1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
gnupg/tests/openpgp
Werner Koch 0a5a854510
gpg: Fix false negatives in Ed25519 signature verification.
* g10/pkglue.c (pk_verify): Fix Ed25519 signatrue values.
* tests/openpgp/verify.scm (msg_ed25519_rshort): New
(msg_ed25519_sshort): New.
("Checking that a valid Ed25519 signature is verified as such"): New.
--

About one out of 256 signature won't verify due to stripped zero
bytes.  See the source comment for details.

Reported-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-25 16:18:00 +02:00
..
privkeys tests: Add two more sample keys for OpenPGP. 2016-06-22 11:25:22 +02:00
samplekeys g10: Fix key import statistics. 2016-07-25 12:50:35 +02:00
samplemsgs common: Fix iobuf_peek corner case. 2016-07-26 18:37:37 +02:00
4gb-packet.asc common: Don't incorrectly reject 4 GB - 1 sized packets. 2015-08-21 14:21:13 +02:00
4gb-packet.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
4gb-packet.test tests: Use info and error instead of a plain echo. 2016-01-06 08:34:14 +01:00
armdetach.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
armdetach.test Ported changes from 1.4. 2007-10-25 09:06:21 +00:00
armdetachm.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
armdetachm.test Ported changes from 1.4. 2007-10-25 09:06:21 +00:00
armencrypt.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
armencrypt.test gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
armencryptp.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
armencryptp.test gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
armor.scm Fix spelling and grammar. 2016-08-03 16:54:01 +02:00
armor.test Fix spelling and grammar. 2016-08-03 16:54:01 +02:00
armsignencrypt.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
armsignencrypt.test gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
armsigs.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
armsigs.test Ported changes from 1.4. 2007-10-25 09:06:21 +00:00
bug537-test.data.asc Fix for bug 537 2006-10-02 11:54:35 +00:00
bug894-test.asc Fix a bug in the ambigious name detection. 2008-03-20 15:31:43 +00:00
bug1223-bogus.asc Fix for bug 1223 2010-05-07 13:13:56 +00:00
bug1223-good.asc Fix for bug 1223 2010-05-07 13:13:56 +00:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
clearsig.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
clearsig.test gpg: Remove options --pgp2 and --rfc1991. 2014-08-14 11:03:55 +02:00
conventional-mdc.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
conventional-mdc.test gpg: Try hard to use MDC also for sign+symenc. 2015-10-12 09:31:44 +02:00
conventional.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
conventional.test tests: Speed up conventional encryption tests for gpg. 2014-10-13 11:45:34 +02:00
decrypt-dsa.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
decrypt-dsa.test All tests work are again working 2010-10-14 16:34:31 +00:00
decrypt.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
decrypt.test All tests work are again working 2010-10-14 16:34:31 +00:00
default-key.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
default-key.test tests: Fix default key test. 2016-04-04 13:10:28 +02:00
defs.inc Now build "gpg" binary but install as "gpg2" 2016-04-04 18:40:25 +02:00
defs.scm tests: Add openpgp/gpgv-forged-keyring.scm. 2016-08-08 13:24:02 +09:00
detach.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
detach.test Ported changes from 1.4. 2007-10-25 09:06:21 +00:00
detachm.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
detachm.test Ported changes from 1.4. 2007-10-25 09:06:21 +00:00
ecc.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
ecc.test tests: Re-enable OpenPGP ecc test. 2014-08-18 12:55:54 +02:00
encrypt-dsa.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
encrypt-dsa.test gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
encrypt.scm gpg: New options --recipient-file and --hidden-recipient-file. 2016-07-06 15:35:19 +02:00
encrypt.test gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
encryptp.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
encryptp.test gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
export.scm tests/openpgp: Port the remaining tests to Scheme. 2016-06-21 16:22:11 +02:00
export.test g10: Export cleartext keys as cleartext 2016-06-11 11:18:58 +02:00
fake-pinentry.c tests: Add test for ssh support. 2016-07-19 16:38:21 +02:00
finish.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
finish.test All tests work are again working 2010-10-14 16:34:31 +00:00
forged-keyring.gpg tests: Add openpgp/gpgv-forged-keyring.scm. 2016-08-08 13:24:02 +09:00
genkey1024.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
