From 958a7cb4f23f5f826451556bfee539da7ce9581f Mon Sep 17 00:00:00 2001 From: intrigeri Date: Mon, 27 Apr 2015 11:23:13 +0200 Subject: Import libgnupg-interface-perl_0.52.orig.tar.gz [dgit import orig libgnupg-interface-perl_0.52.orig.tar.gz] --- Changes | 214 ++++++ MANIFEST | 70 ++ MANIFEST.SKIP | 66 ++ META.yml | 30 + Makefile.PL | 29 + README | 434 +++++++++++ SIGNATURE | 92 +++ inc/Module/Install.pm | 474 ++++++++++++ inc/Module/Install/Base.pm | 83 +++ inc/Module/Install/Can.pm | 154 ++++ inc/Module/Install/Fetch.pm | 93 +++ inc/Module/Install/Makefile.pm | 418 +++++++++++ inc/Module/Install/Metadata.pm | 722 ++++++++++++++++++ inc/Module/Install/ReadmeFromPod.pm | 138 ++++ inc/Module/Install/Win32.pm | 64 ++ inc/Module/Install/WriteAll.pm | 63 ++ lib/GnuPG/Fingerprint.pm | 93 +++ lib/GnuPG/Handles.pm | 185 +++++ lib/GnuPG/HashInit.pm | 12 + lib/GnuPG/Interface.pm | 1367 +++++++++++++++++++++++++++++++++++ lib/GnuPG/Key.pm | 272 +++++++ lib/GnuPG/Options.pm | 363 ++++++++++ lib/GnuPG/PrimaryKey.pm | 145 ++++ lib/GnuPG/PublicKey.pm | 53 ++ lib/GnuPG/Revoker.pm | 157 ++++ lib/GnuPG/SecretKey.pm | 53 ++ lib/GnuPG/Signature.pm | 169 +++++ lib/GnuPG/SubKey.pm | 107 +++ lib/GnuPG/UserAttribute.pm | 118 +++ lib/GnuPG/UserId.pm | 148 ++++ t/Fingerprint.t | 29 + t/Interface.t | 29 + t/MyTest.pm | 63 ++ t/MyTestSpecific.pm | 127 ++++ t/UserId.t | 28 + t/clearsign.t | 38 + t/decrypt.t | 60 ++ t/detach_sign.t | 38 + t/encrypt.t | 76 ++ t/encrypt_symmetrically.t | 39 + t/export_keys.t | 37 + t/get_public_keys.t | 222 ++++++ t/get_secret_keys.t | 75 ++ t/import_keys.t | 39 + t/list_public_keys.t | 76 ++ t/list_secret_keys.t | 79 ++ t/list_sigs.t | 71 ++ t/passphrase_handling.t | 62 ++ t/sign.t | 38 + t/sign_and_encrypt.t | 39 + t/verify.t | 39 + t/wrap_call.t | 59 ++ test/encrypted.1.gpg | 14 + test/key.1.asc | 29 + test/options | 2 + test/passphrase | 1 + test/plain.1.txt | 4 + test/public-keys-sigs/1.0.test | 28 + test/public-keys-sigs/1.1.test | 28 + test/public-keys-sigs/2.0.test | 9 + test/public-keys-sigs/2.1.test | 9 + test/public-keys/1.0.test | 12 + test/public-keys/1.1.test | 12 + test/public-keys/2.0.test | 4 + test/public-keys/2.1.test | 4 + test/pubring.gpg | Bin 0 -> 3418 bytes test/secret-keys/1.0.test | 7 + test/secret-keys/2.0.test | 4 + test/secring.gpg | Bin 0 -> 1241 bytes test/signed.1.asc | 11 + 70 files changed, 7927 insertions(+) create mode 100644 Changes create mode 100644 MANIFEST create mode 100644 MANIFEST.SKIP create mode 100644 META.yml create mode 100644 Makefile.PL create mode 100644 README create mode 100644 SIGNATURE create mode 100644 inc/Module/Install.pm create mode 100644 inc/Module/Install/Base.pm create mode 100644 inc/Module/Install/Can.pm create mode 100644 inc/Module/Install/Fetch.pm create mode 100644 inc/Module/Install/Makefile.pm create mode 100644 inc/Module/Install/Metadata.pm create mode 100644 inc/Module/Install/ReadmeFromPod.pm create mode 100644 inc/Module/Install/Win32.pm create mode 100644 inc/Module/Install/WriteAll.pm create mode 100644 lib/GnuPG/Fingerprint.pm create mode 100644 lib/GnuPG/Handles.pm create mode 100644 lib/GnuPG/HashInit.pm create mode 100644 lib/GnuPG/Interface.pm create mode 100644 lib/GnuPG/Key.pm create mode 100644 lib/GnuPG/Options.pm create mode 100644 lib/GnuPG/PrimaryKey.pm create mode 100644 lib/GnuPG/PublicKey.pm create mode 100644 lib/GnuPG/Revoker.pm create mode 100644 lib/GnuPG/SecretKey.pm create mode 100644 lib/GnuPG/Signature.pm create mode 100644 lib/GnuPG/SubKey.pm create mode 100644 lib/GnuPG/UserAttribute.pm create mode 100644 lib/GnuPG/UserId.pm create mode 100644 t/Fingerprint.t create mode 100644 t/Interface.t create mode 100644 t/MyTest.pm create mode 100644 t/MyTestSpecific.pm create mode 100644 t/UserId.t create mode 100644 t/clearsign.t create mode 100644 t/decrypt.t create mode 100644 t/detach_sign.t create mode 100644 t/encrypt.t create mode 100644 t/encrypt_symmetrically.t create mode 100644 t/export_keys.t create mode 100644 t/get_public_keys.t create mode 100644 t/get_secret_keys.t create mode 100644 t/import_keys.t create mode 100644 t/list_public_keys.t create mode 100644 t/list_secret_keys.t create mode 100644 t/list_sigs.t create mode 100644 t/passphrase_handling.t create mode 100644 t/sign.t create mode 100644 t/sign_and_encrypt.t create mode 100644 t/verify.t create mode 100644 t/wrap_call.t create mode 100644 test/encrypted.1.gpg create mode 100644 test/key.1.asc create mode 100644 test/options create mode 100644 test/passphrase create mode 100644 test/plain.1.txt create mode 100644 test/public-keys-sigs/1.0.test create mode 100644 test/public-keys-sigs/1.1.test create mode 100644 test/public-keys-sigs/2.0.test create mode 100644 test/public-keys-sigs/2.1.test create mode 100644 test/public-keys/1.0.test create mode 100644 test/public-keys/1.1.test create mode 100644 test/public-keys/2.0.test create mode 100644 test/public-keys/2.1.test create mode 100644 test/pubring.gpg create mode 100644 test/secret-keys/1.0.test create mode 100644 test/secret-keys/2.0.test create mode 100644 test/secring.gpg create mode 100644 test/signed.1.asc diff --git a/Changes b/Changes new file mode 100644 index 0000000..b42fd07 --- /dev/null +++ b/Changes @@ -0,0 +1,214 @@ +Revision history for GnuPG-Interface + +0.52 - 2016-02-16 + - Skip "grp" records, generated by GPG 2.1; this suppresses "unknown + record type" warnings + - Add explicit Fatal dependency; though nominally part of code perl, + RedHat's perl does not ship with it + - Ensure that the trustdb is created before attempting to encrypt; gpg2 + requires that it exist, even for commands with --trust-model=always. + See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751266 + +0.51 - 2014-12-17 + - Update README file + - Work around gpg2 bug by omitting --homedir during symmetric + encryption + +0.50 - 2014-03-14 + - Version 0.49 implicitly required Moose; switch to a technique that + does not + - Modernize CHANGES + +0.49 - 2014-03-13 + - Restore context-sensitive (array/arrayref) behavior of multiple array + methods from 0.46. + - Fix MANIFEST/.gitignore inconsistency + +0.48 - 2014-03-10 + - Switch from --always-trust to --trust-model=always + +0.47 - 2014-03-10 + - No changes from 0.47_02 + +0.47_02 - 2014-02-14 + - Remove a stray 'use Data::Dumper::Concise' added in 0.47_01 + +0.47_01 - 2014-01-27 + - Switch from Any::Moose to Moo + - Accept "gpg (GnuPG/MacGPG2)" as a valid gpg version + - Typo fixes in documentation + +0.46 - 2012-10-25 + - Add a ->search_keys method + - Add a ->version method + - Remove dead code for finding gnupg2 binary + +0.45 - 2011-10-26 + - Include trailing columns when parsing --fixed-list-mode output + +0.44 - 2011-05-02 + - Bump Math::BigInt dependency to get the new 'try GMP' syntax. + +0.43 - 2011-03-08 + - Stable release + +0.42_02 - 2010-06-05 + - Additional cleanups from dkg + +0.42_01 - 2010-05-10 + - GnuPG::Revoker: improve docs, compare() should fail if the signature + counts differ - dkg + - Handle revoker packets (rvk) - dkg + - Move compare() into GnuPG::Signature, got rid of + t/GnuPG/ComparableSignature.pm - dkg + - Move signature comparison into ComparableKey.pm instead of + ComparableSubKey.pm - dkg + - Move fingerprint comparison directly into GnuPG::Fingerprint - dkg + - Change around some variable names for consistency's sake: + $current_key becomes $current_primary_key + $current_fingerprinted_key becomes $current_key -dkg + - Fixed synopsis example in GnuPG::Signature pod - dkg + - Allow for primary key to have per-key (useful for signatures of class + 0x1f, see http://tools.ietf.org/html/rfc4880#section-5.2.1) - dkg + - Add revocations to keys and user ids and user attributes - dkg + - Add signature class and exportability to GnuPG::Signature - dkg + - Introduced GnuPG::UserAttribute to handle uat packets - dkg + - Actually check validity of signatures and report them - dkg + - Support more than 1 signature over each subkey - dkg + - Do not bother shipping test/random_seed - dkg + - Fix copy method of GnuPG::Options: + The result of not checking for definedness here is to never copy the + meta_immutable value successfully (as that is true by default). This led + to a FTBFS (failure to build from source) when running non-interactively. + See also: http://bugs.debian.org/549743 - Tim Retout + - Expose signature expiration times - dkg + - Take advantage of --fixed-list-mode and report timestamps at 1Hz + precision instead of daily precision - dkg + - Always use --fixed-list-mode for consistency and better granularity + of data - dkg + - Unescape strings to handle User IDs with colons in them - dkg + - Add usage_flags to keys - dkg + - Several doc patches from Daniel Kahn Gillmor + - Fix for documented typos reported by SYSMON Fixes rt.cpan.org#50377 + - Fix POD errors - alexmv + +0.42 - 2009-09-30 + - Support for GPG2 + +0.41_01 - 2009-09-25 + - Beginnings of support for GPG2 + +0.40_04 - 2009-04-21 + - Use Any::Moose instead of Moose for Mouse celerity (Sartak) + +0.40_1 - 2008-11-15 + - [rt.cpan.org #40963] Replace Class::MethodMaker with Moose (Chris + Prather) + +0.36 - 2007-08-13 + - [rt.cpan.org #28814] - Performance improvement from mehradek + (Radoslaw Zielinski) + -use English; + +use English qw( -no_match_vars ); + +0.35 - 2007-04-20 + - New Maintainer: Jesse Vincent took over + maintenance of this module. + - Removed test key expiry dates. (Fixes + http://rt.cpan.org/Ticket/Display.html?id=17618) + - Applied secret key output patch for modern GPG from + http://rt.cpan.org/Ticket/Display.html?id=17619 + - Applied patch to support 'tru' record types from + (http://search.cpan.org/src/JRED/Mail-GPG-1.0.6/patches/) + +0.34 - 2002-09-26 + - Documentation fixes. + +0.33 - 2002-06-14 + - Fixed a bug in GnuPG::Interface->import_keys() so that it doesn't + overwrite your 'command_args' anymore. Thanks to Peter Palfrader + for pointing this out. + +0.32 - 2002-06-11 + - Extended the expiration on the test keys another 4 years so that the + test suite works. + - Documentation fixes. + - Other small cleanups. + +0.31 - 2001-05-03 + - Fixed stalling test cases. + - Added deprecation support for fields of GnuPG::Interface::wrap_call + +0.30 - 2001-05-01 + - Re-worked inheritance tree so that GnuPG::SecretKey and + GnuPG::PublicKey are sub-classes of newly-added GnuPG::PrimaryKey. + - Tested with GnuPG 1.0.5. + - GnuPG::Fingerprint deprecate hex_data(), in favor of as_hex_string(). + - GnuPG::UserId deprecates user_id_string(), in favor of as_string(). + +0.20 - 2001-04-28 + - Fixes for running under Perl 5.6.0 (stdin, stdout, stderr + filehandling changed). Thanks to Paul Walmsley, + the_shag@users.sourceforge.net + - Fix testing so that it works with GnuPG 1.0.4h. + - Move a lot of testing code from inside the code to outside, so that + it doesn't need to be loaded along with normal usage. This might + help speed. + - License is now the same terms as perl itself. + - Don't ship with Class::MethodMaker + +0.11 - 2000-08-08 + - AutoLoader is now used correctly. + - GnuPG::Options->no_comment() is no longer exists, for clarity. (It + doesn't do what you think it does). + - GnuPG::Options->comment() will now only not cause a --comment option + to be used if it's value is undefined. This means you can do + $gnupg->options->comment( '' ) to prevent a comment from being used. + +0.10 - 2000-07-13 + - GnuPG::Interface should work fine with the recently- released GnuPG + 1.0.2. + - GnuPG::Handles objects can now handle reading or writing directly + from already-opened filehandles. This can allow a more 'natural' + approach to having GnuPG read and write directly to files, with the + exeption being that the user has to open these files beforehand. + - Documentation created to describe the new accessing of open + filehandle behaviour, and a FAQ started in GnuPG::Interface's docs. + - Major code cleanup and other small docs cleanup. + +0.09 - 2000-06-26 + - Using GnuPG::Handles which are meant to be dupes is now more viable + and documented. In particular, file descriptor numbers (properly + prefixed, according to the open() documentation) can be used. This + helps when using symbols and and object handles. + +0.08 - 2000-06-21 + - AutoLoader is now used; this may descrease compile-time. + - Changes so that testing on recent development versions of GnuPG + (namely 1.0.1e) works, or notably says that the error is occuring + because of GnuPG version differences. + +0.07 - 2000-05-25 + - BACKWARDS COMPATIBILITY issue: GnuPG::Options->meta_signing_key() now + expects an argument of type GnuPG::Object, instead of a scalar key + id. See the following note for more details. + - GnuPG::Options 'meta' methods that deal with keys arguments are more + consistent now. Meta methods that accept key ids are now appended + with _id(s); other meta methods that accept keys receive GnuPG::Key + objects. + + +0.06 - 2000-05-18 + - textmode option added to GnuPG::Options, and booleans of + GnuPG::Options now make use of Class::MethodMaker's boolean + usability. + +0.04 - 2000-04-26 + - This is a re-packaging release of 0.03. + +0.03 - 2000-04-25 + - Documenation fixes. + - GnuPG::Option meta-pgp5-compatibility bug fixed. + +0.01 - 2000-04-19 + - Initial release diff --git a/MANIFEST b/MANIFEST new file mode 100644 index 0000000..d331caf --- /dev/null +++ b/MANIFEST @@ -0,0 +1,70 @@ +Changes +inc/Module/Install.pm +inc/Module/Install/Base.pm +inc/Module/Install/Can.pm +inc/Module/Install/Fetch.pm +inc/Module/Install/Makefile.pm +inc/Module/Install/Metadata.pm +inc/Module/Install/ReadmeFromPod.pm +inc/Module/Install/Win32.pm +inc/Module/Install/WriteAll.pm +lib/GnuPG/Fingerprint.pm +lib/GnuPG/Handles.pm +lib/GnuPG/HashInit.pm +lib/GnuPG/Interface.pm +lib/GnuPG/Key.pm +lib/GnuPG/Options.pm +lib/GnuPG/PrimaryKey.pm +lib/GnuPG/PublicKey.pm +lib/GnuPG/Revoker.pm +lib/GnuPG/SecretKey.pm +lib/GnuPG/Signature.pm +lib/GnuPG/SubKey.pm +lib/GnuPG/UserAttribute.pm +lib/GnuPG/UserId.pm +Makefile.PL +MANIFEST This list of files +MANIFEST.SKIP +META.yml +README +SIGNATURE +t/clearsign.t +t/decrypt.t +t/detach_sign.t +t/encrypt.t +t/encrypt_symmetrically.t +t/export_keys.t +t/Fingerprint.t +t/get_public_keys.t +t/get_secret_keys.t +t/import_keys.t +t/Interface.t +t/list_public_keys.t +t/list_secret_keys.t +t/list_sigs.t +t/MyTest.pm +t/MyTestSpecific.pm +t/passphrase_handling.t +t/sign.t +t/sign_and_encrypt.t +t/UserId.t +t/verify.t +t/wrap_call.t +test/encrypted.1.gpg +test/key.1.asc +test/options +test/passphrase +test/plain.1.txt +test/public-keys-sigs/1.0.test +test/public-keys-sigs/1.1.test +test/public-keys-sigs/2.0.test +test/public-keys-sigs/2.1.test +test/public-keys/1.0.test +test/public-keys/1.1.test +test/public-keys/2.0.test +test/public-keys/2.1.test +test/pubring.gpg +test/secret-keys/1.0.test +test/secret-keys/2.0.test +test/secring.gpg +test/signed.1.asc diff --git a/MANIFEST.SKIP b/MANIFEST.SKIP new file mode 100644 index 0000000..0e5542f --- /dev/null +++ b/MANIFEST.SKIP @@ -0,0 +1,66 @@ + +#!start included /home/chmrr/prog/perlbrew/perls/perl-5.16.0/lib/5.16.0/ExtUtils/MANIFEST.SKIP +# Avoid version control files. +\bRCS\b +\bCVS\b +\bSCCS\b +,v$ +\B\.svn\b +\B\.git\b +\B\.gitignore\b +\b_darcs\b +\B\.cvsignore$ + +# Avoid VMS specific MakeMaker generated files +\bDescrip.MMS$ +\bDESCRIP.MMS$ +\bdescrip.mms$ + +# Avoid Makemaker generated and utility files. +\bMANIFEST\.bak +\bMakefile$ +\bblib/ +\bMakeMaker-\d +\bpm_to_blib\.ts$ +\bpm_to_blib$ +\bblibdirs\.ts$ # 6.18 through 6.25 generated this + +# Avoid Module::Build generated and utility files. +\bBuild$ +\b_build/ +\bBuild.bat$ +\bBuild.COM$ +\bBUILD.COM$ +\bbuild.com$ + +# Avoid temp and backup files. +~$ +\.old$ +\#$ +\b\.# +\.bak$ +\.tmp$ +\.# +\.rej$ + +# Avoid OS-specific files/dirs +# Mac OSX metadata +\B\.DS_Store +# Mac OSX SMB mount metadata files +\B\._ + +# Avoid Devel::Cover and Devel::CoverX::Covered files. +\bcover_db\b +\bcovered\b + +# Avoid MYMETA files +^MYMETA\. +#!end included /home/chmrr/prog/perlbrew/perls/perl-5.16.0/lib/5.16.0/ExtUtils/MANIFEST.SKIP + + +.shipit +.*\.tar\.gz +test/.*/.*\.out +test/random_seed +test/temp +test/trustdb.gpg diff --git a/META.yml b/META.yml new file mode 100644 index 0000000..c009b47 --- /dev/null +++ b/META.yml @@ -0,0 +1,30 @@ +--- +abstract: 'supply object methods for interacting with GnuPG' +author: + - 'Frank J. Tobin' +build_requires: + ExtUtils::MakeMaker: 6.36 +configure_requires: + ExtUtils::MakeMaker: 6.36 +distribution_type: module +dynamic_config: 1 +generated_by: 'Module::Install version 1.14' +license: perl +meta-spec: + url: http://module-build.sourceforge.net/META-spec-v1.4.html + version: 1.4 +name: GnuPG-Interface +no_index: + directory: + - inc + - t + - test +requires: + Fatal: 0 + Math::BigInt: '1.78' + Moo: '0.091011' + MooX::HandlesVia: '0.001004' + MooX::late: '0.014' +resources: + license: http://dev.perl.org/licenses/ +version: '0.52' diff --git a/Makefile.PL b/Makefile.PL new file mode 100644 index 0000000..38aca27 --- /dev/null +++ b/Makefile.PL @@ -0,0 +1,29 @@ +use strict; +use warnings; +use inc::Module::Install; + +print "which gpg ... "; +system("which", "gpg"); +die "gpg (GnuPG) not found" if ( $? != 0 ); + +my $output = `gpg --version`; +die "Can't determine gpg version" + unless $output =~ /^gpg \(GnuPG.*?\) (\d+\.\d+)/; +die "gpg (GnuPG) 1.4 or later is required" unless $1 >= 1.4; + + +author 'Frank J. Tobin'; +abstract 'supply object methods for interacting with GnuPG'; +name 'GnuPG-Interface'; +version_from 'lib/GnuPG/Interface.pm'; +readme_from 'lib/GnuPG/Interface.pm'; +requires 'Moo' => '0.091011'; +requires 'MooX::HandlesVia' => '0.001004'; +requires 'MooX::late' => '0.014'; +requires 'Math::BigInt' => '1.78'; +requires 'Fatal'; +license 'perl'; + + +sign(); +WriteAll(); diff --git a/README b/README new file mode 100644 index 0000000..fcb982a --- /dev/null +++ b/README @@ -0,0 +1,434 @@ +NAME + GnuPG::Interface - Perl interface to GnuPG + +SYNOPSIS + # A simple example + use IO::Handle; + use GnuPG::Interface; + + # settting up the situation + my $gnupg = GnuPG::Interface->new(); + $gnupg->options->hash_init( armor => 1, + homedir => '/home/foobar' ); + + # Note you can set the recipients even if you aren't encrypting! + $gnupg->options->push_recipients( 'ftobin@cpan.org' ); + $gnupg->options->meta_interactive( 0 ); + + # how we create some handles to interact with GnuPG + my $input = IO::Handle->new(); + my $output = IO::Handle->new(); + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output ); + + # Now we'll go about encrypting with the options already set + my @plaintext = ( 'foobar' ); + my $pid = $gnupg->encrypt( handles => $handles ); + + # Now we write to the input of GnuPG + print $input @plaintext; + close $input; + + # now we read the output + my @ciphertext = <$output>; + close $output; + + waitpid $pid, 0; + +DESCRIPTION + GnuPG::Interface and its associated modules are designed to provide an + object-oriented method for interacting with GnuPG, being able to perform + functions such as but not limited to encrypting, signing, decryption, + verification, and key-listing parsing. + + How Data Member Accessor Methods are Created + Each module in the GnuPG::Interface bundle relies on Moo to generate the + get/set methods used to set the object's data members. *This is very + important to realize.* This means that any data member which is a list + has special methods assigned to it for pushing, popping, and clearing + the list. + + Understanding Bidirectional Communication + It is also imperative to realize that this package uses interprocess + communication methods similar to those used in IPC::Open3 and + "Bidirectional Communication with Another Process" in perlipc, and that + users of this package need to understand how to use this method because + this package does not abstract these methods for the user greatly. This + package is not designed to abstract this away entirely (partly for + security purposes), but rather to simply help create 'proper', clean + calls to GnuPG, and to implement key-listing parsing. Please see + "Bidirectional Communication with Another Process" in perlipc to learn + how to deal with these methods. + + Using this package to do message processing generally invovlves creating + a GnuPG::Interface object, creating a GnuPG::Handles object, setting + some options in its options data member, and then calling a method which + invokes GnuPG, such as clearsign. One then interacts with with the + handles appropriately, as described in "Bidirectional Communication with + Another Process" in perlipc. + +OBJECT METHODS + Initialization Methods + new( *%initialization_args* ) + This methods creates a new object. The optional arguments are + initialization of data members. + + hash_init( *%args* ). + + Object Methods which use a GnuPG::Handles Object + list_public_keys( % ) + list_sigs( % ) + list_secret_keys( % ) + encrypt( % ) + encrypt_symmetrically( % ) + sign( % ) + clearsign( % ) + detach_sign( % ) + sign_and_encrypt( % ) + decrypt( % ) + verify( % ) + import_keys( % ) + export_keys( % ) + recv_keys( % ) + send_keys( % ) + search_keys( % ) + These methods each correspond directly to or are very similar to a + GnuPG command described in gpg. Each of these methods takes a hash, + which currently must contain a key of handles which has the value of + a GnuPG::Handles object. Another optional key is command_args which + should have the value of an array reference; these arguments will be + passed to GnuPG as command arguments. These command arguments are + used for such things as determining the keys to list in the + export_keys method. *Please note that GnuPG command arguments are + not the same as GnuPG options*. To understand what are options and + what are command arguments please read "COMMANDS" in gpg and + "OPTIONS" in gpg. + + Each of these calls returns the PID for the resulting GnuPG process. + One can use this PID in a "waitpid" call instead of a "wait" call if + more precise process reaping is needed. + + These methods will attach the handles specified in the handles + object to the running GnuPG object, so that bidirectional + communication can be established. That is, the optionally-defined + stdin, stdout, stderr, status, logger, and passphrase handles will + be attached to GnuPG's input, output, standard error, the handle + created by setting status-fd, the handle created by setting + logger-fd, and the handle created by setting passphrase-fd + respectively. This tying of handles of similar to the process done + in *IPC::Open3*. + + If you want the GnuPG process to read or write directly to an + already-opened filehandle, you cannot do this via the normal + *IPC::Open3* mechanisms. In order to accomplish this, set the + appropriate handles data member to the already-opened filehandle, + and then set the option direct to be true for that handle, as + described in "options" in GnuPG::Handles. For example, to have GnuPG + read from the file input.txt and write to output.txt, the following + snippet may do: + + my $infile = IO::File->new( 'input.txt' ); + my $outfile = IO::File->new( '>output.txt' ); + my $handles = GnuPG::Handles->new( stdin => $infile, + stdout => $outfile, + ); + $handles->options( 'stdin' )->{direct} = 1; + $handles->options( 'stdout' )->{direct} = 1; + + If any handle in the handles object is not defined, GnuPG's input, + output, and standard error will be tied to the running program's + standard error, standard output, or standard error. If the status or + logger handle is not defined, this channel of communication is never + established with GnuPG, and so this information is not generated and + does not come into play. If the passphrase data member handle of the + handles object is not defined, but the the passphrase data member + handle of GnuPG::Interface object is, GnuPG::Interface will handle + passing this information into GnuPG for the user as a convience. + Note that this will result in GnuPG::Interface storing the + passphrase in memory, instead of having it simply 'pass-through' to + GnuPG via a handle. + + Other Methods + get_public_keys( @search_strings ) + get_secret_keys( @search_strings ) + get_public_keys_with_sigs( @search_strings ) + These methods create and return objects of the type GnuPG::PublicKey + or GnuPG::SecretKey respectively. This is done by parsing the output + of GnuPG with the option with-colons enabled. The objects created do + or do not have signature information stored in them, depending if + the method ends in *_sigs*; this separation of functionality is + there because of performance hits when listing information with + signatures. + + test_default_key_passphrase() + This method will return a true or false value, depending on whether + GnuPG reports a good passphrase was entered while signing a short + message using the values of the passphrase data member, and the + default key specified in the options data member. + + version() + Returns the version of GnuPG that GnuPG::Interface is running. + +Invoking GnuPG with a custom call + GnuPG::Interface attempts to cover a lot of the commands of GnuPG that + one would want to perform; however, there may be a lot more calls that + GnuPG is and will be capable of, so a generic command interface is + provided, "wrap_call". + + wrap_call( %args ) + Call GnuPG with a custom command. The %args hash must contain at + least the following keys: + + commands + The value of this key in the hash must be a reference to a a + list of commands for GnuPG, such as "[ qw( --encrypt --sign ) + ]". + + handles + As with most other GnuPG::Interface methods, handles must be a + GnuPG::Handles object. + + The following keys are optional. + + command_args + As with other GnuPG::Interface methods, the value in hash for + this key must be a reference to a list of arguments to be passed + to the GnuPG command, such as which keys to list in a + key-listing. + +OBJECT DATA MEMBERS + call + This defines the call made to invoke GnuPG. Defaults to 'gpg'; this + should be changed if 'gpg' is not in your path, or there is a + different name for the binary on your system. + + passphrase + In order to lessen the burden of using handles by the user of this + package, setting this option to one's passphrase for a secret key + will allow the package to enter the passphrase via a handle to GnuPG + by itself instead of leaving this to the user. See also "passphrase" + in GnuPG::Handles. + + options + This data member, of the type GnuPG::Options; the setting stored in + this data member are used to determine the options used when calling + GnuPG via *any* of the object methods described in this package. See + GnuPG::Options for more information. + +EXAMPLES + The following setup can be done before any of the following examples: + + use IO::Handle; + use GnuPG::Interface; + + my @original_plaintext = ( "How do you doo?" ); + my $passphrase = "Three Little Pigs"; + + my $gnupg = GnuPG::Interface->new(); + + $gnupg->options->hash_init( armor => 1, + recipients => [ 'ftobin@uiuc.edu', + '0xABCD1234' ], + meta_interactive => 0 , + ); + + Encrypting + # We'll let the standard error of GnuPG pass through + # to our own standard error, by not creating + # a stderr-part of the $handles object. + my ( $input, $output ) = ( IO::Handle->new(), + IO::Handle->new() ); + + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output ); + + # this sets up the communication + # Note that the recipients were specified earlier + # in the 'options' data member of the $gnupg object. + my $pid = $gnupg->encrypt( handles => $handles ); + + # this passes in the plaintext + print $input @original_plaintext; + + # this closes the communication channel, + # indicating we are done + close $input; + + my @ciphertext = <$output>; # reading the output + + waitpid $pid, 0; # clean up the finished GnuPG process + + Signing + # This time we'll catch the standard error for our perusing + my ( $input, $output, $error ) = ( IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + ); + + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output, + stderr => $error, + ); + + # indicate our pasphrase through the + # convience method + $gnupg->passphrase( $passphrase ); + + # this sets up the communication + my $pid = $gnupg->sign( handles => $handles ); + + # this passes in the plaintext + print $input @original_plaintext; + + # this closes the communication channel, + # indicating we are done + close $input; + + my @ciphertext = <$output>; # reading the output + my @error_output = <$error>; # reading the error + + close $output; + close $error; + + waitpid $pid, 0; # clean up the finished GnuPG process + + Decryption + # This time we'll catch the standard error for our perusing + # as well as passing in the passphrase manually + # as well as the status information given by GnuPG + my ( $input, $output, $error, $passphrase_fh, $status_fh ) + = ( IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + ); + + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output, + stderr => $error, + passphrase => $passphrase_fh, + status => $status_fh, + ); + + # this time we'll also demonstrate decrypting + # a file written to disk + # Make sure you "use IO::File" if you use this module! + my $cipher_file = IO::File->new( 'encrypted.gpg' ); + + # this sets up the communication + my $pid = $gnupg->decrypt( handles => $handles ); + + # This passes in the passphrase + print $passphrase_fh $passphrase; + close $passphrase_fh; + + # this passes in the plaintext + print $input $_ while <$cipher_file>; + + # this closes the communication channel, + # indicating we are done + close $input; + close $cipher_file; + + my @plaintext = <$output>; # reading the output + my @error_output = <$error>; # reading the error + my @status_info = <$status_fh>; # read the status info + + # clean up... + close $output; + close $error; + close $status_fh; + + waitpid $pid, 0; # clean up the finished GnuPG process + + Printing Keys + # This time we'll just let GnuPG print to our own output + # and read from our input, because no input is needed! + my $handles = GnuPG::Handles->new(); + + my @ids = ( 'ftobin', '0xABCD1234' ); + + # this time we need to specify something for + # command_args because --list-public-keys takes + # search ids as arguments + my $pid = $gnupg->list_public_keys( handles => $handles, + command_args => [ @ids ] ); + + waitpid $pid, 0; + + Creating GnuPG::PublicKey Objects + my @ids = [ 'ftobin', '0xABCD1234' ]; + + my @keys = $gnupg->get_public_keys( @ids ); + + # no wait is required this time; it's handled internally + # since the entire call is encapsulated + + Custom GnuPG call + # assuming $handles is a GnuPG::Handles object + my $pid = $gnupg->wrap_call + ( commands => [ qw( --list-packets ) ], + command_args => [ qw( test/key.1.asc ) ], + handles => $handles, + ); + + my @out = <$handles->stdout()>; + waitpid $pid, 0; + +FAQ + How do I get GnuPG::Interface to read/write directly from a filehandle? + You need to set GnuPG::Handles direct option to be true for the + filehandles in concern. See "options" in GnuPG::Handles and "Object + Methods which use a GnuPG::Handles Object" for more information. + + Why do you make it so difficult to get GnuPG to write/read from a + filehandle? In the shell, I can just call GnuPG with the --outfile + option! + There are lots of issues when trying to tell GnuPG to read/write + directly from a file, such as if the file isn't there, or there is a + file, and you want to write over it! What do you want to happen + then? Having the user of this module handle these questions + beforehand by opening up filehandles to GnuPG lets the user know + fully what is going to happen in these circumstances, and makes the + module less error-prone. + + When having GnuPG process a large message, sometimes it just hanges + there. + Your problem may be due to buffering issues; when GnuPG reads/writes + to non-direct filehandles (those that are sent to filehandles which + you read to from into memory, not that those access the disk), + buffering issues can mess things up. I recommend looking into + "options" in GnuPG::Handles. + +NOTES + This package is the successor to PGP::GPG::MessageProcessor, which I + found to be too inextensible to carry on further. A total redesign was + needed, and this is the resulting work. + + After any call to a GnuPG-command method of GnuPG::Interface in which + one passes in the handles, one should all wait to clean up GnuPG from + the process table. + +BUGS + Currently there are problems when transmitting large quantities of + information over handles; I'm guessing this is due to buffering issues. + This bug does not seem specific to this package; IPC::Open3 also appears + affected. + + I don't know yet how well this modules handles parsing OpenPGP v3 keys. + +SEE ALSO + GnuPG::Options, GnuPG::Handles, GnuPG::PublicKey, GnuPG::SecretKey, gpg, + "Bidirectional Communication with Another Process" in perlipc + +LICENSE + This module is free software; you can redistribute it and/or modify it + under the same terms as Perl itself. + +AUTHOR + GnuPg::Interface is currently maintained by Jesse Vincent + . + + Frank J. Tobin, ftobin@cpan.org was the original author of the package. + diff --git a/SIGNATURE b/SIGNATURE new file mode 100644 index 0000000..8875d2b --- /dev/null +++ b/SIGNATURE @@ -0,0 +1,92 @@ +This file contains message digests of all files listed in MANIFEST, +signed via the Module::Signature module, version 0.73. + +To verify the content in this distribution, first make sure you have +Module::Signature installed, then type: + + % cpansign -v + +It will check each file's integrity, as well as the signature's +validity. If "==> Signature verified OK! <==" is not displayed, +the distribution may already have been compromised, and you should +not run its Makefile.PL or Build.PL. + +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +SHA1 e890ff9e89a43f20c7bbe6501ca9eee9e0a34cc5 Changes +SHA1 53b4359060763a93e39261003c33f21ee78ca263 MANIFEST +SHA1 01aaeb25c70093c04dd0b27f8619332393830652 MANIFEST.SKIP +SHA1 045613a39cbe7175a8aed8aea6442e7bfce202c1 META.yml +SHA1 86643cffc4d799993109646b1d7e2e9bac64cdf7 Makefile.PL +SHA1 429370a90369dce9cc5e1ba9f820406f0f0ca8d4 README +SHA1 d2664c57b65686abbfbbe1e71229761625be4922 inc/Module/Install.pm +SHA1 da41a8d9904f7b409b49a5f6c338d3eb305a2b4b inc/Module/Install/Base.pm +SHA1 0db0afe19cd298abba248fa089e5525bd5ab3ab6 inc/Module/Install/Can.pm +SHA1 e7152bfd5ca67d0e33f96d09c59d600bca5c1f15 inc/Module/Install/Fetch.pm +SHA1 29ee1cb0dc262b00983e3a2f5cf00b538dff5069 inc/Module/Install/Makefile.pm +SHA1 e963f80cfe255f16e55067d1feb6841cff3ed2fe inc/Module/Install/Metadata.pm +SHA1 79f5b4199f622e8b05aac266b0c39f6a85bb303f inc/Module/Install/ReadmeFromPod.pm +SHA1 65a1f09af1f4f9e47a98b6b45667c328b1b2f9c0 inc/Module/Install/Win32.pm +SHA1 f191c49475b3f51775180cd4f7e41e3bdab7f85a inc/Module/Install/WriteAll.pm +SHA1 d1cf614274e3b01254379758123b75034e1d2e80 lib/GnuPG/Fingerprint.pm +SHA1 9508207dbd2a4b36a38e08b72f39fc4d26c49615 lib/GnuPG/Handles.pm +SHA1 b2fe771ca9a1d719b222013e08b93ab57f7452e8 lib/GnuPG/HashInit.pm +SHA1 1258ef1ec5e9586d48809ba53139c58373289d66 lib/GnuPG/Interface.pm +SHA1 41cc5278e62c3298248cefbd27179d0322e65011 lib/GnuPG/Key.pm +SHA1 c5a7cc8c23f009fee6f615c2e5966c4d0336ab5c lib/GnuPG/Options.pm +SHA1 c6a1f74f35c4f2ea0dfc163202fa1c650acf6d2d lib/GnuPG/PrimaryKey.pm +SHA1 a38e294729aac733fafcf9d7e4b7ef5fcb50e685 lib/GnuPG/PublicKey.pm +SHA1 4b917013b36c4e66bdf3ae27cc8e056c9bd6be64 lib/GnuPG/Revoker.pm +SHA1 3dbf6667b73b61dff5bc8db30b6dd81415297c09 lib/GnuPG/SecretKey.pm +SHA1 f19dfa77fd83fcc520aa2246318b359c0ba844cd lib/GnuPG/Signature.pm +SHA1 3267654e96c0fbe6805c466f193e92c5cd8a5e5b lib/GnuPG/SubKey.pm +SHA1 acfec9fd5e879711280d5ac8ebfd667fde8d4f1e lib/GnuPG/UserAttribute.pm +SHA1 d70a9e4c89b2fe445c733dc9c177d62cc9f44826 lib/GnuPG/UserId.pm +SHA1 367fdb308292a9c005afffef49ff9096a20a4da3 t/Fingerprint.t +SHA1 8791d014e4efd4cf11998386e1651cc4eb16dd26 t/Interface.t +SHA1 980fcd5a1d302e65cc2414be96d5f3a4266e8308 t/MyTest.pm +SHA1 e12da2a4da6d98e80d91278790eca9dc82e610ee t/MyTestSpecific.pm +SHA1 ccd942d9f00627253d7eb9c011116dc5671639b8 t/UserId.t +SHA1 e2e53ab9458c61d32b973a16d32573a954e13769 t/clearsign.t +SHA1 6808b2b88bb2f1aa9398d7bb32993ae679cf869c t/decrypt.t +SHA1 b828dfb74321c117264b4418cf57d2da3d96f7c4 t/detach_sign.t +SHA1 194562685ecfe0ba09b8238bbd6b86f0bd6f9d7d t/encrypt.t +SHA1 2d8d00e2bd767c658c2a795ec970398af3c87ebe t/encrypt_symmetrically.t +SHA1 8d3cf3e7433e59c393193ae7df4ef16b094e3f96 t/export_keys.t +SHA1 02f4685776d8556fafc88644ff51677ce6b4b4c6 t/get_public_keys.t +SHA1 a0c8a3a1b653593b96ad511d2b348acf84411501 t/get_secret_keys.t +SHA1 5a4cbcdac983766a60f5f25db20bf81f251c9b3a t/import_keys.t +SHA1 7d4b60343a07ab530adbfc02acc3212463a46190 t/list_public_keys.t +SHA1 489784ddcc8c1baf5857bb535394935f0472c7f5 t/list_secret_keys.t +SHA1 10b57083d7767a6d13285e18449bb37333cd9676 t/list_sigs.t +SHA1 07a602cbb5a78518cd4cccfb7007e80564a19e1e t/passphrase_handling.t +SHA1 99c53aa0a919cbf16cba74be84c6cff3af0cd097 t/sign.t +SHA1 8b6aec0a94d6ac5a0d40dffc52cc2a21a9c934e8 t/sign_and_encrypt.t +SHA1 cabbf4e667027f9bb7958673bc9b8be2d1577e29 t/verify.t +SHA1 8fd17bc4ad8ac4c4357503edfe2d1a952a44c28b t/wrap_call.t +SHA1 58f58338a2922798c59c5e852bd0110541f27e2d test/encrypted.1.gpg +SHA1 b012a47f295ee9dcc955560b9a78c0ad3a61e137 test/key.1.asc +SHA1 1290379acadab2cc713d659c7c3feff2b0923f75 test/options +SHA1 4e1243bd22c66e76c2ba9eddc1f91394e57f9f83 test/passphrase +SHA1 59c0e6436b38645144d17ce11ac4aabfdd43e960 test/plain.1.txt +SHA1 7d94ea032bdbb0104c1dc73583ec64ade6294495 test/public-keys-sigs/1.0.test +SHA1 63d93054decf9ff6c2dc99eb03f131b55af4ee43 test/public-keys-sigs/1.1.test +SHA1 bd9892a93f802c68109b11b756f79f6b0292eb1a test/public-keys-sigs/2.0.test +SHA1 73d90696020a01753cda984262a2831dcc6ac0d7 test/public-keys-sigs/2.1.test +SHA1 82d483adc6d203c79856a70dd259370f6efdeef7 test/public-keys/1.0.test +SHA1 86056ad37b8bb67d55ac61b5d5a27ac4bbd1cceb test/public-keys/1.1.test +SHA1 a8e97a2439671dae0dd29a2404c321ccb686ba7a test/public-keys/2.0.test +SHA1 54d2c13bf3b73b7582edef091175dfe3763ddf59 test/public-keys/2.1.test +SHA1 4349906c08f65af3b13e7b441ac4dd2e637bfeae test/pubring.gpg +SHA1 e740841597775e3da265ec14e411ed0432bae5e2 test/secret-keys/1.0.test +SHA1 3bd6135279f9ae23e32680707c6170910421e5de test/secret-keys/2.0.test +SHA1 9ce5508cd8cefadc4c9bf2842864b52e87b1826e test/secring.gpg +SHA1 981418a80bf7dab91b63608cfd1ddf5091f89ad7 test/signed.1.asc +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (GNU/Linux) + +iEYEARECAAYFAlTioEQACgkQMflWJZZAbqAlGwCcDi0uU+q3nG9DQqg/1nQLdUxa +BVsAn1DqJdBvYqKtHr/XWn6T0Km0dLBp +=6yHK +-----END PGP SIGNATURE----- diff --git a/inc/Module/Install.pm b/inc/Module/Install.pm new file mode 100644 index 0000000..ff767fa --- /dev/null +++ b/inc/Module/Install.pm @@ -0,0 +1,474 @@ +#line 1 +package Module::Install; + +# For any maintainers: +# The load order for Module::Install is a bit magic. +# It goes something like this... +# +# IF ( host has Module::Install installed, creating author mode ) { +# 1. Makefile.PL calls "use inc::Module::Install" +# 2. $INC{inc/Module/Install.pm} set to installed version of inc::Module::Install +# 3. The installed version of inc::Module::Install loads +# 4. inc::Module::Install calls "require Module::Install" +# 5. The ./inc/ version of Module::Install loads +# } ELSE { +# 1. Makefile.PL calls "use inc::Module::Install" +# 2. $INC{inc/Module/Install.pm} set to ./inc/ version of Module::Install +# 3. The ./inc/ version of Module::Install loads +# } + +use 5.006; +use strict 'vars'; +use Cwd (); +use File::Find (); +use File::Path (); + +use vars qw{$VERSION $MAIN}; +BEGIN { + # All Module::Install core packages now require synchronised versions. + # This will be used to ensure we don't accidentally load old or + # different versions of modules. + # This is not enforced yet, but will be some time in the next few + # releases once we can make sure it won't clash with custom + # Module::Install extensions. + $VERSION = '1.14'; + + # Storage for the pseudo-singleton + $MAIN = undef; + + *inc::Module::Install::VERSION = *VERSION; + @inc::Module::Install::ISA = __PACKAGE__; + +} + +sub import { + my $class = shift; + my $self = $class->new(@_); + my $who = $self->_caller; + + #------------------------------------------------------------- + # all of the following checks should be included in import(), + # to allow "eval 'require Module::Install; 1' to test + # installation of Module::Install. (RT #51267) + #------------------------------------------------------------- + + # Whether or not inc::Module::Install is actually loaded, the + # $INC{inc/Module/Install.pm} is what will still get set as long as + # the caller loaded module this in the documented manner. + # If not set, the caller may NOT have loaded the bundled version, and thus + # they may not have a MI version that works with the Makefile.PL. This would + # result in false errors or unexpected behaviour. And we don't want that. + my $file = join( '/', 'inc', split /::/, __PACKAGE__ ) . '.pm'; + unless ( $INC{$file} ) { die <<"END_DIE" } + +Please invoke ${\__PACKAGE__} with: + + use inc::${\__PACKAGE__}; + +not: + + use ${\__PACKAGE__}; + +END_DIE + + # This reportedly fixes a rare Win32 UTC file time issue, but + # as this is a non-cross-platform XS module not in the core, + # we shouldn't really depend on it. See RT #24194 for detail. + # (Also, this module only supports Perl 5.6 and above). + eval "use Win32::UTCFileTime" if $^O eq 'MSWin32' && $] >= 5.006; + + # If the script that is loading Module::Install is from the future, + # then make will detect this and cause it to re-run over and over + # again. This is bad. Rather than taking action to touch it (which + # is unreliable on some platforms and requires write permissions) + # for now we should catch this and refuse to run. + if ( -f $0 ) { + my $s = (stat($0))[9]; + + # If the modification time is only slightly in the future, + # sleep briefly to remove the problem. + my $a = $s - time; + if ( $a > 0 and $a < 5 ) { sleep 5 } + + # Too far in the future, throw an error. + my $t = time; + if ( $s > $t ) { die <<"END_DIE" } + +Your installer $0 has a modification time in the future ($s > $t). + +This is known to create infinite loops in make. + +Please correct this, then run $0 again. + +END_DIE + } + + + # Build.PL was formerly supported, but no longer is due to excessive + # difficulty in implementing every single feature twice. + if ( $0 =~ /Build.PL$/i ) { die <<"END_DIE" } + +Module::Install no longer supports Build.PL. + +It was impossible to maintain duel backends, and has been deprecated. + +Please remove all Build.PL files and only use the Makefile.PL installer. + +END_DIE + + #------------------------------------------------------------- + + # To save some more typing in Module::Install installers, every... + # use inc::Module::Install + # ...also acts as an implicit use strict. + $^H |= strict::bits(qw(refs subs vars)); + + #------------------------------------------------------------- + + unless ( -f $self->{file} ) { + foreach my $key (keys %INC) { + delete $INC{$key} if $key =~ /Module\/Install/; + } + + local $^W; + require "$self->{path}/$self->{dispatch}.pm"; + File::Path::mkpath("$self->{prefix}/$self->{author}"); + $self->{admin} = "$self->{name}::$self->{dispatch}"->new( _top => $self ); + $self->{admin}->init; + @_ = ($class, _self => $self); + goto &{"$self->{name}::import"}; + } + + local $^W; + *{"${who}::AUTOLOAD"} = $self->autoload; + $self->preload; + + # Unregister loader and worker packages so subdirs can use them again + delete $INC{'inc/Module/Install.pm'}; + delete $INC{'Module/Install.pm'}; + + # Save to the singleton + $MAIN = $self; + + return 1; +} + +sub autoload { + my $self = shift; + my $who = $self->_caller; + my $cwd = Cwd::getcwd(); + my $sym = "${who}::AUTOLOAD"; + $sym->{$cwd} = sub { + my $pwd = Cwd::getcwd(); + if ( my $code = $sym->{$pwd} ) { + # Delegate back to parent dirs + goto &$code unless $cwd eq $pwd; + } + unless ($$sym =~ s/([^:]+)$//) { + # XXX: it looks like we can't retrieve the missing function + # via $$sym (usually $main::AUTOLOAD) in this case. + # I'm still wondering if we should slurp Makefile.PL to + # get some context or not ... + my ($package, $file, $line) = caller; + die <<"EOT"; +Unknown function is found at $file line $line. +Execution of $file aborted due to runtime errors. + +If you're a contributor to a project, you may need to install +some Module::Install extensions from CPAN (or other repository). +If you're a user of a module, please contact the author. +EOT + } + my $method = $1; + if ( uc($method) eq $method ) { + # Do nothing + return; + } elsif ( $method =~ /^_/ and $self->can($method) ) { + # Dispatch to the root M:I class + return $self->$method(@_); + } + + # Dispatch to the appropriate plugin + unshift @_, ( $self, $1 ); + goto &{$self->can('call')}; + }; +} + +sub preload { + my $self = shift; + unless ( $self->{extensions} ) { + $self->load_extensions( + "$self->{prefix}/$self->{path}", $self + ); + } + + my @exts = @{$self->{extensions}}; + unless ( @exts ) { + @exts = $self->{admin}->load_all_extensions; + } + + my %seen; + foreach my $obj ( @exts ) { + while (my ($method, $glob) = each %{ref($obj) . '::'}) { + next unless $obj->can($method); + next if $method =~ /^_/; + next if $method eq uc($method); + $seen{$method}++; + } + } + + my $who = $self->_caller; + foreach my $name ( sort keys %seen ) { + local $^W; + *{"${who}::$name"} = sub { + ${"${who}::AUTOLOAD"} = "${who}::$name"; + goto &{"${who}::AUTOLOAD"}; + }; + } +} + +sub new { + my ($class, %args) = @_; + + delete $INC{'FindBin.pm'}; + { + # to suppress the redefine warning + local $SIG{__WARN__} = sub {}; + require FindBin; + } + + # ignore the prefix on extension modules built from top level. + my $base_path = Cwd::abs_path($FindBin::Bin); + unless ( Cwd::abs_path(Cwd::getcwd()) eq $base_path ) { + delete $args{prefix}; + } + return $args{_self} if $args{_self}; + + $args{dispatch} ||= 'Admin'; + $args{prefix} ||= 'inc'; + $args{author} ||= ($^O eq 'VMS' ? '_author' : '.author'); + $args{bundle} ||= 'inc/BUNDLES'; + $args{base} ||= $base_path; + $class =~ s/^\Q$args{prefix}\E:://; + $args{name} ||= $class; + $args{version} ||= $class->VERSION; + unless ( $args{path} ) { + $args{path} = $args{name}; + $args{path} =~ s!::!