Imported Upstream version 2.4.0upstream/2.4.0upstream

20 files changed, 277 insertions, 74 deletions

diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am
index 58e1c2a..7998d2a 100644
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@@ -47,6 +47,7 @@ XTESTS = \
 	enarmor.scm \
 	mds.scm \
 	decrypt.scm \
+	decrypt-sym.scm \
 	decrypt-multifile.scm \
 	decrypt-dsa.scm \
 	decrypt-session-key.scm \
@@ -209,7 +210,9 @@ priv_keys = privkeys/50B2D4FA4122C212611048BC5FC31BD44393626E.asc \
             privkeys/1E28F20E41B54C2D1234D896096495FF57E08D18.asc \
             privkeys/EB33B687EB8581AB64D04852A54453E85F3DF62D.asc \
 	    privkeys/C6A6390E9388CDBAD71EAEA698233FE5E04F001E.asc \
-	    privkeys/D69102E0F5AC6B6DB8E4D16DA8E18CF46D88CAE3.asc
+	    privkeys/D69102E0F5AC6B6DB8E4D16DA8E18CF46D88CAE3.asc \
+	    privkeys/891067FFFC6D67D37BD4BFC399191C5F3989D1B5.key \
+	    privkeys/F27FC04CB01723A4CB6F5399F7B86CCD82C0169C.key
 
 sample_keys = samplekeys/README \
               samplekeys/ecc-sample-1-pub.asc \
@@ -228,6 +231,7 @@ sample_keys = samplekeys/README \
 	      samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc \
               samplekeys/rsa-rsa-sample-1.asc \
               samplekeys/ed25519-cv25519-sample-1.asc \
+              samplekeys/ed25519-cv25519-sample-2.asc \
 	      samplekeys/silent-running.asc \
 	      samplekeys/ssh-dsa.key \
 	      samplekeys/ssh-ecdsa.key \
@@ -240,6 +244,10 @@ sample_keys = samplekeys/README \
 sample_msgs = samplemsgs/clearsig-1-key-1.asc \
 	      samplemsgs/clearsig-2-keys-1.asc \
 	      samplemsgs/clearsig-2-keys-2.asc \
+	      samplemsgs/enc-sym-cfb-1.asc \
+	      samplemsgs/enc-sym-cfb-2.asc \
+	      samplemsgs/enc-sym-ocb-1.asc \
+	      samplemsgs/enc-sym-ocb-2.asc \
 	      samplemsgs/enc-1-key-1.asc \
 	      samplemsgs/enc-1-key-2.asc \
 	      samplemsgs/enc-2-keys-1.asc \
diff --git a/tests/openpgp/Makefile.in b/tests/openpgp/Makefile.in
index dc587e0..aaae970 100644
--- a/tests/openpgp/Makefile.in
+++ b/tests/openpgp/Makefile.in
@@ -433,16 +433,6 @@ AM_CPPFLAGS = -I$(top_srcdir)/common -DLOCALEDIR=\"$(localedir)\" \
 	$(am__append_1) $(am__append_2) $(am__append_3) \
 	$(am__append_4) $(am__append_5) $(am__append_6) \
 	$(am__append_7) $(am__append_8)
-@HAVE_W32CE_SYSTEM_FALSE@extra_sys_libs = 
-
-# Under Windows we use LockFileEx.  WindowsCE provides this only on
-# the WindowsMobile 6 platform and thus we need to use the coredll6
-# import library.  We also want to use a stacksize of 256k instead of
-# the 2MB which is the default with cegcc.  256k is the largest stack
-# we use with pth.
-@HAVE_W32CE_SYSTEM_TRUE@extra_sys_libs = -lcoredll6
-@HAVE_W32CE_SYSTEM_FALSE@extra_bin_ldflags = 
-@HAVE_W32CE_SYSTEM_TRUE@extra_bin_ldflags = -Wl,--stack=0x40000
 resource_objs = 
 
