Ported changes from 1.4.
[gnupg.git] / tests / openpgp / verify.test
1 #!/bin/sh
2 # Copyright 1998,1999,2000,2001,2002,2003,2004,2005,2006,
3 #           2007 Free Software Foundation, Inc.
4 # This file is free software; as a special exception the author gives
5 # unlimited permission to copy and/or distribute it, with or without
6 # modifications, as long as this notice is preserved.  This file is
7 # distributed in the hope that it will be useful, but WITHOUT ANY
8 # WARRANTY, to the extent permitted by law; without even the implied
9 # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10
11 . $srcdir/defs.inc || exit 3
12
13 suspend_error
14
15 #
16 # Two simple tests to check that verify fails for bad input data
17 #
18 info "checking bogus signature 1"
19 ../../tools/mk-tdata --char 0x2d 64 >x
20 $GPG --verify x data-500 && error "no error code from verify"
21 info "checking bogus signature 2"
22 ../../tools/mk-tdata --char 0xca 64 >x
23 $GPG --verify x data-500 && error "no error code from verify"
24
25 linefeed
26
27 # A variable to collect the test names
28 tests=""
29
30 # A plain signed message created using
31 #  echo abc | gpg --homedir . --passphrase-fd 0 -u Alpha -z0 -sa msg
32 tests="$tests msg_ols_asc"
33 msg_ols_asc='-----BEGIN PGP MESSAGE-----
34
35 kA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdo
36 dC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0
37 aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkgZGVjZW50IHBlb3BsZSBh
38 cmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJlaW5nIHNpY2sgYW5kIHRp
39 cmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdtCnNpY2sgYW5kIHRpcmVk
40 IG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5IFB5dGhvbgqIPwMFAEQM
41 UlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk01pbAKCIjkzLOAmkZNm0
42 D8luT78c/1x45Q==
43 =a29i
44 -----END PGP MESSAGE-----'
45
46 # A plain signed message created using
47 #  echo abc | gpg --homedir . --passphrase-fd 0 -u Alpha -sa msg
48 tests="$tests msg_cols_asc"
49 msg_cols_asc='-----BEGIN PGP MESSAGE-----
50
51 owGbwMvMwCSoW1RzPCOz3IRxLSN7EnNucboLT6Cgp0JJRmZeNpBMLFFIzMlRKMpM
52 zyjRBQtm5qUrFKTmF+SkKmTmgdQVKyTnl+aVFFUqJBalKhRnJmcrJOalcJVkFqWm
53 KOSnKSSlgrSU5OekQMzLL0rJzEsEKk9JTU7NK4EZBtKcBtRRWgAzlwtmbnlmSQbU
54 GJjxCmDj9RQUPNVzFZJTi0oSM/NyKhXy8kuAYk6lJSBxLlTF2NziqZCYq8elq+Cb
55 n1dSqRBQWZKRn8fVYc/MygAKBljYCDIFiTDMT+9seu836Q+bevyHTJ0dzPNuvCjn
56 ZpgrwX38z58rJsfYDhwOSS4SkN/d6vUAAA==
57 =s6sY
58 -----END PGP MESSAGE-----'
59
60 # A PGP 2 style message.
61 tests="$tests msg_sl_asc"
62 msg_sl_asc='-----BEGIN PGP MESSAGE-----
63
64 iD8DBQBEDFJaLXJ8x2hpdzQRAkeCAKCZRBk2Pmx4w9h2LgosS0AppNNaWwCgiI5M
65 yzgJpGTZtA/Jbk+/HP9ceOWtAQdiA21zZ0QMUlpJIHRoaW5rIHRoYXQgYWxsIHJp
66 Z2h0LXRoaW5raW5nIHBlb3BsZSBpbiB0aGlzIGNvdW50cnkgYXJlIHNpY2sgYW5k
67 CnRpcmVkIG9mIGJlaW5nIHRvbGQgdGhhdCBvcmRpbmFyeSBkZWNlbnQgcGVvcGxl
68 IGFyZSBmZWQgdXAgaW4gdGhpcwpjb3VudHJ5IHdpdGggYmVpbmcgc2ljayBhbmQg
69 dGlyZWQuICBJJ20gY2VydGFpbmx5IG5vdC4gIEJ1dCBJJ20Kc2ljayBhbmQgdGly
70 ZWQgb2YgYmVpbmcgdG9sZCB0aGF0IEkgYW0uCi0gTW9udHkgUHl0aG9uCg==
71 =0ukK
72 -----END PGP MESSAGE-----'
73
74 # An OpenPGP message lacking the onepass packet.  We used to accept
75 # such messages but now consider them invalid.
