mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-10 13:04:23 +01:00
a8209b001c
-- It does not make sense to have the cms stuff at the top level but the openpgp at a dedicated directory. This patch fixes that.
115 lines
2.2 KiB
Plaintext
115 lines
2.2 KiB
Plaintext
# sm-verify
|
|
#
|
|
# Verify a few distributed signatures.
|
|
# Requirements:
|
|
#
|
|
|
|
srcdir = getenv srcdir
|
|
|
|
# Check an opaque signature
|
|
sig = openfile $srcdir/text-1.osig.pem
|
|
out = createfile msg.unsig
|
|
pipeserver $GPGSM
|
|
send INPUT FD=$sig
|
|
expect-ok
|
|
send OUTPUT FD=$out
|
|
expect-ok
|
|
badsig = count-status BADSIG
|
|
goodsig = count-status GOODSIG
|
|
trusted = count-status TRUST_FULLY
|
|
send VERIFY
|
|
expect-ok
|
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
|
fail-if $badsig
|
|
fail-if !$goodsig
|
|
fail-if !$trusted
|
|
send BYE
|
|
expect-ok
|
|
|
|
sig =
|
|
out =
|
|
cmpfiles $srcdir/text-1.txt msg.unsig
|
|
fail-if !$?
|
|
|
|
# Check a detached signature.
|
|
sig = openfile $srcdir/text-1.dsig.pem
|
|
plain = openfile $srcdir/text-1.txt
|
|
pipeserver $GPGSM
|
|
send INPUT FD=$sig
|
|
expect-ok
|
|
send MESSAGE FD=$plain
|
|
expect-ok
|
|
badsig = count-status BADSIG
|
|
goodsig = count-status GOODSIG
|
|
trusted = count-status TRUST_FULLY
|
|
send VERIFY
|
|
expect-ok
|
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
|
fail-if $badsig
|
|
fail-if !$goodsig
|
|
fail-if !$trusted
|
|
send BYE
|
|
expect-ok
|
|
|
|
# Check a tampered opaque message
|
|
sig = openfile $srcdir/text-1.osig-bad.pem
|
|
out = createfile msg.unsig
|
|
|
|
pipeserver $GPGSM
|
|
send INPUT FD=$sig
|
|
expect-ok
|
|
send OUTPUT FD=$out
|
|
expect-ok
|
|
badsig = count-status BADSIG
|
|
goodsig = count-status GOODSIG
|
|
trusted = count-status TRUST_FULLY
|
|
send VERIFY
|
|
expect-ok
|
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
|
fail-if $goodsig
|
|
fail-if !$badsig
|
|
fail-if $trusted
|
|
send BYE
|
|
expect-ok
|
|
|
|
# Check another opaque signature but without asking for the output.
|
|
sig = openfile $srcdir/text-2.osig.pem
|
|
|
|
pipeserver $GPGSM
|
|
send INPUT FD=$sig
|
|
expect-ok
|
|
badsig = count-status BADSIG
|
|
goodsig = count-status GOODSIG
|
|
trusted = count-status TRUST_FULLY
|
|
send VERIFY
|
|
expect-ok
|
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
|
fail-if $badsig
|
|
fail-if !$goodsig
|
|
fail-if !$trusted
|
|
send BYE
|
|
expect-ok
|
|
|
|
# We also have tampered version.
|
|
sig = openfile $srcdir/text-2.osig-bad.pem
|
|
|
|
pipeserver $GPGSM
|
|
send INPUT FD=$sig
|
|
expect-ok
|
|
badsig = count-status BADSIG
|
|
goodsig = count-status GOODSIG
|
|
trusted = count-status TRUST_FULLY
|
|
send VERIFY
|
|
expect-ok
|
|
echo badsig=$badsig goodsig=$goodsig trusted=$trusted
|
|
fail-if $goodsig
|
|
fail-if !$badsig
|
|
fail-if $trusted
|
|
send BYE
|
|
expect-ok
|
|
|
|
|
|
quit
|
|
|
|
|