GNOME.org
 

[gmime] Added S/MIME test suites

commit 84db25401f74916d4059bd90f6c9cc19be214d9e
Author: Jeffrey Stedfast <fejj gnome org>
Date:   Sat Nov 7 11:49:28 2009 -0500

    Added S/MIME test suites

 README             |    1 +
 tests/Makefile.am  |   14 ++-
 tests/test-pkcs7.c |  389 ++++++++++++++++++++++++++++++++++++++++++
 tests/test-smime.c |  477 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 880 insertions(+), 1 deletions(-)
---
diff --git a/README b/README
index 2b3dd33..6491136 100644
--- a/README
+++ b/README
@@ -35,6 +35,7 @@ following RFCs:
          Sets, Languages, and Continuations (Obsoletes rfc2184)
  * 2822: Internet Message Format (Obsoletes rfc822)
  * 3156: MIME Security with OpenPGP (Updates rfc2015)
+ * 5322: Internet Message Format (Obsoletes rfc2822)
 
 Other RFCs of interest:
 
diff --git a/tests/Makefile.am b/tests/Makefile.am
index ec9704a..034e5d2 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -24,7 +24,9 @@ MANUAL_TESTS =		\
 	test-best	\
 	test-parser 	\
 	test-html 	\
-	test-partial
+	test-partial	\
+	test-pkcs7	\
+	test-smime
 
 noinst_PROGRAMS = $(AUTOMATED_TESTS) $(MANUAL_TESTS)
 
@@ -91,6 +93,16 @@ test_pgpmime_LDFLAGS =
 test_pgpmime_DEPENDENCIES = $(DEPS)
 test_pgpmime_LDADD = $(LDADDS)
 
+test_pkcs7_SOURCES = test-pkcs7.c testsuite.c testsuite.h
+test_pkcs7_LDFLAGS = 
+test_pkcs7_DEPENDENCIES = $(DEPS)
+test_pkcs7_LDADD = $(LDADDS)
+
+test_smime_SOURCES = test-smime.c testsuite.c testsuite.h
+test_smime_LDFLAGS = 
+test_smime_DEPENDENCIES = $(DEPS)
+test_smime_LDADD = $(LDADDS)
+
 EXTRA_DIST = test1.eml test2.eml test3.eml
 
 VERBOSITY=-v
diff --git a/tests/test-pkcs7.c b/tests/test-pkcs7.c
new file mode 100644
index 0000000..a1a39a8
--- /dev/null
+++ b/tests/test-pkcs7.c
@@ -0,0 +1,389 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
+/*  GMime
+ *  Copyright (C) 2000-2009 Jeffrey Stedfast
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include <gmime/gmime.h>
+#include <gmime/gmime-pkcs7-context.h>
+
+#include "testsuite.h"
+
+extern int verbose;
+
+#define v(x) if (verbose > 3) x
+
+static gboolean
+request_passwd (GMimeCipherContext *ctx, const char *user_id, const char *prompt_ctx, gboolean reprompt, GMimeStream *response, GError **err)
+{
+	g_mime_stream_write_string (response, "no.secret\n");
+	
+	return TRUE;
+}
+
+static void
+test_sign (GMimeCipherContext *ctx, GMimeStream *cleartext, GMimeStream *ciphertext)
+{
+	GError *err = NULL;
+	Exception *ex;
+	int rv;
+	
+	rv = g_mime_cipher_context_sign (ctx, "no user no domain",
+					 GMIME_CIPHER_HASH_SHA256,
+					 cleartext, ciphertext, &err);
+	
+	if (rv == -1 || err != NULL) {
+		ex = exception_new ("%s", err->message);
+		g_error_free (err);
+		throw (ex);
+	}
+	
+	v(fprintf (stderr, "signature (%s):\n%.*s\n",
+		   g_mime_cipher_context_hash_name (ctx, rv),
+		   GMIME_STREAM_MEM (ciphertext)->buffer->len,
+		   GMIME_STREAM_MEM (ciphertext)->buffer->data));
+}
+
+static void
+test_verify (GMimeCipherContext *ctx, GMimeStream *cleartext, GMimeStream *ciphertext)
+{
+	GMimeSignatureValidity *validity;
+	GError *err = NULL;
+	Exception *ex;
