gnupg/tests/sm-verify

115 lines
2.2 KiB
Plaintext

# sm-verify
#
# Verify a few distributed signatures.
# Requirements:
#
srcdir = getenv srcdir
# Check an opaque signature
sig = openfile $srcdir/text-1.osig.pem
out = createfile msg.unsig
pipeserver $GPGSM
send INPUT FD=$sig
expect-ok
send OUTPUT FD=$out
expect-ok
badsig = count-status BADSIG
goodsig = count-status GOODSIG
trusted = count-status TRUST_FULLY
send VERIFY
expect-ok
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
fail-if $badsig
fail-if !$goodsig
fail-if !$trusted
send BYE
expect-ok
sig =
out =
cmpfiles $srcdir/text-1.txt msg.unsig
fail-if !$?
# Check a detached signature.
sig = openfile $srcdir/text-1.dsig.pem
plain = openfile $srcdir/text-1.txt
pipeserver $GPGSM
send INPUT FD=$sig
expect-ok
send MESSAGE FD=$plain
expect-ok
badsig = count-status BADSIG
goodsig = count-status GOODSIG
trusted = count-status TRUST_FULLY
send VERIFY
expect-ok
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
fail-if $badsig
fail-if !$goodsig
fail-if !$trusted
send BYE
expect-ok
# Check a tampered opaque message
sig = openfile $srcdir/text-1.osig-bad.pem
out = createfile msg.unsig
pipeserver $GPGSM
send INPUT FD=$sig
expect-ok
send OUTPUT FD=$out
expect-ok
badsig = count-status BADSIG
goodsig = count-status GOODSIG
trusted = count-status TRUST_FULLY
send VERIFY
expect-ok
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
fail-if $goodsig
fail-if !$badsig
fail-if $trusted
send BYE
expect-ok
# Check another opaque signature but without asking for the output.
sig = openfile $srcdir/text-2.osig.pem
pipeserver $GPGSM
send INPUT FD=$sig
expect-ok
badsig = count-status BADSIG
goodsig = count-status GOODSIG
trusted = count-status TRUST_FULLY
send VERIFY
expect-ok
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
fail-if $badsig
fail-if !$goodsig
fail-if !$trusted
send BYE
expect-ok
# We als have tampered version.
sig = openfile $srcdir/text-2.osig-bad.pem
pipeserver $GPGSM
send INPUT FD=$sig
expect-ok
badsig = count-status BADSIG
goodsig = count-status GOODSIG
trusted = count-status TRUST_FULLY
send VERIFY
expect-ok
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
fail-if $goodsig
fail-if !$badsig
fail-if $trusted
send BYE
expect-ok
quit