fixed invalid tests

libpcp/key.c

@@ -408,7 +408,7 @@ int pcp_sanitycheck_key(pcp_key_t *key) {
   struct tm *c;
   time_t t = (time_t)key->ctime;
   c = localtime(&t);
-  if(c->tm_year <= 0 || c->tm_year > 1100) {
+  if(c->tm_year <= 70 || c->tm_year > 1100) {
     /*  well, I'm perhaps overacting here :) */
     fatal("Secretkey sanity check: invalid creation timestamp (got year %04d)!\n", c->tm_year + 1900);
     return 1;

man/pcp1.pod

@@ -130,6 +130,7 @@ Pretty Curved Privacy - File encryption using eliptic curve cryptography.
                            If none of -i or -r has been given, encrypt
                            the message symetrically. This is the same
                            as -m (self-encryption mode).
+                           Add -z to ascii armor the output using Z85.
  -m --encrypt-me           Sym-Encrypt a message. Specify -I and/or
                            -O for input/output file. You will be asked
                            for a passphrase. No key material will
@@ -167,10 +168,10 @@ Pretty Curved Privacy - File encryption using eliptic curve cryptography.
                            If used with encryption or singing operation
                            encode its output. Otherwise encode a plain
                            file. Use -I and -O respectively, otherwise it
-                           stdin/stdout.
+                           uses stdin/stdout.
  -Z --z85-decode           Decode (dearmor) something from Z85 encoding.
                            Use -I and -O respectively, otherwise it
-                           stdin/stdout
+                           uses stdin/stdout
  
 
 
@@ -695,6 +696,9 @@ secret key, R is the recipient list, L is the number of recipients,
 T is the filetype header, I is a block of input with a size
 of 32k, N is a nonce (new per block) and S the symmetric key.
 
+The encrypted output maybe Z85 encoded. In this case the Z85
+encoding will be done blockwise with blocks of 16k bytes. The
+decoded content inside will be as described above.
 
 =head2 SIGNATURE FORMAT
 
@@ -799,6 +803,19 @@ secret signing key and S the symmetric key.
 =head2 Z85 ENCODING
 
 B<pcp1> uses Z85 to encode exported keys and armored signatures.
+Comments in encoded files are surrounded by the tilde character.
+We're using the tilde because it's not part of the Z85 base
+charset. Sample:
+
+ ~~~ Header ~~~
+ ~ Version: 1 ~
+ 246ge]+yn={<I&&Z%(pm[09lc5[dx4TZALi/6cjVe)Kx5S}7>}]Xi3*N3Xx34Y^0rz:r.5j
+ v#6Sh/m3XKwy?VlA+h8ks]9:kVj{D[fd7]NA]T-(ne+xo!W5X5-gIUWqM
+ ~~~ Footer ~~~
+
+Multiple tildes can be used as long as their number is uneven.
+
+This is a proprietary PCP extension.
 
 =head3 Z85 BACKGROUND
 

tests/invalidkeys.c

@@ -20,12 +20,11 @@ int main() {
   pcp_key_t *key = pcpkey_encrypt(k, pw);
 
   int i;
-  for(i=0; i<5; i++)
-    mkinv(key, i);
+  for(i=0; i<3; i++)
+    mkinvalid_secret(key, i);
 
-  pcp_pubkey_t *pub = pcpkey_pub_from_secret(key);
   for(i=0; i<4; i++)
-    mkinvp(pub, i);
+    mkinvalid_public(key, i);
 
   mkinvv("testvault-invalidheader",  0);
   mkinvv("testvault-invalidversion",  1);
@@ -103,64 +102,72 @@ void mkinvv(const char *name, int type) {
   fclose(v->fd);
 }
 
-void mkinvp(pcp_pubkey_t *k, int type) {
-  pcp_pubkey_t *key = ucmalloc(sizeof(pcp_pubkey_t));
-  memcpy(key, k, sizeof(pcp_pubkey_t));
-
-  switch(type) {
-  case 0:
-    key->type = 0;
-    pcppubkey_print(key, F("testpubkey-wrong-type"));
-    break;
-  case 1:
-    key->version = 0;
-    pcppubkey_print(key, F("testpubkey-wrong-version"));
-    break;
-  case 2:
-    key->serial = 0;
-    pcppubkey_print(key, F("testpubkey-wrong-serial"));
-    break;
-  case 3:
-    key->id[16] = 0x3e;
-    pcppubkey_print(key, F("testpubkey-invalid-id"));
-    break;
-  case 4:
-    key->ctime = 0;
-    pcppubkey_print(key, F("testpubkey-invalid-ctime"));
-    break;
-  }
-}
-
-void mkinv(pcp_key_t *k, int type) {
+void mkinvalid_public(pcp_key_t *k, int type) {
   pcp_key_t *key = ucmalloc(sizeof(pcp_key_t));
   memcpy(key, k, sizeof(pcp_key_t));
+  FILE *fd = NULL;
 