/!g; + } + $args{file} ||= "$args{base}/$args{prefix}/$args{path}.pm"; + $args{wrote} = 0; + + bless( \%args, $class ); +} + +sub call { + my ($self, $method) = @_; + my $obj = $self->load($method) or return; + splice(@_, 0, 2, $obj); + goto &{$obj->can($method)}; +} + +sub load { + my ($self, $method) = @_; + + $self->load_extensions( + "$self->{prefix}/$self->{path}", $self + ) unless $self->{extensions}; + + foreach my $obj (@{$self->{extensions}}) { + return $obj if $obj->can($method); + } + + my $admin = $self->{admin} or die <<"END_DIE"; +The '$method' method does not exist in the '$self->{prefix}' path! +Please remove the '$self->{prefix}' directory and run $0 again to load it. +END_DIE + + my $obj = $admin->load($method, 1); + push @{$self->{extensions}}, $obj; + + $obj; +} + +sub load_extensions { + my ($self, $path, $top) = @_; + + my $should_reload = 0; + unless ( grep { ! ref $_ and lc $_ eq lc $self->{prefix} } @INC ) { + unshift @INC, $self->{prefix}; + $should_reload = 1; + } + + foreach my $rv ( $self->find_extensions($path) ) { + my ($file, $pkg) = @{$rv}; + next if $self->{pathnames}{$pkg}; + + local $@; + my $new = eval { local $^W; require $file; $pkg->can('new') }; + unless ( $new ) { + warn $@ if $@; + next; + } + $self->{pathnames}{$pkg} = + $should_reload ? delete $INC{$file} : $INC{$file}; + push @{$self->{extensions}}, &{$new}($pkg, _top => $top ); + } + + $self->{extensions} ||= []; +} + +sub find_extensions { + my ($self, $path) = @_; + + my @found; + File::Find::find( sub { + my $file = $File::Find::name; + return unless $file =~ m!^\Q$path\E/(.+)\.pm\Z!is; + my $subpath = $1; + return if lc($subpath) eq lc($self->{dispatch}); + + $file = "$self->{path}/$subpath.pm"; + my $pkg = "$self->{name}::$subpath"; + $pkg =~ s!/!::!g; + + # If we have a mixed-case package name, assume case has been preserved + # correctly. Otherwise, root through the file to locate the case-preserved + # version of the package name. + if ( $subpath eq lc($subpath) || $subpath eq uc($subpath) ) { + my $content = Module::Install::_read($subpath . '.pm'); + my $in_pod = 0; + foreach ( split /\n/, $content ) { + $in_pod = 1 if /^=\w/; + $in_pod = 0 if /^=cut/; + next if ($in_pod || /^=cut/); # skip pod text + next if /^\s*#/; # and comments + if ( m/^\s*package\s+($pkg)\s*;/i ) { + $pkg = $1; + last; + } + } + } + + push @found, [ $file, $pkg ]; + }, $path ) if -d $path; + + @found; +} + + + + + +##################################################################### +# Common Utility Functions + +sub _caller { + my $depth = 0; + my $call = caller($depth); + while ( $call eq __PACKAGE__ ) { + $depth++; + $call = caller($depth); + } + return $call; +} + +# Done in evals to avoid confusing Perl::MinimumVersion +eval( $] >= 5.006 ? <<'END_NEW' : <<'END_OLD' ); die $@ if $@; +sub _read { + local *FH; + open( FH, '<', $_[0] ) or die "open($_[0]): $!"; + binmode FH; + my $string = do { local $/; }; + close FH or die "close($_[0]): $!"; + return $string; +} +END_NEW +sub _read { + local *FH; + open( FH, "< $_[0]" ) or die "open($_[0]): $!"; + binmode FH; + my $string = do { local $/; }; + close FH or die "close($_[0]): $!"; + return $string; +} +END_OLD + +sub _readperl { + my $string = Module::Install::_read($_[0]); + $string =~ s/(?:\015{1,2}\012|\015|\012)/\n/sg; + $string =~ s/(\n)\n*__(?:DATA|END)__\b.*\z/$1/s; + $string =~ s/\n\n=\w+.+?\n\n=cut\b.+?\n+/\n\n/sg; + return $string; +} + +sub _readpod { + my $string = Module::Install::_read($_[0]); + $string =~ s/(?:\015{1,2}\012|\015|\012)/\n/sg; + return $string if $_[0] =~ /\.pod\z/; + $string =~ s/(^|\n=cut\b.+?\n+)[^=\s].+?\n(\n=\w+|\z)/$1$2/sg; + $string =~ s/\n*=pod\b[^\n]*\n+/\n\n/sg; + $string =~ s/\n*=cut\b[^\n]*\n+/\n\n/sg; + $string =~ s/^\n+//s; + return $string; +} + +# Done in evals to avoid confusing Perl::MinimumVersion +eval( $] >= 5.006 ? <<'END_NEW' : <<'END_OLD' ); die $@ if $@; +sub _write { + local *FH; + open( FH, '>', $_[0] ) or die "open($_[0]): $!"; + binmode FH; + foreach ( 1 .. $#_ ) { + print FH $_[$_] or die "print($_[0]): $!"; + } + close FH or die "close($_[0]): $!"; +} +END_NEW +sub _write { + local *FH; + open( FH, "> $_[0]" ) or die "open($_[0]): $!"; + binmode FH; + foreach ( 1 .. $#_ ) { + print FH $_[$_] or die "print($_[0]): $!"; + } + close FH or die "close($_[0]): $!"; +} +END_OLD + +# _version is for processing module versions (eg, 1.03_05) not +# Perl versions (eg, 5.8.1). +sub _version { + my $s = shift || 0; + my $d =()= $s =~ /(\.)/g; + if ( $d >= 2 ) { + # Normalise multipart versions + $s =~ s/(\.)(\d{1,3})/sprintf("$1%03d",$2)/eg; + } + $s =~ s/^(\d+)\.?//; + my $l = $1 || 0; + my @v = map { + $_ . '0' x (3 - length $_) + } $s =~ /(\d{1,3})\D?/g; + $l = $l . '.' . join '', @v if @v; + return $l + 0; +} + +sub _cmp { + _version($_[1]) <=> _version($_[2]); +} + +# Cloned from Params::Util::_CLASS +sub _CLASS { + ( + defined $_[0] + and + ! ref $_[0] + and + $_[0] =~ m/^[^\W\d]\w*(?:::\w+)*\z/s + ) ? $_[0] : undef; +} + +1; + +# Copyright 2008 - 2012 Adam Kennedy. diff --git a/inc/Module/Install/Base.pm b/inc/Module/Install/Base.pm new file mode 100644 index 0000000..4206347 --- /dev/null +++ b/inc/Module/Install/Base.pm @@ -0,0 +1,83 @@ +#line 1 +package Module::Install::Base; + +use strict 'vars'; +use vars qw{$VERSION}; +BEGIN { + $VERSION = '1.14'; +} + +# Suspend handler for "redefined" warnings +BEGIN { + my $w = $SIG{__WARN__}; + $SIG{__WARN__} = sub { $w }; +} + +#line 42 + +sub new { + my $class = shift; + unless ( defined &{"${class}::call"} ) { + *{"${class}::call"} = sub { shift->_top->call(@_) }; + } + unless ( defined &{"${class}::load"} ) { + *{"${class}::load"} = sub { shift->_top->load(@_) }; + } + bless { @_ }, $class; +} + +#line 61 + +sub AUTOLOAD { + local $@; + my $func = eval { shift->_top->autoload } or return; + goto &$func; +} + +#line 75 + +sub _top { + $_[0]->{_top}; +} + +#line 90 + +sub admin { + $_[0]->_top->{admin} + or + Module::Install::Base::FakeAdmin->new; +} + +#line 106 + +sub is_admin { + ! $_[0]->admin->isa('Module::Install::Base::FakeAdmin'); +} + +sub DESTROY {} + +package Module::Install::Base::FakeAdmin; + +use vars qw{$VERSION}; +BEGIN { + $VERSION = $Module::Install::Base::VERSION; +} + +my $fake; + +sub new { + $fake ||= bless(\@_, $_[0]); +} + +sub AUTOLOAD {} + +sub DESTROY {} + +# Restore warning handler +BEGIN { + $SIG{__WARN__} = $SIG{__WARN__}->(); +} + +1; + +#line 159 diff --git a/inc/Module/Install/Can.pm b/inc/Module/Install/Can.pm new file mode 100644 index 0000000..9929b1b --- /dev/null +++ b/inc/Module/Install/Can.pm @@ -0,0 +1,154 @@ +#line 1 +package Module::Install::Can; + +use strict; +use Config (); +use ExtUtils::MakeMaker (); +use Module::Install::Base (); + +use vars qw{$VERSION @ISA $ISCORE}; +BEGIN { + $VERSION = '1.14'; + @ISA = 'Module::Install::Base'; + $ISCORE = 1; +} + +# check if we can load some module +### Upgrade this to not have to load the module if possible +sub can_use { + my ($self, $mod, $ver) = @_; + $mod =~ s{::|\\}{/}g; + $mod .= '.pm' unless $mod =~ /\.pm$/i; + + my $pkg = $mod; + $pkg =~ s{/}{::}g; + $pkg =~ s{\.pm$}{}i; + + local $@; + eval { require $mod; $pkg->VERSION($ver || 0); 1 }; +} + +# Check if we can run some command +sub can_run { + my ($self, $cmd) = @_; + + my $_cmd = $cmd; + return $_cmd if (-x $_cmd or $_cmd = MM->maybe_command($_cmd)); + + for my $dir ((split /$Config::Config{path_sep}/, $ENV{PATH}), '.') { + next if $dir eq ''; + require File::Spec; + my $abs = File::Spec->catfile($dir, $cmd); + return $abs if (-x $abs or $abs = MM->maybe_command($abs)); + } + + return; +} + +# Can our C compiler environment build XS files +sub can_xs { + my $self = shift; + + # Ensure we have the CBuilder module + $self->configure_requires( 'ExtUtils::CBuilder' => 0.27 ); + + # Do we have the configure_requires checker? + local $@; + eval "require ExtUtils::CBuilder;"; + if ( $@ ) { + # They don't obey configure_requires, so it is + # someone old and delicate. Try to avoid hurting + # them by falling back to an older simpler test. + return $self->can_cc(); + } + + # Do we have a working C compiler + my $builder = ExtUtils::CBuilder->new( + quiet => 1, + ); + unless ( $builder->have_compiler ) { + # No working C compiler + return 0; + } + + # Write a C file representative of what XS becomes + require File::Temp; + my ( $FH, $tmpfile ) = File::Temp::tempfile( + "compilexs-XXXXX", + SUFFIX => '.c', + ); + binmode $FH; + print $FH <<'END_C'; +#include "EXTERN.h" +#include "perl.h" +#include "XSUB.h" + +int main(int argc, char **argv) { + return 0; +} + +int boot_sanexs() { + return 1; +} + +END_C + close $FH; + + # Can the C compiler access the same headers XS does + my @libs = (); + my $object = undef; + eval { + local $^W = 0; + $object = $builder->compile( + source => $tmpfile, + ); + @libs = $builder->link( + objects => $object, + module_name => 'sanexs', + ); + }; + my $result = $@ ? 0 : 1; + + # Clean up all the build files + foreach ( $tmpfile, $object, @libs ) { + next unless defined $_; + 1 while unlink; + } + + return $result; +} + +# Can we locate a (the) C compiler +sub can_cc { + my $self = shift; + my @chunks = split(/ /, $Config::Config{cc}) or return; + + # $Config{cc} may contain args; try to find out the program part + while (@chunks) { + return $self->can_run("@chunks") || (pop(@chunks), next); + } + + return; +} + +# Fix Cygwin bug on maybe_command(); +if ( $^O eq 'cygwin' ) { + require ExtUtils::MM_Cygwin; + require ExtUtils::MM_Win32; + if ( ! defined(&ExtUtils::MM_Cygwin::maybe_command) ) { + *ExtUtils::MM_Cygwin::maybe_command = sub { + my ($self, $file) = @_; + if ($file =~ m{^/cygdrive/}i and ExtUtils::MM_Win32->can('maybe_command')) { + ExtUtils::MM_Win32->maybe_command($file); + } else { + ExtUtils::MM_Unix->maybe_command($file); + } + } + } +} + +1; + +__END__ + +#line 236 diff --git a/inc/Module/Install/Fetch.pm b/inc/Module/Install/Fetch.pm new file mode 100644 index 0000000..3d8de76 --- /dev/null +++ b/inc/Module/Install/Fetch.pm @@ -0,0 +1,93 @@ +#line 1 +package Module::Install::Fetch; + +use strict; +use Module::Install::Base (); + +use vars qw{$VERSION @ISA $ISCORE}; +BEGIN { + $VERSION = '1.14'; + @ISA = 'Module::Install::Base'; + $ISCORE = 1; +} + +sub get_file { + my ($self, %args) = @_; + my ($scheme, $host, $path, $file) = + $args{url} =~ m|^(\w+)://([^/]+)(.+)/(.+)| or return; + + if ( $scheme eq 'http' and ! eval { require LWP::Simple; 1 } ) { + $args{url} = $args{ftp_url} + or (warn("LWP support unavailable!\n"), return); + ($scheme, $host, $path, $file) = + $args{url} =~ m|^(\w+)://([^/]+)(.+)/(.+)| or return; + } + + $|++; + print "Fetching '$file' from $host... "; + + unless (eval { require Socket; Socket::inet_aton($host) }) { + warn "'$host' resolve failed!\n"; + return; + } + + return unless $scheme eq 'ftp' or $scheme eq 'http'; + + require Cwd; + my $dir = Cwd::getcwd(); + chdir $args{local_dir} or return if exists $args{local_dir}; + + if (eval { require LWP::Simple; 1 }) { + LWP::Simple::mirror($args{url}, $file); + } + elsif (eval { require Net::FTP; 1 }) { eval { + # use Net::FTP to get past firewall + my $ftp = Net::FTP->new($host, Passive => 1, Timeout => 600); + $ftp->login("anonymous", 'anonymous@example.com'); + $ftp->cwd($path); + $ftp->binary; + $ftp->get($file) or (warn("$!\n"), return); + $ftp->quit; + } } + elsif (my $ftp = $self->can_run('ftp')) { eval { + # no Net::FTP, fallback to ftp.exe + require FileHandle; + my $fh = FileHandle->new; + + local $SIG{CHLD} = 'IGNORE'; + unless ($fh->open("|$ftp -n")) { + warn "Couldn't open ftp: $!\n"; + chdir $dir; return; + } + + my @dialog = split(/\n/, <<"END_FTP"); +open $host +user anonymous anonymous\@example.com +cd $path +binary +get $file $file +quit +END_FTP + foreach (@dialog) { $fh->print("$_\n") } + $fh->close; + } } + else { + warn "No working 'ftp' program available!\n"; + chdir $dir; return; + } + + unless (-f $file) { + warn "Fetching failed: $@\n"; + chdir $dir; return; + } + + return if exists $args{size} and -s $file != $args{size}; + system($args{run}) if exists $args{run}; + unlink($file) if $args{remove}; + + print(((!exists $args{check_for} or -e $args{check_for}) + ? "done!" : "failed! ($!)"), "\n"); + chdir $dir; return !$?; +} + +1; diff --git a/inc/Module/Install/Makefile.pm b/inc/Module/Install/Makefile.pm new file mode 100644 index 0000000..66993af --- /dev/null +++ b/inc/Module/Install/Makefile.pm @@ -0,0 +1,418 @@ +#line 1 +package Module::Install::Makefile; + +use strict 'vars'; +use ExtUtils::MakeMaker (); +use Module::Install::Base (); +use Fcntl qw/:flock :seek/; + +use vars qw{$VERSION @ISA $ISCORE}; +BEGIN { + $VERSION = '1.14'; + @ISA = 'Module::Install::Base'; + $ISCORE = 1; +} + +sub Makefile { $_[0] } + +my %seen = (); + +sub prompt { + shift; + + # Infinite loop protection + my @c = caller(); + if ( ++$seen{"$c[1]|$c[2]|$_[0]"} > 3 ) { + die "Caught an potential prompt infinite loop ($c[1]|$c[2]|$_[0])"; + } + + # In automated testing or non-interactive session, always use defaults + if ( ($ENV{AUTOMATED_TESTING} or -! -t STDIN) and ! $ENV{PERL_MM_USE_DEFAULT} ) { + local $ENV{PERL_MM_USE_DEFAULT} = 1; + goto &ExtUtils::MakeMaker::prompt; + } else { + goto &ExtUtils::MakeMaker::prompt; + } +} + +# Store a cleaned up version of the MakeMaker version, +# since we need to behave differently in a variety of +# ways based on the MM version. +my $makemaker = eval $ExtUtils::MakeMaker::VERSION; + +# If we are passed a param, do a "newer than" comparison. +# Otherwise, just return the MakeMaker version. +sub makemaker { + ( @_ < 2 or $makemaker >= eval($_[1]) ) ? $makemaker : 0 +} + +# Ripped from ExtUtils::MakeMaker 6.56, and slightly modified +# as we only need to know here whether the attribute is an array +# or a hash or something else (which may or may not be appendable). +my %makemaker_argtype = ( + C => 'ARRAY', + CONFIG => 'ARRAY', +# CONFIGURE => 'CODE', # ignore + DIR => 'ARRAY', + DL_FUNCS => 'HASH', + DL_VARS => 'ARRAY', + EXCLUDE_EXT => 'ARRAY', + EXE_FILES => 'ARRAY', + FUNCLIST => 'ARRAY', + H => 'ARRAY', + IMPORTS => 'HASH', + INCLUDE_EXT => 'ARRAY', + LIBS => 'ARRAY', # ignore '' + MAN1PODS => 'HASH', + MAN3PODS => 'HASH', + META_ADD => 'HASH', + META_MERGE => 'HASH', + PL_FILES => 'HASH', + PM => 'HASH', + PMLIBDIRS => 'ARRAY', + PMLIBPARENTDIRS => 'ARRAY', + PREREQ_PM => 'HASH', + CONFIGURE_REQUIRES => 'HASH', + SKIP => 'ARRAY', + TYPEMAPS => 'ARRAY', + XS => 'HASH', +# VERSION => ['version',''], # ignore +# _KEEP_AFTER_FLUSH => '', + + clean => 'HASH', + depend => 'HASH', + dist => 'HASH', + dynamic_lib=> 'HASH', + linkext => 'HASH', + macro => 'HASH', + postamble => 'HASH', + realclean => 'HASH', + test => 'HASH', + tool_autosplit => 'HASH', + + # special cases where you can use makemaker_append + CCFLAGS => 'APPENDABLE', + DEFINE => 'APPENDABLE', + INC => 'APPENDABLE', + LDDLFLAGS => 'APPENDABLE', + LDFROM => 'APPENDABLE', +); + +sub makemaker_args { + my ($self, %new_args) = @_; + my $args = ( $self->{makemaker_args} ||= {} ); + foreach my $key (keys %new_args) { + if ($makemaker_argtype{$key}) { + if ($makemaker_argtype{$key} eq 'ARRAY') { + $args->{$key} = [] unless defined $args->{$key}; + unless (ref $args->{$key} eq 'ARRAY') { + $args->{$key} = [$args->{$key}] + } + push @{$args->{$key}}, + ref $new_args{$key} eq 'ARRAY' + ? @{$new_args{$key}} + : $new_args{$key}; + } + elsif ($makemaker_argtype{$key} eq 'HASH') { + $args->{$key} = {} unless defined $args->{$key}; + foreach my $skey (keys %{ $new_args{$key} }) { + $args->{$key}{$skey} = $new_args{$key}{$skey}; + } + } + elsif ($makemaker_argtype{$key} eq 'APPENDABLE') { + $self->makemaker_append($key => $new_args{$key}); + } + } + else { + if (defined $args->{$key}) { + warn qq{MakeMaker attribute "$key" is overriden; use "makemaker_append" to append values\n}; + } + $args->{$key} = $new_args{$key}; + } + } + return $args; +} + +# For mm args that take multiple space-separated args, +# append an argument to the current list. +sub makemaker_append { + my $self = shift; + my $name = shift; + my $args = $self->makemaker_args; + $args->{$name} = defined $args->{$name} + ? join( ' ', $args->{$name}, @_ ) + : join( ' ', @_ ); +} + +sub build_subdirs { + my $self = shift; + my $subdirs = $self->makemaker_args->{DIR} ||= []; + for my $subdir (@_) { + push @$subdirs, $subdir; + } +} + +sub clean_files { + my $self = shift; + my $clean = $self->makemaker_args->{clean} ||= {}; + %$clean = ( + %$clean, + FILES => join ' ', grep { length $_ } ($clean->{FILES} || (), @_), + ); +} + +sub realclean_files { + my $self = shift; + my $realclean = $self->makemaker_args->{realclean} ||= {}; + %$realclean = ( + %$realclean, + FILES => join ' ', grep { length $_ } ($realclean->{FILES} || (), @_), + ); +} + +sub libs { + my $self = shift; + my $libs = ref $_[0] ? shift : [ shift ]; + $self->makemaker_args( LIBS => $libs ); +} + +sub inc { + my $self = shift; + $self->makemaker_args( INC => shift ); +} + +sub _wanted_t { +} + +sub tests_recursive { + my $self = shift; + my $dir = shift || 't'; + unless ( -d $dir ) { + die "tests_recursive dir '$dir' does not exist"; + } + my %tests = map { $_ => 1 } split / /, ($self->tests || ''); + require File::Find; + File::Find::find( + sub { /\.t$/ and -f $_ and $tests{"$File::Find::dir/*.t"} = 1 }, + $dir + ); + $self->tests( join ' ', sort keys %tests ); +} + +sub write { + my $self = shift; + die "&Makefile->write() takes no arguments\n" if @_; + + # Check the current Perl version + my $perl_version = $self->perl_version; + if ( $perl_version ) { + eval "use $perl_version; 1" + or die "ERROR: perl: Version $] is installed, " + . "but we need version >= $perl_version"; + } + + # Make sure we have a new enough MakeMaker + require ExtUtils::MakeMaker; + + if ( $perl_version and $self->_cmp($perl_version, '5.006') >= 0 ) { + # This previous attempted to inherit the version of + # ExtUtils::MakeMaker in use by the module author, but this + # was found to be untenable as some authors build releases + # using future dev versions of EU:MM that nobody else has. + # Instead, #toolchain suggests we use 6.59 which is the most + # stable version on CPAN at time of writing and is, to quote + # ribasushi, "not terminally fucked, > and tested enough". + # TODO: We will now need to maintain this over time to push + # the version up as new versions are released. + $self->build_requires( 'ExtUtils::MakeMaker' => 6.59 ); + $self->configure_requires( 'ExtUtils::MakeMaker' => 6.59 ); + } else { + # Allow legacy-compatibility with 5.005 by depending on the + # most recent EU:MM that supported 5.005. + $self->build_requires( 'ExtUtils::MakeMaker' => 6.36 ); + $self->configure_requires( 'ExtUtils::MakeMaker' => 6.36 ); + } + + # Generate the MakeMaker params + my $args = $self->makemaker_args; + $args->{DISTNAME} = $self->name; + $args->{NAME} = $self->module_name || $self->name; + $args->{NAME} =~ s/-/::/g; + $args->{VERSION} = $self->version or die <<'EOT'; +ERROR: Can't determine distribution version. Please specify it +explicitly via 'version' in Makefile.PL, or set a valid $VERSION +in a module, and provide its file path via 'version_from' (or +'all_from' if you prefer) in Makefile.PL. +EOT + + if ( $self->tests ) { + my @tests = split ' ', $self->tests; + my %seen; + $args->{test} = { + TESTS => (join ' ', grep {!$seen{$_}++} @tests), + }; + } elsif ( $Module::Install::ExtraTests::use_extratests ) { + # Module::Install::ExtraTests doesn't set $self->tests and does its own tests via harness. + # So, just ignore our xt tests here. + } elsif ( -d 'xt' and ($Module::Install::AUTHOR or $ENV{RELEASE_TESTING}) ) { + $args->{test} = { + TESTS => join( ' ', map { "$_/*.t" } grep { -d $_ } qw{ t xt } ), + }; + } + if ( $] >= 5.005 ) { + $args->{ABSTRACT} = $self->abstract; + $args->{AUTHOR} = join ', ', @{$self->author || []}; + } + if ( $self->makemaker(6.10) ) { + $args->{NO_META} = 1; + #$args->{NO_MYMETA} = 1; + } + if ( $self->makemaker(6.17) and $self->sign ) { + $args->{SIGN} = 1; + } + unless ( $self->is_admin ) { + delete $args->{SIGN}; + } + if ( $self->makemaker(6.31) and $self->license ) { + $args->{LICENSE} = $self->license; + } + + my $prereq = ($args->{PREREQ_PM} ||= {}); + %$prereq = ( %$prereq, + map { @$_ } # flatten [module => version] + map { @$_ } + grep $_, + ($self->requires) + ); + + # Remove any reference to perl, PREREQ_PM doesn't support it + delete $args->{PREREQ_PM}->{perl}; + + # Merge both kinds of requires into BUILD_REQUIRES + my $build_prereq = ($args->{BUILD_REQUIRES} ||= {}); + %$build_prereq = ( %$build_prereq, + map { @$_ } # flatten [module => version] + map { @$_ } + grep $_, + ($self->configure_requires, $self->build_requires) + ); + + # Remove any reference to perl, BUILD_REQUIRES doesn't support it + delete $args->{BUILD_REQUIRES}->{perl}; + + # Delete bundled dists from prereq_pm, add it to Makefile DIR + my $subdirs = ($args->{DIR} || []); + if ($self->bundles) { + my %processed; + foreach my $bundle (@{ $self->bundles }) { + my ($mod_name, $dist_dir) = @$bundle; + delete $prereq->{$mod_name}; + $dist_dir = File::Basename::basename($dist_dir); # dir for building this module + if (not exists $processed{$dist_dir}) { + if (-d $dist_dir) { + # List as sub-directory to be processed by make + push @$subdirs, $dist_dir; + } + # Else do nothing: the module is already present on the system + $processed{$dist_dir} = undef; + } + } + } + + unless ( $self->makemaker('6.55_03') ) { + %$prereq = (%$prereq,%$build_prereq); + delete $args->{BUILD_REQUIRES}; + } + + if ( my $perl_version = $self->perl_version ) { + eval "use $perl_version; 1" + or die "ERROR: perl: Version $] is installed, " + . "but we need version >= $perl_version"; + + if ( $self->makemaker(6.48) ) { + $args->{MIN_PERL_VERSION} = $perl_version; + } + } + + if ($self->installdirs) { + warn qq{old INSTALLDIRS (probably set by makemaker_args) is overriden by installdirs\n} if $args->{INSTALLDIRS}; + $args->{INSTALLDIRS} = $self->installdirs; + } + + my %args = map { + ( $_ => $args->{$_} ) } grep {defined($args->{$_} ) + } keys %$args; + + my $user_preop = delete $args{dist}->{PREOP}; + if ( my $preop = $self->admin->preop($user_preop) ) { + foreach my $key ( keys %$preop ) { + $args{dist}->{$key} = $preop->{$key}; + } + } + + my $mm = ExtUtils::MakeMaker::WriteMakefile(%args); + $self->fix_up_makefile($mm->{FIRST_MAKEFILE} || 'Makefile'); +} + +sub fix_up_makefile { + my $self = shift; + my $makefile_name = shift; + my $top_class = ref($self->_top) || ''; + my $top_version = $self->_top->VERSION || ''; + + my $preamble = $self->preamble + ? "# Preamble by $top_class $top_version\n" + . $self->preamble + : ''; + my $postamble = "# Postamble by $top_class $top_version\n" + . ($self->postamble || ''); + + local *MAKEFILE; + open MAKEFILE, "+< $makefile_name" or die "fix_up_makefile: Couldn't open $makefile_name: $!"; + eval { flock MAKEFILE, LOCK_EX }; + my $makefile = do { local $/; }; + + $makefile =~ s/\b(test_harness\(\$\(TEST_VERBOSE\), )/$1'inc', /; + $makefile =~ s/( -I\$\(INST_ARCHLIB\))/ -Iinc$1/g; + $makefile =~ s/( "-I\$\(INST_LIB\)")/ "-Iinc"$1/g; + $makefile =~ s/^(FULLPERL = .*)/$1 "-Iinc"/m; + $makefile =~ s/^(PERL = .*)/$1 "-Iinc"/m; + + # Module::Install will never be used to build the Core Perl + # Sometimes PERL_LIB and PERL_ARCHLIB get written anyway, which breaks + # PREFIX/PERL5LIB, and thus, install_share. Blank them if they exist + $makefile =~ s/^PERL_LIB = .+/PERL_LIB =/m; + #$makefile =~ s/^PERL_ARCHLIB = .+/PERL_ARCHLIB =/m; + + # Perl 5.005 mentions PERL_LIB explicitly, so we have to remove that as well. + $makefile =~ s/(\"?)-I\$\(PERL_LIB\)\1//g; + + # XXX - This is currently unused; not sure if it breaks other MM-users + # $makefile =~ s/^pm_to_blib\s+:\s+/pm_to_blib :: /mg; + + seek MAKEFILE, 0, SEEK_SET; + truncate MAKEFILE, 0; + print MAKEFILE "$preamble$makefile$postamble" or die $!; + close MAKEFILE or die $!; + + 1; +} + +sub preamble { + my ($self, $text) = @_; + $self->{preamble} = $text . $self->{preamble} if defined $text; + $self->{preamble}; +} + +sub postamble { + my ($self, $text) = @_; + $self->{postamble} ||= $self->admin->postamble; + $self->{postamble} .= $text if defined $text; + $self->{postamble} +} + +1; + +__END__ + +#line 544 diff --git a/inc/Module/Install/Metadata.pm b/inc/Module/Install/Metadata.pm new file mode 100644 index 0000000..e547fa0 --- /dev/null +++ b/inc/Module/Install/Metadata.pm @@ -0,0 +1,722 @@ +#line 1 +package Module::Install::Metadata; + +use strict 'vars'; +use Module::Install::Base (); + +use vars qw{$VERSION @ISA $ISCORE}; +BEGIN { + $VERSION = '1.14'; + @ISA = 'Module::Install::Base'; + $ISCORE = 1; +} + +my @boolean_keys = qw{ + sign +}; + +my @scalar_keys = qw{ + name + module_name + abstract + version + distribution_type + tests + installdirs +}; + +my @tuple_keys = qw{ + configure_requires + build_requires + requires + recommends + bundles + resources +}; + +my @resource_keys = qw{ + homepage + bugtracker + repository +}; + +my @array_keys = qw{ + keywords + author +}; + +*authors = \&author; + +sub Meta { shift } +sub Meta_BooleanKeys { @boolean_keys } +sub Meta_ScalarKeys { @scalar_keys } +sub Meta_TupleKeys { @tuple_keys } +sub Meta_ResourceKeys { @resource_keys } +sub Meta_ArrayKeys { @array_keys } + +foreach my $key ( @boolean_keys ) { + *$key = sub { + my $self = shift; + if ( defined wantarray and not @_ ) { + return $self->{values}->{$key}; + } + $self->{values}->{$key} = ( @_ ? $_[0] : 1 ); + return $self; + }; +} + +foreach my $key ( @scalar_keys ) { + *$key = sub { + my $self = shift; + return $self->{values}->{$key} if defined wantarray and !@_; + $self->{values}->{$key} = shift; + return $self; + }; +} + +foreach my $key ( @array_keys ) { + *$key = sub { + my $self = shift; + return $self->{values}->{$key} if defined wantarray and !@_; + $self->{values}->{$key} ||= []; + push @{$self->{values}->{$key}}, @_; + return $self; + }; +} + +foreach my $key ( @resource_keys ) { + *$key = sub { + my $self = shift; + unless ( @_ ) { + return () unless $self->{values}->{resources}; + return map { $_->[1] } + grep { $_->[0] eq $key } + @{ $self->{values}->{resources} }; + } + return $self->{values}->{resources}->{$key} unless @_; + my $uri = shift or die( + "Did not provide a value to $key()" + ); + $self->resources( $key => $uri ); + return 1; + }; +} + +foreach my $key ( grep { $_ ne "resources" } @tuple_keys) { + *$key = sub { + my $self = shift; + return $self->{values}->{$key} unless @_; + my @added; + while ( @_ ) { + my $module = shift or last; + my $version = shift || 0; + push @added, [ $module, $version ]; + } + push @{ $self->{values}->{$key} }, @added; + return map {@$_} @added; + }; +} + +# Resource handling +my %lc_resource = map { $_ => 1 } qw{ + homepage + license + bugtracker + repository +}; + +sub resources { + my $self = shift; + while ( @_ ) { + my $name = shift or last; + my $value = shift or next; + if ( $name eq lc $name and ! $lc_resource{$name} ) { + die("Unsupported reserved lowercase resource '$name'"); + } + $self->{values}->{resources} ||= []; + push @{ $self->{values}->{resources} }, [ $name, $value ]; + } + $self->{values}->{resources}; +} + +# Aliases for build_requires that will have alternative +# meanings in some future version of META.yml. +sub test_requires { shift->build_requires(@_) } +sub install_requires { shift->build_requires(@_) } + +# Aliases for installdirs options +sub install_as_core { $_[0]->installdirs('perl') } +sub install_as_cpan { $_[0]->installdirs('site') } +sub install_as_site { $_[0]->installdirs('site') } +sub install_as_vendor { $_[0]->installdirs('vendor') } + +sub dynamic_config { + my $self = shift; + my $value = @_ ? shift : 1; + if ( $self->{values}->{dynamic_config} ) { + # Once dynamic we never change to static, for safety + return 0; + } + $self->{values}->{dynamic_config} = $value ? 1 : 0; + return 1; +} + +# Convenience command +sub static_config { + shift->dynamic_config(0); +} + +sub perl_version { + my $self = shift; + return $self->{values}->{perl_version} unless @_; + my $version = shift or die( + "Did not provide a value to perl_version()" + ); + + # Normalize the version + $version = $self->_perl_version($version); + + # We don't support the really old versions + unless ( $version >= 5.005 ) { + die "Module::Install only supports 5.005 or newer (use ExtUtils::MakeMaker)\n"; + } + + $self->{values}->{perl_version} = $version; +} + +sub all_from { + my ( $self, $file ) = @_; + + unless ( defined($file) ) { + my $name = $self->name or die( + "all_from called with no args without setting name() first" + ); + $file = join('/', 'lib', split(/-/, $name)) . '.pm'; + $file =~ s{.*/}{} unless -e $file; + unless ( -e $file ) { + die("all_from cannot find $file from $name"); + } + } + unless ( -f $file ) { + die("The path '$file' does not exist, or is not a file"); + } + + $self->{values}{all_from} = $file; + + # Some methods pull from POD instead of code. + # If there is a matching .pod, use that instead + my $pod = $file; + $pod =~ s/\.pm$/.pod/i; + $pod = $file unless -e $pod; + + # Pull the different values + $self->name_from($file) unless $self->name; + $self->version_from($file) unless $self->version; + $self->perl_version_from($file) unless $self->perl_version; + $self->author_from($pod) unless @{$self->author || []}; + $self->license_from($pod) unless $self->license; + $self->abstract_from($pod) unless $self->abstract; + + return 1; +} + +sub provides { + my $self = shift; + my $provides = ( $self->{values}->{provides} ||= {} ); + %$provides = (%$provides, @_) if @_; + return $provides; +} + +sub auto_provides { + my $self = shift; + return $self unless $self->is_admin; + unless (-e 'MANIFEST') { + warn "Cannot deduce auto_provides without a MANIFEST, skipping\n"; + return $self; + } + # Avoid spurious warnings as we are not checking manifest here. + local $SIG{__WARN__} = sub {1}; + require ExtUtils::Manifest; + local *ExtUtils::Manifest::manicheck = sub { return }; + + require Module::Build; + my $build = Module::Build->new( + dist_name => $self->name, + dist_version => $self->version, + license => $self->license, + ); + $self->provides( %{ $build->find_dist_packages || {} } ); +} + +sub feature { + my $self = shift; + my $name = shift; + my $features = ( $self->{values}->{features} ||= [] ); + my $mods; + + if ( @_ == 1 and ref( $_[0] ) ) { + # The user used ->feature like ->features by passing in the second + # argument as a reference. Accomodate for that. + $mods = $_[0]; + } else { + $mods = \@_; + } + + my $count = 0; + push @$features, ( + $name => [ + map { + ref($_) ? ( ref($_) eq 'HASH' ) ? %$_ : @$_ : $_ + } @$mods + ] + ); + + return @$features; +} + +sub features { + my $self = shift; + while ( my ( $name, $mods ) = splice( @_, 0, 2 ) ) { + $self->feature( $name, @$mods ); + } + return $self->{values}->{features} + ? @{ $self->{values}->{features} } + : (); +} + +sub no_index { + my $self = shift; + my $type = shift; + push @{ $self->{values}->{no_index}->{$type} }, @_ if $type; + return $self->{values}->{no_index}; +} + +sub read { + my $self = shift; + $self->include_deps( 'YAML::Tiny', 0 ); + + require YAML::Tiny; + my $data = YAML::Tiny::LoadFile('META.yml'); + + # Call methods explicitly in case user has already set some values. + while ( my ( $key, $value ) = each %$data ) { + next unless $self->can($key); + if ( ref $value eq 'HASH' ) { + while ( my ( $module, $version ) = each %$value ) { + $self->can($key)->($self, $module => $version ); + } + } else { + $self->can($key)->($self, $value); + } + } + return $self; +} + +sub write { + my $self = shift; + return $self unless $self->is_admin; + $self->admin->write_meta; + return $self; +} + +sub version_from { + require ExtUtils::MM_Unix; + my ( $self, $file ) = @_; + $self->version( ExtUtils::MM_Unix->parse_version($file) ); + + # for version integrity check + $self->makemaker_args( VERSION_FROM => $file ); +} + +sub abstract_from { + require ExtUtils::MM_Unix; + my ( $self, $file ) = @_; + $self->abstract( + bless( + { DISTNAME => $self->name }, + 'ExtUtils::MM_Unix' + )->parse_abstract($file) + ); +} + +# Add both distribution and module name +sub name_from { + my ($self, $file) = @_; + if ( + Module::Install::_read($file) =~ m/ + ^ \s* + package \s* + ([\w:]+) + [\s|;]* + /ixms + ) { + my ($name, $module_name) = ($1, $1); + $name =~ s{::}{-}g; + $self->name($name); + unless ( $self->module_name ) { + $self->module_name($module_name); + } + } else { + die("Cannot determine name from $file\n"); + } +} + +sub _extract_perl_version { + if ( + $_[0] =~ m/ + ^\s* + (?:use|require) \s* + v? + ([\d_\.]+) + \s* ; + /ixms + ) { + my $perl_version = $1; + $perl_version =~ s{_}{}g; + return $perl_version; + } else { + return; + } +} + +sub perl_version_from { + my $self = shift; + my $perl_version=_extract_perl_version(Module::Install::_read($_[0])); + if ($perl_version) { + $self->perl_version($perl_version); + } else { + warn "Cannot determine perl version info from $_[0]\n"; + return; + } +} + +sub author_from { + my $self = shift; + my $content = Module::Install::_read($_[0]); + if ($content =~ m/ + =head \d \s+ (?:authors?)\b \s* + ([^\n]*) + | + =head \d \s+ (?:licen[cs]e|licensing|copyright|legal)\b \s* + .*? copyright .*? \d\d\d[\d.]