diff --git a/src/tests/cli_common.py b/src/tests/cli_common.py index f8d7001fc8..1d3d81f926 100644 --- a/src/tests/cli_common.py +++ b/src/tests/cli_common.py @@ -5,6 +5,7 @@ import os import re import shutil +import codecs from subprocess import Popen, PIPE RNP_ROOT = None @@ -185,27 +186,8 @@ def run_proc_windows(proc, params, stdin=None): return (retcode, out, err) if sys.version_info >= (3,): - def decode_string_escape(s): - bts = bytes(s, 'utf-8') - result = u'' - candidate = bytearray() - utf = bytearray() - for b in bts: - if b > 0x7F: - if len(candidate) > 0: - result += candidate.decode('unicode-escape') - candidate.clear() - utf.append(b) - else: - if len(utf) > 0: - result += utf.decode('utf-8') - utf.clear() - candidate.append(b) - if len(candidate) > 0: - result += candidate.decode('unicode-escape') - if len(utf) > 0: - result += utf.decode('utf-8') - return result + def decode_string_escape(s: str) -> str: + return codecs.escape_decode(bytes(s, 'utf-8'))[0].decode() def _decode(s): return s else: # Python 2 diff --git a/src/tests/cli_tests.py b/src/tests/cli_tests.py index 9ffdef5855..83566dba0d 100755 --- a/src/tests/cli_tests.py +++ b/src/tests/cli_tests.py @@ -34,6 +34,10 @@ GPG_AEAD_OCB = False GPG_NO_OLD = False GPG_BRAINPOOL = False +GPG_ELG = False +GPG_3DES = False +GPG_IDEA = False +GPG_CAST5 = False TESTS_SUCCEEDED = [] TESTS_FAILED = [] TEST_WORKFILES = [] @@ -102,9 +106,11 @@ def escape_regex(str): SECRING = 'secring.gpg' PUBRING_1 = 'keyrings/1/pubring.gpg' SECRING_1 = 'keyrings/1/secring.gpg' +PUBRING_5 = 'keyrings/5/pubring.gpg' KEYRING_DIR_1 = 'keyrings/1' KEYRING_DIR_2 = 'keyrings/2' KEYRING_DIR_3 = 'keyrings/3' +KEYRING_DIR_5 = 'keyrings/5' PUBRING_7 = 'keyrings/7/pubring.gpg' SECRING_G10 = 'test_stream_key_load/g10' KEY_ALICE_PUB = 'test_key_validity/alice-pub.asc' @@ -169,11 +175,7 @@ def escape_regex(str): RE_MULTIPLE_SUBKEY_8 = r'(?s)^\s*' \ r'8 keys found.*$' -RE_GPG_SINGLE_RSA_KEY = r'(?s)^\s*' \ -r'.+-+\s*' \ -r'pub\s+rsa.+' \ -r'\s+([0-9A-F]{40})\s*' \ -r'uid\s+.+rsakey@gpg.*' +RE_GPG_GENERATED_KEY_FPR = r'^\[GNUPG:\] KEY_CREATED P ([0-9A-F]{40})\s*' RE_GPG_GOOD_SIGNATURE = r'(?s)^.*' \ r'gpg: Signature made .*' \ @@ -224,9 +226,8 @@ def escape_regex(str): RE_KEYSTORE_INFO = r'(?s)^.*fatal: cannot set keystore info' -RNP_TO_GPG_ZALGS = { 'zip' : '1', 'zlib' : '2', 'bzip2' : '3' } # These are mostly identical -RNP_TO_GPG_CIPHERS = {'AES' : 'aes128', 'AES192' : 'aes192', 'AES256' : 'aes256', +RNP_TO_GPG_CIPHERS = {'AES' : 'aes', 'AES192' : 'aes192', 'AES256' : 'aes256', 'TWOFISH' : 'twofish', 'CAMELLIA128' : 'camellia128', 'CAMELLIA192' : 'camellia192', 'CAMELLIA256' : 'camellia256', 'IDEA' : 'idea', '3DES' : '3des', 'CAST5' : 'cast5', @@ -323,7 +324,7 @@ def clear_workfiles(): remove_files(*TEST_WORKFILES) TEST_WORKFILES = [] -def rnp_genkey_rsa(userid, bits=2048, pswd=PASSWORD): +def rnp_genkey_rsa(userid, bits=3072, pswd=PASSWORD): pipe = pswd_pipe(pswd) ret, _, err = run_proc(RNPK, ['--numbits', str(bits), '--homedir', RNPDIR, '--pass-fd', str(pipe), '--notty', '--s2k-iterations', '50000', '--userid', userid, '--generate-key']) @@ -527,7 +528,7 @@ def gpg_export_secret_key(userid, password, keyfile): def gpg_params_insert_z(params, pos, z): if z: if len(z) > 0 and z[0] != None: - params[pos:pos] = ['--compress-algo', RNP_TO_GPG_ZALGS[z[0]]] + params[pos:pos] = ['--compress-algo', z[0]] if len(z) > 1 and z[1] != None: params[pos:pos] = ['-z', str(z[1])] @@ -543,12 +544,14 @@ def gpg_encrypt_file(src, dst, cipher=None, z=None, armor=False): ret, _, err = run_proc(GPG, params) if ret != 0: - raise_err('gpg encryption failed for cipher ' + cipher, err) + raise_err('gpg encryption failed for cipher ' + + (cipher or 'unspecified'), err) def gpg_symencrypt_file(src, dst, cipher=None, z=None, armor=False, aead=None): src = path_for_gpg(src) dst = path_for_gpg(dst) params = ['--homedir', GPGHOME, '-c', '--s2k-count', '65536', '--batch', + GPG_LOOPBACK, '--passphrase', PASSWORD, '--output', dst, src] if z: gpg_params_insert_z(params, 3, z) if cipher: params[3:3] = ['--cipher-algo', RNP_TO_GPG_CIPHERS[cipher]] @@ -854,13 +857,20 @@ def rnp_cleartext_signing_gpg_to_rnp(filesize): clear_workfiles() def gpg_check_features(): - global GPG_AEAD, GPG_AEAD_EAX, GPG_AEAD_OCB, GPG_NO_OLD, GPG_BRAINPOOL + global GPG_ELG, GPG_AEAD, GPG_AEAD_EAX, GPG_AEAD_OCB, GPG_NO_OLD, GPG_BRAINPOOL + global GPG_3DES, GPG_IDEA, GPG_CAST5 _, out, _ = run_proc(GPG, ["--version"]) + # El Gamal + GPG_ELG = re.match(r'(?s)^.*ELG.*', out) is not None + # old symmetric ciphers + GPG_3DES = re.match(r'(?s)^.*3DES.*', out) is not None + GPG_IDEA = re.match(r'(?s)^.*IDEA.*', out) is not None + GPG_CAST5 = re.match(r'(?s)^.*CAST5.*', out) is not None # AEAD GPG_AEAD_EAX = re.match(r'(?s)^.*AEAD:.*EAX.*', out) is not None GPG_AEAD_OCB = re.match(r'(?s)^.*AEAD:.*OCB.*', out) is not None # Version 2.3.0-beta1598 and up drops support of 64-bit block algos - match = re.match(r'(?s)^.*gpg \(GnuPG\) (\d+)\.(\d+)\.(\d+)(-beta(\d+))?.*$', out) + match = re.match(r'(?s)^.*gpg \(GnuPG[^\)]*\) (\d+)\.(\d+)\.(\d+)(-beta(\d+))?.*$', out) if not match: raise_err('Failed to parse GnuPG version.') ver = [int(match.group(1)), int(match.group(2)), int(match.group(3))] @@ -877,6 +887,7 @@ def gpg_check_features(): # Check whether Brainpool curves are supported _, out, _ = run_proc(GPG, ["--with-colons", "--list-config", "curve"]) GPG_BRAINPOOL = re.match(r'(?s)^.*brainpoolP256r1.*', out) is not None + print('GPG_ELG: ' + str(GPG_ELG)) print('GPG_AEAD_EAX: ' + str(GPG_AEAD_EAX)) print('GPG_AEAD_OCB: ' + str(GPG_AEAD_OCB)) print('GPG_NO_OLD: ' + str(GPG_NO_OLD)) @@ -1078,7 +1089,9 @@ def _rnpkey_generate_rsa(self, bits= None): self.assertEqual(match.group(2), keyid.lower(), 'wrong keyid') self.assertEqual(match.group(1), str(bits), 'wrong key bits in list') # Import key to the gnupg - ret, _, _ = run_proc(GPG, ['--batch', '--passphrase', PASSWORD, '--homedir', + ret, _, _ = run_proc(GPG, ['--batch', '--passphrase', PASSWORD, + GPG_LOOPBACK, + '--homedir', GPGHOME, '--import', path_for_gpg(os.path.join(RNPDIR, PUBRING)), path_for_gpg(os.path.join(RNPDIR, SECRING))]) @@ -1157,13 +1170,17 @@ def test_generate_key_with_gpg_import_to_rnp(self): Generate key with GnuPG and import it to rnp ''' # Generate key in GnuPG - ret, _, _ = run_proc(GPG, ['--batch', '--homedir', GPGHOME, '--passphrase', - '', '--quick-generate-key', 'rsakey@gpg', 'rsa']) + statusfile = os.path.join(WORKDIR, "gpg-status") + ret, _, _ = run_proc(GPG, ['--batch', + GPG_LOOPBACK, + '--homedir', GPGHOME, '--passphrase', + '', '--status-file', statusfile, + '--quick-generate-key', 'rsakey@gpg', 'rsa']) self.assertEqual(ret, 0, 'gpg key generation failed') # Getting fingerprint of the generated key - ret, out, err = run_proc(GPG, ['--batch', '--homedir', GPGHOME, '--list-keys']) - match = re.match(RE_GPG_SINGLE_RSA_KEY, out) - self.assertTrue(match, 'wrong gpg key list output') + with open(statusfile, 'r') as status: + match = re.search(RE_GPG_GENERATED_KEY_FPR, status.read(), re.MULTILINE) + self.assertTrue(match, 'wrong gpg status output') keyfp = match.group(1) # Exporting generated public key ret, out, err = run_proc( @@ -1633,19 +1650,21 @@ def test_userid_escape(self): tracker_1 = tracker_beginning + ''.join(map(chr, range(1,0x10))) + tracker_end tracker_2 = tracker_beginning + ''.join(map(chr, range(0x10,0x20))) + tracker_end #Run key generation - rnp_genkey_rsa(tracker_1, 1024) - rnp_genkey_rsa(tracker_2, 1024) + rnp_genkey_rsa(tracker_1) + rnp_genkey_rsa(tracker_2) #Read with rnpkeys ret, out_rnp, _ = run_proc(RNPK, ['--homedir', RNPDIR, '--list-keys']) self.assertEqual(ret, 0, 'rnpkeys : failed to read keystore') #Read with GPG - ret, out_gpg, _ = run_proc(GPG, ['--homedir', path_for_gpg(RNPDIR), '--list-keys']) + ret, out_gpg, _ = run_proc(GPG, ['--homedir', path_for_gpg(RNPDIR), '--with-colons', '--list-keys']) self.assertEqual(ret, 0, 'gpg : failed to read keystore') tracker_rnp = re.findall(r'' + tracker_beginning + '.*' + tracker_end + '', out_rnp) tracker_gpg = re.findall(r'' + tracker_beginning + '.*' + tracker_end + '', out_gpg) self.assertEqual(len(tracker_rnp), 2, 'failed to find expected rnp userids') self.assertEqual(len(tracker_gpg), 2, 'failed to find expected gpg userids') - self.assertEqual(tracker_rnp, tracker_gpg, 'userids from rnpkeys and gpg don\'t match') + self.assertEqual(set(map(decode_string_escape, tracker_rnp)), + set(map(decode_string_escape, tracker_gpg)), + 'userids from rnpkeys and gpg don\'t match') clear_keyrings() def test_key_revoke(self): @@ -1733,19 +1752,19 @@ def _test_userid_genkey(self, userid_beginning, weird_part, userid_end, weird_pa USERS.append(userid_beginning + weird_part2 + userid_end) # Run key generation for userid in USERS: - rnp_genkey_rsa(userid, 1024) + rnp_genkey_rsa(userid) # Read with GPG - ret, out, _ = run_proc(GPG, ['--homedir', path_for_gpg(RNPDIR), '--list-keys', '--charset', CONSOLE_ENCODING]) + ret, out, _ = run_proc(GPG, ['--homedir', path_for_gpg(RNPDIR), '--with-colons', '--list-keys', '--charset', CONSOLE_ENCODING]) self.assertEqual(ret, 0, 'gpg : failed to read keystore') tracker_escaped = re.findall(r'' + userid_beginning + '.