From 26ec59fdbd2535ff20eaeedab559b8648505c8ca Mon Sep 17 00:00:00 2001 From: Marcus Brinkmann Date: Tue, 29 Apr 2003 20:51:25 +0000 Subject: [PATCH] 2003-04-29 Marcus Brinkmann * gpg/t-verify.c (main): Rewritten. * gpg/t-decrypt-verify.c: Rewritten. * gpgsm/t-verify.c (main): Rewritten. --- tests/ChangeLog | 6 + tests/gpg/t-decrypt-verify.c | 198 +++++++++++++-------- tests/gpg/t-verify.c | 336 ++++++++++++----------------------- tests/gpgsm/t-verify.c | 305 +++++++++++-------------------- 4 files changed, 343 insertions(+), 502 deletions(-) diff --git a/tests/ChangeLog b/tests/ChangeLog index 11cd38c..187f703 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,9 @@ +2003-04-29 Marcus Brinkmann + + * gpg/t-verify.c (main): Rewritten. + * gpg/t-decrypt-verify.c: Rewritten. + * gpgsm/t-verify.c (main): Rewritten. + 2003-04-28 Marcus Brinkmann * gpgsm/t-decrypt.c (main): Rewritten. diff --git a/tests/gpg/t-decrypt-verify.c b/tests/gpg/t-decrypt-verify.c index f7bbbbd..2cb7f72 100644 --- a/tests/gpg/t-decrypt-verify.c +++ b/tests/gpg/t-decrypt-verify.c @@ -1,4 +1,4 @@ -/* t-decrypt-verify.c - regression test +/* t-decrypt-verify.c - Regression test. Copyright (C) 2000 Werner Koch (dd9jn) Copyright (C) 2001, 2002, 2003 g10 Code GmbH @@ -18,40 +18,38 @@ along with GPGME; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -#include #include +#include #include -#include #include #include -struct passphrase_cb_info_s -{ - GpgmeCtx c; - int did_it; -}; - - -#define fail_if_err(a) do { if(a) { int my_errno = errno; \ - fprintf (stderr, "%s:%d: GpgmeError %s\n", \ - __FILE__, __LINE__, gpgme_strerror(a)); \ - if ((a) == GPGME_File_Error) \ - fprintf (stderr, "\terrno=`%s'\n", strerror (my_errno)); \ - exit (1); } \ - } while(0) + +#define fail_if_err(err) \ + do \ + { \ + if (err) \ + { \ + fprintf (stderr, "%s:%d: GpgmeError %s\n", \ + __FILE__, __LINE__, gpgme_strerror (err)); \ + exit (1); \ + } \ + } \ + while (0) static void print_data (GpgmeData dh) { - char buf[100]; +#define BUF_SIZE 512 + char buf[BUF_SIZE + 1]; int ret; ret = gpgme_data_seek (dh, 0, SEEK_SET); if (ret) fail_if_err (GPGME_File_Error); - while ((ret = gpgme_data_read (dh, buf, 100)) > 0) + while ((ret = gpgme_data_read (dh, buf, BUF_SIZE)) > 0) fwrite (buf, ret, 1, stdout); if (ret < 0) fail_if_err (GPGME_File_Error); @@ -59,23 +57,19 @@ print_data (GpgmeData dh) static GpgmeError -passphrase_cb (void *opaque, const char *desc, - void **r_hd, const char **result) +passphrase_cb (void *opaque, const char *desc, void **hd, const char **result) { + /* Cleanup by looking at *hd. */ if (!desc) - /* Cleanup by looking at *r_hd. */ return 0; *result = "abc"; - fprintf (stderr, "%% requesting passphrase for `%s': ", desc); - fprintf (stderr, "sending `%s'\n", *result); - return 0; } static char * -mk_fname (const char *fname) +make_filename (const char *fname) { const char *srcdir = getenv ("srcdir"); char *buf; @@ -84,69 +78,117 @@ mk_fname (const char *fname) srcdir = "."; buf = malloc (strlen(srcdir) + strlen(fname) + 2); if (!buf) - exit (8); + { + fprintf (stderr, "%s:%d: could not allocate string: %s\n", + __FILE__, __LINE__, strerror (errno)); + exit (1); + } strcpy (buf, srcdir); strcat (buf, "/"); strcat (buf, fname); return buf; } -int -main (int argc, char **argv) + +static void +check_verify_result (GpgmeVerifyResult result, int summary, char *fpr, + GpgmeError status) { - GpgmeCtx ctx; - GpgmeError err; - GpgmeData in, out, pwdata = NULL; - struct passphrase_cb_info_s info; - const char *cipher_2_asc = mk_fname ("cipher-2.asc"); - GpgmeSigStat status; - char *p; + GpgmeSignature sig; - do + sig = result->signatures; + if (!sig || sig->next) + { + fprintf (stderr, "%s:%i: Unexpected number of signatures\n", + __FILE__, __LINE__); + exit (1); + } + if (sig->summary != summary) + { + fprintf (stderr, "%s:%i: Unexpected signature summary: 0x%x\n", + __FILE__, __LINE__, sig->summary); + exit (1); + } + if (strcmp (sig->fpr, fpr)) { - err = gpgme_new (&ctx); - fail_if_err (err); - - p = getenv("GPG_AGENT_INFO"); - if (!(p && strchr (p, ':'))) - { - memset (&info, 0, sizeof info); - info.c = ctx; - gpgme_set_passphrase_cb (ctx, passphrase_cb, &info); - } - - err = gpgme_data_new_from_file (&in, cipher_2_asc, 1); - fail_if_err (err); - - err = gpgme_data_new (&out); - fail_if_err (err); - - err = gpgme_op_decrypt_verify (ctx, in, out); - fail_if_err (err); - - fflush (NULL); - fputs ("Begin Result:\n", stdout); - print_data (out); - fputs ("End Result.\n", stdout); - - if (!gpgme_get_sig_status (ctx, 0, &status, NULL)) - { - fprintf (stderr, "Signature check failed unexpectedly.\n"); - exit (1); - } - if (status != GPGME_SIG_STAT_GOOD) - { - fprintf (stderr, "Signature check failed unexpectedly.\n"); - exit (1); - } - - gpgme_data_release (in); - gpgme_data_release (out); - gpgme_data_release (pwdata); - gpgme_release (ctx); + fprintf (stderr, "%s:%i: Unexpected fingerprint: %s\n", + __FILE__, __LINE__, sig->fpr); + exit (1); } - while (argc > 1 && !strcmp (argv[1], "--loop")); + if (sig->status != status) + { + fprintf (stderr, "%s:%i: Unexpected signature status: %s\n", + __FILE__, __LINE__, gpgme_strerror (sig->status)); + exit (1); + } + if (sig->notations) + { + fprintf (stderr, "%s:%i: Unexpected notation data\n", + __FILE__, __LINE__); + exit (1); + } + if (sig->wrong_key_usage) + { + fprintf (stderr, "%s:%i: Unexpectedly wrong key usage\n", + __FILE__, __LINE__); + exit (1); + } + if (sig->validity != GPGME_VALIDITY_UNKNOWN) + { + fprintf (stderr, "%s:%i: Unexpected validity: %i\n", + __FILE__, __LINE__, sig->validity); + exit (1); + } + if (sig->validity_reason != GPGME_No_Error) + { + fprintf (stderr, "%s:%i: Unexpected validity reason: %s\n", + __FILE__, __LINE__, gpgme_strerror (sig->validity_reason)); + exit (1); + } +} + +int +main (int argc, char *argv[]) +{ + GpgmeCtx ctx; + GpgmeError err; + GpgmeData in, out; + GpgmeDecryptResult decrypt_result; + GpgmeVerifyResult verify_result; + const char *cipher_2_asc = make_filename ("cipher-2.asc"); + char *agent_info; + + err = gpgme_new (&ctx); + fail_if_err (err); + + agent_info = getenv("GPG_AGENT_INFO"); + if (!