+ \s* (?:\bby\b)? \s* + ([^\n]*) + /ixms) { + my $author = $1 || $2; + + # XXX: ugly but should work anyway... + if (eval "require Pod::Escapes; 1") { + # Pod::Escapes has a mapping table. + # It's in core of perl >= 5.9.3, and should be installed + # as one of the Pod::Simple's prereqs, which is a prereq + # of Pod::Text 3.x (see also below). + $author =~ s{ E<( (\d+) | ([A-Za-z]+) )> } + { + defined $2 + ? chr($2) + : defined $Pod::Escapes::Name2character_number{$1} + ? chr($Pod::Escapes::Name2character_number{$1}) + : do { + warn "Unknown escape: E<$1>"; + "E<$1>"; + }; + }gex; + } + elsif (eval "require Pod::Text; 1" && $Pod::Text::VERSION < 3) { + # Pod::Text < 3.0 has yet another mapping table, + # though the table name of 2.x and 1.x are different. + # (1.x is in core of Perl < 5.6, 2.x is in core of + # Perl < 5.9.3) + my $mapping = ($Pod::Text::VERSION < 2) + ? \%Pod::Text::HTML_Escapes + : \%Pod::Text::ESCAPES; + $author =~ s{ E<( (\d+) | ([A-Za-z]+) )> } + { + defined $2 + ? chr($2) + : defined $mapping->{$1} + ? $mapping->{$1} + : do { + warn "Unknown escape: E<$1>"; + "E<$1>"; + }; + }gex; + } + else { + $author =~ s{E}{<}g; + $author =~ s{E}{>}g; + } + $self->author($author); + } else { + warn "Cannot determine author info from $_[0]\n"; + } +} + +#Stolen from M::B +my %license_urls = ( + perl => 'http://dev.perl.org/licenses/', + apache => 'http://apache.org/licenses/LICENSE-2.0', + apache_1_1 => 'http://apache.org/licenses/LICENSE-1.1', + artistic => 'http://opensource.org/licenses/artistic-license.php', + artistic_2 => 'http://opensource.org/licenses/artistic-license-2.0.php', + lgpl => 'http://opensource.org/licenses/lgpl-license.php', + lgpl2 => 'http://opensource.org/licenses/lgpl-2.1.php', + lgpl3 => 'http://opensource.org/licenses/lgpl-3.0.html', + bsd => 'http://opensource.org/licenses/bsd-license.php', + gpl => 'http://opensource.org/licenses/gpl-license.php', + gpl2 => 'http://opensource.org/licenses/gpl-2.0.php', + gpl3 => 'http://opensource.org/licenses/gpl-3.0.html', + mit => 'http://opensource.org/licenses/mit-license.php', + mozilla => 'http://opensource.org/licenses/mozilla1.1.php', + open_source => undef, + unrestricted => undef, + restrictive => undef, + unknown => undef, +); + +sub license { + my $self = shift; + return $self->{values}->{license} unless @_; + my $license = shift or die( + 'Did not provide a value to license()' + ); + $license = __extract_license($license) || lc $license; + $self->{values}->{license} = $license; + + # Automatically fill in license URLs + if ( $license_urls{$license} ) { + $self->resources( license => $license_urls{$license} ); + } + + return 1; +} + +sub _extract_license { + my $pod = shift; + my $matched; + return __extract_license( + ($matched) = $pod =~ m/ + (=head \d \s+ L(?i:ICEN[CS]E|ICENSING)\b.*?) + (=head \d.*|=cut.*|)\z + /xms + ) || __extract_license( + ($matched) = $pod =~ m/ + (=head \d \s+ (?:C(?i:OPYRIGHTS?)|L(?i:EGAL))\b.*?) + (=head \d.*|=cut.*|)\z + /xms + ); +} + +sub __extract_license { + my $license_text = shift or return; + my @phrases = ( + '(?:under )?the same (?:terms|license) as (?:perl|the perl (?:\d )?programming language)' => 'perl', 1, + '(?:under )?the terms of (?:perl|the perl programming language) itself' => 'perl', 1, + 'Artistic and GPL' => 'perl', 1, + 'GNU general public license' => 'gpl', 1, + 'GNU public license' => 'gpl', 1, + 'GNU lesser general public license' => 'lgpl', 1, + 'GNU lesser public license' => 'lgpl', 1, + 'GNU library general public license' => 'lgpl', 1, + 'GNU library public license' => 'lgpl', 1, + 'GNU Free Documentation license' => 'unrestricted', 1, + 'GNU Affero General Public License' => 'open_source', 1, + '(?:Free)?BSD license' => 'bsd', 1, + 'Artistic license 2\.0' => 'artistic_2', 1, + 'Artistic license' => 'artistic', 1, + 'Apache (?:Software )?license' => 'apache', 1, + 'GPL' => 'gpl', 1, + 'LGPL' => 'lgpl', 1, + 'BSD' => 'bsd', 1, + 'Artistic' => 'artistic', 1, + 'MIT' => 'mit', 1, + 'Mozilla Public License' => 'mozilla', 1, + 'Q Public License' => 'open_source', 1, + 'OpenSSL License' => 'unrestricted', 1, + 'SSLeay License' => 'unrestricted', 1, + 'zlib License' => 'open_source', 1, + 'proprietary' => 'proprietary', 0, + ); + while ( my ($pattern, $license, $osi) = splice(@phrases, 0, 3) ) { + $pattern =~ s#\s+#\\s+#gs; + if ( $license_text =~ /\b$pattern\b/i ) { + return $license; + } + } + return ''; +} + +sub license_from { + my $self = shift; + if (my $license=_extract_license(Module::Install::_read($_[0]))) { + $self->license($license); + } else { + warn "Cannot determine license info from $_[0]\n"; + return 'unknown'; + } +} + +sub _extract_bugtracker { + my @links = $_[0] =~ m#L<( + https?\Q://rt.cpan.org/\E[^>]+| + https?\Q://github.com/\E[\w_]+/[\w_]+/issues| + https?\Q://code.google.com/p/\E[\w_\-]+/issues/list + )>#gx; + my %links; + @links{@links}=(); + @links=keys %links; + return @links; +} + +sub bugtracker_from { + my $self = shift; + my $content = Module::Install::_read($_[0]); + my @links = _extract_bugtracker($content); + unless ( @links ) { + warn "Cannot determine bugtracker info from $_[0]\n"; + return 0; + } + if ( @links > 1 ) { + warn "Found more than one bugtracker link in $_[0]\n"; + return 0; + } + + # Set the bugtracker + bugtracker( $links[0] ); + return 1; +} + +sub requires_from { + my $self = shift; + my $content = Module::Install::_readperl($_[0]); + my @requires = $content =~ m/^use\s+([^\W\d]\w*(?:::\w+)*)\s+(v?[\d\.]+)/mg; + while ( @requires ) { + my $module = shift @requires; + my $version = shift @requires; + $self->requires( $module => $version ); + } +} + +sub test_requires_from { + my $self = shift; + my $content = Module::Install::_readperl($_[0]); + my @requires = $content =~ m/^use\s+([^\W\d]\w*(?:::\w+)*)\s+([\d\.]+)/mg; + while ( @requires ) { + my $module = shift @requires; + my $version = shift @requires; + $self->test_requires( $module => $version ); + } +} + +# Convert triple-part versions (eg, 5.6.1 or 5.8.9) to +# numbers (eg, 5.006001 or 5.008009). +# Also, convert double-part versions (eg, 5.8) +sub _perl_version { + my $v = $_[-1]; + $v =~ s/^([1-9])\.([1-9]\d?\d?)$/sprintf("%d.%03d",$1,$2)/e; + $v =~ s/^([1-9])\.([1-9]\d?\d?)\.(0|[1-9]\d?\d?)$/sprintf("%d.%03d%03d",$1,$2,$3 || 0)/e; + $v =~ s/(\.\d\d\d)000$/$1/; + $v =~ s/_.+$//; + if ( ref($v) ) { + # Numify + $v = $v + 0; + } + return $v; +} + +sub add_metadata { + my $self = shift; + my %hash = @_; + for my $key (keys %hash) { + warn "add_metadata: $key is not prefixed with 'x_'.\n" . + "Use appopriate function to add non-private metadata.\n" unless $key =~ /^x_/; + $self->{values}->{$key} = $hash{$key}; + } +} + + +###################################################################### +# MYMETA Support + +sub WriteMyMeta { + die "WriteMyMeta has been deprecated"; +} + +sub write_mymeta_yaml { + my $self = shift; + + # We need YAML::Tiny to write the MYMETA.yml file + unless ( eval { require YAML::Tiny; 1; } ) { + return 1; + } + + # Generate the data + my $meta = $self->_write_mymeta_data or return 1; + + # Save as the MYMETA.yml file + print "Writing MYMETA.yml\n"; + YAML::Tiny::DumpFile('MYMETA.yml', $meta); +} + +sub write_mymeta_json { + my $self = shift; + + # We need JSON to write the MYMETA.json file + unless ( eval { require JSON; 1; } ) { + return 1; + } + + # Generate the data + my $meta = $self->_write_mymeta_data or return 1; + + # Save as the MYMETA.yml file + print "Writing MYMETA.json\n"; + Module::Install::_write( + 'MYMETA.json', + JSON->new->pretty(1)->canonical->encode($meta), + ); +} + +sub _write_mymeta_data { + my $self = shift; + + # If there's no existing META.yml there is nothing we can do + return undef unless -f 'META.yml'; + + # We need Parse::CPAN::Meta to load the file + unless ( eval { require Parse::CPAN::Meta; 1; } ) { + return undef; + } + + # Merge the perl version into the dependencies + my $val = $self->Meta->{values}; + my $perl = delete $val->{perl_version}; + if ( $perl ) { + $val->{requires} ||= []; + my $requires = $val->{requires}; + + # Canonize to three-dot version after Perl 5.6 + if ( $perl >= 5.006 ) { + $perl =~ s{^(\d+)\.(\d\d\d)(\d*)}{join('.', $1, int($2||0), int($3||0))}e + } + unshift @$requires, [ perl => $perl ]; + } + + # Load the advisory META.yml file + my @yaml = Parse::CPAN::Meta::LoadFile('META.yml'); + my $meta = $yaml[0]; + + # Overwrite the non-configure dependency hashes + delete $meta->{requires}; + delete $meta->{build_requires}; + delete $meta->{recommends}; + if ( exists $val->{requires} ) { + $meta->{requires} = { map { @$_ } @{ $val->{requires} } }; + } + if ( exists $val->{build_requires} ) { + $meta->{build_requires} = { map { @$_ } @{ $val->{build_requires} } }; + } + + return $meta; +} + +1; diff --git a/inc/Module/Install/ReadmeFromPod.pm b/inc/Module/Install/ReadmeFromPod.pm new file mode 100644 index 0000000..b5e03c3 --- /dev/null +++ b/inc/Module/Install/ReadmeFromPod.pm @@ -0,0 +1,138 @@ +#line 1 +package Module::Install::ReadmeFromPod; + +use 5.006; +use strict; +use warnings; +use base qw(Module::Install::Base); +use vars qw($VERSION); + +$VERSION = '0.22'; + +sub readme_from { + my $self = shift; + return unless $self->is_admin; + + # Input file + my $in_file = shift || $self->_all_from + or die "Can't determine file to make readme_from"; + + # Get optional arguments + my ($clean, $format, $out_file, $options); + my $args = shift; + if ( ref $args ) { + # Arguments are in a hashref + if ( ref($args) ne 'HASH' ) { + die "Expected a hashref but got a ".ref($args)."\n"; + } else { + $clean = $args->{'clean'}; + $format = $args->{'format'}; + $out_file = $args->{'output_file'}; + $options = $args->{'options'}; + } + } else { + # Arguments are in a list + $clean = $args; + $format = shift; + $out_file = shift; + $options = \@_; + } + + # Default values; + $clean ||= 0; + $format ||= 'txt'; + + # Generate README + print "readme_from $in_file to $format\n"; + if ($format =~ m/te?xt/) { + $out_file = $self->_readme_txt($in_file, $out_file, $options); + } elsif ($format =~ m/html?/) { + $out_file = $self->_readme_htm($in_file, $out_file, $options); + } elsif ($format eq 'man') { + $out_file = $self->_readme_man($in_file, $out_file, $options); + } elsif ($format eq 'pdf') { + $out_file = $self->_readme_pdf($in_file, $out_file, $options); + } + + if ($clean) { + $self->clean_files($out_file); + } + + return 1; +} + + +sub _readme_txt { + my ($self, $in_file, $out_file, $options) = @_; + $out_file ||= 'README'; + require Pod::Text; + my $parser = Pod::Text->new( @$options ); + open my $out_fh, '>', $out_file or die "Could not write file $out_file:\n$!\n"; + $parser->output_fh( *$out_fh ); + $parser->parse_file( $in_file ); + close $out_fh; + return $out_file; +} + + +sub _readme_htm { + my ($self, $in_file, $out_file, $options) = @_; + $out_file ||= 'README.htm'; + require Pod::Html; + Pod::Html::pod2html( + "--infile=$in_file", + "--outfile=$out_file", + @$options, + ); + # Remove temporary files if needed + for my $file ('pod2htmd.tmp', 'pod2htmi.tmp') { + if (-e $file) { + unlink $file or warn "Warning: Could not remove file '$file'.\n$!\n"; + } + } + return $out_file; +} + + +sub _readme_man { + my ($self, $in_file, $out_file, $options) = @_; + $out_file ||= 'README.1'; + require Pod::Man; + my $parser = Pod::Man->new( @$options ); + $parser->parse_from_file($in_file, $out_file); + return $out_file; +} + + +sub _readme_pdf { + my ($self, $in_file, $out_file, $options) = @_; + $out_file ||= 'README.pdf'; + eval { require App::pod2pdf; } + or die "Could not generate $out_file because pod2pdf could not be found\n"; + my $parser = App::pod2pdf->new( @$options ); + $parser->parse_from_file($in_file); + open my $out_fh, '>', $out_file or die "Could not write file $out_file:\n$!\n"; + select $out_fh; + $parser->output; + select STDOUT; + close $out_fh; + return $out_file; +} + + +sub _all_from { + my $self = shift; + return unless $self->admin->{extensions}; + my ($metadata) = grep { + ref($_) eq 'Module::Install::Metadata'; + } @{$self->admin->{extensions}}; + return unless $metadata; + return $metadata->{values}{all_from} || ''; +} + +'Readme!'; + +__END__ + +#line 254 + diff --git a/inc/Module/Install/Win32.pm b/inc/Module/Install/Win32.pm new file mode 100644 index 0000000..9706e5f --- /dev/null +++ b/inc/Module/Install/Win32.pm @@ -0,0 +1,64 @@ +#line 1 +package Module::Install::Win32; + +use strict; +use Module::Install::Base (); + +use vars qw{$VERSION @ISA $ISCORE}; +BEGIN { + $VERSION = '1.14'; + @ISA = 'Module::Install::Base'; + $ISCORE = 1; +} + +# determine if the user needs nmake, and download it if needed +sub check_nmake { + my $self = shift; + $self->load('can_run'); + $self->load('get_file'); + + require Config; + return unless ( + $^O eq 'MSWin32' and + $Config::Config{make} and + $Config::Config{make} =~ /^nmake\b/i and + ! $self->can_run('nmake') + ); + + print "The required 'nmake' executable not found, fetching it...\n"; + + require File::Basename; + my $rv = $self->get_file( + url => 'http://download.microsoft.com/download/vc15/Patch/1.52/W95/EN-US/Nmake15.exe', + ftp_url => 'ftp://ftp.microsoft.com/Softlib/MSLFILES/Nmake15.exe', + local_dir => File::Basename::dirname($^X), + size => 51928, + run => 'Nmake15.exe /o > nul', + check_for => 'Nmake.exe', + remove => 1, + ); + + die <<'END_MESSAGE' unless $rv; + +------------------------------------------------------------------------------- + +Since you are using Microsoft Windows, you will need the 'nmake' utility +before installation. It's available at: + + http://download.microsoft.com/download/vc15/Patch/1.52/W95/EN-US/Nmake15.exe + or + ftp://ftp.microsoft.com/Softlib/MSLFILES/Nmake15.exe + +Please download the file manually, save it to a directory in %PATH% (e.g. +C:\WINDOWS\COMMAND\), then launch the MS-DOS command line shell, "cd" to +that directory, and run "Nmake15.exe" from there; that will create the +'nmake.exe' file needed by this module. + +You may then resume the installation process described in README. + +------------------------------------------------------------------------------- +END_MESSAGE + +} + +1; diff --git a/inc/Module/Install/WriteAll.pm b/inc/Module/Install/WriteAll.pm new file mode 100644 index 0000000..dbedc00 --- /dev/null +++ b/inc/Module/Install/WriteAll.pm @@ -0,0 +1,63 @@ +#line 1 +package Module::Install::WriteAll; + +use strict; +use Module::Install::Base (); + +use vars qw{$VERSION @ISA $ISCORE}; +BEGIN { + $VERSION = '1.14'; + @ISA = qw{Module::Install::Base}; + $ISCORE = 1; +} + +sub WriteAll { + my $self = shift; + my %args = ( + meta => 1, + sign => 0, + inline => 0, + check_nmake => 1, + @_, + ); + + $self->sign(1) if $args{sign}; + $self->admin->WriteAll(%args) if $self->is_admin; + + $self->check_nmake if $args{check_nmake}; + unless ( $self->makemaker_args->{PL_FILES} ) { + # XXX: This still may be a bit over-defensive... + unless ($self->makemaker(6.25)) { + $self->makemaker_args( PL_FILES => {} ) if -f 'Build.PL'; + } + } + + # Until ExtUtils::MakeMaker support MYMETA.yml, make sure + # we clean it up properly ourself. + $self->realclean_files('MYMETA.yml'); + + if ( $args{inline} ) { + $self->Inline->write; + } else { + $self->Makefile->write; + } + + # The Makefile write process adds a couple of dependencies, + # so write the META.yml files after the Makefile. + if ( $args{meta} ) { + $self->Meta->write; + } + + # Experimental support for MYMETA + if ( $ENV{X_MYMETA} ) { + if ( $ENV{X_MYMETA} eq 'JSON' ) { + $self->Meta->write_mymeta_json; + } else { + $self->Meta->write_mymeta_yaml; + } + } + + return 1; +} + +1; diff --git a/lib/GnuPG/Fingerprint.pm b/lib/GnuPG/Fingerprint.pm new file mode 100644 index 0000000..fcb1028 --- /dev/null +++ b/lib/GnuPG/Fingerprint.pm @@ -0,0 +1,93 @@ +# Fingerprint.pm +# - providing an object-oriented approach to GnuPG key fingerprints +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: Fingerprint.pm,v 1.8 2001/08/21 13:31:50 ftobin Exp $ +# + +package GnuPG::Fingerprint; +use Moo; +use MooX::late; +with qw(GnuPG::HashInit); + +has as_hex_string => ( + isa => 'Any', + is => 'rw', +); + +sub compare { + my ($self, $other) = @_; + return 0 unless $other->isa('GnuPG::Fingerprint'); + return $self->as_hex_string() eq $other->as_hex_string(); +} + +# DEPRECATED +sub hex_data +{ + my ( $self, $v ) = @_; + $self->as_hex_string( $v ) if defined $v; + return $self->as_hex_string(); +} + +1; + +__END__ + +=head1 NAME + +GnuPG::Fingerprint - GnuPG Fingerprint Objects + +=head1 SYNOPSIS + + # assumes a GnuPG::Key in $key + my $fingerprint = $key->fingerprint->as_hex_string(); + +=head1 DESCRIPTION + +GnuPG::Fingerprint objects are generally part of GnuPG::Key +objects, and are not created on their own. + +=head1 OBJECT METHODS + +=head2 Initialization Methods + +=over 4 + +=item new( I<%initialization_args> ) + +This methods creates a new object. The optional arguments are +initialization of data members. + +=item hash_init( I<%args> ). + +=item compare( I<$other> ) + +Returns non-zero only when this fingerprint is identical to the other +GnuPG::Fingerprint. + +=back + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item as_hex_string + +This is the hex value of the fingerprint that the object embodies, +in string format. + +=back + +=head1 SEE ALSO + +L, + +=cut diff --git a/lib/GnuPG/Handles.pm b/lib/GnuPG/Handles.pm new file mode 100644 index 0000000..b30ca57 --- /dev/null +++ b/lib/GnuPG/Handles.pm @@ -0,0 +1,185 @@ +# Handles.pm +# - interface to the handles used by GnuPG::Interface +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: Handles.pm,v 1.8 2001/12/09 02:24:10 ftobin Exp $ +# + +package GnuPG::Handles; +use Moo; +use MooX::late; +with qw(GnuPG::HashInit); + +use constant HANDLES => qw( + stdin + stdout + stderr + status + logger + passphrase + command +); + +has "$_" => ( + isa => 'Any', + is => 'rw', + clearer => 'clear_' . $_, +) for HANDLES; + +has _options => ( + isa => 'HashRef', + is => 'rw', + lazy_build => 1, +); + +sub options { + my $self = shift; + my $key = shift; + + return $self->_options->{$key}; +} + +sub _build__options { {} } + +sub BUILD { + my ( $self, $args ) = @_; + + # This is done for the user's convenience so that they don't + # have to worry about undefined hashrefs + $self->_options->{$_} = {} for HANDLES; + $self->hash_init(%$args); +} + +1; + +=head1 NAME + +GnuPG::Handles - GnuPG handles bundle + +=head1 SYNOPSIS + + use IO::Handle; + my ( $stdin, $stdout, $stderr, + $status_fh, $logger_fh, $passphrase_fh, + ) + = ( IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), + IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), + ); + + my $handles = GnuPG::Handles->new + ( stdin => $stdin, + stdout => $stdout, + stderr => $stderr, + status => $status_fh, + logger => $logger_fh, + passphrase => $passphrase_fh, + ); + +=head1 DESCRIPTION + +GnuPG::Handles objects are generally instantiated +to be used in conjunction with methods of objects +of the class GnuPG::Interface. GnuPG::Handles objects +represent a collection of handles that are used to +communicate with GnuPG. + +=head1 OBJECT METHODS + +=head2 Initialization Methods + +=over 4 + +=item new( I<%initialization_args> ) + +This methods creates a new object. The optional arguments are +initialization of data members. + +=item hash_init( I<%args> ). + + +=back + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item stdin + +This handle is connected to the standard input of a GnuPG process. + +=item stdout + +This handle is connected to the standard output of a GnuPG process. + +=item stderr + +This handle is connected to the standard error of a GnuPG process. + +=item status + +This handle is connected to the status output handle of a GnuPG process. + +=item logger + +This handle is connected to the logger output handle of a GnuPG process. + +=item passphrase + +This handle is connected to the passphrase input handle of a GnuPG process. + +=item command + +This handle is connected to the command input handle of a GnuPG process. + +=item options + +This is a hash of hashrefs of settings pertaining to the handles +in this object. The outer-level hash is keyed by the names of the +handle the setting is for, while the inner is keyed by the setting +being referenced. For example, to set the setting C to true +for the filehandle C, the following code will do: + + # assuming $handles is an already-created + # GnuPG::Handles object, this sets all + # options for the filehandle stdin in one blow, + # clearing out all others + $handles->options( 'stdin', { direct => 1 } ); + + # this is useful to just make one change + # to the set of options for a handle + $handles->options( 'stdin' )->{direct} = 1; + + # and to get the setting... + $setting = $handles->options( 'stdin' )->{direct}; + + # and to clear the settings for stdin + $handles->options( 'stdin', {} ); + +The currently-used settings are as follows: + +=over 4 + +=item direct + +If the setting C is true for a handle, the GnuPG +process spawned will access the handle directly. This is useful for +having the GnuPG process read or write directly to or from +an already-opened file. + +=back + +=back + +=head1 SEE ALSO + +L, + +=cut diff --git a/lib/GnuPG/HashInit.pm b/lib/GnuPG/HashInit.pm new file mode 100644 index 0000000..a278b09 --- /dev/null +++ b/lib/GnuPG/HashInit.pm @@ -0,0 +1,12 @@ +package GnuPG::HashInit; +use Moo::Role; + +sub hash_init { + my ($self, %args) = @_; + while ( my ( $method, $value ) = each %args ) { + $self->$method($value); + } +} + +1; +__END__ diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm new file mode 100644 index 0000000..f952f3e --- /dev/null +++ b/lib/GnuPG/Interface.pm @@ -0,0 +1,1367 @@ +# Interface.pm +# - providing an object-oriented approach to interacting with GnuPG +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# + +package GnuPG::Interface; +use Moo; +use MooX::late; +with qw(GnuPG::HashInit); + +use English qw( -no_match_vars ); +use Carp; +use Fcntl; +use vars qw( $VERSION ); +use Fatal qw( open close pipe fcntl ); +use Class::Struct; +use IO::Handle; + +use Math::BigInt try => 'GMP'; +use GnuPG::Options; +use GnuPG::Handles; + +$VERSION = '0.52'; + +has $_ => ( + isa => 'Any', + is => 'rw', + clearer => 'clear_' . $_, +) for qw(call passphrase); + +has options => ( + isa => 'GnuPG::Options', + is => 'rw', + lazy_build => 1, +); + +sub _build_options { GnuPG::Options->new() } + +# deprecated! +sub gnupg_call { shift->call(@_); } + +sub BUILD { + my ( $self, $args ) = @_; + + $self->hash_init( call => 'gpg' ); + $self->hash_init(%$args); +} + +struct( + fh_setup => { + parent_end => '$', child_end => '$', + direct => '$', is_std => '$', + parent_is_source => '$', name_shows_dup => '$', + } +); + +################################################################# +# real worker functions + +# This function does any 'extra' stuff that the user might +# not want to handle himself, such as passing in the passphrase +sub wrap_call( $% ) { + my ( $self, %args ) = @_; + + my $handles = $args{handles} + or croak 'error: no handles defined'; + + $handles->stdin('<&STDIN') unless $handles->stdin(); + $handles->stdout('>&STDOUT') unless $handles->stdout(); + $handles->stderr('>&STDERR') unless $handles->stderr(); + + # so call me sexist; English just doen't cope well + my $needs_passphrase_handled_for_him + = ( $self->passphrase() and not $handles->passphrase() ) ? 1 : 0; + + if ($needs_passphrase_handled_for_him) { + $handles->passphrase( IO::Handle->new() ); + } + + my $pid = $self->fork_attach_exec(%args); + + if ($needs_passphrase_handled_for_him) { + my $passphrase_handle = $handles->passphrase(); + print $passphrase_handle $self->passphrase(); + close $passphrase_handle; + + # We put this in in case the user wants to re-use this object + $handles->clear_passphrase(); + } + + return $pid; +} + +# does does command-line creation, forking, and execcing +# the reasing cli creation is done here is because we should +# fork before finding the fd's for stuff like --status-fd +sub fork_attach_exec( $% ) { + my ( $self, %args ) = @_; + + my $handles = $args{handles} or croak 'no GnuPG::Handles passed'; + + # deprecation support + $args{commands} ||= $args{gnupg_commands}; + + my @commands + = ref $args{commands} ? @{ $args{commands} } : ( $args{commands} ) + or croak "no gnupg commands passed"; + + # deprecation support + $args{command_args} ||= $args{gnupg_command_args}; + + my @command_args + = ref $args{command_args} + ? @{ $args{command_args} } + : ( $args{command_args} || () ); + unshift @command_args, "--" + if @command_args and $command_args[0] ne "--"; + + my %fhs; + foreach my $fh_name ( + qw( stdin stdout stderr status + logger passphrase command + ) + ) { + my $fh = $handles->$fh_name() or next; + $fhs{$fh_name} = fh_setup->new(); + $fhs{$fh_name}->parent_end($fh); + } + + foreach my $fh_name (qw( stdin stdout stderr )) { + $fhs{$fh_name}->is_std(1); + } + + foreach my $fh_name (qw( stdin passphrase command )) { + my $entry = $fhs{$fh_name} or next; + $entry->parent_is_source(1); + } + + # Below is code derived heavily from + # Marc Horowitz's IPC::Open3, a base Perl module + foreach my $fh_name ( keys %fhs ) { + my $entry = $fhs{$fh_name}; + + my $parent_end = $entry->parent_end(); + my $name_shows_dup = ( $parent_end =~ s/^[<>]&// ); + $entry->parent_end($parent_end); + + $entry->name_shows_dup($name_shows_dup); + + $entry->direct( $name_shows_dup + || $handles->options($fh_name)->{direct} + || 0 ); + } + + foreach my $fh_name ( keys %fhs ) { + $fhs{$fh_name}->child_end( IO::Handle->new() ); + } + + foreach my $fh_name ( keys %fhs ) { + my $entry = $fhs{$fh_name}; + next if $entry->direct(); + + my $reader_end; + my $writer_end; + if ( $entry->parent_is_source() ) { + $reader_end = $entry->child_end(); + $writer_end = $entry->parent_end(); + } + else { + $reader_end = $entry->parent_end(); + $writer_end = $entry->child_end(); + } + + pipe $reader_end, $writer_end; + } + + my $pid = fork; + + die "fork failed: $ERRNO" unless defined $pid; + + if ( $pid == 0 ) # child + { + + # these are for safety later to help lessen autovifying, + # speed things up, and make the code smaller + my $stdin = $fhs{stdin}; + my $stdout = $fhs{stdout}; + my $stderr = $fhs{stderr}; + + # Paul Walmsley says: + # Perl 5.6's POSIX.pm has a typo in it that prevents us from + # importing STDERR_FILENO. So we resort to requiring it. + require POSIX; + + my $standard_out + = IO::Handle->new_from_fd( &POSIX::STDOUT_FILENO, 'w' ); + my $standard_in + = IO::Handle->new_from_fd( &POSIX::STDIN_FILENO, 'r' ); + + # Paul Walmsley says: + # this mess is due to a typo in POSIX.pm on Perl 5.6 + my $stderr_fd = eval {&POSIX::STDERR_FILENO}; + $stderr_fd = 2 unless defined $stderr_fd; + my $standard_err = IO::Handle->new_from_fd( $stderr_fd, 'w' ); + + # If she wants to dup the kid's stderr onto her stdout I need to + # save a copy of her stdout before I put something else there. + if ( $stdout->parent_end() ne $stderr->parent_end() + and $stderr->direct() + and my_fileno( $stderr->parent_end() ) + == my_fileno($standard_out) ) { + my $tmp = IO::Handle->new(); + open $tmp, '>&' . my_fileno( $stderr->parent_end() ); + $stderr->parent_end($tmp); + } + + if ( $stdin->direct() ) { + open $standard_in, '<&' . my_fileno( $stdin->parent_end() ) + unless my_fileno($standard_in) + == my_fileno( $stdin->parent_end() ); + } + else { + close $stdin->parent_end(); + open $standard_in, '<&=' . my_fileno( $stdin->child_end() ); + } + + if ( $stdout->direct() ) { + open $standard_out, '>&' . my_fileno( $stdout->parent_end() ) + unless my_fileno($standard_out) + == my_fileno( $stdout->parent_end() ); + } + else { + close $stdout->parent_end(); + open $standard_out, '>&=' . my_fileno( $stdout->child_end() ); + } + + if ( $stdout->parent_end() ne $stderr->parent_end() ) { + + # I have to use a fileno here because in this one case + # I'm doing a dup but the filehandle might be a reference + # (from the special case above). + if ( $stderr->direct() ) { + open $standard_err, '>&' . my_fileno( $stderr->parent_end() ) + unless my_fileno($standard_err) + == my_fileno( $stderr->parent_end() ); + } + else { + close $stderr->parent_end(); + open $standard_err, '>&=' . my_fileno( $stderr->child_end() ); + } + } + else { + open $standard_err, '>&STDOUT' + unless my_fileno($standard_err) == my_fileno($standard_out); + } + + foreach my $fh_name ( keys %fhs ) { + my $entry = $fhs{$fh_name}; + next if $entry->is_std(); + + my $parent_end = $entry->parent_end(); + my $child_end = $entry->child_end(); + + if ( $entry->direct() ) { + if ( $entry->name_shows_dup() ) { + my $open_prefix + = $entry->parent_is_source() ? '<&' : '>&'; + open $child_end, $open_prefix . $parent_end; + } + else { + $child_end = $parent_end; + $entry->child_end($child_end); + } + } + else { + close $parent_end; + } + + # we want these fh's to stay open after the exec + fcntl $child_end, F_SETFD, 0; + + # now set the options for the call to GnuPG + my $fileno = my_fileno($child_end); + my $option = $fh_name . '_fd'; + $self->options->$option($fileno); + } + + my @command = ( + $self->call(), $self->options->get_args(), + @commands, @command_args + ); + + exec @command or die "exec() error: $ERRNO"; + } + + # parent + + # close the child end of any pipes (non-direct stuff) + foreach my $fh_name ( keys %fhs ) { + my $entry = $fhs{$fh_name}; + close $entry->child_end() unless $entry->direct(); + } + + foreach my $fh_name ( keys %fhs ) { + my $entry = $fhs{$fh_name}; + next unless $entry->parent_is_source(); + + my $parent_end = $entry->parent_end(); + + # close any writing handles if they were a dup + #any real reason for this? It bombs if we're doing + #the automagic >& stuff. + #close $parent_end if $entry->direct(); + + # unbuffer pipes + select( ( select($parent_end), $OUTPUT_AUTOFLUSH = 1 )[0] ) + if $parent_end; + } + + return $pid; +} + +sub my_fileno { + no strict 'refs'; + my ($fh) = @_; + croak "fh is undefined" unless defined $fh; + return $1 if $fh =~ /^=?(\d+)$/; # is it a fd in itself? + my $fileno = fileno $fh; + croak "error determining fileno for $fh: $ERRNO" unless defined $fileno; + return $fileno; +} + + +sub unescape_string { + my($str) = splice(@_); + $str =~ s/\\x(..)/chr(hex($1))/eg; + return $str; +} + +################################################################### + +sub get_public_keys ( $@ ) { + my ( $self, @key_ids ) = @_; + + return $self->get_keys( + commands => ['--list-public-keys'], + command_args => [@key_ids], + ); +} + +sub get_secret_keys ( $@ ) { + my ( $self, @key_ids ) = @_; + + return $self->get_keys( + commands => ['--list-secret-keys'], + command_args => [@key_ids], + ); +} + +sub get_public_keys_with_sigs ( $@ ) { + my ( $self, @key_ids ) = @_; + + return $self->get_keys( + commands => ['--check-sigs'], + command_args => [@key_ids], + ); +} + +sub get_keys { + my ( $self, %args ) = @_; + + my $saved_options = $self->options(); + my $new_options = $self->options->copy(); + $self->options($new_options); + $self->options->push_extra_args( + '--with-colons', + '--fixed-list-mode', + '--with-fingerprint', + '--with-fingerprint', + '--with-key-data', + ); + + my $stdin = IO::Handle->new(); + my $stdout = IO::Handle->new(); + + my $handles = GnuPG::Handles->new( + stdin => $stdin, + stdout => $stdout, + ); + + my $pid = $self->wrap_call( + handles => $handles, + %args, + ); + + my @returned_keys; + my $current_primary_key; + my $current_signed_item; + my $current_key; + + require GnuPG::PublicKey; + require GnuPG::SecretKey; + require GnuPG::SubKey; + require GnuPG::Fingerprint; + require GnuPG::UserId; + require GnuPG::UserAttribute; + require GnuPG::Signature; + require GnuPG::Revoker; + + while (<$stdout>) { + my $line = $_; + chomp $line; + my @fields = split ':', $line, -1; + next unless @fields > 3; + + my $record_type = $fields[0]; + + if ( $record_type eq 'pub' or $record_type eq 'sec' ) { + push @returned_keys, $current_primary_key + if $current_primary_key; + + my ( + $user_id_validity, $key_length, $algo_num, $hex_key_id, + $creation_date, $expiration_date, + $local_id, $owner_trust, $user_id_string, + $sigclass, #unused + $usage_flags, + ) = @fields[ 1 .. $#fields ]; + + # --fixed-list-mode uses epoch time for creation and expiration date strings. + # For backward compatibility, we convert them back using GMT; + my $expiration_date_string; + if ($expiration_date eq '') { + $expiration_date = undef; + } else { + $expiration_date_string = $self->_downrez_date($expiration_date); + } + my $creation_date_string = $self->_downrez_date($creation_date); + + $current_primary_key = $current_key + = $record_type eq 'pub' + ? GnuPG::PublicKey->new() + : GnuPG::SecretKey->new(); + + $current_primary_key->hash_init( + length => $key_length, + algo_num => $algo_num, + hex_id => $hex_key_id, + local_id => $local_id, + owner_trust => $owner_trust, + creation_date => $creation_date, + expiration_date => $expiration_date, + creation_date_string => $creation_date_string, + expiration_date_string => $expiration_date_string, + usage_flags => $usage_flags, + ); + + $current_signed_item = $current_primary_key; + } + elsif ( $record_type eq 'fpr' ) { + my $hex = $fields[9]; + my $f = GnuPG::Fingerprint->new( as_hex_string => $hex ); + $current_key->fingerprint($f); + } + elsif ( $record_type eq 'sig' or + $record_type eq 'rev' + ) { + my ( + $validity, + $algo_num, $hex_key_id, + $signature_date, + $expiration_date, + $user_id_string, + $sig_type, + ) = @fields[ 1, 3 .. 6, 9, 10 ]; + + my $expiration_date_string; + if ($expiration_date eq '') { + $expiration_date = undef; + } else { + $expiration_date_string = $self->_downrez_date($expiration_date); + } + my $signature_date_string = $self->_downrez_date($signature_date); + + my ($sig_class, $is_exportable); + if ($sig_type =~ /^([[:xdigit:]]{2})([xl])$/ ) { + $sig_class = hex($1); + $is_exportable = ('x' eq $2); + } + + my $signature = GnuPG::Signature->new( + validity => $validity, + algo_num => $algo_num, + hex_id => $hex_key_id, + date => $signature_date, + date_string => $signature_date_string, + expiration_date => $expiration_date, + expiration_date_string => $expiration_date_string, + user_id_string => unescape_string($user_id_string), + sig_class => $sig_class, + is_exportable => $is_exportable, + ); + + if ( $current_signed_item->isa('GnuPG::Key') || + $current_signed_item->isa('GnuPG::UserId') || + $current_signed_item->isa('GnuPG::Revoker') || + $current_signed_item->isa('GnuPG::UserAttribute')) { + if ($record_type eq 'sig') { + $current_signed_item->push_signatures($signature); + } elsif ($record_type eq 'rev') { + $current_signed_item->push_revocations($signature); + } + } else { + warn "do not know how to handle signature line: $line\n"; + } + } + elsif ( $record_type eq 'uid' ) { + my ( $validity, $user_id_string ) = @fields[ 1, 9 ]; + + $current_signed_item = GnuPG::UserId->new( + validity => $validity, + as_string => unescape_string($user_id_string), + ); + + $current_primary_key->push_user_ids($current_signed_item); + } + elsif ( $record_type eq 'uat' ) { + my ( $validity, $subpacket ) = @fields[ 1, 9 ]; + + my ( $subpacket_count, $subpacket_total_size ) = split(/ /,$subpacket); + + $current_signed_item = GnuPG::UserAttribute->new( + validity => $validity, + subpacket_count => $subpacket_count, + subpacket_total_size => $subpacket_total_size, + ); + + $current_primary_key->push_user_attributes($current_signed_item); + } + elsif ( $record_type eq 'sub' or $record_type eq 'ssb' ) { + my ( + $validity, $key_length, $algo_num, $hex_id, + $creation_date, $expiration_date, + $local_id, + $dummy0, $dummy1, $dummy2, #unused + $usage_flags, + ) = @fields[ 1 .. 11 ]; + + my $expiration_date_string; + if ($expiration_date eq '') { + $expiration_date = undef; + } else { + $expiration_date_string = $self->_downrez_date($expiration_date); + } + my $creation_date_string = $self->_downrez_date($creation_date); + + $current_signed_item = $current_key + = GnuPG::SubKey->new( + validity => $validity, + length => $key_length, + algo_num => $algo_num, + hex_id => $hex_id, + creation_date => $creation_date, + expiration_date => $expiration_date, + creation_date_string => $creation_date_string, + expiration_date_string => $expiration_date_string, + local_id => $local_id, + usage_flags => $usage_flags, + ); + + $current_primary_key->push_subkeys($current_signed_item); + } + elsif ($record_type eq 'rvk') { + my ($algo_num, $fpr, $class) = @fields[ 3,9,10 ]; + my $rvk = GnuPG::Revoker->new( + fingerprint => GnuPG::Fingerprint->new( as_hex_string => $fpr ), + algo_num => ($algo_num + 0), + class => hex($class), + ); + # pushing to either primary key or subkey, to handle + # designated revokers to the subkeys too: + $current_key->push_revokers($rvk); + # revokers should be bound to the key with signatures: + $current_signed_item = $rvk; + } + elsif ($record_type eq 'pkd') { + my ($pos, $size, $data) = @fields[ 1,2,3 ]; + $current_key->pubkey_data->[$pos+0] = Math::BigInt->from_hex('0x'.$data); + } + elsif ( $record_type ne 'tru' and $record_type ne 'grp' ) { + warn "unknown record type $record_type"; + } + } + + waitpid $pid, 0; + + push @returned_keys, $current_primary_key + if $current_primary_key; + + $self->options($saved_options); + + return @returned_keys; +} + +sub _downrez_date { + my $self = shift; + my $date = shift; + if ($date =~ /^\d+$/) { + my ($year,$month,$day) = (gmtime($date))[5,4,3]; + $year += 1900; + $month += 1; + return sprintf('%04d-%02d-%02d', $year, $month, $day); + } + return $date; +} + + +################################################################ + +sub list_public_keys { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--list-public-keys'], + ); +} + +sub list_sigs { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--list-sigs'], + ); +} + +sub list_secret_keys { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--list-secret-keys'], + ); +} + +sub encrypt( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--encrypt'] + ); +} + +sub encrypt_symmetrically( $% ) { + my ( $self, %args ) = @_; + # Strip the homedir and put it back after encrypting; gpg 2.0.x + # fails symmetric encryption when one is passed. + my $homedir = $self->options->homedir; + $self->options->clear_homedir; + my $pid = $self->wrap_call( + %args, + commands => ['--symmetric'] + ); + $self->options->homedir($homedir); + return $pid; +} + +sub sign( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--sign'] + ); +} + +sub clearsign( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args,, + commands => ['--clearsign'] + ); +} + +sub detach_sign( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--detach-sign'] + ); +} + +sub sign_and_encrypt( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => [ + '--sign', + '--encrypt' + ] + ); +} + +sub decrypt( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--decrypt'] + ); +} + +sub verify( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--verify'] + ); +} + +sub import_keys( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--import'] + ); +} + +sub export_keys( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--export'] + ); +} + +sub recv_keys( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--recv-keys'] + ); +} + +sub send_keys( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--send-keys'] + ); +} + +sub search_keys( $% ) { + my ( $self, %args ) = @_; + return $self->wrap_call( + %args, + commands => ['--search-keys'] + ); +} + +sub version { + my ( $self ) = @_; + + my $out = IO::Handle->new; + my $handles = GnuPG::Handles->new( stdout => $out ); + $self->wrap_call( commands => [ '--version' ], handles => $handles ); + my $line = $out->getline; + $line =~ /(\d+\.\d+\.