[test suite] added GPG 4096-bit key combination tests

Makefile.am

@@ -166,6 +166,7 @@ EXTRA_DIST = \
     test/conf/gpg_invalid_sig_id_access.conf \
     test/conf/gpg_large_signing_key_access.conf \
     test/conf/gpg_subkey_access.conf \
+    test/conf/gpg_server_large_key_access.conf \
     test/conf/fwknoprc_gpg_invalid_exe \
     test/conf/fwknoprc_hmac_defaults \
     test/conf/fwknoprc_hmac_time_offset_mins \

test/conf/gpg_server_large_key_access.conf

@@ -0,0 +1,6 @@
+SOURCE                      ANY
+FW_ACCESS_TIMEOUT           3
+GPG_HOME_DIR                conf/server-gpg-large-no-pw
+GPG_DECRYPT_ID              40051F51
+GPG_ALLOW_NO_PW             Y
+GPG_REMOTE_ID               9CF38326

test/test-fwknop.pl

@@ -61,6 +61,7 @@ our $gpg_server_key = '361BBAD4';
 our $gpg_client_key = '6A3FAD56';
 our $gpg_server_key2 = 'EF5AF06A';
 our $gpg_client_large_key = '31415ADE';
+our $gpg_server_large_key = '40051F51';
 
 #gpg --homedir ./client-gpg-subkeys-no-pw/ --list-keys
 #./client-gpg-subkeys-no-pw//pubring.gpg
@@ -462,6 +463,7 @@ our %cf = (
     'gpg_invalid_sig_id_access'    => "$conf_dir/gpg_invalid_sig_id_access.conf",
     'gpg_large_signing_key_access' => "$conf_dir/gpg_large_signing_key_access.conf",
     'gpg_subkey_access'            => "$conf_dir/gpg_subkey_access.conf",
+    'gpg_server_large_key_access'  => "$conf_dir/gpg_server_large_key_access.conf",
     'tcp_server'                   => "$conf_dir/tcp_server_fwknopd.conf",
     'udp_server'                   => "$conf_dir/udp_server_fwknopd.conf",
     'spa_over_http'                => "$conf_dir/spa_over_http_fwknopd.conf",
@@ -699,6 +701,18 @@ our $client_gpg_subkey_args_no_pw = "$default_client_args_no_get_key " .
     "--gpg-signer-key $gpg_client_subkey " .
     "--gpg-home-dir $gpg_client_subkey_no_pw";
 
+our $client_gpg_server_4096_args_no_pw = "$default_client_args_no_get_key " .
+    "--gpg-no-signing-pw " .
+    "--gpg-recipient-key $gpg_server_large_key " .
+    "--gpg-signer-key $gpg_client_subkey " .
+    "--gpg-home-dir $gpg_client_subkey_no_pw";
+
+our $client_and_server_gpg_4096_args_no_pw = "$default_client_args_no_get_key " .
+    "--gpg-no-signing-pw " .
+    "--gpg-recipient-key $gpg_server_large_key " .
+    "--gpg-signer-key $gpg_client_large_key " .
+    "--gpg-home-dir $gpg_client_4096_bit_key_no_pw";
+
 our $default_server_conf_args = "-c $cf{'def'} -a $cf{'def_access'} " .
     "-d $default_digest_file -p $default_pid_file";
 

test/tests/gpg_no_pw.pl

@@ -57,6 +57,28 @@
         'fw_rule_created' => $NEW_RULE_REQUIRED,
         'fw_rule_removed' => $NEW_RULE_REMOVED,
     },
+    {
+        'category' => 'GPG (no pw)',
+        'subcategory' => 'client+server',
+        'detail'   => '4096 enc key, 2048 signing subkey',
+        'function' => \&spa_cycle,
+        'cmdline'  => $client_gpg_server_4096_args_no_pw,
+        'fwknopd_cmdline' => "$fwknopdCmd -c $cf{'def'} " .
+            "-a $cf{'gpg_server_large_key_access'} $intf_str " .
+            "-d $default_digest_file -p $default_pid_file",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+    },
+    {
+        'category' => 'GPG (no pw)',
+        'subcategory' => 'client+server',
+        'detail'   => '4096 enc key, 4096 signing subkey',
+        'function' => \&spa_cycle,
+        'cmdline'  => $client_and_server_gpg_4096_args_no_pw,
+        'positive_output_matches' => [qr/FKO_ERROR_INVALID_DATA_ENCRYPT_GPG_RESULT_MSGLEN_VALIDFAIL/],
+        'function' => \&generic_exec,
+        'exec_err' => $YES,
+    },
 
     {
         'category' => 'GPG (no pw)',