mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
0d67241e31
* NEWS, acinclude.m4, agent/command-ssh.c, agent/command.c, agent/gpg-agent.c, agent/keyformat.txt, agent/protect-tool.c, common/asshelp.c, common/b64enc.c, common/recsel.c, doc/DETAILS, doc/HACKING, doc/Notes, doc/TRANSLATE, doc/dirmngr.texi, doc/faq.org, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi, doc/instguide.texi, g10/armor.c, g10/gpg.c, g10/keyedit.c, g10/mainproc.c, g10/pkclist.c, g10/tofu.c, g13/sh-cmd.c, g13/sh-dmcrypt.c, kbx/keybox-init.c, m4/pkg.m4, sm/call-dirmngr.c, sm/gpgsm.c, tests/Makefile.am, tests/gpgscm/Manual.txt, tests/gpgscm/scheme.c, tests/openpgp/gpgv-forged-keyring.scm, tests/openpgp/multisig.test, tests/openpgp/verify.scm, tests/pkits/README, tools/applygnupgdefaults, tools/gpg-connect-agent.c, tools/mime-maker.c, tools/mime-parser.c: minor spelling cleanup. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
68 lines
2.1 KiB
Scheme
Executable File
68 lines
2.1 KiB
Scheme
Executable File
#!/usr/bin/env gpgscm
|
|
|
|
;; Copyright (C) 2016 g10 Code GmbH
|
|
;;
|
|
;; This file is part of GnuPG.
|
|
;;
|
|
;; GnuPG is free software; you can redistribute it and/or modify
|
|
;; it under the terms of the GNU General Public License as published by
|
|
;; the Free Software Foundation; either version 3 of the License, or
|
|
;; (at your option) any later version.
|
|
;;
|
|
;; GnuPG is distributed in the hope that it will be useful,
|
|
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
;; GNU General Public License for more details.
|
|
;;
|
|
;; You should have received a copy of the GNU General Public License
|
|
;; along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
|
|
(load (with-path "defs.scm"))
|
|
|
|
(define msg_signed_asc "
|
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA256
|
|
|
|
This is an example text file to demonstrate a problem.
|
|
|
|
Using forged-keyring.gpg with signature cache, it looks like it is
|
|
signed by the following key:
|
|
|
|
Echo Test (demo key) <echo@example.net>
|
|
|
|
But actually not.
|
|
|
|
It is signed by a key (steve.biko@example.net) distributed as:
|
|
|
|
gnupg/tests/openpgp/samplekeys/rsa-rsa-sample-1.asc
|
|
|
|
in GnuPG.
|
|
|
|
The forged-keyring.gpg file is created by a key in
|
|
|
|
gnupg/tests/openpgp/pubdemo.asc
|
|
|
|
Replacing the raw key material packet by one of rsa-rsa-sample-1.asc.
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: GnuPG v2
|
|
|
|
iQEcBAEBCAAGBQJXp+5MAAoJEKpD8dzH/tG3bGMH/1idFLJAaMxkrq+JguvAboiN
|
|
tAA44IdAgJvAxtR5w5fgfed7PfsH70+tj54/ZTObt7rZDIlj/YBQ7XeCwd7/O5vx
|
|
W0QtjjAxMuAPH80rVv4JIoflxV/deD8YaV9EhPE+6W5G0Z8SYL9B2RzdBVMwJY9+
|
|
OZGJeKnUZ92Zg9jFr+H5gQNSeYdDHVDWYxr/xJUf0jYsZvAIBfB1mcSK1niiiVBv
|
|
GAcUC/I8g18a7pCS9Qf9iZflqxX4AXfocAGQqQAiG4744OCNhVa5q6TScqhaGUah
|
|
N1Glbw1OJfP1q+QFPMPKoCsTYmZpuugq2b5gV/eH0Abvk2pG4Fo/YTDPHhec7Jk=
|
|
=NnY/
|
|
-----END PGP SIGNATURE-----
|
|
")
|
|
|
|
(for-each-p
|
|
"Checking that a signature by bad key should not be verified"
|
|
(lambda (armored-file)
|
|
(catch '()
|
|
(pipe:do
|
|
(pipe:echo (eval armored-file (current-environment)))
|
|
(pipe:spawn `(,@GPGV --keyring ,(in-srcdir "forged-keyring.gpg"))))
|
|
(error "verification succeeded but should not")))
|
|
'(msg_signed_asc))
|