garbage collection is not run until all
allocated objects are plugged in. This can be done with gc_disable
and gc_enable.
This optimization can be applied incrementally. This commit picks all
low-hanging fruits.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme.c (free_cell): New function.
(free_cons): Likewise.
(_s_return): Use the new function to recover cells used to save the
state of the interpreter in 's_save'. This reduces the need to do a
garbage collection considerably.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme.c (s_thread_to): New macro.
(CASE): Likewise.
(opexe_[0-6]): Use 'CASE' instead of 'case' statements, replace
's_goto' with 's_thread_to' where applicable.
--
This is a straight-forward optimization that replaces 's_goto' in
certain cases. Instead of returning to the calling function, and
dispatching the next opcode, we can jump to the opcode handler.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/defs.scm (setup-legacy-environment): Do not call
'setup-environment' because that will start the agent, and hence
register the atexit function twice.
Fixes: a55393cb5f4b331cb3a715c7d9a8b91f7606f337
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/run-tests.scm (test): Add field 'logfd'.
(test::new, test::set-*): Adapt accordingly.
(test::set-logfd): New function.
(test::open-log-file): Likewise.
(test::run-sync): Use the new function.
(test::run-async): Likewise.
(test::report): Replay the log.
(run-tests-parallel): Reverse the results to restore the original
order.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi.c (do_seek): New function.
(ffi_init): Expose 'seek' and 'SEEK_{SET,CUR,END}'.
* tests/gpgscm/lib.scm: Document the new function.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/run-tests.scm (run-tests-parallel): Catch errors when
removing the working directory. On Windows this can fail if there is
still a process using one of the files there.
(run-tests-sequential): Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/tests.scm (log): New function.
* tests/openpgp/run-tests.scm (run-tests-parallel): Do not run the
startup and teardown scripts.
(run-tests-sequential): Likewise.
* tests/openpgp/setup.scm: Move all functions...
* tests/openpgp/defs.scm: ... here and make them less verbose.
(setup-environment): New function.
(setup-legacy-environment): Likewise.
(start-agent): Make less verbose, run 'stop-agent' at interpreter
exit.
(stop-agent): Make less verbose.
* tests/openpgp/finish.scm: Drop file.
* tests/openpgp/Makefile.am (EXTRA_DIST): Drop removed file.
* tests/openpgp/4gb-packet.scm: Use 'setup-environment' or
'setup-legacy-environment' as appropriate.
* tests/openpgp/armdetach.scm: Likewise.
* tests/openpgp/armdetachm.scm: Likewise.
* tests/openpgp/armencrypt.scm: Likewise.
* tests/openpgp/armencryptp.scm: Likewise.
* tests/openpgp/armor.scm: Likewise.
* tests/openpgp/armsignencrypt.scm: Likewise.
* tests/openpgp/armsigs.scm: Likewise.
* tests/openpgp/clearsig.scm: Likewise.
* tests/openpgp/conventional-mdc.scm: Likewise.
* tests/openpgp/conventional.scm: Likewise.
* tests/openpgp/decrypt-dsa.scm: Likewise.
* tests/openpgp/decrypt.scm: Likewise.
* tests/openpgp/default-key.scm: Likewise.
* tests/openpgp/detach.scm: Likewise.
* tests/openpgp/detachm.scm: Likewise.
* tests/openpgp/ecc.scm: Likewise.
* tests/openpgp/encrypt-dsa.scm: Likewise.
* tests/openpgp/encrypt.scm: Likewise.
* tests/openpgp/encryptp.scm: Likewise.
* tests/openpgp/export.scm: Likewise.
* tests/openpgp/finish.scm: Likewise.
* tests/openpgp/genkey1024.scm: Likewise.
* tests/openpgp/gpgtar.scm: Likewise.
* tests/openpgp/gpgv-forged-keyring.scm: Likewise.
* tests/openpgp/import.scm: Likewise.
* tests/openpgp/issue2015.scm: Likewise.
* tests/openpgp/issue2417.scm: Likewise.
* tests/openpgp/issue2419.scm: Likewise.
* tests/openpgp/key-selection.scm: Likewise.
* tests/openpgp/mds.scm: Likewise.
* tests/openpgp/multisig.scm: Likewise.
* tests/openpgp/quick-key-manipulation.scm: Likewise.
* tests/openpgp/seat.scm: Likewise.
* tests/openpgp/shell.scm: Likewise.
* tests/openpgp/signencrypt-dsa.scm: Likewise.
* tests/openpgp/signencrypt.scm: Likewise.
* tests/openpgp/sigs-dsa.scm: Likewise.
* tests/openpgp/sigs.scm: Likewise.
* tests/openpgp/ssh.scm: Likewise.
* tests/openpgp/tofu.scm: Likewise.
* tests/openpgp/use-exact-key.scm: Likewise.
* tests/openpgp/verify.scm: Likewise.
* tests/openpgp/version.scm: Likewise.
* tests/openpgp/issue2346.scm: Likewise and simplify.
--
The previous Bourne Shell-based test suite created the environment
before running all tests, and tore it down after executing them. When
we created the Scheme-based test suite, we kept this design at first,
but introduced a way to run each test in its own environment to
prevent tests from interfering with each other. Nevertheless, every
test started out with the same environment.
Move the creation of the test environment into each test. This gives
us finer control over the environment each test is run in. It also
makes it possible to run each test by simply executing it using gpgscm
without the use of the runner. Furthermore, it has the neat
side-effect of speeding up the test suite if run in parallel.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme.c (atom2str): Fix computing the length of Scheme
strings. Scheme strings can contain zero bytes.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi.scm (throw): Run *run-atexit-handlers* when
terminating the interpreter.
