[Pkg-gnupg-commit] [gnupg2] 76/166: tests: Check expiration times of created keys.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Mar 16 22:33:07 UTC 2017 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit 127e1e532da4083ccd3c307555b6177fab16f408
Author: Justus Winter <justus at g10code.com>
Date:   Wed Feb 15 14:50:44 2017 +0100

    tests: Check expiration times of created keys.
    
    * tests/gpgscm/ffi.c (do_get_time): New function.
    (ffi_init): Expose new function.
    * tests/gpgscm/ffi.scm (get-time): Document new function.
    * tests/gpgscm/time.scm: New file.
    * tests/openpgp/quick-key-manipulation.scm: Use the new facilities to
    check the expiration times of created keys.
    * tests/openpgp/tofu.scm: Use the new module.
    
    Signed-off-by: Justus Winter <justus at g10code.com>
---
 tests/gpgscm/ffi.c                       |  9 +++++++
 tests/gpgscm/ffi.scm                     |  3 +++
 tests/gpgscm/time.scm                    | 42 ++++++++++++++++++++++++++++++++
 tests/openpgp/quick-key-manipulation.scm | 24 ++++++++++++------
 tests/openpgp/tofu.scm                   |  3 +--
 5 files changed, 72 insertions(+), 9 deletions(-)

diff --git a/tests/gpgscm/ffi.c b/tests/gpgscm/ffi.c
index c91d4aa..42facee 100644
--- a/tests/gpgscm/ffi.c
+++ b/tests/gpgscm/ffi.c
@@ -502,6 +502,14 @@ do_get_isotime (scheme *sc, pointer args)
 }
 
 static pointer
+do_get_time (scheme *sc, pointer args)
+{
+  FFI_PROLOG ();
+  FFI_ARGS_DONE_OR_RETURN (sc, args);
+  FFI_RETURN_INT (sc, gnupg_get_time ());
+}
+
+static pointer
 do_getpid (scheme *sc, pointer args)
 {
   FFI_PROLOG ();
@@ -1347,6 +1355,7 @@ ffi_init (scheme *sc, const char *argv0, const char *scriptname,
   ffi_define_function (sc, mkdir);
   ffi_define_function (sc, rmdir);
   ffi_define_function (sc, get_isotime);
+  ffi_define_function (sc, get_time);
   ffi_define_function (sc, getpid);
 
   /* Random numbers.  */
diff --git a/tests/gpgscm/ffi.scm b/tests/gpgscm/ffi.scm
index b62fd1f..3f2e553 100644
--- a/tests/gpgscm/ffi.scm
+++ b/tests/gpgscm/ffi.scm
@@ -47,3 +47,6 @@
 
 ;; Low-level mechanism to terminate the process.
 (ffi-define (_exit status))
+
+;; Get the current time in seconds since the epoch.
+(ffi-define (get-time))
diff --git a/tests/gpgscm/time.scm b/tests/gpgscm/time.scm
new file mode 100644
index 0000000..a9b06d0
--- /dev/null
+++ b/tests/gpgscm/time.scm
@@ -0,0 +1,42 @@
+;; Simple time manipulation library.
+;;
+;; Copyright (C) 2017 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+;; This library mimics what GnuPG thinks about expiration times.
+;; Granularity is one second.  Its focus is not on correctness.
+
+;; Conversion functions.
+(define (minutes->seconds minutes)
+  (* minutes 60))
+(define (hours->seconds hours)
+  (* hours 60 60))
+(define (days->seconds days)
+  (* days 24 60 60))
+(define (weeks->seconds weeks)
+  (days->seconds (* weeks 7)))
+(define (months->seconds months)
+  (days->seconds (* months 30)))
+(define (years->seconds years)
+  (days->seconds (* years 365)))
+
+(define (time-matches? a b slack)
+  (< (abs (- a b)) slack))
+(assert (time-matches? (hours->seconds 1) (hours->seconds 2) (hours->seconds 2)))
+(assert (time-matches? (hours->seconds 2) (hours->seconds 1) (hours->seconds 2)))
+(assert (not (time-matches? (hours->seconds 4) (hours->seconds 1) (hours->seconds 2))))
+(assert (not (time-matches? (hours->seconds 1) (hours->seconds 4) (hours->seconds 2))))
diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm
index d43f7b5..c0007d4 100755
--- a/tests/openpgp/quick-key-manipulation.scm
+++ b/tests/openpgp/quick-key-manipulation.scm
@@ -1,6 +1,6 @@
 #!/usr/bin/env gpgscm
 
