diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2016-10-11 21:29:22 -0400 |
|---|---|---|
| committer | Brian C. Duggan <brian@bestpractical.com> | 2018-03-14 17:01:04 -0400 |
| commit | 31ba007b4de7d2979ce8573fc35cca28f1a13fba (patch) | |
| tree | c79766c9ea9a685057403f43fa8a9c224f01a1e4 /test | |
| parent | 8835cc5151e5a7b6a80a4f6655c3a8c75ae3c4ed (diff) | |
Test use of gpg without explicit passphrase (agent+pinentry)
The modern GnuPG suite encourages the use of gpg-agent to control
access to secret key material. In this use case, we avoid setting an
explicit passphrase in code, and rely on either a correctly-configured
and primed gpg-agent or a dedicated pinentry program to supply the
passphrase.
This additional test verifies that the passphrase can be handled by
the agent. Note that the passphrase for this additional test key is
*not* the default passphrase, so this test should fail in the event
that gpg can't use the agent and the pinentry for this task.
Unfortunately, this all assumes that we're using GnuPG "Modern". I've
noted concerns about writing forward- and backward-compatible bindings
for GnuPG here:
https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html
Diffstat (limited to 'test')
| -rw-r--r-- | test/encrypted.2.gpg | 12 | ||||
| -rwxr-xr-x | test/fake-pinentry.pl | 2 | ||||
| -rw-r--r-- | test/plain.2.txt | 1 |
3 files changed, 14 insertions, 1 deletions
diff --git a/test/encrypted.2.gpg b/test/encrypted.2.gpg new file mode 100644 index 0000000..105cbb3 --- /dev/null +++ b/test/encrypted.2.gpg @@ -0,0 +1,12 @@ +-----BEGIN PGP MESSAGE----- + +hQEMAw3NS2KuRB0PAQgAuCMQO6blPRIJZib+kDa51gac+BYPl8caXYTLqIHtiz2/ +YRVqePJON4lNAqT6qUksIzQHtejFO6tb1SLqgX9Ti+fKAMLrQw9VGOYaJFoRrTJs ++X33S4GHVVikRTu0dydAsekbfPSc2nRmTFUlSEV3psgAmg9xy8KA6cZroK9Xfcuh +xW7KLE0hLP+2NZ7zNmJMdu6LDGzvlQsnm1UeElXK8XdMGf8kA3R+GgeeOnR/oEQc +Uep77k/fLc+UV4fp9Dk1OBeg3Ko/irSaefk4mU7F4HmS8jIERHRvXBTiur1Zx8Nx +9U3fcQuc+P9+JC89iS4PJPF1Hr0MlezAghZYJrhOrtJIAe5Uaft5KMGRfy0VQnAs +MHqGnGtzzVWK6GK83ibgG4tTfPEHHIgNFsJf3rM4cWklUmCS9TeeDJJZfhnRA6+/ +X82e6OI7QNbO +=DlGE +-----END PGP MESSAGE----- diff --git a/test/fake-pinentry.pl b/test/fake-pinentry.pl index 12d3611..40b8b08 100755 --- a/test/fake-pinentry.pl +++ b/test/fake-pinentry.pl @@ -21,7 +21,7 @@ while (<STDIN>) { chomp; next if (/^$/); next if (/^#/); - print ("D test\n") if (/^getpin/i); + print ("D supercalifragilisticexpialidocious\n") if (/^getpin/i); print "OK\n"; exit if (/^bye/i); } diff --git a/test/plain.2.txt b/test/plain.2.txt new file mode 100644 index 0000000..da5a1d5 --- /dev/null +++ b/test/plain.2.txt @@ -0,0 +1 @@ +test message |