diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:14:06 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:14:06 +0000 |
commit | eee068778cb28ecf3c14e1bf843a95547d72c42d (patch) | |
tree | 0e07b30ddc5ea579d682d5dbe57998200d1c9ab7 /tests/openpgp/tofu | |
parent | Initial commit. (diff) | |
download | gnupg2-eee068778cb28ecf3c14e1bf843a95547d72c42d.tar.xz gnupg2-eee068778cb28ecf3c14e1bf843a95547d72c42d.zip |
Adding upstream version 2.2.40.upstream/2.2.40upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'tests/openpgp/tofu')
36 files changed, 80 insertions, 0 deletions
diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-1.txt b/tests/openpgp/tofu/conflicting/1C005AF3-1.txt Binary files differnew file mode 100644 index 0000000..dba581d --- /dev/null +++ b/tests/openpgp/tofu/conflicting/1C005AF3-1.txt diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-2.txt b/tests/openpgp/tofu/conflicting/1C005AF3-2.txt Binary files differnew file mode 100644 index 0000000..fde9fb8 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/1C005AF3-2.txt diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-3.txt b/tests/openpgp/tofu/conflicting/1C005AF3-3.txt Binary files differnew file mode 100644 index 0000000..e6aa4ac --- /dev/null +++ b/tests/openpgp/tofu/conflicting/1C005AF3-3.txt diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-4.txt b/tests/openpgp/tofu/conflicting/1C005AF3-4.txt Binary files differnew file mode 100644 index 0000000..6a14891 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/1C005AF3-4.txt diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-5.txt b/tests/openpgp/tofu/conflicting/1C005AF3-5.txt Binary files differnew file mode 100644 index 0000000..12fb5fb --- /dev/null +++ b/tests/openpgp/tofu/conflicting/1C005AF3-5.txt diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg b/tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg Binary files differnew file mode 100644 index 0000000..5f1e78a --- /dev/null +++ b/tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg diff --git a/tests/openpgp/tofu/conflicting/1C005AF3.gpg b/tests/openpgp/tofu/conflicting/1C005AF3.gpg Binary files differnew file mode 100644 index 0000000..7a75011 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/1C005AF3.gpg diff --git a/tests/openpgp/tofu/conflicting/B662E42F-1.txt b/tests/openpgp/tofu/conflicting/B662E42F-1.txt Binary files differnew file mode 100644 index 0000000..c39056c --- /dev/null +++ b/tests/openpgp/tofu/conflicting/B662E42F-1.txt diff --git a/tests/openpgp/tofu/conflicting/B662E42F-2.txt b/tests/openpgp/tofu/conflicting/B662E42F-2.txt Binary files differnew file mode 100644 index 0000000..a96ef9f --- /dev/null +++ b/tests/openpgp/tofu/conflicting/B662E42F-2.txt diff --git a/tests/openpgp/tofu/conflicting/B662E42F-3.txt b/tests/openpgp/tofu/conflicting/B662E42F-3.txt Binary files differnew file mode 100644 index 0000000..2e6e81b --- /dev/null +++ b/tests/openpgp/tofu/conflicting/B662E42F-3.txt diff --git a/tests/openpgp/tofu/conflicting/B662E42F-4.txt b/tests/openpgp/tofu/conflicting/B662E42F-4.txt Binary files differnew file mode 100644 index 0000000..470882f --- /dev/null +++ b/tests/openpgp/tofu/conflicting/B662E42F-4.txt diff --git a/tests/openpgp/tofu/conflicting/B662E42F-5.txt b/tests/openpgp/tofu/conflicting/B662E42F-5.txt new file mode 100644 index 0000000..21d54bc --- /dev/null +++ b/tests/openpgp/tofu/conflicting/B662E42F-5.txt @@ -0,0 +1 @@ +%[}Ii\,b,&khӌ)eech&q0l;Sɵ`K>}iw5?VF+' |]$/jmJߖTjY<i6%|aGVkg4e<akB UoffZ<U[hJen뤙
f~[dm"v?P3}=}#"^j-Tҁ՜+/q=&>̬%kzNlʳמ:7z\osJs1
