diff options
Diffstat (limited to '')
-rw-r--r-- | scripts/t/Dpkg_OpenPGP.t | 116 | ||||
-rw-r--r-- | scripts/t/Dpkg_OpenPGP/dpkg-test-pub.asc | 24 | ||||
-rw-r--r-- | scripts/t/Dpkg_OpenPGP/dpkg-test-sec.asc | 28 | ||||
-rw-r--r-- | scripts/t/Dpkg_OpenPGP/sign-file | 5 | ||||
-rw-r--r-- | scripts/t/Dpkg_OpenPGP/sign-file-inline.asc | 16 | ||||
-rw-r--r-- | scripts/t/Dpkg_OpenPGP/sign-file-inline.sig | bin | 0 -> 382 bytes | |||
-rw-r--r-- | scripts/t/Dpkg_OpenPGP/sign-file.asc | 8 | ||||
-rw-r--r-- | scripts/t/Dpkg_OpenPGP/sign-file.sig | bin | 0 -> 191 bytes | |||
-rw-r--r-- | scripts/t/Dpkg_OpenPGP_KeyHandle.t | 92 |
9 files changed, 289 insertions, 0 deletions
diff --git a/scripts/t/Dpkg_OpenPGP.t b/scripts/t/Dpkg_OpenPGP.t new file mode 100644 index 0000000..4be7cd7 --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP.t @@ -0,0 +1,116 @@ +#!/usr/bin/perl +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +use strict; +use warnings; + +use Test::More; +use Test::Dpkg qw(:paths :needs); + +use File::Compare; + +use Dpkg::ErrorHandling; +use Dpkg::Path qw(find_command); +use Dpkg::OpenPGP::KeyHandle; + +my %backend_cmd = ( + auto => 'auto', + gpg => 'gpg', + sq => 'sq', + sqop => 'sop', + 'pgpainless-cli' => 'sop', +); +my @cmds = test_needs_openpgp_backend(); +unshift @cmds, 'auto'; + +plan tests => 2 + 15 * scalar @cmds; + +use_ok('Dpkg::OpenPGP'); +use_ok('Dpkg::OpenPGP::ErrorCodes'); + +report_options(quiet_warnings => 1); + +sub test_diff +{ + my ($exp_file, $gen_file, $desc) = @_; + + my $res = compare($exp_file, $gen_file); + if ($res) { + system "diff -u '$exp_file' '$gen_file' >&2"; + } + ok($res == 0, "$desc ($exp_file vs $gen_file)"); +} + +foreach my $cmd (@cmds) { + my $datadir = test_get_data_path(); + my $tempdir = test_get_temp_path(); + + my $backend = $backend_cmd{$cmd}; + my $openpgp = Dpkg::OpenPGP->new( + backend => $backend, + cmd => $cmd, + ); + + ok($openpgp->dearmor('PUBLIC KEY BLOCK', "$datadir/dpkg-test-pub.asc", "$tempdir/dpkg-test-pub.pgp") == OPENPGP_OK(), + "($backend:$cmd) dearmoring OpenPGP ASCII Armored certificate"); + ok($openpgp->armor('PUBLIC KEY BLOCK', "$tempdir/dpkg-test-pub.pgp", "$tempdir/dpkg-test-pub.asc") == OPENPGP_OK(), + "($backend:$cmd) armoring OpenPGP binary certificate"); + test_diff("$datadir/dpkg-test-pub.asc", "$tempdir/dpkg-test-pub.asc", + "($backend:$cmd) OpenPGP certificate dearmor/armor round-trip correctly"); + + ok($openpgp->armor('SIGNATURE', "$datadir/sign-file.sig", "$tempdir/sign-file.asc") == OPENPGP_OK(), + "($backend:$cmd) armoring OpenPGP binary signature succeeded"); + ok(compare("$datadir/sign-file.sig", "$tempdir/sign-file.asc") != 0, + "($backend:$cmd) armoring OpenPGP ASCII Armor changed the file"); + ok($openpgp->armor('SIGNATURE', "$datadir/sign-file.asc", "$tempdir/sign-file-rearmor.asc") == OPENPGP_OK(), + "($backend:$cmd) armoring OpenPGP armored signature succeeded"); + test_diff("$datadir/sign-file.asc", "$tempdir/sign-file-rearmor.asc", + "($backend:$cmd) rearmoring OpenPGP ASCII Armor changed the