\d+)/; + return $1; +} + +sub test_default_key_passphrase() { + my ($self) = @_; + + # We can't do something like let the user pass + # in a passphrase handle because we don't exist + # anymore after the user runs off with the + # attachments + croak 'No passphrase defined to test!' + unless defined $self->passphrase(); + + my $stdin = IO::Handle->new(); + my $stdout = IO::Handle->new(); + my $stderr = IO::Handle->new(); + my $status = IO::Handle->new(); + + my $handles = GnuPG::Handles->new( + stdin => $stdin, + stdout => $stdout, + stderr => $stderr, + status => $status + ); + + # save this setting since we need to be in non-interactive mode + my $saved_meta_interactive_option = $self->options->meta_interactive(); + $self->options->clear_meta_interactive(); + + my $pid = $self->sign( handles => $handles ); + + close $stdin; + + # restore this setting to its original setting + $self->options->meta_interactive($saved_meta_interactive_option); + + # all we realy want to check is the status fh + while (<$status>) { + if (/^\[GNUPG:\]\s*GOOD_PASSPHRASE/) { + waitpid $pid, 0; + return 1; + } + } + + # If we didn't catch the regexp above, we'll assume + # that the passphrase was incorrect + waitpid $pid, 0; + return 0; +} + +1; + +############################################################## + +=head1 NAME + +GnuPG::Interface - Perl interface to GnuPG + +=head1 SYNOPSIS + + # A simple example + use IO::Handle; + use GnuPG::Interface; + + # settting up the situation + my $gnupg = GnuPG::Interface->new(); + $gnupg->options->hash_init( armor => 1, + homedir => '/home/foobar' ); + + # Note you can set the recipients even if you aren't encrypting! + $gnupg->options->push_recipients( 'ftobin@cpan.org' ); + $gnupg->options->meta_interactive( 0 ); + + # how we create some handles to interact with GnuPG + my $input = IO::Handle->new(); + my $output = IO::Handle->new(); + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output ); + + # Now we'll go about encrypting with the options already set + my @plaintext = ( 'foobar' ); + my $pid = $gnupg->encrypt( handles => $handles ); + + # Now we write to the input of GnuPG + print $input @plaintext; + close $input; + + # now we read the output + my @ciphertext = <$output>; + close $output; + + waitpid $pid, 0; + +=head1 DESCRIPTION + +GnuPG::Interface and its associated modules are designed to +provide an object-oriented method for interacting with GnuPG, +being able to perform functions such as but not limited +to encrypting, signing, +decryption, verification, and key-listing parsing. + +=head2 How Data Member Accessor Methods are Created + +Each module in the GnuPG::Interface bundle relies +on Moo to generate the get/set methods +used to set the object's data members. +I This means that +any data member which is a list has special +methods assigned to it for pushing, popping, and +clearing the list. + +=head2 Understanding Bidirectional Communication + +It is also imperative to realize that this package +uses interprocess communication methods similar to +those used in L +and L, +and that users of this package +need to understand how to use this method because this package +does not abstract these methods for the user greatly. +This package is not designed +to abstract this away entirely (partly for security purposes), but rather +to simply help create 'proper', clean calls to GnuPG, and to implement +key-listing parsing. +Please see L +to learn how to deal with these methods. + +Using this package to do message processing generally +invovlves creating a GnuPG::Interface object, creating +a GnuPG::Handles object, +setting some options in its B data member, +and then calling a method which invokes GnuPG, such as +B. One then interacts with with the handles +appropriately, as described in +L. + +=head1 OBJECT METHODS + +=head2 Initialization Methods + +=over 4 + +=item new( I<%initialization_args> ) + +This methods creates a new object. The optional arguments are +initialization of data members. + +=item hash_init( I<%args> ). + + +=back + +=head2 Object Methods which use a GnuPG::Handles Object + +=over 4 + +=item list_public_keys( % ) + +=item list_sigs( % ) + +=item list_secret_keys( % ) + +=item encrypt( % ) + +=item encrypt_symmetrically( % ) + +=item sign( % ) + +=item clearsign( % ) + +=item detach_sign( % ) + +=item sign_and_encrypt( % ) + +=item decrypt( % ) + +=item verify( % ) + +=item import_keys( % ) + +=item export_keys( % ) + +=item recv_keys( % ) + +=item send_keys( % ) + +=item search_keys( % ) + +These methods each correspond directly to or are very similar +to a GnuPG command described in L. Each of these methods +takes a hash, which currently must contain a key of B +which has the value of a GnuPG::Handles object. +Another optional key is B which should have the value of an +array reference; these arguments will be passed to GnuPG as command arguments. +These command arguments are used for such things as determining the keys to +list in the B method. I. To understand what are options and +what are command arguments please read L and L. + +Each of these calls returns the PID for the resulting GnuPG process. +One can use this PID in a C call instead of a C call +if more precise process reaping is needed. + +These methods will attach the handles specified in the B object +to the running GnuPG object, so that bidirectional communication +can be established. That is, the optionally-defined B, +B, B, B, B, and +B handles will be attached to +GnuPG's input, output, standard error, +the handle created by setting B, the handle created by setting B, and the handle created by setting +B respectively. +This tying of handles of similar to the process +done in I. + +If you want the GnuPG process to read or write directly to an already-opened +filehandle, you cannot do this via the normal I mechanisms. +In order to accomplish this, set the appropriate B data member +to the already-opened filehandle, and then set the option B to be true +for that handle, as described in L. For example, +to have GnuPG read from the file F and write to F, +the following snippet may do: + + my $infile = IO::File->new( 'input.txt' ); + my $outfile = IO::File->new( '>output.txt' ); + my $handles = GnuPG::Handles->new( stdin => $infile, + stdout => $outfile, + ); + $handles->options( 'stdin' )->{direct} = 1; + $handles->options( 'stdout' )->{direct} = 1; + +If any handle in the B object is not defined, GnuPG's input, output, +and standard error will be tied to the running program's standard error, +standard output, or standard error. If the B or B handle +is not defined, this channel of communication is never established with GnuPG, +and so this information is not generated and does not come into play. +If the B data member handle of the B object +is not defined, but the the B data member handle of GnuPG::Interface +object is, GnuPG::Interface will handle passing this information into GnuPG +for the user as a convience. Note that this will result in +GnuPG::Interface storing the passphrase in memory, instead of having +it simply 'pass-through' to GnuPG via a handle. + +=back + +=head2 Other Methods + +=over 4 + +=item get_public_keys( @search_strings ) + +=item get_secret_keys( @search_strings ) + +=item get_public_keys_with_sigs( @search_strings ) + +These methods create and return objects of the type GnuPG::PublicKey +or GnuPG::SecretKey respectively. This is done by parsing the output +of GnuPG with the option B enabled. The objects created +do or do not have signature information stored in them, depending +if the method ends in I<_sigs>; this separation of functionality is there +because of performance hits when listing information with signatures. + +=item test_default_key_passphrase() + +This method will return a true or false value, depending +on whether GnuPG reports a good passphrase was entered +while signing a short message using the values of +the B data member, and the default +key specified in the B data member. + +=item version() + +Returns the version of GnuPG that GnuPG::Interface is running. + +=back + + +=head1 Invoking GnuPG with a custom call + +GnuPG::Interface attempts to cover a lot of the commands +of GnuPG that one would want to perform; however, there may be a lot +more calls that GnuPG is and will be capable of, so a generic command +interface is provided, C. + +=over 4 + +=item wrap_call( %args ) + +Call GnuPG with a custom command. The %args hash must contain +at least the following keys: + +=over 4 + +=item commands + +The value of this key in the hash must be a reference to a a list of +commands for GnuPG, such as C<[ qw( --encrypt --sign ) ]>. + +=item handles + +As with most other GnuPG::Interface methods, B +must be a GnuPG::Handles object. + +=back + +The following keys are optional. + +=over 4 + +=item command_args + +As with other GnuPG::Interface methods, the value in hash +for this key must be a reference to a list of arguments +to be passed to the GnuPG command, such as which +keys to list in a key-listing. + +=back + +=back + + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item call + +This defines the call made to invoke GnuPG. Defaults to 'gpg'; this +should be changed if 'gpg' is not in your path, or there is a different +name for the binary on your system. + +=item passphrase + +In order to lessen the burden of using handles by the user of this package, +setting this option to one's passphrase for a secret key will allow +the package to enter the passphrase via a handle to GnuPG by itself +instead of leaving this to the user. See also L. + +=item options + +This data member, of the type GnuPG::Options; the setting stored in this +data member are used to determine the options used when calling GnuPG +via I of the object methods described in this package. +See L for more information. + +=back + +=head1 EXAMPLES + +The following setup can be done before any of the following examples: + + use IO::Handle; + use GnuPG::Interface; + + my @original_plaintext = ( "How do you doo?" ); + my $passphrase = "Three Little Pigs"; + + my $gnupg = GnuPG::Interface->new(); + + $gnupg->options->hash_init( armor => 1, + recipients => [ 'ftobin@uiuc.edu', + '0xABCD1234' ], + meta_interactive => 0 , + ); + +=head2 Encrypting + + # We'll let the standard error of GnuPG pass through + # to our own standard error, by not creating + # a stderr-part of the $handles object. + my ( $input, $output ) = ( IO::Handle->new(), + IO::Handle->new() ); + + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output ); + + # this sets up the communication + # Note that the recipients were specified earlier + # in the 'options' data member of the $gnupg object. + my $pid = $gnupg->encrypt( handles => $handles ); + + # this passes in the plaintext + print $input @original_plaintext; + + # this closes the communication channel, + # indicating we are done + close $input; + + my @ciphertext = <$output>; # reading the output + + waitpid $pid, 0; # clean up the finished GnuPG process + +=head2 Signing + + # This time we'll catch the standard error for our perusing + my ( $input, $output, $error ) = ( IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + ); + + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output, + stderr => $error, + ); + + # indicate our pasphrase through the + # convience method + $gnupg->passphrase( $passphrase ); + + # this sets up the communication + my $pid = $gnupg->sign( handles => $handles ); + + # this passes in the plaintext + print $input @original_plaintext; + + # this closes the communication channel, + # indicating we are done + close $input; + + my @ciphertext = <$output>; # reading the output + my @error_output = <$error>; # reading the error + + close $output; + close $error; + + waitpid $pid, 0; # clean up the finished GnuPG process + +=head2 Decryption + + # This time we'll catch the standard error for our perusing + # as well as passing in the passphrase manually + # as well as the status information given by GnuPG + my ( $input, $output, $error, $passphrase_fh, $status_fh ) + = ( IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + ); + + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output, + stderr => $error, + passphrase => $passphrase_fh, + status => $status_fh, + ); + + # this time we'll also demonstrate decrypting + # a file written to disk + # Make sure you "use IO::File" if you use this module! + my $cipher_file = IO::File->new( 'encrypted.gpg' ); + + # this sets up the communication + my $pid = $gnupg->decrypt( handles => $handles ); + + # This passes in the passphrase + print $passphrase_fh $passphrase; + close $passphrase_fh; + + # this passes in the plaintext + print $input $_ while <$cipher_file>; + + # this closes the communication channel, + # indicating we are done + close $input; + close $cipher_file; + + my @plaintext = <$output>; # reading the output + my @error_output = <$error>; # reading the error + my @status_info = <$status_fh>; # read the status info + + # clean up... + close $output; + close $error; + close $status_fh; + + waitpid $pid, 0; # clean up the finished GnuPG process + +=head2 Printing Keys + + # This time we'll just let GnuPG print to our own output + # and read from our input, because no input is needed! + my $handles = GnuPG::Handles->new(); + + my @ids = ( 'ftobin', '0xABCD1234' ); + + # this time we need to specify something for + # command_args because --list-public-keys takes + # search ids as arguments + my $pid = $gnupg->list_public_keys( handles => $handles, + command_args => [ @ids ] ); + + waitpid $pid, 0; + +=head2 Creating GnuPG::PublicKey Objects + + my @ids = [ 'ftobin', '0xABCD1234' ]; + + my @keys = $gnupg->get_public_keys( @ids ); + + # no wait is required this time; it's handled internally + # since the entire call is encapsulated + +=head2 Custom GnuPG call + + # assuming $handles is a GnuPG::Handles object + my $pid = $gnupg->wrap_call + ( commands => [ qw( --list-packets ) ], + command_args => [ qw( test/key.1.asc ) ], + handles => $handles, + ); + + my @out = <$handles->stdout()>; + waitpid $pid, 0; + + +=head1 FAQ + +=over 4 + +=item How do I get GnuPG::Interface to read/write directly from +a filehandle? + +You need to set GnuPG::Handles B option to be true for the +filehandles in concern. See L and +L<"Object Methods which use a GnuPG::Handles Object"> for more +information. + +=item Why do you make it so difficult to get GnuPG to write/read +from a filehandle? In the shell, I can just call GnuPG +with the --outfile option! + +There are lots of issues when trying to tell GnuPG to read/write +directly from a file, such as if the file isn't there, or +there is a file, and you want to write over it! What do you +want to happen then? Having the user of this module handle +these questions beforehand by opening up filehandles to GnuPG +lets the user know fully what is going to happen in these circumstances, +and makes the module less error-prone. + +=item When having GnuPG process a large message, sometimes it just +hanges there. + +Your problem may be due to buffering issues; when GnuPG reads/writes +to B filehandles (those that are sent to filehandles +which you read to from into memory, not that those access the disk), +buffering issues can mess things up. I recommend looking into +L. + +=back + +=head1 NOTES + +This package is the successor to PGP::GPG::MessageProcessor, +which I found to be too inextensible to carry on further. +A total redesign was needed, and this is the resulting +work. + +After any call to a GnuPG-command method of GnuPG::Interface +in which one passes in the handles, +one should all B to clean up GnuPG from the process table. + + +=head1 BUGS + +Currently there are problems when transmitting large quantities +of information over handles; I'm guessing this is due +to buffering issues. This bug does not seem specific to this package; +IPC::Open3 also appears affected. + +I don't know yet how well this modules handles parsing OpenPGP v3 keys. + +=head1 SEE ALSO + +L, +L, +L, +L, +L, +L + +=head1 LICENSE + +This module is free software; you can redistribute it and/or modify it +under the same terms as Perl itself. + +=head1 AUTHOR + +GnuPg::Interface is currently maintained by Jesse Vincent . + +Frank J. Tobin, ftobin@cpan.org was the original author of the package. + +=cut + +1; + diff --git a/lib/GnuPG/Key.pm b/lib/GnuPG/Key.pm new file mode 100644 index 0000000..8f98f85 --- /dev/null +++ b/lib/GnuPG/Key.pm @@ -0,0 +1,272 @@ +# Key.pm +# - providing an object-oriented approach to GnuPG keys +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: Key.pm,v 1.10 2001/12/10 01:29:27 ftobin Exp $ +# + +package GnuPG::Key; +use Moo; +use MooX::late; +with qw(GnuPG::HashInit); + +has [ + qw( length + algo_num + hex_id + hex_data + creation_date + expiration_date + creation_date_string + expiration_date_string + fingerprint + usage_flags + ) + ] => ( + isa => 'Any', + is => 'rw', + ); + +has [ + qw( + signatures + revokers + revocations + pubkey_data + )] => ( + isa => 'ArrayRef', + is => 'rw', + default => sub { [] }, +); + +sub push_signatures { + my $self = shift; + push @{ $self->signatures }, @_; +} + +sub push_revocations { + my $self = shift; + push @{ $self->revocations }, @_; +} + +sub push_revokers { + my $self = shift; + push @{ $self->revokers }, @_; +} + +sub short_hex_id { + my ($self) = @_; + return substr $self->hex_id(), -8; +} + +sub compare { + my ($self, $other, $deep) = @_; + + my @string_comparisons = qw( + length + algo_num + hex_id + creation_date + creation_date_string + usage_flags + ); + + my $field; + foreach $field (@string_comparisons) { + return 0 unless $self->$field eq $other->$field; + } + + my @can_be_undef = qw( + hex_data + expiration_date + expiration_date_string + ); + foreach $field (@can_be_undef) { + return 0 unless (defined $self->$field) == (defined $other->$field); + if (defined $self->$field) { + return 0 unless $self->$field eq $other->$field; + } + } + my @objs = qw( + fingerprint + ); + foreach $field (@objs) { + return 0 unless $self->$field->compare($other->$field, $deep); + } + + if (defined $deep && $deep) { + my @lists = qw( + signatures + revokers + revocations + ); + my $i; + foreach my $list (@lists) { + return 0 unless @{$self->$list} == @{$other->$list}; + for ( $i = 0; $i < scalar(@{$self->$list}); $i++ ) { + return 0 + unless $self->$list->[$i]->compare($other->$list->[$i], $deep); + } + } + + return 0 unless @{$self->pubkey_data} == @{$other->pubkey_data}; + for ( $i = 0; $i < scalar(@{$self->pubkey_data}); $i++ ) { + return 0 unless (0 == $self->pubkey_data->[$i]->bcmp($other->pubkey_data->[$i])); + } + } + return 1; +} + +1; + +__END__ + +=head1 NAME + +GnuPG::Key - GnuPG Key Object + +=head1 SYNOPSIS + + # assumes a GnuPG::Interface object in $gnupg + my @keys = $gnupg->get_public_keys( 'ftobin' ); + + # now GnuPG::PublicKey objects are in @keys + +=head1 DESCRIPTION + +GnuPG::Key objects are generally not instantiated on their +own, but rather used as a superclass of GnuPG::PublicKey, +GnuPG::SecretKey, or GnuPG::SubKey objects. + +=head1 OBJECT METHODS + +=head2 Initialization Methods + +=over 4 + +=item new( I<%initialization_args> ) + +This methods creates a new object. The optional arguments are +initialization of data members. + +=item hash_init( I<%args> ). + + +=item short_hex_id + +This returns the commonly-used short, 8 character short hex id +of the key. + +=item compare( I<$other>, I<$deep> ) + +Returns non-zero only when this Key is identical to the other +GnuPG::Key. If $deep is present and non-zero, the key's associated +signatures, revocations, and revokers will also be compared. + +=back + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item length + +Number of bits in the key. + +=item algo_num + +They algorithm number that the Key is used for. + +=item usage_flags + +The Key Usage flags associated with this key, represented as a string +of lower-case letters. Possible values include: (a) authenticate, (c) +certify, (e) encrypt, and (s) sign. + +A key may have any combination of them in any order. In addition to +these letters, the primary key has uppercase versions of the letters +to denote the _usable_ capabilities of the entire key, and a potential +letter 'D' to indicate a disabled key. + +See "key capabilities" DETAILS from the GnuPG sources for more +details. + +=item hex_data + +The data of the key. WARNING: this seems to have never been +instantiated, and should always be undef. + +=item pubkey_data + +A list of Math::BigInt objects that correspond to the public key +material for the given key (this member is empty on secret keys). + +For DSA keys, the values are: prime (p), group order (q), group generator (g), y + +For RSA keys, the values are: modulus (n), exponent (e) + +For El Gamal keys, the values are: prime (p), group generator (g), y + +For more details, see: http://tools.ietf.org/html/rfc4880#page-42 + +=item hex_id + +The long hex id of the key. This is not the fingerprint nor +the short hex id, which is 8 hex characters. + +=item creation_date_string + +=item expiration_date_string + +Formatted date of the key's creation and expiration. If the key has +no expiration, expiration_date_string will return undef. + +=item creation_date + +=item expiration_date + +Date of the key's creation and expiration, stored as the number of +seconds since midnight 1970-01-01 UTC. If the key has no expiration, +expiration_date will return undef. + +=item fingerprint + +A GnuPG::Fingerprint object. + +=item signatures + +A list of GnuPG::Signature objects embodying the signatures on this +key. For subkeys, the signatures are usually subkey-binding +signatures. For primary keys, the signatures are statements about the +key itself. + +=item revocations + +A list of revocations associated with this key, stored as +GnuPG::Signature objects (since revocations are a type of +certification as well). Note that a revocation of a primary key has a +different semantic meaning than a revocation associated with a subkey. + +=item revokers + +A list of GnuPG::Revoker objects associated with this key, indicating +other keys which are allowed to revoke certifications made by this +key. + +=back + +=head1 SEE ALSO + +L, +L, +L, + +=cut diff --git a/lib/GnuPG/Options.pm b/lib/GnuPG/Options.pm new file mode 100644 index 0000000..86261a0 --- /dev/null +++ b/lib/GnuPG/Options.pm @@ -0,0 +1,363 @@ +# Options.pm +# - providing an object-oriented approach to GnuPG's options +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: Options.pm,v 1.14 2001/08/21 13:31:50 ftobin Exp $ +# + +package GnuPG::Options; +use Moo; +use MooX::late; +use MooX::HandlesVia; +with qw(GnuPG::HashInit); + +use constant BOOLEANS => qw( + armor + no_greeting + verbose + no_verbose + quiet + batch + always_trust + rfc1991 + openpgp + force_v3_sigs + no_options + textmode + meta_pgp_5_compatible + meta_pgp_2_compatible + meta_interactive +); + +use constant SCALARS => qw( + homedir + default_key + comment + status_fd + logger_fd + passphrase_fd + command_fd + compress_algo + options + meta_signing_key + meta_signing_key_id +); + +use constant LISTS => qw( + encrypt_to + recipients + meta_recipients_keys + meta_recipients_key_ids + extra_args +); + +has $_ => ( + isa => 'Bool', + is => 'rw', + clearer => 'clear_' . $_, +) for BOOLEANS; + +has $_ => ( + isa => 'Any', + is => 'rw', + clearer => 'clear_' . $_, +) for SCALARS; + +for my $list (LISTS) { + my $ref = $list . "_ref"; + has $ref => ( + handles_via => 'Array', + is => 'rw', + lazy => 1, + clearer => "clear_$list", + default => sub { [] }, + handles => { + "push_$list" => 'push', + }, + ); + + no strict 'refs'; + *{$list} = sub { + my $self = shift; + return wantarray ? @{$self->$ref(@_)} : $self->$ref(@_); + }; +} + +sub BUILD { + my ( $self, $args ) = @_; + $self->hash_init( meta_interactive => 1 ); + $self->hash_init(%$args); +} + +sub copy { + my ($self) = @_; + + my $new = ( ref $self )->new(); + + foreach my $field ( BOOLEANS, SCALARS, LISTS ) { + my $value = $self->$field(); + next unless defined $value; + $new->$field($value); + } + + return $new; +} + +sub get_args { + my ($self) = @_; + + return ( + $self->get_meta_args(), + $self->get_option_args(), + $self->extra_args(), + ); +} + +sub get_option_args { + my ($self) = @_; + + my @args = (); + + push @args, '--homedir', $self->homedir() if $self->homedir(); + push @args, '--options', $self->options() if $self->options(); + push @args, '--no-options' if $self->no_options(); + push @args, '--armor' if $self->armor(); + push @args, '--textmode' if $self->textmode(); + push @args, '--default-key', $self->default_key() if $self->default_key(); + push @args, '--no-greeting' if $self->no_greeting(); + push @args, '--verbose' if $self->verbose(); + push @args, '--no-verbose' if $self->no_verbose(); + push @args, '--quiet' if $self->quiet(); + push @args, '--batch' if $self->batch(); + push @args, '--trust-model=always' if $self->always_trust(); + push @args, '--comment', $self->comment() if defined $self->comment(); + push @args, '--force-v3-sigs' if $self->force_v3_sigs(); + push @args, '--rfc1991' if $self->rfc1991; + push @args, '--openpgp' if $self->openpgp(); + push @args, '--compress-algo', $self->compress_algo() + if defined $self->compress_algo(); + + push @args, '--status-fd', $self->status_fd() + if defined $self->status_fd(); + push @args, '--logger-fd', $self->logger_fd() + if defined $self->logger_fd(); + push @args, '--passphrase-fd', $self->passphrase_fd() + if defined $self->passphrase_fd(); + push @args, '--command-fd', $self->command_fd() + if defined $self->command_fd(); + + push @args, map { ( '--recipient', $_ ) } $self->recipients(); + push @args, map { ( '--encrypt-to', $_ ) } $self->encrypt_to(); + + return @args; +} + +sub get_meta_args { + my ($self) = @_; + + my @args = (); + + push @args, '--compress-algo', 1, '--force-v3-sigs' + if $self->meta_pgp_5_compatible(); + push @args, '--rfc1991' if $self->meta_pgp_2_compatible(); + push @args, '--batch', '--no-tty' if not $self->meta_interactive(); + + # To eliminate confusion, we'll move to having any options + # that deal with keys end in _id(s) if they only take + # an id; otherwise we assume that a GnuPG::Key + push @args, '--default-key', $self->meta_signing_key_id() + if $self->meta_signing_key_id(); + push @args, '--default-key', $self->meta_signing_key()->hex_id() + if $self->meta_signing_key(); + + push @args, + map { ( '--recipient', $_ ) } $self->meta_recipients_key_ids(); + push @args, + map { ( '--recipient', $_->hex_id() ) } $self->meta_recipients_keys(); + + return @args; +} + +1; + +__END__ + +=head1 NAME + +GnuPG::Options - GnuPG options embodiment + +=head1 SYNOPSIS + + # assuming $gnupg is a GnuPG::Interface object + $gnupg->options->armor( 1 ); + $gnupg->options->push_recipients( 'ftobin', '0xABCD1234' ); + +=head1 DESCRIPTION + +GnuPG::Options objects are generally not instantiated on their +own, but rather as part of a GnuPG::Interface object. + +=head1 OBJECT METHODS + +=over 4 + +=item new( I<%initialization_args> ) + +This methods creates a new object. The optional arguments are +initialization of data members. + +=item hash_init( I<%args> ). + + +=item copy + +Returns a copy of this object. Useful for 'saving' options. + +=item get_args + +Returns a list of arguments to be passed to GnuPG based +on data members which are 'meta_' options, regular options, +and then I, in that order. + +=back + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item homedir + +=item armor + +=item textmode + +=item default_key + +=item no_greeting + +=item verbose + +=item no_verbose + +=item quiet + +=item batch + +=item always_trust + +=item comment + +=item status_fd + +=item logger_fd + +=item passphrase_fd + +=item compress_algo + +=item force_v3_sigs + +=item rfc1991 + +=item openpgp + +=item options + +=item no_options + +=item encrypt_to + +=item recipients + +=back + +These options correlate directly to many GnuPG options. For those that +are boolean to GnuPG, simply that argument is passed. For those +that are associated with a scalar, that scalar is passed passed +as an argument appropriate. For those that can be specified more +than once, such as B, those are considered lists +and passed accordingly. Each are undefined or false to begin. + +=head2 Meta Options + +Meta options are those which do not correlate directly to any +option in GnuPG, but rather are generally a bundle of options +used to accomplish a specific goal, such as obtaining +compatibility with PGP 5. The actual arguments each of these +reflects may change with time. Each defaults to false unless +otherwise specified. + +These options are being designed and to provide a non-GnuPG-specific +abstraction, to help create compatibility with a possible +PGP::Interface module. + +To help avoid confusion, methods with take a form of a key as +an object shall be prepended with I<_id(s)> if they only +take an id; otherwise assume an object of type GnuPG::Key +is required. + +=over 4 + +=item meta_pgp_5_compatible + +If true, arguments are generated to try to be compatible with PGP 5.x. + +=item meta_pgp_2_compatible + +If true, arguments are generated to try to be compatible with PGP 2.x. + +=item meta_interactive + +If false, arguments are generated to try to help the using program +use GnuPG in a non-interactive environment, such as CGI scripts. +Default is true. + +=item meta_signing_key_id + +This scalar reflects the key used to sign messages. +Currently this is synonymous with I. + +=item meta_signing_key + +This GnuPG::Key object reflects the key used to sign messages. + +=item meta_recipients_key_ids + +This list of scalar key ids are used to generate the +appropriate arguments having these keys as recipients. + +=item meta_recipients_keys + +This list of keys of the type GnuPG::Key are used to generate the +appropriate arguments having these keys as recipients. +You probably want to have this list be of the inherited class +GnuPG::SubKey, as in most instances, OpenPGP keypairs have +the encyrption key as the subkey of the primary key, which is +used for signing. + +=back + +=head2 Other Data Members + +=over 4 + +=item extra_args + +This is a list of any other arguments used to pass to GnuPG. +Useful to pass an argument not yet covered in this package. + +=back + +=head1 SEE ALSO + +L, + +=cut diff --git a/lib/GnuPG/PrimaryKey.pm b/lib/GnuPG/PrimaryKey.pm new file mode 100644 index 0000000..3776588 --- /dev/null +++ b/lib/GnuPG/PrimaryKey.pm @@ -0,0 +1,145 @@ +# PrimaryKey.pm +# - objectified GnuPG primary keys (can have subkeys) +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: PrimaryKey.pm,v 1.4 2001/09/14 12:34:36 ftobin Exp $ +# + +package GnuPG::PrimaryKey; +use Moo; +use MooX::late; +use MooX::HandlesVia; + +BEGIN { extends qw( GnuPG::Key ) } + +for my $list (qw(user_ids subkeys user_attributes)) { + my $ref = $list . "_ref"; + has $ref => ( + handles_via => 'Array', + is => 'rw', + default => sub { [] }, + handles => { + "push_$list" => 'push', + }, + ); + + no strict 'refs'; + *{$list} = sub { + my $self = shift; + return wantarray ? @{$self->$ref(@_)} : $self->$ref(@_); + }; +} + +has $_ => ( + isa => 'Any', + is => 'rw', + clearer => 'clear_' . $_, +) for qw( local_id owner_trust ); + + +sub compare { + my ($self, $other, $deep) = @_; + + # not comparing local_id because it is meaningless in modern + # versions of GnuPG. + my @comparison_fields = qw ( + owner_trust + ); + + foreach my $field (@comparison_fields) { + return 0 unless $self->$field eq $other->$field; + } + + if (defined $deep && $deep) { + my @lists = qw( + user_ids + subkeys + user_attributes + ); + + foreach my $list (@lists) { + return 0 unless @{$self->$list} == @{$other->$list}; + for ( my $i = 0; $i < scalar(@{$self->$list}); $i++ ) { + return 0 + unless $self->$list->[$i]->compare($other->$list->[$i], 1); + } + } + } + + return $self->SUPER::compare($other, $deep); +} + +1; + +__END__ + +=head1 NAME + +GnuPG::PrimaryKey - GnuPG Primary Key Objects + +=head1 SYNOPSIS + + # assumes a GnuPG::Interface object in $gnupg + my @keys = $gnupg->get_public_keys( 'ftobin' ); + + # or + + my @keys = $gnupg->get_secret_keys( 'ftobin' ); + + # now GnuPG::PrimaryKey objects are in @keys + +=head1 DESCRIPTION + +GnuPG::PrimaryKey objects are generally instantiated +as GnuPG::PublicKey or GnuPG::SecretKey objects +through various methods of GnuPG::Interface. +They embody various aspects of a GnuPG primary key. + +This package inherits data members and object methods +from GnuPG::Key, which is not described here, but rather +in L. + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item user_ids + +A list of GnuPG::UserId objects associated with this key. + +=item user_attributes + +A list of GnuPG::UserAttribute objects associated with this key. + +=item subkeys + +A list of GnuPG::SubKey objects associated with this key. + +=item local_id + +WARNING: DO NOT USE. This used to mean GnuPG's local id for the key, +but modern versions of GnuPG do not produce it. Expect this to be the +empty string or undef. + +=item owner_trust + +The scalar value GnuPG reports as the ownertrust for this key. +See GnuPG's DETAILS file for details. + +=back + +=head1 SEE ALSO + +L, +L, +L, + +=cut diff --git a/lib/GnuPG/PublicKey.pm b/lib/GnuPG/PublicKey.pm new file mode 100644 index 0000000..62a7963 --- /dev/null +++ b/lib/GnuPG/PublicKey.pm @@ -0,0 +1,53 @@ +# PublicKey.pm +# - providing an object-oriented approach to GnuPG public keys +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: PublicKey.pm,v 1.9 2001/09/14 12:34:36 ftobin Exp $ +# + +package GnuPG::PublicKey; +use Moo; + +BEGIN { extends qw( GnuPG::PrimaryKey ) } + +1; + +__END__ + +=head1 NAME + +GnuPG::PublicKey - GnuPG Public Key Objects + +=head1 SYNOPSIS + + # assumes a GnuPG::Interface object in $gnupg + my @keys = $gnupg->get_public_keys( 'ftobin' ); + + # now GnuPG::PublicKey objects are in @keys + +=head1 DESCRIPTION + +GnuPG::PublicKey objects are generally instantiated +through various methods of GnuPG::Interface. +They embody various aspects of a GnuPG public key. + +This package inherits data members and object methods +from GnuPG::PrimaryKey, which is not described here, but rather +in L. + +Currently, this package is functionally no different +from GnuPG::PrimaryKey. + +=head1 SEE ALSO + +L, + +=cut diff --git a/lib/GnuPG/Revoker.pm b/lib/GnuPG/Revoker.pm new file mode 100644 index 0000000..0bd79dd --- /dev/null +++ b/lib/GnuPG/Revoker.pm @@ -0,0 +1,157 @@ +# Revoker.pm +# - providing an object-oriented approach to GnuPG key revokers +# +# Copyright (C) 2010 Daniel Kahn Gillmor +# (derived from Signature.pm, Copyright (C) 2000 Frank J. Tobin ) +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: Signature.pm,v 1.4 2001/08/21 13:31:50 ftobin Exp $ +# + +package GnuPG::Revoker; +use Moo; +use MooX::late; + +has [qw( + algo_num + class + )] => ( + isa => 'Int', + is => 'rw', +); + +has fingerprint => ( + isa => 'GnuPG::Fingerprint', + is => 'rw', + ); + +has signatures => ( + isa => 'ArrayRef', + is => 'rw', + default => sub { [] }, +); + +sub push_signatures { + my $self = shift; + push @{ $self->signatures }, @_; +} + +sub is_sensitive { + my $self = shift; + return $self->class & 0x40; +} + +sub compare { + my ( $self, $other, $deep ) = @_; + + my @comparison_ints = qw( class algo_num ); + + foreach my $field ( @comparison_ints ) { + return 0 unless $self->$field() == $other->$field(); + } + + return 0 unless $self->fingerprint->compare($other->fingerprint); + + # FIXME: is it actually wrong if the associated signatures come out + # in a different order on the two compared designated revokers? + if (defined $deep && $deep) { + return 0 unless @{$self->signatures} == @{$other->signatures}; + for ( my $i = 0; $i < scalar(@{$self->signatures}); $i++ ) { + return 0 + unless $self->signatures->[$i]->compare($other->signatures->[$i], 1); + } + } + + return 1; +} + +1; + +__END__ + +=head1 NAME + +GnuPG::Revoker - GnuPG Key Revoker Objects + +=head1 SYNOPSIS + + # assumes a GnuPG::PrimaryKey object in $key + my $revokerfpr = $key->revokers->[0]->fingerprint(); + +=head1 DESCRIPTION + +GnuPG::Revoker objects are generally not instantiated on their own, +but rather as part of GnuPG::Key objects. They represent a statement +that another key is designated to revoke certifications made by the +key in question. + +=head1 OBJECT METHODS + +=over 4 + +=item new( I<%initialization_args> ) + +This methods creates a new object. The optional arguments are +initialization of data members. + +=item is_sensitive() + +Returns 0 if the revoker information can be freely distributed. +If this is non-zero, the information should be treated as "sensitive". + +Please see http://tools.ietf.org/html/rfc4880#section-5.2.3.15 for +more explanation. + +=item compare( I<$other>, I<$deep> ) + +Returns non-zero only when this designated revoker is identical to the +other GnuPG::Revoker. If $deep is present and non-zero, the revokers' +signatures will also be compared. + + +=back + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item fingerprint + +A GnuPG::Fingerprint object indicating the fingerprint of the +specified revoking key. (Note that this is *not* the fingerprint of +the key whose signatures can be revoked by this revoker). + +=item algo_num + +The numeric identifier of the algorithm of the revoker's key. + +=item signatures + +A list of GnuPG::Signature objects which cryptographically bind the +designated revoker to the primary key. If the material was +instantiated using the *_with_sigs() functions from GnuPG::Interface, +then a valid revoker designation should have a valid signature +associated with it from the relevant key doing the designation (not +from the revoker's key). + +Note that designated revoker certifications are themselves +irrevocable, so there is no analogous list of revocations in a +GnuPG::Revoker object. + +=back + +=head1 SEE ALSO + +L, +L, +L, +L, +L + +=cut diff --git a/lib/GnuPG/SecretKey.pm b/lib/GnuPG/SecretKey.pm new file mode 100644 index 0000000..eead427 --- /dev/null +++ b/lib/GnuPG/SecretKey.pm @@ -0,0 +1,53 @@ +# SecretKey.pm +# - providing an object-oriented approach to GnuPG secret keys +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: SecretKey.pm,v 1.9 2001/09/14 12:34:36 ftobin Exp $ +# + +package GnuPG::SecretKey; +use Moo; + +BEGIN { extends qw( GnuPG::PrimaryKey ) } + +1; + +__END__ + +=head1 NAME + +GnuPG::SecretKey - GnuPG Secret Key Objects + +=head1 SYNOPSIS + + # assumes a GnuPG::Interface object in $gnupg + my @keys = $gnupg->get_secret_keys( 'ftobin' ); + + # now GnuPG::SecretKey objects are in @keys + +=head1 DESCRIPTION + +GnuPG::SecretKey objects are generally instantiated +through various methods of GnuPG::Interface. +They embody various aspects of a GnuPG secret key. + +This package inherits data members and object methods +from GnuPG::PrimaryKey, which is described here, but rather +in L. + +Currently, this package is functionally no different +from GnuPG::PrimaryKey. + +=head1 SEE ALSO + +L, + +=cut diff --git a/lib/GnuPG/Signature.pm b/lib/GnuPG/Signature.pm new file mode 100644 index 0000000..5020bb7 --- /dev/null +++ b/lib/GnuPG/Signature.pm @@ -0,0 +1,169 @@ +# Signature.pm +# - providing an object-oriented approach to GnuPG key signatures +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: Signature.pm,v 1.4 2001/08/21 13:31:50 ftobin Exp $ +# + +package GnuPG::Signature; +use Moo; +use MooX::late; + +has [qw( + validity + algo_num + hex_id + user_id_string + date + date_string + expiration_date + expiration_date_string + sig_class + is_exportable + )] => ( + isa => 'Any', + is => 'rw', +); + +sub is_valid { + my $self = shift; + return $self->validity eq '!'; +} + +sub compare { + my ($self, $other) = @_; + + my @compared_fields = qw( + validity + algo_num + hex_id + date + date_string + sig_class + is_exportable + ); + + foreach my $field ( @compared_fields ) { + return 0 unless $self->$field eq $other->$field; + } + # check for expiration if present? + return 0 unless (defined $self->expiration_date) == (defined $other->expiration_date); + if (defined $self->expiration_date) { + return 0 unless (($self->expiration_date == $other->expiration_date) || + ($self->expiration_date_string eq $other->expiration_date_string)); + } + return 1; +} + +1; + +__END__ + +=head1 NAME + +GnuPG::Signature - GnuPG Key Signature Objects + +=head1 SYNOPSIS + + # assumes a GnuPG::Key or GnuPG::UserID or GnuPG::UserAttribute object in $signed + my $signing_id = $signed->signatures->[0]->hex_id(); + +=head1 DESCRIPTION + +GnuPG::Signature objects are generally not instantiated +on their own, but rather as part of GnuPG::Key objects. +They embody various aspects of a GnuPG signature on a key. + +=head1 OBJECT METHODS + +=over 4 + +=item new( I<%initialization_args> ) + +This methods creates a new object. The optional arguments are +initialization of data members. + +=item is_valid() + +Returns 1 if GnuPG was able to cryptographically verify the signature, +otherwise 0. + +=item compare( I<$other> ) + +Returns non-zero only when this Signature is identical to the other +GnuPG::Signature. + +=back + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item validity + +A character indicating the cryptographic validity of the key. GnuPG +uses at least the following characters: "!" means valid, "-" means not +valid, "?" means unknown (e.g. if the supposed signing key is not +present in the local keyring), and "%" means an error occurred (e.g. a +non-supported algorithm). See the documentation for --check-sigs in +gpg(1). + +=item algo_num + +The number of the algorithm used for the signature. + +=item hex_id + +The hex id of the signing key. + +=item user_id_string + +The first user id string on the key that made the signature. +This may not be defined if the signing key is not on the local keyring. + +=item sig_class + +Signature class. This is the numeric value of the class of signature. + +A table of possible classes of signatures and their numeric types can +be found at http://tools.ietf.org/html/rfc4880#section-5.2.1 + +=item is_exportable + +returns 0 for local-only signatures, non-zero for exportable +signatures. + +=item date_string + +The formatted date the signature was performed on. + +=item date + +The date the signature was performed, represented as the number of +seconds since midnight 1970-01-01 UTC. + +=item expiration_date_string + +The formatted date the signature will expire (signatures without +expiration return undef). + +=item expiration_date + +The date the signature will expire, represented as the number of +seconds since midnight 1970-01-01 UTC (signatures without expiration +return undef) + +=back + +=head1 SEE ALSO + + +=cut diff --git a/lib/GnuPG/SubKey.pm b/lib/GnuPG/SubKey.pm