*' + userid_end + '', out) - tracker_gpg = list(map(decode_string_escape, tracker_escaped)) - self.assertEqual(tracker_gpg, USERS, 'gpg : failed to find expected userids from keystore') + tracker_gpg = set(map(decode_string_escape, tracker_escaped)) + self.assertEqual(tracker_gpg, set(USERS), 'gpg : failed to find expected userids from keystore') # Read with rnpkeys ret, out, _ = run_proc(RNPK, ['--homedir', RNPDIR, '--list-keys']) self.assertEqual(ret, 0, 'rnpkeys : failed to read keystore') tracker_escaped = re.findall(r'' + userid_beginning + '.*' + userid_end + '', out) - tracker_rnp = list(map(decode_string_escape, tracker_escaped)) - self.assertEqual(tracker_rnp, USERS, 'rnpkeys : failed to find expected userids from keystore') + tracker_rnp = set(map(decode_string_escape, tracker_escaped)) + self.assertEqual(tracker_rnp, set(USERS), 'rnpkeys : failed to find expected userids from keystore') clear_keyrings() def test_userid_unicode_genkeys(self): @@ -2164,7 +2183,9 @@ def test_encryption_no_mdc(self): random_text(src, 64000) # Encrypt cleartext file with GPG params = ['--homedir', GPGHOME, '-c', '-z', '0', '--disable-mdc', '--s2k-count', - '65536', '--batch', '--passphrase', PASSWORD, '--output', + '65536', '--batch', + GPG_LOOPBACK, + '--passphrase', PASSWORD, '--output', path_for_gpg(dst), path_for_gpg(src)] ret, _, _ = run_proc(GPG, params) self.assertEqual(ret, 0, 'gpg symmetric encryption failed') @@ -2185,7 +2206,9 @@ def test_encryption_s2k(self): def rnp_encryption_s2k_gpg(cipher, hash_alg, s2k=None, iterations=None): params = ['--homedir', GPGHOME, '-c', '--s2k-cipher-algo', cipher, - '--s2k-digest-algo', hash_alg, '--batch', '--passphrase', PASSWORD, + '--s2k-digest-algo', hash_alg, '--batch', + GPG_LOOPBACK, + '--passphrase', PASSWORD, '--output', dst, src] if s2k is not None: @@ -2417,14 +2440,14 @@ def test_rnpkeys_g10_def_key(self): def test_large_packet(self): # Verifying large packet file with GnuPG - kpath = path_for_gpg(data_path(PUBRING_1)) + kpath = path_for_gpg(data_path(PUBRING_5)) dpath = path_for_gpg(data_path('test_large_packet/4g.bzip2.gpg')) ret, _, _ = run_proc(GPG, ['--homedir', GPGHOME, '--no-default-keyring', '--keyring', kpath, '--verify', dpath]) self.assertEqual(ret, 0, 'large packet verification failed') def test_partial_length_signature(self): # Verifying partial length signature with GnuPG - kpath = path_for_gpg(data_path(PUBRING_1)) + kpath = path_for_gpg(data_path(PUBRING_5)) mpath = path_for_gpg(data_path('test_partial_length/message.txt.partial-signed')) ret, _, _ = run_proc(GPG, ['--homedir', GPGHOME, '--no-default-keyring', '--keyring', kpath, '--verify', mpath]) self.assertNotEqual(ret, 0, 'partial length signature packet should result in failure but did not') @@ -2432,19 +2455,19 @@ def test_partial_length_signature(self): def test_partial_length_public_key(self): # Reading keyring that has a public key packet with partial length using GnuPG kpath = data_path('test_partial_length/pubring.gpg.partial') - ret, _, _ = run_proc(GPG, ['--homedir', GPGHOME, '--no-default-keyring', '--keyring', kpath, '--list-keys']) - self.assertNotEqual(ret, 