(*atexit-handlers*): New variable.
(*run-atexit-handlers*): New function.
(atexit): Likewise.
* tests/gpgscm/main.c (main): Run *run-atexit-handlers* at normal
interpreter shutdown.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/getkey.c (struct pubkey_cmp_cookie): New type.
(key_is_ok, uid_is_ok, subkey_is_ok): New functions.
(pubkey_cmp): Likewise.
(get_best_pubkey_byname): Likewise.
* g10/keydb.h (get_best_pubkey_byname): New prototype.
* g10/keylist.c (locate_one): Use the new function.
* g10/pkclist.c (find_and_check_key): Likewise.
* tests/openpgp/Makefile.am (XTESTS): Add new test.
(TEST_FILES): Add new files.
* tests/openpgp/key-selection.scm: New file.
* tests/openpgp/key-selection/0.asc: Likewise.
* tests/openpgp/key-selection/1.asc: Likewise.
* tests/openpgp/key-selection/2.asc: Likewise.
* tests/openpgp/key-selection/3.asc: Likewise.
* tests/openpgp/key-selection/4.asc: Likewise.
--
When a name resembling a mail address is given to either --locate-keys
or --recipient, rank the search results and use only the most relevant
key.
This also lets us query which key will be used for encryption using
--locate-keys. However, note that --locate-keys may also return keys
incapable of encryption, though it will prefer keys that have an
encryption subkey.
GnuPG-bug-id: 2359
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi.c: Define magic macro to prevent the completion
function from redefined.
GnuPG-bug-id: 2824
Signed-off-by: Justus Winter <justus@g10code.com>
There were several different variant spellings of "passphrase". This
should fix them all for all English text.
I did notice that po/it.po contains multiple instances of
"passhprase", which also looks suspect to me, but i do not know
Italian, so i did not try to correct it.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* tests/openpgp/fake-pinentry.c: Make all functions static.
(get_passphrase): s/unlink/remove/ because that is standard C.
(spacep): Rename to whitespace and change all callers.
(main): Move macro out of if-then chain.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/call-pinentry.c (start_pinentry): Also send the user data
using an Assuan 'OPTION' command.
* tests/openpgp/fake-pinentry.c (get_passphrase): Fix updating
passphrase file.
(spacep): Include newline characters.
(rstrip): New function.
(main): Handle Windows line endings. Handle the userdata option, and
restart with the new options.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/quick-key-manipulation.scm: Avoid creating a temporary
home directory, just make the uids unique.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/sysutils.c (gnupg_setenv): Also update the environment block
maintained by the C runtime.
(gnupg_unsetenv): Likewise.
* tests/gpgscm/ffi.c (do_setenv): Fix error handling.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/defs.scm (start-agent): Move function here and create
the socket directory prior to starting the agent.
(stop-agent): Move function here and remove the socket directory.
* tests/openpgp/finish.scm: Adapt.
* tests/openpgp/setup.scm: Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/tofu.c (signed_by_utk): When checking if a key is signed by an
ultimately trusted key, only consider the signatures on the specified
user id.
* tests/openpgp/tofu.scm: Add test for the above.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* tests/openpgp/Makefile.am (TEST_FILES): Add new test data.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 4c0389f8eb19ae7dfd9c5d784a629b386d93cc5c
* g10/tofu.c (cross_sigs): When checking cross signatures, only
consider the signatures on the specified user id.
* tests/openpgp/tofu.scm: Add test for the above.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg:
New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file.
* tests/openpgp/tofu/cross-sigs/
1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file.
* tests/openpgp/tofu/cross-sigs/
DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file.
* tests/openpgp/tofu/cross-sigs/README: New file.
--
Signed-off-by: Neal H. Walfield
* tests/openpgp/setup.scm: Import one keyring at a time. This works
around a yet to be investigated hang on Windows. It is also much
prettier.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/t-child.c: Print large amounts of data.
* tests/gpgscm/t-child.scm: Test that this works.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi.c (ffi_init): New Scheme variable '*win32*'.
* tests/gpgscm/tests.scm (canonical-path): Correctly handle paths with
drive letter on Windows. Use 'path-join'.
(path-expand): Use 'path-join'.
Signed-off-by: Justus Winter <justus@g10code.com>
* configure.ac (run_tests, RUN_TESTS, RUN_GPG_TESTS): Remove
variables. They are misleadingly named, as they inhibit building the
tests. There is no reason not to build the tests even when
cross-compiling, as they are only run if one does 'make check'.
* Makefile: Adapt accordingly.
* tests/Makefile.am: Adapt accordingly. Avoid building 'asschk' on
Windows as it uses non-portable functions.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi.c (do_glob): Remove function.
(ffi_init): Likewise.
--
'glob' is not available on mingw, and portability is the whole point
of gpgscm.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/keyedit.c (keyedit_quick_adduid): Call merge_keys_and_selfsig on
KEYBLOCK before adding the user id.
* tests/openpgp/quick-key-manipulation.scm: Make sure that the key
capabilities don't change when adding a user id.
(key-data): New function.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2697
* tests/openpgp/README: Add documentation about debugging and
interfacing with GnuPG.
* tests/openpgp/run-tests.scm (test::run-sync): Hand stdin to the
child so that we can use a repl in the tests.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/conventional-mdc.scm: Use only two plaintexts when
iterating over all cipher algorithms.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/repl.scm (repl): Add an argument 'environment'.
