Adding upstream version 1.21.22.upstream/1.21.22upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

9 files changed, 289 insertions, 0 deletions

diff --git a/scripts/t/Dpkg_OpenPGP.t b/scripts/t/Dpkg_OpenPGP.t
new file mode 100644
index 0000000..4be7cd7
--- /dev/null
+++ b/scripts/t/Dpkg_OpenPGP.t
@@ -0,0 +1,116 @@
+#!/usr/bin/perl
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+use strict;
+use warnings;
+
+use Test::More;
+use Test::Dpkg qw(:paths :needs);
+
+use File::Compare;
+
+use Dpkg::ErrorHandling;
+use Dpkg::Path qw(find_command);
+use Dpkg::OpenPGP::KeyHandle;
+
+my %backend_cmd = (
+    auto => 'auto',
+    gpg => 'gpg',
+    sq => 'sq',
+    sqop => 'sop',
+    'pgpainless-cli' => 'sop',
+);
+my @cmds = test_needs_openpgp_backend();
+unshift @cmds, 'auto';
+
+plan tests => 2 + 15 * scalar @cmds;
+
+use_ok('Dpkg::OpenPGP');
+use_ok('Dpkg::OpenPGP::ErrorCodes');
+
+report_options(quiet_warnings => 1);
+
+sub test_diff
+{
+    my ($exp_file, $gen_file, $desc) = @_;
+
+    my $res = compare($exp_file, $gen_file);
+    if ($res) {
+        system "diff -u '$exp_file' '$gen_file' >&2";
+    }
+    ok($res == 0, "$desc ($exp_file vs $gen_file)");
+}
+
+foreach my $cmd (@cmds) {
+    my $datadir = test_get_data_path();
+    my $tempdir = test_get_temp_path();
+
+    my $backend = $backend_cmd{$cmd};
+    my $openpgp = Dpkg::OpenPGP->new(
+        backend => $backend,
+        cmd => $cmd,
+    );
+
+    ok($openpgp->dearmor('PUBLIC KEY BLOCK', "$datadir/dpkg-test-pub.asc", "$tempdir/dpkg-test-pub.pgp") == OPENPGP_OK(),
+        "($backend:$cmd) dearmoring OpenPGP ASCII Armored certificate");
+    ok($openpgp->armor('PUBLIC KEY BLOCK', "$tempdir/dpkg-test-pub.pgp", "$tempdir/dpkg-test-pub.asc") == OPENPGP_OK(),
+        "($backend:$cmd) armoring OpenPGP binary certificate");
+    test_diff("$datadir/dpkg-test-pub.asc", "$tempdir/dpkg-test-pub.asc",
+        "($backend:$cmd) OpenPGP certificate dearmor/armor round-trip correctly");
+
+    ok($openpgp->armor('SIGNATURE', "$datadir/sign-file.sig", "$tempdir/sign-file.asc") == OPENPGP_OK(),
+        "($backend:$cmd) armoring OpenPGP binary signature succeeded");
+    ok(compare("$datadir/sign-file.sig", "$tempdir/sign-file.asc") != 0,
+        "($backend:$cmd) armoring OpenPGP ASCII Armor changed the file");
+    ok($openpgp->armor('SIGNATURE', "$datadir/sign-file.asc", "$tempdir/sign-file-rearmor.asc") == OPENPGP_OK(),
+        "($backend:$cmd) armoring OpenPGP armored signature succeeded");
+    test_diff("$datadir/sign-file.asc", "$tempdir/sign-file-rearmor.asc",
+        "($backend:$cmd) rearmoring OpenPGP ASCII Armor changed the file");
+
+    ok($openpgp->dearmor('SIGNATURE', "$tempdir/sign-file.asc", "$tempdir/sign-file.sig") == OPENPGP_OK(),
+        "($backend:$cmd) dearmoring OpenPGP armored signature succeeded");
+    test_diff("$datadir/sign-file.sig", "$tempdir/sign-file.sig",
+        "($backend:$cmd) dearmored OpenPGP ASCII Armor signature matches");
+
+    my $cert = "$datadir/dpkg-test-pub.asc";
+
+    ok($openpgp->inline_verify("$datadir/sign-file-inline.asc", undef, $cert) == OPENPGP_OK(),
+        "($backend:$cmd) verify OpenPGP ASCII Armor inline signature");
+    ok($openpgp->inline_verify("$datadir/sign-file-inline.sig", undef, $cert) == OPENPGP_OK(),
+        "($backend:$cmd) verify OpenPGP binary inline signature");
+
+    ok($openpgp->verify("$datadir/sign-file", "$datadir/sign-file.asc", $cert) == OPENPGP_OK(),
+        "($backend:$cmd) verify OpenPGP ASCII Armor detached signature");
+    ok($openpgp->verify("$datadir/sign-file", "$datadir/sign-file.sig", $cert) == OPENPGP_OK(),
+        "($backend:$cmd) verify OpenPGP binary detached signature");
+
+    my $key = Dpkg::OpenPGP::KeyHandle->new(
+        type => 'keyfile',
+        handle => "$datadir/dpkg-test-sec.asc",
+    );
+
+    SKIP: {
+        skip 'cannot use secrets', 2 unless $openpgp->can_use_secrets($key);
+
+        ok($openpgp->inline_sign("$datadir/sign-file", "$tempdir/sign-file-inline.asc", $key) == OPENPGP_OK(),
+            "($backend:$cmd) inline OpenPGP sign");
+        ok($openpgp->inline_verify("$tempdir/sign-file-inline.asc", undef, $cert) == OPENPGP_OK(),
+            "($backend:$cmd) verify generated inline OpenPGP signature");
+    };
+
+    # TODO: Add more test cases.