 # Convenience macros
@@ -466,6 +456,7 @@ XTESTS = \
 	enarmor.scm \
 	mds.scm \
 	decrypt.scm \
+	decrypt-sym.scm \
 	decrypt-multifile.scm \
 	decrypt-dsa.scm \
 	decrypt-session-key.scm \
@@ -613,7 +604,9 @@ priv_keys = privkeys/50B2D4FA4122C212611048BC5FC31BD44393626E.asc \
             privkeys/1E28F20E41B54C2D1234D896096495FF57E08D18.asc \
             privkeys/EB33B687EB8581AB64D04852A54453E85F3DF62D.asc \
 	    privkeys/C6A6390E9388CDBAD71EAEA698233FE5E04F001E.asc \
-	    privkeys/D69102E0F5AC6B6DB8E4D16DA8E18CF46D88CAE3.asc
+	    privkeys/D69102E0F5AC6B6DB8E4D16DA8E18CF46D88CAE3.asc \
+	    privkeys/891067FFFC6D67D37BD4BFC399191C5F3989D1B5.key \
+	    privkeys/F27FC04CB01723A4CB6F5399F7B86CCD82C0169C.key
 
 sample_keys = samplekeys/README \
               samplekeys/ecc-sample-1-pub.asc \
@@ -632,6 +625,7 @@ sample_keys = samplekeys/README \
 	      samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc \
               samplekeys/rsa-rsa-sample-1.asc \
               samplekeys/ed25519-cv25519-sample-1.asc \
+              samplekeys/ed25519-cv25519-sample-2.asc \
 	      samplekeys/silent-running.asc \
 	      samplekeys/ssh-dsa.key \
 	      samplekeys/ssh-ecdsa.key \
@@ -644,6 +638,10 @@ sample_keys = samplekeys/README \
 sample_msgs = samplemsgs/clearsig-1-key-1.asc \
 	      samplemsgs/clearsig-2-keys-1.asc \
 	      samplemsgs/clearsig-2-keys-2.asc \
+	      samplemsgs/enc-sym-cfb-1.asc \
+	      samplemsgs/enc-sym-cfb-2.asc \
+	      samplemsgs/enc-sym-ocb-1.asc \
+	      samplemsgs/enc-sym-ocb-2.asc \
 	      samplemsgs/enc-1-key-1.asc \
 	      samplemsgs/enc-1-key-2.asc \
 	      samplemsgs/enc-2-keys-1.asc \
diff --git a/tests/openpgp/README b/tests/openpgp/README
index 63f1886..1225d4a 100644
--- a/tests/openpgp/README
+++ b/tests/openpgp/README
@@ -218,8 +218,8 @@ There is one source function, tr:open.  To describe a transformation
 using some process, use tr:spawn, tr:gpg, or tr:pipe-do.  There are
 several sinks, although sink is not quite the right term, because the
 data is not consumed, and hence one can use them at any position.  The
-"sinks" are tr:write-to, tr:call-with-content, tr:assert-identity, and
-tr:assert-weak-identity.
+"sinks" are tr:write-to, tr:call-with-content, tr:assert-identity,
+tr:assert-weak-identity, and tr:assert-same.
 
 A somewhat contrived example demonstrating many functions is:
 
diff --git a/tests/openpgp/all-tests.scm b/tests/openpgp/all-tests.scm
index 98a8a65..e40e02d 100644
--- a/tests/openpgp/all-tests.scm
+++ b/tests/openpgp/all-tests.scm
@@ -30,6 +30,7 @@
    (make-environment-cache
     (test::scm
      #f
+     #f
      (path-join "tests" "openpgp" "setup.scm")
      (in-srcdir "tests" "openpgp" "setup.scm"))))
 
@@ -40,7 +41,8 @@
    (make-environment-cache
     (test::scm
      #f
-     (qualify (path-join "tests" "openpgp" "setup.scm") variant)
+     variant
+     (path-join "tests" "openpgp" "setup.scm")
      (in-srcdir "tests" "openpgp" "setup.scm")
      (string-append "--" variant))))
 
@@ -62,7 +64,8 @@
  (define tests
    (map (lambda (name)
 	  (test::scm setup
-		     (qualify (path-join "tests" "openpgp" name) "standard")
+		     "standard"
+		     (path-join "tests" "openpgp" name)
 		     (in-srcdir "tests" "openpgp" name))) all-tests))
 