(interactive-repl): Add an optional argument 'environment'.
--
With this change, we can drop
(interactive-repl (current-environment))
anywhere into the code and do some interactive debugging.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi.c (ffi_init): Rename 'exit' to '_exit'.
* tests/gpgscm/ffi.scm (*interpreter-exit*): New variable.
(throw): New function.
(exit): New function.
--
This allows a proper cleanup of resources.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/init.scm (catch): Bind all arguments to '*error*' in
the error handler, update and fix comment.
(*error-hook*): Revert to original definition.
* tests/gpgscm/tests.scm (tr:do): Adapt accordingly.
* tests/openpgp/issue2419.scm: Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi.c (do_get_isotime): New function.
(ffi_init): Add parameter 'scriptname', bind new function and
scriptname.
* tests/gpgscm/ffi.h (ffi_init): Update prototype.
* tests/gpgscm/main.c (main): Hand in the script name.
* tests/gpgscm/tests.scm (mkdtemp): Use current time and script name
for the names of temporary directories.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/fake-pinentries/COPYING: Rename to ...
* COPYING.CC0: this. Add a note on the scope of this license.
* COPYING.LIB: Add a note on the scope of this license.
* AUTHORS (License): Mention CC) license.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/fake-pinentries/README.txt and
tests/fake-pinentries/fake-pinentry.{sh,py,pl,php}}: New public
domain (CC0) files to encourage better test suite practices from
downstream developers.
* tests/fake-pinentries/COPYING (new): a copy of
https://creativecommons.org/publicdomain/zero/1.0/legalcode.txt
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* tests/gpgscm/scheme-private.h (struct scheme): Use (void *) for
alloc_seg.
* tests/gpgscm/scheme.c (alloc_cellseg): Use (void *) for cp. Use
(void *) for coercion of address calculation.
--
In old C language, (char *) means an address. In modern C, it's
specifically an address with alignment=1. It's good to use (void *) for
an address, because newer compiler emits warnings. Note: in this
particular case, it is just a warning and the code is safe against
invalid alignment, though.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tests/openpgp/run-tests.scm (test::run-sync): Pass additional
arguments to the test.
(test::run-sync-quiet): Likewise.
(test::run-async): Likewise.
(run-tests-{parallel,sequential}-isolated): Create a tarball of the
gnupghome, then extract it for each test.
* tests/openpgp/setup.scm: Refactor into functions, add an interface
to tar-up the created environment, and untar it multiple times.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/pkglue.c (pk_verify): Fix Ed25519 signatrue values.
* tests/openpgp/verify.scm (msg_ed25519_rshort): New
(msg_ed25519_sshort): New.
("Checking that a valid Ed25519 signature is verified as such"): New.
--
About one out of 256 signature won't verify due to stripped zero
bytes. See the source comment for details.
Reported-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (oWithTofuInfo): New.
(opts): Add --with-tofu-info.
(main): Set opt.with_tofu_info.
* g10/options.h (struct opt): Add field WITH_TOFU_INFO.
* g10/tofu.c (show_statistics): Add optional arg OUTFP and enter
special mode if not NULL. Change all callers.
(tofu_write_tfs_record): New.
* g10/keylist.c (list_keyblock_colon): Do not print the tofu policy as
part of the "uid" record. Print a new "tfs" record if the new option
is set.
* tests/openpgp/tofu.scm (getpolicy): Change from UID to TFS record.
--
A separate option is required to avoid slowing down key listings.
Foer example the current code takes for a keylisting in tofu+pgp mode
17 seconds while it takes more than 5 minutes if the option is used.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c
* dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c
* g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c
* tests/gpgscm/main.c, tools/gpg-check-pattern.c
* tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c
* tools/symcryptrun.c: Invoke log_set_prefix() with
human-readable labels.
--
Some invocations of log_set_prefix() were done with raw numeric values
instead of values that humans can understand. Use symbolic
representations instead of numeric for better readability.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* g10/options.h (struct opt): Remove field tofu_db_format.
* g10/gpg.h (server_control_s): Add fields tofu.batch_update_ref and
tofu.batch_update_started.
* g10/gpg.c (parse_tofu_db_format): Remove.
(main): Make option --tofu-db-format obsolete.
* g10/tofu.c: Major rework. Remove the pretty complicated and slower
split format and with that all the caching. Use the dbs struct
directly. Move global vars for batch update into CTRL. Change
calling conventions of some function to take CTRL or DBS pointers
instead of the former low-level database pointer.
--
The split database format might have been nice for use with Unison but
it bypasses the concept of a relational database by doing parts of
this itself and also risking deadlocks. Working with the Tofu
database for debugging or experiments is also not possible with parts
of the database logic implemented in gpg.
The Tofu support is quite new and we can assume that it is not in real
use now. Thus we better remove that now so that we do not need to
maintain it for all future.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/tdbio.c (tdbio_set_dbname): This function explicitly checks for
the file size, but handled the case of a zero-sized file incorrectly
by returning success. Fix this by initializing the database in that
case.
* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/issue2417.scm: New file.
GnuPG-bug-id: 2417
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/Makefile.am (EXTRA_DIST): Explicitly add setup and
teardown scripts now that they no longer are included in the list of
tests.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi.c (ffi_init): Rename 'mkdtemp'.
* tests/gpgscm/tests.scm (mkdtemp): New function that uses a sensible
location and template if no arguments are given.