new file mode 100644 index 0000000..f5d7872 --- /dev/null +++ b/lib/GnuPG/SubKey.pm @@ -0,0 +1,107 @@ +# SubKey.pm +# - providing an object-oriented approach to GnuPG sub keys +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: SubKey.pm,v 1.9 2001/09/14 12:34:36 ftobin Exp $ +# + +package GnuPG::SubKey; +use Carp; +use Moo; +use MooX::late; +BEGIN { extends qw( GnuPG::Key ) } + +has [qw( validity owner_trust local_id )] => ( + isa => 'Any', + is => 'rw', +); + +# DEPRECATED! +# return the last signature, if present. Or push in a new signature, +# if one is supplied. +sub signature { + my $self = shift; + my $argcount = @_; + + if ($argcount) { + @{$self->signatures} = (); + $self->push_signatures(@_); + } else { + my $sigcount = @{$self->signatures}; + if ($sigcount) { + return $self->signatures->[$sigcount-1]; + } else { + return undef; + } + } +} + +1; + +__END__ + +=head1 NAME + +GnuPG::SubKey - GnuPG Sub Key objects + +=head1 SYNOPSIS + + # assumes a GnuPG::PublicKey object in $key + my @subkeys = $key->subkeys(); + + # now GnuPG::SubKey objects are in @subkeys + +=head1 DESCRIPTION + +GnuPG::SubKey objects are generally instantiated +through various methods of GnuPG::Interface. +They embody various aspects of a GnuPG sub key. + +This package inherits data members and object methods +from GnuPG::Key, which are not described here, but rather +in L. + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item validity + +A scalar holding the value GnuPG reports for the trust of authenticity +(a.k.a.) validity of a key. +See GnuPG's DETAILS file for details. + +=item local_id + +GnuPG's local id for the key. + +=item owner_trust + +The scalar value GnuPG reports as the ownertrust for this key. +See GnuPG's DETAILS file for details. + +=item signature + +* DEPRECATED* + +A GnuPG::Signature object holding the representation of the signature +on this key. Please use signatures (see L) instead of +signature. Using signature, you will get an arbitrary signature from +the set of available signatures. + +=back + +=head1 SEE ALSO + +L, +L, + +=cut diff --git a/lib/GnuPG/UserAttribute.pm b/lib/GnuPG/UserAttribute.pm new file mode 100644 index 0000000..ddc7ead --- /dev/null +++ b/lib/GnuPG/UserAttribute.pm @@ -0,0 +1,118 @@ +# UserAttribute.pm +# - providing an object-oriented approach to GnuPG user attributes +# +# Copyright (C) 2010 Daniel Kahn Gillmor +# (derived from UserId.pm, Copyright (C) 2000 Frank J. Tobin ) +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: UserId.pm,v 1.7 2001/08/21 13:31:50 ftobin Exp $ +# + +package GnuPG::UserAttribute; +use Moo; +use MooX::late; + +has [qw( validity subpacket_count subpacket_total_size )] => ( + isa => 'Any', + is => 'rw', +); + +has signatures => ( + isa => 'ArrayRef', + is => 'rw', + default => sub { [] }, +); +has revocations => ( + isa => 'ArrayRef', + is => 'rw', + default => sub { [] }, +); + +sub push_signatures { + my $self = shift; + push @{ $self->signatures }, @_; +} +sub push_revocations { + my $self = shift; + push @{ $self->revocations }, @_; +} + +1; + +__END__ + +=head1 NAME + +GnuPG::UserAttribute - GnuPG User Attribute Objects + +=head1 SYNOPSIS + + # assumes a GnuPG::PublicKey object in $publickey + my $jpgs_size = $publickey->user_attributes->[0]->subpacket_total_size(); + +=head1 DESCRIPTION + +GnuPG::UserAttribute objects are generally not instantiated on their +own, but rather as part of GnuPG::PublicKey or GnuPG::SecretKey +objects. + +=head1 OBJECT METHODS + +=over 4 + +=item new( I<%initialization_args> ) + +This methods creates a new object. The optional arguments are +initialization of data members; + +=back + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item validity + +A scalar holding the value GnuPG reports for the calculated validity +of the binding between this User Attribute packet and its associated +primary key. See GnuPG's DETAILS file for details. + +=item subpacket_count + +A scalar holding the number of attribute subpackets. This is usually +1, as most UATs seen in the wild contain a single image in JPEG +format. + +=item subpacket_total_size + +A scalar holding the total byte count of all attribute subpackets. + +=item signatures + +A list of GnuPG::Signature objects embodying the signatures +on this user attribute. + +=item revocations + +A list of revocations associated with this User Attribute, stored as +GnuPG::Signature objects (since revocations are a type of +certification as well). + +=back + +=head1 BUGS + +No useful information about the embedded attributes is provided yet. +It would be nice to be able to get ahold of the raw JPEG material. + +=head1 SEE ALSO + +L, + +=cut diff --git a/lib/GnuPG/UserId.pm b/lib/GnuPG/UserId.pm new file mode 100644 index 0000000..8c4124f --- /dev/null +++ b/lib/GnuPG/UserId.pm @@ -0,0 +1,148 @@ +# UserId.pm +# - providing an object-oriented approach to GnuPG user ids +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: UserId.pm,v 1.7 2001/08/21 13:31:50 ftobin Exp $ +# + +package GnuPG::UserId; +use Moo; +use MooX::late; + +has [qw( validity as_string )] => ( + isa => 'Any', + is => 'rw', +); + +has signatures => ( + isa => 'ArrayRef', + is => 'rw', + default => sub { [] }, +); +has revocations => ( + isa => 'ArrayRef', + is => 'rw', + default => sub { [] }, +); + +sub push_signatures { + my $self = shift; + push @{ $self->signatures }, @_; +} +sub push_revocations { + my $self = shift; + push @{ $self->revocations }, @_; +} + +sub compare { + my ( $self, $other, $deep ) = @_; + + my @comparison_ints = qw( validity as_string ); + + foreach my $field ( @comparison_ints ) { + return 0 unless $self->$field() eq $other->$field(); + } + + return 0 unless @{$self->signatures} == @{$other->signatures}; + return 0 unless @{$self->revocations} == @{$other->revocations}; + + # FIXME: is it actually wrong if the associated signatures come out + # in a different order on the two compared designated revokers? + if (defined $deep && $deep) { + for ( my $i = 0; $i < scalar(@{$self->signatures}); $i++ ) { + return 0 + unless $self->signatures->[$i]->compare($other->signatures->[$i], 1); + } + for ( my $i = 0; $i < scalar(@{$self->revocations}); $i++ ) { + return 0 + unless $self->revocations->[$i]->compare($other->revocations->[$i], 1); + } + } + + return 1; +} + + +# DEPRECATED +sub user_id_string { + my ( $self, $v ) = @_; + $self->as_string($v) if defined $v; + return $self->as_string(); +} + +1; + +__END__ + +=head1 NAME + +GnuPG::UserId - GnuPG User ID Objects + +=head1 SYNOPSIS + + # assumes a GnuPG::PublicKey object in $publickey + my $user_id = $publickey->user_ids_ref->[0]->as_string; + +=head1 DESCRIPTION + +GnuPG::UserId objects are generally not instantiated on their +own, but rather as part of GnuPG::PublicKey or GnuPG::SecretKey +objects. + +=head1 OBJECT METHODS + +=over 4 + +=item new( I<%initialization_args> ) + +This methods creates a new object. The optional arguments are +initialization of data members; + +=item compare( I<$other>, I<$deep> ) + +Returns non-zero only when this User ID is identical to the other +GnuPG::UserID. If $deep is present and non-zero, the User ID's +signatures and revocations will also be compared. + +=back + +=head1 OBJECT DATA MEMBERS + +=over 4 + +=item as_string + +A string of the user id. + +=item validity + +A scalar holding the value GnuPG reports for the trust of authenticity +(a.k.a.) validity of a key. +See GnuPG's DETAILS file for details. + +=item signatures + +A list of GnuPG::Signature objects embodying the signatures +on this user id. + +=item revocations + +A list of revocations associated with this User ID, stored as +GnuPG::Signature objects (since revocations are a type of +certification as well). + +=back + +=head1 SEE ALSO + +L, + +=cut diff --git a/t/Fingerprint.t b/t/Fingerprint.t new file mode 100644 index 0000000..bdf60c9 --- /dev/null +++ b/t/Fingerprint.t @@ -0,0 +1,29 @@ +#!/usr/bin/perl -w +# +# $Id: Fingerprint.t,v 1.1 2001/04/30 01:36:12 ftobin Exp $ +# + +use strict; + +use lib './t'; +use MyTest; + +use GnuPG::Fingerprint; + +my $v1 = '5A29DAE3649ACCA7BF59A67DBAED721F334C9V14'; +my $v2 = '4F863BBBA8166F0A340F600356FFD10A260C4FA3'; + +my $fingerprint = GnuPG::Fingerprint->new( as_hex_string => $v1 ); + +# deprecation test +TEST +{ + $fingerprint->hex_data() eq $v1; +}; + +# deprecation test +TEST +{ + $fingerprint->hex_data( $v2 ); + $fingerprint->as_hex_string() eq $v2; +}; diff --git a/t/Interface.t b/t/Interface.t new file mode 100644 index 0000000..6d97956 --- /dev/null +++ b/t/Interface.t @@ -0,0 +1,29 @@ +#!/usr/bin/perl -w +# +# $Id: Interface.t,v 1.1 2001/04/30 02:04:25 ftobin Exp $ +# + +use strict; + +use lib './t'; +use MyTest; + +use GnuPG::Interface; + +my $v1 = 'gpg'; +my $v2 = 'gnupg'; + +my $gnupg = GnuPG::Interface->new( call => $v1 ); + +# deprecation test +TEST +{ + $gnupg->gnupg_call() eq $v1; +}; + +# deprecation test +TEST +{ + $gnupg->gnupg_call( $v2 ); + $gnupg->call() eq $v2; +}; diff --git a/t/MyTest.pm b/t/MyTest.pm new file mode 100644 index 0000000..235d729 --- /dev/null +++ b/t/MyTest.pm @@ -0,0 +1,63 @@ +# MyTest.pm +# - module for use with test scripts +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: MyTest.pm,v 1.3 2001/08/21 13:31:50 ftobin Exp $ +# + +package MyTest; + +use strict; +use English qw( -no_match_vars ); +use Exporter; +use IO::File; +use vars qw( @ISA @EXPORT ); + +@ISA = qw( Exporter ); +@EXPORT = qw( TEST ); + +$OUTPUT_AUTOFLUSH = 1; + +print "1..", COUNT_TESTS(), "\n"; + +my $counter = 0; + +sub TEST ( & ) +{ + my ( $code ) = @_; + + $counter++; + + &$code or print "not "; + print "ok $counter\n"; +} + + +sub COUNT_TESTS +{ + my ( $file ) = @_; + $file ||= $PROGRAM_NAME; + + my $tests = 0; + + my $in = IO::File->new( $file ); + + while ( $_ = $in->getline() ) + { + $tests++ + if /^\s*TEST\s*/; + } + + return $tests; +} + + +1; diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm new file mode 100644 index 0000000..053b749 --- /dev/null +++ b/t/MyTestSpecific.pm @@ -0,0 +1,127 @@ +# MyTestSpecific.pm +# - module for use with test scripts +# +# Copyright (C) 2000 Frank J. Tobin +# +# This module is free software; you can redistribute it and/or modify it +# under the same terms as Perl itself. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# $Id: MyTestSpecific.pm,v 1.7 2001/08/21 13:31:50 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); +use Fatal qw/ open close /; +use IO::File; +use IO::Handle; +use IO::Seekable; +use File::Compare; +use Exporter; +use Class::Struct; + +use GnuPG::Interface; +use GnuPG::Handles; + +use vars qw( @ISA @EXPORT + $stdin $stdout $stderr + $gpg_program $handles $gnupg + %texts + ); + +@ISA = qw( Exporter ); +@EXPORT = qw( stdin stdout stderr + gnupg_program handles reset_handles + texts file_match + ); + +$gnupg = GnuPG::Interface->new( passphrase => 'test' ); + +$gnupg->options->hash_init( homedir => 'test', + armor => 1, + meta_interactive => 0, + meta_signing_key_id => '0xF950DA9C', + always_trust => 1, + ); + +struct( Text => { fn => "\$", fh => "\$", data => "\$" } ); + +$texts{plain} = Text->new(); +$texts{plain}->fn( 'test/plain.1.txt' ); + +$texts{encrypted} = Text->new(); +$texts{encrypted}->fn( 'test/encrypted.1.gpg' ); + +$texts{signed} = Text->new(); +$texts{signed}->fn( 'test/signed.1.asc' ); + +$texts{key} = Text->new(); +$texts{key}->fn( 'test/key.1.asc' ); + +$texts{temp} = Text->new(); +$texts{temp}->fn( 'test/temp' ); + + +foreach my $name ( qw( plain encrypted signed key ) ) +{ + my $entry = $texts{$name}; + my $filename = $entry->fn(); + my $fh = IO::File->new( $filename ) + or die "cannot open $filename: $ERRNO"; + $entry->data( [ $fh->getlines() ] ); +} + +sub reset_handles +{ + foreach ( $stdin, $stdout, $stderr ) + { + $_ = IO::Handle->new(); + } + + $handles = GnuPG::Handles->new + ( stdin => $stdin, + stdout => $stdout, + stderr => $stderr + ); + + foreach my $name ( qw( plain encrypted signed key ) ) + { + my $entry = $texts{$name}; + my $filename = $entry->fn(); + my $fh = IO::File->new( $filename ) + or die "cannot open $filename: $ERRNO"; + $entry->fh( $fh ); + } + + { + my $entry = $texts{temp}; + my $filename = $entry->fn(); + my $fh = IO::File->new( $filename, 'w' ) + or die "cannot open $filename: $ERRNO"; + $entry->fh( $fh ); + } +} + + + +sub file_match +{ + my ( $orig, @compares ) = @_; + + my $found_match = 0; + + foreach my $file ( @compares ) + { + return 1 + if compare( $file, $orig ) == 0; + } + + return 0; +} + + + +1; diff --git a/t/UserId.t b/t/UserId.t new file mode 100644 index 0000000..1e8124c --- /dev/null +++ b/t/UserId.t @@ -0,0 +1,28 @@ +#!/usr/bin/perl -w +# +# $Id: UserId.t,v 1.1 2001/04/30 01:36:12 ftobin Exp $ +# + +use strict; + +use lib './t'; +use MyTest; +use GnuPG::UserId; + +my $v1 = 'Dekan'; +my $v2 = 'Frank Tobin'; + +my $user_id = GnuPG::UserId->new( as_string => $v1 ); + +# deprecation test +TEST +{ + $user_id->user_id_string() eq $v1; +}; + +# deprecation test +TEST +{ + $user_id->user_id_string( $v2 ); + $user_id->as_string() eq $v2; +}; diff --git a/t/clearsign.t b/t/clearsign.t new file mode 100644 index 0000000..8f27ebc --- /dev/null +++ b/t/clearsign.t @@ -0,0 +1,38 @@ +#!/usr/bin/perl -w +# +# $Id: clearsign.t,v 1.4 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->clearsign( handles => $handles ); + + print $stdin @{ $texts{plain}->data }; + close $stdin; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + $handles->stdin( $texts{plain}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + my $pid = $gnupg->clearsign( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/decrypt.t b/t/decrypt.t new file mode 100644 index 0000000..b2639ed --- /dev/null +++ b/t/decrypt.t @@ -0,0 +1,60 @@ +#!/usr/bin/perl -w +# +# $Id: decrypt.t,v 1.4 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); +use File::Compare; + +use lib './t'; +use MyTest; +use MyTestSpecific; + +my $compare; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->decrypt( handles => $handles ); + + print $stdin @{ $texts{encrypted}->data() }; + close $stdin; + + $compare = compare( $texts{plain}->fn(), $stdout ); + close $stdout; + waitpid $pid, 0; + + return $CHILD_ERROR == 0;; +}; + + +TEST +{ + return $compare == 0; +}; + + +TEST +{ + reset_handles(); + + $handles->stdin( $texts{encrypted}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + + $handles->stdout( $texts{temp}->fh() ); + $handles->options( 'stdout' )->{direct} = 1; + + my $pid = $gnupg->decrypt( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + return compare( $texts{plain}->fn(), $texts{temp}->fn() ) == 0; +}; diff --git a/t/detach_sign.t b/t/detach_sign.t new file mode 100644 index 0000000..f3bde63 --- /dev/null +++ b/t/detach_sign.t @@ -0,0 +1,38 @@ +#!/usr/bin/perl -w +# +# $Id: detach_sign.t,v 1.4 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->detach_sign( handles => $handles ); + + print $stdin @{ $texts{plain}->data() }; + close $stdin; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + $handles->stdin( $texts{plain}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + my $pid = $gnupg->detach_sign( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/encrypt.t b/t/encrypt.t new file mode 100644 index 0000000..3183ac4 --- /dev/null +++ b/t/encrypt.t @@ -0,0 +1,76 @@ +#!/usr/bin/perl -w +# +# $Id: encrypt.t,v 1.4 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + my $pid = $gnupg->wrap_call( + handles => $handles, + commands => ['--update-trustdb'], + ); + waitpid $pid, 0; + return $CHILD_ERROR == 0; +}; + +TEST +{ + reset_handles(); + + $gnupg->options->clear_recipients(); + $gnupg->options->clear_meta_recipients_keys(); + $gnupg->options->push_recipients( '0x2E854A6B' ); + + my $pid = $gnupg->encrypt( handles => $handles ); + + print $stdin @{ $texts{plain}->data() }; + close $stdin; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + my @keys = $gnupg->get_public_keys( '0xF950DA9C' ); + $gnupg->options->clear_recipients(); + $gnupg->options->clear_meta_recipients_keys(); + $gnupg->options->push_meta_recipients_keys( @keys ); + + my $pid = $gnupg->encrypt( handles => $handles ); + + print $stdin @{ $texts{plain}->data() }; + close $stdin; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + $gnupg->options->clear_recipients(); + $gnupg->options->clear_meta_recipients_keys(); + $gnupg->options->push_recipients( '0x2E854A6B' ); + + $handles->stdin( $texts{plain}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + my $pid = $gnupg->encrypt( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/encrypt_symmetrically.t b/t/encrypt_symmetrically.t new file mode 100644 index 0000000..61535ac --- /dev/null +++ b/t/encrypt_symmetrically.t @@ -0,0 +1,39 @@ +#!/usr/bin/perl -w +# +# $Id: encrypt_symmetrically.t,v 1.4 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->encrypt_symmetrically( handles => $handles ); + + print $stdin @{ $texts{plain}->data() }; + close $stdin; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + + +TEST +{ + reset_handles(); + + $handles->stdin( $texts{plain}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + my $pid = $gnupg->encrypt_symmetrically( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/export_keys.t b/t/export_keys.t new file mode 100644 index 0000000..cf5c82b --- /dev/null +++ b/t/export_keys.t @@ -0,0 +1,37 @@ +#!/usr/bin/perl -w +# +# $Id: export_keys.t,v 1.6 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->export_keys( handles => $handles, + command_args => '0xF950DA9C' ); + close $stdin; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + $handles->stdout( $texts{temp}->fh() ); + $handles->options( 'stdout' )->{direct} = 1; + + my $pid = $gnupg->export_keys( handles => $handles, + command_args => '0xF950DA9C' ); + waitpid $pid, 0; + return $CHILD_ERROR == 0; +}; diff --git a/t/get_public_keys.t b/t/get_public_keys.t new file mode 100644 index 0000000..53db021 --- /dev/null +++ b/t/get_public_keys.t @@ -0,0 +1,222 @@ +#!/usr/bin/perl -w +# +# $Id: get_public_keys.t,v 1.9 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +use GnuPG::PrimaryKey; +use GnuPG::SubKey; + +my ( $given_key, $handmade_key ); + +TEST +{ + reset_handles(); + + my @returned_keys = $gnupg->get_public_keys_with_sigs( '0xF950DA9C' ); + + return 0 unless @returned_keys == 1; + + $given_key = shift @returned_keys; + + my $pubkey_data = [ + Math::BigInt->from_hex('0x'. + '88FCAAA5BCDCD52084D46143F44ED1715A339794641158DE03AA2092AFD3174E3DCA2CB7DF2DDC6FEDF7C3620F5A8BDAD06713E6153F8748DD76CB97305F30CBA8F8801DB47FAC11EED725F55672CB9BDAD629178A677CBB089B3E8AE0D9A9AD7741697A35F2868C62D25670994A92D810480173DC24263EEA0F103A43C0B64B'), + Math::BigInt->from_hex('0x'. + '8F2A3842C70FF17660CBB78C78FC93F534AB9A17'), + Math::BigInt->from_hex('0x'. + '83E348C2AA65F56DE84E8FDCE6DA7B0991B1C75EC8CA446FA85869A43350907BFF36BE512385E8E7E095578BB2138C04E318495873218286DE2B8C86F36EA670135434967AC798EBA28581F709F0C6B696EB512D3E561E381A06E4B5239BCC655015F9A926C74E4B859B26EAD604F208A556511A76A40EDCD9C38E6BD82CCCB4'), + Math::BigInt->from_hex('0x'. + '80DE04C85E30C9D62C13F90CFF927A84A5A59D0900B3533D4D6193FEF8C5DAEF9FF8A7D5F76B244FBC17644F50D524E0B19CD3A4B5FC2D78DAECA3FE58FA1C1A64E6C7B96C4EE618173543163A72EF954DFD593E84342699096E9CA76578AC1DE3D893BCCD0BF470CEF625FAF816A0F503EF75C18C6173E35C8675AF919E5704') + ]; + + $handmade_key = GnuPG::PrimaryKey->new + ( length => 1024, + algo_num => 17, + hex_id => '53AE596EF950DA9C', + creation_date => 949813093, + creation_date_string => '2000-02-06', + owner_trust => '-', + usage_flags => 'scaESCA', + pubkey_data => $pubkey_data, + ); + + $handmade_key->fingerprint + ( GnuPG::Fingerprint->new( as_hex_string => + '93AFC4B1B0288A104996B44253AE596EF950DA9C', + ) + ); + + + my $uid0 = GnuPG::UserId->new( as_string => 'GnuPG test key (for testing purposes only)', + validity => '-'); + $uid0->push_signatures( + GnuPG::Signature->new( + date => 1177086597, + algo_num => 17, + is_exportable => 1, + user_id_string => 'GnuPG test key (for testing purposes only)', + date_string => '2007-04-20', + hex_id => '53AE596EF950DA9C', + sig_class => 0x13, + validity => '!'), + GnuPG::Signature->new( + date => 953180097, + algo_num => 17, + is_exportable => 1, + user_id_string => 'Frank J. Tobin ', + date_string => '2000-03-16', + hex_id => '56FFD10A260C4FA3', + sig_class => 0x10, + validity => '!'), + GnuPG::Signature->new( + date => 949813093, + algo_num => 17, + is_exportable => 1, + user_id_string => 'GnuPG test key (for testing purposes only)', + date_string => '2000-02-06', + hex_id => '53AE596EF950DA9C', + sig_class => 0x13, + validity => '!')); + + my $uid1 = GnuPG::UserId->new( as_string => 'Foo Bar (1)', + validity => '-'); + $uid1->push_signatures( + GnuPG::Signature->new( + date => 1177086330, + algo_num => 17, + is_exportable => 1, + user_id_string => 'GnuPG test key (for testing purposes only)', + date_string => '2007-04-20', + hex_id => '53AE596EF950DA9C', + sig_class => 0x13, + validity => '!'), + GnuPG::Signature->new( + date => 953180103, + algo_num => 17, + is_exportable => 1, + user_id_string => 'Frank J. Tobin ', + date_string => '2000-03-16', + hex_id => '56FFD10A260C4FA3', + sig_class => 0x10, + validity => '!'), + GnuPG::Signature->new( + date => 953179891, + algo_num => 17, + is_exportable => 1, + user_id_string => 'GnuPG test key (for testing purposes only)', + date_string => '2000-03-16', + hex_id => '53AE596EF950DA9C', + sig_class => 0x13, + validity => '!')); + + + + $handmade_key->push_user_ids($uid0, $uid1); + + my $subkey_signature = GnuPG::Signature->new + ( validity => '!', + algo_num => 17, + hex_id => '53AE596EF950DA9C', + date => 1177086380, + date_string => '2007-04-20', + user_id_string => 'GnuPG test key (for testing purposes only)', + sig_class => 0x18, + is_exportable => 1, + ); + + my $uid2_signature = GnuPG::Signature->new + ( validity => '!', + algo_num => 17, + hex_id => '53AE596EF950DA9C', + date => 953179891, + date_string => '2000-03-16', + ); + + my $ftobin_signature = GnuPG::Signature->new + ( validity => '!', + algo_num => 17, + hex_id => '56FFD10A260C4FA3', + date => 953180097, + date_string => '2000-03-16', + ); + + my $designated_revoker_sig = GnuPG::Signature->new + ( validity => '!', + algo_num => 17, + hex_id => '53AE596EF950DA9C', + date => 978325209, + date_string => '2001-01-01', + sig_class => 0x1f, + is_exportable => 1 + ); + + my $revoker = GnuPG::Revoker->new + ( algo_num => 17, + class => 0x80, + fingerprint => GnuPG::Fingerprint->new( as_hex_string => + '4F863BBBA8166F0A340F600356FFD10A260C4FA3'), + ); + $revoker->push_signatures($designated_revoker_sig); + + my $subkey_pub_data = [ + Math::BigInt->from_hex('0x'. + '8831982DADC4C5D05CBB01D9EAF612131DDC9C24CEA7246557679423FB0BA42F74D10D8E7F5564F6A4FB8837F8DC4A46571C19B122E6DF4B443D15197A6A22688863D0685FADB6E402316DAA9B560D1F915475364580A67E6DF0A727778A5CF3'), + Math::BigInt->from_hex('0x'. + '6'), + Math::BigInt->from_hex('0x'. + '2F3850FF130C6AC9AA0962720E86539626FAA9B67B33A74DFC0DE843FF3E90E43E2F379EE0182D914FA539CCCF5C83A20DB3A7C45E365B8A2A092E799A3DFF4AD8274EB977BAAF5B1AFB2ACB8D6F92454F01682F555565E73E56793C46EF7C3E') + ]; + + my $subkey = GnuPG::SubKey->new + ( validity => 'u', + length => 768, + algo_num => 16, + hex_id => 'ADB99D9C2E854A6B', + creation_date => 949813119, + creation_date_string => '2000-02-06', + usage_flags => 'e', + pubkey_data => $subkey_pub_data, + ); + + + $subkey->fingerprint + ( GnuPG::Fingerprint->new( as_hex_string => + '7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' + ) + ); + + $subkey->push_signatures( $subkey_signature ); + + $handmade_key->push_subkeys( $subkey ); + $handmade_key->push_revokers( $revoker ); + + $handmade_key->compare( $given_key ); +}; + +TEST +{ + my $subkey1 = $given_key->subkeys()->[0]; + my $subkey2 = $handmade_key->subkeys()->[0]; + + bless $subkey1, 'GnuPG::SubKey'; + + my $equal = $subkey1->compare( $subkey2 ); + + warn 'subkeys fail comparison; this is a known issue with GnuPG 1.0.1' + if not $equal; + + return $equal; +}; + + +TEST +{ + $handmade_key->compare( $given_key, 1 ); +}; diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t new file mode 100644 index 0000000..3a1d99f --- /dev/null +++ b/t/get_secret_keys.t @@ -0,0 +1,75 @@ +#!/usr/bin/perl -w +# +# $Id: get_secret_keys.t,v 1.9 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +use GnuPG::PrimaryKey; + +my ( $given_key, $handmade_key ); + +TEST +{ + reset_handles(); + + my @returned_keys = $gnupg->get_secret_keys( '0xF950DA9C' ); + + return 0 unless @returned_keys == 1; + + $given_key = shift @returned_keys; + + $handmade_key = GnuPG::PrimaryKey->new + ( length => 1024, + algo_num => 17, + hex_id => '53AE596EF950DA9C', + creation_date => 949813093, + creation_date_string => '2000-02-06', + owner_trust => '', # secret keys do not report ownertrust? + usage_flags => 'scaESCA', + ); + + $handmade_key->fingerprint + ( GnuPG::Fingerprint->new( as_hex_string => + '93AFC4B1B0288A104996B44253AE596EF950DA9C', + ) + ); + + $handmade_key->push_user_ids( + GnuPG::UserId->new( as_string => 'GnuPG test key (for testing purposes only)', + validity => ''), # secret keys do not report uid validity? + GnuPG::UserId->new( as_string => 'Foo Bar (1)', + validity => '')); # secret keys do not report uid validity? + + + my $subkey = GnuPG::SubKey->new + ( validity => 'u', + length => 768, + algo_num => 16, + hex_id => 'ADB99D9C2E854A6B', + creation_date => 949813119, + creation_date_string => '2000-02-06', + usage_flags => 'e', + ); + + $subkey->fingerprint + ( GnuPG::Fingerprint->new( as_hex_string => + '7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B', + ) + ); + + $handmade_key->push_subkeys( $subkey ); + + $handmade_key->compare( $given_key ); +}; + + +TEST +{ + $handmade_key->compare( $given_key, 1 ); +}; diff --git a/t/import_keys.t b/t/import_keys.t new file mode 100644 index 0000000..dc4a5a2 --- /dev/null +++ b/t/import_keys.t @@ -0,0 +1,39 @@ +#!/usr/bin/perl -w +# +# $Id: import_keys.t,v 1.4 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->import_keys( handles => $handles ); + + print $stdin @{ $texts{key}->data() }; + close $stdin; + my @output = <$stdout>; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + $handles->stdin( $texts{key}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + + my $pid = $gnupg->import_keys( handles => $handles ); + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/list_public_keys.t b/t/list_public_keys.t new file mode 100644 index 0000000..7e563c1 --- /dev/null +++ b/t/list_public_keys.t @@ -0,0 +1,76 @@ +#!/usr/bin/perl -w +# +# $Id: list_public_keys.t,v 1.7 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); +use IO::File; + +use lib './t'; +use MyTest; +use MyTestSpecific; + +my $outfile; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->list_public_keys( handles => $handles ); + close $stdin; + + $outfile = 'test/public-keys/1.out'; + my $out = IO::File->new( "> $outfile" ) + or die "cannot open $outfile for writing: $ERRNO"; + $out->print( <$stdout> ); + close $stdout; + $out->close(); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + my $pid = $gnupg->list_public_keys( handles => $handles, + ommand_args => '0xF950DA9C' + ); + close $stdin; + + $outfile = 'test/public-keys/2.out'; + my $out = IO::File->new( "> $outfile" ) + or die "cannot open $outfile for writing: $ERRNO"; + $out->print( <$stdout> ); + close $stdout; + $out->close(); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + + +TEST +{ + reset_handles(); + + $handles->stdout( $texts{temp}->fh() ); + $handles->options( 'stdout' )->{direct} = 1; + + my $pid = $gnupg->list_public_keys( handles => $handles, + command_args => '0xF950DA9C', + ); + + waitpid $pid, 0; + + $outfile = $texts{temp}->fn(); + + return $CHILD_ERROR == 0; +}; + diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t new file mode 100644 index 0000000..1fe9b7e --- /dev/null +++ b/t/list_secret_keys.t @@ -0,0 +1,79 @@ +#!/usr/bin/perl -w +# +# $Id: list_secret_keys.t,v 1.7 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +my $outfile; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->list_secret_keys( handles => $handles ); + close $stdin; + + $outfile = 'test/secret-keys/1.out'; + my $out = IO::File->new( "> $outfile" ) + or die "cannot open $outfile for writing: $ERRNO"; + $out->print( <$stdout> ); + close $stdout; + $out->close(); + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + my @files_to_test = ( 'test/secret-keys/1.0.test' ); + + return file_match( $outfile, @files_to_test ); +}; + + +TEST +{ + reset_handles(); + + my $pid = $gnupg->list_secret_keys( handles => $handles, + command_args => '0xF950DA9C' ); + close $stdin; + + $outfile = 'test/secret-keys/2.out'; + my $out = IO::File->new( "> $outfile" ) + or die "cannot open $outfile for writing: $ERRNO"; + $out->print( <$stdout> ); + close $stdout; + $out->close(); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; + +}; + + +TEST +{ + reset_handles(); + + $handles->stdout( $texts{temp}->fh() ); + $handles->options( 'stdout' )->{direct} = 1; + + my $pid = $gnupg->list_secret_keys( handles => $handles, + command_args => '0xF950DA9C' ); + + waitpid $pid, 0; + + $outfile = $texts{temp}->fn(); + + return $CHILD_ERROR == 0; +}; diff --git a/t/list_sigs.t b/t/list_sigs.t new file mode 100644 index 0000000..16cfa6a --- /dev/null +++ b/t/list_sigs.t @@ -0,0 +1,71 @@ +#!/usr/bin/perl -w +# +# $Id: list_sigs.t,v 1.7 2001/05/03 06:00:06 ftobin Exp $ + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +my $outfile; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->list_sigs( handles => $handles ); + close $stdin; + + $outfile = 'test/public-keys-sigs/1.out'; + my $out = IO::File->new( "> $outfile" ) + or die "cannot open $outfile for writing: $ERRNO"; + $out->print( <$stdout> ); + close $stdout; + $out->close(); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + my $pid = $gnupg->list_sigs( handles => $handles, + command_args => '0xF950DA9C', + ); + close $stdin; + + $outfile = 'test/public-keys-sigs/2.out'; + my $out = IO::File->new( "> $outfile" ) + or die "cannot open $outfile for writing: $ERRNO"; + $out->print( <$stdout> ); + close $stdout; + $out->close(); + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + $handles->stdout( $texts{temp}->fh() ); + $handles->options( 'stdout' )->{direct} = 1; + + my $pid = $gnupg->list_sigs( handles => $handles, + command_args => '0xF950DA9C', + ); + + waitpid $pid, 0; + + $outfile = $texts{temp}->fn(); + + return $CHILD_ERROR == 0; +}; diff --git a/t/passphrase_handling.t b/t/passphrase_handling.t new file mode 100644 index 0000000..bfd0695 --- /dev/null +++ b/t/passphrase_handling.t @@ -0,0 +1,62 @@ +#!/usr/bin/perl -w +# +# $Id: passphrase_handling.t,v 1.6 2001/05/03 06:02:39 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); +use Symbol; +use IO::File; + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + return $gnupg->test_default_key_passphrase() +}; + + +$gnupg->clear_passphrase(); + +TEST +{ + reset_handles(); + + my $passphrase_handle = gensym; + $handles->passphrase( $passphrase_handle ); + + my $pid = $gnupg->sign( handles => $handles ); + + print $passphrase_handle 'test'; + print $stdin @{ $texts{plain}->data() }; + + close $passphrase_handle; + close $stdin; + + waitpid $pid, 0; + return $CHILD_ERROR == 0; +}; + + + +TEST +{ + reset_handles(); + $handles->clear_stderr(); + $handles->stderr( '>&STDERR' ); + + my $pass_fn = 'test/passphrase'; + my $passfile = IO::File->new( $pass_fn ) + or die "cannot open $pass_fn: $ERRNO"; + $handles->passphrase( $passfile ); + $handles->options( 'passphrase' )->{direct} = 1; + + my $pid = $gnupg->sign( handles => $handles ); + close $stdin; + + waitpid $pid, 0; + return $CHILD_ERROR == 0; +}; diff --git a/t/sign.t b/t/sign.t new file mode 100644 index 0000000..c854378 --- /dev/null +++ b/t/sign.t @@ -0,0 +1,38 @@ +#!/usr/bin/perl -w +# +# $Id: sign.t,v 1.4 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->sign( handles => $handles ); + + print $stdin @{ $texts{plain}->data() }; + close $stdin; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + $handles->stdin( $texts{plain}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + my $pid = $gnupg->sign( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/sign_and_encrypt.t b/t/sign_and_encrypt.t new file mode 100644 index 0000000..5dc1c08 --- /dev/null +++ b/t/sign_and_encrypt.t @@ -0,0 +1,39 @@ +#!/usr/bin/perl -w +# +# $Id: sign_and_encrypt.t,v 1.4 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + + $gnupg->options->push_recipients( '0x2E854A6B' ); + my $pid = $gnupg->sign_and_encrypt( handles => $handles ); + + print $stdin @{ $texts{plain}->data() }; + close $stdin; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + $handles->stdin( $texts{plain}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + my $pid = $gnupg->sign_and_encrypt( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/verify.t b/t/verify.t new file mode 100644 index 0000000..bd5d0be --- /dev/null +++ b/t/verify.t @@ -0,0 +1,39 @@ +#!/usr/bin/perl -w +# +# $Id: verify.t,v 1.4 2001/05/03 06:00:06 ftobin Exp $ +# + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->verify( handles => $handles ); + + print $stdin @{ $texts{signed}->data() }; + close $stdin; + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + reset_handles(); + + $handles->stdin( $texts{signed}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + + my $pid = $gnupg->verify( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/wrap_call.t b/t/wrap_call.t new file mode 100644 index 0000000..8677d54 --- /dev/null +++ b/t/wrap_call.t @@ -0,0 +1,59 @@ +#!/usr/bin/perl -w +# +# $Id: wrap_call.t,v 1.1 2001/05/03 07:32:34 ftobin Exp $ +# + +use strict; + +use lib './t'; +use MyTest; +use MyTestSpecific; + +TEST +{ + reset_handles(); + + my $pid = $gnupg->wrap_call + ( commands => [ qw( --list-packets ) ], + command_args => [ qw( test/key.1.asc ) ], + handles => $handles, + ); + + close $stdin; + + my @out = <$stdout>; + waitpid $pid, 0; + + return @out > 0; #just check if we have output. +}; + +TEST +{ + return $CHILD_ERROR == 0; +}; + + +# same as above, but now with deprecated stuff +TEST +{ + reset_handles(); + + my $pid = $gnupg->wrap_call + ( gnupg_commands => [ qw( --list-packets ) ], + gnupg_command_args => [ qw( test/key.1.asc ) ], + handles => $handles, + ); + + close $stdin; + + my @out = <$stdout>; + waitpid $pid, 0; + + return @out > 0; #just check if we have output. +}; + + +TEST +{ + return $CHILD_ERROR == 0; +}; diff --git a/test/encrypted.1.gpg b/test/encrypted.1.gpg new file mode 100644 index 0000000..0f161c7 --- /dev/null +++ b/test/encrypted.1.gpg @@ -0,0 +1,14 @@ +-----BEGIN PGP MESSAGE----- +Version: GnuPG v1.0.1 (FreeBSD) +Comment: For info see http://www.gnupg.org + +hM4DrbmdnC6FSmsQAv48WgPo026qT5y6VRoeV+fA/c2XAj+cPuKXa19ntGLx1oAk +Cj1Zd7m68gsnG9OOglat013s2ADkhLaR4FURcCjT57XZNvDacJK4oSTl91w12ClU +TptmVoovBQhVNgyDmu8C/js3bgmSlkbZJIWh1NUbOYkV9ugP9i+ryYl9QIcjbWGq +9D/tgNJri0/k/L2+HywSktjMJI0KAF+L7RcMCQdzfQ2ffkm4ZWlRXGbGW4p7GBON +JazfmBp1bKYw90D0Xwv5PMmHVh3T1sSWpZpeD5CHtqHWhWFFLi3qrh+A7VggATXz +s9JU5FtKoLkpd+O3uFaNYbnCBjex5PwO+RFLEPJs5+gUEyNXsZlnIt+tLa3aRxzV +brkdspHcgTZG7z00ZMRC4nLVuNLfflvPWrGSIIWHP+424dFPKdClabJ0bAxAp5B5 +rDQKx0ef6AI+ +=EQaf +-----END PGP MESSAGE----- diff --git a/test/key.1.asc b/test/key.1.asc new file mode 100644 index 0000000..b5a16aa --- /dev/null +++ b/test/key.1.asc @@ -0,0 +1,29 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.0.1h (FreeBSD) +Comment: For info see http://www.gnupg.org + +mQGiBDic/2URBACI/KqlvNzVIITUYUP0TtFxWjOXlGQRWN4DqiCSr9MXTj3KLLff +Ldxv7ffDYg9ai9rQZxPmFT+HSN12y5cwXzDLqPiAHbR/rBHu1yX1VnLLm9rWKReK +Z3y7CJs+iuDZqa13QWl6NfKGjGLSVnCZSpLYEEgBc9wkJj7qDxA6Q8C2SwCgjyo4 +QscP8XZgy7eMePyT9TSrmhcEAIPjSMKqZfVt6E6P3ObaewmRscdeyMpEb6hYaaQz +UJB7/za+USOF6OfglVeLshOMBOMYSVhzIYKG3iuMhvNupnATVDSWeseY66KFgfcJ +8Ma2lutRLT5WHjgaBuS1I5vMZVAV+akmx05LhZsm6tYE8gilVlEadqQO3NnDjmvY +LMy0BACA3gTIXjDJ1iwT+Qz/knqEpaWdCQCzUz1NYZP++MXa75/4p9X3ayRPvBdk +T1DVJOCxnNOktfwteNrso/5Y+hwaZObHuWxO5hgXNUMWOnLvlU39WT6ENCaZCW6c +p2V4rB3j2JO8zQv0cM72Jfr4FqD1A+91wYxhc+NchnWvkZ5XBLQqR251UEcgdGVz +dCBrZXkgKGZvciB0ZXN0aW5nIHB1cnBvc2VzIG9ubHkpiFwEExECABwFAjic/2UF +CQPCZwAECwoEAwMVAwIDFgIBAheAAAoJEFOuWW75UNqclaUAn0S5f03veSfWimJ5 +RiAJ2mn6Asc+AJ0SGcRri5Yxe1HD/R4GL94lgD7Wh4hGBBARAgAGBQI40F/BAAoJ +EFb/0QomDE+j6LQAn3YAtCYIJa0+ynAo93ZoOU+2yasbAJ4h+XmjW1hU/847vEaC +OhUqDa6e2rQLRm9vIEJhciAoMSmIXAQTEQIAHAUCONBe8wUJA8JnAAQLCgQDAxUD +AgMWAgECF4AACgkQU65ZbvlQ2pz5BwCdET0gdTXPSiXmIu574Tad0crbDkoAn37Y +JkfJ3QpAY/ukLbDWwFUtFQw5iEYEEBECAAYFAjjQX8cACgkQVv/RCiYMT6NuLwCf +dORipe3h0q7gme02CobFbKRLjcYAnRT0kAgd4oJJ1gahEdxZt7wJEDv6uM0EOJz/ +fxADAIgxmC2txMXQXLsB2er2EhMd3JwkzqckZVdnlCP7C6QvdNENjn9VZPak+4g3 ++NxKRlccGbEi5t9LRD0VGXpqImiIY9BoX6225AIxbaqbVg0fkVR1NkWApn5t8Kcn +d4pc8wADBgL+LzhQ/xMMasmqCWJyDoZTlib6qbZ7M6dN/A3oQ/8+kOQ+Lzee4Bgt +kU+lOczPXIOiDbOnxF42W4oqCS55mj3/StgnTrl3uq9bGvsqy41vkkVPAWgvVVVl +5z5WeTxG73w+iEwEGBECAAwFAjic/38FCQPCZwAACgkQU65ZbvlQ2pxQagCeLShZ +NrESCT3im8kmmdh4yneEddAAn0Yug2I+wLDO58866cQugR1qhrfd +=/tKz +-----END PGP PUBLIC KEY BLOCK----- diff --git a/test/options b/test/options new file mode 100644 index 0000000..1f319a6 --- /dev/null +++ b/test/options @@ -0,0 +1,2 @@ +no-secmem-warning +armor diff --git a/test/passphrase b/test/passphrase new file mode 100644 index 0000000..9daeafb --- /dev/null +++ b/test/passphrase @@ -0,0 +1 @@ +test diff --git a/test/plain.1.txt b/test/plain.1.txt new file mode 100644 index 0000000..d140dcb --- /dev/null +++ b/test/plain.1.txt @@ -0,0 +1,4 @@ +"To learn what is good and what is to be valued, +those truths which cannot be shaken or changed." + Myst: The Book of Atrus + diff --git a/test/public-keys-sigs/1.0.test b/test/public-keys-sigs/1.0.test new file mode 100644 index 0000000..8b91abc --- /dev/null +++ b/test/public-keys-sigs/1.0.test @@ -0,0 +1,28 @@ +test/pubring.gpg +---------------- +pub 1024D/F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +sig F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +sig 260C4FA3 2000-03-16 Frank J. Tobin +uid Foo Bar (1) +sig F950DA9C 2000-03-16 GnuPG test key (for testing purposes only) +sig 260C4FA3 2000-03-16 Frank J. Tobin +sub 768g/2E854A6B 2000-02-06 +sig F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) + +pub 1024D/260C4FA3 1999-04-22 Frank J. Tobin +sig 260C4FA3 1999-04-22 Frank J. Tobin +sig F40EB65E 1999-04-22 [User id not found] +sig 164BDBAE 1999-11-16 [User id not found] +uid Dekan +sig 260C4FA3 1999-04-22 Frank J. Tobin +sig F40EB65E 1999-04-22 [User id not found] +sig 164BDBAE 1999-11-16 [User id not found] +uid Frank J. Tobin +sig 260C4FA3 1999-06-29 Frank J. Tobin +sig 164BDBAE 1999-11-16 [User id not found] +uid Frank J. Tobin +sig 260C4FA3 1999-07-02 Frank J. Tobin +sig 164BDBAE 1999-11-16 [User id not found] +sub 2048g/334C9F14 1999-04-22 +sig 260C4FA3 1999-04-22 Frank J. Tobin + diff --git a/test/public-keys-sigs/1.1.test b/test/public-keys-sigs/1.1.test new file mode 100644 index 0000000..f321c9d --- /dev/null +++ b/test/public-keys-sigs/1.1.test @@ -0,0 +1,28 @@ +test/pubring.gpg +---------------- +pub 1024D/F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +sig F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +sig 260C4FA3 2000-03-16 Frank J. Tobin +uid Foo Bar (1) +sig F950DA9C 2000-03-16 GnuPG test key (for testing purposes only) +sig 260C4FA3 2000-03-16 Frank J. Tobin +sub 768g/2E854A6B 2000-02-06 [expires: 2002-02-05] +sig F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) + +pub 1024D/260C4FA3 1999-04-22 Frank J. Tobin +sig 260C4FA3 1999-04-22 Frank J. Tobin +sig F40EB65E 1999-04-22 [User id not found] +sig 164BDBAE 1999-11-16 [User id not found] +uid Dekan +sig 260C4FA3 1999-04-22 Frank J. Tobin +sig F40EB65E 1999-04-22 [User id not found] +sig 164BDBAE 1999-11-16 [User id not found] +uid Frank J. Tobin +sig 260C4FA3 1999-06-29 Frank J. Tobin +sig 164BDBAE 1999-11-16 [User id not found] +uid Frank J. Tobin +sig 260C4FA3 1999-07-02 Frank J. Tobin +sig 164BDBAE 1999-11-16 [User id not found] +sub 2048g/334C9F14 1999-04-22 [expires: 2001-04-21] +sig 260C4FA3 1999-04-22 Frank J. Tobin + diff --git a/test/public-keys-sigs/2.0.test b/test/public-keys-sigs/2.0.test new file mode 100644 index 0000000..b3241c9 --- /dev/null +++ b/test/public-keys-sigs/2.0.test @@ -0,0 +1,9 @@ +pub 1024D/F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +sig F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +sig 260C4FA3 2000-03-16 Frank J. Tobin +uid Foo Bar (1) +sig F950DA9C 2000-03-16 GnuPG test key (for testing purposes only) +sig 260C4FA3 2000-03-16 Frank J. Tobin +sub 768g/2E854A6B 2000-02-06 +sig F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) + diff --git a/test/public-keys-sigs/2.1.test b/test/public-keys-sigs/2.1.test new file mode 100644 index 0000000..d996386 --- /dev/null +++ b/test/public-keys-sigs/2.1.test @@ -0,0 +1,9 @@ +pub 1024D/F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +sig F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +sig 260C4FA3 2000-03-16 Frank J. Tobin +uid Foo Bar (1) +sig F950DA9C 2000-03-16 GnuPG test key (for testing purposes only) +sig 260C4FA3 2000-03-16 Frank J. Tobin +sub 768g/2E854A6B 2000-02-06 [expires: 2002-02-05] +sig F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) + diff --git a/test/public-keys/1.0.test b/test/public-keys/1.0.test new file mode 100644 index 0000000..c6d34e8 --- /dev/null +++ b/test/public-keys/1.0.test @@ -0,0 +1,12 @@ +test/pubring.gpg +---------------- +pub 1024D/F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +uid Foo Bar (1) +sub 768g/2E854A6B 2000-02-06 + +pub 1024D/260C4FA3 1999-04-22 Frank J. Tobin +uid Dekan +uid Frank J. Tobin +uid Frank J. Tobin +sub 2048g/334C9F14 1999-04-22 + diff --git a/test/public-keys/1.1.test b/test/public-keys/1.1.test new file mode 100644 index 0000000..3fc1237 --- /dev/null +++ b/test/public-keys/1.1.test @@ -0,0 +1,12 @@ +test/pubring.gpg +---------------- +pub 1024D/F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +uid Foo Bar (1) +sub 768g/2E854A6B 2000-02-06 [expires: 2002-02-05] + +pub 1024D/260C4FA3 1999-04-22 Frank J. Tobin +uid Dekan +uid Frank J. Tobin +uid Frank J. Tobin +sub 2048g/334C9F14 1999-04-22 [expires: 2001-04-21] + diff --git a/test/public-keys/2.0.test b/test/public-keys/2.0.test new file mode 100644 index 0000000..9a2412c --- /dev/null +++ b/test/public-keys/2.0.test @@ -0,0 +1,4 @@ +pub 1024D/F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +uid Foo Bar (1) +sub 768g/2E854A6B 2000-02-06 + diff --git a/test/public-keys/2.1.test b/test/public-keys/2.1.test new file mode 100644 index 0000000..a6431e1 --- /dev/null +++ b/test/public-keys/2.1.test @@ -0,0 +1,4 @@ +pub 1024D/F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +uid Foo Bar (1) +sub 768g/2E854A6B 2000-02-06 [expires: 2002-02-05] + diff --git a/test/pubring.gpg b/test/pubring.gpg new file mode 100644 index 0000000..60b008a Binary files /dev/null and b/test/pubring.gpg differ diff --git a/test/secret-keys/1.0.test b/test/secret-keys/1.0.test new file mode 100644 index 0000000..5999484 --- /dev/null +++ b/test/secret-keys/1.0.test @@ -0,0 +1,7 @@ +test/secring.gpg +---------------- +sec 1024D/F950DA9C 2000-02-06 +uid GnuPG test key (for testing purposes only) +uid Foo Bar (1) +ssb 768g/2E854A6B 2000-02-06 + diff --git a/test/secret-keys/2.0.test b/test/secret-keys/2.0.test new file mode 100644 index 0000000..7bd5a86 --- /dev/null +++ b/test/secret-keys/2.0.test @@ -0,0 +1,4 @@ +sec 1024D/F950DA9C 2000-02-06 GnuPG test key (for testing purposes only) +uid Foo Bar (1) +ssb 768g/2E854A6B 2000-02-06 + diff --git a/test/secring.gpg b/test/secring.gpg new file mode 100644 index 0000000..aa34674 Binary files /dev/null and b/test/secring.gpg differ diff --git a/test/signed.1.asc b/test/signed.1.asc new file mode 100644 index 0000000..5ef67a8 --- /dev/null +++ b/test/signed.1.