\ No newline at end of file diff --git a/tests/openpgp/tofu/conflicting/B662E42F-secret.gpg b/tests/openpgp/tofu/conflicting/B662E42F-secret.gpg Binary files differnew file mode 100644 index 0000000..7362ded --- /dev/null +++ b/tests/openpgp/tofu/conflicting/B662E42F-secret.gpg diff --git a/tests/openpgp/tofu/conflicting/B662E42F.gpg b/tests/openpgp/tofu/conflicting/B662E42F.gpg Binary files differnew file mode 100644 index 0000000..6c07520 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/B662E42F.gpg diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-1.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-1.txt Binary files differnew file mode 100644 index 0000000..1b3de47 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/BE04EB2B-1.txt diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-2.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-2.txt Binary files differnew file mode 100644 index 0000000..f4f5487 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/BE04EB2B-2.txt diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-3.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-3.txt Binary files differnew file mode 100644 index 0000000..7451073 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/BE04EB2B-3.txt diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-4.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-4.txt Binary files differnew file mode 100644 index 0000000..f15496d --- /dev/null +++ b/tests/openpgp/tofu/conflicting/BE04EB2B-4.txt diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-5.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-5.txt Binary files differnew file mode 100644 index 0000000..39078f1 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/BE04EB2B-5.txt diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg b/tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg Binary files differnew file mode 100644 index 0000000..5d393aa --- /dev/null +++ b/tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B.gpg b/tests/openpgp/tofu/conflicting/BE04EB2B.gpg Binary files differnew file mode 100644 index 0000000..787b238 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/BE04EB2B.gpg diff --git a/tests/openpgp/tofu/cross-sigs/871C2247-1.gpg b/tests/openpgp/tofu/cross-sigs/871C2247-1.gpg Binary files differnew file mode 100644 index 0000000..f706f70 --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/871C2247-1.gpg diff --git a/tests/openpgp/tofu/cross-sigs/871C2247-1.txt b/tests/openpgp/tofu/cross-sigs/871C2247-1.txt Binary files differnew file mode 100644 index 0000000..0bdc1fc --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/871C2247-1.txt diff --git a/tests/openpgp/tofu/cross-sigs/871C2247-2.gpg b/tests/openpgp/tofu/cross-sigs/871C2247-2.gpg Binary files differnew file mode 100644 index 0000000..0b2485f --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/871C2247-2.gpg diff --git a/tests/openpgp/tofu/cross-sigs/871C2247-2.txt b/tests/openpgp/tofu/cross-sigs/871C2247-2.txt Binary files differnew file mode 100644 index 0000000..4d3aaaa --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/871C2247-2.txt diff --git a/tests/openpgp/tofu/cross-sigs/871C2247-3.gpg b/tests/openpgp/tofu/cross-sigs/871C2247-3.gpg Binary files differnew file mode 100644 index 0000000..eb2c435 --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/871C2247-3.gpg diff --git a/tests/openpgp/tofu/cross-sigs/871C2247-3.txt b/tests/openpgp/tofu/cross-sigs/871C2247-3.txt Binary files differnew file mode 100644 index 0000000..9b2d49d --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/871C2247-3.txt diff --git a/tests/openpgp/tofu/cross-sigs/871C2247-4.gpg b/tests/openpgp/tofu/cross-sigs/871C2247-4.gpg Binary files differnew file mode 100644 index 0000000..9c98ec1 --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/871C2247-4.gpg diff --git a/tests/openpgp/tofu/cross-sigs/871C2247-secret.gpg b/tests/openpgp/tofu/cross-sigs/871C2247-secret.gpg Binary files differnew file mode 100644 index 0000000..a87c61b --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/871C2247-secret.gpg diff --git a/tests/openpgp/tofu/cross-sigs/EC38277E-1.gpg b/tests/openpgp/tofu/cross-sigs/EC38277E-1.gpg Binary files differnew file mode 