1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
#!/usr/bin/env gpgscm
;; Copyright (C) 2016 g10 Code GmbH
;;
;; This file is part of GnuPG.
;;
;; GnuPG is free software; you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation; either version 3 of the License, or
;; (at your option) any later version.
;;
;; GnuPG is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;;
;; You should have received a copy of the GNU General Public License
;; along with this program; if not, see <http://www.gnu.org/licenses/>.
(load (in-srcdir "tests" "openpgp" "defs.scm"))
(setup-legacy-environment)
(for-each-p
"Checking encryption"
(lambda (source)
(tr:do
(tr:open source)
(tr:gpg "" `(--yes --encrypt --recipient ,usrname2))
(tr:gpg "" '(--yes --decrypt))
(tr:assert-identity source)))
(append plain-files data-files))
(for-each-p
"Checking encryption using a specific cipher algorithm"
(lambda (cipher)
(for-each-p
""
(lambda (source)
(tr:do
(tr:open source)
(tr:gpg "" `(--yes --encrypt --recipient ,usrname2
--cipher-algo ,cipher))
(tr:gpg "" '(--yes --decrypt))
(tr:assert-identity source)))
(append plain-files data-files)))
(force all-cipher-algos))
;; We encrypt to two keys and we have also put the first key into our
;; pubring, so that decryption will work.
(for-each-p
"Checking encryption using a key from file"
(lambda (source)
(tr:do
(tr:open source)
(tr:gpg "" `(--yes -v --no-keyring --encrypt
--recipient-file ,(in-srcdir "tests" "openpgp" key-file1)
--hidden-recipient-file ,(in-srcdir "tests" "openpgp" key-file2)))
(tr:gpg "" '(--yes --decrypt))
(tr:assert-identity source)))
plain-files)
(info "Importing additional sample keys for OCB tests")
(for-each
(lambda (name)
(call `(,@GPG --yes --import ,(in-srcdir "tests" "openpgp" "samplekeys"
(string-append name ".asc")))))
'("ed25519-cv25519-sample-1"
"ed25519-cv25519-sample-2"
"rsa-rsa-sample-1"))
(for-each-p
"Checking OCB mode"
(lambda (source)
(tr:do
(tr:open source)
(tr:gpg "" `(--yes -er ,"patrice.lumumba"))
(tr:gpg "" '(--yes -d))
(tr:assert-identity source)))
all-files)
;; For reference:
;; BEGIN_ENCRYPTION <mdc_method> <sym_algo> [<aead_algo>]
(for-each-p
"Checking two OCB capable keys"
(lambda (source)
(tr:do
(tr:open source)
(tr:gpgstatus "" `(--yes -e
-r ,"patrice.lumumba"
-r ,"mahsa.amini"))
(tr:call-with-content
(lambda (c)
(unless (string-contains? c "[GNUPG:] BEGIN_ENCRYPTION 0 9 2")
(fail (string-append "Unexpected status: " c)))))))
'("plain-1"))
(for-each-p
"Checking two OCB capable keys plus one not capable"
(lambda (source)
(tr:do
(tr:open source)
(tr:gpgstatus "" `(--yes -o out -e
-r ,"patrice.lumumba"
-r ,"mahsa.amini"
-r ,"steve.biko"))
(tr:call-with-content
(lambda (c)
(unless (string-contains? c "[GNUPG:] BEGIN_ENCRYPTION 2 9")
(fail (string-append "Unexpected status: " c)))))))
'("plain-1"))
(for-each-p
"Checking non OCB capable key with --force-ocb"
(lambda (source)
(tr:do
(tr:open source)
(tr:gpgstatus "" `(--yes -e --force-ocb
-r ,"steve.biko"))
(tr:call-with-content
(lambda (c)
(unless (string-contains? c "[GNUPG:] BEGIN_ENCRYPTION 0 9 2")
(fail (string-append "Unexpected status: " c)))))))
'("plain-1"))
|