+	
+	validity = g_mime_cipher_context_verify (ctx, GMIME_CIPHER_HASH_DEFAULT,
+						 cleartext, ciphertext, &err);
+	
+	if (validity == NULL) {
+		ex = exception_new ("%s", err->message);
+		g_error_free (err);
+		throw (ex);
+	}
+	
+	if (validity->status != GMIME_SIGNATURE_STATUS_GOOD) {
+		g_mime_signature_validity_free (validity);
+		throw (exception_new ("signature BAD"));
+	}
+	
+	g_mime_signature_validity_free (validity);
+}
+
+static void
+test_encrypt (GMimeCipherContext *ctx, gboolean sign, GMimeStream *cleartext, GMimeStream *ciphertext)
+{
+	GPtrArray *recipients;
+	GError *err = NULL;
+	Exception *ex;
+	
+	recipients = g_ptr_array_new ();
+	g_ptr_array_add (recipients, "no user no domain");
+	
+	g_mime_cipher_context_encrypt (ctx, sign, "no user no domain", recipients,
+				       cleartext, ciphertext, &err);
+	
+	g_ptr_array_free (recipients, TRUE);
+	
+	if (err != NULL) {
+		ex = exception_new ("%s", err->message);
+		g_error_free (err);
+		throw (ex);
+	}
+	
+	v(fprintf (stderr, "ciphertext:\n%.*s\n",
+		   GMIME_STREAM_MEM (ciphertext)->buffer->len,
+		   GMIME_STREAM_MEM (ciphertext)->buffer->data));
+}
+
+static void
+test_decrypt (GMimeCipherContext *ctx, gboolean sign, GMimeStream *cleartext, GMimeStream *ciphertext)
+{
+	GMimeSignatureValidity *sv;
+	Exception *ex = NULL;
+	GMimeStream *stream;
+	GError *err = NULL;
+	GByteArray *buf[2];
+	
+	stream = g_mime_stream_mem_new ();
+	
+	if (!(sv = g_mime_cipher_context_decrypt (ctx, ciphertext, stream, &err))) {
+		g_object_unref (stream);
+		ex = exception_new ("%s", err->message);
+		g_error_free (err);
+		throw (ex);
+	}
+	
+	if (sign) {
+		if (sv->status != GMIME_SIGNATURE_STATUS_GOOD)
+			ex = exception_new ("expected GOOD signature");
+	} else {
+		if (sv->status != GMIME_SIGNATURE_STATUS_NONE)
+			ex = exception_new ("unexpected signature");
+	}
+	
+	g_mime_signature_validity_free (sv);
+	
+	if (ex != NULL) {
+		g_object_unref (stream);
+		throw (ex);
+	}
+	
+	buf[0] = GMIME_STREAM_MEM (cleartext)->buffer;
+	buf[1] = GMIME_STREAM_MEM (stream)->buffer;
+	
+	if (buf[0]->len != buf[1]->len || memcmp (buf[0]->data, buf[1]->data, buf[0]->len) != 0)
+		ex = exception_new ("decrypted data does not match original cleartext");
+	
+	g_object_unref (stream);
+	
+	if (ex != NULL)
+		throw (ex);
+}
+
+static void
+test_export (GMimeCipherContext *ctx, const char *path)
+{
+	GMimeStream *istream, *ostream;
+	register const char *inptr;
+	const char *inbuf, *outbuf;
+	size_t inlen, outlen;
+	Exception *ex = NULL;
+	GError *err = NULL;
+	GPtrArray *keys;
+	int fd;
+	
+	if ((fd = open (path, O_RDONLY, 0)) == -1)
+		throw (exception_new ("open() failed: %s", g_strerror (errno)));
+	
+	ostream = g_mime_stream_fs_new (fd);
+	istream = g_mime_stream_mem_new ();
+	g_mime_stream_write_to_stream (ostream, istream);
+	g_mime_stream_reset (istream);
+	g_object_unref (ostream);
+	
+	keys = g_ptr_array_new ();
+	g_ptr_array_add (keys, "no user no domain");
+	
+	ostream = g_mime_stream_mem_new ();
+	
+	g_mime_cipher_context_export_keys (ctx, keys, ostream, &err);
+	g_ptr_array_free (keys, TRUE);
+	if (err != NULL) {