+}
+
+1;
diff --git a/scripts/t/Dpkg_OpenPGP/dpkg-test-pub.asc b/scripts/t/Dpkg_OpenPGP/dpkg-test-pub.asc
new file mode 100644
index 0000000..f9b9f2b
--- /dev/null
+++ b/scripts/t/Dpkg_OpenPGP/dpkg-test-pub.asc
@@ -0,0 +1,24 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+xjMEYtiJpRYJKwYBBAHaRw8BAQdAPc9bt2qxxLSlbrcdtR70gPFeqCusNUh/LjQV
+9es9JPbCwAsEHxYKAH0FgmLYiaUDCwkHCRDQUbmhp4t5cEcUAAAAAAAeACBzYWx0
+QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmfarUJqlr3ies5QhbUfk4/CGJ8yjA5A
+xU2FniSvr1MEWAMVCggCmwECHgEWIQQ0iPyXWWjO+6ezdVTQUbmhp4t5cAAAeKwB
+ALhQhFu11tuBqJkeqbsB+zDw3TqINXDdOnZsz4zQTP8cAQCXB24twCDSwgL5ApXD
+LDKxacm+yTJG1xAr5fey/WM6Dc0lRHBrZyBUZXN0IEtleSA8ZHBrZy10ZXN0QGV4
+YW1wbGUub3JnPsLADgQTFgoAgAWCYtiJpQMLCQcJENBRuaGni3lwRxQAAAAAAB4A
+IHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9yZ5lEbcjt2RQSjys6N6+y4VDN
+OVw0W5VOTjJKEWDQHZDmAxUKCAKZAQKbAQIeARYhBDSI/JdZaM77p7N1VNBRuaGn
+i3lwAAA/3wD6A46mcuHcy26BOyz8co2cl53+tQeZ1F2qhg2kcofLA3UBAL7BWWPc
+Zojs6SbiB8Dc7BrYkJ4jk13jYpYXwa7CnEwPzjMEYtiJpRYJKwYBBAHaRw8BAQdA
+EC8I7eVdWPckXSEJdxYtGSUTOfSUFtP31dZZSiHawivCwL8EGBYKATEFgmLYiaUJ
+ENBRuaGni3lwRxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9y
+Z3wtg1MDVcKCPrpDO5sjWVCjoFjYX3/+1+KopBiO8UPtApsCvqAEGRYKAG8FgmLY
+iaUJEF8IeVKOdEodRxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdw
+Lm9yZ5tsuhbNSkLk/OacoV9yfg+ediDvQ51kf9N6Ue1y0k+nFiEEld5RAbTaqSHO
+dkqUXwh5Uo50Sh0AAGMlAP4jFUATpYnAjF8rnh/3Oh7ZNXzRXmju8voJnkPh9C+P
+GAD/aGKxGy1wpAQT+qJnNMIXIVq//E6Nw+Bg+iC9+Sy+KwoWIQQ0iPyXWWjO+6ez
+dVTQUbmhp4t5cAAAyQwA/RFPJCO1yGV0ifxxfruj9qxr9ND3zo1YbIDJUdJS+QyX
+AQC/SgSs3xBCVcXjIq2ot1YUhSaZ9VdonekgYr5VdmDMBw==
+=dG1m
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/scripts/t/Dpkg_OpenPGP/dpkg-test-sec.asc b/scripts/t/Dpkg_OpenPGP/dpkg-test-sec.asc
new file mode 100644
index 0000000..75fc7b3
--- /dev/null
+++ b/scripts/t/Dpkg_OpenPGP/dpkg-test-sec.asc
@@ -0,0 +1,28 @@
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+Comment: 3488 FC97 5968 CEFB A7B3  7554 D051 B9A1 A78B 7970
+Comment: Dpkg Test Key <dpkg-test@example.org>
+
+xVgEYtiJpRYJKwYBBAHaRw8BAQdAPc9bt2qxxLSlbrcdtR70gPFeqCusNUh/LjQV
+9es9JPYAAQCuHs3w2a7cIhaFk82fIsXfpIGMJUHh2tJj/6TzUTIYehIhwsALBB8W
