#!/bin/sh # Check that gpg verifies only signatures where there is no ambiguity # in the order of packets. Needs the Demo Keys Lima and Mike. . $srcdir/defs.inc || exit 3 # (variable intialization was created using: # for i in files; do echo "`echo $i | sed 's,[.-],_,g'`='"; \ # gpg --no-version --enarmor <$i | grep -v ^Comment:; echo "'" ; done # ) sig_1ls1ls_valid=' -----BEGIN PGP ARMORED FILE----- kA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogq9EkgYW0gc29ycnksIEkgY2FuJ3Qg ZG8gdGhhdAqIPwMFADqIKvQ3yrUft5ED+BEC2joAoJaSaXOZEtSZqQ780HIXG77e 8PB7AJ4wCprmaFTO0fBaTcXDuEOBdAWnOZANAwACETfKtR+3kQP4AawnYgV0ZXh0 MTqIKvRJIGFtIHNvcnJ5LCBJIGNhbid0IGRvIHRoYXQKiD8DBQA6iCr0N8q1H7eR A/gRAto6AKCWkmlzmRLUmakO/NByFxu+3vDwewCeMAqa5mhUztHwWk3Fw7hDgXQF pzk= =8jSC -----END PGP ARMORED FILE----- ' sig_ls_valid=' -----BEGIN PGP ARMORED FILE----- rCdiBXRleHQxOogrS0kgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqI K0s3yrUft5ED+BECLQMAn2jZUNOpB4OuurSQkc2TRfg6ek02AJ9+oJS0frQ+yUsT QDUFTH2PvZRxjw== =J+lb -----END PGP ARMORED FILE----- ' sig_sl_valid=' -----BEGIN PGP ARMORED FILE----- iD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCffqCU tH60PslLE0A1BUx9j72UcY+sJ2IFdGV4dDE6iCtLSSBhbSBzb3JyeSwgSSBjYW4n dCBkbyB0aGF0Cg== =N9MP -----END PGP ARMORED FILE----- ' sig_11lss_valid_but_is_not=' -----BEGIN PGP ARMORED FILE----- kA0DAAIRN8q1H7eRA/gAkA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogyXUkgYW0g c29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqIMl03yrUft5ED+BECwQAAnRXT mXjVd385oD38W80XuheWKTGcAJ9pZ6/flaKDfw+SLido7xaUHuhp5Yg/AwUAOogy XTfKtR+3kQP4EQLBAACgnN0IP+NztE0aAc/DZ17yHWR9diwAniN0P01WmbgZJoZB Q341WRXKS/at =Ekrs -----END PGP ARMORED FILE----- ' sig_11lss11lss_valid_but_is_not=' -----BEGIN PGP ARMORED FILE----- kA0DAAIRN8q1H7eRA/gAkA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogyXUkgYW0g c29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqIMl03yrUft5ED+BECwQAAnRXT mXjVd385oD38W80XuheWKTGcAJ9pZ6/flaKDfw+SLido7xaUHuhp5Yg/AwUAOogy XTfKtR+3kQP4EQLBAACgnN0IP+NztE0aAc/DZ17yHWR9diwAniN0P01WmbgZJoZB Q341WRXKS/atkA0DAAIRN8q1H7eRA/gAkA0DAAIRN8q1H7eRA/gBrCdiBXRleHQx OogyXUkgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqIMl03yrUft5ED +BECwQAAnRXTmXjVd385oD38W80XuheWKTGcAJ9pZ6/flaKDfw+SLido7xaUHuhp 5Yg/AwUAOogyXTfKtR+3kQP4EQLBAACgnN0IP+NztE0aAc/DZ17yHWR9diwAniN0 P01WmbgZJoZBQ341WRXKS/at =P1Mu -----END PGP ARMORED FILE----- ' sig_ssl_valid_but_is_not=' -----BEGIN PGP ARMORED