+		ex = exception_new ("%s", err->message);
+		g_object_unref (istream);
+		g_object_unref (ostream);
+		g_error_free (err);
+		throw (ex);
+	}
+	
+	inbuf = (const char *) GMIME_STREAM_MEM (istream)->buffer->data;
+	inlen = GMIME_STREAM_MEM (istream)->buffer->len;
+	if ((inptr = strstr (inbuf, "\n\n"))) {
+		/* skip past the headers which may have different version numbers */
+		inptr += 2;
+		inlen -= (inptr - inbuf);
+		inbuf = inptr;
+	}
+	
+	outbuf = (const char *) GMIME_STREAM_MEM (ostream)->buffer->data;
+	outlen = GMIME_STREAM_MEM (ostream)->buffer->len;
+	if (outbuf && (inptr = strstr (outbuf, "\n\n"))) {
+		/* skip past the headers which may have different version numbers */
+		inptr += 2;
+		outlen -= (inptr - outbuf);
+		outbuf = inptr;
+	}
+	
+	if (outlen != inlen || memcmp (outbuf, inbuf, inlen) != 0)
+		ex = exception_new ("exported key does not match original key");
+	
+	g_object_unref (istream);
+	g_object_unref (ostream);
+	
+	if (ex != NULL)
+		throw (ex);
+}
+
+static void
+import_key (GMimeCipherContext *ctx, const char *path)
+{
+	GMimeStream *stream;
+	GError *err = NULL;
+	Exception *ex;
+	int fd;
+	
+	if ((fd = open (path, O_RDONLY, 0)) == -1)
+		throw (exception_new ("open() failed: %s", g_strerror (errno)));
+	
+	stream = g_mime_stream_fs_new (fd);
+	g_mime_cipher_context_import_keys (ctx, stream, &err);
+	g_object_unref (stream);
+	
+	if (err != NULL) {
+		ex = exception_new ("%s", err->message);
+		g_error_free (err);
+		throw (ex);
+	}
+}
+
+
+int main (int argc, char **argv)
+{
+	const char *datadir = "data/pkcs7";
+	GMimeStream *istream, *ostream;
+	GMimeCipherContext *ctx;
+	const char *what;
+	struct stat st;
+	char *key;
+	int i;
+	
+	g_mime_init (0);
+	
+	testsuite_init (argc, argv);
+	
+	/* reset .gnupg config directory */
+	system ("/bin/rm -rf ./tmp");
+	system ("/bin/mkdir ./tmp");
+	setenv ("GNUPGHOME", "./tmp/.gnupg", 1);
+	
+	for (i = 1; i < argc; i++) {
+		if (argv[i][0] != '-') {
+			datadir = argv[i];
+			break;
+		}
+	}
+	
+	if (i < argc && (stat (datadir, &st) == -1 || !S_ISDIR (st.st_mode)))
+		return EXIT_FAILURE;
+	
+	testsuite_start ("Pkcs7 cipher context");
+	
+	ctx = g_mime_pkcs7_context_new (request_passwd);
+	g_mime_pkcs7_context_set_always_trust ((GMimePkcs7Context *) ctx, TRUE);
+	
+	testsuite_check ("GMimePkcs7Context::import");
+	try {
+		key = g_build_filename (datadir, "gmime-cert.p7", NULL);
+		import_key (ctx, key);
+		g_free (key);
+		
+		key = g_build_filename (datadir, "gmime-cert.p12", NULL);
+		import_key (ctx, key);
+		g_free (key);
+		
+		testsuite_check_passed ();
+	} catch (ex) {
+		testsuite_check_failed ("GMimePkcs7Context::import failed: %s", ex->message);
+		return EXIT_FAILURE;
+	} finally;
+	
+	key = g_build_filename (datadir, "gmime-cert.p7", NULL);
+	testsuite_check ("GMimePkcs7Context::export");
+	try {
+		test_export (ctx, key);
+		testsuite_check_passed ();
+	} catch (ex) {
+		testsuite_check_failed ("GMimePkcs7Context::export failed: %s", ex->message);
+	} finally;
+	
+	g_free (key);
+	
+	istream = g_mime_stream_mem_new ();
+	ostream = g_mime_stream_mem_new ();
+	
