[PATCH 0/5] Tests for the PGP trust model

Damien Goutte-Gattat dgouttegattat at incenp.org
Wed Jul 19 11:32:59 CEST 2017 

Hi GnuPG folks,

As Justus pointed out in the discussion around issue 2923 [1],
there are currently no tests covering the PGP trust model.

The following patch set proposes such tests. They use four
distinct scenarios (a "scenario" here is a set of public keys
with associated signatures) to test several conditions.

There is no hope of covering all the possible cases, but
hopefully those tests could serve as a base to elaborate more
precise tests if we ever find a bug occuring in very special
conditions.

Those tests include a test for domain restrictions associated
with trust signatures, whose verification is currently broken
in GnuPG due to issue 2923.

The last patch of the set is a fix for issue 2923, allowing all
the tests to pass successfully.


[1] https://dev.gnupg.org/T2923#100545

Damien Goutte-Gattat (5):
  gpgconf: Make WoT settings configurable by gpgconf.
  gpg,tests: Move some functions into a common module.
  gpg,tests: Add tests for the PGP trust model.
  gpg,tests: Add private keys for PGP tests.
  gpg: Fix regexp sanitization.

 g10/gpg.c                             |   3 +
 g10/trustdb.c                         |   2 +-
 tests/openpgp/Makefile.am             |  14 ++-
 tests/openpgp/defs.scm                |  24 +++++
 tests/openpgp/tofu.scm                |  24 -----
 tests/openpgp/trust-pgp.scm           | 190 ++++++++++++++++++++++++++++++++++
 tests/openpgp/trust-pgp/alice.sec.asc |  11 ++
 tests/openpgp/trust-pgp/bobby.sec.asc |  11 ++
 tests/openpgp/trust-pgp/carol.sec.asc |  11 ++
 tests/openpgp/trust-pgp/david.sec.asc |  11 ++
 tests/openpgp/trust-pgp/frank.sec.asc |  11 ++
 tests/openpgp/trust-pgp/grace.sec.asc |  11 ++
 tests/openpgp/trust-pgp/heidi.sec.asc |  11 ++
 tests/openpgp/trust-pgp/scenario1.asc |  75 ++++++++++++++
 tests/openpgp/trust-pgp/scenario2.asc |  70 +++++++++++++
 tests/openpgp/trust-pgp/scenario3.asc |  58 +++++++++++
 tests/openpgp/trust-pgp/scenario4.asc |  84 +++++++++++++++
 tools/gpgconf-comp.c                  |  12 +++
 18 files changed, 607 insertions(+), 26 deletions(-)
 create mode 100644 tests/openpgp/trust-pgp.scm
 create mode 100644 tests/openpgp/trust-pgp/alice.sec.asc
 create mode 100644 tests/openpgp/trust-pgp/bobby.sec.asc
 create mode 100644 tests/openpgp/trust-pgp/carol.sec.asc
 create mode 100644 tests/openpgp/trust-pgp/david.sec.asc
 create mode 100644 tests/openpgp/trust-pgp/frank.sec.asc
 create mode 100644 tests/openpgp/trust-pgp/grace.sec.asc
 create mode 100644 tests/openpgp/trust-pgp/heidi.sec.asc
 create mode 100644 tests/openpgp/trust-pgp/scenario1.asc
 create mode 100644 tests/openpgp/trust-pgp/scenario2.asc
 create mode 100644 tests/openpgp/trust-pgp/scenario3.asc
 create mode 100644 tests/openpgp/trust-pgp/scenario4.asc

-- 
2.9.0

More information about the Gnupg-devel mailing list