1#!/usr/bin/env gpgscm 2 3;; Copyright (C) 2016 g10 Code GmbH 4;; 5;; This file is part of GnuPG. 6;; 7;; GnuPG is free software; you can redistribute it and/or modify 8;; it under the terms of the GNU General Public License as published by 9;; the Free Software Foundation; either version 3 of the License, or 10;; (at your option) any later version. 11;; 12;; GnuPG is distributed in the hope that it will be useful, 13;; but WITHOUT ANY WARRANTY; without even the implied warranty of 14;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15;; GNU General Public License for more details. 16;; 17;; You should have received a copy of the GNU General Public License 18;; along with this program; if not, see <http://www.gnu.org/licenses/>. 19 20(load (in-srcdir "tests" "openpgp" "defs.scm")) 21(setup-legacy-environment) 22 23(define msg_signed_asc " 24-----BEGIN PGP SIGNED MESSAGE----- 25Hash: SHA256 26 27This is an example text file to demonstrate a problem. 28 29Using forged-keyring.gpg with signature cache, it looks like it is 30signed by the following key: 31 32 Echo Test (demo key) <echo@example.net> 33 34But actually not. 35 36It is signed by a key (steve.biko@example.net) distributed as: 37 38 gnupg/tests/openpgp/samplekeys/rsa-rsa-sample-1.asc 39 40in GnuPG. 41 42The forged-keyring.gpg file is created by a key in 43 44 gnupg/tests/openpgp/pubdemo.asc 45 46Replacing the raw key material packet by one of rsa-rsa-sample-1.asc. 47-----BEGIN PGP SIGNATURE----- 48Version: GnuPG v2 49 50iQEcBAEBCAAGBQJXp+5MAAoJEKpD8dzH/tG3bGMH/1idFLJAaMxkrq+JguvAboiN 51tAA44IdAgJvAxtR5w5fgfed7PfsH70+tj54/ZTObt7rZDIlj/YBQ7XeCwd7/O5vx 52W0QtjjAxMuAPH80rVv4JIoflxV/deD8YaV9EhPE+6W5G0Z8SYL9B2RzdBVMwJY9+ 53OZGJeKnUZ92Zg9jFr+H5gQNSeYdDHVDWYxr/xJUf0jYsZvAIBfB1mcSK1niiiVBv 54GAcUC/I8g18a7pCS9Qf9iZflqxX4AXfocAGQqQAiG4744OCNhVa5q6TScqhaGUah 55N1Glbw1OJfP1q+QFPMPKoCsTYmZpuugq2b5gV/eH0Abvk2pG4Fo/YTDPHhec7Jk= 56=NnY/ 57-----END PGP SIGNATURE----- 58") 59 60(for-each-p 61 "Checking that a signature by bad key should not be verified" 62 (lambda (armored-file) 63 (catch '() 64 (pipe:do 65 (pipe:echo (eval armored-file (current-environment))) 66 (pipe:spawn `(,@GPGV --keyring ,(in-srcdir "tests" "openpgp" "forged-keyring.gpg")))) 67 (fail "verification succeeded but should not"))) 68 '(msg_signed_asc)) 69