+	g_mime_stream_write_string (istream, "this is some cleartext\r\n");
+	g_mime_stream_reset (istream);
+	
+	what = "GMimePkcs7Context::sign";
+	testsuite_check (what);
+	try {
+		test_sign (ctx, istream, ostream);
+		testsuite_check_passed ();
+		
+		what = "GMimePkcs7Context::verify";
+		testsuite_check (what);
+		g_mime_stream_reset (istream);
+		g_mime_stream_reset (ostream);
+		test_verify (ctx, istream, ostream);
+		testsuite_check_passed ();
+	} catch (ex) {
+		testsuite_check_failed ("%s failed: %s", what, ex->message);
+	} finally;
+	
+	g_object_unref (ostream);
+	g_mime_stream_reset (istream);
+	ostream = g_mime_stream_mem_new ();
+	
+	what = "GMimePkcs7Context::encrypt";
+	testsuite_check (what);
+	try {
+		test_encrypt (ctx, FALSE, istream, ostream);
+		testsuite_check_passed ();
+		
+		what = "GMimePkcs7Context::decrypt";
+		testsuite_check (what);
+		g_mime_stream_reset (istream);
+		g_mime_stream_reset (ostream);
+		test_decrypt (ctx, FALSE, istream, ostream);
+		testsuite_check_passed ();
+	} catch (ex) {
+		testsuite_check_failed ("%s failed: %s", what, ex->message);
+	} finally;
+	
+	g_object_unref (ostream);
+	g_mime_stream_reset (istream);
+	ostream = g_mime_stream_mem_new ();
+	
+	what = "GMimePkcs7Context::encrypt+sign";
+	testsuite_check (what);
+	try {
+		test_encrypt (ctx, TRUE, istream, ostream);
+		testsuite_check_passed ();
+		
+		what = "GMimePkcs7Context::decrypt+verify";
+		testsuite_check (what);
+		g_mime_stream_reset (istream);
+		g_mime_stream_reset (ostream);
+		test_decrypt (ctx, TRUE, istream, ostream);
+		testsuite_check_passed ();
+	} catch (ex) {
+		testsuite_check_failed ("%s failed: %s", what, ex->message);
+	} finally;
+	
+	g_object_unref (istream);
+	g_object_unref (ostream);
+	g_object_unref (ctx);
+	
+	testsuite_end ();
+	
+	g_mime_shutdown ();
+	
+	system ("/bin/rm -rf ./tmp");
+	
+	return testsuite_exit ();
+}
diff --git a/tests/test-smime.c b/tests/test-smime.c
new file mode 100644
index 0000000..60cf5c8
--- /dev/null
+++ b/tests/test-smime.c
@@ -0,0 +1,477 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
+/*  GMime
+ *  Copyright (C) 2000-2009 Jeffrey Stedfast
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include <gmime/gmime.h>
+#include <gmime/gmime-pkcs7-context.h>
+
+#include "testsuite.h"
+
+extern int verbose;
+
+#define v(x) if (verbose > 3) x
+
+static gboolean
+request_passwd (GMimeCipherContext *ctx, const char *user_id, const char *prompt_ctx, gboolean reprompt, GMimeStream *response, GError **err)
+{
+	g_mime_stream_write_string (response, "no.secret\n");
+	
+	return TRUE;
+}
+
+static void
+print_verify_results (const GMimeSignatureValidity *validity)
+{
+	GMimeSigner *signer;
+	
+	switch (validity->status) {
+	case GMIME_SIGNATURE_STATUS_NONE:
+		fputs ("NONE\n", stdout);
+		break;
+	case GMIME_SIGNATURE_STATUS_GOOD:
+		fputs ("GOOD\n", stdout);
+		break;
+	case GMIME_SIGNATURE_STATUS_BAD:
+		fputs ("BAD\n", stdout);
+		break;
+	case GMIME_SIGNATURE_STATUS_UNKNOWN:
+		fputs ("Unknown status\n", stdout);
+		break;
+	default:
+		fputs ("Unknown enum value\n", stdout);
+		break;
+	}
+	
+	fputs ("\nSigners:\n", stdout);