+CgB9BYJi2ImlAwsJBwkQ0FG5oaeLeXBHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMu
+c2VxdW9pYS1wZ3Aub3Jn2q1Capa94nrOUIW1H5OPwhifMowOQMVNhZ4kr69TBFgD
+FQoIApsBAh4BFiEENIj8l1lozvuns3VU0FG5oaeLeXAAAHisAQC4UIRbtdbbgaiZ
+Hqm7Afsw8N06iDVw3Tp2bM+M0Ez/HAEAlwduLcAg0sIC+QKVwywysWnJvskyRtcQ
+K+X3sv1jOg3NJURwa2cgVGVzdCBLZXkgPGRwa2ctdGVzdEBleGFtcGxlLm9yZz7C
+wA4EExYKAIAFgmLYiaUDCwkHCRDQUbmhp4t5cEcUAAAAAAAeACBzYWx0QG5vdGF0
+aW9ucy5zZXF1b2lhLXBncC5vcmeZRG3I7dkUEo8rOjevsuFQzTlcNFuVTk4yShFg
+0B2Q5gMVCggCmQECmwECHgEWIQQ0iPyXWWjO+6ezdVTQUbmhp4t5cAAAP98A+gOO
+pnLh3MtugTss/HKNnJed/rUHmdRdqoYNpHKHywN1AQC+wVlj3GaI7Okm4gfA3Owa
+2JCeI5Nd42KWF8GuwpxMD8dYBGLYiaUWCSsGAQQB2kcPAQEHQBAvCO3lXVj3JF0h
+CXcWLRklEzn0lBbT99XWWUoh2sIrAAD+KhjwmbT+2rv06tPgJnBEP4x7CEMJdTlk
+t7Z/M0dlVhQQXMLAvwQYFgoBMQWCYtiJpQkQ0FG5oaeLeXBHFAAAAAAAHgAgc2Fs
+dEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnfC2DUwNVwoI+ukM7myNZUKOgWNhf
+f/7X4qikGI7xQ+0CmwK+oAQZFgoAbwWCYtiJpQkQXwh5Uo50Sh1HFAAAAAAAHgAg
+c2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnm2y6Fs1KQuT85pyhX3J+D552
+IO9DnWR/03pR7XLST6cWIQSV3lEBtNqpIc52SpRfCHlSjnRKHQAAYyUA/iMVQBOl
+icCMXyueH/c6Htk1fNFeaO7y+gmeQ+H0L48YAP9oYrEbLXCkBBP6omc0whchWr/8
+To3D4GD6IL35LL4rChYhBDSI/JdZaM77p7N1VNBRuaGni3lwAADJDAD9EU8kI7XI
+ZXSJ/HF+u6P2rGv00PfOjVhsgMlR0lL5DJcBAL9KBKzfEEJVxeMirai3VhSFJpn1
+V2id6SBivlV2YMwH
+=D6tH
+-----END PGP PRIVATE KEY BLOCK-----
diff --git a/scripts/t/Dpkg_OpenPGP/sign-file b/scripts/t/Dpkg_OpenPGP/sign-file
new file mode 100644
index 0000000..7fb0a1c
--- /dev/null
+++ b/scripts/t/Dpkg_OpenPGP/sign-file
@@ -0,0 +1,5 @@
+This is a data file that will be signed
+as part of the dpkg OpenPGP test suite.
+
+It contains «UTF-8» characters so that
+we can check binary and ASCII signatures ☺.
diff --git a/scripts/t/Dpkg_OpenPGP/sign-file-inline.asc b/scripts/t/Dpkg_OpenPGP/sign-file-inline.asc
new file mode 100644
index 0000000..38059f8
--- /dev/null
+++ b/scripts/t/Dpkg_OpenPGP/sign-file-inline.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+This is a data file that will be signed
+as part of the dpkg OpenPGP test suite.
+
+It contains «UTF-8» characters so that
+we can check binary and ASCII signatures ☺.