(agent_info && strchr (agent_info, ':'))) + gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL); + + err = gpgme_data_new_from_file (&in, cipher_2_asc, 1); + fail_if_err (err); + err = gpgme_data_new (&out); + fail_if_err (err); + + err = gpgme_op_decrypt_verify (ctx, in, out); + fail_if_err (err); + decrypt_result = gpgme_op_decrypt_result (ctx); + if (decrypt_result->unsupported_algorithm) + { + fprintf (stderr, "%s:%i: unsupported algorithm: %s\n", + __FILE__, __LINE__, decrypt_result->unsupported_algorithm); + exit (1); + } + print_data (out); + verify_result = gpgme_op_verify_result (ctx); + check_verify_result (verify_result, 0, + "A0FF4590BB6122EDEF6E3C542D727CC768697734", + GPGME_No_Error); + + gpgme_data_release (in); + gpgme_data_release (out); + gpgme_release (ctx); return 0; } diff --git a/tests/gpg/t-verify.c b/tests/gpg/t-verify.c index 7b5bc36..28b4304 100644 --- a/tests/gpg/t-verify.c +++ b/tests/gpg/t-verify.c @@ -1,6 +1,6 @@ -/* t-verify.c - regression test +/* t-verify.c - Regression test. Copyright (C) 2000 Werner Koch (dd9jn) - Copyright (C) 2001, 2002 g10 Code GmbH + Copyright (C) 2001, 2002, 2003 g10 Code GmbH This file is part of GPGME. @@ -18,13 +18,26 @@ along with GPGME; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -#include #include +#include #include -#include #include + +#define fail_if_err(err) \ + do \ + { \ + if (err) \ + { \ + fprintf (stderr, "%s:%d: GpgmeError %s\n", \ + __FILE__, __LINE__, gpgme_strerror (err)); \ + exit (1); \ + } \ + } \ + while (0) + + static const char test_text1[] = "Just GNU it!\n"; static const char test_text1f[]= "Just GNU it?\n"; static const char test_sig1[] = @@ -68,246 +81,127 @@ static const char test_sig2[] = "-----END PGP MESSAGE-----\n"; -#define fail_if_err(a) do { if(a) { \ - fprintf (stderr, "%s:%d: GpgmeError %s\n", \ - __FILE__, __LINE__, gpgme_strerror(a)); \ - exit (1); } \ - } while(0) - - -static const char * -status_string (GpgmeSigStat status) +static void +check_result (GpgmeVerifyResult result, int summary, char *fpr, + GpgmeError status, int notation) { - const char *s = "?"; + GpgmeSignature sig; - switch ( status ) { - case GPGME_SIG_STAT_NONE: - s = "None"; - break; - case GPGME_SIG_STAT_NOSIG: - s = "No Signature"; - break; - case GPGME_SIG_STAT_GOOD: - s = "Good"; - break; - case GPGME_SIG_STAT_GOOD_EXP: - s = "Good but expired"; - break; - case GPGME_SIG_STAT_GOOD_EXPKEY: - s = "Good but key exipired"; - break; - case GPGME_SIG_STAT_BAD: - s = "Bad"; - break; - case GPGME_SIG_STAT_NOKEY: - s = "No Key"; - break; - case GPGME_SIG_STAT_ERROR: - s = "Error"; - break; - case GPGME_SIG_STAT_DIFF: - s = "More than one signature"; - break; + sig = result->signatures; + if (!sig || sig->next) + { + fprintf (stderr, "%s:%i: Unexpected number of signatures\n", + __FILE__, __LINE__); + exit (1); } - return s; -} - - -static const char * -validity_string (GpgmeValidity val) -{ - const char *s = "?"; - - switch (val) + if (sig->summary != summary) { - case GPGME_VALIDITY_UNKNOWN: s = "unknown"; break; - case GPGME_VALIDITY_NEVER: s = "not trusted"; break; - case GPGME_VALIDITY_MARGINAL:s = "marginal trusted"; break; - case GPGME_VALIDITY_FULL: s = "fully trusted"; break; - case GPGME_VALIDITY_UNDEFINED: - case GPGME_VALIDITY_ULTIMATE: - break; + fprintf (stderr, "%s:%i: Unexpected signature summary: 0x%x\n", + __FILE__, __LINE__, sig->summary); + exit (1); } - return