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP MESSAGE----- +Version: GnuPG v1.0.1 (FreeBSD) +Comment: For info see http://www.gnupg.org + +owGbwMvMwCQYvC4y72fArTmMp5uSGCzmCs1VCslXyElNLMpTKM9ILFHILFZIz89P +UUjMS4ELlOQrJKUqlCXmlKam6HCVZOQXpyqUFJWWZBQDlWQmZygkJ+bl5ZeAFBVn +JGan5inkFykkZyTmpaem6ClxcfpWFpdYKYRkpCo45ednK+SnKTgCtRdzcXW4sTAI +MjGwsTKBXMLAxSkAcx5fDcM8rfgEBbsFNf+qm4L2br7wUzz0/V5Rhnk6tiKB9bkN +M1atrOP7sUc4sO6z+goA +=qwXx +-----END PGP MESSAGE----- -- cgit v1.2.3 From 5e17cf7d93ff1350f27242c804721a22e247e32f Mon Sep 17 00:00:00 2001 From: Niko Tyni Date: Fri, 29 Jun 2018 10:20:20 +0200 Subject: Import libgnupg-interface-perl_0.52-10.debian.tar.xz [dgit import tarball libgnupg-interface-perl 0.52-10 libgnupg-interface-perl_0.52-10.debian.tar.xz] --- changelog | 485 +++++++++++++++++++++ clean | 7 + compat | 1 + control | 35 ++ copyright | 48 ++ ...-test-suite-for-GnuPG-2.2.6-compatibility.patch | 58 +++ ...-test-suite-for-GnuPG-2.2.8-compatibility.patch | 68 +++ ...spelling-error-settting-should-be-setting.patch | 35 ++ patches/0002-Generalize-the-test-suite.patch | 151 +++++++ ...dity-of-an-key-when-we-have-established-n.patch | 37 ++ ...04-ensure-that-test-covers-all-signatures.patch | 35 ++ patches/0005-add-gpg_is_modern-to-test-suite.patch | 39 ++ ...G-2.1-reports-more-detail-about-secret-ke.patch | 120 +++++ ...match-plaintext-output-across-versions-of.patch | 95 ++++ ...fault_key_passphrase-when-passphrase-come.patch | 29 ++ patches/0009-clean-up-trailing-whitespace.patch | 112 +++++ patches/0010-fix-capitalization-of-GnuPG.patch | 35 ++ .../0011-ommand_args-should-be-command_args.patch | 21 + ...rints-as-inputs-during-tests-to-demonstra.patch | 265 +++++++++++ patches/0013-move-key-files-to-generic-names.patch | 33 ++ ...0014-fix-spelling-s-convience-convenience.patch | 53 +++ ...-new-secret-key-with-different-passphrase.patch | 117 +++++ ...-gpg-without-explicit-passphrase-agent-pi.patch | 302 +++++++++++++ ...uPG-agent-before-and-after-the-test-suite.patch | 42 ++ ...t-temporary-homedir-during-the-test-suite.patch | 110 +++++ ...-work-with-gpg1-assuming-plain-gpg-is-mod.patch | 51 +++ patches/series | 21 + rules | 16 + source/format | 1 + tests/pkg-perl/smoke-env | 1 + tests/pkg-perl/smoke-files | 2 + tests/pkg-perl/smoke-setup | 4 + watch | 2 + 33 files changed, 2431 insertions(+) create mode 100644 changelog create mode 100644 clean create mode 100644 compat create mode 100644 control create mode 100644 copyright create mode 100644 patches/0001-Fix-test-suite-for-GnuPG-2.2.6-compatibility.patch create mode 100644 patches/0001-Fix-test-suite-for-GnuPG-2.2.8-compatibility.patch create mode 100644 patches/0001-fix-spelling-error-settting-should-be-setting.patch create mode 100644 patches/0002-Generalize-the-test-suite.patch create mode 100644 patches/0003-subkey-validity-of-an-key-when-we-have-established-n.patch create mode 100644 patches/0004-ensure-that-test-covers-all-signatures.patch create mode 100644 patches/0005-add-gpg_is_modern-to-test-suite.patch create mode 100644 patches/0006-Modern-GnuPG-2.1-reports-more-detail-about-secret-ke.patch create mode 100644 patches/0007-test-suite-match-plaintext-output-across-versions-of.patch create mode 100644 patches/0008-fix-test_default_key_passphrase-when-passphrase-come.patch create mode 100644 patches/0009-clean-up-trailing-whitespace.patch create mode 100644 patches/0010-fix-capitalization-of-GnuPG.patch create mode 100644 patches/0011-ommand_args-should-be-command_args.patch create mode 100644 patches/0012-use-fingerprints-as-inputs-during-tests-to-demonstra.patch create mode 100644 patches/0013-move-key-files-to-generic-names.patch create mode 100644 patches/0014-fix-spelling-s-convience-convenience.patch create mode 100644 patches/0015-added-new-secret-key-with-different-passphrase.patch create mode 100644 patches/0016-Test-use-of-gpg-without-explicit-passphrase-agent-pi.patch create mode 100644 patches/0017-Kill-any-GnuPG-agent-before-and-after-the-test-suite.patch create mode 100644 patches/0018-Use-a-short-temporary-homedir-during-the-test-suite.patch create mode 100644 patches/0019-Make-things-work-with-gpg1-assuming-plain-gpg-is-mod.patch create mode 100644 patches/series create mode 100755 rules create mode 100644 source/format create mode 100644 tests/pkg-perl/smoke-env create mode 100644 tests/pkg-perl/smoke-files create mode 100755 tests/pkg-perl/smoke-setup create mode 100644 watch diff --git a/changelog b/changelog new file mode 100644 index 0000000..ca0dd53 --- /dev/null +++ b/changelog @@ -0,0 +1,485 @@ +libgnupg-interface-perl (0.52-10) unstable; urgency=medium + + * Team upload. + + [ Salvatore Bonaccorso ] + * Update Vcs-* headers for switch to salsa.debian.org + + [ Niko Tyni ] + * Patch the test suite for GnuPG >= 2.2.8 compatibility. + (Closes: #900051) + * Update to debhelper compat level 10 + * Update to Standards-Version 4.1.4 + * Declare that the package does not need (fake)root to build + + -- Niko Tyni Fri, 29 Jun 2018 11:20:20 +0300 + +libgnupg-interface-perl (0.52-9) unstable; urgency=medium + + * upload to unstable + + -- Daniel Kahn Gillmor Sun, 28 May 2017 10:48:21 -0400 + +libgnupg-interface-perl (0.52-8) experimental; urgency=medium + + * enable working with gpg1 and in-band passwords + + -- Daniel Kahn Gillmor Fri, 26 May 2017 19:55:07 -0400 + +libgnupg-interface-perl (0.52-7) experimental; urgency=medium + + * Use temporary, short-path GNUPGHOME for test suites (Closes: #861591) + + -- Daniel Kahn Gillmor Fri, 26 May 2017 14:37:11 -0400 + +libgnupg-interface-perl (0.52-6) experimental; urgency=medium + + * more tweaks to test suite and use of passphrase (enables in-band + passphrases to work again, not just via fake-pinentry.pl) + See https://rt.cpan.org/Ticket/Display.html?id=102651 and + https://github.com/bestpractical/gnupg-interface/pull/1 + * force dependency on gnupg package to version 2.1 or later due to use + of pinentry-mode=loopback. + + -- Daniel Kahn Gillmor Wed, 23 Nov 2016 13:58:40 -0500 + +libgnupg-interface-perl (0.52-5) unstable; urgency=medium + + * Team upload. + * Fix autopkgtest smoke tests: + - Add debian/tests/pkg-perl/smoke-setup. + Make test/fake-pinentry.pl executable. + - Add debian/tests/pkg-perl/smoke-env. + Set HOME, needed for one smoke test. + Closes: #838141 + + -- gregor herrmann Sat, 17 Sep 2016 22:38:18 +0200 + +libgnupg-interface-perl (0.52-4) unstable; urgency=medium + + * move to debhelper 9 + * bumped Standards-Version to 3.9.8 (no changes needed) + * remove switch to gpg1 (Closes: #835770) + * fix test suite so that it works with GnuPG 2.1 as well + * added myself to Uploaders + + -- Daniel Kahn Gillmor Wed, 14 Sep 2016 14:44:07 -0400 + +libgnupg-interface-perl (0.52-3) unstable; urgency=medium + + [ gregor herrmann ] + * Rename autopkgtest configuration file(s) as per new pkg-perl- + autopkgtest schema. + + [ Salvatore Bonaccorso ] + * debian/control: Use HTTPS transport protocol for Vcs-Git URI + + [ gregor herrmann ] + * debian/copyright: change Copyright-Format 1.0 URL to HTTPS. + * Remove Tim Retout from Uploaders. Thanks for your work! + + [ intrigeri ] + * New patch: use GnuPG 1.x by default. (Closes: #834281) + * Update build and runtime dependency to pull in gnupg1: this is + the only well supported version at the moment. + + -- intrigeri Thu, 25 Aug 2016 08:24:04 +0000 + +libgnupg-interface-perl (0.52-2) unstable; urgency=medium + + * Update copyright years for debian/* packaging files + * Create writable build HOME used for testsuite. + Fixes "FTBFS in sid: test failures". (Closes: #789828) + + -- Salvatore Bonaccorso Tue, 30 Jun 2015 06:47:51 +0200 + +libgnupg-interface-perl (0.52-1) unstable; urgency=medium + + [ Salvatore Bonaccorso ] + * Remove Testsuite field (added automatically by dpkg in jessie) + + [ gregor herrmann ] + * debian/tests/control: add stanza for new runtime-deps-and-recommends + tests. + * Rename debian/tests/test-files to debian/tests/pkg-perl/test-files. + * Drop debian/tests/control, add Testsuite field to debian/control + instead. + + [ intrigeri ] + * Imported Upstream version 0.52 + * Declare compliance with Standards-Version 3.9.6 (no change required). + * Clean debian/control with cme. + * Bump copyright years for debian/*. + + -- intrigeri Mon, 27 Apr 2015 11:23:13 +0200 + +libgnupg-interface-perl (0.50-3) unstable; urgency=medium + + * Team upload + [ Salvatore Bonaccorso ] + * Update Vcs-Browser URL to cgit web frontend + + [ David Bremner ] + * Add autopkgtest support + + [ Salvatore Bonaccorso ] + * autopkgtest: Make script executable + * autopkgtest: Add shebang for tests/regression test + * autopkgtest: Also set explicitly set -e for the regression test script + + [ gregor herrmann ] + * autopktest: add Depends to control file. + * autopkgtest: move tests to temporary directory and run them from there + to avoid (b)lib/ being used. + + -- David Bremner Mon, 01 Sep 2014 11:43:16 -0700 + +libgnupg-interface-perl (0.50-2) unstable; urgency=medium + + * Drop Make-get_secret_keys-and-get_public_keys-methods-wor.patch: + neither upstream nor I can reproduce the bug it fixed anymore + (https://rt.cpan.org/Ticket/Display.html?id=62177). + + -- intrigeri Mon, 31 Mar 2014 13:08:59 +0200 + +libgnupg-interface-perl (0.50-1) unstable; urgency=medium + + * Imported Upstream version 0.50 + * Drop {build,runtime}-dependency on Moose, again. + * Do not install NEWS and THANKS: upstream does not ship it anymore. + + -- intrigeri Fri, 14 Mar 2014 21:01:21 +0100 + +libgnupg-interface-perl (0.49-1) unstable; urgency=medium + + * Imported Upstream version 0.49 + * Reintroduce {build,runtime}-dependency on Moose. + + -- intrigeri Fri, 14 Mar 2014 11:02:58 +0100 + +libgnupg-interface-perl (0.48-1) unstable; urgency=medium + + * Imported Upstream version 0.48 + * Refresh Make-get_secret_keys-and-get_public_keys-methods-wor.patch patch + * Update copyright years for debian/* packaging + + -- Salvatore Bonaccorso Mon, 10 Mar 2014 21:40:35 +0100 + +libgnupg-interface-perl (0.47-1) unstable; urgency=medium + + [ gregor herrmann ] + * Strip trailing slash from metacpan URLs. + + [ intrigeri ] + * Imported Upstream version 0.47 + * libgnupg-interface-perl (0.47-1~1.gbpb39567) + * Update {build,runtime}-dependencies according to new upstream release, + that migrated from Any::Moose to Moo. + * Declare compliance with Standards-Version 3.9.5. + + -- intrigeri Mon, 10 Mar 2014 17:15:55 +0100 + +libgnupg-interface-perl (0.46-3) unstable; urgency=low + + * remove Peter Palfrader from Uploaders on his request + + -- Damyan Ivanov Tue, 07 May 2013 16:32:12 +0300 + +libgnupg-interface-perl (0.46-2) unstable; urgency=low + + * Upload to unstable + * Change Vcs-Git to canonical URI (git://anonscm.debian.org) + * Change search.cpan.org based URIs to metacpan.org based URIs + * Update copyright years for debian/* packaging files + + -- Salvatore Bonaccorso Mon, 06 May 2013 16:18:58 +0200 + +libgnupg-interface-perl (0.46-1) experimental; urgency=low + + [ intrigeri ] + * Email change: intrigeri -> intrigeri@debian.org + + [ Salvatore Bonaccorso ] + * Imported Upstream version 0.46 + * Update debian/copyright file. + Update format to copyright-format 1.0 as released together with Debian + policy 3.9.3. + Update Upstream-Contact to Alex Vandiver and update + comment on license. + Update copyright years for bundled copy of Module::Install. + Update copyright years for debian/* packaging. + * Bump Standards-Version to 3.9.4 + * Refresh Make-get_secret_keys-and-get_public_keys-methods-wor.patch patch + + -- Salvatore Bonaccorso Fri, 26 Oct 2012 21:41:43 +0200 + +libgnupg-interface-perl (0.45-1) unstable; urgency=low + + * Imported Upstream version 0.45 + * Update copyright information. + Update copyright years for files in inc/Module/* + + -- Salvatore Bonaccorso Wed, 26 Oct 2011 20:48:42 +0200 + +libgnupg-interface-perl (0.44-2) unstable; urgency=low + + [ Ansgar Burchardt ] + * debian/control: Convert Vcs-* fields to Git. + + [ Salvatore Bonaccorso ] + * debian/copyright: Replace DEP5 Format-Specification URL from + svn.debian.org to anonscm.debian.org URL. + + [ intrigeri ] + * Add myself to uploaders. + * debian/patches: + - Add patch Make-get_secret_keys-and-get_public_keys-methods-wor.patch + to make get_secret_keys and get_public_keys methods work silently with + no arguments (Closes: #600290). + + -- intrigeri Tue, 18 Oct 2011 01:10:21 +0200 + +libgnupg-interface-perl (0.44-1) unstable; urgency=low + + * New upstream release + * Bump Standards-Version to 3.9.2. + + -- Salvatore Bonaccorso Sat, 07 May 2011 17:36:32 +0200 + +libgnupg-interface-perl (0.43-1) unstable; urgency=low + + * New upstream release (Closes: #617398) + * Bump Debhelper compat level to 8. + * debian/control: Bump versioned Build-Depends on debhelper to + debhelper (>= 8). + + -- Salvatore Bonaccorso Tue, 08 Mar 2011 19:08:13 +0100 + +libgnupg-interface-perl (0.42.002-2) unstable; urgency=low + + [ Tim Retout ] + * debian/control: Update my email address. + + [ Salvatore Bonaccorso ] + * Upload to unstable. + * Email change: Salvatore Bonaccorso -> carnil@debian.org + * debian/copyright: + - Update copyright years for debian/* packaging. + - Explicitly point to GPL-1 license text in common-licenses. + - Refer to Debian systems in general instead of only Debian GNU/Linux + systems. + * debian/control: Make versioned (Build-)Depends(-Indep) on + libany-moose-perl unversioned. + * Bump Standards-Version to 3.9.1. + + -- Salvatore Bonaccorso Wed, 09 Feb 2011 14:21:51 +0100 + +libgnupg-interface-perl (0.42.002-1) experimental; urgency=low + + [ Salvatore Bonaccorso ] + * New upstream release (Closes: #584836, #579672, #579863, #579873, #579897, + #579898, #579666, #579900). + - Uploading to experimental. + * debian/patches: Drop patches applied upstream: + - fix-gnupg-options-pod-errors.patch + - fix-gnupg-options-copy.patch + - fix-gnupg_key-docs.patch + - fix_publickey_doc.patch + - fix-list_public_keys-pod.patch + + [ gregor herrmann ] + * Add copyright info for two new files. + + -- Salvatore Bonaccorso Mon, 07 Jun 2010 12:33:26 +0200 + +libgnupg-interface-perl (0.42-3) unstable; urgency=low + + [ Salvatore Bonaccorso ] + * Convert to '3.0 (quilt)' package source format. + * debian/patches: + - Add patch fix-gnupg_key-docs.patch to fix missing newline in GnuPG::Key on + expiration_date_string item. (Closes: #579613). + - Add patch fix_publickey_doc.patch to fix missing 'not' in documentation of + GnuPG::PublicKey. (Closes: #579589). + - Add patch fix-list_public_keys-pod.patch to fix example in + GnuPG::Interface documentation for the list_public_keys functionality. + (Closes: #579587). + - Thanks to Daniel Kahn Gillmor for reporting this issues. + * Bump Standards-Version to 3.8.4 (no changes). + * Refresh debian/copyright to revision 135 of machine readable format- + specification for copyright file in DEP5. + + [ gregor herrmann ] + * debian/copyright: add information about inc/Module/*. + + -- Salvatore Bonaccorso Thu, 29 Apr 2010 12:17:10 +0200 + +libgnupg-interface-perl (0.42-2) unstable; urgency=low + + * debian/patches/fix-gnupg-options-copy.patch: New patch to fix copy + method of GnuPG::Options. Fixes FTBFS. (Closes: #549743) + * debian/control: Add self to uploaders. + + -- Tim Retout Fri, 06 Nov 2009 00:28:38 +0000 + +libgnupg-interface-perl (0.42-1) unstable; urgency=low + + [ gregor herrmann ] + * debian/control: Changed: Switched Vcs-Browser field to ViewSVN + (source stanza). + + [ Nathan Handler ] + * debian/watch: Update to ignore development releases. + + [ Salvatore Bonaccorso ] + * New upstream release + + Adds support for gpg2. + * debian/control: + + Add myself to Uploaders + + Drop libclass-methodmaker-perl Build-Depends-Indep and Depends. + + Add dependencies on gnupg | gnupg2 + + Add versioned Build-Depends-Indep and Depends on libany-moose-perl + (>= 0.04). + * Update debian/copyright to the current proposed DEP5 format specification. + * Bump Standards-Version to 3.8.3 (no changes). + * Add fix-gnupg-options-pod-errors.patch to fix some POD errors in the + GnuPG::Options module. Add Build-Depends on quilt (>= 0.46-7) and update + Build-Depends on debhelper (>= 7.0.8). + * Add debian/README.source to document quilt usage, as required by + Debian Policy since 3.8.0. + + -- Salvatore Bonaccorso Thu, 01 Oct 2009 21:36:46 +0200 + +libgnupg-interface-perl (0.36-1) unstable; urgency=low + + * Take over for the Debian Perl Group on maintainer's request + (http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/2008- + June/014128.html) + * debian/control: Added: Vcs-Svn field (source stanza); Vcs-Browser + field (source stanza); Homepage field (source stanza). Changed: + Maintainer set to Debian Perl Group (was: Peter Palfrader + ); Peter Palfrader moved to + Uploaders. + * Add debian/watch. + * New upstream release + * debian/copyright + + module uses "same as Perl" license + + update upstream author information + + use dist-based upstream sources location + * minimize debian/rules using debhelper 7; adjust debhelper build-dependency + and compatibility level accordingly + * control: + + add perl and libclass-methodmaker-perl to Build-Depends-Indep + + add ${perl:Depends} and ${misc:Depends} to Depends + + Bump Standards-Version to 3.8.0 + * add myself to Uploaders + * add THANKS to debian/docs + + -- Damyan Ivanov Tue, 24 Jun 2008 09:28:58 +0300 + +libgnupg-interface-perl (0.33-6) unstable; urgency=low + + * Change the Build-Depends-Indep on debhelper to a Build-Depends (no -Indep). + * Increase Standards-Version from 3.6.1 to 3.7.2 (no additional changes). + * Update my email address in debian/copyright. + * Remove lots of commented-out cruft from debian/rules. + * Change to debhelper compatibility level 4 (from 1): + - Change DH_COMPAT to 4 in debian/rules, + - Change build dependency to a versioned one, + - Install to debian/code2html/ instead of debian/tmp. + * Instead of defining INSTALLBIN, INSTALLSCRIPT, etc just say + INSTALLDIRS=vendor in debian/rules, and set PREFIX for the install. + * Also use make install and not make pure_install. + * Remove code to remove .packlist files from the install target. + * Remove empty usr/lib/perl5 and usr/lib after make install. + + -- Peter Palfrader Sun, 18 Jun 2006 01:25:31 +0200 + +libgnupg-interface-perl (0.33-5) unstable; urgency=low + + * Change section to perl to fix override disparity. + + -- Peter Palfrader Sun, 25 Apr 2004 16:44:48 +0200 + +libgnupg-interface-perl (0.33-4) unstable; urgency=low + + * Install non binary perl into usr/share rather than usr/lib. + * Slight changes to debian/copyright: replace "author(s)" with + "author", refer to GPL-2 rather than GPL. + * Update standards version to 3.6.1. + + -- Peter Palfrader Sun, 25 Apr 2004 15:04:13 +0200 + +libgnupg-interface-perl (0.33-3) unstable; urgency=low + + * New Standards-Version: 3.5.7 + - Change Build-Depends to Build-Depends-Indep + - Have no /usr/doc link anymore (actually building against the new + debhelper will fix this - I'll not depend on it tho to make + building it on older releases easier) + + -- Peter Palfrader Mon, 11 Nov 2002 12:59:27 +0100 + +libgnupg-interface-perl (0.33-2) unstable; urgency=low + + * Change Section to interpreters (fixes override disparity). + + -- Peter Palfrader Sun, 16 Jun 2002 09:31:25 +0200 + +libgnupg-interface-perl (0.33-1) unstable; urgency=low + + * New upstream version: + - closes: #149964: GnuPG::Interface 0.32 is available + - closes: #149966: GnuPG::Interface, command_args and import_keys (et al) + Thank's a lot to upstream author Frank J. Tobin for providing a fix for + #149966 that fast. + + -- Peter Palfrader Sun, 16 Jun 2002 08:05:46 +0200 + +libgnupg-interface-perl (0.31-3) unstable; urgency=low + + * Moved from non-US to main (Section: libs; closes: #140524). + + -- Peter Palfrader Sun, 31 Mar 2002 20:54:51 +0200 + +libgnupg-interface-perl (0.31-2) unstable; urgency=low + + * Removed emacs stuff from changelog. + * Fixed minor typos in docmumentation (closes: #96148). + * Remove empty dirs in usr/lib/perl. + + -- Peter Palfrader Sat, 17 Nov 2001 17:34:18 +0100 + +libgnupg-interface-perl (0.31-1) unstable; urgency=low + + * New upstream release. + * Fixed a typo in the long description. + * Removed dependency and build time dependency on perl5. The perl-base + package should suffice. + * Changed maintainer email address. + * Upgraded Standards-Version to 3.5.4. + * Removed build time dependency on libclass-methodmaker-perl. It's not + needed to build the package. + * Removed .packlist file from the package. + + -- Peter Palfrader Sun, 6 May 2001 18:07:05 +0200 + +libgnupg-interface-perl (0.11-3) unstable; urgency=low + + * Changed Architecture to all (Closes: #71508) + + -- Peter Palfrader Wed, 13 Sep 2000 21:36:37 +0200 + +libgnupg-interface-perl (0.11-2) unstable; urgency=low + + * Changed section from libs to non-US/main. + * Removed README from docs. It only has install instructions. + + -- Peter Palfrader Sat, 9 Sep 2000 17:02:07 +0200 + +libgnupg-interface-perl (0.11-1) unstable; urgency=low + + * Initial Release (closes: #69479). + + -- Peter Palfrader Sun, 20 Aug 2000 17:18:33 +0200 diff --git a/clean b/clean new file mode 100644 index 0000000..83e3e37 --- /dev/null +++ b/clean @@ -0,0 +1,7 @@ +test/public-keys-sigs/1.out +test/public-keys-sigs/2.out +test/public-keys/1.out +test/public-keys/2.out +test/secret-keys/1.out +test/secret-keys/2.out +test/temp diff --git a/compat b/compat new file mode 100644 index 0000000..f599e28 --- /dev/null +++ b/compat @@ -0,0 +1 @@ +10 diff --git a/control b/control new file mode 100644 index 0000000..fd6a572 --- /dev/null +++ b/control @@ -0,0 +1,35 @@ +Source: libgnupg-interface-perl +Maintainer: Debian Perl Group +Uploaders: Damyan Ivanov , + intrigeri , + Salvatore Bonaccorso , + Daniel Kahn Gillmor , +Section: perl +Rules-Requires-Root: no +Testsuite: autopkgtest-pkg-perl +Priority: optional +Build-Depends: debhelper (>= 10) +Build-Depends-Indep: gnupg (>= 2.1), + libmoo-perl, + libmoox-handlesvia-perl, + libmoox-late-perl, + perl +Standards-Version: 4.1.4 +Vcs-Browser: https://salsa.debian.org/perl-team/modules/packages/libgnupg-interface-perl +Vcs-Git: https://salsa.debian.org/perl-team/modules/packages/libgnupg-interface-perl.git +Homepage: https://metacpan.org/release/GnuPG-Interface + +Package: libgnupg-interface-perl +Architecture: all +Depends: ${misc:Depends}, + ${perl:Depends}, + gnupg | gnupg2, + libmoo-perl, + libmoox-handlesvia-perl, + libmoox-late-perl +Description: Perl interface to GnuPG + GnuPG::Interface and its associated modules are designed + to provide an object-oriented method for interacting with + GnuPG, being able to perform functions such as but not + limited to encrypting, signing, decryption, verification, + and key-listing parsing. diff --git a/copyright b/copyright new file mode 100644 index 0000000..277fa7e --- /dev/null +++ b/copyright @@ -0,0 +1,48 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: GnuPG-Interface +Upstream-Contact: Alex Vandiver +Source: https://metacpan.org/release/GnuPG-Interface + +Files: * +Copyright: 2000, Frank J. Tobin +License: Artistic or GPL-1+ +Comment: + GnuPG::Interface is currently maintained by Alex Vandiver + . Frank J. Tobin, ftobin@cpan.org was the original + author of the package. + +Files: lib/GnuPG/Revoker.pm + lib/GnuPG/UserAttribute.pm +Copyright: 2010, Daniel Kahn Gillmor +License: Artistic or GPL-1+ + +Files: inc/Module/* +Copyright: 2002-2012, Adam Kennedy + 2002-2012, Audrey Tang + 2002-2012, Brian Ingerson +License: Artistic or GPL-1+ + +Files: debian/* +Copyright: 2000, Peter Palfrader + 2001, 2002, 2004, 2006, Peter Palfrader + 2008, Damyan Ivanov + 2009-2015, Salvatore Bonaccorso + 2009, Tim Retout + 2011, 2015, intrigeri +License: Artistic or GPL-1+ + +License: Artistic + This program is free software; you can redistribute it and/or modify + it under the terms of the Artistic License, which comes with Perl. + . + On Debian systems, the complete text of the Artistic License can be + found in `/usr/share/common-licenses/Artistic'. + +License: GPL-1+ + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 1, or (at your option) + any later version. + . + On Debian systems, the complete text of version 1 of the GNU General + Public License can be found in `/usr/share/common-licenses/GPL-1'. diff --git a/patches/0001-Fix-test-suite-for-GnuPG-2.2.6-compatibility.patch b/patches/0001-Fix-test-suite-for-GnuPG-2.2.6-compatibility.patch new file mode 100644 index 0000000..df1ace1 --- /dev/null +++ b/patches/0001-Fix-test-suite-for-GnuPG-2.2.6-compatibility.patch @@ -0,0 +1,58 @@ +From 5e5b70c3d18923b121cf2c5e1b7c196b6512b088 Mon Sep 17 00:00:00 2001 +From: Niko Tyni +Date: Wed, 20 Jun 2018 21:57:50 +0300 +Subject: [PATCH] Fix test suite for GnuPG >= 2.2.6 compatibility + +GnuPG 2.2.6 (commit 1a5d95e7319e7e6f) started marking signatures +with an expired key with '?', as seen with for instance + + GNUPGHOME=./test/gnupghome/ gpg --list-sigs 0xF950DA9C + +Adapt the test suite accordingly. + +See https://dev.gnupg.org/rG1a5d95e7319e7e6f0dd11064a26cbbc371b05214 + +Bug-Debian: https://bugs.debian.org/900051 +Bug: https://github.com/bestpractical/gnupg-interface/pull/1 +--- + t/get_public_keys.t | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/t/get_public_keys.t b/t/get_public_keys.t +index 53db021..06eec8c 100644 +--- a/t/get_public_keys.t ++++ b/t/get_public_keys.t +@@ -13,8 +13,12 @@ use MyTestSpecific; + use GnuPG::PrimaryKey; + use GnuPG::SubKey; + ++use version; ++ + my ( $given_key, $handmade_key ); + ++my $gnupg_version = version->parse($gnupg->version); ++ + TEST + { + reset_handles(); +@@ -74,7 +78,7 @@ TEST + date_string => '2000-03-16', + hex_id => '56FFD10A260C4FA3', + sig_class => 0x10, +- validity => '!'), ++ validity => $gnupg_version < version->parse('2.2.6') ? '!' : '?'), + GnuPG::Signature->new( + date => 949813093, + algo_num => 17, +@@ -105,7 +109,7 @@ TEST + date_string => '2000-03-16', + hex_id => '56FFD10A260C4FA3', + sig_class => 0x10, +- validity => '!'), ++ validity => $gnupg_version < version->parse('2.2.6') ? '!' : '?'), + GnuPG::Signature->new( + date => 953179891, + algo_num => 17, +-- +2.17.1 + diff --git a/patches/0001-Fix-test-suite-for-GnuPG-2.2.8-compatibility.patch b/patches/0001-Fix-test-suite-for-GnuPG-2.2.8-compatibility.patch new file mode 100644 index 0000000..404f78c --- /dev/null +++ b/patches/0001-Fix-test-suite-for-GnuPG-2.2.8-compatibility.patch @@ -0,0 +1,68 @@ +From c3373068683ec3b76d9d1cdbfc25134c359869f0 Mon Sep 17 00:00:00 2001 +From: Niko Tyni +Date: Sun, 24 Jun 2018 16:19:25 +0300 +Subject: [PATCH] Fix test suite for GnuPG >= 2.2.8 compatibility + +GnuPG 2.2.8 onwards issues a hard failure when decrypting +messages not using the MDC mode. + +Bug-Debian: https://bugs.debian.org/900051 +Bug: https://github.com/bestpractical/gnupg-interface/pull/1 +--- + t/decrypt.t | 19 +++++++++++++++++-- + 1 file changed, 17 insertions(+), 2 deletions(-) + +diff --git a/t/decrypt.t b/t/decrypt.t +index b2639ed..f7d9132 100644 +--- a/t/decrypt.t ++++ b/t/decrypt.t +@@ -6,6 +6,7 @@ + use strict; + use English qw( -no_match_vars ); + use File::Compare; ++use version; + + use lib './t'; + use MyTest; +@@ -13,6 +14,8 @@ use MyTestSpecific; + + my $compare; + ++my $gnupg_version = version->parse($gnupg->version); ++ + TEST + { + reset_handles(); +@@ -26,7 +29,13 @@ TEST + close $stdout; + waitpid $pid, 0; + +- return $CHILD_ERROR == 0;; ++ if ($gnupg_version < version->parse('2.2.8')) { ++ return $CHILD_ERROR == 0;; ++ } else { ++ local $/ = undef; ++ my $errstr = <$stderr>; ++ return (($CHILD_ERROR >> 8 == 2) and ($errstr =~ /ignore-mdc-error/)); ++ } + }; + + +@@ -50,7 +59,13 @@ TEST + + waitpid $pid, 0; + +- return $CHILD_ERROR == 0; ++ if ($gnupg_version < version->parse('2.2.8')) { ++ return $CHILD_ERROR == 0; ++ } else { ++ local $/ = undef; ++ my $errstr = <$stderr>; ++ return (($CHILD_ERROR >> 8 == 2) and ($errstr =~ /ignore-mdc-error/)); ++ } + }; + + +-- +2.17.1 + diff --git a/patches/0001-fix-spelling-error-settting-should-be-setting.patch b/patches/0001-fix-spelling-error-settting-should-be-setting.patch new file mode 100644 index 0000000..fcec610 --- /dev/null +++ b/patches/0001-fix-spelling-error-settting-should-be-setting.patch @@ -0,0 +1,35 @@ +From: Daniel Kahn Gillmor +Date: Tue, 13 Sep 2016 07:26:00 +0200 +Subject: fix spelling error ("settting" should be "setting") + +--- + README | 2 +- + lib/GnuPG/Interface.pm | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/README b/README +index fcb982a..f457577 100644 +--- a/README ++++ b/README +@@ -6,7 +6,7 @@ SYNOPSIS + use IO::Handle; + use GnuPG::Interface; + +- # settting up the situation ++ # setting up the situation + my $gnupg = GnuPG::Interface->new(); + $gnupg->options->hash_init( armor => 1, + homedir => '/home/foobar' ); +diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm +index f952f3e..83a4b1a 100644 +--- a/lib/GnuPG/Interface.pm ++++ b/lib/GnuPG/Interface.pm +@@ -834,7 +834,7 @@ GnuPG::Interface - Perl interface to GnuPG + use IO::Handle; + use GnuPG::Interface; + +- # settting up the situation ++ # setting up the situation + my $gnupg = GnuPG::Interface->new(); + $gnupg->options->hash_init( armor => 1, + homedir => '/home/foobar' ); diff --git a/patches/0002-Generalize-the-test-suite.patch b/patches/0002-Generalize-the-test-suite.patch new file mode 100644 index 0000000..d0d3e6c --- /dev/null +++ b/patches/0002-Generalize-the-test-suite.patch @@ -0,0 +1,151 @@ +From: Daniel Kahn Gillmor +Date: Tue, 13 Sep 2016 10:38:12 -0400 +Subject: Generalize the test suite + +The test suite currently assumes it knows something about the internal +state of GnuPG's homedir. + +It's safer and less brittle to rely explicitly on the public interface +that GnuPG has committed to, such as --import-keys and --list-keys, +rather than assuming that certain files are in certain places in the +GnuPG homedir. + +It's also better to create a fresh homedir and allow GnuPG to populate +it during the test suite, cleaning it up at the end, rather than hope +that GnuPG will leave a pre-existing homedir untouched. + +With this change, many more of the tests pass when /usr/bin/gpg is +provided by GnuPG 2.1. +--- + t/000_setup.t | 28 ++++++++++++++++++++++++++++ + t/MyTestSpecific.pm | 2 +- + t/zzz_cleanup.t | 17 +++++++++++++++++ + test/fake-pinentry.pl | 28 ++++++++++++++++++++++++++++ + test/{options => gpg.conf} | 0 + test/secret-keys/1.0.test | 4 ++-- + 6 files changed, 76 insertions(+), 3 deletions(-) + create mode 100644 t/000_setup.t + create mode 100644 t/zzz_cleanup.t + create mode 100755 test/fake-pinentry.pl + rename test/{options => gpg.conf} (100%) + +diff --git a/t/000_setup.t b/t/000_setup.t +new file mode 100644 +index 0000000..7f7f7b0 +--- /dev/null ++++ b/t/000_setup.t +@@ -0,0 +1,28 @@ ++#!/usr/bin/perl -w ++ ++use strict; ++use English qw( -no_match_vars ); ++ ++use lib './t'; ++use MyTest; ++use MyTestSpecific; ++use Cwd; ++use File::Path qw (make_path); ++use File::Copy; ++ ++TEST ++{ ++ make_path('test/gnupghome', { mode => 0700 }); ++ my $agentconf = IO::File->new( "> test/gnupghome/gpg-agent.conf" ); ++ $agentconf->write("pinentry-program " . getcwd() . "/test/fake-pinentry.pl\n"); ++ $agentconf->close(); ++ copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); ++ reset_handles(); ++ ++ my $pid = $gnupg->import_keys(command_args => [ 'test/pubring.gpg', 'test/secring.gpg' ], ++ options => [ 'batch'], ++ handles => $handles); ++ waitpid $pid, 0; ++ ++ return $CHILD_ERROR == 0; ++}; +diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm +index 053b749..1af98ae 100644 +--- a/t/MyTestSpecific.pm ++++ b/t/MyTestSpecific.pm +@@ -40,7 +40,7 @@ use vars qw( @ISA @EXPORT + + $gnupg = GnuPG::Interface->new( passphrase => 'test' ); + +-$gnupg->options->hash_init( homedir => 'test', ++$gnupg->options->hash_init( homedir => 'test/gnupghome', + armor => 1, + meta_interactive => 0, + meta_signing_key_id => '0xF950DA9C', +diff --git a/t/zzz_cleanup.t b/t/zzz_cleanup.t +new file mode 100644 +index 0000000..5c03a72 +--- /dev/null ++++ b/t/zzz_cleanup.t +@@ -0,0 +1,17 @@ ++#!/usr/bin/perl -w ++ ++use strict; ++use English qw( -no_match_vars ); ++ ++use lib './t'; ++use MyTest; ++use MyTestSpecific; ++use File::Path qw (remove_tree); ++ ++# this is actually no test, just cleanup. ++TEST ++{ ++ my $err = []; ++ remove_tree('test/gnupghome', {error => \$err}); ++ return ! @$err; ++}; +diff --git a/test/fake-pinentry.pl b/test/fake-pinentry.pl +new file mode 100755 +index 0000000..12d3611 +--- /dev/null ++++ b/test/fake-pinentry.pl +@@ -0,0 +1,28 @@ ++#!/usr/bin/perl -w ++# Use this for your test suites when a perl interpreter is available. ++# ++# The encrypted keys in your test suite that you expect to work must ++# be locked with a passphrase of "test" ++# ++# Author: Daniel Kahn Gillmor ++# ++# License: This trivial work is hereby explicitly placed into the ++# public domain. Anyone may reuse it, modify it, redistribute it for ++# any purpose. ++ ++use strict; ++use warnings; ++ ++# turn off buffering ++$| = 1; ++ ++print "OK This is only for test suites, and should never be used in production\n"; ++while () { ++ chomp; ++ next if (/^$/); ++ next if (/^#/); ++ print ("D test\n") if (/^getpin/i); ++ print "OK\n"; ++ exit if (/^bye/i); ++} ++1; +diff --git a/test/options b/test/gpg.conf +similarity index 100% +rename from test/options +rename to test/gpg.conf +diff --git a/test/secret-keys/1.0.test b/test/secret-keys/1.0.test +index 5999484..129d472 100644 +--- a/test/secret-keys/1.0.test ++++ b/test/secret-keys/1.0.test +@@ -1,5 +1,5 @@ +-test/secring.gpg +----------------- ++test/gnupghome/secring.gpg ++-------------------------- + sec 1024D/F950DA9C 2000-02-06 + uid GnuPG test key (for testing purposes only) + uid Foo Bar (1) diff --git a/patches/0003-subkey-validity-of-an-key-when-we-have-established-n.patch b/patches/0003-subkey-validity-of-an-key-when-we-have-established-n.patch new file mode 100644 index 0000000..23fbf97 --- /dev/null +++ b/patches/0003-subkey-validity-of-an-key-when-we-have-established-n.patch @@ -0,0 +1,37 @@ +From: Daniel Kahn Gillmor +Date: Tue, 13 Sep 2016 11:35:31 -0400 +Subject: subkey validity of an key when we have established no trust anchors + +This apparently isn't tested by deep comparisons, though, so it was +never caught. +--- + t/get_public_keys.t | 2 +- + t/get_secret_keys.t | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/t/get_public_keys.t b/t/get_public_keys.t +index 53db021..73e320b 100644 +--- a/t/get_public_keys.t ++++ b/t/get_public_keys.t +@@ -175,7 +175,7 @@ TEST + ]; + + my $subkey = GnuPG::SubKey->new +- ( validity => 'u', ++ ( validity => '-', + length => 768, + algo_num => 16, + hex_id => 'ADB99D9C2E854A6B', +diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t +index 3a1d99f..7bba083 100644 +--- a/t/get_secret_keys.t ++++ b/t/get_secret_keys.t +@@ -48,7 +48,7 @@ TEST + + + my $subkey = GnuPG::SubKey->new +- ( validity => 'u', ++ ( validity => '-', + length => 768, + algo_num => 16, + hex_id => 'ADB99D9C2E854A6B', diff --git a/patches/0004-ensure-that-test-covers-all-signatures.patch b/patches/0004-ensure-that-test-covers-all-signatures.patch new file mode 100644 index 0000000..1743b7d --- /dev/null +++ b/patches/0004-ensure-that-test-covers-all-signatures.patch @@ -0,0 +1,35 @@ +From: Daniel Kahn Gillmor +Date: Tue, 13 Sep 2016 11:39:04 -0400 +Subject: ensure that test covers all signatures + +The earlier test wasn't reporting on one of the known self-sigs for +the test key for some reason. + +This change ensures that all known signatures are present. +--- + t/get_public_keys.t | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/t/get_public_keys.t b/t/get_public_keys.t +index 73e320b..9e96f7d 100644 +--- a/t/get_public_keys.t ++++ b/t/get_public_keys.t +@@ -83,7 +83,17 @@ TEST + date_string => '2000-02-06', + hex_id => '53AE596EF950DA9C', + sig_class => 0x13, +- validity => '!')); ++ validity => '!'), ++ GnuPG::Signature->new( ++ date => 1177086329, ++ algo_num => 17, ++ is_exportable => 1, ++ user_id_string => 'GnuPG test key (for testing purposes only)', ++ date_string => '2007-04-20', ++ hex_id => '53AE596EF950DA9C', ++ sig_class => 0x13, ++ validity => '!'), ++ ); + + my $uid1 = GnuPG::UserId->new( as_string => 'Foo Bar (1)', + validity => '-'); diff --git a/patches/0005-add-gpg_is_modern-to-test-suite.patch b/patches/0005-add-gpg_is_modern-to-test-suite.patch new file mode 100644 index 0000000..0016fa7 --- /dev/null +++ b/patches/0005-add-gpg_is_modern-to-test-suite.patch @@ -0,0 +1,39 @@ +From: Daniel Kahn Gillmor +Date: Tue, 13 Sep 2016 14:31:38 -0400 +Subject: add $gpg_is_modern to test suite + +MyTestSpecific.pm now produces a new variable indicating whether it +the version of GnuPG we run against is from the "Modern" line of GnuPG +development (2.1 or later). This will be useful when comparing output +that we can't expect from earlier versions. +--- + t/MyTestSpecific.pm | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm +index 1af98ae..a309698 100644 +--- a/t/MyTestSpecific.pm ++++ b/t/MyTestSpecific.pm +@@ -29,17 +29,20 @@ use GnuPG::Handles; + use vars qw( @ISA @EXPORT + $stdin $stdout $stderr + $gpg_program $handles $gnupg +- %texts ++ %texts $gpg_is_modern + ); + + @ISA = qw( Exporter ); + @EXPORT = qw( stdin stdout stderr + gnupg_program handles reset_handles +- texts file_match ++ texts file_match gpg_is_modern + ); + + $gnupg = GnuPG::Interface->new( passphrase => 'test' ); + ++my @version = split('\.', $gnupg->version()); ++$gpg_is_modern = ($version[0] > 2 || ($version[0] == 2 && $version[1] >= 1)); ++ + $gnupg->options->hash_init( homedir => 'test/gnupghome', + armor => 1, + meta_interactive => 0, diff --git a/patches/0006-Modern-GnuPG-2.1-reports-more-detail-about-secret-ke.patch b/patches/0006-Modern-GnuPG-2.1-reports-more-detail-about-secret-ke.patch new file mode 100644 index 0000000..bea8bfc --- /dev/null +++ b/patches/0006-Modern-GnuPG-2.1-reports-more-detail-about-secret-ke.patch @@ -0,0 +1,120 @@ +From: Daniel Kahn Gillmor +Date: Tue, 13 Sep 2016 14:12:40 -0400 +Subject: Modern GnuPG (2.1) reports more detail about secret keys + +the GnuPG "modern" suite (version 2.1 or later) reports more detail +about secret keys than previous versions did. In particular, it +reports stored ownertrust, public key data, and designated revokers +for secret keys. Older versions only reported those attributes for +public keys. + +This patch adjusts the test suite to ensure that our handmade key +matches the produced key when /usr/bin/gpg is supplied by the modern +suite. +--- + t/get_secret_keys.t | 66 +++++++++++++++++++++++++++++++++++++++++++---------- + 1 file changed, 54 insertions(+), 12 deletions(-) + +diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t +index 7bba083..c798cce 100644 +--- a/t/get_secret_keys.t ++++ b/t/get_secret_keys.t +@@ -23,16 +23,34 @@ TEST + return 0 unless @returned_keys == 1; + + $given_key = shift @returned_keys; +- +- $handmade_key = GnuPG::PrimaryKey->new +- ( length => 1024, ++ my $pubkey_data = [ ++ Math::BigInt->from_hex('0x'. ++ '88FCAAA5BCDCD52084D46143F44ED1715A339794641158DE03AA2092AFD3174E3DCA2CB7DF2DDC6FEDF7C3620F5A8BDAD06713E6153F8748DD76CB97305F30CBA8F8801DB47FAC11EED725F55672CB9BDAD629178A677CBB089B3E8AE0D9A9AD7741697A35F2868C62D25670994A92D810480173DC24263EEA0F103A43C0B64B'), ++ Math::BigInt->from_hex('0x'. ++ '8F2A3842C70FF17660CBB78C78FC93F534AB9A17'), ++ Math::BigInt->from_hex('0x'. ++ '83E348C2AA65F56DE84E8FDCE6DA7B0991B1C75EC8CA446FA85869A43350907BFF36BE512385E8E7E095578BB2138C04E318495873218286DE2B8C86F36EA670135434967AC798EBA28581F709F0C6B696EB512D3E561E381A06E4B5239BCC655015F9A926C74E4B859B26EAD604F208A556511A76A40EDCD9C38E6BD82CCCB4'), ++ Math::BigInt->from_hex('0x'. ++ '80DE04C85E30C9D62C13F90CFF927A84A5A59D0900B3533D4D6193FEF8C5DAEF9FF8A7D5F76B244FBC17644F50D524E0B19CD3A4B5FC2D78DAECA3FE58FA1C1A64E6C7B96C4EE618173543163A72EF954DFD593E84342699096E9CA76578AC1DE3D893BCCD0BF470CEF625FAF816A0F503EF75C18C6173E35C8675AF919E5704') ++ ]; ++ ++ ++ my $args = { ++ length => 1024, + algo_num => 17, + hex_id => '53AE596EF950DA9C', + creation_date => 949813093, + creation_date_string => '2000-02-06', +- owner_trust => '', # secret keys do not report ownertrust? ++ owner_trust => '-', + usage_flags => 'scaESCA', +- ); ++ pubkey_data => $pubkey_data, ++ }; ++ if (!