genkey1024.test All tests work are again working 2010-10-14 16:34:31 +00:00
gpg-agent.conf.tmpl tests: Add test for ssh support. 2016-07-19 16:38:21 +02:00
gpg.conf.tmpl gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
gpgtar.scm tests: Check for gpgtar. 2016-07-15 11:59:57 +02:00
gpgtar.test tests: Silence output of some tests. 2016-05-03 11:26:06 +02:00
gpgv-forged-keyring.scm tests: Add openpgp/gpgv-forged-keyring.scm. 2016-08-08 13:24:02 +09:00
import.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
import.test gpg: Remove extra RSA import status line. 2014-10-13 15:08:58 +02:00
issue2015.scm agent: Fix passphrase cache lookups. 2016-07-18 12:51:38 +02:00
issue2346.scm g10: Fix key import statistics. 2016-07-25 12:50:35 +02:00
issue2417.scm tests: Fix distcheck. 2016-08-10 17:57:32 +02:00
issue2419.scm common: Fix iobuf_peek corner case. 2016-07-26 18:37:37 +02:00
Makefile.am g10: Fix opening of trust database. 2016-08-10 16:50:29 +02:00
mds.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
mds.test tests: Silence output of some tests. 2016-05-03 11:26:06 +02:00
mkdemodirs Now build "gpg" binary but install as "gpg2" 2016-04-04 18:40:25 +02:00
multisig.scm tests/openpgp: Improve tests. 2016-06-23 17:14:07 +02:00
multisig.test All tests work are again working 2010-10-14 16:34:31 +00:00
pgp263-test.pub.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
pgp263-test.sec.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
pinentry.sh Remove debug code from regression test pinentry 2011-02-10 20:54:37 +01:00
plain-1-pgp.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
plain-1.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
plain-1o.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
plain-2.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
plain-2o.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
plain-3.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
plain-3o.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
plain-largeo.asc tests/openpgp: Avoid dependency on source files. 2016-02-23 11:58:52 +01:00
pubdemo.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
pubring.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
pubring.pkr.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
quick-key-manipulation.test g10: Implement gpg --quick-revuid 2016-06-30 11:45:13 +02:00
README tests: Run each test in a clean environment. 2016-08-10 09:42:00 +02:00
run-tests.scm tests: Improve temporary directory handling. 2016-08-10 11:59:42 +02:00
seat.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
seat.test gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
secdemo.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
secring.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
secring.skr.asc Migrated more stuff to doc/ 2006-08-21 20:20:23 +00:00
setup.scm common: Fix iobuf_peek corner case. 2016-07-26 18:37:37 +02:00
signdemokey Now build "gpg" binary but install as "gpg2" 2016-04-04 18:40:25 +02:00
signencrypt-dsa.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
signencrypt-dsa.test gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
signencrypt.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
signencrypt.test gpg: Allow building without any trust model support. 2014-02-10 17:46:40 +01:00
sigs-dsa.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
sigs-dsa.test tests: Handle disabled algorithms. 2014-02-10 10:41:48 +01:00
sigs.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
sigs.test Do not mix test result with progress lines. 2012-04-05 20:36:04 +02:00
ssh.scm tests: Make ssh test more robust. 2016-08-10 07:58:24 +02:00
tofu-2183839A-1.txt g10: Add TOFU support. 2015-10-18 18:45:40 +02:00
tofu-BC15C85A-1.txt g10: Add TOFU support. 2015-10-18 18:45:40 +02:00
tofu-EE37CF96-1.txt g10: Add TOFU support. 2015-10-18 18:45:40 +02:00
tofu-keys-secret.asc g10: Add TOFU support. 2015-10-18 18:45:40 +02:00
tofu-keys.asc g10: Add TOFU support. 2015-10-18 18:45:40 +02:00
tofu.scm gpg: New option --with-tofu-info. 2016-08-25 09:37:56 +02:00
tofu.test tests/openpgp: Fake the system time for the tofu test. 2016-06-23 17:42:30 +02:00
use-exact-key.scm tests/openpgp: Reimplement tests in Scheme. 2016-06-17 11:57:12 +02:00
use-exact-key.test tests/openpgp: Make tests more portable. 2016-03-02 17:59:38 +01:00
verify.scm gpg: Fix false negatives in Ed25519 signature verification. 2016-08-25 16:18:00 +02:00
verify.test Ported changes from 1.4. 2007-10-25 09:06:21 +00:00
version.scm gpgscm: Capture output of spawned processes. 2016-07-07 16:18:10 +02:00
version.test tests: Silence output of some tests. 2016-05-03 11:26:06 +02:00