  (when *run-all-tests*
@@ -73,17 +76,16 @@
 	      (if keyboxd-enabled?
 		  (map (lambda (name)
 			 (test::scm setup-use-keyboxd
-				    (qualify (path-join "tests" "openpgp" name)
-					     "keyboxd")
+				    "keyboxd"
+				    (path-join "tests" "openpgp" name)
 				    (in-srcdir "tests" "openpgp" name)
 				    "--use-keyboxd")) all-tests))
 	      ;; The third pass uses the legact pubring.gpg
 	      (map (lambda (name)
 		     (test::scm setup-use-keyring
-				(qualify (path-join "tests" "openpgp" name)
-					 "keyring")
+				"keyring"
+				(path-join "tests" "openpgp" name)
 				(in-srcdir "tests" "openpgp" name)
-				"--use-keyring")) all-tests)
-	      )))
+				"--use-keyring")) all-tests))))
 
  tests)
diff --git a/tests/openpgp/decrypt-sym.scm b/tests/openpgp/decrypt-sym.scm
new file mode 100644
index 0000000..7af88ea
--- /dev/null
+++ b/tests/openpgp/decrypt-sym.scm
@@ -0,0 +1,38 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2022 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (in-srcdir "tests" "openpgp" "defs.scm"))
+(setup-legacy-environment)
+
+(define passphrase "password")
+(define plaintext "Hello, world!\n")
+
+
+(for-each-p
+ "Checking decryption of symmetric encrypted files"
+ (lambda (name)
+   (tr:do
+    (tr:open (in-srcdir "tests" "openpgp" "samplemsgs"
+                        (string-append name ".asc")))
+    (tr:gpg passphrase '(--passphrase-fd "0" --yes --decrypt))
+    (tr:assert-same plaintext)))
+ '("enc-sym-cfb-1"
+   "enc-sym-cfb-2"
+   "enc-sym-ocb-1"
+   "enc-sym-ocb-2"))
diff --git a/tests/openpgp/defs.scm b/tests/openpgp/defs.scm
index 6795512..bf3714f 100644
--- a/tests/openpgp/defs.scm
+++ b/tests/openpgp/defs.scm
@@ -146,6 +146,9 @@
   (gpg-conf' "" args))
 (define (gpg-conf' input args)
   (let ((s (call-popen `(,(tool-hardcoded 'gpgconf)
+			 ,@(if *win32*
+			       (list '--build-prefix (getenv "objdir"))
+			       '())
 			 ,@args) input)))
     (map (lambda (line) (map percent-decode (string-split line #\:)))
 	 (string-split-newlines s))))
@@ -210,6 +213,9 @@
 (define (tr:gpg input args)
   (tr:spawn input `(,@GPG --output **out** ,@args **in**)))
 
+(define (tr:gpgstatus input args)
+  (tr:spawn input `(,@GPG --output dummy --status-file **out** ,@args **in**)))
+
 (define (pipe:gpg args)
   (pipe:spawn `(,@GPG --output - ,@args)))
 
@@ -418,6 +424,13 @@
      "EB33B687EB8581AB64D04852A54453E85F3DF62D"
      "C6A6390E9388CDBAD71EAEA698233FE5E04F001E"
      "D69102E0F5AC6B6DB8E4D16DA8E18CF46D88CAE3"))
+  (for-each
+   (lambda (name)
+     (file-copy (in-srcdir "tests" "openpgp" "privkeys"
+                           (string-append name ".key"))
+	        (string-append "private-keys-v1.d/" name ".key")))
+   '("891067FFFC6D67D37BD4BFC399191C5F3989D1B5"
+     "F27FC04CB01723A4CB6F5399F7B86CCD82C0169C"))
 