file"); + + ok($openpgp->dearmor('SIGNATURE', "$tempdir/sign-file.asc", "$tempdir/sign-file.sig") == OPENPGP_OK(), + "($backend:$cmd) dearmoring OpenPGP armored signature succeeded"); + test_diff("$datadir/sign-file.sig", "$tempdir/sign-file.sig", + "($backend:$cmd) dearmored OpenPGP ASCII Armor signature matches"); + + my $cert = "$datadir/dpkg-test-pub.asc"; + + ok($openpgp->inline_verify("$datadir/sign-file-inline.asc", undef, $cert) == OPENPGP_OK(), + "($backend:$cmd) verify OpenPGP ASCII Armor inline signature"); + ok($openpgp->inline_verify("$datadir/sign-file-inline.sig", undef, $cert) == OPENPGP_OK(), + "($backend:$cmd) verify OpenPGP binary inline signature"); + + ok($openpgp->verify("$datadir/sign-file", "$datadir/sign-file.asc", $cert) == OPENPGP_OK(), + "($backend:$cmd) verify OpenPGP ASCII Armor detached signature"); + ok($openpgp->verify("$datadir/sign-file", "$datadir/sign-file.sig", $cert) == OPENPGP_OK(), + "($backend:$cmd) verify OpenPGP binary detached signature"); + + my $key = Dpkg::OpenPGP::KeyHandle->new( + type => 'keyfile', + handle => "$datadir/dpkg-test-sec.asc", + ); + + SKIP: { + skip 'cannot use secrets', 2 unless $openpgp->can_use_secrets($key); + + ok($openpgp->inline_sign("$datadir/sign-file", "$tempdir/sign-file-inline.asc", $key) == OPENPGP_OK(), + "($backend:$cmd) inline OpenPGP sign"); + ok($openpgp->inline_verify("$tempdir/sign-file-inline.asc", undef, $cert) == OPENPGP_OK(), + "($backend:$cmd) verify generated inline OpenPGP signature"); + }; + + # TODO: Add more test cases. +} + +1; diff --git a/scripts/t/Dpkg_OpenPGP/dpkg-test-pub.asc b/scripts/t/Dpkg_OpenPGP/dpkg-test-pub.asc new file mode 100644 index 0000000..f9b9f2b --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP/dpkg-test-pub.asc @@ -0,0 +1,24 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +xjMEYtiJpRYJKwYBBAHaRw8BAQdAPc9bt2qxxLSlbrcdtR70gPFeqCusNUh/LjQV +9es9JPbCwAsEHxYKAH0FgmLYiaUDCwkHCRDQUbmhp4t5cEcUAAAAAAAeACBzYWx0 +QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmfarUJqlr3ies5QhbUfk4/CGJ8yjA5A +xU2FniSvr1MEWAMVCggCmwECHgEWIQQ0iPyXWWjO+6ezdVTQUbmhp4t5cAAAeKwB +ALhQhFu11tuBqJkeqbsB+zDw3TqINXDdOnZsz4zQTP8cAQCXB24twCDSwgL5ApXD +LDKxacm+yTJG1xAr5fey/WM6Dc0lRHBrZyBUZXN0IEtleSA8ZHBrZy10ZXN0QGV4 +YW1wbGUub3JnPsLADgQTFgoAgAWCYtiJpQMLCQcJENBRuaGni3lwRxQAAAAAAB4A +IHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9yZ5lEbcjt2RQSjys6N6+y4VDN +OVw0W5VOTjJKEWDQHZDmAxUKCAKZAQKbAQIeARYhBDSI/JdZaM77p7N1VNBRuaGn +i3lwAAA/3wD6A46mcuHcy26BOyz8co2cl53+tQeZ1F2qhg2kcofLA3UBAL7BWWPc +Zojs6SbiB8Dc7BrYkJ4jk13jYpYXwa7CnEwPzjMEYtiJpRYJKwYBBAHaRw8BAQdA +EC8I7eVdWPckXSEJdxYtGSUTOfSUFtP31dZZSiHawivCwL8EGBYKATEFgmLYiaUJ +ENBRuaGni3lwRxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9y +Z3wtg1MDVcKCPrpDO5sjWVCjoFjYX3/+1+KopBiO8UPtApsCvqAEGRYKAG8FgmLY +iaUJEF8IeVKOdEodRxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdw +Lm9yZ5tsuhbNSkLk/OacoV9yfg+ediDvQ51kf9N6Ue1y0k+nFiEEld5RAbTaqSHO +dkqUXwh5Uo50Sh0AAGMlAP4jFUATpYnAjF8rnh/3Oh7ZNXzRXmju8voJnkPh9C+P +GAD/aGKxGy1wpAQT+qJnNMIXIVq//E6Nw+Bg+iC9+Sy+KwoWIQQ0iPyXWWjO+6ez +dVTQUbmhp4t5cAAAyQwA/RFPJCO1yGV0ifxxfruj9qxr9ND3zo1YbIDJUdJS+QyX +AQC/SgSs3xBCVcXjIq2ot1YUhSaZ9VdonekgYr5VdmDMBw== +=dG1m +-----END PGP PUBLIC KEY BLOCK----- diff --git a/scripts/t/Dpkg_OpenPGP/dpkg-test-sec.asc b/scripts/t/Dpkg_OpenPGP/dpkg-test-sec.asc new file mode 100644 index 0000000..75fc7b3 --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP/dpkg-test-sec.asc @@ -0,0 +1,28 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- +Comment: 3488 FC97 5968 CEFB A7B3 7554 D051 B9A1 A78B 7970 +Comment: Dpkg Test Key <dpkg-test@example.org> + +xVgEYtiJpRYJKwYBBAHaRw8BAQdAPc9bt2qxxLSlbrcdtR70gPFeqCusNUh/LjQV +9es9JPYAAQCuHs3w2a7cIhaFk82fIsXfpIGMJUHh2tJj/6TzUTIYehIhwsALBB8W +CgB9BYJi2ImlAwsJBwkQ0FG5oaeLeXBHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMu +c2VxdW9pYS1wZ3Aub3Jn2q1Capa94nrOUIW1H5OPwhifMowOQMVNhZ4kr69TBFgD +FQoIApsBAh4BFiEENIj8l1lozvuns3VU0FG5oaeLeXAAAHisAQC4UIRbtdbbgaiZ +Hqm7Afsw8N06iDVw3Tp2bM+M0Ez/HAEAlwduLcAg0sIC+QKVwywysWnJvskyRtcQ +K+X3sv1jOg3NJURwa2cgVGVzdCBLZXkgPGRwa2ctdGVzdEBleGFtcGxlLm9yZz7C +wA4EExYKAIAFgmLYiaUDCwkHCRDQUbmhp4t5cEcUAAAAAAAeACBzYWx0QG5vdGF0 +aW9ucy5zZXF1b2lhLXBncC5vcmeZRG3I7dkUEo8rOjevsuFQzTlcNFuVTk4yShFg +0B2Q5gMVCggCmQECmwECHgEWIQQ0iPyXWWjO+6ezdVTQUbmhp4t5cAAAP98A+gOO +pnLh3MtugTss/HKNnJed/rUHmdRdqoYNpHKHywN1AQC+wVlj3GaI7Okm4gfA3Owa +2JCeI5Nd42KWF8GuwpxMD8dYBGLYiaUWCSsGAQQB2kcPAQEHQBAvCO3lXVj3JF0h +CXcWLRklEzn0lBbT99XWWUoh2sIrAAD+KhjwmbT+2rv06tPgJnBEP4x7CEMJdTlk +t7Z/M0dlVhQQXMLAvwQYFgoBMQWCYtiJpQkQ0FG5oaeLeXBHFAAAAAAAHgAgc2Fs +dEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnfC2DUwNVwoI+ukM7myNZUKOgWNhf +f/7X4qikGI7xQ+0CmwK+oAQZFgoAbwWCYtiJpQkQXwh5Uo50Sh1HFAAAAAAAHgAg +c2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnm2y6Fs1KQuT85pyhX3J+D552 +IO9DnWR/03pR7XLST6cWIQSV3lEBtNqpIc52SpRfCHlSjnRKHQAAYyUA/iMVQBOl +icCMXyueH/c6Htk1fNFeaO7y+gmeQ+H0L48YAP9oYrEbLXCkBBP6omc0whchWr/8 +To3D4GD6IL35LL4rChYhBDSI/JdZaM77p7N1VNBRuaGni3lwAADJDAD9EU8kI7XI +ZXSJ/HF+u6P2rGv00PfOjVhsgMlR0lL5DJcBAL9KBKzfEEJVxeMirai3VhSFJpn1 +V2id6SBivlV2YMwH +=D6tH +-----END PGP PRIVATE KEY BLOCK----- diff --git a/scripts/t/Dpkg_OpenPGP/sign-file b/scripts/t/Dpkg_OpenPGP/sign-file new file mode 100644 index 0000000..7fb0a1c --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP/sign-file @@ -0,0 +1,5 @@ +This is a data file that will be signed +as part of the dpkg OpenPGP test suite. + +It contains «UTF-8» characters so that +we can check binary and ASCII signatures ☺. diff --git a/scripts/t/Dpkg_OpenPGP/sign-file-inline.asc b/scripts/t/Dpkg_OpenPGP/sign-file-inline.asc new file mode 100644 index 0000000..38059f8 --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP/sign-file-inline.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +This is a data file that will be signed +as part of the dpkg OpenPGP test suite. + +It contains «UTF-8» characters so that +we can check binary and ASCII signatures ☺. +-----BEGIN PGP SIGNATURE----- + +wr0EARYKAG8FgmNn/JoJEF8IeVKOdEodRxQAAAAAAB4AIHNhbHRAbm90YXRpb25z +LnNlcXVvaWEtcGdwLm9yZ6ner4BBATzhFswk2JmdwxDwRwEY7Ez64dxHFNuT0rIn +FiEEld5RAbTaqSHOdkqUXwh5Uo50Sh0AAH26AQCojIenPOWX7+GUk+lKeo+7hnpx +nozY9z/+4Pe1KamB4AEAsL9fpRgmecLcVhHBteK8t8/laLkzdY4nji+1BmeRrgQ= +=4UM2 +-----END PGP SIGNATURE----- diff --git a/scripts/t/Dpkg_OpenPGP/sign-file-inline.sig b/scripts/t/Dpkg_OpenPGP/sign-file-inline.sig Binary files differnew file mode 100644 index 0000000..cb07a8e --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP/sign-file-inline.sig diff --git a/scripts/t/Dpkg_OpenPGP/sign-file.asc b/scripts/t/Dpkg_OpenPGP/sign-file.asc new file mode 100644 index 0000000..5b96d6f --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP/sign-file.asc @@ -0,0 +1,8 @@ +-----BEGIN PGP SIGNATURE----- + +wr0EABYKAG8FgmNn+7oJEF8IeVKOdEodRxQAAAAAAB4AIHNhbHRAbm90YXRpb25z +LnNlcXVvaWEtcGdwLm9yZ6I+NlLnxa3+q9VIr0tkR75ehn2pOJ0a5T7TbEKamHeH +FiEEld5RAbTaqSHOdkqUXwh5Uo50Sh0AADADAP0edQHN/mcxubIU8Z8RTbdBe0uu +AyzTI/4rIjImBPRoxgEAoWB+JczVmgeVRdkm8BW77PqFailPUf0mnokZZszz+Qc= +=qfwq +-----END PGP SIGNATURE----- diff --git a/scripts/t/Dpkg_OpenPGP/sign-file.sig b/scripts/t/Dpkg_OpenPGP/sign-file.sig Binary files differnew file mode 100644 index 0000000..125424c --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP/sign-file.sig diff --git a/scripts/t/Dpkg_OpenPGP_KeyHandle.t b/scripts/t/Dpkg_OpenPGP_KeyHandle.t new file mode 100644 index 0000000..35c8b43 --- /dev/null +++ b/scripts/t/Dpkg_OpenPGP_KeyHandle.t @@ -0,0 +1,92 @@ +#!/usr/bin/perl +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +use strict; +use warnings; + +use Test::More tests => 21; + +BEGIN { + use_ok('Dpkg::OpenPGP::KeyHandle'); +} + +my @ref_keys = ( + { + type => 'auto', + handle => '0x12345678', + exp_type => 'keyid', + exp_handle => '12345678', + }, { + type => 'auto', + handle => '0x1234567890abcdef', + exp_type => 'keyid', + exp_handle => '1234567890abcdef', + }, { + type => 'auto', + handle => '0x1234567890abcdef1234567890abcdef', + exp_type => 'keyid', + exp_handle => '1234567890abcdef1234567890abcdef', + }, { + type => 'auto', + handle => 'Alice Auster', + exp_type => 'userid', + exp_handle => 'Alice Auster', + }, { + type => 'auto', + handle => 'Alice Auster <alice@example.org>', + exp_type => 'userid', + exp_handle => 'Alice Auster <alice@example.org>', + }, { + type => 'keyid', + handle => '0x12345678', + exp_type => 'keyid', + exp_handle => '12345678', + }, { + type => 'keyid', + handle => '0x1234567890abcdef', + exp_type => 'keyid', + exp_handle => '1234567890abcdef', + }, { + type => 'keyid', + handle => '0x1234567890abcdef1234567890abcdef', + exp_type => 'keyid', + exp_handle => '1234567890abcdef1234567890abcdef', + }, { + type => 'userid', + handle => 'Alice Auster', + exp_type => 'userid', + exp_handle => 'Alice Auster', + }, { + type => 'userid', + handle => 'Alice Auster <alice@example.org>', + exp_type => 'userid', + exp_handle => 'Alice Auster <alice@example.org>', + } +); + +foreach my $ref_key (@ref_keys) { + my $key = Dpkg::OpenPGP::KeyHandle->new( + type => $ref_key->{type}, + handle => $ref_key->{handle}, + ); + is($key->type, $ref_key->{exp_type}, + 'key type ' . $key->type . " sanitized as $ref_key->{exp_type}"); + is($key->handle, $ref_key->{exp_handle}, + 'key handle ' . $key->handle . " sanitized as $ref_key->{exp_handle}"); +} + +# TODO: Add actual test cases. + +1; |