#                                   Emacs, this is an -*- org -*- file.

* How to run the test suite
** using the legacy driver
On POSIX you can just use

  $ make -C tests/openpgp check

or

  $ make -C tests/openpgp check XTESTS="setup.scm your-test.scm finish.scm"

as before.
** using the Scheme driver
This is a bit tricky because one needs to manually set some
environment variables.  We should make that easier.  See discussion
below.  From your build directory, do:

  obj $ srcdir=<path to>/tests/openpgp \
        GPGSCM_PATH=<path to>/tests/gpgscm:<path to>/tests/openpgp \
        $(pwd)/tests/gpgscm/gpgscm [gpgscm args] \
        run-tests.scm [test suite runner args]

*** Arguments supported by the test suite runner
The test suite runner supports four modes of operation,
{sequential,parallel}x{isolated,shared}.  You can select the mode of
operation using a combination of the flags --parallel, --sequential,
--shared, and --isolated.

By default the tests are run in sequential order, each one in a clean
environment.

You can specify the tests to run as positional arguments relative to
srcdir (e.g. just 'version.scm').  By default all tests listed in
run-tests.scm are executed.  Note that you do not have to specify
setup.scm and finish.scm, they are executed implicitly.

The test suite runner can be executed in any location that the current
user can write to.  It will create temporary files and directories,
but will in general clean up all of them.
*** Discussion of the various environment variables
**** srcdir
Must be set to the source of the openpgp test suite.  Used to locate
data files.
**** GPGSCM_PATH
Used to locate the Scheme library as well as code used by the test
suite.
**** BIN_PREFIX
The test suite does not hardcode any paths to tools.  If set it is
used to locate the tools to test, otherwise the test suite assumes to
be run from the build directory.
**** MKTDATA and GPG_PRESET_PASSPHRASE
These two tools are not installed by 'make install', hence we need to
explicitly override their position.  In fact, the location of any tool
used by the test suite can be overridden this way.  See defs.scm.
**** argv[0]
run-tests.scm depends on being able to re-exec gpgscm.  It uses
argv[0] for that.  Therefore you must use an absolute path to invoke
gpgscm.
* How to write tests
gpgscm provides a number of functions to aid you in writing tests, as
well as bindings to process management abstractions provided by GnuPG.
For the Scheme environment provided by TinySCHEME, see the TinySCHEME
manual that is included in tests/gpgscm/Manual.txt.

For a quick start, please have a look at various tests that are
already implemented, e.g. 'encrypt.scm'.
** The test framework
The functions info, error, and skip display their first argument and
flush the output buffers.  error and skip will also terminate the
process, signaling that the test failed or should be skipped.

(for-each-p msg proc list) will display msg, and call proc with each
element of list while displaying the progress appropriately.
for-each-p' is similar, but accepts another callback before the 'list'
argument to format each item.  for-each-p can be safely nested, and
the inner progress indicator will be abbreviated using '.'.
** Temporary files
(lettmp <bindings> <body>) will create and delete temporary files that
you can use in <body>.  (with-temporary-working-directory <body>) will
create a temporary director, change to that, and clean it up after
executing <body>).

make-temporary-file will create a temporary file.  You can optionally
provide an argument to that function that will serve as tag so you can
distinguish the files for debugging.  remove-temporary-file will
delete a file created using make-temporary-file.

** Monadic transformer and pipe support
Tests often perform sequential transformations on files, or connect
processes using pipes.  To aid you in this, the test framework
provides two monadic data structures.

(Currently, the implementation mashes the 'bind' operation together
with the application of the monad.  Also, there is no 'return'
operation.  I guess all of that could be implemented on top of
call/cc, but it isn't at the moment.)
*** pipe
The pipe monad constructs pipe lines.  It consists of a function
pipe:do that binds the functions together and manages the execution of
the child processes, a family of functions that act as sources, a
function to spawn processes, and a family of functions acting as
sinks.

Sources are pipe:open, pipe:defer, pipe:echo.  To spawn a process use
pipe:spawn, or the convenience function pipe:gpg.  To sink the data
use pipe:splice, or pipe:write-to.

Example:

  (pipe:do
    (pipe:echo "3\n1\n2\n")
    (pipe:spawn '("/usr/bin/sort"))
    (pipe:write-to "sorted" (logior O_WRONLY O_CREAT) #o600))

Caveats: Due to the single-threaded nature of gpgscm you cannot use
both a source and sink that is implemented in Scheme.  pipe:defer and
pipe:echo are executing in gpgscm, and so does pipe:splice.
*** tr
The transformer monad describes sequential file transformations.

There is one source function, tr:open.  To describe a transformation
using some process, use tr:spawn, tr:gpg, or tr:pipe-do.  There are
several sinks, although sink is not quite the right term, because the
data is not consumed, and hence one can use them at any position.  The
"sinks" are tr:write-to, tr:call-with-content, tr:assert-identity, and
tr:assert-weak-identity.

A somewhat contrived example demonstrating many functions is:

  (tr:do
    (tr:pipe-do
      (pipe:echo "3\n1\n2\n")
      (pipe:spawn '("/usr/bin/sort")))
    (tr:write-to "reference")
    (tr:call-with-content
     (lambda (c)
       (echo "currently, c contains" (string-length c) "bytes")))
    (tr:spawn "" '("/usr/bin/gcc" -x c "-E" -o **out** **in**))
    (tr:pipe-do
      (pipe:spawn '("/bin/grep" -v "#")))
    (tr:assert-identity "reference"))

Caveats: As a convenience, gpgscm allows one to specify command line
arguments as Scheme symbols.  Scheme symbols, however, are
case-insensitive, and get converted to lower case.  Therefore, the -E
argument must be given as a string in the example above.  Similarly,
you need to quote numerical values.
** Process management
If you just need to execute a single command, there is (call-with-fds
cmdline infd outfd errfd) which executes cmdline with the given file
descriptors bound to it, and waits for its completion returning the
status code.  There is (call cmdline) which is similar, but calls the
command with a closed stdin, connecting stdout and stderr to stderr if
gpgscm is executed with --verbose.  (call-check cmdline) raises an
exception if the command does not return 0.

(call-popen cmdline input) calls a command, writes input to its stdin,
and returns any output from stdout, or raises an exception containing
stderr on failure.
* Sample messages