   (log "Importing public demo and test keys")
   (for-each
diff --git a/tests/openpgp/encrypt.scm b/tests/openpgp/encrypt.scm
index f59a1f0..ef2f7b0 100755
--- a/tests/openpgp/encrypt.scm
+++ b/tests/openpgp/encrypt.scm
@@ -59,3 +59,68 @@
     (tr:gpg "" '(--yes --decrypt))
     (tr:assert-identity source)))
  plain-files)
+
+
+(info "Importing additional sample keys for OCB tests")
+(for-each
+  (lambda (name)
+    (call `(,@GPG --yes --import ,(in-srcdir "tests" "openpgp" "samplekeys"
+                                             (string-append  name ".asc")))))
+  '("ed25519-cv25519-sample-1"
+    "ed25519-cv25519-sample-2"
+    "rsa-rsa-sample-1"))
+
+(for-each-p
+ "Checking OCB mode"
+ (lambda (source)
+   (tr:do
+    (tr:open source)
+    (tr:gpg "" `(--yes -er ,"patrice.lumumba"))
+    (tr:gpg "" '(--yes -d))
+    (tr:assert-identity source)))
+ all-files)
+
+;; For reference:
+;;   BEGIN_ENCRYPTION  <mdc_method> <sym_algo> [<aead_algo>]
+
+(for-each-p
+ "Checking two OCB capable keys"
+ (lambda (source)
+   (tr:do
+    (tr:open source)
+    (tr:gpgstatus "" `(--yes -e
+                       -r ,"patrice.lumumba"
+                       -r ,"mahsa.amini"))
+    (tr:call-with-content
+     (lambda (c)
+       (unless (string-contains? c "[GNUPG:] BEGIN_ENCRYPTION 0 9 2")
+	  (fail (string-append "Unexpected status: " c)))))))
+ '("plain-1"))
+
+(for-each-p
+ "Checking two OCB capable keys plus one not capable"
+ (lambda (source)
+   (tr:do
+    (tr:open source)
+    (tr:gpgstatus "" `(--yes -o out -e
+                             -r ,"patrice.lumumba"
+                             -r ,"mahsa.amini"
+                             -r ,"steve.biko"))
+    (tr:call-with-content
+     (lambda (c)
+       (unless (string-contains? c "[GNUPG:] BEGIN_ENCRYPTION 2 9")
+          (fail (string-append "Unexpected status: " c)))))))
+ '("plain-1"))
+
+(for-each-p
+ "Checking non OCB capable key with --force-ocb"
+ (lambda (source)
+   (tr:do
+    (tr:open source)
+    (tr:gpgstatus "" `(--yes -e --force-ocb
+                       -r ,"steve.biko"))
+    (tr:call-with-content
+     (lambda (c)
+       (unless (string-contains? c "[GNUPG:] BEGIN_ENCRYPTION 0 9 2")
+	  (fail (string-append "Unexpected status: " c)))))))
+ '("plain-1"))
diff --git a/tests/openpgp/fake-pinentry.c b/tests/openpgp/fake-pinentry.c
index fb0c6ae..18b6057 100644
--- a/tests/openpgp/fake-pinentry.c
+++ b/tests/openpgp/fake-pinentry.c
@@ -196,28 +196,20 @@ option_value (const char *line, const char *name)
   return NULL;
 }
 
-int
-main (int argc, char **argv)
+static int
+parse_pinentry_user_data (const char *args,
+                          char **r_passphrase)
 {
-  char *args;
-  char *option_user_data = NULL;
-  int got_environment_user_data;
   char *logfile;
   char *passphrasefile;
   char *passphrase;
 
-  /* We get our options via PINENTRY_USER_DATA.  */
-  (void) argc, (void) argv;
-
-  setvbuf (stdin, NULL, _IOLBF, BUFSIZ);
-  setvbuf (stdout, NULL, _IOLBF, BUFSIZ);
+  *r_passphrase = NULL;
 
-  args = getenv ("PINENTRY_USER_DATA");
-  got_environment_user_data = !!args;
-  if (! args)
-    args = "";
+  if (log_stream)
+    fclose (log_stream);
+  log_stream = NULL;
 
- restart:
   logfile = option_value (args, "--logfile");
   if (logfile)
     {
@@ -232,7 +224,7 @@ main (int argc, char **argv)
       if (! log_stream)
         {
           perror (logfile);
-          return 1;
+          return -1;
         }
     }
 
@@ -251,20 +243,31 @@ main (int argc, char **argv)
         {
           reply ("# Passphrasefile '%s' is empty.  Terminating.\n",
                  passphrasefile);
-          return 1;
+          return -1;
         }
 
       rstrip (passphrase);
     }
   else
-    {
-      passphrase = skip_options (args);
-      if (*passphrase == 0)
-        passphrase = "no PINENTRY_USER_DATA -- using default passphrase";
-    }
+    passphrase = strdup (skip_options (args));
+
+  *r_passphrase = passphrase;
+  return 0;
+}
 