-;; Copyright (C) 2016 g10 Code GmbH
+;; Copyright (C) 2016-2017 g10 Code GmbH
 ;;
 ;; This file is part of GnuPG.
 ;;
@@ -18,6 +18,7 @@
 ;; along with this program; if not, see <http://www.gnu.org/licenses/>.
 
 (load (with-path "defs.scm"))
+(load (with-path "time.scm"))
 (setup-environment)
 
  ;; XXX because of --always-trust, the trustdb is not created.
@@ -91,8 +92,9 @@
 
 ;; Make the key expire in one year.
 (call-check `(, at gpg --quick-set-expire ,fpr "1y"))
-;; XXX It'd be nice to check that the value is right.
-(assert (not (equal? "" (expiration-time fpr))))
+(assert (time-matches? (+ (get-time) (years->seconds 1))
+		       (string->number (expiration-time fpr))
+		       (minutes->seconds 5)))
 
 
 ;;
@@ -134,21 +136,29 @@
   (lambda (subkey)
     (assert (= 1 (:alg subkey)))
     (assert (string-contains? (:cap subkey) "s"))
-    (assert (not (equal? "" (:expire subkey)))))
+    (assert (time-matches? (+ (get-time) (days->seconds 2))
+			   (string->number (:expire subkey))
+			   (minutes->seconds 5))))
   (lambda (subkey)
     (assert (= 1 (:alg subkey)))
     (assert (= 1024 (:length subkey)))
     (assert (string-contains? (:cap subkey) "s"))
-    (assert (not (equal? "" (:expire subkey)))))
+    (assert (time-matches? (+ (get-time) (weeks->seconds 2))
+			   (string->number (:expire subkey))
+			   (minutes->seconds 5))))
   (lambda (subkey)
     (assert (= 1 (:alg subkey)))
     (assert (= 2048 (:length subkey)))
     (assert (string-contains? (:cap subkey) "e"))
-    (assert (not (equal? "" (:expire subkey)))))
+    (assert (time-matches? (+ (get-time) (months->seconds 2))
+			   (string->number (:expire subkey))
+			   (minutes->seconds 5))))
   (lambda (subkey)
     (assert (= 1 (:alg subkey)))
     (assert (= 4096 (:length subkey)))
     (assert (string-contains? (:cap subkey) "s"))
     (assert (string-contains? (:cap subkey) "a"))
-    (assert (not (equal? "" (:expire subkey)))))
+    (assert (time-matches? (+ (get-time) (years->seconds 2))
+			   (string->number (:expire subkey))
+			   (minutes->seconds 5))))
   #f))
diff --git a/tests/openpgp/tofu.scm b/tests/openpgp/tofu.scm
index ca5786b..2e32765 100755
--- a/tests/openpgp/tofu.scm
+++ b/tests/openpgp/tofu.scm
@@ -18,6 +18,7 @@
 ;; along with this program; if not, see <http://www.gnu.org/licenses/>.
 
 (load (with-path "defs.scm"))
+(load (with-path "time.scm"))
 (setup-environment)
 
 (define GPGTIME 1480943782)
@@ -25,8 +26,6 @@
 ;; Generate a --faked-system-time parameter for a particular offset.
 (define (faketime delta)
   (string-append "--faked-system-time=" (number->string (+ GPGTIME delta))))
-;; A convenience function for the above.
-(define (days->seconds days) (* days 24 60 60))
 
 ;; Redefine GPG without --always-trust and a fixed time.
 (define GPG `(,(tool 'gpg) --no-permission-warning ,(faketime 0)))

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list