# -*-sh-*- # # This file is part of Pretty Curved Privacy (pcp1). # # Copyright (C) 2013-2015 T.v.Dein. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # # You can contact me by mail: . # pcp=../src/pcp1 vault=v1 passwd=ech9xeiT%CuxuH1ch-is2ies1R md5msg=66b8c4ca9e5d2a7e3c0559c3cdea3d50 mangle=./mangle verbose=1 blake2=5baec1cad5bf54287028749d83f2bf3e3ed09f0ee38a233f35dbda1361c6a67fd824e17c86ee3a85181038eb44836c17c42e6beff17fdf997075417914056992 blake2auth=d7fff04bd63004f7a2ba914d9b2ccff22827230d3c546d97ebaa29cbe9fb2380b7948bc799486d512b4355c24f0cce423e746419098d4455af91898c4a06a5df key=9U3Dk2s . ./keys.cfg check_dependencies_pcp () { cmd="ls $pcp" expect="/pcp/" check "$cmd" "$expect" "$input" } check_streams_8 () { md5=`./md5 ../COPYING` cmd="./pipetest 8 e < ../COPYING | ./pipetest 8 d | ./md5" expect="/$md5/" check "$cmd" "$expect" "$input" } check_streams_16 () { md5=`./md5 ../COPYING` cmd="./pipetest 16 e < ../COPYING | ./pipetest 16 d | ./md5" expect="/$md5/" check "$cmd" "$expect" "$input" } check_streams_32 () { md5=`./md5 ../COPYING` cmd="./pipetest 32 e < ../COPYING | ./pipetest 32 d | ./md5" expect="/$md5/" check "$cmd" "$expect" "$input" } check_streams_64 () { md5=`./md5 ../COPYING` cmd="./pipetest 64 e < ../COPYING | ./pipetest 64 d | ./md5" expect="/$md5/" check "$cmd" "$expect" "$input" } check_z85_1_compliant () { cmd="./decodertest 1" expect="/ok/" check "$cmd" "$expect" "$input" } check_z85_2_compliant_no_newlines () { cmd="./decodertest 2" expect="/ok/" check "$cmd" "$expect" "$input" } check_z85_3_compliant_no_begin_header () { cmd="./decodertest 3" expect="/ok/" check "$cmd" "$expect" "$input" } check_z85_4_uncompliant_empty_comment () { cmd="./decodertest 4" expect="/ok/" check "$cmd" "$expect" "$input" } check_z85_5_uncompliant_missing_char () { cmd="./decodertest 5" expect="/ok/" check "$cmd" "$expect" "$input" } check_show_help () { cmd="$pcp -h" expect="/export/" check "$cmd" "$expect" "$input" } check_if_fail_without_vault () { rm -f $vault cmd="$pcp -V $vault -l" expect="/doesn.t contain any keys so far/" check "$cmd" "$expect" "$input" } check_generate_secret_key () { cmd="$pcp -V $vault -k -x $passwd" input=$(cat <<'EOF' Dexter Morgan dxmorg@florida.cops.gov EOF ) expect="/Generated new secret key/" check "$cmd" "$expect" "$input" } check_fail_entropy_generate_secret_key () { cmd="$pcp -V $vault -k -x password" input=$(cat <<'EOF' Dexter Morgan dxmorg@florida.cops.gov no EOF ) expect="/weak passphrase/" check "$cmd" "$expect" "$input" } check_if_vault_contains_secret () { cmd="$pcp -V $vault -l" expect="/Dexter Morgan/" check "$cmd" "$expect" "$input" } check_secret_key_info () { cmd="$pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -t -i" expect="/Serial Number/" check "$cmd" "$expect" "$input" } check_export_public_key () { cmd="$pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -p -x $passwd -z -i " expect="/PUBLIC KEY/" check "$cmd" "$expect" "$input" } check_export_public_key_tofile () { cmd="$pcp -V $vault -l | tail -1 | cut -d ' ' -f 1 | xargs $pcp -V $vault -p -x $passwd -O testkey-self -i " expectfile="testkey-self" expect="" check "$cmd" "$expect" "$input" "$expectfile" } check_export_public_key_filecontent () { cmd="strings testkey-self" expect="Dexter" check "$cmd" "$expect" "$input" "" } check_import_public_key () { cmd="$pcp -V $vault -K -I bart.pub" expect="/key $bartid added/" check "$cmd" "$expect" "$input" } check_imported_public_key_info () { cmd="$pcp -V $vault -t -i $bartid" expect="/Serial Number: $bartserial/" check "$cmd" "$expect" "$input" } check_if_delete_public_key_works () { cmd="$pcp -V $vault -R -i $bartid" expect="/Public key deleted/" check "$cmd" "$expect" "$input" } check_if_vault_still_valid () { cmd="$pcp -V $vault -t" expect="/Vault version: 00000002/" check "$cmd" "$expect" "$input" } check_if_deleted_public_key_is_away () { cmd="$pcp -V $vault -t" expect="/Public keys: 0/" check "$cmd" "$expect" "$input" } # # encryption tests # alicias part check_crypto_alicia_import_secret () { cmd="$pcp -V va -K -I key-alicia-sec -x a" expect="/${idalicia}/" check "$cmd" "$expect" "$input" } check_crypto_alicia_import_bobbys_key () { cmd="$pcp -V va -K -I key-bobby-pub" expect="/${idbobby}/" check "$cmd" "$expect" "$input" } check_crypto_alicia_encrypt () { cmd="$pcp -V va -e -i ${idbobby} -I testmessage -O testencrypted -x a" expect="/${idbobby} - Bobby/" check "$cmd" "$expect" "$input" } check_crypto_alicia_encrypt_anonymous () { cmd="$pcp -V va -e -A -i ${idbobby} -I testmessage -O testencryptedanon -x a" expect="/${idbobby} - Bobby/" check "$cmd" "$expect" "$input" } # bobbys part check_crypto_bobby_import_secret () { cmd="$pcp -V vb -K -I key-bobby-sec -x b" expect="/${idbobby}/" check "$cmd" "$expect" "$input" } check_crypto_bobby_decrypt_anonymous () { # decrypt anon, without knowing alicias key cmd="$pcp -V vb -d -O testdecryptedanon -I testencryptedanon -x b" expect="/successfully/" check "$cmd" "$expect" "$input" } check_crypto_alicia_import_alicias_key () { cmd="$pcp -V vb -K -I key-alicia-pub" expect="/${idalicia}/" check "$cmd" "$expect" "$input" } check_crypto_bobby_decrypt () { cmd="$pcp -V vb -d -O testdecrypted -I testencrypted -x b" expect="/successfully/" check "$cmd" "$expect" "$input" } check_crypto_alicia_encrypted_file () { cmd="cat testdecrypted" expect="/${md5msg}/" check "$cmd" "$expect" "$input" } check_crypto_alicia_encrypt_self () { cmd="$pcp -V va -e -M -I testmessage -O testencryptedself -x a" expect="/Alicia/" check "$cmd" "$expect" "$input" } check_crypto_alicia_deencrypt_self () { cmd="$pcp -V va -d -I testencryptedself -O testdecrypted -x a" expect="/successfully/" check "$cmd" "$expect" "$input" } # # symetric encryption test check_sym_encrypt () { cmd="echo HELLOWORLD | $pcp -e -O testsymencrypted -x a" expect="/symetrically/" check "$cmd" "$expect" "$input" } check_sym_decrypt () { cmd="$pcp -d -I testsymencrypted -x a" expect="/HELLO/" check "$cmd" "$expect" "$input" } # # signature tests check_sign_detached_to_bobby () { cmd="$pcp -V va -g -I README -f testsig -x a" expectfile="testsig" expect="" check "$cmd" "$expect" "$input" "$expectfile" } check_verify_detached_signature () { cmd="$pcp -V vb -c -f testsig -I README -i $idalicia" expect="/verified/" check "$cmd" "$expect" "$input" } check_verify_detached_signature_self () { cmd="$pcp -V va -c -f testsig -I README" expect="/verified/" check "$cmd" "$expect" "$input" } check_sign_armored_to_bobby () { rm -f testsig cmd="$pcp -V va -g -I README -O testsig -x a -z" expectfile="testsig" expect="" check "$cmd" "$expect" "$input" "$expectfile" } check_verify_armored_signature () { cmd="$pcp -V vb -c -I testsig -i $idalicia -z" expect="/verified/" check "$cmd" "$expect" "$input" } check_verify_armored_signature_self () { cmd="$pcp -V va -c -I testsig -z" expect="/verified/" check "$cmd" "$expect" "$input" } check_sign_bin_to_bobby () { rm -f testsig cmd="$pcp -V va -g -I README -O testsig -x a" expectfile="testsig" expect="" check "$cmd" "$expect" "$input" "$expectfile" } check_verify_bin_signature () { cmd="$pcp -V vb -c -I testsig -i $idalicia" expect="/verified/" check "$cmd" "$expect" "$input" } check_verify_bin_signature_self () { cmd="$pcp -V va -c -I testsig " expect="/verified/" check "$cmd" "$expect" "$input" } # # sign+encrypt tests check_sign_crypt_to_bobby () { cmd="$pcp -V va -g -e -I README -O testsig -r Bobby -x a" expect="/Encrypted/" check "$cmd" "$expect" "$input" } check_verify_decrypt_from_alicia () { cmd="$pcp -V vb -c -d -I testsig -x b" expect="/Verified/" check "$cmd" "$expect" "$input" } check_verify_decrypt_from_alicia_determine () { cmd="$pcp -V vb -d -I testsig -x b" expect="/Verified/" check "$cmd" "$expect" "$input" } # # raw C test with prepared keys, message and cipher check_raw_decrypt () { cmd="./statictest" expect="/ok/" check "$cmd" "$expect" "$input" } # # negative tests, check for error handling check_if_catch_conflicting_params () { cmd="$pcp -V $vault -K -K" expect="/invalid combination of commandline parameters/" check "$cmd" "$expect" "$input" } check_infile_error () { cmd="$pcp -V $vault -I nonexist -K" expect="/Could not open input file nonexist/" check "$cmd" "$expect" "$input" } check_import_without_id_error () { cmd="$pcp -V $vault -R" expect="/You need to specify a key id/" check "$cmd" "$expect" "$input" } check_catch_invalid_short_keyid () { cmd="$pcp -V $vault -R -i 0x1" expect="/is too short/" check "$cmd" "$expect" "$input" } check_catch_invalid_long_keyid () { cmd="$pcp -V $vault -R -i 0x1111111111111111111111111" expect="/is too long/" check "$cmd" "$expect" "$input" } check_catch_invalid_long_keyid_without_0x () { cmd="$pcp -V $vault -R -i 11111111111111111" expect="/is too long/" check "$cmd" "$expect" "$input" } check_catch_delete_nonexist () { cmd="$pcp -V $vault -R -i 0x0101010101010101" expect="/No key with id 0x010101/" check "$cmd" "$expect" "$input" } check_if_export_secret_catch_nonexistent_keyid () { cmd="$pcp -V $vault -s -i 0x0101010101010101" expect="/Could not find a secret key with id 0x010101/" check "$cmd" "$expect" "$input" } check_if_export_secret_catch_no_primary () { $pcp -V v2 -l # so we've got just an empty vault cmd="$pcp -V v2 -s" expect="/no primary secret key in the vault/" check "$cmd" "$expect" "$input" } check_if_export_secret_catch_outfile_error () { cmd=" $pcp -V $vault -l | grep primary |cut -d ' ' -f 1 | xargs $pcp -V $vault -s -O nonexistentdir/keyfile -i" expect="/Could not create output file nonexistentdir/" check "$cmd" "$expect" "$input" } check_if_export_public_catch_nonexistent_keyid () { cmd="$pcp -V $vault -p -i 0x0101010101010101" expect="/Could not find a key with id 0x010101/" check "$cmd" "$expect" "$input" } check_if_export_public_catch_no_primary () { $pcp -V v3 -l # so we've got just an empty vault cmd="$pcp -V v3 -p" expect="/no primary secret key in the vault/" check "$cmd" "$expect" "$input" } check_if_export_public_catch_outfile_error () { $pcp -V $vault -K -I bart.pub cmd="$pcp -V $vault -l | grep public | cut -d ' ' -f 1 | tail -1 | xargs $pcp -V $vault -p -O nonexistentdir/keyfile" expect="/Could not create output file nonexistentdir/" check "$cmd" "$expect" "$input" } check_if_catch_empty_input () { touch testfile-empty cmd="$pcp -V $vault -K -I testfile-empty" expect="/file is empty/" check "$cmd" "$expect" "$input" } check_if_catch_missing_newlines () { perl -e 'print "X" x 5000; print "\n"' > testfile-toolong cmd="$pcp -V $vault -K -I testfile-toolong -x x" expect="/failed/" check "$cmd" "$expect" "$input" } check_if_catch_nokey_behind_z85 () { ./jot 30 | while read ignore; do echo XXXXX; done | $pcp -z > testfile-nokey cmd="$pcp -V $vault -K -I testfile-nokey -x x" expect="/failed/" check "$cmd" "$expect" "$input" } check_if_sanity_catch_keyexists () { cmd="$pcp -V $vault -K -I bart.pub" expect="/there already exists a key/" check "$cmd" "$expect" "$input" } check_if_catch_nokeys () { $pcp -V v3 -l cmd="$pcp -V v3 -l" expect="/contain any keys so far/" check "$cmd" "$expect" "$input" } check_testkey_wrong_version () { cmd="$pcp -V $vault -K -I testkey-wrong-version -x xxx" expect="/unknown key version/" check "$cmd" "$expect" "$input" } check_testkey_wrong_serial () { cmd="$pcp -V $vault -K -I testkey-wrong-serial -x xxx" expect="/invalid serial number/" check "$cmd" "$expect" "$input" } check_testkey_wrong_ctime () { cmd="$pcp -V $vault -K -I testkey-invalid-ctime -x xxx" expect="/invalid creation timestamp/" check "$cmd" "$expect" "$input" } check_vault_invalid_header () { cmd="$pcp -V testvault-invalidheader -l" expect="/Unexpected vault file format/" check "$cmd" "$expect" "$input" } check_vault_invalid_version () { cmd="$pcp -V testvault-invalidversion -l" expect="/Unexpected vault file format/" check "$cmd" "$expect" "$input" } check_vault_invalid_itemtype () { cmd="$pcp -V testvault-invaliditemtype -l" expect="/invalid key type/" check "$cmd" "$expect" "$input" } check_vault_invalid_keytype () { cmd="$pcp -V testvault-invalidkeytype -l" expect="/contain any keys so far./" check "$cmd" "$expect" "$input" } # # input handling tests check_large_meta () { cmd="(./jot 300 | while read m; do echo -n m; done; echo $passwd) | $pcp -V $vault -k -x $passwd" expect="/Generated new secret key/" check "$cmd" "$expect" "$input" } # # fuzz tests check_fuzz_binary_pubkey () { expect="!/added/" cmd="echo no | $pcp -V vf -K -I testfuzzP.pub -x $passwd" for N in `./jot 30`; do cp testfuzzP.orig testfuzzP.pub $mangle testfuzzP.pub if ! diff testfuzzP.* > /dev/null 2>&1; then check "$cmd" "$expect" "$input" break fi done } check_fuzz_binary_seckey () { cmd="echo no | $pcp -V vf -K -I testfuzzS.sec -x $passwd" expect="!/added/" for N in `./jot 30`; do cp testfuzzS.orig testfuzzS.sec $mangle testfuzzS.sec if ! diff testfuzzS.* > /dev/null 2>&1; then expect="!/added/" check "$cmd" "$expect" "$input" fi done } # checksum tests check_checksum_copying () { cmd="$pcp -C ../COPYING" expect="/$blake2/" check "$cmd" "$expect" "$input" } check_checksum_authenticated_copying () { cmd="$pcp -x $key -C ../COPYING" expect="/$blake2auth/" check "$cmd" "$expect" "$input" } check_checksum_copying_stdin () { cmd="$pcp -C < ../COPYING" expect="/$blake2/" check "$cmd" "$expect" "$input" } check_checksum_multiple () { cmd="$pcp -C ../COPYING ../README" expect="/README/" check "$cmd" "$expect" "$input" } prepare () { # global preparations rm -f v* ./invalidkeys echo ${md5msg} > testmessage (echo F; echo F) | $pcp -V vfz -k -x $passwd $pcp -V vfz -p -O testfuzzP.orig -x $passwd $pcp -V vfz -s -O testfuzzS.orig -x $passwd }