-  reply ("# fake-pinentry(%u) started.  Passphrase='%s'.\n",
-         (unsigned int)getpid (), passphrase);
+
+int
+main (int argc, char **argv)
+{
+  char *passphrase = NULL;
+
+  /* We get our options via PINENTRY_USER_DATA.  */
+  (void) argc, (void) argv;
+
+  setvbuf (stdin, NULL, _IOLBF, BUFSIZ);
+  setvbuf (stdout, NULL, _IOLBF, BUFSIZ);
+
+  reply ("# fake-pinentry(%u) started.\n", (unsigned int)getpid ());
   reply ("OK - what's up?\n");
 
   while (! feof (stdin))
@@ -282,7 +285,12 @@ main (int argc, char **argv)
 #define OPT_USER_DATA	"OPTION pinentry-user-data="
 
       if (strncmp (buffer, "GETPIN", 6) == 0)
-        reply ("D %s\n", passphrase);
+        {
+          if (passphrase)
+            reply ("D %s\n", passphrase);
+          else
+            reply ("D deafult\n");
+        }
       else if (strncmp (buffer, "BYE", 3) == 0)
 	{
 	  reply ("OK\n");
@@ -290,18 +298,12 @@ main (int argc, char **argv)
 	}
       else if (strncmp (buffer, OPT_USER_DATA, strlen (OPT_USER_DATA)) == 0)
         {
-          if (got_environment_user_data)
+          if (parse_pinentry_user_data (buffer + strlen (OPT_USER_DATA),
+                                        &passphrase) < 0)
             {
-              reply ("OK - I already got the data from the environment.\n");
-              continue;
+              /* Failure. */
+              return 1;
             }
-
-          if (log_stream)
-            fclose (log_stream);
-          log_stream = NULL;
-          free (option_user_data);
-          option_user_data = args = strdup (buffer + strlen (OPT_USER_DATA));
-          goto restart;
         }
 
       reply ("OK\n");
@@ -313,6 +315,7 @@ main (int argc, char **argv)
   if (log_stream)
     fclose (log_stream);
 
-  free (option_user_data);
+  if (passphrase)
+    free (passphrase);
   return 0;
 }
diff --git a/tests/openpgp/issue2941.scm b/tests/openpgp/issue2941.scm
index 8f625eb..306df6c 100755
--- a/tests/openpgp/issue2941.scm
+++ b/tests/openpgp/issue2941.scm
@@ -29,6 +29,6 @@
 (for-each-p
  "Checking invocation with invalid file descriptors (issue2941)."
  (lambda (option)
-   (check-failure `(,(string-append "--" option "=23") --sign gpg.conf)))
+   (check-failure `(,(string-append "--" option "=233") --sign gpg.conf)))
  '("status-fd" "attribute-fd" "logger-fd"
    "override-session-key-fd" "passphrase-fd" "command-fd"))
diff --git a/tests/openpgp/privkeys/891067FFFC6D67D37BD4BFC399191C5F3989D1B5.key b/tests/openpgp/privkeys/891067FFFC6D67D37BD4BFC399191C5F3989D1B5.key
new file mode 100644
index 0000000..3e805d4
--- /dev/null
+++ b/tests/openpgp/privkeys/891067FFFC6D67D37BD4BFC399191C5F3989D1B5.key
@@ -0,0 +1,5 @@
+Created: 20220916T120000
+Key: (private-key (ecc (curve Curve25519)(flags djb-tweak)(q
+  #409651F6DD19C8F562792274BCE044F8916609FBDA25EE3DFA21207DCE8CBA0C63#)
+ (d #778955D781825551C8B8025DF6A9D7A00613331DE35711F56C65676A98E565F8#)
+ ))
diff --git a/tests/openpgp/privkeys/F27FC04CB01723A4CB6F5399F7B86CCD82C0169C.key b/tests/openpgp/privkeys/F27FC04CB01723A4CB6F5399F7B86CCD82C0169C.key
new file mode 100644
index 0000000..5446438
--- /dev/null
+++ b/tests/openpgp/privkeys/F27FC04CB01723A4CB6F5399F7B86CCD82C0169C.key
@@ -0,0 +1,5 @@
+Created: 20220916T120000
+Key: (private-key (ecc (curve Ed25519)(flags eddsa)(q
+  #403905D615CA9A98D674F1CC7AA8B5E9F948D7D2FB2E7536ED6027B014B1F948E6#)
+ (d #F1E5A1387736A9BD0976AA1FA1D217C3A75EC636605EA8EEAF3C84A9C13E01B4#)
+ ))
diff --git a/tests/openpgp/run-tests.scm b/tests/openpgp/run-tests.scm
index 8f94359..faf52d8 100644
--- a/tests/openpgp/run-tests.scm
+++ b/tests/openpgp/run-tests.scm
@@ -29,6 +29,7 @@
 (define setup
   (make-environment-cache (test::scm
 			   #f
+			   #f
 			   (path-join "tests" "openpgp" "setup.scm")
 			   (in-srcdir "tests" "openpgp" "setup.scm"))))
 