+	signer = validity->signers;
+	while (signer != NULL) {
+		fprintf (stdout, "\tName: %s\n", signer->name ? signer->name : "(null)");
+		fprintf (stdout, "\tKeyId: %s\n", signer->keyid ? signer->keyid : "(null)");
+		fprintf (stdout, "\tFingerprint: %s\n", signer->fingerprint ? signer->fingerprint : "(null)");
+		fprintf (stdout, "\tTrust: ");
+		
+		switch (signer->trust) {
+		case GMIME_SIGNER_TRUST_NONE:
+			fputs ("None\n", stdout);
+			break;
+		case GMIME_SIGNER_TRUST_NEVER:
+			fputs ("Never\n", stdout);
+		case GMIME_SIGNER_TRUST_UNDEFINED:
+			fputs ("Undefined\n", stdout);
+			break;
+		case GMIME_SIGNER_TRUST_MARGINAL:
+			fputs ("Marginal\n", stdout);
+			break;
+		case GMIME_SIGNER_TRUST_FULLY:
+			fputs ("Fully\n", stdout);
+			break;
+		case GMIME_SIGNER_TRUST_ULTIMATE:
+			fputs ("Ultimate\n", stdout);
+			break;
+		}
+		
+		fprintf (stdout, "\tStatus: ");
+		switch (signer->status) {
+		case GMIME_SIGNER_STATUS_NONE:
+			fputs ("None\n", stdout);
+			break;
+		case GMIME_SIGNER_STATUS_GOOD:
+			fputs ("GOOD\n", stdout);
+			break;
+		case GMIME_SIGNER_STATUS_BAD:
+			fputs ("BAD\n", stdout);
+			break;
+		case GMIME_SIGNER_STATUS_ERROR:
+			fputs ("ERROR\n", stdout);
+			break;
+		}
+		
+		fprintf (stdout, "\tSignature made on %s", ctime (&signer->sig_created));
+		if (signer->sig_expires != (time_t) 0)
+			fprintf (stdout, "\tSignature expires on %s", ctime (&signer->sig_expires));
+		else
+			fprintf (stdout, "\tSignature never expires\n");
+		
+		if (signer->errors) {
+			fprintf (stdout, "\tErrors: ");
+			if (signer->errors & GMIME_SIGNER_ERROR_EXPSIG)
+				fputs ("Expired, ", stdout);
+			if (signer->errors & GMIME_SIGNER_ERROR_NO_PUBKEY)
+				fputs ("No Pub Key, ", stdout);
+			if (signer->errors & GMIME_SIGNER_ERROR_EXPKEYSIG)
+				fputs ("Key Expired, ", stdout);
+			if (signer->errors & GMIME_SIGNER_ERROR_REVKEYSIG)
+				fputs ("Key Revoked", stdout);
+			fputc ('\n', stdout);
+		} else {
+			fprintf (stdout, "\tNo errors for this signer\n");
+		}
+		
+		if ((signer = signer->next))
+			fputc ('\n', stdout);
+	}
+	
+	fprintf (stdout, "\nValidity diagnostics: \n%s\n",
+		 g_mime_signature_validity_get_details (validity));
+}
+
+#define MULTIPART_SIGNED_CONTENT "This is a test of the emergency broadcast system \
+with an sha1 detach-sign.\n\nFrom now on, there will be text to try and break     \t\
+  \nvarious things. For example, the F in \"From\" in the previous line...\n...and \
+the first dot of this line have been pre-encoded in the QP encoding in order to test \
+that GMime properly treats MIME part content as opaque.\nIf this still verifies okay, \
+then we have ourselves a winner I guess...\n"
+
+static void
+test_multipart_signed (GMimeCipherContext *ctx)
+{
+	GMimeSignatureValidity *validity;
+	GMimeMultipartSigned *mps;
+	GMimeDataWrapper *content;
+	GMimeMessage *message;
+	GMimeStream *stream;
+	GMimeParser *parser;
+	GError *err = NULL;
+	GMimePart *part;
+	Exception *ex;
+	
+	part = g_mime_part_new_with_type ("text", "plain");
+	
+	stream = g_mime_stream_mem_new ();
+	g_mime_stream_write_string (stream, MULTIPART_SIGNED_CONTENT);
