roughconsensusandrunningcode/pgpcontrol
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
pgpcontrol/tests/sequoia-tests.pl
Fabrizio Tarizzo a028c9e36c initial support for sequoia-sq
2024-12-21 15:41:14 +01:00

153 lines
4.7 KiB
Perl
Executable file
Raw Permalink Blame History

#! /usr/bin/perl -w
use constant VERIFY_OK => 0;
use constant VERIFY_BADDATA => 1;
use constant VERIFY_NOCERT => 2;
use constant VERIFY_BADSIG => 3;
my $sq = '/usr/local/bin/sq';
my $gpg = '/usr/bin/gpg';
my $sq_home = "$ENV{'PWD'}/keyring/sq/home/";
$ENV{SEQUOIA_HOME} = $sq_home;
my $failed = 0;
my $tests = 0;
sub pgpverify {
my ($file, $expected) = @_;
my $signer = `./tmp/pgpverify < $file`;
chomp $signer;
if ($? == VERIFY_OK && $signer eq $expected) {
return VERIFY_OK;
} else {
print "pgpverify exited with status ", ($? >> 8), "\n" if $? != VERIFY_OK;
print "pgpverify said the signer was $signer\n" if $signer;
return $? >> 8;
}
}
sub fix_pgpverify {
my ($path, $keyring) = @_;
open (BASIC, "../pgpverify") or die "Can't open ../pgpverify: $!\n";
open (FIXED, "> tmp/pgpverify") or die "Can't create pgpverify: $!\n";
while (<BASIC>) {
s%^\# \$sq = \'.*%\$sq = '$path';% if $path =~ /sq$/;
s%^\# \$sq_policy_as_of = \'.*%\$sq_policy_as_of = '19970101';% if $path =~ /sq$/;
s%^\# \$gpg = \'.*%\$gpg = '$path';% if $path =~ /gpg$/;
s%^\# \$keyring = \'.*%\$keyring = '$keyring';% if $keyring;
s%^\$syslog_method = \'.*%\$syslog_method = '';%;
print FIXED;
}
close BASIC;
close FIXED;
chmod (0755, 'tmp/pgpverify');
}
sub fix_signcontrol {
my ($path, $signer) = @_;
open (BASIC, "../signcontrol") or die "Can't open ../signcontrol: $!\n";
open (FIXED, "> tmp/signcontrol") or die "Can't create signcontrol: $!\n";
while (<BASIC>) {
s/INSERT_YOUR_PGP_USERID/$signer/;
s/^my \$pgp = \".*/my \$pgp = '$path';/;
s/YOUR_ADDRESS_AND_NAME/Test Signer <test\@example.com>/;
s/ADDRESS_FOR_Approved_HEADER/test\@example.com/;
s/FULL_HOST_NAME/example.com/;
s/HIERARCHIES/example/;
print FIXED;
}
close BASIC;
close FIXED;
chmod (0755, 'tmp/signcontrol');
}
sub sign_verify_roundtrip_test {
my ($testname, $sign_exec, $verify_exec, $signer) = @_;
my $signedfile = "./tmp/signed_$testname";
fix_signcontrol ($sign_exec, $signer);
my $status = system ("./tmp/signcontrol < ./messages/newgroup > $signedfile");
if ($? == 0) {
print "PASS: $testname (sign)\n";
} else {
print "signcontrol exited with status ", ($? >> 8), "\n";
print "FAIL: $testname (sign)\n";
$failed++;
}
$tests++;
fix_pgpverify ($verify_exec);
if (pgpverify ($signedfile, 'testing.sq') == VERIFY_OK) {
print "PASS: $testname (verify)\n";
} else {
print "FAIL: $testname (verify)\n";
$failed++;
}
$tests++;
}
fix_pgpverify ($sq);
if (pgpverify ('./messages/comp.lang.go.newgroup', 'news.announce.newgroups') == VERIFY_OK) {
print "PASS: big8 newgroup (verify from default cert store)\n";
} else {
print "FAIL: big8 newgroup (verify from default cert store)\n";
$failed++;
}
$tests++;
fix_pgpverify ($sq, './keyring/sq/big8-cert.asc');
if (pgpverify ('./messages/comp.lang.go.newgroup', 'news.announce.newgroups') == VERIFY_OK) {
print "PASS: big8 newgroup (verify from cert file)\n";
} else {
print "FAIL: big8 newgroup (verify from cert file)\n";
$failed++;
}
$tests++;
fix_pgpverify ($sq, $sq_home);
if (pgpverify ('./messages/comp.lang.go.newgroup', 'news.announce.newgroups') == VERIFY_OK) {
print "PASS: big8 newgroup (verify from custom cert store)\n";
} else {
print "FAIL: big8 newgroup (verify from custom cert store)\n";
$failed++;
}
$tests++;
# Corrupted message, should fail with status VERIFY_BADSIG
fix_pgpverify ($sq);
if (pgpverify ('./messages/comp.lang.go-corrupted.newgroup', 'news.announce.newgroups') == VERIFY_BADSIG) {
print "PASS: BAD big8 newgroup (verify)\n";
} else {
print "FAIL: BAD big8 newgroup (verify)\n";
$failed++;
}
$tests++;
# Unknown signer, should fail with status VERIFY_NOCERT
fix_pgpverify ($sq);
if (pgpverify ('./messages/gnu', 'usenet@gnu.org') == VERIFY_NOCERT) {
print "PASS: Unknown signer (verify)\n";
} else {
print "FAIL: Unknown signer (verify)\n";
$failed++;
}
$tests++;
sign_verify_roundtrip_test ('signcontrol-sq-fingerprint', $sq, $sq, '4C5EC64E1D6FAD6CE2CE417B11183ACF87D87F73');
sign_verify_roundtrip_test ('signcontrol-sq-userid', $sq, $sq, 'testing.sq');
# Interoperability test - verify with GnuPG the message signed
# with sq
fix_pgpverify ($gpg, './keyring/');
if (pgpverify ('./tmp/signed_signcontrol-sq-userid', 'testing.sq') == VERIFY_OK) {
print "PASS: Sign with sq, verify with gpg\n";
} else {
print "FAIL: Sign with sq, verify with gpg\n";
$failed++;
}
$tests++;
print "\nTOTAL: Tests $tests Failed $failed\n";
Reference in a new issue View git blame Copy permalink