@@ -55,11 +56,12 @@
                (if use-keyboxd?
 	           (map (lambda (name)
 		          (test::scm setup-use-keyboxd
-				     (qualify (path-join "tests" "openpgp" name)
-					      "keyboxd")
+				     "keyboxd"
+				     (path-join "tests" "openpgp" name)
 				     (in-srcdir "tests" "openpgp" name)
                                      "--use-keyboxd")) tests)
 	           (map (lambda (name)
 		          (test::scm setup
+				     #f
 				     (path-join "tests" "openpgp" name)
 				     (in-srcdir "tests" "openpgp" name))) tests))))
diff --git a/tests/openpgp/samplekeys/README b/tests/openpgp/samplekeys/README
index 74635c7..682dfc0 100644
--- a/tests/openpgp/samplekeys/README
+++ b/tests/openpgp/samplekeys/README
@@ -17,6 +17,7 @@ E657FB607BB4F21C90BB6651BC067AF28BC90111.asc Key with subkeys (no protection)
 pgp-desktop-skr.asc    Secret key with subkeys w/o signatures
 rsa-rsa-sample-1.asc   RSA+RSA sample key (no passphrase)
 ed25519-cv25519-sample-1.asc  Ed25519+CV25519 sample key (no passphrase)
+ed25519-cv25519-sample-2.asc  Ed25519+CV25519 sample key (no passphrase)
 silent-running.asc     Collection of sample secret keys (no passphrases)
 rsa-primary-auth-only.pub.asc  rsa2408 primary only, usage: cert,auth
 rsa-primary-auth-only.sec.asc  Ditto but the secret keyblock.
diff --git a/tests/openpgp/samplekeys/ed25519-cv25519-sample-1.asc b/tests/openpgp/samplekeys/ed25519-cv25519-sample-1.asc
index 54d2044..53e2440 100644
--- a/tests/openpgp/samplekeys/ed25519-cv25519-sample-1.asc
+++ b/tests/openpgp/samplekeys/ed25519-cv25519-sample-1.asc
@@ -1,21 +1,21 @@
 pub   ed25519 2016-06-22 [SC]
       B21DEAB4F875FB3DA42F1D1D139563682A020D0A
       Keygrip = 1E28F20E41B54C2D1234D896096495FF57E08D18
-uid           [ unknown] patrice.lumumba@example.net
+uid                      patrice.lumumba@example.net
 sub   cv25519 2016-06-22 [E]
       8D0221D9B2877A741D69AC4E9185878E4FCD74C0
       Keygrip = EB33B687EB8581AB64D04852A54453E85F3DF62D
 