0, 'partial length public key packet should result in failure but did not') + ret, out, _ = run_proc(GPG, ['--homedir', GPGHOME, '--no-default-keyring', '--keyring', kpath, '--list-keys']) + self.assertEqual(out, '', 'some listing emitted when reviewing partial-length public key packet') def test_partial_length_zero_last_chunk(self): # Verifying message in partial packets having 0-size last chunk with GnuPG - kpath = path_for_gpg(data_path(PUBRING_1)) + kpath = path_for_gpg(data_path(PUBRING_5)) mpath = path_for_gpg(data_path('test_partial_length/message.txt.partial-zero-last')) ret, _, _ = run_proc(GPG, ['--homedir', GPGHOME, '--no-default-keyring', '--keyring', kpath, '--verify', mpath]) self.assertEqual(ret, 0, 'message in partial packets having 0-size last chunk verification failed') def test_partial_length_largest(self): # Verifying message having largest possible partial packet with GnuPG - kpath = path_for_gpg(data_path(PUBRING_1)) + kpath = path_for_gpg(data_path(PUBRING_5)) mpath = path_for_gpg(data_path('test_partial_length/message.txt.partial-1g')) ret, _, _ = run_proc(GPG, ['--homedir', GPGHOME, '--no-default-keyring', '--keyring', kpath, '--verify', mpath]) self.assertEqual(ret, 0, 'message having largest possible partial packet verification failed') @@ -3762,7 +3785,7 @@ def test_interactive_password(self): def test_set_current_time(self): # Too old date is64bit = sys.maxsize > 2 ** 32 - gparam = ['--homedir', RNPDIR2, '--notty', '--password', PASSWORD, '--generate-key', '--numbits', '1024', '--current-time'] + gparam = ['--homedir', RNPDIR2, '--notty', '--password', PASSWORD, '--generate-key', '--numbits', '2048', '--current-time'] rparam = ['--homedir', RNPDIR2, '--notty', '--remove-key'] ret, out, err = run_proc(RNPK, gparam + ['1950-01-02', '--userid', 'key-1950']) self.assertEqual(ret, 0) @@ -4334,11 +4357,20 @@ def setUpClass(cls): # Generate keypair in RNP rnp_genkey_rsa(KEY_ENCRYPT) # Add some other keys to the keyring - rnp_genkey_rsa('dummy1@rnp', 1024) - rnp_genkey_rsa('dummy2@rnp', 1024) + rnp_genkey_rsa('dummy1@rnp') + rnp_genkey_rsa('dummy2@rnp') gpg_import_pubring() gpg_import_secring() Encryption.CIPHERS += rnp_supported_ciphers(False) + cipher_skip = [] + if not GPG_3DES: + cipher_skip += ['3DES'] + if not GPG_IDEA: + cipher_skip += ['IDEA'] + if not GPG_CAST5: + cipher_skip += ['CAST5'] + if cipher_skip: + Encryption.CIPHERS = list(filter(lambda x: x not in cipher_skip, Encryption.CIPHERS)) Encryption.CIPHERS_R = list_upto(Encryption.CIPHERS, Encryption.RUNS) Encryption.SIZES_R = list_upto(Encryption.SIZES, Encryption.RUNS) Encryption.Z_R = list_upto(Encryption.Z, Encryption.RUNS) @@ -4561,7 +4593,7 @@ def test_encryption_multiple_recipients(self): PASSWORDS = ['password1', 'password2', 'password3'] # Generate multiple keys and import to GnuPG for uid, pswd in zip(USERIDS, KEYPASS): - rnp_genkey_rsa(uid, 1024, pswd) + rnp_genkey_rsa(uid, 3072, pswd) gpg_import_pubring() gpg_import_secring() @@ -4622,7 +4654,7 @@ def test_encryption_and_signing(self): AEAD_C = list_upto(rnp_supported_ciphers(True), Encryption.RUNS) # Generate multiple keys and import to GnuPG for uid, pswd in zip(USERIDS, KEYPASS): - rnp_genkey_rsa(uid, 1024, pswd) + rnp_genkey_rsa(uid, 3072, pswd) gpg_import_pubring() gpg_import_secring() @@ -4754,7 +4786,7 @@ def test_encryption_and_signing_pqc(self): def test_encryption_weird_userids_special_1(self): uid = WEIRD_USERID_SPECIAL_CHARS pswd = 'encSpecial1Pass' - rnp_genkey_rsa(uid, 1024, pswd) + rnp_genkey_rsa(uid, 3072, pswd) # Encrypt src = data_path(MSG_TXT) dst, dec = reg_workfiles('weird_userids_special_1', '.rnp', '.dec') @@ -4769,7 +4801,7 @@ def test_encryption_weird_userids_special_2(self): KEYPASS = ['encSpecial2Pass1', 'encSpecial2Pass2', 'encSpecial2Pass3', 'encSpecial2Pass4'] # Generate multiple keys for uid, pswd in zip(USERIDS, KEYPASS): - rnp_genkey_rsa(uid, 1024, pswd) + rnp_genkey_rsa(uid, 2048, pswd) # Encrypt to all recipients src = data_path(MSG_TXT) dst, dec = reg_workfiles('weird_userids_special_2', '.rnp', '.dec') @@ -4795,7 +4827,7 @@ def test_encryption_weird_userids_unicode(self): KEYPASS = ['encUnicodePass1', 'encUnicodePass2'] # Generate multiple keys for uid, pswd in zip(USERIDS_1, KEYPASS): - rnp_genkey_rsa(uid, 1024, pswd) + rnp_genkey_rsa(uid, 3072, pswd) # Encrypt to all recipients src = data_path('test_messages') + '/message.txt' dst, dec = reg_workfiles('weird_unicode', '.rnp', '.dec') @@ -4931,7 +4963,7 @@ def test_encryption_no_wrap(self): self.assertEqual(ret, 0) self.assertRegex(err, r'(?s)^.*gpg: encrypted with .*dummy1@rnp.*') self.assertRegex(out, r'(?s)^.*:pubkey enc packet: version 3.*:encrypted data packet:.*mdc_method: 2.*' \ - r':compressed packet.*:onepass_sig packet:.*:literal data packet.*:signature packet.*') + r':onepass_sig packet:.*:literal data packet.*:signature packet.*') # Decrypt with GnuPG ret, _, err = run_proc(GPG, ['--batch', '--homedir', GPGHOME, GPG_LOOPBACK, '--passphrase', PASSWORD, '--output', dec, '-d', enc]) self.assertEqual(ret, 0) @@ -5030,7 +5062,7 @@ def test_rnp_compression(self): def test_rnp_compression_corner_cases(self): shutil.rmtree(RNPDIR) - kring = shutil.copytree(data_path(KEYRING_DIR_1), RNPDIR) + kring = shutil.copytree(data_path(KEYRING_DIR_5), RNPDIR) gpg_import_pubring() gpg_import_secring() @@ -5104,7 +5136,7 @@ def test_rnp_multiple_signers(self): # Generate multiple keys and import to GnuPG for uid, pswd in zip(USERIDS, KEYPASS): - rnp_genkey_rsa(uid, 1024, pswd) + rnp_genkey_rsa(uid, 3072, pswd) gpg_import_pubring() gpg_import_secring() @@ -5144,7 +5176,7 @@ def test_sign_weird_userids(self): # Generate multiple keys for uid, pswd in zip(USERIDS, KEYPASS): - rnp_genkey_rsa(uid, 1024, pswd) + rnp_genkey_rsa(uid, 3072, pswd) gpg_import_pubring() gpg_import_secring() @@ -5274,6 +5306,13 @@ class EncryptElgamal(Encrypt): RNP_GENERATE_DSA_ELGAMAL_PATTERN = "16\n{0}\n" + @property + def elg_peer(self): + if GPG_ELG: + return self.gpg + else: + return self.rnp + @staticmethod def key_pfx(sign_key_size, enc_key_size): return "GnuPG_dsa_elgamal_%d_%d" % (sign_key_size, enc_key_size) @@ -5285,7 +5324,7 @@ def do_test_encrypt(self, sign_key_size, enc_key_size): # DSA 1024 key uses SHA-1 as hash but verification would succeed till 2024 if sign_key_size == 1024: return - self._encrypt_decrypt(self.gpg, self.rnp) + self._encrypt_decrypt(self.elg_peer, self.rnp) def do_test_decrypt(self, sign_key_size, enc_key_size): pfx = EncryptElgamal.key_pfx(sign_key_size, enc_key_size) @@ -5293,7 +5332,7 @@ def do_test_decrypt(self, sign_key_size, enc_key_size): self.rnp.userid = self.gpg.userid = pfx + AT_EXAMPLE if sign_key_size == 1024: return - self._encrypt_decrypt(self.rnp, self.gpg) + self._encrypt_decrypt(self.rnp, self.elg_peer) def test_encrypt_P1024_1024(self): self.do_test_encrypt(1024, 1024) def test_encrypt_P1024_2048(self): self.do_test_encrypt(1024, 2048) @@ -5306,6 +5345,8 @@ def test_decrypt_P1234_1234(self): self.do_test_decrypt(1234, 1234) # 1024-bit key generation test was removed since it uses SHA1, which is not allowed for key signatures since Jan 19, 2024. def test_generate_elgamal_key1536_in_gpg_and_encrypt(self): + if not GPG_ELG: + self.skipTest("gpg does not support El Gamal") cmd = EncryptElgamal.GPG_GENERATE_DSA_ELGAMAL_PATTERN.format(1536, 1536, self.gpg.userid) self.operation_key_gencmd = cmd self._encrypt_decrypt(self.gpg, self.rnp) @@ -5313,7 +5354,7 @@ def test_generate_elgamal_key1536_in_gpg_and_encrypt(self): def test_generate_elgamal_key1024_in_rnp_and_decrypt(self): cmd = EncryptElgamal.RNP_GENERATE_DSA_ELGAMAL_PATTERN.format(1024) self.operation_key_gencmd = cmd - self._encrypt_decrypt(self.rnp, self.gpg) + self._encrypt_decrypt(self.rnp, self.elg_peer) class EncryptEcdh(Encrypt): @@ -5551,12 +5592,12 @@ def do_rnp_decrypt_sign(self, key_size): self._encrypt_decrypt(self.rnp, self.gpg) self._sign_verify(self.rnp, self.gpg) - def test_rnp_encrypt_verify_1024(self): self.do_encrypt_verify(1024) def test_rnp_encrypt_verify_2048(self): self.do_encrypt_verify(2048) + def test_rnp_encrypt_verify_3072(self): self.do_encrypt_verify(3072) def test_rnp_encrypt_verify_4096(self): self.do_encrypt_verify(4096) - def test_rnp_decrypt_sign_1024(self): self.do_rnp_decrypt_sign(1024) def test_rnp_decrypt_sign_2048(self): self.do_rnp_decrypt_sign(2048) + def test_rnp_decrypt_sign_3072(self): self.do_rnp_decrypt_sign(3072) def test_rnp_decrypt_sign_4096(self): self.do_rnp_decrypt_sign(4096) def setUp(self): diff --git a/src/tests/data/test_large_packet/4g.bzip2.gpg b/src/tests/data/test_large_packet/4g.bzip2.gpg index 81b0ef6d39..c6291d7e36 100644 Binary files a/src/tests/data/test_large_packet/4g.bzip2.gpg and b/src/tests/data/test_large_packet/4g.bzip2.gpg differ diff --git a/src/tests/data/test_partial_length/message.txt.partial-1g b/src/tests/data/test_partial_length/message.txt.partial-1g index e73821e210..cd21ec49b2 100644 Binary files a/src/tests/data/test_partial_length/message.txt.partial-1g and b/src/tests/data/test_partial_length/message.txt.partial-1g differ diff --git a/src/tests/data/test_partial_length/message.txt.partial-256 