diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2021-03-17 10:16:32 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2021-03-17 10:16:32 +0100 |
commit | 78911fa6349aedace40ed021f1ab2a263757b300 (patch) | |
tree | 40e893a9190f1668a0e0899edc926c3e709cdb9b | |
parent | 3c9351ade65fa888a13018765ba058363314d677 (diff) |
openpgp: Add 1pa3pc test vector from dkgpg.
- See #335 and https://savannah.nongnu.org/bugs/index.php?60154
-rw-r--r-- | openpgp/src/cert.rs | 55 | ||||
-rw-r--r-- | openpgp/tests/data/keys/1pa3pc-dkgpg.pgp | 36 |
2 files changed, 91 insertions, 0 deletions
diff --git a/openpgp/src/cert.rs b/openpgp/src/cert.rs index 401957a1..e717f163 100644 --- a/openpgp/src/cert.rs +++ b/openpgp/src/cert.rs @@ -6073,4 +6073,59 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= Ok(()) } + + /// Makes sure that attested key signatures are correctly handled. + #[test] + fn attested_key_signatures_dkgpg() -> Result<()> { + const DUMP: bool = false; + use crate::{ + packet::signature::subpacket::*, + crypto::hash::Digest, + }; + + let test = Cert::from_bytes(crate::tests::key("1pa3pc-dkgpg.pgp"))?; + assert_eq!(test.bad_signatures().count(), 0); + assert_eq!(test.userids().nth(0).unwrap().certifications().count(), + 1); + assert_eq!(test.userids().nth(0).unwrap().bundle().attestations.len(), + 1); + + let attestation = + &test.userids().nth(0).unwrap().bundle().attestations[0]; + + let digest_size = attestation.hash_algo().context()?.digest_size(); + let digests = if let Some(SubpacketValue::Unknown { body, .. }) = + attestation.subpacket(SubpacketTag__AttestedCertifications) + .map(|sp| sp.value()) + { + body.chunks(digest_size).map(|d| d.to_vec()).collect::<Vec<_>>() + } else { + unreachable!("Valid attestation signatures contain one"); + }; + + if DUMP { + for (i, d) in digests.iter().enumerate() { + crate::fmt::hex::Dumper::new(std::io::stderr(), "") + .write(d, format!("expected digest {}", i))?; + } + } + + for (i, certification) in + test.userids().nth(0).unwrap().certifications().enumerate() + { + // Hash the certification. + let mut h = attestation.hash_algo().context()?; + certification.hash_for_confirmation(&mut h); + let digest = h.into_digest()?; + + if DUMP { + crate::fmt::hex::Dumper::new(std::io::stderr(), "") + .write(&digest, format!("computed digest {}", i))?; + } + + assert!