$gpg_is_modern) { ++ # older versions don't report ownertrust or pubkey_data for secret keys: ++ delete $args->{pubkey_data}; ++ $args->{owner_trust} = ''; ++ } ++ $handmade_key = GnuPG::PrimaryKey->new($args); + + $handmade_key->fingerprint + ( GnuPG::Fingerprint->new( as_hex_string => +@@ -42,20 +60,42 @@ TEST + + $handmade_key->push_user_ids( + GnuPG::UserId->new( as_string => 'GnuPG test key (for testing purposes only)', +- validity => ''), # secret keys do not report uid validity? ++ validity => $args->{owner_trust}), + GnuPG::UserId->new( as_string => 'Foo Bar (1)', +- validity => '')); # secret keys do not report uid validity? +- +- +- my $subkey = GnuPG::SubKey->new +- ( validity => '-', ++ validity => $args->{owner_trust})); ++ ++ my $revoker = GnuPG::Revoker->new ++ ( algo_num => 17, ++ class => 0x80, ++ fingerprint => GnuPG::Fingerprint->new( as_hex_string => ++ '4F863BBBA8166F0A340F600356FFD10A260C4FA3'), ++ ); ++ ++ my $subkey_pub_data = [ ++ Math::BigInt->from_hex('0x'. ++ '8831982DADC4C5D05CBB01D9EAF612131DDC9C24CEA7246557679423FB0BA42F74D10D8E7F5564F6A4FB8837F8DC4A46571C19B122E6DF4B443D15197A6A22688863D0685FADB6E402316DAA9B560D1F915475364580A67E6DF0A727778A5CF3'), ++ Math::BigInt->from_hex('0x'. ++ '6'), ++ Math::BigInt->from_hex('0x'. ++ '2F3850FF130C6AC9AA0962720E86539626FAA9B67B33A74DFC0DE843FF3E90E43E2F379EE0182D914FA539CCCF5C83A20DB3A7C45E365B8A2A092E799A3DFF4AD8274EB977BAAF5B1AFB2ACB8D6F92454F01682F555565E73E56793C46EF7C3E') ++ ]; ++ ++ my $sub_args = { ++ validity => '-', + length => 768, + algo_num => 16, + hex_id => 'ADB99D9C2E854A6B', + creation_date => 949813119, + creation_date_string => '2000-02-06', + usage_flags => 'e', +- ); ++ pubkey_data => $subkey_pub_data, ++ }; ++ ++ if (!$gpg_is_modern) { ++ # older versions do not report pubkey data for secret keys ++ delete $sub_args->{pubkey_data}; ++ } ++ my $subkey = GnuPG::SubKey->new($sub_args); + + $subkey->fingerprint + ( GnuPG::Fingerprint->new( as_hex_string => +@@ -64,6 +104,8 @@ TEST + ); + + $handmade_key->push_subkeys( $subkey ); ++ # older versions do not report designated revokers for secret keys ++ $handmade_key->push_revokers( $revoker ) if ($gpg_is_modern); + + $handmade_key->compare( $given_key ); + }; diff --git a/patches/0007-test-suite-match-plaintext-output-across-versions-of.patch b/patches/0007-test-suite-match-plaintext-output-across-versions-of.patch new file mode 100644 index 0000000..85c1a46 --- /dev/null +++ b/patches/0007-test-suite-match-plaintext-output-across-versions-of.patch @@ -0,0 +1,95 @@ +From: Daniel Kahn Gillmor +Date: Tue, 13 Sep 2016 14:46:13 -0400 +Subject: test suite: match plaintext output across versions of GnuPG + +The human-readable version of --list-keys is *not* expected to be +static over time or as the user's environment changes (e.g. LANG or +LC_MESSAGES), so expecting it to be machine-parseable is probably a +mistake. + +That said, some users might want to pull textual information about +specific keys to display directly to the user, so it's not a terrible +idea to have it in the test suite. + +Modern GnuPG (2.1 or later) changes the default structure of the +human-readable output in a few significant ways: + + * it writes the path to the keyring as an absolute path, even if + $GNUPGHOME is set to a non-absolute path. + + * it shows the calculated user id validity by default (see + show-uid-validity in gpg's --list-options). (note that this is a + translated string, so that "unknown" (in the default C locale) + becomes "inconnue" when LANG or LC_MESSAGES is set to fr_CH.UTF-8, + for example. + + * it writes the key algorithm names differently (e.g. rsa2048 instead + of 2048R) + + * it does not display the key ID at all by default + + * it displays the full fingerprint in compact form by default + +This changeset fixes the test suite so that it can do a rough +verification of the human-readable text output by list_secret_keys in +the C locale in modern versions of GnuPG, while leaving it working for +older GnuPG suites. +--- + t/list_secret_keys.t | 15 +++++++++++++-- + test/secret-keys/1.modern.test | 8 ++++++++ + 2 files changed, 21 insertions(+), 2 deletions(-) + create mode 100644 test/secret-keys/1.modern.test + +diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t +index 1fe9b7e..51e3651 100644 +--- a/t/list_secret_keys.t ++++ b/t/list_secret_keys.t +@@ -16,13 +16,22 @@ TEST + { + reset_handles(); + ++ $ENV{LC_MESSAGES} = 'C'; + my $pid = $gnupg->list_secret_keys( handles => $handles ); + close $stdin; + + $outfile = 'test/secret-keys/1.out'; + my $out = IO::File->new( "> $outfile" ) + or die "cannot open $outfile for writing: $ERRNO"; +- $out->print( <$stdout> ); ++ while (<$stdout>) { ++ if ($gpg_is_modern && /^\/.*\/test\/gnupghome\/pubring.kbx$/) { ++ $out->print("test/gnupghome/pubring.kbx\n"); ++ } elsif ($gpg_is_modern && /^--*$/) { ++ $out->print("--------------------------\n"); ++ } else { ++ $out->print( $_ ); ++ } ++ } + close $stdout; + $out->close(); + waitpid $pid, 0; +@@ -33,7 +42,9 @@ TEST + + TEST + { +- my @files_to_test = ( 'test/secret-keys/1.0.test' ); ++ my $suffix = '0'; ++ $suffix = 'modern' if ($gpg_is_modern); ++ my @files_to_test = ( 'test/secret-keys/1.'.$suffix.'.test' ); + + return file_match( $outfile, @files_to_test ); + }; +diff --git a/test/secret-keys/1.modern.test b/test/secret-keys/1.modern.test +new file mode 100644 +index 0000000..3e46407 +--- /dev/null ++++ b/test/secret-keys/1.modern.test +@@ -0,0 +1,8 @@ ++test/gnupghome/pubring.kbx ++-------------------------- ++sec dsa1024 2000-02-06 [SCA] ++ 93AFC4B1B0288A104996B44253AE596EF950DA9C ++uid [ unknown] GnuPG test key (for testing purposes only) ++uid [ unknown] Foo Bar (1) ++ssb elg768 2000-02-06 [E] ++ diff --git a/patches/0008-fix-test_default_key_passphrase-when-passphrase-come.patch b/patches/0008-fix-test_default_key_passphrase-when-passphrase-come.patch new file mode 100644 index 0000000..5ae9383 --- /dev/null +++ b/patches/0008-fix-test_default_key_passphrase-when-passphrase-come.patch @@ -0,0 +1,29 @@ +From: Daniel Kahn Gillmor +Date: Tue, 13 Sep 2016 15:22:27 -0400 +Subject: fix test_default_key_passphrase when passphrase comes from agent + +In the modern GnuPG suite, where the passphrase is always managed by +the agent, gpg itself doesn't emit the GOOD_PASSPHRASE status. +Instead, if signing is successful it emits plain old SIG_CREATED. + +There are probably even better ways to test whether a given key is +unlocked in this case, but this is a straightforward baseline fix that +should get this part of the test suite to pass with all available +versions of GnuPG. +--- + lib/GnuPG/Interface.pm | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm +index 83a4b1a..1f1e6d5 100644 +--- a/lib/GnuPG/Interface.pm ++++ b/lib/GnuPG/Interface.pm +@@ -808,7 +808,7 @@ sub test_default_key_passphrase() { + + # all we realy want to check is the status fh + while (<$status>) { +- if (/^\[GNUPG:\]\s*GOOD_PASSPHRASE/) { ++ if (/^\[GNUPG:\]\s*(GOOD_PASSPHRASE|SIG_CREATED)/) { + waitpid $pid, 0; + return 1; + } diff --git a/patches/0009-clean-up-trailing-whitespace.patch b/patches/0009-clean-up-trailing-whitespace.patch new file mode 100644 index 0000000..f408c65 --- /dev/null +++ b/patches/0009-clean-up-trailing-whitespace.patch @@ -0,0 +1,112 @@ +From: Daniel Kahn Gillmor +Date: Tue, 11 Oct 2016 19:52:13 -0400 +Subject: clean up trailing whitespace + +--- + lib/GnuPG/Fingerprint.pm | 2 +- + lib/GnuPG/Handles.pm | 2 +- + lib/GnuPG/Interface.pm | 16 ++++++++-------- + 3 files changed, 10 insertions(+), 10 deletions(-) + +diff --git a/lib/GnuPG/Fingerprint.pm b/lib/GnuPG/Fingerprint.pm +index fcb1028..81c38a7 100644 +--- a/lib/GnuPG/Fingerprint.pm ++++ b/lib/GnuPG/Fingerprint.pm +@@ -20,7 +20,7 @@ with qw(GnuPG::HashInit); + + has as_hex_string => ( + isa => 'Any', +- is => 'rw', ++ is => 'rw', + ); + + sub compare { +diff --git a/lib/GnuPG/Handles.pm b/lib/GnuPG/Handles.pm +index b30ca57..3eee0e3 100644 +--- a/lib/GnuPG/Handles.pm ++++ b/lib/GnuPG/Handles.pm +@@ -73,7 +73,7 @@ GnuPG::Handles - GnuPG handles bundle + = ( IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), + IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), + ); +- ++ + my $handles = GnuPG::Handles->new + ( stdin => $stdin, + stdout => $stdout, +diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm +index 1f1e6d5..19e8070 100644 +--- a/lib/GnuPG/Interface.pm ++++ b/lib/GnuPG/Interface.pm +@@ -833,7 +833,7 @@ GnuPG::Interface - Perl interface to GnuPG + # A simple example + use IO::Handle; + use GnuPG::Interface; +- ++ + # setting up the situation + my $gnupg = GnuPG::Interface->new(); + $gnupg->options->hash_init( armor => 1, +@@ -852,7 +852,7 @@ GnuPG::Interface - Perl interface to GnuPG + # Now we'll go about encrypting with the options already set + my @plaintext = ( 'foobar' ); + my $pid = $gnupg->encrypt( handles => $handles ); +- ++ + # Now we write to the input of GnuPG + print $input @plaintext; + close $input; +@@ -1144,7 +1144,7 @@ The following setup can be done before any of the following examples: + + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output ); +- ++ + # this sets up the communication + # Note that the recipients were specified earlier + # in the 'options' data member of the $gnupg object. +@@ -1220,7 +1220,7 @@ The following setup can be done before any of the following examples: + # a file written to disk + # Make sure you "use IO::File" if you use this module! + my $cipher_file = IO::File->new( 'encrypted.gpg' ); +- ++ + # this sets up the communication + my $pid = $gnupg->decrypt( handles => $handles ); + +@@ -1252,7 +1252,7 @@ The following setup can be done before any of the following examples: + # This time we'll just let GnuPG print to our own output + # and read from our input, because no input is needed! + my $handles = GnuPG::Handles->new(); +- ++ + my @ids = ( 'ftobin', '0xABCD1234' ); + + # this time we need to specify something for +@@ -1260,7 +1260,7 @@ The following setup can be done before any of the following examples: + # search ids as arguments + my $pid = $gnupg->list_public_keys( handles => $handles, + command_args => [ @ids ] ); +- ++ + waitpid $pid, 0; + + =head2 Creating GnuPG::PublicKey Objects +@@ -1280,7 +1280,7 @@ The following setup can be done before any of the following examples: + command_args => [ qw( test/key.1.asc ) ], + handles => $handles, + ); +- ++ + my @out = <$handles->stdout()>; + waitpid $pid, 0; + +@@ -1357,7 +1357,7 @@ under the same terms as Perl itself. + + =head1 AUTHOR + +-GnuPg::Interface is currently maintained by Jesse Vincent . ++GnuPg::Interface is currently maintained by Jesse Vincent . + + Frank J. Tobin, ftobin@cpan.org was the original author of the package. + diff --git a/patches/0010-fix-capitalization-of-GnuPG.patch b/patches/0010-fix-capitalization-of-GnuPG.patch new file mode 100644 index 0000000..f55d4b1 --- /dev/null +++ b/patches/0010-fix-capitalization-of-GnuPG.patch @@ -0,0 +1,35 @@ +From: Daniel Kahn Gillmor +Date: Tue, 11 Oct 2016 19:52:58 -0400 +Subject: fix capitalization of GnuPG + +--- + README | 2 +- + lib/GnuPG/Interface.pm | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/README b/README +index f457577..aa7c984 100644 +--- a/README ++++ b/README +@@ -427,7 +427,7 @@ LICENSE + under the same terms as Perl itself. + + AUTHOR +- GnuPg::Interface is currently maintained by Jesse Vincent ++ GnuPG::Interface is currently maintained by Jesse Vincent + . + + Frank J. Tobin, ftobin@cpan.org was the original author of the package. +diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm +index 19e8070..cf7138f 100644 +--- a/lib/GnuPG/Interface.pm ++++ b/lib/GnuPG/Interface.pm +@@ -1357,7 +1357,7 @@ under the same terms as Perl itself. + + =head1 AUTHOR + +-GnuPg::Interface is currently maintained by Jesse Vincent . ++GnuPG::Interface is currently maintained by Jesse Vincent . + + Frank J. Tobin, ftobin@cpan.org was the original author of the package. + diff --git a/patches/0011-ommand_args-should-be-command_args.patch b/patches/0011-ommand_args-should-be-command_args.patch new file mode 100644 index 0000000..a9ab737 --- /dev/null +++ b/patches/0011-ommand_args-should-be-command_args.patch @@ -0,0 +1,21 @@ +From: Daniel Kahn Gillmor +Date: Tue, 11 Oct 2016 19:57:10 -0400 +Subject: ommand_args should be command_args + +--- + t/list_public_keys.t | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/t/list_public_keys.t b/t/list_public_keys.t +index 7e563c1..a36a78b 100644 +--- a/t/list_public_keys.t ++++ b/t/list_public_keys.t +@@ -38,7 +38,7 @@ TEST + reset_handles(); + + my $pid = $gnupg->list_public_keys( handles => $handles, +- ommand_args => '0xF950DA9C' ++ command_args => '0xF950DA9C' + ); + close $stdin; + diff --git a/patches/0012-use-fingerprints-as-inputs-during-tests-to-demonstra.patch b/patches/0012-use-fingerprints-as-inputs-during-tests-to-demonstra.patch new file mode 100644 index 0000000..9694e08 --- /dev/null +++ b/patches/0012-use-fingerprints-as-inputs-during-tests-to-demonstra.patch @@ -0,0 +1,265 @@ +From: Daniel Kahn Gillmor +Date: Tue, 11 Oct 2016 20:05:16 -0400 +Subject: use fingerprints as inputs during tests to demonstrate explicit usage + +--- + README | 6 +++--- + lib/GnuPG/Interface.pm | 6 +++--- + lib/GnuPG/Options.pm | 2 +- + t/MyTestSpecific.pm | 2 +- + t/encrypt.t | 6 +++--- + t/export_keys.t | 4 ++-- + t/get_public_keys.t | 2 +- + t/get_secret_keys.t | 2 +- + t/list_public_keys.t | 4 ++-- + t/list_secret_keys.t | 4 ++-- + t/list_sigs.t | 4 ++-- + t/sign_and_encrypt.t | 2 +- + 12 files changed, 22 insertions(+), 22 deletions(-) + +diff --git a/README b/README +index aa7c984..ed94ede 100644 +--- a/README ++++ b/README +@@ -228,7 +228,7 @@ EXAMPLES + + $gnupg->options->hash_init( armor => 1, + recipients => [ 'ftobin@uiuc.edu', +- '0xABCD1234' ], ++ '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ], + meta_interactive => 0 , + ); + +@@ -347,7 +347,7 @@ EXAMPLES + # and read from our input, because no input is needed! + my $handles = GnuPG::Handles->new(); + +- my @ids = ( 'ftobin', '0xABCD1234' ); ++ my @ids = ( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); + + # this time we need to specify something for + # command_args because --list-public-keys takes +@@ -358,7 +358,7 @@ EXAMPLES + waitpid $pid, 0; + + Creating GnuPG::PublicKey Objects +- my @ids = [ 'ftobin', '0xABCD1234' ]; ++ my @ids = [ 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ]; + + my @keys = $gnupg->get_public_keys( @ids ); + +diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm +index cf7138f..6eaef7d 100644 +--- a/lib/GnuPG/Interface.pm ++++ b/lib/GnuPG/Interface.pm +@@ -1130,7 +1130,7 @@ The following setup can be done before any of the following examples: + + $gnupg->options->hash_init( armor => 1, + recipients => [ 'ftobin@uiuc.edu', +- '0xABCD1234' ], ++ '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ], + meta_interactive => 0 , + ); + +@@ -1253,7 +1253,7 @@ The following setup can be done before any of the following examples: + # and read from our input, because no input is needed! + my $handles = GnuPG::Handles->new(); + +- my @ids = ( 'ftobin', '0xABCD1234' ); ++ my @ids = ( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); + + # this time we need to specify something for + # command_args because --list-public-keys takes +@@ -1265,7 +1265,7 @@ The following setup can be done before any of the following examples: + + =head2 Creating GnuPG::PublicKey Objects + +- my @ids = [ 'ftobin', '0xABCD1234' ]; ++ my @ids = [ 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ]; + + my @keys = $gnupg->get_public_keys( @ids ); + +diff --git a/lib/GnuPG/Options.pm b/lib/GnuPG/Options.pm +index 86261a0..7788662 100644 +--- a/lib/GnuPG/Options.pm ++++ b/lib/GnuPG/Options.pm +@@ -198,7 +198,7 @@ GnuPG::Options - GnuPG options embodiment + + # assuming $gnupg is a GnuPG::Interface object + $gnupg->options->armor( 1 ); +- $gnupg->options->push_recipients( 'ftobin', '0xABCD1234' ); ++ $gnupg->options->push_recipients( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); + + =head1 DESCRIPTION + +diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm +index a309698..c8764cc 100644 +--- a/t/MyTestSpecific.pm ++++ b/t/MyTestSpecific.pm +@@ -46,7 +46,7 @@ $gpg_is_modern = ($version[0] > 2 || ($version[0] == 2 && $version[1] >= 1)); + $gnupg->options->hash_init( homedir => 'test/gnupghome', + armor => 1, + meta_interactive => 0, +- meta_signing_key_id => '0xF950DA9C', ++ meta_signing_key_id => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', + always_trust => 1, + ); + +diff --git a/t/encrypt.t b/t/encrypt.t +index 3183ac4..e6bdc08 100644 +--- a/t/encrypt.t ++++ b/t/encrypt.t +@@ -27,7 +27,7 @@ TEST + + $gnupg->options->clear_recipients(); + $gnupg->options->clear_meta_recipients_keys(); +- $gnupg->options->push_recipients( '0x2E854A6B' ); ++ $gnupg->options->push_recipients( '0x7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' ); + + my $pid = $gnupg->encrypt( handles => $handles ); + +@@ -43,7 +43,7 @@ TEST + { + reset_handles(); + +- my @keys = $gnupg->get_public_keys( '0xF950DA9C' ); ++ my @keys = $gnupg->get_public_keys( '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); + $gnupg->options->clear_recipients(); + $gnupg->options->clear_meta_recipients_keys(); + $gnupg->options->push_meta_recipients_keys( @keys ); +@@ -64,7 +64,7 @@ TEST + + $gnupg->options->clear_recipients(); + $gnupg->options->clear_meta_recipients_keys(); +- $gnupg->options->push_recipients( '0x2E854A6B' ); ++ $gnupg->options->push_recipients( '0x7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' ); + + $handles->stdin( $texts{plain}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; +diff --git a/t/export_keys.t b/t/export_keys.t +index cf5c82b..5add064 100644 +--- a/t/export_keys.t ++++ b/t/export_keys.t +@@ -15,7 +15,7 @@ TEST + reset_handles(); + + my $pid = $gnupg->export_keys( handles => $handles, +- command_args => '0xF950DA9C' ); ++ command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); + close $stdin; + waitpid $pid, 0; + +@@ -31,7 +31,7 @@ TEST + $handles->options( 'stdout' )->{direct} = 1; + + my $pid = $gnupg->export_keys( handles => $handles, +- command_args => '0xF950DA9C' ); ++ command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); + waitpid $pid, 0; + return $CHILD_ERROR == 0; + }; +diff --git a/t/get_public_keys.t b/t/get_public_keys.t +index 9e96f7d..7893625 100644 +--- a/t/get_public_keys.t ++++ b/t/get_public_keys.t +@@ -19,7 +19,7 @@ TEST + { + reset_handles(); + +- my @returned_keys = $gnupg->get_public_keys_with_sigs( '0xF950DA9C' ); ++ my @returned_keys = $gnupg->get_public_keys_with_sigs( '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); + + return 0 unless @returned_keys == 1; + +diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t +index c798cce..a7f1348 100644 +--- a/t/get_secret_keys.t ++++ b/t/get_secret_keys.t +@@ -18,7 +18,7 @@ TEST + { + reset_handles(); + +- my @returned_keys = $gnupg->get_secret_keys( '0xF950DA9C' ); ++ my @returned_keys = $gnupg->get_secret_keys( '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); + + return 0 unless @returned_keys == 1; + +diff --git a/t/list_public_keys.t b/t/list_public_keys.t +index a36a78b..622b092 100644 +--- a/t/list_public_keys.t ++++ b/t/list_public_keys.t +@@ -38,7 +38,7 @@ TEST + reset_handles(); + + my $pid = $gnupg->list_public_keys( handles => $handles, +- command_args => '0xF950DA9C' ++ command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' + ); + close $stdin; + +@@ -64,7 +64,7 @@ TEST + $handles->options( 'stdout' )->{direct} = 1; + + my $pid = $gnupg->list_public_keys( handles => $handles, +- command_args => '0xF950DA9C', ++ command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', + ); + + waitpid $pid, 0; +diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t +index 51e3651..7040c38 100644 +--- a/t/list_secret_keys.t ++++ b/t/list_secret_keys.t +@@ -55,7 +55,7 @@ TEST + reset_handles(); + + my $pid = $gnupg->list_secret_keys( handles => $handles, +- command_args => '0xF950DA9C' ); ++ command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); + close $stdin; + + $outfile = 'test/secret-keys/2.out'; +@@ -80,7 +80,7 @@ TEST + $handles->options( 'stdout' )->{direct} = 1; + + my $pid = $gnupg->list_secret_keys( handles => $handles, +- command_args => '0xF950DA9C' ); ++ command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); + + waitpid $pid, 0; + +diff --git a/t/list_sigs.t b/t/list_sigs.t +index 16cfa6a..1301fb2 100644 +--- a/t/list_sigs.t ++++ b/t/list_sigs.t +@@ -36,7 +36,7 @@ TEST + reset_handles(); + + my $pid = $gnupg->list_sigs( handles => $handles, +- command_args => '0xF950DA9C', ++ command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', + ); + close $stdin; + +@@ -60,7 +60,7 @@ TEST + $handles->options( 'stdout' )->{direct} = 1; + + my $pid = $gnupg->list_sigs( handles => $handles, +- command_args => '0xF950DA9C', ++ command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', + ); + + waitpid $pid, 0; +diff --git a/t/sign_and_encrypt.t b/t/sign_and_encrypt.t +index 5dc1c08..df0fc75 100644 +--- a/t/sign_and_encrypt.t ++++ b/t/sign_and_encrypt.t +@@ -14,7 +14,7 @@ TEST + { + reset_handles(); + +- $gnupg->options->push_recipients( '0x2E854A6B' ); ++ $gnupg->options->push_recipients( '0x7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' ); + my $pid = $gnupg->sign_and_encrypt( handles => $handles ); + + print $stdin @{ $texts{plain}->data() }; diff --git a/patches/0013-move-key-files-to-generic-names.patch b/patches/0013-move-key-files-to-generic-names.patch new file mode 100644 index 0000000..489e685 --- /dev/null +++ b/patches/0013-move-key-files-to-generic-names.patch @@ -0,0 +1,33 @@ +From: Daniel Kahn Gillmor +Date: Tue, 11 Oct 2016 20:17:49 -0400 +Subject: move key files to generic names + +--- + t/000_setup.t | 2 +- + test/{pubring.gpg => public_keys.pgp} | Bin + test/{secring.gpg => secret_keys.pgp} | Bin + 3 files changed, 1 insertion(+), 1 deletion(-) + rename test/{pubring.gpg => public_keys.pgp} (100%) + rename test/{secring.gpg => secret_keys.pgp} (100%) + +diff --git a/t/000_setup.t b/t/000_setup.t +index 7f7f7b0..a8e3042 100644 +--- a/t/000_setup.t ++++ b/t/000_setup.t +@@ -19,7 +19,7 @@ TEST + copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); + reset_handles(); + +- my $pid = $gnupg->import_keys(command_args => [ 'test/pubring.gpg', 'test/secring.gpg' ], ++ my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp' ], + options => [ 'batch'], + handles => $handles); + waitpid $pid, 0; +diff --git a/test/pubring.gpg b/test/public_keys.pgp +similarity index 100% +rename from test/pubring.gpg +rename to test/public_keys.pgp +diff --git a/test/secring.gpg b/test/secret_keys.pgp +similarity index 100% +rename from test/secring.gpg +rename to test/secret_keys.pgp diff --git a/patches/0014-fix-spelling-s-convience-convenience.patch b/patches/0014-fix-spelling-s-convience-convenience.patch new file mode 100644 index 0000000..ee809b6 --- /dev/null +++ b/patches/0014-fix-spelling-s-convience-convenience.patch @@ -0,0 +1,53 @@ +From: Daniel Kahn Gillmor +Date: Tue, 11 Oct 2016 20:25:48 -0400 +Subject: fix spelling: s/convience/convenience/ + +--- + README | 4 ++-- + lib/GnuPG/Interface.pm | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/README b/README +index ed94ede..a05ef9b 100644 +--- a/README ++++ b/README +@@ -143,7 +143,7 @@ OBJECT METHODS + does not come into play. If the passphrase data member handle of the + handles object is not defined, but the the passphrase data member + handle of GnuPG::Interface object is, GnuPG::Interface will handle +- passing this information into GnuPG for the user as a convience. ++ passing this information into GnuPG for the user as a convenience. + Note that this will result in GnuPG::Interface storing the + passphrase in memory, instead of having it simply 'pass-through' to + GnuPG via a handle. +@@ -271,7 +271,7 @@ EXAMPLES + ); + + # indicate our pasphrase through the +- # convience method ++ # convenience method + $gnupg->passphrase( $passphrase ); + + # this sets up the communication +diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm +index 6eaef7d..29205f0 100644 +--- a/lib/GnuPG/Interface.pm ++++ b/lib/GnuPG/Interface.pm +@@ -1008,7 +1008,7 @@ and so this information is not generated and does not come into play. + If the B data member handle of the B object + is not defined, but the the B data member handle of GnuPG::Interface + object is, GnuPG::Interface will handle passing this information into GnuPG +-for the user as a convience. Note that this will result in ++for the user as a convenience. Note that this will result in + GnuPG::Interface storing the passphrase in memory, instead of having + it simply 'pass-through' to GnuPG via a handle. + +@@ -1175,7 +1175,7 @@ The following setup can be done before any of the following examples: + ); + + # indicate our pasphrase through the +- # convience method ++ # convenience method + $gnupg->passphrase( $passphrase ); + + # this sets up the communication diff --git a/patches/0015-added-new-secret-key-with-different-passphrase.patch b/patches/0015-added-new-secret-key-with-different-passphrase.patch new file mode 100644 index 0000000..fcf20c1 --- /dev/null +++ b/patches/0015-added-new-secret-key-with-different-passphrase.patch @@ -0,0 +1,117 @@ +From: Daniel Kahn Gillmor +Date: Tue, 11 Oct 2016 20:59:43 -0400 +Subject: added new secret key with different passphrase + +Adding a new secret key with a different passphrase should allow us to +differentiate between passing the passphrase explicitly and relying on +the agent + pinentry. +--- + t/000_setup.t | 2 +- + test/new_secret.pgp | 58 ++++++++++++++++++++++++++++++++++++++++++ + test/secret-keys/1.0.test | 4 +++ + test/secret-keys/1.modern.test | 5 ++++ + 4 files changed, 68 insertions(+), 1 deletion(-) + create mode 100644 test/new_secret.pgp + +diff --git a/t/000_setup.t b/t/000_setup.t +index a8e3042..b183241 100644 +--- a/t/000_setup.t ++++ b/t/000_setup.t +@@ -19,7 +19,7 @@ TEST + copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); + reset_handles(); + +- my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp' ], ++ my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp', 'test/new_secret.pgp' ], + options => [ 'batch'], + handles => $handles); + waitpid $pid, 0; +diff --git a/test/new_secret.pgp b/test/new_secret.pgp +new file mode 100644 +index 0000000..5feb72c +--- /dev/null ++++ b/test/new_secret.pgp +@@ -0,0 +1,58 @@ ++-----BEGIN PGP PRIVATE KEY BLOCK----- ++ ++lQPGBFf9iNIBCACZGF36JFTAggUJK85gweUquqh0kvVQICUtyiHXFXBBPzCK+RWL ++oc5yeOfILHH7FfOztwPH1oJ7SWQtOgpuoiMHPtF7ne+MYevMf9jTYb/xCT0yZID5 ++/ieoHwUQQPiowxGewOww23RLQ1Cf46nqGBUD+fsWwT2Eq6ojLp/H72h+2lQ1ZCWd ++Q/9MSQQgDo5tWptokFGmLBKCS59pYMBaLbKSj7lFa/ekPm9zhcdmmLrLHCS9rIUP ++VKlWAg02MVmMB4fYm9nbtuwYHWvbDFYzpVr2WNlRZlPy0Y46ahxFbFwhtmOJAgT1 ++tgaQtDXo3kXRXngYZstDfe61Hqmc44j1vJ4VABEBAAH+BwMCnvb4v9vnhhzmdZdJ ++EzK3ikXYQp3PcOMDlRE5qtBmXhOJXH2tdEmXjegjWGA501eeoks0VnpBba2m4B36 ++Z37fjpOEi4QOuTn6emVwijJZgmmTAC7JHNzAW+IsiRvk/2907UZCwa/1UQpC0bik ++pHTZx+yKp33vGbkbCkKgHFQoHcS9D1by0WOkaLSlcE9CUCKb5LCe2Q1KDwZGrg60 ++4WUvg9eM2eatixAyOJEoRONlXDcQnUhSnG5+TUPNhVVWIaM/tPAgYmBG5oCSJ/N0 ++ls8cXoOVup/itBHo2Bfn+nyh0OAWdgdVmB0rPYUCLJV0FiQx5tB59OHmA3Naokj5 ++rvumyklCg314NnkEXrbPq7kKbX0X8UPoXdzAmalb4++OhgzEwd3NkWxvFSxKkQAt ++XAU5i9XNHJXLwATAMlEaXMBmfcpjyIx4WpBUSmYMTjh0Nu5ee+kGvMY9fUxOKbet ++IS9agFSMwVNRsX91+pKtBCQc7Je5tIrLhC8Hbvotn0GA8iFgu6LBqkrUO9Rh30Xs ++vzz3oXm7WgHbL30m9h+rJ2dmPZOwmW/0zRUec/7alizx0T4sLx7T0qUPUxeEjkeU ++JWtqfrcXEc3xIR9r5S2xqsUSKx6h1UhHMeMtQaDBgeH/Syq7a2gnkNoY84xxojGj ++lGkis5PF3xFpYqvjY0thyPFNxQguRlqktN8gNB+V1dShbCpNI9bDzv4pzvogEiM0 ++EM/xvJSCkARCe6nqOugWV8j5f3+9tuyREqcidHq+PR+USoNYdUWQO14kPY6e62wO ++lC5B4G7TDQtigCfOyEOiPXYC/qnC8sPVR2u5bCYm2YJT7L+rYRLSN+628qz7BwH3 ++9XtpnRtBFWpjI5qjn4uMM42e3k5UVB/r4GyrLXhEuO8D81TVzRQhjiqLweguk73h ++VDjEd0yachHbtCxHbnVQRzo6SW50ZXJmYWNlIFRlc3Qga2V5IDx0ZXN0QGV4YW1w ++bGUub3JnPokBNwQTAQgAIQUCV/2I0gIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIX ++gAAKCRAbkTzptnR93EZkB/9groVsVMBJtGP1GSFMg2Q9loyijXT2P6hCbUTS4YMz ++O4jQPB8UQ39XIhyWo7hVGsXeA777+7VTto7q0CG9Ph7FTGKK8W2AnzTUKNdXAC6h ++qIc+ymvlm71GxhkKFR0vDbFg6CLJ/MX/x1Bd0TKh4RZtgOqX6A7Pzw/AI7f2YJcJ ++BKPT+/q/F/Wp1r+mxZ5pxUvYm643GVzdnbtuoqgBLng/3n1zjIz+oIz6RGBjzHni ++3TUTKe//ewn1lIdTxPdUZA9G4vTE5dCnM4MHTxQSXA+aUexuONswQhiANtfVCW8c ++sf9MQpkQ/Vqv9hfeYwH4pJ8IPK1No9F0a0fvnq2JaX4gnQPGBFf9iNIBCADEQ6HK ++s5tWN2Ph/3A6D0A2nSc6m1Mh/AXhdptka0aPhhVgspCmQ1lJP/Kdf6AnlCi6u1G7 ++QXvGX8OtbKNosLi91nIqvNwckUOvXrLcAk/epkmidopOuHUZhE+1UaLKs7UssBOe ++TQTtADdl2786E3qbtaNrjDTvbNesU1DEZjNoBWfKYHZYv2wCF170Lwzp7NJhAueO ++bTwfUO8EusST6d1NYB0zFxbBi60/hJHCfcAuaSn00jFQ+kj8m7jXCgcyB+1+25d2 ++gpPbs19S4pi9f7eQflhglm0wB13C6yl+YgwVZQxU/fU70jgSYhkXNPx5bEN3WGkg ++4hnP53hrsI4p3se1ABEBAAH+BwMCAppvwSTp9Y/mu317D14a9k6m/zC2LrzPx6dl ++P3GtDJUCs1CVH/wXsUxLY4hAgS188xPhNLuIWuXwQ7qX7E8kanxgPqeK7NTAPKxH ++CEqJPevFRBtftHq3zqZZF9CHXulDO3KkWxIHANMclq+zcUotrc4GXIxeYjewXv9p ++tzKEjlt27Q00VvwRM7JVxBlC3xJvKXf6zyRoUt2/Clq+CFkb2s+dAzCI52o7tlB9 ++El84sTIlJr0+b6+GcwrKonS8HcGUECfYmSiIiNmxlkJ/4OabDlDYlzvmCYv2pMjc ++Bif70Dowb8TBD/iTFLPY2lkhqBFi3Bcqc51MVecaQk3rRbVyOqhvGaRE084/LmkN ++gkE6vQKRSbzRmYwyKC/QUKOW5qbl5Jf3lrjVeM5tEnvJeRCfZEokKjIZul4nX4dK ++zxH+l+sCUA+RnEeGB2y1yhnPkP4dYHEb8iMLINqXQd18FpBFSs9yv9tFWJhdblUK ++SiS8DXmuoZI2Mk8yMZ0j0bi8mu9eh52dqYgBGD7TgjP5vpYU/zbtpNgMP0Zvne1X ++gig6NKK1+3VAZaiOvYUUHZERJGp/eggTtF66cD/0EHJjoZ/0pAciEvWYUyXWVBdj ++eVWBZE/RVOwrTMBVtrxQsPJ3sfeGlLt21IZYKathTZ/dn5PSlU+i4f9VyC/hHd8S ++xouQU3nB//ihbrR65YH5E53e8+jPaRtFvLbcqmY8YftV0y/5BZwduZoxcOtxD3A0 ++J/2GVpUhs3WngCksdUAEbrEXzKKSOC7b4KDw2sTIT5xHra4CBK5L5N85ny8tG7A6 ++wmTt+6PHo51gx/W/0jiMB3rEiGoTZ86uWLaGv5SgqLP49euCIEXNKK9srFK3o7QE ++04upH9zOXR8ytvPOLy/K5zT6YH2eyNs19sWfjAfP/bxhnrDYajsZ2WKZiQEfBBgB ++CAAJBQJX/YjSAhsMAAoJEBuRPOm2dH3c+6kH+wWoEqTlPdPLZcTN8I5a6HHD0Ul8 ++7xt3OtiRFoMD2M+zgLvImaj8AULap4w/0G+J+7PCUER8JhcePSzLbizfpTczbDP2 ++E1LhEM8IBE6GT8yL8VB9AL1xW+hXIi5sWW/f900deOhoh7ikrP7KxT0c8zQjaaqV ++n6bio93CvZ3yBqMO20apwWDyiSoBpXVjLrW00BdL8i9Rsf6v5UwIIy9o7pfjK5zo ++mAZM2dKzlp9z4q5P6yE4aXI0bHz+XvG7hdpkHmjG5A+EQCnN2qoDNIA4QiRhH8TQ ++aTaj4AlCiCAV2hEelPYve5QKccAsfC//qr+FMF+0bhZa05X2afxLYtku0Ms= ++=ftgB ++-----END PGP PRIVATE KEY BLOCK----- +diff --git a/test/secret-keys/1.0.test b/test/secret-keys/1.0.test +index 129d472..f8239a9 100644 +--- a/test/secret-keys/1.0.test ++++ b/test/secret-keys/1.0.test +@@ -5,3 +5,7 @@ uid GnuPG test key (for testing purposes only) + uid Foo Bar (1) + ssb 768g/2E854A6B 2000-02-06 + ++sec 2048R/B6747DDC 2016-10-12 ++uid GnuPG::Interface Test key ++ssb 2048R/AE441D0F 2016-10-12 ++ +diff --git a/test/secret-keys/1.modern.test b/test/secret-keys/1.modern.test +index 3e46407..42b27a1 100644 +--- a/test/secret-keys/1.modern.test ++++ b/test/secret-keys/1.modern.test +@@ -6,3 +6,8 @@ uid [ unknown] GnuPG test key (for testing purposes only) + uid [ unknown] Foo Bar (1) + ssb elg768 2000-02-06 [E] + ++sec rsa2048 2016-10-12 [SC] ++ 278F850AA702911F1318F0A61B913CE9B6747DDC ++uid [ unknown] GnuPG::Interface Test key ++ssb rsa2048 2016-10-12 [E] ++ diff --git a/patches/0016-Test-use-of-gpg-without-explicit-passphrase-agent-pi.patch b/patches/0016-Test-use-of-gpg-without-explicit-passphrase-agent-pi.patch new file mode 100644 index 0000000..21e6294 --- /dev/null +++ b/patches/0016-Test-use-of-gpg-without-explicit-passphrase-agent-pi.patch @@ -0,0 +1,302 @@ +From: Daniel Kahn Gillmor +Date: Tue, 11 Oct 2016 21:29:22 -0400 +Subject: Test use of gpg without explicit passphrase (agent+pinentry) + +The modern GnuPG suite encourages the use of gpg-agent to control +access to secret key material. In this use case, we avoid setting an +explicit passphrase in code, and rely on either a correctly-configured +and primed gpg-agent or a dedicated pinentry program to supply the +passphrase. + +This additional test verifies that the passphrase can be handled by +the agent. Note that the passphrase for this additional test key is +*not* the default passphrase, so this test should fail in the event +that gpg can't use the agent and the pinentry for this task. + +Unfortunately, this all assumes that we're using GnuPG "Modern". I've +noted concerns about writing forward- and backward-compatible bindings +for GnuPG here: +https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html +--- + README | 41 +++++++++++++++++++++++++++-------------- + lib/GnuPG/Interface.pm | 26 +++++++++++++++++++++++++- + t/MyTestSpecific.pm | 10 ++++++++-- + t/decrypt.t | 27 +++++++++++++++++++++++++++ + test/encrypted.2.gpg | 12 ++++++++++++ + test/fake-pinentry.pl | 2 +- + test/plain.2.txt | 1 + + 7 files changed, 101 insertions(+), 18 deletions(-) + create mode 100644 test/encrypted.2.gpg + create mode 100644 test/plain.2.txt + +diff --git a/README b/README +index a05ef9b..be06ef3 100644 +--- a/README ++++ b/README +@@ -5,7 +5,7 @@ SYNOPSIS + # A simple example + use IO::Handle; + use GnuPG::Interface; +- ++ + # setting up the situation + my $gnupg = GnuPG::Interface->new(); + $gnupg->options->hash_init( armor => 1, +@@ -24,7 +24,7 @@ SYNOPSIS + # Now we'll go about encrypting with the options already set + my @plaintext = ( 'foobar' ); + my $pid = $gnupg->encrypt( handles => $handles ); +- ++ + # Now we write to the input of GnuPG + print $input @plaintext; + close $input; +@@ -140,13 +140,26 @@ OBJECT METHODS + standard error, standard output, or standard error. If the status or + logger handle is not defined, this channel of communication is never + established with GnuPG, and so this information is not generated and +- does not come into play. If the passphrase data member handle of the +- handles object is not defined, but the the passphrase data member +- handle of GnuPG::Interface object is, GnuPG::Interface will handle +- passing this information into GnuPG for the user as a convenience. +- Note that this will result in GnuPG::Interface storing the +- passphrase in memory, instead of having it simply 'pass-through' to +- GnuPG via a handle. ++ does not come into play. ++ ++ If the passphrase data member handle of the handles object is not ++ defined, but the the passphrase data member handle of ++ GnuPG::Interface object is, GnuPG::Interface will handle passing ++ this information into GnuPG for the user as a convenience. Note that ++ this will result in GnuPG::Interface storing the passphrase in ++ memory, instead of having it simply 'pass-through' to GnuPG via a ++ handle. ++ ++ If neither the passphrase data member of the GnuPG::Interface nor ++ the passphrase data member of the handles object is defined, then ++ GnuPG::Interface assumes that access and control over the secret key ++ will be handled by the running gpg-agent process. This represents ++ the simplest mode of operation with the GnuPG "modern" suite ++ (version 2.1 and later). It is also the preferred mode for tools ++ intended to be user-facing, since the user will be prompted directly ++ by gpg-agent for use of the secret key material. Note that for ++ programmatic use, this mode requires the gpg-agent and pinentry to ++ already be correctly configured. + + Other Methods + get_public_keys( @search_strings ) +@@ -241,7 +254,7 @@ EXAMPLES + + my $handles = GnuPG::Handles->new( stdin => $input, + stdout => $output ); +- ++ + # this sets up the communication + # Note that the recipients were specified earlier + # in the 'options' data member of the $gnupg object. +@@ -315,7 +328,7 @@ EXAMPLES + # a file written to disk + # Make sure you "use IO::File" if you use this module! + my $cipher_file = IO::File->new( 'encrypted.gpg' ); +- ++ + # this sets up the communication + my $pid = $gnupg->decrypt( handles => $handles ); + +@@ -346,7 +359,7 @@ EXAMPLES + # This time we'll just let GnuPG print to our own output + # and read from our input, because no input is needed! + my $handles = GnuPG::Handles->new(); +- ++ + my @ids = ( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); + + # this time we need to specify something for +@@ -354,7 +367,7 @@ EXAMPLES + # search ids as arguments + my $pid = $gnupg->list_public_keys( handles => $handles, + command_args => [ @ids ] ); +- ++ + waitpid $pid, 0; + + Creating GnuPG::PublicKey Objects +@@ -372,7 +385,7 @@ EXAMPLES + command_args => [ qw( test/key.1.asc ) ], + handles => $handles, + ); +- ++ + my @out = <$handles->stdout()>; + waitpid $pid, 0; + +diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm +index 29205f0..5d8b0ec 100644 +--- a/lib/GnuPG/Interface.pm ++++ b/lib/GnuPG/Interface.pm +@@ -106,6 +106,14 @@ sub fork_attach_exec( $% ) { + my ( $self, %args ) = @_; + + my $handles = $args{handles} or croak 'no GnuPG::Handles passed'; ++ my $use_loopback_pinentry = 0; ++ ++ # WARNING: this assumes that we're using the "modern" GnuPG suite ++ # -- version 2.1.x or later. It's not clear to me how we can ++ # safely and efficiently avoid this assumption (see ++ # https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html) ++ $use_loopback_pinentry = 1 ++ if ($handles->passphrase()); + + # deprecation support + $args{commands} ||= $args{gnupg_commands}; +@@ -293,8 +301,12 @@ sub fork_attach_exec( $% ) { + $self->options->$option($fileno); + } + ++ my @args = $self->options->get_args(); ++ push @args, '--pinentry-mode', 'loopback' ++ if $use_loopback_pinentry; ++ + my @command = ( +- $self->call(), $self->options->get_args(), ++ $self->call(), @args, + @commands, @command_args + ); + +@@ -1005,6 +1017,7 @@ and standard error will be tied to the running program's standard error, + standard output, or