(with-temporary-working-directory): Simplify accordingly.
(make-temporary-file): Likewise.
* tests/openpgp/run-tests.scm (run-tests-parallel-isolated): Likewise.
(run-tests-sequential-isolated): Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/Makefile.am (TESTS_ENVIRONMENT): Drop obsolete
variables, add 'srcdir', use absolute paths.
(TESTS): Rename to 'XTESTS' to avoid emitting the automake test
runner. Drop 'setup.scm' and 'finish.scm'.
(xcheck): New target that runs 'run-tests.scm', our Scheme test suite
runner. It will run each test in a clean environment, isolated from
the other tests.
(EXTRA_DIST): Adapt accordingly.
* tests/openpgp/README: Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
Previously, iobuf_peek on a file smaller than 'buflen' would hang.
* common/iobuf.c (underflow): Generalize by adding a target parameter.
(iobuf_peek): Use this to prevent looping here.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/setup.scm (dearmor): Move function...
* tests/openpgp/defs.scm (dearmor): ... here.
* tests/openpgp/issue2419.scm: New file.
* tests/openpgp/samplemsgs/issue2419.asc: Likewise.
GnuPG-bug-id: 2419
Signed-off-by: Justus Winter <justus@g10code.com>
'transfer_secret_keys' collects statistics on a subkey-basis, while
the other code does not. This leads to inflated numbers when
importing secret keys. E.g. 'count' is incremented by the main
parsing loop in 'import', and again in 'transfer_secret_keys', leading
to a total of 3 if one key with two secret subkeys is imported.
* g10/import.c (import_secret_one): Adjust to the fact that
'transfer_secret_keys' collects subkey statistics.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/issue2346.scm: New file.
* tests/openpgp/samplekeys/issue2346.gpg: Likewise.
GnuPG-bug-id: 2346
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme.c (opexe_0): Include names of missing function
parameters in the error message.
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/command-ssh.c (ssh_identity_register): Add a key to sshcontrol
even if it is already in the private key store.
* tests/openpgp/ssh.scm: Test this.
GnuPG-bug-id: 2316
Signed-off-by: Justus Winter <justus@g10code.com>
CACHE_MODE_ANY is supposed to match any cache mode except
CACHE_MODE_IGNORE, but the code used '==' to compare cache modes.
* agent/cache.c (cache_mode_equal): New function.
(agent_set_cache): Use the new function to compare cache modes.
(agent_get_cache): Likewise.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/issue2015.scm: New file.
GnuPG-bug-id: 2015
Signed-off-by: Justus Winter <justus@g10code.com>
We use gpgtar to unpack test data, hence we always build it. If the
user opts out, we simply don't install it.
* configure.ac: Add comment.
* tests/migrations/Makefile.am (required_pgms): Make sure gpgtar is
built.
* tools/Makefile.am: Always build gpgtar, but do not install it if the
user used '--disable-gpgtar'.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/migrations/extended-pkf.scm: Skip test if gpgtar is not built.
* tests/migrations/from-classic.scm: Likewise.
* tests/openpgp/gpgtar.scm: Fix check for gpgtar.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/tests.scm (call-check): Capture stdout and stderr, and
return stdout if the child exited successfully, or include stderr in
the error.
* tests/openpgp/version.scm: Demonstrate this by checking the stdout.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New.
(opts): Add options --recipient-file and --hidden-recipient-file.
(main): Implement them. Also remove duplicate code from similar
options.
* g10/keydb.h (PK_LIST_FROM_FILE): New.
(PK_LIST_SHIFT): Bump up.
* g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE.
(find_and_check_key): Add and implement arg FROM_FILE.
(build_pk_list): Pass new value for new arg.
* g10/getkey.c (get_pubkey_fromfile): New.
* g10/gpgv.c (read_key_from_file): New stub.
* g10/test-stubs.c (read_key_from_file): New stub.
* g10/server.c (cmd_recipient): Add flag --file.
* g10/import.c (read_key_from_file): New.
* tests/openpgp/defs.scm (key-file1): New.
(key-file2): New.
* tests/openpgp/setup.scm: Add their private keys and import the
key-file1.
* tests/openpgp/encrypt.scm: Add new test.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
This fixes problems with long socket names, e.g. when doing distcheck.
* tests/gpgscm/tests.scm (path-join): New function.
(with-temporary-working-directory): Honor 'TMP'.
(make-temporary-file): Likewise.
* tests/migrations/Makefile.am (TMP): Default to '/tmp'.
(TESTS_ENVIRONMENT): Set 'TMP'.
* tests/openpgp/Makefile.am (TMP): Default to '/tmp'.
(TESTS_ENVIRONMENT): Set 'TMP'.
Signed-off-by: Justus Winter <justus@g10code.com>
* tools/gpgtar.c (cmd_and_opt_values): New values.
(opts): New actions.
(parse_arguments): Handle new actions.
* tests/openpgp/gpgtar.scm: Test new interface.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/revoke.c (get_default_uid_revocation_reason): New.
* g10/keyedit.c (menu_revuid): Break out creation of uid revocation
into new function core_revuid.
* g10/keyedit.c (keyedit_quick_revuid): New. Selects key and
uid, invokes core_revuid.
* g10/gpg.c (main): Handle --quick-revuid argument.
* doc/gpg.texi: Document --quick-revuid.
--
This functionality is a counterpart to --quick-adduid, and will be
useful for projects that depend programmatically on gpg to revoke user
IDs (one such example is "monkeysphere-host revoke-servicename").