(digests.contains(&digest)); + } + + Ok(()) + } } diff --git a/openpgp/tests/data/keys/1pa3pc-dkgpg.pgp b/openpgp/tests/data/keys/1pa3pc-dkgpg.pgp new file mode 100644 index 00000000..f0b089d3 --- /dev/null +++ b/openpgp/tests/data/keys/1pa3pc-dkgpg.pgp @@ -0,0 +1,36 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBF2lnPIBDAC5cL9PQoQLTMuhjbYvb4Ncuuo0bfmgPRFywX53jPhoFf4Zg6mv +/seOXpgecTdOcVttfzC8ycIKrt3aQTiwOG/ctaR4Bk/t6ayNFfdUNxHWk4WCKzdz +/56fW2O0F23qIRd8UUJp5IIlN4RDdRCtdhVQIAuzvp2oVy/LaS2kxQoKvph/5pQ/ +5whqsyroEWDJoSV0yOb25B/iwk/pLUFoyhDG9bj0kIzDxrEqW+7Ba8nocQlecMF3 +X5KMN5kp2zraLv9dlBBpWW43XktjcCZgMy20SouraVma8Je/ECwUWYUiAZxLIlMv +9CurEOtxUw6N3RdOtLmYZS9uEnn5y1UkF88o8Nku890uk6BrewFzJyLAx5wRZ4F0 +qV/yq36UWQ0JB/AUGhHVPdFf6pl6eaxBwT5GXvbBUibtf8YI2og5RsgTWtXfU7eb +SGXrl5ZMpbA6mbfhd0R8aPxWfmDWiIOhBufhMCvUHh1sApMKVZnvIff9/0Dca3wb +vLIwa3T4CyshfT0AEQEAAbQhQm9iIEJhYmJhZ2UgPGJvYkBvcGVucGdwLmV4YW1w +bGU+iQHOBBMBCgA4AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEE0aZuGiOx +gsmYD3iM+/zIKgFeczAFAl2lnvoACgkQ+/zIKgFeczBvbAv/VNk90a6hG8Od9xTz +XxH5YRFUSGfIA1yjPIVOnKqhMwps2U+sWE3urL+MvjyQRlyRV8oY9IOhQ5Esm6DO +ZYrTnE7qVETm1ajIAP2OFChEc55uH88x/anpPOXOJY7S8jbn3naC9qad75BrZ+3g +9EBUWiy5p8TykP05WSnSxNRt7vFKLfEB4nGkehpwHXOVF0CRNwYle42bg8lpmdXF +DcCZCi+qEbafmTQzkAqyzS3nCh3IAqq6Y0kBuaKLm2tSNUOlZbD+OHYQNZ5Jix7c +ZUzs6Xh4+I55NRWl5smrLq66yOQoFPy9jot/Qxikx/wP3MsAzeGaZSEPc0fHp5G1 +6rlGbxQ3vl8/usUV7W+TMEMljgwd5x8POR6HC8EaCDfVnUBCPi/Gv+egLjsIbPJZ +ZEroiE40e6/UoCiQtlpQB5exPJYSd1Q1txCwueih99PHepsDhmUQKiACszNU+RRo +zAYau2VdHqnRJ7QYdxHDiH49jPK4NTMyb/tJh2TiIwcmsIpGwnUEEBEKACcFAmBN +CpAJEJunidx21oSaFiEEcf/aAEQJ5d2ww+jxm6eJ3HbWhJoAABmgAP9KtTytfXXD +2X+mlrizBMpx47U23r02symW7fY5YccuGwD9Eaca7pxQ2g0Y3+dz737GTZF6pmKn +qyJ+TG3K4HzQ9PTCwTUEFgEKAGkFgmBNCwkJkPv8yCoBXnMwFiEE0aZuGiOxgsmY +D3iM+/zIKgFeczBBpdmDltBPUyiISTTaDtkW4PimJ8bImwgTTLrJbHOhwD0EiW9z +Bbk+ygDencFVoWXGmdJiRDaYH8YnSzmQcRNSzZgAAMkHDACchoM/7czeOaKt2Gr2 +20YxgLQXdIwpDiiUgPuYJvarFrgxFhz1FZKiuNOsb0Lla9vqAwT9c+tefOLKPzLR +1nQl2RO52v4G1yGtj9nQD5eT1fCERMroHFWP05xXt0auBV2sGaq9mLhMXf9S0O7Z +NPduKiKmiVBd7NfeEk46wpXQqNJuvknIA2aLJ9bHMtRHUgZDRkAR+2bhrLyaqPmU +gmVAVhZWAwlimz7EGhqLkZMRBOsGlKO1HsxJHdVtaF/MkwUrTP3DEqf2Lyzd9ZYf +iUwE6kOdRo9IRW3Z3fkncm2UfoRo1LuNohVDJpKij2P/QOQNEdtqv8OK9ea0xLib +OVD9/n9odYiVQYWN3MasQyc965w99LJGWFPWD7FRYiBqfVl6xqHQqvx3QLOcyx4t +aCdj1Qi0cexk1BzqXdFlPQ01exOE8YKYzPzv2pOFDBBGcNPpeTDMjZ7q0FRBjlh/ +XlaxvSSw8GkW/a0Rt9YWzVZXQWrRpoEgK9sLvKSSuOLeJjM= +=vrAw +-----END PGP PUBLIC KEY BLOCK----- |