1#!/usr/bin/env gpgscm
2
3;; Copyright (C) 2016 g10 Code GmbH
4;;
5;; This file is part of GnuPG.
6;;
7;; GnuPG is free software; you can redistribute it and/or modify
8;; it under the terms of the GNU General Public License as published by
9;; the Free Software Foundation; either version 3 of the License, or
10;; (at your option) any later version.
11;;
12;; GnuPG is distributed in the hope that it will be useful,
13;; but WITHOUT ANY WARRANTY; without even the implied warranty of
14;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15;; GNU General Public License for more details.
16;;
17;; You should have received a copy of the GNU General Public License
18;; along with this program; if not, see <http://www.gnu.org/licenses/>.
19
20(load (in-srcdir "tests" "openpgp" "defs.scm"))
21(setup-legacy-environment)
22
23(define msg_signed_asc "
24-----BEGIN PGP SIGNED MESSAGE-----
25Hash: SHA256
26
27This is an example text file to demonstrate a problem.
28
29Using forged-keyring.gpg with signature cache, it looks like it is
30signed by the following key:
31
32    Echo Test (demo key) <echo@example.net>
33
34But actually not.
35
36It is signed by a key (steve.biko@example.net) distributed as:
37
38    gnupg/tests/openpgp/samplekeys/rsa-rsa-sample-1.asc
39
40in GnuPG.
41
42The forged-keyring.gpg file is created by a key in
43
44    gnupg/tests/openpgp/pubdemo.asc
45
46Replacing the raw key material packet by one of rsa-rsa-sample-1.asc.
47-----BEGIN PGP SIGNATURE-----
48Version: GnuPG v2
49
50iQEcBAEBCAAGBQJXp+5MAAoJEKpD8dzH/tG3bGMH/1idFLJAaMxkrq+JguvAboiN
51tAA44IdAgJvAxtR5w5fgfed7PfsH70+tj54/ZTObt7rZDIlj/YBQ7XeCwd7/O5vx
52W0QtjjAxMuAPH80rVv4JIoflxV/deD8YaV9EhPE+6W5G0Z8SYL9B2RzdBVMwJY9+
53OZGJeKnUZ92Zg9jFr+H5gQNSeYdDHVDWYxr/xJUf0jYsZvAIBfB1mcSK1niiiVBv
54GAcUC/I8g18a7pCS9Qf9iZflqxX4AXfocAGQqQAiG4744OCNhVa5q6TScqhaGUah
55N1Glbw1OJfP1q+QFPMPKoCsTYmZpuugq2b5gV/eH0Abvk2pG4Fo/YTDPHhec7Jk=
56=NnY/
57-----END PGP SIGNATURE-----
58")
59
60(for-each-p
61 "Checking that a signature by bad key should not be verified"
62 (lambda (armored-file)
63   (catch '()
64	  (pipe:do
65	   (pipe:echo (eval armored-file (current-environment)))
66	   (pipe:spawn `(,@GPGV --keyring ,(in-srcdir "tests" "openpgp" "forged-keyring.gpg"))))
67	  (fail "verification succeeded but should not")))
68 '(msg_signed_asc))
69