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- Minor re-indentation work.
- Changed a "0 == memcmp" to "!memcmp"
- Removed tests/openpgp/quick-key-manipulation.test from the
Makefile. This test needs to be converted to gpgscm.
- Removed example from whats-new-in-2.1.txt because that is generated.
Signed-off-by: Werner Koch <wk@gnupg.org>
The keys in the tofu test are set to expire on 2016-09-17. Fake the
system time for this test.
This commit includes changes to the old test as well, for those who
need to backport it.
* tests/openpgp/gpg-agent.conf.tmpl: Drop trailing newlines.
* tests/openpgp/tofu.scm: Fake system time.
* tests/openpgp/tofu.test: Likewise.
GnuPG-bug-id: 2393
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme.c (enum scheme_types): Add types for boolean,
nil, eof, and the sink object.
(type_to_string): Handle new types.
(scheme_init_custom_alloc): Give special objects a type.
Signed-off-by: Justus Winter <justus@g10code.com>
This potentially causes a crash if the garbage collector marks an eof
object.
* tests/gpgscm/scheme.c (scheme_init_custom_alloc): Initialize
'EOF_OBJ'.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/lib.scm (echo): Move...
* tests/gpgscm/tests.scm (echo): ... here.
(info, error, skip): And use echo here.
(file-exists?): New function.
(tr:spawn): Check that source exists and if the sink has been created.
(tr:call-with-content): Hand in optional arguments.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi-private.h: Handle character arguments.
* tests/gpgscm/ffi.c (do_string_index): New function.
(do_string_rindex): Likewise.
(do_string_contains): Likewise.
(ffi_init): Define new functions.
* tests/gpgscm/ffi.scm (ffi-define): New macro.
* tests/gpgscm/lib.scm (string-index): Use native function,
demonstrate behavior.
(string-rindex): Likewise.
(string-contains?): Likewise.
Demonstrate behavior of various other functions.
(read-all): Rework so that it can handle large files.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme.c (type_to_string): New function.
(Eval_Cycle): Include actual type in error message.
Signed-off-by: Justus Winter <justus@g10code.com>
* Makefile.am (tests): Remove test code which would led to doubling
calls to for e.g. "make distclean".
* tests/Makefile.am: Typo fixes.
* tests/gpgscm/Makefile.am (EXTRA_DIST): Fix name of License file.
Add repl.scm.
(check): Replace by check-local because check is a standard automake
target.
* tests/openpgp/Makefile.am (TESTS_ENVIRONMENT): Replace gmake0sim by
automake generated macro.
(EXTRA_DIST): Add defs.scm
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/gpgscm/scheme.c (mk_integer): Rename arg NUM to N.
(fill_vector): Ditto.
(mark): Rename var NUM to N.
(set_slot_in_env): Mark SC as unused.
(is_any): Mark P as unused.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/gpgscm/COPYING: Rename to ...
* tests/gpgscm/LICENSE.TinySCHEME: this.
* AUTHORS: Add a note about TinySCHEME.
* build-aux/speedo/w32/pkg-copyright.txt: Add TinySCHEME notice.
--
I renamed the file with the license terms to avoid confusion with the
standard name for the GPL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/gpgscm/scheme.c (vtbl): Add 'port_from_file' to the vtable.
* tests/gpgscm/scheme.h (struct scheme_interface): New field
'mk_port_from_file'.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme.c (opexe_0): Include the value that we tried to
evaluate as function-like in the error message.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/Makefile.am (CLEANFILES): Add created file
"passphrases".
* tools/Makefile.am (EXTRA_DIST): Add no-libgcrypt.c.
--
dirmngr/Makefile uses a copy no-libgcrypt.c from tools/. tools/ does
not anymore require no-libgcrypt.c but we keep it there in case we
eventually make use of it again.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/export.c (do_export_stream): If a key is stored by the agent in
cleartext, then try to export it as cleartext.
* tests/openpgp/export.test: For secret keys that are stored in
cleartext, test should try to export without pinentry interaction.
--
This restores the behavior of GnuPG 2.0 and 1.4 when exporting
passphraseless secret keys, and fixes the test suite accordingly.
GnuPG-bug-id: 2070, 2324
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* tests/openpgp/fake-pinentry.c (get_passphrase): New function.
(main): Add option --passphrasefile and read passphrases from it.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/Makefile.am (SUBDIRS): Remove migrations.
* configure.ac (AC_CONFIG_FILES): Remove migrations Makefile.
--
The tests introduced with commit defbc70b require some non-portable
tools like mktemp and basename. They further fail with "make
distcheck". Removed for now.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/findkey.c (write_extended_private_key): New function.
(agent_write_private_key): Detect if an existing file is in extended
format and update the key within if it is.
(read_key_file): Handle the new format.
* agent/keyformat.txt: Document the new format.
* common/Makefile.am: Add the new files.
* common/private-keys.c: New file.
* common/private-keys.h: Likewise.
* common/t-private-keys.c: Likewise.
* common/util.h (alphap, alnump): New macros.
* tests/migrations: Add test demonstrating that we can cope with the
new format.
--
GnuPG 2.3+ will use a new format to store private keys that is both
more flexible and easier to read and edit by human beings. The new
format stores name,value-pairs using the common mail and http header
convention.
This patch adds the parser and support code and prepares GnuPG 2.1 for
the new format.
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/gpg-agent.c (create_private_keys_directory): Set permissions.
* common/sysutils.c (modestr_to_mode): New function.
(gnupg_mkdir): Use new function.
