diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2020-06-29 17:15:16 +0200 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2020-06-30 10:58:41 +0200 |
| commit | b96279a54263c54ec22d88689d0bd56eec835c32 (patch) | |
| tree | 0735f55a09801391597e835838f44d9a6e1f96f1 /openpgp/src/parse | |
| parent | c87d85c16df90e35704ae15af5494b0f07768399 (diff) | |
openpgp: New test.
- 411de0d1647bf205c18b096e3fbda7fd0be7e93c added basic support for
old-style PGP signed messages.
- Add a test for such legacy signed messages and some corner cases.
Diffstat (limited to 'openpgp/src/parse')
| -rw-r--r-- | openpgp/src/parse/stream.rs | 80 |
1 files changed, 78 insertions, 2 deletions
diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs index 958fecff..4c1f809d 100644 --- a/openpgp/src/parse/stream.rs +++ b/openpgp/src/parse/stream.rs @@ -2638,6 +2638,7 @@ mod test { use std::convert::TryFrom; use crate::parse::Parse; use crate::policy::StandardPolicy as P; + use crate::serialize::Serialize; #[derive(PartialEq)] struct VHelper { @@ -2646,6 +2647,7 @@ mod test { bad: usize, error: usize, keys: Vec<Cert>, + error_out: bool, } impl std::fmt::Debug for VHelper { @@ -2655,6 +2657,7 @@ mod test { .field("unknown", &self.unknown) .field("bad", &self.bad) .field("error", &self.error) + .field("error_out", &self.error_out) .finish() } } @@ -2667,6 +2670,7 @@ mod test { bad: 0, error: 0, keys: Vec::default(), + error_out: true, } } } @@ -2679,6 +2683,7 @@ mod test { bad, error, keys, + error_out: true, } } } @@ -2711,10 +2716,10 @@ mod test { } } - if self.good > 0 && self.bad == 0 { + if ! self.error_out || (self.good > 0 && self.bad == 0) { Ok(()) } else { - Err(anyhow::anyhow!("Verification failed")) + Err(anyhow::anyhow!("Verification failed: {:?}", self)) } } } @@ -2809,6 +2814,77 @@ mod test { Ok(()) } + /// Tests legacy two-pass signature scheme, corner cases. + /// + /// XXX: This test needs to be adapted once + /// https://gitlab.com/sequoia-pgp/sequoia/-/issues/128 is + /// implemented. + #[test] + fn verifier_legacy() -> Result<()> { + let packets = crate::PacketPile::from_bytes( + crate::tests::message("signed-1.gpg") + )? + .into_children() + .collect::<Vec<_>>(); + + fn check(msg: &str, buf: &[u8], expect_good: usize) -> Result<()> { + eprintln!("{}...", msg); + let p = P::new(); + + let keys = [ + "neal.pgp", + ] + .iter() + .map(|f| Cert::from_bytes(crate::tests::key(f)).unwrap()) + .collect::<Vec<_>>(); + + let mut h = VHelper::new(0, 0, 0, 0, keys.clone()); + h.error_out = false; + let mut v = VerifierBuilder::from_bytes(buf)? + .with_policy(&p, crate::frozen_time(), h)?; + assert!(v.message_processed()); + assert_eq!(v.helper_ref().good, expect_good); + + let mut content = Vec::new(); + v.read_to_end(&mut content).unwrap(); + let reference = crate::tests::manifesto(); + assert_eq!(reference.len(), content.len()); + assert_eq!(reference, &content[..]); + Ok(()) + } + + // Bare legacy signed message: SIG Literal + let mut o = Vec::new(); + packets[2].serialize(&mut o)?; + packets[1].serialize(&mut o)?; + check("bare", &o, 0 /* XXX: should be 1 once #128 is implemented. */)?; + + // Legacy signed message, two signatures: SIG SIG Literal + let mut o = Vec::new(); + packets[2].serialize(&mut o)?; + packets[2].serialize(&mut o)?; + packets[1].serialize(&mut o)?; + check("double", &o, 0 /* XXX: should be 2 once #128 is implemented. */)?; + + // Weird legacy signed message: OPS SIG Literal SIG + let mut o = Vec::new(); + packets[0].serialize(&mut o)?; + packets[2].serialize(&mut o)?; + packets[1].serialize(&mut o)?; + packets[2].serialize(&mut o)?; + check("weird", &o, 0 /* XXX: should be 2 once #128 is implemented. */)?; + + // Fubar legacy signed message: SIG OPS Literal SIG + let mut o = Vec::new(); + packets[2].serialize(&mut o)?; + packets[0].serialize(&mut o)?; + packets[1].serialize(&mut o)?; + packets[2].serialize(&mut o)?; + check("fubar", &o, 1 /* XXX: should be 2 once #128 is implemented. */)?; + + Ok(()) + } + /// Tests the order of signatures given to /// VerificationHelper::check(). #[test] |