   switch(type) {
   case 0:
-    key->encrypted[0] = 0;
-    pcpkey_print(key, F("testkey-not-encrypted"));
+    key->type = 0;
+    fd = F("testpubkey-wrong-type");
     break;
   case 1:
-    key->type = 0;
-    pcpkey_print(key, F("testkey-wrong-type"));
+    key->version = 0;
+    fd = F("testpubkey-wrong-version");
     break;
   case 2:
-    key->version = 0;
-    pcpkey_print(key, F("testkey-wrong-version"));
+    key->serial = 0;
+    fd = F("testpubkey-wrong-serial");
     break;
   case 3:
-    key->serial = 0;
-    pcpkey_print(key, F("testkey-wrong-serial"));
-    break;
-  case 4:
-    key->id[16] = 0x1;
-    pcpkey_print(key, F("testkey-invalid-id"));
-    break;
-  case 5:
     key->ctime = 0;
-    pcpkey_print(key, F("testkey-invalid-ctime"));
+    fd = F("testpubkey-invalid-ctime");
     break;
   }
+
+  if(fd != NULL) {
+    Buffer *b = pcp_export_rfc_pub(key);
+    fwrite(buffer_get(b), 1, buffer_size(b), fd);
+    fclose(fd);
+  }
+
+  free(key);
+}
+
+void mkinvalid_secret(pcp_key_t *k, int type) {
+  pcp_key_t *key = ucmalloc(sizeof(pcp_key_t));
+  memcpy(key, k, sizeof(pcp_key_t));
+  FILE *fd = NULL;
+
+    fprintf(stderr, "fd test %d\n", type);
+
+  switch(type) {
+  case 0:
+    key->version = 0;
+    fd = F("testkey-wrong-version");
+    break;
+  case 1:
+    key->serial = 0;
+    fd = F("testkey-wrong-serial");
+    break;
+  case 2:
+    key->ctime = 0;
+    fd = F("testkey-invalid-ctime");
+    break;
+  }
+
+  if(fd != NULL) {
+    pcp_dumpkey(key);
+    Buffer *b = pcp_export_secret(key, "xxx");
+    fwrite(buffer_get(b), 1, buffer_size(b), fd);
+    fclose(fd);
+  }
+  else {
+    fprintf(stderr, "fd not opened for test %d\n", type);
+  }
+
+  free(key);
 }
 
 FILE *F(char *filename) {

tests/invalidkeys.h

@@ -10,8 +10,8 @@
 #include "key.h"
 #include "vault.h"
 
-void mkinv(pcp_key_t *k, int type);
-void mkinvp(pcp_pubkey_t *k, int type);
+void mkinvalid_secret(pcp_key_t *k, int type);
+void mkinvalid_public(pcp_key_t *k, int type);
 void mkinvv(const char *name, int type);
 FILE *F(char *filename);
 

tests/unittests.cfg

@@ -441,38 +441,23 @@ temporarily disabled
   expect = /contain any keys so far/
 </test>
 
-/*
-disabled, need to re-design invalidkeys.c in order to catch up with new format
-
-<test check-testkey-invalid-id>
+<test invalid>
   prepare = ./invalidkeys
-  cmd = $pcp -V $vault -S -I testkey-invalid-id
-  expect /(invalid key id|could not decode input)/
-</test>
-
-<test check-testkey-not-encrypted>
-  cmd = $pcp -V $vault -S -I testkey-not-encrypted
-  expect = /secret key contained in key seems to be empty/
-</test>
-
-<test check-testkey-wrong-type>
-  cmd = $pcp -V $vault -S -I testkey-wrong-type
-  expect = /key type is not SECRET/
-</test>
 
 <test check-testkey-wrong-version>
-  cmd = $pcp -V $vault -S -I testkey-wrong-version
+  cmd = $pcp -V $vault -S -I testkey-wrong-version -x xxx
   expect = /unknown key version/
 </test>
 
-
-
-<test check-testpubkey-invalid-id>
-  prepare = ./invalidkeys
-  cmd = $pcp -V $vault -P -I testpubkey-invalid-id
-  expect = /(invalid key id|could not decode input)/
+<test check-testkey-wrong-serial>
+  cmd = $pcp -V $vault -S -I testkey-wrong-serial -x xxx
+  expect = /invalid serial number/
 </test>
-
+<test check-testkey-wrong-ctime>
+  cmd = $pcp -V $vault -S -I testkey-invalid-ctime -x xxx
+  expect = /invalid creation timestamp/
+</test>
+/*
 <test check-testpubkey-wrong-type>
   cmd = $pcp -V $vault -P -I testpubkey-wrong-type
   expect = /key type is not PUBLIC/
@@ -482,8 +467,8 @@ disabled, need to re-design invalidkeys.c in order to catch up with new format
   cmd = $pcp -V $vault -P -I testpubkey-wrong-version
   expect = /unknown key version/
 </test>
-
 */
+</test>
 
 <test check-vault-invalid-header>
     prepare = ./invalidkeys