(gnupg_chmod): New function.
* common/sysutils.h (gnupg_chmod): New prototype.
* tests/migrations/from-classic.test: Test migration with existing
directory.
GnuPG-bug-id: 2312
Signed-off-by: Justus Winter <justus@g10code.com>
* configure.ac (USE_GPG2_HACK): New ac_define am_conditional.
* common/homedir.c (gnupg_module_name): Replace use of macro
NAME_OF_INSTALLED_GPG.
* g10/keygen.c (generate_keypair): Ditto.
* g10/Makefile.am (bin_PROGRAMS): Remove.
(noinst_PROGRAMS): Add gpg or gpg2 and gpgv or gpg2.
(gpg2_hack_list): New.
(use_gpg2_hack): New.
(gpg2_SOURCES): Rename to gpg_SOURCES.
(gpgv2_SOURCES): Rename to gpgv_SOURCES.
(gpg2_LDADD): Rename to gpg_LDADD.
(gpgv2_LDADD): Rename to gpgv_LDADD.
(gpg2_LDFLAGS): Rename to gpg_LDFLAGS.
(gpgv2_LDFLAGS): Rename to gpgv2_LDFLAGS.
(install-exec-hook): Remove WinCE specific rules and add new rules.
(uninstall-local): Uninstall gpg/gpg2 and gpgv/gpgv2.
* tests/openpgp/Makefile.am (required_pgms): s/gpg2/gpg/.
* tests/openpgp/defs.inc: Ditto.
* tests/openpgp/gpgtar.test: Ditto.
* tests/openpgp/mkdemodirs: Ditto.
* tests/openpgp/signdemokey: Ditto.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Remove obsolete
--enable-mailto, add --enable-gpg2-is-gpg.
--
Although we need to duplicate some automake generated code this method
allows to easily switch the name of the installed target using the
configure option "--enable-gpg2-is-gpg".
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/openpgp/Makefile.am: Build new program.
* tests/openpgp/defs.inc: Use the new program.
* tests/openpgp/fake-pinentry.c: New file.
--
Building an executable that does not require an interpreter makes it
easier to use on Windows.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/plain-largeo.asc: New file.
* tests/openpgp/version.test: Dearmor the new file instead of relying
on the source being present.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/gpg.c (main): If --encrypt-to-default-key is specified, don't
add --default-key's value to REMUSR here...
* g10/pkclist.c (build_pk_list): ... do it here.
* tests/openpgp/Makefile.am (TESTS): Add default-key.test.
* tests/openpgp/default-key.test: New file.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* tests/openpgp/gpgtar.test: Add test case.
* tools/gpgtar-create.c (gpgtar_create): Pass '--symmetric' flag to
gpg.
* tools/gpgtar.c (parse_arguments): We do handle the argument now.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/gpgtar.test: Test signing.
* tools/gpgtar-create.c (gpgtar_create): Add 'sign' option, add the
appropriate gpg arguments to implement signing and selecting the local
user.
* tools/gpgtar.c (parse_options): We do handle '--local-user' now.
(main): Handle signing, encrypting, and doing both when creating an
archive.
* tools/gpgtar.h (gpgtar_create): Update prototype.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/gpg.c (check_user_ids): If the search description is for an
exact match (a keyid or fingerprint that ends in '!'), then use the
matching key, not the primary key.
* tests/openpgp/Makefile.am (TESTS): Add use-exact-key.test.
(priv_keys): Add privkeys/00FE67F28A52A8AA08FFAED20AF832DA916D1985.asc,
privkeys/1DF48228FEFF3EC2481B106E0ACA8C465C662CC5.asc,
privkeys/A2832820DC9F40751BDCD375BB0945BA33EC6B4C.asc,
privkeys/ADE710D74409777B7729A7653373D820F67892E0.asc and
privkeys/CEFC51AF91F68A2904FBFF62C4F075A4785B803F.asc.
(sample_keys): Add
samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc.
* tests/openpgp/privkeys/00FE67F28A52A8AA08FFAED20AF832DA916D1985.asc:
New file.
* tests/openpgp/privkeys/1DF48228FEFF3EC2481B106E0ACA8C465C662CC5.asc:
New file.
* tests/openpgp/privkeys/A2832820DC9F40751BDCD375BB0945BA33EC6B4C.asc:
New file.
* tests/openpgp/privkeys/ADE710D74409777B7729A7653373D820F67892E0.asc:
New file.
* tests/openpgp/privkeys/CEFC51AF91F68A2904FBFF62C4F075A4785B803F.asc:
New file.
* tests/openpgp/samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc:
New file.
* tests/openpgp/use-exact-key.test: New file.
* tests/openpgp/version.test: Install the new private keys.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Reported-by: Reported-by: Kristian Fiskerstrand
<kristian.fiskerstrand@sumptuouscapital.com>
Fixes-commit: 10cca02
* tools/gpgtar.c (enum cmd_and_opt_values): New value.
(opts): Add new group for tar options, rearrange a little, add
'--tar-args'.
(tar_opts): New variable.
(shell_parse_stringlist): New function.
(shell_parse_argv): Likewise.
(parse_arguments): Add option argument, handle '--tar-args'.
(main): Fix invokation of 'parse_arguments'.
* tests/openpgp/gpgtar.test: Simplify decryption.
Signed-off-by: Justus Winter <justus@g10code.com>
* configure.ac: Define the automake conditional SQLITE3.
* tests/openpgp/Makefile.am (TESTS): Move the sqlite3 dependent tests
to...