+#if 0
+	"This is a test of the emergency broadcast system with an sha1 detach-sign.\n\n"
+		"From now on, there will be text to try and break     \t  \n"
+		"various things. For example, the F in \"From\" in the previous line...\n"
+		"...and the first dot of this line have been pre-encoded in the QP encoding "
+		"in order to test that GMime properly treats MIME part content as opaque.\n"
+		"If this still verifies okay, then we have ourselves a winner I guess...\n";
+#endif
+	
+	g_mime_stream_reset (stream);
+	content = g_mime_data_wrapper_new_with_stream (stream, GMIME_CONTENT_ENCODING_DEFAULT);
+	g_object_unref (stream);
+	
+	g_mime_part_set_content_object (part, content);
+	g_object_unref (content);
+	
+	/* create the multipart/signed container part */
+	mps = g_mime_multipart_signed_new ();
+	
+	/* sign the part */
+	g_mime_multipart_signed_sign (mps, GMIME_OBJECT (part), ctx, "no user no domain",
+				      GMIME_CIPHER_HASH_SHA1, &err);
+	g_object_unref (part);
+	
+	if (err != NULL) {
+		ex = exception_new ("signing failed: %s", err->message);
+		g_object_unref (mps);
+		g_error_free (err);
+		throw (ex);
+	}
+	
+	message = g_mime_message_new (TRUE);
+	g_mime_message_set_sender (message, "\"Jeffrey Stedfast\" <fejj helixcode com>");
+	g_mime_message_set_reply_to (message, "fejj helixcode com");
+	g_mime_message_add_recipient (message, GMIME_RECIPIENT_TYPE_TO,
+				      "Federico Mena-Quintero",
+				      "federico helixcode com");
+	g_mime_message_set_subject (message, "This is a test message");
+	g_mime_object_set_header ((GMimeObject *) message, "X-Mailer", "main.c");
+	g_mime_message_set_mime_part (message, GMIME_OBJECT (mps));
+	g_object_unref (mps);
+	
+	stream = g_mime_stream_mem_new ();
+	g_mime_object_write_to_stream ((GMimeObject *) message, stream);
+	g_mime_stream_reset (stream);
+	g_object_unref (message);
+	
+	parser = g_mime_parser_new ();
+	g_mime_parser_init_with_stream (parser, stream);
+	g_object_unref (stream);
+	
+	message = g_mime_parser_construct_message (parser);
+	g_object_unref (parser);
+	
+	if (!GMIME_IS_MULTIPART_SIGNED (message->mime_part)) {
+		ex = exception_new ("resultant top-level mime part not a multipart/signed?");
+		g_object_unref (message);
+		throw (ex);
+	}
+	
+	mps = (GMimeMultipartSigned *) message->mime_part;
+	
+	v(fputs ("Trying to verify signature... ", stdout));
+	if (!(validity = g_mime_multipart_signed_verify (mps, ctx, &err))) {
+		ex = exception_new ("%s", err->message);
+		v(fputs ("failed.\n", stdout));
+		g_error_free (err);
+		throw (ex);
+	}
+	
+	v(print_verify_results (validity));
+	g_mime_signature_validity_free (validity);
+	
+	g_object_unref (message);
+}
+
+#define MULTIPART_ENCRYPTED_CONTENT "This is a test of multipart/encrypted.\n"
+
+static void
+test_multipart_encrypted (GMimeCipherContext *ctx, gboolean sign)
+{
+	const GMimeSignatureValidity *sv;
+	GMimeStream *cleartext, *stream;
+	GMimeMultipartEncrypted *mpe;
+	GMimeDataWrapper *content;
+	GMimeObject *decrypted;
+	GPtrArray *recipients;
+	GMimeMessage *message;
+	Exception *ex = NULL;
+	GMimeParser *parser;