s; -} - - -static void -print_sig_stat (GpgmeCtx ctx, GpgmeSigStat status) -{ - const char *s; - time_t created; - int idx; - GpgmeKey key; - - printf ("Verification Status: %s\n", status_string (status)); - - for (idx = 0; (s = gpgme_get_sig_status (ctx, idx, &status, &created)); idx++) + if (strcmp (sig->fpr, fpr)) { - printf ("sig %d: created: %lu expires: %lu status: %s\n", - idx, (unsigned long) created, - gpgme_get_sig_ulong_attr (ctx, idx, GPGME_ATTR_EXPIRE, 0), - status_string (status)); - printf ("sig %d: fpr/keyid: `%s' validity: %s\n", - idx, s, - validity_string (gpgme_get_sig_ulong_attr - (ctx, idx, GPGME_ATTR_VALIDITY, 0))); - if (!gpgme_get_sig_key (ctx, idx, &key)) + fprintf (stderr, "%s:%i: Unexpected fingerprint: %s\n", + __FILE__, __LINE__, sig->fpr); + exit (1); + } + if (sig->status != status) + { + fprintf (stderr, "%s:%i: Unexpected signature status: %s\n", + __FILE__, __LINE__, gpgme_strerror (sig->status)); + exit (1); + } + if (notation) + { + if (!sig->notations + || strcmp (sig->notations->name, "bar") + || strcmp (sig->notations->value, "\xc3\xb6\xc3\xa4\xc3\xbc\xc3\x9f" + " das waren Umlaute und jetzt ein prozent%-Zeichen") + || !sig->notations->next + || strcmp (sig->notations->next->name, "foobar.1") + || strcmp (sig->notations->next->value, + "this is a notation data with 2 lines") + || !sig->notations->next->next + || sig->notations->next->next->name != NULL + || strcmp (sig->notations->next->next->value, + "http://www.gu.org/policy/") + || sig->notations->next->next->next) { - char *p = gpgme_key_get_as_xml (key); - printf ("sig %d: key object:\n%s\n", idx, p); - free (p); - gpgme_key_release (key); - } + fprintf (stderr, "%s:%i: Unexpected notation data\n", + __FILE__, __LINE__); + exit (1); + } + } + if (sig->wrong_key_usage) + { + fprintf (stderr, "%s:%i: Unexpectedly wrong key usage\n", + __FILE__, __LINE__); + exit (1); + } + if (sig->validity != GPGME_VALIDITY_UNKNOWN) + { + fprintf (stderr, "%s:%i: Unexpected validity: %i\n", + __FILE__, __LINE__, sig->validity); + exit (1); + } + if (sig->validity_reason != GPGME_No_Error) + { + fprintf (stderr, "%s:%i: Unexpected validity reason: %s\n", + __FILE__, __LINE__, gpgme_strerror (sig->validity_reason)); + exit (1); } } + int main (int argc, char *argv[]) { GpgmeCtx ctx; GpgmeError err; GpgmeData sig, text; - GpgmeSigStat status; GpgmeVerifyResult result; - GpgmeSigNotation notation; - char *nota; - int n = 0; - size_t len; - int j; err = gpgme_new (&ctx); fail_if_err (err); - do - { - err = gpgme_data_new_from_mem (&text, - test_text1, strlen (test_text1), 0); - fail_if_err (err); -#if 1 - err = gpgme_data_new_from_mem (&sig, - test_sig1, strlen (test_sig1), 0); -#else - err = gpgme_data_new_from_file (&sig, "xx1", 1); -#endif - fail_if_err (err); - - puts ("checking a valid message:\n"); - err = gpgme_op_verify (ctx, sig, text, NULL); - fail_if_err (err); - if (!gpgme_get_sig_status (ctx, 0, &status, NULL)) - { - fprintf (stderr, "%s:%d: No signature\n", __FILE__, __LINE__); - exit (1); - } - print_sig_stat (ctx, status); - if (status != GPGME_SIG_STAT_GOOD) - { - fprintf (stderr, "%s:%d: Wrong sig stat\n", __FILE__, __LINE__); - exit (1); - } + /* Checking a valid message. */ + err = gpgme_data_new_from_mem (&text, test_text1, strlen (test_text1), 0); + fail_if_err (err); + err = gpgme_data_new_from_mem (&sig, test_sig1, strlen (test_sig1), 0); + fail_if_err (err); + err = gpgme_op_verify (ctx, sig, text, NULL); + fail_if_err (err); + result = gpgme_op_verify_result (ctx); + check_result (result, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734", + GPGME_No_Error, 1); - result = gpgme_op_verify_result (ctx); - notation = result->signatures->notations; - if (notation) - { - printf ("---Begin Notation---\n"); - while (notation) - { - if (notation->name) - printf ("%s: %s\n", notation->name, notation->value); - else - printf ("Policy URL: %s\n", notation->value); - notation = notation->next; - } - printf ("---End Notation---\n"); - } - - puts ("checking a manipulated message:\n"); - gpgme_data_release (text); - err = gpgme_data_new_from_mem (&text, - test_text1f, strlen (test_text1f), 0); - fail_if_err (err); - gpgme_data_rewind (sig); - err = gpgme_op_verify (ctx, sig, text, NULL); - fail_if_err (err); - if (!gpgme_get_sig_status (ctx, 0, &status, NULL)) - { - fprintf (stderr, "%s:%d: No signature\n", __FILE__, __LINE__); - exit (1); - } - print_sig_stat (ctx, status); - if (status != GPGME_SIG_STAT_BAD) - { - fprintf (stderr, "%s:%d: Wrong sig stat\n", __FILE__, __LINE__); - exit (1); - } - result = gpgme_op_verify_result (ctx); - notation = result->signatures->notations; - if (notation) - { - printf ("---Begin Notation---\n"); - while (notation) - { - if (notation->name) - printf ("%s: %s\n", notation->name, notation->value); - else - printf ("Policy URL: %s\n", notation->value); - notation = notation->next; - } - printf ("---End Notation---\n"); - } - - puts ("checking a normal signature:"); - gpgme_data_release (sig); - gpgme_data_release (text); - err = gpgme_data_new_from_mem (&sig, test_sig2, strlen (test_sig2), 0); - fail_if_err (err); - err = gpgme_data_new (&text); - fail_if_err (err); - err = gpgme_op_verify (ctx, sig, NULL, text); - fail_if_err (err); - if (!gpgme_get_sig_status (ctx, 0, &status, NULL)) - { - fprintf (stderr, "%s:%d: No signature\n", __FILE__, __LINE__); - exit (1); - } - - nota = gpgme_data_release_and_get_mem (text, &len); - for (j = 0; j < len; j++) - putchar (nota[j]); - if (strncmp (nota, test_text1, strlen (test_text1))) - { - fprintf (stderr, "%s:%d: Wrong plaintext\n", __FILE__, __LINE__); - exit (1); - } - - print_sig_stat (ctx, status); - if (status != GPGME_SIG_STAT_GOOD) - { - fprintf (stderr, "%s:%d: Wrong sig stat\n", __FILE__, __LINE__); - exit (1); - } - result = gpgme_op_verify_result (ctx); - notation = result->signatures->notations; - if (notation) - { - printf ("---Begin Notation---\n"); - while (notation) - { - if (notation->name) - printf ("%s: %s\n", notation->name, notation->value); - else - printf ("Policy URL: %s\n", notation->value); - notation = notation->next; - } - printf ("---End Notation---\n"); - } - - gpgme_data_release (sig); - } - while (argc > 1 && !strcmp (argv[1], "--loop") && ++n < 20); + /* Checking a manipulated message. */ + gpgme_data_release (text); + err = gpgme_data_new_from_mem (&text, test_text1f, strlen (test_text1f), 0); + fail_if_err (err); + gpgme_data_rewind (sig); + err = gpgme_op_verify (ctx, sig, text, NULL); + fail_if_err (err); + result = gpgme_op_verify_result (ctx); + check_result (result, GPGME_SIGSUM_RED, "2D727CC768697734", + GPGME_Bad_Signature, 0); + + /* Checking a normal signature. */ + gpgme_data_release (sig); + gpgme_data_release (text); + err = gpgme_data_new_from_mem (&sig, test_sig2, strlen (test_sig2), 0); + fail_if_err (err); + err = gpgme_data_new (&text); + fail_if_err (err); + err = gpgme_op_verify (ctx, sig, NULL, text); + fail_if_err (err); + result = gpgme_op_verify_result (ctx); + check_result (result, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734", + GPGME_No_Error, 0); + gpgme_data_release (sig); + gpgme_data_release (text); gpgme_release (ctx); return 0; } diff --git a/tests/gpgsm/t-verify.c b/tests/gpgsm/t-verify.c index 282cf2b..48e0ce9 100644 --- a/tests/gpgsm/t-verify.c +++ b/tests/gpgsm/t-verify.c @@ -1,6 +1,6 @@ -/* t-verify.c - regression test +/* t-verify.c - Regression test. Copyright (C) 2000 Werner Koch (dd9jn) - Copyright (C) 2001, 2002 g10 Code GmbH + Copyright (C) 2001, 2002, 2003 g10 Code GmbH This file is part of GPGME. @@ -18,13 +18,26 @@ along with GPGME; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -#include #include +#include #include -#include #include + +#define fail_if_err(err) \ + do \ + { \ + if (err) \ + { \ + fprintf (stderr, "%s:%d: GpgmeError %s\n", \ + __FILE__, __LINE__, gpgme_strerror (err)); \ + exit (1); \ + } \ + } \ + while (0) + + static const char test_text1[] = "Hallo Leute!\n"; static const char test_text1f[]= "Hallo Leute?\n"; static const char test_sig1[] = @@ -39,217 +52,103 @@ static const char test_sig1[] = "MYdRclgjObCcoilA8fZ13VR4DiMJVFCxJL4qVWI=\n" "-----END CMS OBJECT-----\n"; -#define fail_if_err(a) do { if(a) { \ - fprintf (stderr, "%s:%d: GpgmeError %s\n", \ - __FILE__, __LINE__, gpgme_strerror(a)); \ - exit (1); } \ - } while(0) - -static const char * -status_string (GpgmeSigStat status) +static void +check_result (GpgmeVerifyResult result, int summary, char *fpr, + GpgmeError status, GpgmeValidity validity) { - const char *s = "?"; + GpgmeSignature sig; - switch ( status ) { - case GPGME_SIG_STAT_NONE: - s = "None"; - break; - case GPGME_SIG_STAT_NOSIG: - s = "No Signature"; - break; - case GPGME_SIG_STAT_GOOD: - s = "Good"; - break; - case GPGME_SIG_STAT_GOOD_EXP: - s = "Good but expired"; - break; - case GPGME_SIG_STAT_GOOD_EXPKEY: - s = "Good but key exipired"; - break; - case GPGME_SIG_STAT_BAD: - s = "Bad"; - break; - case GPGME_SIG_STAT_NOKEY: - s = "No Key"; - break; - case GPGME_SIG_STAT_ERROR: - s = "Error"; - break; - case GPGME_SIG_STAT_DIFF: - s = "More than one signature"; - break; + sig = result->signatures; + if (!sig || sig->next) + { + fprintf (stderr, "%s:%i: Unexpected number of signatures\n", + __FILE__, __LINE__); + exit (1); } - return s; -} - -static const char * -validity_string (GpgmeValidity val) -{ - const char *s = "?"; - - switch (val) + if (sig->summary != summary) { - case GPGME_VALIDITY_UNKNOWN: s = "unknown"; break; - case GPGME_VALIDITY_NEVER: s = "not trusted"; break; - case