 -----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v2
 
 mDMEV2o9XRYJKwYBBAHaRw8BAQdAZ8zkuQDL9x7rcvvoo6s3iEF1j88Dknd9nZhL
-nTEoBRm0G3BhdHJpY2UubHVtdW1iYUBleGFtcGxlLm5ldIh5BBMWCAAhBQJXaj1d
-AhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEBOVY2gqAg0KmQ0BAMUNzAlT
-OzG7tolSI92lhePi5VqutdqTEQTyYYWi1aEsAP0YfiuosNggTc0oRTSz46S3i0Qj
-AlpXwfU00888yIreDbg4BFdqPY0SCisGAQQBl1UBBQEBB0AWeeZlz31O4qTmIKr3
-CZhlRUXZFxc3YKyoCXyIZBBRawMBCAeIYQQYFggACQUCV2o9jQIbDAAKCRATlWNo
-KgINCsuFAP9BplWl813pi779V8OMsRGs/ynyihnOESft/H8qlM8PDQEAqIUPpIty
-OX/OBFy2RIlIi7J1bTp9RzcbzQ/4Fk4hWQQ=
-=qRfF
+nTEoBRm0G3BhdHJpY2UubHVtdW1iYUBleGFtcGxlLm5ldIiTBBMWCAA7AhsDAheA
+FiEEsh3qtPh1+z2kLx0dE5VjaCoCDQoFAmNkyZ0FCwkIBwICIgIGFQgJCgsCBBYC
+AwECHgcACgkQE5VjaCoCDQoKxwEAyVSPe4kwcvjlL9iZYftqwmCQpL6Sd7smgBdb
+naqvAEMA/RrGBjSTGzTvFMVlIcT0Jr1uPVHig7twPnpzbL1uWUwLuDgEV2o9jRIK
+KwYBBAGXVQEFAQEHQBZ55mXPfU7ipOYgqvcJmGVFRdkXFzdgrKgJfIhkEFFrAwEI
+B4hhBBgWCAAJBQJXaj2NAhsMAAoJEBOVY2gqAg0Ky4UA/0GmVaXzXemLvv1Xw4yx
+Eaz/KfKKGc4RJ+38fyqUzw8NAQCohQ+ki3I5f84EXLZEiUiLsnVtOn1HNxvND/gW
+TiFZBA==
+=u4Iu
 -----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/openpgp/samplekeys/ed25519-cv25519-sample-2.asc b/tests/openpgp/samplekeys/ed25519-cv25519-sample-2.asc
new file mode 100644
index 0000000..2e72851
--- /dev/null
+++ b/tests/openpgp/samplekeys/ed25519-cv25519-sample-2.asc
@@ -0,0 +1,21 @@
+pub   ed25519 2022-09-16 [SC]
+      5F1438D784C8C68400645518AE08687BF38AFFF3
+      Keygrip = F27FC04CB01723A4CB6F5399F7B86CCD82C0169C
+uid                      mahsa.amini@example.net
+sub   cv25519 2022-09-16 [E]
+      FFE7440568492D986F3B88BD9E64CB003A8D6449
+      Keygrip = 891067FFFC6D67D37BD4BFC399191C5F3989D1B5
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mDMEYyRlQBYJKwYBBAHaRw8BAQdAOQXWFcqamNZ08cx6qLXp+UjX0vsudTbtYCew
+FLH5SOa0F21haHNhLmFtaW5pQGV4YW1wbGUubmV0iJMEExYKADsWIQRfFDjXhMjG
+hABkVRiuCGh784r/8wUCYyRlQAIbAwULCQgHAgIiAgYVCgkICwIEFgIDAQIeBwIX
+gAAKCRCuCGh784r/8wYzAQDTikkZd/G/o1DtfGq/k0R9ctcZCD9vHKH3PNj2atfX
+cwEAt5zFYyEe2OPzJ5HYffOPhcyK2kPsvkerLfdXy/K8QAe4OARjJGVAEgorBgEE
+AZdVAQUBAQdAllH23RnI9WJ5InS84ET4kWYJ+9ol7j36ISB9zoy6DGMDAQgHiHgE
+GBYKACAWIQRfFDjXhMjGhABkVRiuCGh784r/8wUCYyRlQAIbDAAKCRCuCGh784r/
+89lTAQDpupXGKLSlga2qHgtaud47oU5edY48MZ7CBnFByi5IAQEA2nJpUsVuaQl2
+XSURaPTUi0C98ny61kwGcVtOcTFpPgY=
+=r11D
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/openpgp/samplemsgs/enc-sym-cfb-1.asc b/tests/openpgp/samplemsgs/enc-sym-cfb-1.asc
new file mode 100644
index 0000000..24415c9
--- /dev/null
+++ b/tests/openpgp/samplemsgs/enc-sym-cfb-1.asc
@@ -0,0 +1,9 @@