b/src/tests/data/test_partial_length/message.txt.partial-256 index 643034deed..96d9b200a2 100644 Binary files a/src/tests/data/test_partial_length/message.txt.partial-256 and b/src/tests/data/test_partial_length/message.txt.partial-256 differ diff --git a/src/tests/data/test_partial_length/message.txt.partial-signed b/src/tests/data/test_partial_length/message.txt.partial-signed index 8f2b270843..5f10a6f174 100644 Binary files a/src/tests/data/test_partial_length/message.txt.partial-signed and b/src/tests/data/test_partial_length/message.txt.partial-signed differ diff --git a/src/tests/data/test_partial_length/message.txt.partial-zero-last b/src/tests/data/test_partial_length/message.txt.partial-zero-last index d3341c4ccc..df2c7767cc 100644 Binary files a/src/tests/data/test_partial_length/message.txt.partial-zero-last and b/src/tests/data/test_partial_length/message.txt.partial-zero-last differ diff --git a/src/tests/large-packet.cpp b/src/tests/large-packet.cpp index a25e20a481..1e5d7a1313 100644 --- a/src/tests/large-packet.cpp +++ b/src/tests/large-packet.cpp @@ -36,7 +36,7 @@ TEST_F(rnp_tests, test_large_packet) /* init ffi and inputs */ assert_rnp_success(rnp_ffi_create(&ffi, "GPG", "GPG")); - assert_rnp_success(rnp_input_from_path(&input, "data/keyrings/1/pubring.gpg")); + assert_rnp_success(rnp_input_from_path(&input, "data/keyrings/5/pubring.gpg")); assert_rnp_success(rnp_load_keys(ffi, "GPG", input, RNP_LOAD_SAVE_PUBLIC_KEYS)); assert_rnp_success(rnp_input_destroy(input)); diff --git a/src/tests/partial-length.cpp b/src/tests/partial-length.cpp index 3371a95905..af1be716e0 100644 --- a/src/tests/partial-length.cpp +++ b/src/tests/partial-length.cpp @@ -69,12 +69,12 @@ test_partial_length_init(rnp_ffi_t *ffi, uint32_t key_flags) assert_rnp_success( rnp_ffi_set_pass_provider(*ffi, ffi_string_password_provider, (void *) "password")); if (key_flags & RNP_LOAD_SAVE_SECRET_KEYS) { - assert_rnp_success(rnp_input_from_path(&input, "data/keyrings/1/secring.gpg")); + assert_rnp_success(rnp_input_from_path(&input, "data/keyrings/5/secring.gpg")); assert_rnp_success(rnp_load_keys(*ffi, "GPG", input, key_flags)); assert_rnp_success(rnp_input_destroy(input)); } if (key_flags & RNP_LOAD_SAVE_PUBLIC_KEYS) { - assert_rnp_success(rnp_input_from_path(&input, "data/keyrings/1/pubring.gpg")); + assert_rnp_success(rnp_input_from_path(&input, "data/keyrings/5/pubring.gpg")); assert_rnp_success(rnp_load_keys(*ffi, "GPG", input, key_flags)); assert_rnp_success(rnp_input_destroy(input)); } @@ -195,7 +195,7 @@ TEST_F(rnp_tests, test_partial_length_first_packet_length) assert_rnp_success(rnp_input_from_callback(&input, dummy_reader, NULL, &reader_ctx)); assert_rnp_success(rnp_output_to_memory(&output, uncacheable_size + 1024)); assert_rnp_success(rnp_op_sign_create(&sign, ffi, input, output)); - assert_rnp_success(rnp_locate_key(ffi, "keyid", "7BC6709B15C23A4A", &key)); + assert_rnp_success(rnp_locate_key(ffi, "keyid", "0E33FD46FF10F19C", &key)); assert_rnp_success(rnp_op_sign_add_signature(sign, key, NULL)); assert_rnp_success(rnp_key_handle_destroy(key)); key = NULL;