FILE----- iD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCffqCU tH60PslLE0A1BUx9j72UcY+IPwMFADqIK0s3yrUft5ED+BECLQMAn2jZUNOpB4Ou urSQkc2TRfg6ek02AJ9+oJS0frQ+yUsTQDUFTH2PvZRxj6wnYgV0ZXh0MTqIK0tJ IGFtIHNvcnJ5LCBJIGNhbid0IGRvIHRoYXQK =Zven -----END PGP ARMORED FILE----- ' sig_1lsls_invalid=' -----BEGIN PGP ARMORED FILE----- kA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogq9EkgYW0gc29ycnksIEkgY2FuJ3Qg ZG8gdGhhdAqIPwMFADqIKvQ3yrUft5ED+BEC2joAoJaSaXOZEtSZqQ780HIXG77e 8PB7AJ4wCprmaFTO0fBaTcXDuEOBdAWnOawnYgV0ZXh0MTqIK0tJIGFtIHNvcnJ5 LCBJIGNhbid0IGRvIHRoYXQKiD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeD rrq0kJHNk0X4OnpNNgCffqCUtH60PslLE0A1BUx9j72UcY8= =nkeu -----END PGP ARMORED FILE----- ' sig_lsls_invalid=' -----BEGIN PGP ARMORED FILE----- rCdiBXRleHQxOogrS0kgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqI K0s3yrUft5ED+BECLQMAn2jZUNOpB4OuurSQkc2TRfg6ek02AJ9+oJS0frQ+yUsT QDUFTH2PvZRxj6wnYgV0ZXh0MTqIK0tJIGFtIHNvcnJ5LCBJIGNhbid0IGRvIHRo YXQKiD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCf fqCUtH60PslLE0A1BUx9j72UcY8= =BlZH -----END PGP ARMORED FILE----- ' sig_lss_invalid=' -----BEGIN PGP ARMORED FILE----- rCdiBXRleHQxOogrS0kgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqI K0s3yrUft5ED+BECLQMAn2jZUNOpB4OuurSQkc2TRfg6ek02AJ9+oJS0frQ+yUsT QDUFTH2PvZRxj4g/AwUAOogrSzfKtR+3kQP4EQItAwCfaNlQ06kHg666tJCRzZNF +Dp6TTYAn36glLR+tD7JSxNANQVMfY+9lHGP =jmt6 -----END PGP ARMORED FILE----- ' sig_slsl_invalid=' -----BEGIN PGP ARMORED FILE----- iD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCffqCU tH60PslLE0A1BUx9j72UcY+sJ2IFdGV4dDE6iCtLSSBhbSBzb3JyeSwgSSBjYW4n dCBkbyB0aGF0Cog/AwUAOogrSzfKtR+3kQP4EQItAwCfaNlQ06kHg666tJCRzZNF +Dp6TTYAn36glLR+tD7JSxNANQVMfY+9lHGPrCdiBXRleHQxOogrS0kgYW0gc29y cnksIEkgY2FuJ3QgZG8gdGhhdAo= =phBF -----END PGP ARMORED FILE----- ' save_IFS="${IFS}" IFS="" for i in "$sig_1ls1ls_valid" "$sig_ls_valid" "$sig_sl_valid"; do echo "$i" | ./gpg_dearmor >x IFS="${save_IFS}" $GPG --verify x 2>/dev/null || error "valid is invalid" IFS="" done #for i in "$sig_11lss_valid_but_is_not" "$sig_11lss11lss_valid_but_is_not" \ # "$sig_ssl_valid_but_is_not"; do # echo "$i" | $GPG --dearmor >x # $GPG --verify /dev/null || error "valid is invalid" #done # without the +e ksh seems to terminate the for loop set +e for i in "$sig_1lsls_invalid" "$sig_lsls_invalid" \ "$sig_lss_invalid" "$sig_slsl_invalid" ; do echo "$i" | ./gpg_dearmor >x IFS="${save_IFS}" $GPG --verify /dev/null && error "invalid is valid" IFS="" done IFS="${save_IFS}"