+	GByteArray *buf[2];
+	GError *err = NULL;
+	GMimePart *part;
+	
+	cleartext = g_mime_stream_mem_new ();
+	g_mime_stream_write_string (cleartext, MULTIPART_ENCRYPTED_CONTENT);
+	g_mime_stream_reset (cleartext);
+	
+	content = g_mime_data_wrapper_new ();
+	g_mime_data_wrapper_set_stream (content, cleartext);
+	g_object_unref (cleartext);
+	
+	part = g_mime_part_new_with_type ("text", "plain");
+	g_mime_part_set_content_object (part, content);
+	g_object_unref (content);
+	
+	/* hold onto this for comparison later */
+	cleartext = g_mime_stream_mem_new ();
+	g_mime_object_write_to_stream ((GMimeObject *) part, cleartext);
+	g_mime_stream_reset (cleartext);
+	
+	/* create the multipart/encrypted container part */
+	mpe = g_mime_multipart_encrypted_new ();
+	
+	/* encrypt the part */
+	recipients = g_ptr_array_new ();
+	g_ptr_array_add (recipients, "no user no domain");
+	g_mime_multipart_encrypted_encrypt (mpe, GMIME_OBJECT (part), ctx, sign,
+					    "no user no domain", recipients, &err);
+	g_ptr_array_free (recipients, TRUE);
+	g_object_unref (part);
+	
+	if (err != NULL) {
+		ex = exception_new ("encryption failed: %s", err->message);
+		g_object_unref (cleartext);
+		g_object_unref (mpe);
+		g_error_free (err);
+		throw (ex);
+	}
+	
+	message = g_mime_message_new (TRUE);
+	g_mime_message_set_sender (message, "\"Jeffrey Stedfast\" <fejj helixcode com>");
+	g_mime_message_set_reply_to (message, "fejj helixcode com");
+	g_mime_message_add_recipient (message, GMIME_RECIPIENT_TYPE_TO,
+				      "Federico Mena-Quintero",
+				      "federico helixcode com");
+	g_mime_message_set_subject (message, "This is a test message");
+	g_mime_object_set_header ((GMimeObject *) message, "X-Mailer", "main.c");
+	g_mime_message_set_mime_part (message, GMIME_OBJECT (mpe));
+	g_object_unref (mpe);
+	
+	stream = g_mime_stream_mem_new ();
+	g_mime_object_write_to_stream ((GMimeObject *) message, stream);
+	g_mime_stream_reset (stream);
+	g_object_unref (message);
+	
+	parser = g_mime_parser_new ();
+	g_mime_parser_init_with_stream (parser, stream);
+	g_object_unref (stream);
+	
+	message = g_mime_parser_construct_message (parser);
+	g_object_unref (parser);
+	
+	if (!GMIME_IS_MULTIPART_ENCRYPTED (message->mime_part)) {
+		ex = exception_new ("resultant top-level mime part not a multipart/encrypted?");
+		g_object_unref (message);
+		throw (ex);
+	}
+	
+	mpe = (GMimeMultipartEncrypted *) message->mime_part;
+	
+	/* okay, now to test our decrypt function... */
+	decrypted = g_mime_multipart_encrypted_decrypt (mpe, ctx, &err);
+	if (!decrypted || err != NULL) {
+		ex = exception_new ("decryption failed: %s", err->message);
+		g_object_unref (cleartext);
+		g_error_free (err);
+		throw (ex);
+	}
+	
+	sv = g_mime_multipart_encrypted_get_signature_validity (mpe);
+	v(print_verify_results (sv));
+	
+	if (sign) {
+		if (sv->status != GMIME_SIGNATURE_STATUS_GOOD)
+			ex = exception_new ("signature validity status expected to be GOOD");
+	} else {
+		if (sv->status != GMIME_SIGNATURE_STATUS_NONE)
+			ex = exception_new ("signature validity status expected to be NONE");
+	}
+	
+	if (ex != NULL) {