(sqlite3_dependent_tests): ... this new variable. If SQLITE3 is not
defined, then clear this variable.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* configure.ac: Check for sqlite3.
(SQLITE3_CFLAGS): AC_SUBST it.
(SQLITE3_LIBS): Likewise.
* g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS).
(gpg2_SOURCES): Add tofu.h and tofu.c.
(gpg2_LDADD): Add $(SQLITE3_LIBS).
* g10/tofu.c: New file.
* g10/tofu.h: New file.
* g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP.
(tofu_db_format): Define.
* g10/packet.h (PKT_signature): Add fields digest and digest_len.
* g10/gpg.c: Include "tofu.h".
(cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy,
oTOFUDBFormat.
(opts): Add them.
(parse_trust_model): Recognize the tofu and tofu+pgp trust models.
(parse_tofu_policy): New function.
(parse_tofu_db_format): New function.
(main): Initialize opt.tofu_default_policy and opt.tofu_db_format.
Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat.
* g10/mainproc.c (do_check_sig): If the signature is good, copy the
hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately.
* g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update
callers.
(tdb_get_validity_core): Add arguments sig and may_ask. Update
callers.
* g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them
to tdb_get_validity_core.
* g10/trustdb.c: Include "tofu.h".
(trust_model_string): Handle TM_TOFU and TM_TOFU_PGP.
(tdb_get_validity_core): Add arguments sig and may_ask. If
OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust
level. Combine it with the computed PGP trust level, if appropriate.
* g10/keyedit.c: Include "tofu.h".
(show_key_with_all_names_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/keylist.c: Include "tofu.h".
(public_key_list): Also show the PGP stats if the trust model is
TM_TOFU_PGP.
(list_keyblock_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/pkclist.c: Include "tofu.h".
* g10/gpgv.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* g10/test-stubs.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* doc/DETAILS: Describe the TOFU Policy field.
* doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu,
--trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format.
* tests/openpgp/Makefile.am (TESTS): Add tofu.test.
(TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc,
tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt.
(CLEANFILES): Add tofu.db.
(clean-local): Add tofu.d.
* tests/openpgp/tofu.test: New file.
* tests/openpgp/tofu-2183839A-1.txt: New file.
* tests/openpgp/tofu-BC15C85A-1.txt: New file.
* tests/openpgp/tofu-EE37CF96-1.txt: New file.
* tests/openpgp/tofu-keys.asc: New file.
* tests/openpgp/tofu-keys-secret.asc: New file.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
* g10/encrypt.c (use_mdc): Make it a global func.
* g10/sign.c (sign_symencrypt_file): Use that function to decide
whether to use an MDC.
* tests/openpgp/conventional-mdc.test: Add a simple test case.
--
We used --force-mdc in sign+symenc mode (-cs) only with --force-mdc.
That broke our assumption from commit 625e292 (GnuPG 2.1.9) that all
uses of modern ciphers are using MDC.
Reported-by: Ben Kibbey <bjk@luxsci.net>
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (oDebugQuickRandom): New.
(opts): New option --debug-quick-random.
(main): Use new option.
* common/asshelp.c (start_new_gpg_agent): Add hack to pass an
additional argument for the agent name.
* tests/openpgp/defs.inc: Pass --debug-quick-random to the gpg-agent
starting parameters.
* tests/openpgp/version.test: Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/build-packet.c (do_key): Remove support for building v3 keys.
* g10/parse-packet.c (read_protected_v3_mpi): Remove.
(parse_key): Remove support for v3-keys. Add dedicated warnings for
v3-key packets.
* g10/keyid.c (hash_public_key): Remove v3-key support.
(keyid_from_pk): Ditto.
(fingerprint_from_pk): Ditto.
* g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs.
* g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs,
oForceV4Certs, oNoForceV4Certs.
(opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs,
--no-force-v4-certs int dummy options.
(main): Remove setting of the force_v3_sigs force_v4_certs flags.
* g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs.
* g10/sign.c (hash_uid): Remove support for v3-signatures
(hash_sigversion_to_magic): Ditto.
(only_old_style): Remove this v3-key function.
(write_signature_packets): Remove support for creating v3-signatures.
(sign_file): Ditto.
(sign_symencrypt_file): Ditto.
(clearsign_file): Ditto. Remove code to emit no Hash armor line if
only v3-keys are used.
(make_keysig_packet): Remove arg SIGVERSION and force using
v4-signatures. Change all callers to not pass a value for this arg.
Remove all v3-key related code.
(update_keysig_packet): Remove v3-signature support.
* g10/keyedit.c (sign_uids): Always create v4-signatures.
* g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and
change caller.
--
v3 keys are deprecated for about 15 years and due the severe
weaknesses of MD5 it does not make any sense to keep code around to
use these old and broken keys. Users who need to decrypt old messages
should use gpg 1.4 and best re-encrypt them to modern standards.
verification of old (i.e. PGP2) created signatures is thus also not
anymore possible but such signatures have no values anyway - MD5 is
just too broken.
We have also kept support for v3 signatures until now. With the
removal of support for v3 keys it is questionable whether it makes any
sense to keep support for v3-signatures. What we do now is to keep
support for verification of v3-signatures but we force the use of
v4-signatures. The latter makes the --pgp6 and --pgp7 switch a bit
obsolete because those PGP versions require v3-signatures for
messages. These versions of PGP are also really old and not anymore
maintained so they have not received any bug fixes and should not be
used anyway.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/import.c (stats_s): Remove field "imported_rsa".
