1#!/usr/bin/env gpgscm 2 3;; Copyright (C) 2017 Damien Goutte-Gattat 4;; 5;; This file is part of GnuPG. 6;; 7;; 8;; GnuPG is free software; you can redistribute it and/or modify 9;; it under the terms of the GNU General Public License as published by 10;; the Free Software Foundation; either version 3 of the License, or 11;; (at your option) any later version. 12;; 13;; GnuPG is distributed in the hope that it will be useful, 14;; but WITHOUT ANY WARRANTY; without even the implied warranty of 15;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16;; GNU General Public License for more details. 17;; 18;; You should have received a copy of the GNU General Public License 19;; along with this program; if not, see <http://www.gnu.org/licenses/>. 20 21(load (in-srcdir "tests" "openpgp" "trust-pgp" "common.scm")) 22 23(display "Checking basic WoT (classic trust model)...\n") 24 25(initscenario "scenario1") 26 27;; Check initial state. 28(checktrust BOBBY "f") ;; Directly signed by Alice's key. 29(checktrust CAROL "q") ;; Signed by Bobby, whose key has 30 ;; no explicit ownertrust. 31(checktrust DAVID "q") ;; Likewise. 32(checktrust FRANK "q") ;; Likewise. 33(checktrust GRACE "-") ;; Signed by the previous three keys; 34 ;; not evaluated since they are not valid. 35 36;; Let's trust Bobby. 37;; This should make Carol's, David's, and Frank's keys valid. 38(setownertrust BOBBY FULLTRUST) 39(updatetrustdb) 40(checktrust CAROL "f") 41(checktrust DAVID "f") 42(checktrust FRANK "f") 43(checktrust GRACE "q") ;; Now evaluated, but validity still unknown. 44 45;; Let's trust (marginally) Carol and David. 46;; This should not be enough to make Grace's key fully valid 47;; since marginals-needed defaults to 3. 48(setownertrust CAROL MARGINALTRUST) 49(setownertrust DAVID MARGINALTRUST) 50(updatetrustdb) 51(checktrust GRACE "m") 52 53;; Add marginal ownertrust to Frank's key. 54;; This should make Grace's key fully valid. 55(setownertrust FRANK MARGINALTRUST) 56(updatetrustdb) 57(checktrust GRACE "f") 58 59;; Now let's play with the length of certification chains. 60;; Setting max-cert-length to 2 should put Grace's key 61;; one step too far from Alice's key. 62(let ((max-cert-depth (gpg-config 'gpg "max-cert-depth"))) 63 (max-cert-depth::update 2)) 64(updatetrustdb) 65(checktrust GRACE "-") 66 67;; Raise the bar for assigning full validity. 68;; Bobby's key should be the only one retaining full validity. 69(let ((completes-needed (gpg-config 'gpg "completes-needed"))) 70 (completes-needed::update 2)) 71(updatetrustdb) 72(checktrust BOBBY "f") 73(checktrust CAROL "m") 74(checktrust DAVID "m") 75(checktrust FRANK "m") 76(checktrust GRACE "-") 77