+Symmetric encrypted message of "Hello, world!\n" using
+the passphrase "password" and cipher AES128.CFB.
+
+-----BEGIN PGP MESSAGE-----
+
+jA0EBwMCt0tGQ7H0b2Xt0j8BHVEh+mzI3SyApdQmObZuDtAKNk/dRbERyF7haRCn
+cw3N5t3hbOZ/fWlN/BRAaKplninV//QEo8lqheFFpmI=
+=LxrG
+-----END PGP MESSAGE-----
diff --git a/tests/openpgp/samplemsgs/enc-sym-cfb-2.asc b/tests/openpgp/samplemsgs/enc-sym-cfb-2.asc
new file mode 100644
index 0000000..391b31d
--- /dev/null
+++ b/tests/openpgp/samplemsgs/enc-sym-cfb-2.asc
@@ -0,0 +1,9 @@
+Symmetric encrypted message of "Hello, world!\n" using
+the passphrase "password" and cipher AES256.CFB.
+
+-----BEGIN PGP MESSAGE-----
+
+jA0ECQMCN4BmCgZpVHDt0j8B1MRJ3ezrbVqU3Xofj5ykOmb7dgYytxzk6QHqzdNO
+lorumncKV+xjFkte8uKqaGJoPhoKb2s9uJWDgugLMDM=
+=gy0I
+-----END PGP MESSAGE-----
diff --git a/tests/openpgp/samplemsgs/enc-sym-ocb-1.asc b/tests/openpgp/samplemsgs/enc-sym-ocb-1.asc
new file mode 100644
index 0000000..783cc9d
--- /dev/null
+++ b/tests/openpgp/samplemsgs/enc-sym-ocb-1.asc
@@ -0,0 +1,11 @@
+Symmetric encrypted message of "Hello, world!\n" using
+the passphrase "password" and cipher AES128.OCB.
+This is the sample message from the rfc4880bis specs.
+
+-----BEGIN PGP MESSAGE-----
+
+wz0FBwIDCJ8LfaPl6mR3kJnjJuVACpCTbO+06OugjGdzcW0fJxRUCjj8rFKZSdrF
+KdPeMeFbSutynjMAM9vt1EkBBwIOXtK8HkcKvo8dZEx6bIpWew93ARlmEaFUupwl
+dM0FYoSo72gDXGI9k8xwikMhG7bq8rJ/fBjVcbzYOyCt06CLc68VuaCY
+=xyh5
+-----END PGP MESSAGE-----
diff --git a/tests/openpgp/samplemsgs/enc-sym-ocb-2.asc b/tests/openpgp/samplemsgs/enc-sym-ocb-2.asc
new file mode 100644
index 0000000..a1738e8
--- /dev/null
+++ b/tests/openpgp/samplemsgs/enc-sym-ocb-2.asc
@@ -0,0 +1,11 @@
+Symmetric encrypted message of "Hello, world!\n" using
+the passphrase "password" and cipher AES256.OCB.
+
+-----BEGIN PGP MESSAGE-----
+
+jE0FCQIDAvYE/YfWbrWF7T3TKFmFzU/o5JSmot/OwIoDZc4sABYLMuTjVeCXUaRp
+unDEDnkCz0tsov+7ljb/tu2NUDGnybSsupE+E4bMf9RJAQkCEMhe3HeHBrv1jHsS
+gbmxjSQ/r1whc40/vh6ACbp/Yu2Te1Gf/mPxS9mgLDbIeah3G9/kXlheO4X2Hhuy
+iOCOZdpPiAp1QA==
+=U8eG
+-----END PGP MESSAGE-----
diff --git a/tests/openpgp/shell.scm b/tests/openpgp/shell.scm
index 347b3a0..af4f254 100644
--- a/tests/openpgp/shell.scm
+++ b/tests/openpgp/shell.scm
@@ -47,7 +47,9 @@
 			(pathsep-split (getenv "PATH"))))
 	#t)
 
-(echo "\nEnjoy your test environment. "
+(if (prompt-yes-no? "Run system shell" #t)
+    ((echo "\nEnjoy your test environment. "
       "Type 'exit' to exit it, it will be cleaned up after you.\n")
-
-(interactive-shell)
+     (interactive-shell))
+    ((echo "\nEnjoy the REPL.")
+     (interactive-repl (current-environment))))