(import_print_stats): Do not print separate value for RSA.
(import_one): Remove the RSA counter.
--
RSA is the standard key format and thus there is no more need to have
a separate counter. This is a remain from the RSA patent times.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keydb.c (keydb_handle): Add field no_caching.
(keyblock_cache): Repalce field kid by fpr.
(keydb_disable_caching): New.
(keydb_search): Use the fingerprint as cache index.
* g10/import.c (import_one): Use the fingerprint and not the kid to
lookup the key. Call keydb_disable_caching beofre re-searching for
update.
* tests/openpgp/import.test: Add a test case.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/openpgp/conventional-mdc.test: Add an s2k-count option.
* tests/openpgp/conventional.test: Ditto.
--
Due to measuring the iteration count for the passphrase hashing, the
conventional encryption tests are running quite slow. This patch
fixes it by using a fixed and lower value for the iteration count.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgpdefs.h (PUBKEY_ALGO_EDDSA): Change to 22.
* g10/keygen.c (ask_curve): Reword the Curve25519 warning note.
--
In the hope that the IETF will eventually assign 22 for EdDSA using
the draft-koch-eddsa-for-openpgp-01 specs we start using this number.
* g10/gpg.c (oRFC1991, oPGP2): Remove
(opts): Remove --pgp2 and --rfc1991.
* g10/options.h (CO_PGP2, CO_RFC1991): Remove. Remove all users.
(RFC2440, PGP2): Remove. Remove all code only enabled by these
conditions.
* tests/openpgp/clearsig.test: Remove --rfc1991 test.
--
The use of PGP 2.c is considered insecure for quite some time
now (e.g. due to the use of MD5). Thus we remove all support for
_creating_ PGP 2 compatible messages.
* agent/cvt-openpgp.c (try_do_unprotect_arg_s): Add field "curve".
(get_keygrip): Add and use arg CURVE.
(convert_secret_key): Ditto.
(convert_transfer_key): Ditto.
(get_npkey_nskey): New.
(prepare_unprotect): Replace gcrypt functions by
get_npkey_nskey. Allow opaque MPIs.
(do_unprotect): Use CURVE instead of parameters.
(convert_from_openpgp_main): Ditto.
(convert_to_openpgp): Simplify.
* g10/import.c (one_mpi_from_pkey): Remove.
(transfer_secret_keys): Rewrite to use the curve instead of the
parameters.
* g10/parse-packet.c (parse_key): Mark protected MPIs with USER1 flag.
* common/openpgp-oid.c (openpgp_curve_to_oid): Allow the use of
"NIST P-256" et al.
* g10/keygen.c (ask_curve): Add arg ALGO.
(generate_keypair): Rewrite the ECC key logic.
* tests/openpgp/ecc.test: Provide the "ecc" passphrase.
* configure.ac: Add option --disable-trust-models
(NO_TRUST_MODELS): New ac_define and am_conditional.
* g10/Makefile.am (trust_source): New.
(gpg2_SOURCES): Factor some files out to above. Add trust.c.
* g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust,
--import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb,
--list-trustdb, --trustdb-name, --auto-check-trustdb,
--no-auto-check-trustdb, and --force-ownertrust.
(parse_trust_model) [NO_TRUST_MODELS]: Do not build.
(main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all
trustdb related option code.
* g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust",
"enable", and "disable".
* g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print
"tru" record.
* g10/trust.c: New.
* g10/trustdb.c (struct key_item): Move to trustdb.h.
(register_trusted_keyid): Rename to tdb_register_trusted_keyid.
(register_trusted_key): Rename to tdb_register_trusted_key.
(trust_letter, uid_trust_string_fixed, trust_value_to_string)
(string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info)
(get_ownertrust_string, get_validity_info, get_validity_string)
(clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c.
(mark_usable_uid_certs): Move to trust.c and make global.
(is_in_klist): Move as inline to trustdb.h.
(trustdb_check_or_update): Rename to tdb_check_or_update
(revalidation_mark): Rename to tdb_revalidation_mark.
(get_ownertrust): Rename to tdb_get_ownertrust.
(get_min_ownertrust): Rename to tdb_get_min_ownertrust.
(update_ownertrust): Rename to tdb_update_ownertrust.
(clear_ownertrusts): Rename to tdb_clear_ownertrusts.
(cache_disabled_value): Rename to tdb_cache_disabled_value.
(check_trustdb_stale): Rename to tdb_check_trustdb_stale.
(get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and
factor some code out to ...
* trust.c (get_validity): ...new.
(check_or_update_trustdb): New wrapper.
(revalidation_mark): New wrapper.
(get_ownertrust): New wrapper.
(get_ownertrust_with_min): New wrapper.
(update_ownertrust): New wrapper.
(clear_ownertrusts): New wrapper.
(cache_disabled_value): New wrapper.
(check_trustdb_stale): New wrapper.
* tests/openpgp/defs.inc (opt_always): New. Use in all tests instead
of --always-trust.
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems. We now use two \x27 characters ('...').
The proper solution would be to use the correct Unicode symmetric
quotes here. However this has the disadvantage that the system
requires Unicode support. We don't want that today. If Unicode is
available a generated po file can be used to output proper quotes. A
simple sed script like the one used for en@quote is sufficient to
change them.
The changes have been done by applying
sed -i "s/\`\([^'\`]*\)'/'\1'/g"
to most files and fixing obvious problems by hand. The msgid strings in
the po files were fixed with a similar command.