+-----BEGIN PGP SIGNATURE-----
+
+wr0EARYKAG8FgmNn/JoJEF8IeVKOdEodRxQAAAAAAB4AIHNhbHRAbm90YXRpb25z
+LnNlcXVvaWEtcGdwLm9yZ6ner4BBATzhFswk2JmdwxDwRwEY7Ez64dxHFNuT0rIn
+FiEEld5RAbTaqSHOdkqUXwh5Uo50Sh0AAH26AQCojIenPOWX7+GUk+lKeo+7hnpx
+nozY9z/+4Pe1KamB4AEAsL9fpRgmecLcVhHBteK8t8/laLkzdY4nji+1BmeRrgQ=
+=4UM2
+-----END PGP SIGNATURE-----
diff --git a/scripts/t/Dpkg_OpenPGP/sign-file-inline.sig b/scripts/t/Dpkg_OpenPGP/sign-file-inline.sig
new file mode 100644
index 0000000..cb07a8e
--- /dev/null
+++ b/scripts/t/Dpkg_OpenPGP/sign-file-inline.sig
diff --git a/scripts/t/Dpkg_OpenPGP/sign-file.asc b/scripts/t/Dpkg_OpenPGP/sign-file.asc
new file mode 100644
index 0000000..5b96d6f
--- /dev/null
+++ b/scripts/t/Dpkg_OpenPGP/sign-file.asc
@@ -0,0 +1,8 @@
+-----BEGIN PGP SIGNATURE-----
+
+wr0EABYKAG8FgmNn+7oJEF8IeVKOdEodRxQAAAAAAB4AIHNhbHRAbm90YXRpb25z
+LnNlcXVvaWEtcGdwLm9yZ6I+NlLnxa3+q9VIr0tkR75ehn2pOJ0a5T7TbEKamHeH
+FiEEld5RAbTaqSHOdkqUXwh5Uo50Sh0AADADAP0edQHN/mcxubIU8Z8RTbdBe0uu
+AyzTI/4rIjImBPRoxgEAoWB+JczVmgeVRdkm8BW77PqFailPUf0mnokZZszz+Qc=
+=qfwq
+-----END PGP SIGNATURE-----
diff --git a/scripts/t/Dpkg_OpenPGP/sign-file.sig b/scripts/t/Dpkg_OpenPGP/sign-file.sig
new file mode 100644
index 0000000..125424c
--- /dev/null
+++ b/scripts/t/Dpkg_OpenPGP/sign-file.sig
diff --git a/scripts/t/Dpkg_OpenPGP_KeyHandle.t b/scripts/t/Dpkg_OpenPGP_KeyHandle.t
new file mode 100644
index 0000000..35c8b43
--- /dev/null
+++ b/scripts/t/Dpkg_OpenPGP_KeyHandle.t
@@ -0,0 +1,92 @@
+#!/usr/bin/perl
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+use strict;
+use warnings;
+
+use Test::More tests => 21;
+
+BEGIN {
+    use_ok('Dpkg::OpenPGP::KeyHandle');
+}
+
+my @ref_keys = (
+    {
+        type => 'auto',
+        handle => '0x12345678',
+        exp_type => 'keyid',
+        exp_handle => '12345678',
+    }, {
+        type => 'auto',
+        handle => '0x1234567890abcdef',
+        exp_type => 'keyid',
+        exp_handle => '1234567890abcdef',
+    }, {
+        type => 'auto',
+        handle => '0x1234567890abcdef1234567890abcdef',
+        exp_type => 'keyid',
+        exp_handle => '1234567890abcdef1234567890abcdef',
+    }, {
+        type => 'auto',
+        handle => 'Alice Auster',
+        exp_type => 'userid',
+        exp_handle => 'Alice Auster',
+    }, {
+        type => 'auto',
+        handle => 'Alice Auster <alice@example.org>',
+        exp_type => 'userid',
+        exp_handle => 'Alice Auster <alice@example.org>',
+    }, {
+        type => 'keyid',
+        handle => '0x12345678',
+        exp_type => 'keyid',
+        exp_handle => '12345678',
+    }, {
+        type => 'keyid',
+        handle => '0x1234567890abcdef',
+        exp_type => 'keyid',
+        exp_handle => '1234567890abcdef',
+    }, {
+        type => 'keyid',
+        handle => '0x1234567890abcdef1234567890abcdef',
+        exp_type => 'keyid',
+        exp_handle => '1234567890abcdef1234567890abcdef',
+    }, {
+        type => 'userid',
+        handle => 'Alice Auster',
+        exp_type => 'userid',
+        exp_handle => 'Alice Auster',
+    }, {
+        type => 'userid',
+        handle => 'Alice Auster <alice@example.org>',
+        exp_type => 'userid',
+        exp_handle => 'Alice Auster <alice@example.org>',
+    }
+);
+
+foreach my $ref_key (@ref_keys) {
+    my $key = Dpkg::OpenPGP::KeyHandle->new(
+        type => $ref_key->{type},
+        handle => $ref_key->{handle},
+    );
+    is($key->type, $ref_key->{exp_type},
+        'key type ' . $key->type . " sanitized as $ref_key->{exp_type}");
+    is($key->handle, $ref_key->{exp_handle},
+        'key handle ' . $key->handle . " sanitized as $ref_key->{exp_handle}");
+}
+
+# TODO: Add actual test cases.
+
+1;