+		g_object_unref (cleartext);
+		throw (ex);
+	}
+	
+	stream = g_mime_stream_mem_new ();
+	g_mime_object_write_to_stream (decrypted, stream);
+	
+	buf[0] = GMIME_STREAM_MEM (cleartext)->buffer;
+	buf[1] = GMIME_STREAM_MEM (stream)->buffer;
+	
+	if (buf[0]->len != buf[1]->len || memcmp (buf[0]->data, buf[1]->data, buf[0]->len) != 0)
+		ex = exception_new ("decrypted data does not match original cleartext");
+	
+	g_object_unref (cleartext);
+	g_object_unref (stream);
+	
+	if (ex != NULL)
+		throw (ex);
+}
+
+static void
+import_key (GMimeCipherContext *ctx, const char *path)
+{
+	GMimeStream *stream;
+	GError *err = NULL;
+	Exception *ex;
+	int fd;
+	
+	if ((fd = open (path, O_RDONLY, 0)) == -1)
+		throw (exception_new ("open() failed: %s", g_strerror (errno)));
+	
+	stream = g_mime_stream_fs_new (fd);
+	g_mime_cipher_context_import_keys (ctx, stream, &err);
+	g_object_unref (stream);
+	
+	if (err != NULL) {
+		ex = exception_new ("%s", err->message);
+		g_error_free (err);
+		throw (ex);
+	}
+}
+
+int main (int argc, char *argv[])
+{
+	const char *datadir = "data/smime";
+	GMimeCipherContext *ctx;
+	struct stat st;
+	char *key;
+	int i;
+	
+	g_mime_init (0);
+	
+	testsuite_init (argc, argv);
+	
+	/* reset .gnupg config directory */
+	system ("/bin/rm -rf ./tmp");
+	system ("/bin/mkdir ./tmp");
+	setenv ("GNUPGHOME", "./tmp/.gnupg", 1);
+	system ("/usr/bin/gpg --list-keys > /dev/null 2>&1");
+	
+	for (i = 1; i < argc; i++) {
+		if (argv[i][0] != '-') {
+			datadir = argv[i];
+			break;
+		}
+	}
+	
+	if (i < argc && (stat (datadir, &st) == -1 || !S_ISDIR (st.st_mode)))
+		return EXIT_FAILURE;
+	
+	testsuite_start ("S/MIME implementation");
+	
+	ctx = g_mime_pkcs7_context_new (request_passwd);
+	g_mime_pkcs7_context_set_always_trust ((GMimePkcs7Context *) ctx, TRUE);
+	
+	testsuite_check ("GMimePkcs7Context::import");
+	try {
+		key = g_build_filename (datadir, "gmime-cert.p7", NULL);
+		import_key (ctx, key);
+		g_free (key);
+		
+		key = g_build_filename (datadir, "gmime-cert.p12", NULL);
+		import_key (ctx, key);
+		g_free (key);
+		
+		testsuite_check_passed ();
+	} catch (ex) {
+		testsuite_check_failed ("GMimePkcs7Context::import failed: %s", ex->message);
+		return EXIT_FAILURE;
+	} finally;
+	
+	testsuite_check ("multipart/signed");
+	try {
+		test_multipart_signed (ctx);
+		testsuite_check_passed ();
+	} catch (ex) {
+		testsuite_check_failed ("multipart/signed failed: %s", ex->message);
+	} finally;
+	
+	testsuite_check ("multipart/encrypted");
+	try {
+		test_multipart_encrypted (ctx, FALSE);
+		testsuite_check_passed ();
+	} catch (ex) {
+		testsuite_check_failed ("multipart/encrypted failed: %s", ex->message);
+	} finally;
+	
+	testsuite_check ("multipart/encrypted+sign");
+	try {
+		test_multipart_encrypted (ctx, TRUE);
+		testsuite_check_passed ();
+	} catch (ex) {
+		testsuite_check_failed ("multipart/encrypted+sign failed: %s", ex->message);
+	} finally;
+	
+	g_object_unref (ctx);
+	
+	testsuite_end ();
+	
+	g_mime_shutdown ();
+	
+	system ("/bin/rm -rf ./tmp");
+	
+	return testsuite_exit ();
+}
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]