76 tests="$tests bad_ls_asc"
77 bad_ls_asc='-----BEGIN PGP MESSAGE-----
78
79 rQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdodC10aGlua2luZyBwZW9w
80 bGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0aXJlZCBvZiBiZWluZyB0
81 b2xkIHRoYXQgb3JkaW5hcnkgZGVjZW50IHBlb3BsZSBhcmUgZmVkIHVwIGluIHRo
82 aXMKY291bnRyeSB3aXRoIGJlaW5nIHNpY2sgYW5kIHRpcmVkLiAgSSdtIGNlcnRh
83 aW5seSBub3QuICBCdXQgSSdtCnNpY2sgYW5kIHRpcmVkIG9mIGJlaW5nIHRvbGQg
84 dGhhdCBJIGFtLgotIE1vbnR5IFB5dGhvbgqIPwMFAEQMUlotcnzHaGl3NBECR4IA
85 oJlEGTY+bHjD2HYuCixLQCmk01pbAKCIjkzLOAmkZNm0D8luT78c/1x45Q==
86 =Mpiu
87 -----END PGP MESSAGE-----'
88
89
90 # A signed message prefixed with an unsigned literal packet.
91 # (fols = faked-literal-data, one-pass, literal-data, signature)
92 # This should throw an error because running gpg to extract the
93 # signed data will return both literal data packets
94 tests="$tests bad_fols_asc"
95 bad_fols_asc='-----BEGIN PGP MESSAGE-----
96
97 rF1iDG1zZy51bnNpZ25lZEQMY0x0aW1lc2hhcmluZywgbjoKCUFuIGFjY2VzcyBt
98 ZXRob2Qgd2hlcmVieSBvbmUgY29tcHV0ZXIgYWJ1c2VzIG1hbnkgcGVvcGxlLgqQ
99 DQMAAhEtcnzHaGl3NAGtAQdiA21zZ0QMUlpJIHRoaW5rIHRoYXQgYWxsIHJpZ2h0
100 LXRoaW5raW5nIHBlb3BsZSBpbiB0aGlzIGNvdW50cnkgYXJlIHNpY2sgYW5kCnRp
101 cmVkIG9mIGJlaW5nIHRvbGQgdGhhdCBvcmRpbmFyeSBkZWNlbnQgcGVvcGxlIGFy
102 ZSBmZWQgdXAgaW4gdGhpcwpjb3VudHJ5IHdpdGggYmVpbmcgc2ljayBhbmQgdGly
103 ZWQuICBJJ20gY2VydGFpbmx5IG5vdC4gIEJ1dCBJJ20Kc2ljayBhbmQgdGlyZWQg
104 b2YgYmVpbmcgdG9sZCB0aGF0IEkgYW0uCi0gTW9udHkgUHl0aG9uCog/AwUARAxS
105 Wi1yfMdoaXc0EQJHggCgmUQZNj5seMPYdi4KLEtAKaTTWlsAoIiOTMs4CaRk2bQP
106 yW5Pvxz/XHjl
107 =UNM4
108 -----END PGP MESSAGE-----'
109
110 # A signed message suffixed with an unsigned literal packet.