100644 index 0000000..e6becec --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/EC38277E-1.gpg diff --git a/tests/openpgp/tofu/cross-sigs/EC38277E-1.txt b/tests/openpgp/tofu/cross-sigs/EC38277E-1.txt Binary files differnew file mode 100644 index 0000000..92236be --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/EC38277E-1.txt diff --git a/tests/openpgp/tofu/cross-sigs/EC38277E-2.gpg b/tests/openpgp/tofu/cross-sigs/EC38277E-2.gpg Binary files differnew file mode 100644 index 0000000..d26bd54 --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/EC38277E-2.gpg diff --git a/tests/openpgp/tofu/cross-sigs/EC38277E-2.txt b/tests/openpgp/tofu/cross-sigs/EC38277E-2.txt Binary files differnew file mode 100644 index 0000000..b4013d3 --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/EC38277E-2.txt diff --git a/tests/openpgp/tofu/cross-sigs/EC38277E-3.txt b/tests/openpgp/tofu/cross-sigs/EC38277E-3.txt Binary files differnew file mode 100644 index 0000000..9b2d49d --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/EC38277E-3.txt diff --git a/tests/openpgp/tofu/cross-sigs/EC38277E-secret.gpg b/tests/openpgp/tofu/cross-sigs/EC38277E-secret.gpg Binary files differnew file mode 100644 index 0000000..1839e3a --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/EC38277E-secret.gpg diff --git a/tests/openpgp/tofu/cross-sigs/README b/tests/openpgp/tofu/cross-sigs/README new file mode 100644 index 0000000..439962b --- /dev/null +++ b/tests/openpgp/tofu/cross-sigs/README @@ -0,0 +1,79 @@ +# How I generate the keys and messages to verify: + +# Generate and export two non-conflicting keys. +gpg --quick-gen-key 'Spy Cow <spy@cow.com>' +gpg --quick-gen-key 'Spy R. Cow <spy@cow.de>' + +KEYIDA=1938C3A0E4674B6C217AC0B987DB2814EC38277E +KEYIDB=DC463A16E42F03240D76E8BA8B48C6BD871C2247 + +for KEYID in $KEYIDA $KEYIDB +do + gpg --export $KEYID > tofu-$KEYID.gpg + gpg --export-secret-keys $KEYID > tofu-$KEYID-secret.gpg +done + +# Sign some data. +echo foo | gpg --default-key $KEYIDA -s > tofu-$KEYIDA-1.txt +echo foo | gpg --default-key $KEYIDB -s > tofu-$KEYIDB-1.txt + +# Again, but with an issuer. +echo foo | gpg --default-key "<spy@cow.com>" -s > tofu-$KEYIDA-2.txt +echo foo | gpg --default-key "<spy@cow.de>" -s > tofu-$KEYIDB-2.txt + +# Have A sign B and vice versa. +gpg --default-key $KEYIDA --quick-sign $KEYIDB +gpg --default-key $KEYIDB --quick-sign $KEYIDA + +gpg --export $KEYIDA > tofu-$KEYIDA-2.gpg +gpg --export $KEYIDB > tofu-$KEYIDB-2.gpg + +# Cause A and B to conflict. +gpg --quick-adduid $KEYIDB 'Spy R. Cow <spy@cow.com>' +gpg --export $KEYIDB > tofu-$KEYIDB-3.gpg + +echo foo | gpg --default-key "<spy@cow.com>" -s > tofu-$KEYIDA-3.txt +echo foo | gpg --default-key "<spy@cow.com>" -s > tofu-$KEYIDB-3.txt + +# Have A sign B's conflicting user id. +gpg --default-key $KEYIDA --quick-sign $KEYIDB +gpg --export $KEYIDB > tofu-$KEYIDB-4.gpg + +exit 0 + +# In a new directory (so the keys are not ultimately trusted). + +D=~/neal/work/gpg/test +echo 'trust-model tofu+pgp' > gpg.conf +gpg --import $D/tofu-$KEYIDA.gpg +gpg --import $D/tofu-$KEYIDB.gpg +gpg -k + +gpg --verify $D/tofu-$KEYIDA-1.txt +gpg --verify $D/tofu-$KEYIDB-1.txt +# With an issuer. +gpg --verify $D/tofu-$KEYIDA-2.txt +gpg --verify $D/tofu-$KEYIDB-2.txt + +# Import the cross signatures. +gpg --import $D/tofu-$KEYIDA-2.gpg +gpg --import $D/tofu-$KEYIDB-2.gpg +gpg -k + +gpg --verify $D/tofu-$KEYIDA-1.txt +gpg --verify $D/tofu-$KEYIDB-1.txt +# With an issuer. +gpg --verify $D/tofu-$KEYIDA-2.txt +gpg --verify $D/tofu-$KEYIDB-2.txt + + +gpg --status-fd=1 --batch --verify $D/tofu-$KEYIDA-3.txt | grep TRUST_UNDEFINED +gpg --status-fd=1 --batch --verify $D/tofu-$KEYIDB-3.txt | grep TRUST_UNDEFINED + +# Import the conflicting user id. +gpg --import $D/tofu-$KEYIDB-3.gpg +gpg -k + +# Import the cross signature, which should remove the conflict. +gpg --import $D/tofu-$KEYIDB-4.gpg +gpg -k |