#!/bin/bash # Script for G10 testing #--------------------------------------------------------- #-------------------------------- #------ constants --------------- #-------------------------------- usrname1="one" usrpass1="def" usrname2="two" usrpass2="" plain_files="plain-1 plain-2" data_files="" exp_files="" #-------------------------------- #------ utility functions ------- #-------------------------------- fatal () { echo "$pgmname: fatal:" $* >&2 exit 1; } error () { echo "$pgmname:" $* >&2 exit 1 } info () { echo "$pgmname:" $* >&2 } chdir () { cd $1 || fatal "cannot cd to $1" } cleanup () { rm $data_files x y z 2>/dev/null echo "#empty" >./options } run_g10 () { if ! eval ../g10/gpg --homedir . $* ; then echo "(../g10/gpg --homedir . $*) failed" >&2 exit 1 fi } run_g10maint () { if ! eval ../g10/gpgm --homedir . $* ; then echo "(../g10/gpgm --homedir . $*) failed" >&2 exit 1 fi } #-------------------------------- #-------- main program ---------- #-------------------------------- set -e pgmname=$(basename $0) trap cleanup SIGHUP SIGINT SIGQUIT # some checks for i in $plain_files plain-3o.asc ; do [ -f $i ] || fatal "$i: missing" done for i in $exp_files; do [ -f $i ] || fatal "$i: script missing" done # create the keyrings cat <./options no-greeting no-secmem-warning batch EOF # print the G10 version run_g10 --version info Unpacking some material run_g10maint --yes --dearmor -o pubring.gpg pubring.asc run_g10maint --yes --dearmor -o secring.gpg secring.asc run_g10maint --yes --dearmor -o gnupg.sig gnupg.asc run_g10maint --yes --dearmor -o plain-3 plain-3o.asc plain_files="$plain_files plain-3" # make sure all files are created echo "$usrpass1" | run_g10 --no-operation info Checking decryption for i in $plain_files ; do echo "$usrpass1" | run_g10 --passphrase-fd 0 -o y --yes $i.asc cmp $i y || error "$i: mismatch" done info Checking cleartext signatures # There is a minor glitch, which appends a lf to the cleartext. # I do not consider that a bug, but I have to use the head .. mimic. # It is not clear what should happen to leading LFs, we must # change the defintion of cleartext, so that only 1 empty line # must follow the headers, but some specs say: any number of empty lines .. # clean-sat removes leading LFs # I know that this does not work for random data files (due to large lines # or what ever) - I hope we can live with it. for i in $plain_files; do echo "$usrpass1" | run_g10 --passphrase-fd 0 -sat -o x --yes $i run_g10 -o y --yes x ../tools/clean-sat < $i > z head -c $[ $(cat y | wc -c) - 1 ] y | diff - z || error "$i: mismatch" done info Creating some random data files for i in 500 9000 32000 80000; do head -c $i /dev/urandom >data-$i data_files="$data_files data-$i" done info Checking armored signatures for i in $plain_files $data_files ; do echo "$usrpass1" | run_g10 --passphrase-fd 0 -sa -o x --yes $i run_g10 -o y --yes x cmp $i y || error "$i: mismatch" done info Checking signatures for i in $plain_files $data_files; do echo "$usrpass1" | run_g10 --passphrase-fd 0 -s -o x --yes $i run_g10 -o y --yes x cmp $i y || error "$i: mismatch" done info Checking armored encryption for i in $plain_files $data_files ; do run_g10 -ea -o x --yes -r "$usrname2" $i run_g10 -o y --yes x cmp $i y || error "$i: mismatch" done info Checking armored encryption with a pipe for i in $plain_files $data_files ; do run_g10 -ea --yes -r "$usrname2" < $i | tee x \ | run_g10 -o y --yes cmp $i y || error "$i: mismatch" run_g10 --yes < x > y cmp $i y || error "$i: mismatch" done info Checking encryption for i in $plain_files $data_files ; do run_g10 -e -o x --yes -r "$usrname2" $i run_g10 -o y --yes x cmp $i y || error "$i: mismatch" done info Checking encryption with a pipe for i in $plain_files $data_files ; do run_g10 -e --yes -r "$usrname2" < $i \ | run_g10 --yes > y cmp $i y || error "$i: mismatch" done info Checking signing and encryption for i in $plain_files $data_files ; do echo "$usrpass1" \ | run_g10 --passphrase-fd 0 -se -o x --yes -r "$usrname2" $i run_g10 -o y --yes x cmp $i y || error "$i: mismatch" done info Checking armored signing and encryption for i in $plain_files $data_files ; do echo "$usrpass1" \ | run_g10 --passphrase-fd 0 -sae -o x --yes -r "$usrname2" $i run_g10 -o y --yes x cmp $i y || error "$i: mismatch" done info Checking armored detached signatures for i in $plain_files $data_files ; do echo "$usrpass1" | run_g10 --passphrase-fd 0 -sab -o x --yes $i run_g10 -o /dev/null --yes x <$i || error "$i: bad signature" done info Checking detached signatures for i in $plain_files $data_files ; do echo "$usrpass1" | run_g10 --passphrase-fd 0 -sb -o x --yes $i run_g10 -o /dev/null --yes x <$i || error "$i: bad signature" done info Checking detached signatures of multiple files i="$plain_files $data_files" echo "$usrpass1" | run_g10 --passphrase-fd 0 -sb -o x --yes $i cat $i | run_g10 -o /dev/null --yes x || error "$i: bad signature" info Checking armored detached signatures of multiple files i="$plain_files $data_files" echo "$usrpass1" | run_g10 --passphrase-fd 0 -sab -o x --yes $i cat $i | run_g10 -o /dev/null --yes x || error "$i: bad signature" info "All tests passed." exit 0