111 # (fols = faked-literal-data, one-pass, literal-data, signature)
112 # This should throw an error because running gpg to extract the
113 # signed data will return both literal data packets
114 tests="$tests bad_olsf_asc"
115 bad_olsf_asc='-----BEGIN PGP MESSAGE-----
116
117 kA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdo
118 dC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0
119 aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkgZGVjZW50IHBlb3BsZSBh
120 cmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJlaW5nIHNpY2sgYW5kIHRp
121 cmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdtCnNpY2sgYW5kIHRpcmVk
122 IG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5IFB5dGhvbgqIPwMFAEQM
123 UlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk01pbAKCIjkzLOAmkZNm0
124 D8luT78c/1x45axdYgxtc2cudW5zaWduZWREDGNMdGltZXNoYXJpbmcsIG46CglB
125 biBhY2Nlc3MgbWV0aG9kIHdoZXJlYnkgb25lIGNvbXB1dGVyIGFidXNlcyBtYW55
126 IHBlb3BsZS4K
127 =3gnG
128 -----END PGP MESSAGE-----'
129
130
131 # Two standard signed messages in a row
132 tests="$tests msg_olsols_asc_multiple"
133 msg_olsols_asc_multiple='-----BEGIN PGP MESSAGE-----
134
135 kA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGluayB0aGF0IGFsbCByaWdo
136 dC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5IGFyZSBzaWNrIGFuZAp0
137 aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkgZGVjZW50IHBlb3BsZSBh
138 cmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJlaW5nIHNpY2sgYW5kIHRp
139 cmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdtCnNpY2sgYW5kIHRpcmVk
140 IG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5IFB5dGhvbgqIPwMFAEQM
141 UlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk01pbAKCIjkzLOAmkZNm0
142 D8luT78c/1x45ZANAwACES1yfMdoaXc0Aa0BB2IDbXNnRAxSWkkgdGhpbmsgdGhh
143 dCBhbGwgcmlnaHQtdGhpbmtpbmcgcGVvcGxlIGluIHRoaXMgY291bnRyeSBhcmUg
144 c2ljayBhbmQKdGlyZWQgb2YgYmVpbmcgdG9sZCB0aGF0IG9yZGluYXJ5IGRlY2Vu
145 dCBwZW9wbGUgYXJlIGZlZCB1cCBpbiB0aGlzCmNvdW50cnkgd2l0aCBiZWluZyBz
146 aWNrIGFuZCB0aXJlZC4gIEknbSBjZXJ0YWlubHkgbm90LiAgQnV0IEknbQpzaWNr
147 IGFuZCB0aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgSSBhbS4KLSBNb250eSBQeXRo
148 b24KiD8DBQBEDFJaLXJ8x2hpdzQRAkeCAKCZRBk2Pmx4w9h2LgosS0AppNNaWwCg
149 iI5MyzgJpGTZtA/Jbk+/HP9ceOU=
150 =8nLN
151 -----END PGP MESSAGE-----'
152
153 # A standard message with two signatures (actually the same signature
154 # duplicated).
155 tests="$tests msg_oolss_asc"
156 msg_oolss_asc='-----BEGIN PGP MESSAGE-----
157
158 kA0DAAIRLXJ8x2hpdzQBkA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGlu
159 ayB0aGF0IGFsbCByaWdodC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5
160 IGFyZSBzaWNrIGFuZAp0aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkg
161 ZGVjZW50IHBlb3BsZSBhcmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJl
162 aW5nIHNpY2sgYW5kIHRpcmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdt
163 CnNpY2sgYW5kIHRpcmVkIG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5
164 IFB5dGhvbgqIPwMFAEQMUlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk
165 01pbAKCIjkzLOAmkZNm0D8luT78c/1x45Yg/AwUARAxSWi1yfMdoaXc0EQJHggCg
166 mUQZNj5seMPYdi4KLEtAKaTTWlsAoIiOTMs4CaRk2bQPyW5Pvxz/XHjl
167 =KVw5
168 -----END PGP MESSAGE-----'
169
170 # A standard message with two one-pass packet but only one signature
171 # packet
172 tests="$tests bad_ools_asc"
173 bad_ools_asc='-----BEGIN PGP MESSAGE-----
174
175 kA0DAAIRLXJ8x2hpdzQBkA0DAAIRLXJ8x2hpdzQBrQEHYgNtc2dEDFJaSSB0aGlu
176 ayB0aGF0IGFsbCByaWdodC10aGlua2luZyBwZW9wbGUgaW4gdGhpcyBjb3VudHJ5
177 IGFyZSBzaWNrIGFuZAp0aXJlZCBvZiBiZWluZyB0b2xkIHRoYXQgb3JkaW5hcnkg
178 ZGVjZW50IHBlb3BsZSBhcmUgZmVkIHVwIGluIHRoaXMKY291bnRyeSB3aXRoIGJl
179 aW5nIHNpY2sgYW5kIHRpcmVkLiAgSSdtIGNlcnRhaW5seSBub3QuICBCdXQgSSdt
180 CnNpY2sgYW5kIHRpcmVkIG9mIGJlaW5nIHRvbGQgdGhhdCBJIGFtLgotIE1vbnR5
181 IFB5dGhvbgqIPwMFAEQMUlotcnzHaGl3NBECR4IAoJlEGTY+bHjD2HYuCixLQCmk
182 01pbAKCIjkzLOAmkZNm0D8luT78c/1x45Q==
183 =1/ix
184 -----END PGP MESSAGE-----'
185
186 # Standard cleartext signature
187 tests="$tests msg_cls_asc"
188 msg_cls_asc=`cat <<EOF
189 -----BEGIN PGP SIGNED MESSAGE-----
190 Hash: SHA1
191
192 I think that all right-thinking people in this country are sick and
193 tired of being told that ordinary decent people are fed up in this
194 country with being sick and tired.  I'm certainly not.  But I'm
195 sick and tired of being told that I am.
196 - - Monty Python
197 -----BEGIN PGP SIGNATURE-----
198
199 iD8DBQFEDVp1LXJ8x2hpdzQRAplUAKCMfpG3GPw/TLN52tosgXP5lNECkwCfQhAa
200 emmev7IuQjWYrGF9Lxj+zj8=
201 =qJsY
202 -----END PGP SIGNATURE-----
203 EOF
204 `
205
206 # Cleartext signature with two signatures
207 tests="$tests msg_clss_asc"
208 msg_clss_asc=`cat <<EOF
209 -----BEGIN PGP SIGNED MESSAGE-----
210 Hash: SHA1
211
212 What is the difference between a Turing machine and the modern computer?
213 It's the same as that between Hillary's ascent of Everest and the
214 establishment of a Hilton on its peak.
215 -----BEGIN PGP SIGNATURE-----
216
217 iD8DBQFEDVz6LXJ8x2hpdzQRAtkGAKCeMhNbHnh339fpjNj9owsYcC4zBwCfYO5l
218 2u+KEfXX0FKyk8SMzLjZ536IPwMFAUQNXPr+GAsdqeOwshEC2QYAoPOWAiQm0EF/
219 FWIAQUplk7JWbyRKAJ92ZJyJpWfzb0yc1s7MY65r2qEHrg==
220 =1Xvv
221 -----END PGP SIGNATURE-----
222 EOF
223 `
224
225 # Two clear text signatures in a row
226 tests="$tests msg_clsclss_asc_multiple"
227 msg_clsclss_asc_multiple="${msg_cls_asc}
228 ${msg_clss_asc}"
229
230
231 # Fixme:  We need more tests with manipulated cleartext signatures.
232
233
234 #
235 # Now run the tests.
236 #
237 for i in $tests ; do
238    info "checking: $i"
239    eval "(IFS=; echo \"\$$i\")" >x
240    case "$i" in
241     msg_*_asc)
242        $GPG --verify x || error "verify of $i failed"
243        ;;
244     msg_*_asc_multiple)
245        $GPG --verify --allow-multiple-messages x \
246            || error "verify of $i failed"
247        $GPG --verify x && error "verify of $i succeeded but should not"
248        ;;
249     bad_*_asc)
250        $GPG --verify x && error "verify of $i succeeded but should not"
251        ;;
252     *)
253        error "No handler for test case $i"
254        ;;
255    esac
256    linefeed
257 done
258
259
260 resume_error