GPGME_VALIDITY_MARGINAL:s = "marginal trusted"; break; - case GPGME_VALIDITY_FULL: s = "fully trusted"; break; - case GPGME_VALIDITY_UNDEFINED: - case GPGME_VALIDITY_ULTIMATE: - break; + fprintf (stderr, "%s:%i: Unexpected signature summary: 0x%x\n", + __FILE__, __LINE__, sig->summary); + exit (1); } - return s; -} - - -static void -print_sig_stat ( GpgmeCtx ctx, GpgmeSigStat status ) -{ - const char *s; - time_t created; - int idx; - GpgmeKey key; - - printf ("Verification Status: %s\n", status_string (status)); - - for (idx=0; (s=gpgme_get_sig_status (ctx, idx, &status, &created)); idx++ ) + if (strcmp (sig->fpr, fpr)) { - unsigned long sum; - - printf ("sig %d: created: %lu expires: %lu status: %s\n", - idx, (unsigned long)created, - gpgme_get_sig_ulong_attr (ctx, idx, GPGME_ATTR_EXPIRE, 0), - status_string(status) ); - printf ("sig %d: fpr/keyid: `%s' exterr: `%s' validity: %s\n", - idx, s, - gpgme_get_sig_string_attr (ctx, idx, GPGME_ATTR_ERRTOK, 0), - validity_string (gpgme_get_sig_ulong_attr - (ctx, idx, GPGME_ATTR_VALIDITY, 0)) ); - - sum = gpgme_get_sig_ulong_attr (ctx, idx, GPGME_ATTR_SIG_SUMMARY, 0); - fputs ("summary:", stdout); - if ((sum & GPGME_SIGSUM_VALID)) - fputs (" valid", stdout); - if ((sum & GPGME_SIGSUM_GREEN)) - fputs (" green", stdout); - if ((sum & GPGME_SIGSUM_RED)) - fputs (" red", stdout); - if ((sum & GPGME_SIGSUM_KEY_REVOKED)) - fputs (" keyRevoked", stdout); - if ((sum & GPGME_SIGSUM_KEY_EXPIRED)) - fputs (" keyExpired", stdout); - if ((sum & GPGME_SIGSUM_SIG_EXPIRED)) - fputs (" sigExpired", stdout); - if ((sum & GPGME_SIGSUM_KEY_MISSING)) - fputs (" keyMissing", stdout); - if ((sum & GPGME_SIGSUM_CRL_MISSING)) - fputs (" crlMissing", stdout); - if ((sum & GPGME_SIGSUM_CRL_TOO_OLD)) - fputs (" crlTooOld", stdout); - if ((sum & GPGME_SIGSUM_BAD_POLICY)) - fputs (" badPolicy", stdout); - if ((sum & GPGME_SIGSUM_SYS_ERROR)) - fputs (" sysError", stdout); - putchar ('\n'); - - if ( !gpgme_get_sig_key (ctx, idx, &key) ) - { - char *p = gpgme_key_get_as_xml ( key ); - printf ("sig %d: key object:\n%s\n", idx, p ); - free (p); - gpgme_key_release (key); - } + fprintf (stderr, "%s:%i: Unexpected fingerprint: %s\n", + __FILE__, __LINE__, sig->fpr); + exit (1); + } + if (sig->status != status) + { + fprintf (stderr, "%s:%i: Unexpected signature status: %s\n", + __FILE__, __LINE__, gpgme_strerror (sig->status)); + exit (1); + } + if (sig->notations) + { + fprintf (stderr, "%s:%i: Unexpected notation data\n", + __FILE__, __LINE__); + exit (1); + } + if (sig->wrong_key_usage) + { + fprintf (stderr, "%s:%i: Unexpectedly wrong key usage\n", + __FILE__, __LINE__); + exit (1); + } + if (sig->validity != validity) + { + fprintf (stderr, "%s:%i: Unexpected validity: %i\n", + __FILE__, __LINE__, sig->validity); + exit (1); + } + if (sig->validity_reason != GPGME_No_Error) + { + fprintf (stderr, "%s:%i: Unexpected validity reason: %s\n", + __FILE__, __LINE__, gpgme_strerror (sig->validity_reason)); + exit (1); } } + int -main (int argc, char **argv ) +main (int argc, char **argv) { - GpgmeCtx ctx; - GpgmeError err; - GpgmeData sig, text; - GpgmeSigStat status; - GpgmeVerifyResult result; - GpgmeSigNotation notation; - char *nota; - int n = 0; - - err = gpgme_new (&ctx); - fail_if_err (err); - gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); - - do { - err = gpgme_data_new_from_mem ( &text, - test_text1, strlen (test_text1), 0 ); - fail_if_err (err); - err = gpgme_data_new_from_mem ( &sig, - test_sig1, strlen (test_sig1), 0 ); - fail_if_err (err); - - puts ("checking a valid message:\n"); - err = gpgme_op_verify (ctx, sig, text, NULL); - fail_if_err (err); - if (!gpgme_get_sig_status (ctx, 0, &status, NULL)) - { - fprintf (stderr, "%s:%d: No signature\n", __FILE__, __LINE__); - exit (1); - } - print_sig_stat (ctx, status); - - result = gpgme_op_verify_result (ctx); - notation = result->signatures->notations; - if (notation) - { - printf ("---Begin Notation---\n"); - while (notation) - { - if (notation->name) - printf ("%s: %s\n", notation->name, notation->value); - else - printf ("Policy URL: %s\n", notation->value); - notation = notation->next; - } - printf ("---End Notation---\n"); - } - - puts ("checking a manipulated message:\n"); - gpgme_data_release (text); - err = gpgme_data_new_from_mem ( &text, - test_text1f, strlen (test_text1f), 0); - fail_if_err (err); - gpgme_data_rewind ( sig ); - err = gpgme_op_verify (ctx, sig, text, NULL); - fail_if_err (err); - if (!gpgme_get_sig_status (ctx, 0, &status, NULL)) - { - fprintf (stderr, "%s:%d: No signature\n", __FILE__, __LINE__); - exit (1); - } - print_sig_stat (ctx, status); - - result = gpgme_op_verify_result (ctx); - notation = result->signatures->notations; - if (notation) - { - printf ("---Begin Notation---\n"); - while (notation) - { - if (notation->name) - printf ("%s: %s\n", notation->name, notation->value); - else - printf ("Policy URL: %s\n", notation->value); - notation = notation->next; - } - printf ("---End Notation---\n"); - } - - gpgme_data_release (sig); - gpgme_data_release (text); - - } while ( argc > 1 && !strcmp( argv[1], "--loop" ) && ++n < 20 ); - gpgme_release (ctx); - - return 0; + GpgmeCtx ctx; + GpgmeError err; + GpgmeData sig, text; + GpgmeVerifyResult result; + + err = gpgme_new (&ctx); + fail_if_err (err); + gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS); + + /* Checking a valid message. */ + err = gpgme_data_new_from_mem (&text, test_text1, strlen (test_text1), 0); + fail_if_err (err); + err = gpgme_data_new_from_mem (&sig, test_sig1, strlen (test_sig1), 0); + fail_if_err (err); + err = gpgme_op_verify (ctx, sig, text, NULL); + fail_if_err (err); + result = gpgme_op_verify_result (ctx); + check_result (result, GPGME_SIGSUM_VALID | GPGME_SIGSUM_GREEN, + "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E", + GPGME_No_Error, GPGME_VALIDITY_FULL); + + /* Checking a manipulated message. */ + gpgme_data_release (text); + err = gpgme_data_new_from_mem (&text, test_text1f, strlen (test_text1f), 0); + fail_if_err (err); + gpgme_data_rewind (sig); + err = gpgme_op_verify (ctx, sig, text, NULL); + fail_if_err (err); + result = gpgme_op_verify_result (ctx); + check_result (result, GPGME_SIGSUM_RED, + "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E", + GPGME_Bad_Signature, GPGME_VALIDITY_UNKNOWN); + + gpgme_release (ctx); + return 0; } -- 2.26.2