standard error. If the B or B handle + is not defined, this channel of communication is never established with GnuPG, + and so this information is not generated and does not come into play. ++ + If the B data member handle of the B object + is not defined, but the the B data member handle of GnuPG::Interface + object is, GnuPG::Interface will handle passing this information into GnuPG +@@ -1012,6 +1025,17 @@ for the user as a convenience. Note that this will result in + GnuPG::Interface storing the passphrase in memory, instead of having + it simply 'pass-through' to GnuPG via a handle. + ++If neither the B data member of the GnuPG::Interface nor ++the B data member of the B object is defined, ++then GnuPG::Interface assumes that access and control over the secret ++key will be handled by the running gpg-agent process. This represents ++the simplest mode of operation with the GnuPG "modern" suite (version ++2.1 and later). It is also the preferred mode for tools intended to ++be user-facing, since the user will be prompted directly by gpg-agent ++for use of the secret key material. Note that for programmatic use, ++this mode requires the gpg-agent and pinentry to already be correctly ++configured. ++ + =back + + =head2 Other Methods +diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm +index c8764cc..e513c25 100644 +--- a/t/MyTestSpecific.pm ++++ b/t/MyTestSpecific.pm +@@ -55,9 +55,15 @@ struct( Text => { fn => "\$", fh => "\$", data => "\$" } ); + $texts{plain} = Text->new(); + $texts{plain}->fn( 'test/plain.1.txt' ); + ++$texts{alt_plain} = Text->new(); ++$texts{alt_plain}->fn( 'test/plain.2.txt' ); ++ + $texts{encrypted} = Text->new(); + $texts{encrypted}->fn( 'test/encrypted.1.gpg' ); + ++$texts{alt_encrypted} = Text->new(); ++$texts{alt_encrypted}->fn( 'test/encrypted.2.gpg' ); ++ + $texts{signed} = Text->new(); + $texts{signed}->fn( 'test/signed.1.asc' ); + +@@ -68,7 +74,7 @@ $texts{temp} = Text->new(); + $texts{temp}->fn( 'test/temp' ); + + +-foreach my $name ( qw( plain encrypted signed key ) ) ++foreach my $name ( qw( plain alt_plain encrypted alt_encrypted signed key ) ) + { + my $entry = $texts{$name}; + my $filename = $entry->fn(); +@@ -90,7 +96,7 @@ sub reset_handles + stderr => $stderr + ); + +- foreach my $name ( qw( plain encrypted signed key ) ) ++ foreach my $name ( qw( plain alt_plain encrypted alt_encrypted signed key ) ) + { + my $entry = $texts{$name}; + my $filename = $entry->fn(); +diff --git a/t/decrypt.t b/t/decrypt.t +index b2639ed..ee41448 100644 +--- a/t/decrypt.t ++++ b/t/decrypt.t +@@ -58,3 +58,30 @@ TEST + { + return compare( $texts{plain}->fn(), $texts{temp}->fn() ) == 0; + }; ++ ++ ++# test without default_passphrase (that is, by using the agent) ++TEST ++{ ++ reset_handles(); ++ ++ $handles->stdin( $texts{alt_encrypted}->fh() ); ++ $handles->options( 'stdin' )->{direct} = 1; ++ ++ $handles->stdout( $texts{temp}->fh() ); ++ $handles->options( 'stdout' )->{direct} = 1; ++ ++ $gnupg->clear_passphrase(); ++ ++ my $pid = $gnupg->decrypt( handles => $handles ); ++ ++ waitpid $pid, 0; ++ ++ return $CHILD_ERROR == 0; ++}; ++ ++ ++TEST ++{ ++ return compare( $texts{alt_plain}->fn(), $texts{temp}->fn() ) == 0; ++}; +diff --git a/test/encrypted.2.gpg b/test/encrypted.2.gpg +new file mode 100644 +index 0000000..105cbb3 +--- /dev/null ++++ b/test/encrypted.2.gpg +@@ -0,0 +1,12 @@ ++-----BEGIN PGP MESSAGE----- ++ ++hQEMAw3NS2KuRB0PAQgAuCMQO6blPRIJZib+kDa51gac+BYPl8caXYTLqIHtiz2/ ++YRVqePJON4lNAqT6qUksIzQHtejFO6tb1SLqgX9Ti+fKAMLrQw9VGOYaJFoRrTJs +++X33S4GHVVikRTu0dydAsekbfPSc2nRmTFUlSEV3psgAmg9xy8KA6cZroK9Xfcuh ++xW7KLE0hLP+2NZ7zNmJMdu6LDGzvlQsnm1UeElXK8XdMGf8kA3R+GgeeOnR/oEQc ++Uep77k/fLc+UV4fp9Dk1OBeg3Ko/irSaefk4mU7F4HmS8jIERHRvXBTiur1Zx8Nx ++9U3fcQuc+P9+JC89iS4PJPF1Hr0MlezAghZYJrhOrtJIAe5Uaft5KMGRfy0VQnAs ++MHqGnGtzzVWK6GK83ibgG4tTfPEHHIgNFsJf3rM4cWklUmCS9TeeDJJZfhnRA6+/ ++X82e6OI7QNbO ++=DlGE ++-----END PGP MESSAGE----- +diff --git a/test/fake-pinentry.pl b/test/fake-pinentry.pl +index 12d3611..40b8b08 100755 +--- a/test/fake-pinentry.pl ++++ b/test/fake-pinentry.pl +@@ -21,7 +21,7 @@ while () { + chomp; + next if (/^$/); + next if (/^#/); +- print ("D test\n") if (/^getpin/i); ++ print ("D supercalifragilisticexpialidocious\n") if (/^getpin/i); + print "OK\n"; + exit if (/^bye/i); + } +diff --git a/test/plain.2.txt b/test/plain.2.txt +new file mode 100644 +index 0000000..da5a1d5 +--- /dev/null ++++ b/test/plain.2.txt +@@ -0,0 +1 @@ ++test message diff --git a/patches/0017-Kill-any-GnuPG-agent-before-and-after-the-test-suite.patch b/patches/0017-Kill-any-GnuPG-agent-before-and-after-the-test-suite.patch new file mode 100644 index 0000000..2f20f14 --- /dev/null +++ b/patches/0017-Kill-any-GnuPG-agent-before-and-after-the-test-suite.patch @@ -0,0 +1,42 @@ +From: Daniel Kahn Gillmor +Date: Thu, 25 May 2017 16:07:45 -0400 +Subject: Kill any GnuPG agent before and after the test suite. + +This helps to ensure that the test suite daemon is started fresh at +every test suite run. And it also avoids leaving a daemon running +after the test suite, assuming the test suite manages to reach the +end. + +This is considered a reasonable practice by upstream. +--- + t/000_setup.t | 3 +++ + t/zzz_cleanup.t | 2 ++ + 2 files changed, 5 insertions(+) + +diff --git a/t/000_setup.t b/t/000_setup.t +index b183241..4dc4329 100644 +--- a/t/000_setup.t ++++ b/t/000_setup.t +@@ -17,6 +17,9 @@ TEST + $agentconf->write("pinentry-program " . getcwd() . "/test/fake-pinentry.pl\n"); + $agentconf->close(); + copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); ++ # reset the state of any long-lived gpg-agent, ignoring errors: ++ system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); ++ + reset_handles(); + + my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp', 'test/new_secret.pgp' ], +diff --git a/t/zzz_cleanup.t b/t/zzz_cleanup.t +index 5c03a72..eea3a48 100644 +--- a/t/zzz_cleanup.t ++++ b/t/zzz_cleanup.t +@@ -12,6 +12,8 @@ use File::Path qw (remove_tree); + TEST + { + my $err = []; ++ # kill off any long-lived gpg-agent, ignoring errors: ++ system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); + remove_tree('test/gnupghome', {error => \$err}); + return ! @$err; + }; diff --git a/patches/0018-Use-a-short-temporary-homedir-during-the-test-suite.patch b/patches/0018-Use-a-short-temporary-homedir-during-the-test-suite.patch new file mode 100644 index 0000000..457a5e7 --- /dev/null +++ b/patches/0018-Use-a-short-temporary-homedir-during-the-test-suite.patch @@ -0,0 +1,110 @@ +From: Daniel Kahn Gillmor +Date: Fri, 26 May 2017 09:51:40 -0400 +Subject: Use a short temporary homedir during the test suite + +This avoids problems with the length of the path to the homedir as +compared to the size limits of sockaddr_un.sun_path, particularly on +systems where /run/user/$(id -u) is not present or available (such as +many minimalist build environments). +--- + t/000_setup.t | 9 +++++---- + t/MyTestSpecific.pm | 18 +++++++++++++++++- + t/list_secret_keys.t | 3 ++- + t/zzz_cleanup.t | 6 ++++-- + 4 files changed, 28 insertions(+), 8 deletions(-) + +diff --git a/t/000_setup.t b/t/000_setup.t +index 4dc4329..82d7005 100644 +--- a/t/000_setup.t ++++ b/t/000_setup.t +@@ -12,13 +12,14 @@ use File::Copy; + + TEST + { +- make_path('test/gnupghome', { mode => 0700 }); +- my $agentconf = IO::File->new( "> test/gnupghome/gpg-agent.conf" ); ++ my $homedir = $gnupg->options->homedir(); ++ make_path($homedir, { mode => 0700 }); ++ my $agentconf = IO::File->new( "> " . $homedir . "/gpg-agent.conf" ); + $agentconf->write("pinentry-program " . getcwd() . "/test/fake-pinentry.pl\n"); + $agentconf->close(); +- copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); ++ copy('test/gpg.conf', $homedir . '/gpg.conf'); + # reset the state of any long-lived gpg-agent, ignoring errors: +- system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); ++ system('gpgconf', '--homedir', $homedir, '--quiet', '--kill', 'gpg-agent'); + + reset_handles(); + +diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm +index e513c25..809d55c 100644 +--- a/t/MyTestSpecific.pm ++++ b/t/MyTestSpecific.pm +@@ -22,6 +22,7 @@ use IO::Seekable; + use File::Compare; + use Exporter; + use Class::Struct; ++use File::Temp qw (tempdir); + + use GnuPG::Interface; + use GnuPG::Handles; +@@ -40,10 +41,25 @@ use vars qw( @ISA @EXPORT + + $gnupg = GnuPG::Interface->new( passphrase => 'test' ); + ++ ++my $homedir; ++if (-f "test/gnupghome") { ++ my $record = IO::File->new( "< test/gnupghome" ); ++ $homedir = <$record>; ++ $record->close(); ++} else { ++ $homedir = tempdir( DIR => '/tmp'); ++ my $record = IO::File->new( "> test/gnupghome" ); ++ $record->write($homedir); ++ $record->close(); ++} ++ + my @version = split('\.', $gnupg->version()); + $gpg_is_modern = ($version[0] > 2 || ($version[0] == 2 && $version[1] >= 1)); + +-$gnupg->options->hash_init( homedir => 'test/gnupghome', ++ ++ ++$gnupg->options->hash_init( homedir => $homedir, + armor => 1, + meta_interactive => 0, + meta_signing_key_id => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', +diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t +index 7040c38..d1e3f30 100644 +--- a/t/list_secret_keys.t ++++ b/t/list_secret_keys.t +@@ -23,8 +23,9 @@ TEST + $outfile = 'test/secret-keys/1.out'; + my $out = IO::File->new( "> $outfile" ) + or die "cannot open $outfile for writing: $ERRNO"; ++ my $modern_pubring_line = $gnupg->options->homedir() . "/pubring.kbx\n"; + while (<$stdout>) { +- if ($gpg_is_modern && /^\/.*\/test\/gnupghome\/pubring.kbx$/) { ++ if ($gpg_is_modern && ($_ eq $modern_pubring_line)) { + $out->print("test/gnupghome/pubring.kbx\n"); + } elsif ($gpg_is_modern && /^--*$/) { + $out->print("--------------------------\n"); +diff --git a/t/zzz_cleanup.t b/t/zzz_cleanup.t +index eea3a48..c3ec16f 100644 +--- a/t/zzz_cleanup.t ++++ b/t/zzz_cleanup.t +@@ -11,9 +11,11 @@ use File::Path qw (remove_tree); + # this is actually no test, just cleanup. + TEST + { ++ my $homedir = $gnupg->options->homedir(); + my $err = []; + # kill off any long-lived gpg-agent, ignoring errors: +- system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); +- remove_tree('test/gnupghome', {error => \$err}); ++ system('gpgconf', '--homedir', $homedir, '--quiet', '--kill', 'gpg-agent'); ++ remove_tree($homedir, {error => \$err}); ++ unlink('test/gnupghome'); + return ! @$err; + }; diff --git a/patches/0019-Make-things-work-with-gpg1-assuming-plain-gpg-is-mod.patch b/patches/0019-Make-things-work-with-gpg1-assuming-plain-gpg-is-mod.patch new file mode 100644 index 0000000..ae61431 --- /dev/null +++ b/patches/0019-Make-things-work-with-gpg1-assuming-plain-gpg-is-mod.patch @@ -0,0 +1,51 @@ +From: Daniel Kahn Gillmor +Date: Fri, 26 May 2017 18:15:24 -0400 +Subject: Make things work with gpg1 (assuming plain 'gpg' is modern) + + * avoid sending --pinentry-mode=loopback if gpg is invoked as gpg1 + * fix up t/list_secret_keys to account for the varied output + * t/decrypt.t still fails two agent-only tests, but presumably folks + who use gpg1 are not expecting to use the agent. +--- + lib/GnuPG/Interface.pm | 5 ++++- + t/list_secret_keys.t | 9 +++++---- + 2 files changed, 9 insertions(+), 5 deletions(-) + +diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm +index 5d8b0ec..f80ead5 100644 +--- a/lib/GnuPG/Interface.pm ++++ b/lib/GnuPG/Interface.pm +@@ -112,8 +112,11 @@ sub fork_attach_exec( $% ) { + # -- version 2.1.x or later. It's not clear to me how we can + # safely and efficiently avoid this assumption (see + # https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html) ++ # ++ # as a (brittle and incomplete) cleanup, we will avoid trying to ++ # send pinentry-loopback if the program is invoked as "gpg1" + $use_loopback_pinentry = 1 +- if ($handles->passphrase()); ++ if ($handles->passphrase() && ! ($self->call =~ m/gpg1$/)); + + # deprecation support + $args{commands} ||= $args{gnupg_commands}; +diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t +index d1e3f30..8e3c911 100644 +--- a/t/list_secret_keys.t ++++ b/t/list_secret_keys.t +@@ -23,11 +23,12 @@ TEST + $outfile = 'test/secret-keys/1.out'; + my $out = IO::File->new( "> $outfile" ) + or die "cannot open $outfile for writing: $ERRNO"; +- my $modern_pubring_line = $gnupg->options->homedir() . "/pubring.kbx\n"; ++ my $seckey_file = $gpg_is_modern ? 'pubring.kbx' : 'secring.gpg'; ++ my $pubring_line = $gnupg->options->homedir() . '/' . $seckey_file . "\n"; + while (<$stdout>) { +- if ($gpg_is_modern && ($_ eq $modern_pubring_line)) { +- $out->print("test/gnupghome/pubring.kbx\n"); +- } elsif ($gpg_is_modern && /^--*$/) { ++ if ($_ eq $pubring_line) { ++ $out->print('test/gnupghome/'.$seckey_file."\n"); ++ } elsif (/^--*$/) { + $out->print("--------------------------\n"); + } else { + $out->print( $_ ); diff --git a/patches/series b/patches/series new file mode 100644 index 0000000..1bc4a72 --- /dev/null +++ b/patches/series @@ -0,0 +1,21 @@ +0001-fix-spelling-error-settting-should-be-setting.patch +0002-Generalize-the-test-suite.patch +0003-subkey-validity-of-an-key-when-we-have-established-n.patch +0004-ensure-that-test-covers-all-signatures.patch +0005-add-gpg_is_modern-to-test-suite.patch +0006-Modern-GnuPG-2.1-reports-more-detail-about-secret-ke.patch +0007-test-suite-match-plaintext-output-across-versions-of.patch +0008-fix-test_default_key_passphrase-when-passphrase-come.patch +0009-clean-up-trailing-whitespace.patch +0010-fix-capitalization-of-GnuPG.patch +0011-ommand_args-should-be-command_args.patch +0012-use-fingerprints-as-inputs-during-tests-to-demonstra.patch +0013-move-key-files-to-generic-names.patch +0014-fix-spelling-s-convience-convenience.patch +0015-added-new-secret-key-with-different-passphrase.patch +0016-Test-use-of-gpg-without-explicit-passphrase-agent-pi.patch +0017-Kill-any-GnuPG-agent-before-and-after-the-test-suite.patch +0018-Use-a-short-temporary-homedir-during-the-test-suite.patch +0019-Make-things-work-with-gpg1-assuming-plain-gpg-is-mod.patch +0001-Fix-test-suite-for-GnuPG-2.2.6-compatibility.patch +0001-Fix-test-suite-for-GnuPG-2.2.8-compatibility.patch diff --git a/rules b/rules new file mode 100755 index 0000000..6baf0b7 --- /dev/null +++ b/rules @@ -0,0 +1,16 @@ +#!/usr/bin/make -f + +BUILDHOME = $(CURDIR)/debian/build + +%: + dh $@ + +override_dh_clean: + dh_clean + rm -rf $(BUILDHOME) + +override_dh_auto_test: + mkdir -p $(BUILDHOME) + # this chmod can be dropped once CPAN #102651 is resolved upstream + chmod a+x test/fake-pinentry.pl + HOME=$(BUILDHOME) dh_auto_test diff --git a/source/format b/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/tests/pkg-perl/smoke-env b/tests/pkg-perl/smoke-env new file mode 100644 index 0000000..021d2e2 --- /dev/null +++ b/tests/pkg-perl/smoke-env @@ -0,0 +1 @@ +HOME=${ADTTMP} diff --git a/tests/pkg-perl/smoke-files b/tests/pkg-perl/smoke-files new file mode 100644 index 0000000..1c4084d --- /dev/null +++ b/tests/pkg-perl/smoke-files @@ -0,0 +1,2 @@ +t +test diff --git a/tests/pkg-perl/smoke-setup b/tests/pkg-perl/smoke-setup new file mode 100755 index 0000000..0f15c3e --- /dev/null +++ b/tests/pkg-perl/smoke-setup @@ -0,0 +1,4 @@ +#!/bin/sh + +# this chmod can be dropped once CPAN #102651 is resolved upstream +chmod a+x $TDIR/test/fake-pinentry.pl diff --git a/watch b/watch new file mode 100644 index 0000000..9b0d57d --- /dev/null +++ b/watch @@ -0,0 +1,2 @@ +version=3 +https://metacpan.org/release/GnuPG-Interface .+/GnuPG-Interface-v?(\d[\d.-]+)\.(?:tar(?:\.gz|\.bz2)?|tgz|zip)$ -- cgit v1.2.3 From 09cca20923b9d602337512cafb374f919ddeac4a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 07:26:00 +0200 Subject: fix spelling error ("settting" should be "setting") Gbp-Pq: Name 0001-fix-spelling-error-settting-should-be-setting.patch --- README | 2 +- lib/GnuPG/Interface.pm | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README b/README index fcb982a..f457577 100644 --- a/README +++ b/README @@ -6,7 +6,7 @@ SYNOPSIS use IO::Handle; use GnuPG::Interface; - # settting up the situation + # setting up the situation my $gnupg = GnuPG::Interface->new(); $gnupg->options->hash_init( armor => 1, homedir => '/home/foobar' ); diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index f952f3e..83a4b1a 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -834,7 +834,7 @@ GnuPG::Interface - Perl interface to GnuPG use IO::Handle; use GnuPG::Interface; - # settting up the situation + # setting up the situation my $gnupg = GnuPG::Interface->new(); $gnupg->options->hash_init( armor => 1, homedir => '/home/foobar' ); -- cgit v1.2.3 From f72b690cc43bc3393e56a971308e15c5fcbba00f Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 10:38:12 -0400 Subject: Generalize the test suite The test suite currently assumes it knows something about the internal state of GnuPG's homedir. It's safer and less brittle to rely explicitly on the public interface that GnuPG has committed to, such as --import-keys and --list-keys, rather than assuming that certain files are in certain places in the GnuPG homedir. It's also better to create a fresh homedir and allow GnuPG to populate it during the test suite, cleaning it up at the end, rather than hope that GnuPG will leave a pre-existing homedir untouched. With this change, many more of the tests pass when /usr/bin/gpg is provided by GnuPG 2.1. Gbp-Pq: Name 0002-Generalize-the-test-suite.patch --- t/000_setup.t | 28 ++++++++++++++++++++++++++++ t/MyTestSpecific.pm | 2 +- t/zzz_cleanup.t | 17 +++++++++++++++++ test/fake-pinentry.pl | 28 ++++++++++++++++++++++++++++ test/gpg.conf | 2 ++ test/options | 2 -- test/secret-keys/1.0.test | 4 ++-- 7 files changed, 78 insertions(+), 5 deletions(-) create mode 100644 t/000_setup.t create mode 100644 t/zzz_cleanup.t create mode 100755 test/fake-pinentry.pl create mode 100644 test/gpg.conf delete mode 100644 test/options diff --git a/t/000_setup.t b/t/000_setup.t new file mode 100644 index 0000000..7f7f7b0 --- /dev/null +++ b/t/000_setup.t @@ -0,0 +1,28 @@ +#!/usr/bin/perl -w + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; +use Cwd; +use File::Path qw (make_path); +use File::Copy; + +TEST +{ + make_path('test/gnupghome', { mode => 0700 }); + my $agentconf = IO::File->new( "> test/gnupghome/gpg-agent.conf" ); + $agentconf->write("pinentry-program " . getcwd() . "/test/fake-pinentry.pl\n"); + $agentconf->close(); + copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); + reset_handles(); + + my $pid = $gnupg->import_keys(command_args => [ 'test/pubring.gpg', 'test/secring.gpg' ], + options => [ 'batch'], + handles => $handles); + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index 053b749..1af98ae 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -40,7 +40,7 @@ use vars qw( @ISA @EXPORT $gnupg = GnuPG::Interface->new( passphrase => 'test' ); -$gnupg->options->hash_init( homedir => 'test', +$gnupg->options->hash_init( homedir => 'test/gnupghome', armor => 1, meta_interactive => 0, meta_signing_key_id => '0xF950DA9C', diff --git a/t/zzz_cleanup.t b/t/zzz_cleanup.t new file mode 100644 index 0000000..5c03a72 --- /dev/null +++ b/t/zzz_cleanup.t @@ -0,0 +1,17 @@ +#!/usr/bin/perl -w + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; +use File::Path qw (remove_tree); + +# this is actually no test, just cleanup. +TEST +{ + my $err = []; + remove_tree('test/gnupghome', {error => \$err}); + return ! @$err; +}; diff --git a/test/fake-pinentry.pl b/test/fake-pinentry.pl new file mode 100755 index 0000000..12d3611 --- /dev/null +++ b/test/fake-pinentry.pl @@ -0,0 +1,28 @@ +#!/usr/bin/perl -w +# Use this for your test suites when a perl interpreter is available. +# +# The encrypted keys in your test suite that you expect to work must +# be locked with a passphrase of "test" +# +# Author: Daniel Kahn Gillmor +# +# License: This trivial work is hereby explicitly placed into the +# public domain. Anyone may reuse it, modify it, redistribute it for +# any purpose. + +use strict; +use warnings; + +# turn off buffering +$| = 1; + +print "OK This is only for test suites, and should never be used in production\n"; +while () { + chomp; + next if (/^$/); + next if (/^#/); + print ("D test\n") if (/^getpin/i); + print "OK\n"; + exit if (/^bye/i); +} +1; diff --git a/test/gpg.conf b/test/gpg.conf new file mode 100644 index 0000000..1f319a6 --- /dev/null +++ b/test/gpg.conf @@ -0,0 +1,2 @@ +no-secmem-warning +armor diff --git a/test/options b/test/options deleted file mode 100644 index 1f319a6..0000000 --- a/test/options +++ /dev/null @@ -1,2 +0,0 @@ -no-secmem-warning -armor diff --git a/test/secret-keys/1.0.test b/test/secret-keys/1.0.test index 5999484..129d472 100644 --- a/test/secret-keys/1.0.test +++ b/test/secret-keys/1.0.test @@ -1,5 +1,5 @@ -test/secring.gpg ----------------- +test/gnupghome/secring.gpg +-------------------------- sec 1024D/F950DA9C 2000-02-06 uid GnuPG test key (for testing purposes only) uid Foo Bar (1) -- cgit v1.2.3 From 0800668d64ed71e383ef03ae3d6e57d69b2355b7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 11:35:31 -0400 Subject: subkey validity of an key when we have established no trust anchors This apparently isn't tested by deep comparisons, though, so it was never caught. Gbp-Pq: Name 0003-subkey-validity-of-an-key-when-we-have-established-n.patch --- t/get_public_keys.t | 2 +- t/get_secret_keys.t | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/t/get_public_keys.t b/t/get_public_keys.t index 53db021..73e320b 100644 --- a/t/get_public_keys.t +++ b/t/get_public_keys.t @@ -175,7 +175,7 @@ TEST ]; my $subkey = GnuPG::SubKey->new - ( validity => 'u', + ( validity => '-', length => 768, algo_num => 16, hex_id => 'ADB99D9C2E854A6B', diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t index 3a1d99f..7bba083 100644 --- a/t/get_secret_keys.t +++ b/t/get_secret_keys.t @@ -48,7 +48,7 @@ TEST my $subkey = GnuPG::SubKey->new - ( validity => 'u', + ( validity => '-', length => 768, algo_num => 16, hex_id => 'ADB99D9C2E854A6B', -- cgit v1.2.3 From a510c6630f5106b3842fd4883f97ba3f525f81ec Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 11:39:04 -0400 Subject: ensure that test covers all signatures The earlier test wasn't reporting on one of the known self-sigs for the test key for some reason. This change ensures that all known signatures are present. Gbp-Pq: Name 0004-ensure-that-test-covers-all-signatures.patch --- t/get_public_keys.t | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/t/get_public_keys.t b/t/get_public_keys.t index 73e320b..9e96f7d 100644 --- a/t/get_public_keys.t +++ b/t/get_public_keys.t @@ -83,7 +83,17 @@ TEST date_string => '2000-02-06', hex_id => '53AE596EF950DA9C', sig_class => 0x13, - validity => '!')); + validity => '!'), + GnuPG::Signature->new( + date => 1177086329, + algo_num => 17, + is_exportable => 1, + user_id_string => 'GnuPG test key (for testing purposes only)', + date_string => '2007-04-20', + hex_id => '53AE596EF950DA9C', + sig_class => 0x13, + validity => '!'), + ); my $uid1 = GnuPG::UserId->new( as_string => 'Foo Bar (1)', validity => '-'); -- cgit v1.2.3 From 450ee25d79b4a628a9a0d48e2bd504e1e976ff96 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 14:31:38 -0400 Subject: add $gpg_is_modern to test suite MyTestSpecific.pm now produces a new variable indicating whether it the version of GnuPG we run against is from the "Modern" line of GnuPG development (2.1 or later). This will be useful when comparing output that we can't expect from earlier versions. Gbp-Pq: Name 0005-add-gpg_is_modern-to-test-suite.patch --- t/MyTestSpecific.pm | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index 1af98ae..a309698 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -29,17 +29,20 @@ use GnuPG::Handles; use vars qw( @ISA @EXPORT $stdin $stdout $stderr $gpg_program $handles $gnupg - %texts + %texts $gpg_is_modern ); @ISA = qw( Exporter ); @EXPORT = qw( stdin stdout stderr gnupg_program handles reset_handles - texts file_match + texts file_match gpg_is_modern ); $gnupg = GnuPG::Interface->new( passphrase => 'test' ); +my @version = split('\.', $gnupg->version()); +$gpg_is_modern = ($version[0] > 2 || ($version[0] == 2 && $version[1] >= 1)); + $gnupg->options->hash_init( homedir => 'test/gnupghome', armor => 1, meta_interactive => 0, -- cgit v1.2.3 From 41191fd746265f9570509ee55e2c30e9629c472f Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 14:12:40 -0400 Subject: Modern GnuPG (2.1) reports more detail about secret keys the GnuPG "modern" suite (version 2.1 or later) reports more detail about secret keys than previous versions did. In particular, it reports stored ownertrust, public key data, and designated revokers for secret keys. Older versions only reported those attributes for public keys. This patch adjusts the test suite to ensure that our handmade key matches the produced key when /usr/bin/gpg is supplied by the modern suite. Gbp-Pq: Name 0006-Modern-GnuPG-2.1-reports-more-detail-about-secret-ke.patch --- t/get_secret_keys.t | 66 +++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 54 insertions(+), 12 deletions(-) diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t index 7bba083..c798cce 100644 --- a/t/get_secret_keys.t +++ b/t/get_secret_keys.t @@ -23,16 +23,34 @@ TEST return 0 unless @returned_keys == 1; $given_key = shift @returned_keys; - - $handmade_key = GnuPG::PrimaryKey->new - ( length => 1024, + my $pubkey_data = [ + Math::BigInt->from_hex('0x'. + '88FCAAA5BCDCD52084D46143F44ED1715A339794641158DE03AA2092AFD3174E3DCA2CB7DF2DDC6FEDF7C3620F5A8BDAD06713E6153F8748DD76CB97305F30CBA8F8801DB47FAC11EED725F55672CB9BDAD629178A677CBB089B3E8AE0D9A9AD7741697A35F2868C62D25670994A92D810480173DC24263EEA0F103A43C0B64B'), + Math::BigInt->from_hex('0x'. + '8F2A3842C70FF17660CBB78C78FC93F534AB9A17'), + Math::BigInt->from_hex('0x'. + '83E348C2AA65F56DE84E8FDCE6DA7B0991B1C75EC8CA446FA85869A43350907BFF36BE512385E8E7E095578BB2138C04E318495873218286DE2B8C86F36EA670135434967AC798EBA28581F709F0C6B696EB512D3E561E381A06E4B5239BCC655015F9A926C74E4B859B26EAD604F208A556511A76A40EDCD9C38E6BD82CCCB4'), + Math::BigInt->from_hex('0x'. + '80DE04C85E30C9D62C13F90CFF927A84A5A59D0900B3533D4D6193FEF8C5DAEF9FF8A7D5F76B244FBC17644F50D524E0B19CD3A4B5FC2D78DAECA3FE58FA1C1A64E6C7B96C4EE618173543163A72EF954DFD593E84342699096E9CA76578AC1DE3D893BCCD0BF470CEF625FAF816A0F503EF75C18C6173E35C8675AF919E5704') + ]; + + + my $args = { + length => 1024, algo_num => 17, hex_id => '53AE596EF950DA9C', creation_date => 949813093, creation_date_string => '2000-02-06', - owner_trust => '', # secret keys do not report ownertrust? + owner_trust => '-', usage_flags => 'scaESCA', - ); + pubkey_data => $pubkey_data, + }; + if (!$gpg_is_modern) { + # older versions don't report ownertrust or pubkey_data for secret keys: + delete $args->{pubkey_data}; + $args->{owner_trust} = ''; + } + $handmade_key = GnuPG::PrimaryKey->new($args); $handmade_key->fingerprint ( GnuPG::Fingerprint->new( as_hex_string => @@ -42,20 +60,42 @@ TEST $handmade_key->push_user_ids( GnuPG::UserId->new( as_string => 'GnuPG test key (for testing purposes only)', - validity => ''), # secret keys do not report uid validity? + validity => $args->{owner_trust}), GnuPG::UserId->new( as_string => 'Foo Bar (1)', - validity => '')); # secret keys do not report uid validity? - - - my $subkey = GnuPG::SubKey->new - ( validity => '-', + validity => $args->{owner_trust})); + + my $revoker = GnuPG::Revoker->new + ( algo_num => 17, + class => 0x80, + fingerprint => GnuPG::Fingerprint->new( as_hex_string => + '4F863BBBA8166F0A340F600356FFD10A260C4FA3'), + ); + + my $subkey_pub_data = [ + Math::BigInt->from_hex('0x'. + '8831982DADC4C5D05CBB01D9EAF612131DDC9C24CEA7246557679423FB0BA42F74D10D8E7F5564F6A4FB8837F8DC4A46571C19B122E6DF4B443D15197A6A22688863D0685FADB6E402316DAA9B560D1F915475364580A67E6DF0A727778A5CF3'), + Math::BigInt->from_hex('0x'. + '6'), + Math::BigInt->from_hex('0x'. + '2F3850FF130C6AC9AA0962720E86539626FAA9B67B33A74DFC0DE843FF3E90E43E2F379EE0182D914FA539CCCF5C83A20DB3A7C45E365B8A2A092E799A3DFF4AD8274EB977BAAF5B1AFB2ACB8D6F92454F01682F555565E73E56793C46EF7C3E') + ]; + + my $sub_args = { + validity => '-', length => 768, algo_num => 16, hex_id => 'ADB99D9C2E854A6B', creation_date => 949813119, creation_date_string => '2000-02-06', usage_flags => 'e', - ); + pubkey_data => $subkey_pub_data, + }; + + if (!$gpg_is_modern) { + # older versions do not report pubkey data for secret keys + delete $sub_args->{pubkey_data}; + } + my $subkey = GnuPG::SubKey->new($sub_args); $subkey->fingerprint ( GnuPG::Fingerprint->new( as_hex_string => @@ -64,6 +104,8 @@ TEST ); $handmade_key->push_subkeys( $subkey ); + # older versions do not report designated revokers for secret keys + $handmade_key->push_revokers( $revoker ) if ($gpg_is_modern); $handmade_key->compare( $given_key ); }; -- cgit v1.2.3 From 5f811409e1761765dea7a9d5dc4d51a34f2f7106 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 14:46:13 -0400 Subject: test suite: match plaintext output across versions of GnuPG The human-readable version of --list-keys is *not* expected to be static over time or as the user's environment changes (e.g. LANG or LC_MESSAGES), so expecting it to be machine-parseable is probably a mistake. That said, some users might want to pull textual information about specific keys to display directly to the user, so it's not a terrible idea to have it in the test suite. Modern GnuPG (2.1 or later) changes the default structure of the human-readable output in a few significant ways: * it writes the path to the keyring as an absolute path, even if $GNUPGHOME is set to a non-absolute path. * it shows the calculated user id validity by default (see show-uid-validity in gpg's --list-options). (note that this is a translated string, so that "unknown" (in the default C locale) becomes "inconnue" when LANG or LC_MESSAGES is set to fr_CH.UTF-8, for example. * it writes the key algorithm names differently (e.g. rsa2048 instead of 2048R) * it does not display the key ID at all by default * it displays the full fingerprint in compact form by default This changeset fixes the test suite so that it can do a rough verification of the human-readable text output by list_secret_keys in the C locale in modern versions of GnuPG, while leaving it working for older GnuPG suites. Gbp-Pq: Name 0007-test-suite-match-plaintext-output-across-versions-of.patch --- t/list_secret_keys.t | 15 +++++++++++++-- test/secret-keys/1.modern.test | 8 ++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) create mode 100644 test/secret-keys/1.modern.test diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t index 1fe9b7e..51e3651 100644 --- a/t/list_secret_keys.t +++ b/t/list_secret_keys.t @@ -16,13 +16,22 @@ TEST { reset_handles(); + $ENV{LC_MESSAGES} = 'C'; my $pid = $gnupg->list_secret_keys( handles => $handles ); close $stdin; $outfile = 'test/secret-keys/1.out'; my $out = IO::File->new( "> $outfile" ) or die "cannot open $outfile for writing: $ERRNO"; - $out->print( <$stdout> ); + while (<$stdout>) { + if ($gpg_is_modern && /^\/.*\/test\/gnupghome\/pubring.kbx$/) { + $out->print("test/gnupghome/pubring.kbx\n"); + } elsif ($gpg_is_modern && /^--*$/) { + $out->print("--------------------------\n"); + } else { + $out->print( $_ ); + } + } close $stdout; $out->close(); waitpid $pid, 0; @@ -33,7 +42,9 @@ TEST TEST { - my @files_to_test = ( 'test/secret-keys/1.0.test' ); + my $suffix = '0'; + $suffix = 'modern' if ($gpg_is_modern); + my @files_to_test = ( 'test/secret-keys/1.'.$suffix.'.test' ); return file_match( $outfile, @files_to_test ); }; diff --git a/test/secret-keys/1.modern.test b/test/secret-keys/1.modern.test new file mode 100644 index 0000000..3e46407 --- /dev/null +++ b/test/secret-keys/1.modern.test @@ -0,0 +1,8 @@ +test/gnupghome/pubring.kbx +-------------------------- +sec dsa1024 2000-02-06 [SCA] + 93AFC4B1B0288A104996B44253AE596EF950DA9C +uid [ unknown] GnuPG test key (for testing purposes only) +uid [ unknown] Foo Bar (1) +ssb elg768 2000-02-06 [E] + -- cgit v1.2.3 From 344f36f8f4588e66bfe22ec97e7a4ab1d13ad32c Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 15:22:27 -0400 Subject: fix test_default_key_passphrase when passphrase comes from agent In the modern GnuPG suite, where the passphrase is always managed by the agent, gpg itself doesn't emit the GOOD_PASSPHRASE status. Instead, if signing is successful it emits plain old SIG_CREATED. There are probably even better ways to test whether a given key is unlocked in this case, but this is a straightforward baseline fix that should get this part of the test suite to pass with all available versions of GnuPG. Gbp-Pq: Name 0008-fix-test_default_key_passphrase-when-passphrase-come.patch --- lib/GnuPG/Interface.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 83a4b1a..1f1e6d5 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -808,7 +808,7 @@ sub test_default_key_passphrase() { # all we realy want to check is the status fh while (<$status>) { - if (/^\[GNUPG:\]\s*GOOD_PASSPHRASE/) { + if (/^\[GNUPG:\]\s*(GOOD_PASSPHRASE|SIG_CREATED)/) { waitpid $pid, 0; return 1; } -- cgit v1.2.3 From e24810ba2cf280787b46b5fc8190675333d4f160 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 19:52:13 -0400 Subject: clean up trailing whitespace Gbp-Pq: Name 0009-clean-up-trailing-whitespace.patch --- lib/GnuPG/Fingerprint.pm | 2 +- lib/GnuPG/Handles.pm | 2 +- lib/GnuPG/Interface.pm | 16 ++++++++-------- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/GnuPG/Fingerprint.pm b/lib/GnuPG/Fingerprint.pm index fcb1028..81c38a7 100644 --- a/lib/GnuPG/Fingerprint.pm +++ b/lib/GnuPG/Fingerprint.pm @@ -20,7 +20,7 @@ with qw(GnuPG::HashInit); has as_hex_string => ( isa => 'Any', - is => 'rw', + is => 'rw', ); sub compare { diff --git a/lib/GnuPG/Handles.pm b/lib/GnuPG/Handles.pm index b30ca57..3eee0e3 100644 --- a/lib/GnuPG/Handles.pm +++ b/lib/GnuPG/Handles.pm @@ -73,7 +73,7 @@ GnuPG::Handles - GnuPG handles bundle = ( IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), ); - + my $handles = GnuPG::Handles->new ( stdin => $stdin, stdout => $stdout, diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 1f1e6d5..19e8070 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -833,7 +833,7 @@ GnuPG::Interface - Perl interface to GnuPG # A simple example use IO::Handle; use GnuPG::Interface; - + # setting up the situation my $gnupg = GnuPG::Interface->new(); $gnupg->options->hash_init( armor => 1, @@ -852,7 +852,7 @@ GnuPG::Interface - Perl interface to GnuPG # Now we'll go about encrypting with the options already set my @plaintext = ( 'foobar' ); my $pid = $gnupg->encrypt( handles => $handles ); - + # Now we write to the input of GnuPG print $input @plaintext; close $input; @@ -1144,7 +1144,7 @@ The following setup can be done before any of the following examples: my $handles = GnuPG::Handles->new( stdin => $input, stdout => $output ); - + # this sets up the communication # Note that the recipients were specified earlier # in the 'options' data member of the $gnupg object. @@ -1220,7 +1220,7 @@ The following setup can be done before any of the following examples: # a file written to disk # Make sure you "use IO::File" if you use this module! my $cipher_file = IO::File->new( 'encrypted.gpg' ); - + # this sets up the communication my $pid = $gnupg->decrypt( handles => $handles ); @@ -1252,7 +1252,7 @@ The following setup can be done before any of the following examples: # This time we'll just let GnuPG print to our own output # and read from our input, because no input is needed! my $handles = GnuPG::Handles->new(); - + my @ids = ( 'ftobin', '0xABCD1234' ); # this time we need to specify something for @@ -1260,7 +1260,7 @@ The following setup can be done before any of the following examples: # search ids as arguments my $pid = $gnupg->list_public_keys( handles => $handles, command_args => [ @ids ] ); - + waitpid $pid, 0; =head2 Creating GnuPG::PublicKey Objects @@ -1280,7 +1280,7 @@ The following setup can be done before any of the following examples: command_args => [ qw( test/key.1.asc ) ], handles => $handles, ); - + my @out = <$handles->stdout()>; waitpid $pid, 0; @@ -1357,7 +1357,7 @@ under the same terms as Perl itself. =head1 AUTHOR -GnuPg::Interface is currently maintained by Jesse Vincent . +GnuPg::Interface is currently maintained by Jesse Vincent . Frank J. Tobin, ftobin@cpan.org was the original author of the package. -- cgit v1.2.3 From ef4a3dc66f25d3c3cab63f9d44aee00bae2ce148 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 19:52:58 -0400 Subject: fix capitalization of GnuPG Gbp-Pq: Name 0010-fix-capitalization-of-GnuPG.patch --- README | 2 +- lib/GnuPG/Interface.pm | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README b/README index f457577..aa7c984 100644 --- a/README +++ b/README @@ -427,7 +427,7 @@ LICENSE under the same terms as Perl itself. AUTHOR - GnuPg::Interface is currently maintained by Jesse Vincent + GnuPG::Interface is currently maintained by Jesse Vincent . Frank J. Tobin, ftobin@cpan.org was the original author of the package. diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 19e8070..cf7138f 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -1357,7 +1357,7 @@ under the same terms as Perl itself. =head1 AUTHOR -GnuPg::Interface is currently maintained by Jesse Vincent . +GnuPG::Interface is currently maintained by Jesse Vincent . Frank J. Tobin, ftobin@cpan.org was the original author of the package. -- cgit v1.2.3 From 3b5c475c86275da992bb890b5714b1765757d474 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 19:57:10 -0400 Subject: ommand_args should be command_args Gbp-Pq: Name 0011-ommand_args-should-be-command_args.patch --- t/list_public_keys.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/t/list_public_keys.t b/t/list_public_keys.t index 7e563c1..a36a78b 100644 --- a/t/list_public_keys.t +++ b/t/list_public_keys.t @@ -38,7 +38,7 @@ TEST reset_handles(); my $pid = $gnupg->list_public_keys( handles => $handles, - ommand_args => '0xF950DA9C' + command_args => '0xF950DA9C' ); close $stdin; -- cgit v1.2.3 From c61fc91437552f1b60461b44dac3c474f94b77c5 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 20:05:16 -0400 Subject: use fingerprints as inputs during tests to demonstrate explicit usage Gbp-Pq: Name 0012-use-fingerprints-as-inputs-during-tests-to-demonstra.patch --- README | 6 +++--- lib/GnuPG/Interface.pm | 6 +++--- lib/GnuPG/Options.pm | 2 +- t/MyTestSpecific.pm | 2 +- t/encrypt.t | 6 +++--- t/export_keys.t | 4 ++-- t/get_public_keys.t | 2 +- t/get_secret_keys.t | 2 +- t/list_public_keys.t | 4 ++-- t/list_secret_keys.t | 4 ++-- t/list_sigs.t | 4 ++-- t/sign_and_encrypt.t | 2 +- 12 files changed, 22 insertions(+), 22 deletions(-) diff --git a/README b/README index aa7c984..ed94ede 100644 --- a/README +++ b/README @@ -228,7 +228,7 @@ EXAMPLES $gnupg->options->hash_init( armor => 1, recipients => [ 'ftobin@uiuc.edu', - '0xABCD1234' ], + '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ], meta_interactive => 0 , ); @@ -347,7 +347,7 @@ EXAMPLES # and read from our input, because no input is needed! my $handles = GnuPG::Handles->new(); - my @ids = ( 'ftobin', '0xABCD1234' ); + my @ids = ( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); # this time we need to specify something for # command_args because --list-public-keys takes @@ -358,7 +358,7 @@ EXAMPLES waitpid $pid, 0; Creating GnuPG::PublicKey Objects - my @ids = [ 'ftobin', '0xABCD1234' ]; + my @ids = [ 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ]; my @keys = $gnupg->get_public_keys( @ids ); diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index cf7138f..6eaef7d 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -1130,7 +1130,7 @@ The following setup can be done before any of the following examples: $gnupg->options->hash_init( armor => 1, recipients => [ 'ftobin@uiuc.edu', - '0xABCD1234' ], + '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ], meta_interactive => 0 , ); @@ -1253,7 +1253,7 @@ The following setup can be done before any of the following examples: # and read from our input, because no input is needed! my $handles = GnuPG::Handles->new(); - my @ids = ( 'ftobin', '0xABCD1234' ); + my @ids = ( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); # this time we need to specify something for # command_args because --list-public-keys takes @@ -1265,7 +1265,7 @@ The following setup can be done before any of the following examples: =head2 Creating GnuPG::PublicKey Objects - my @ids = [ 'ftobin', '0xABCD1234' ]; + my @ids = [ 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ]; my @keys = $gnupg->get_public_keys( @ids ); diff --git a/lib/GnuPG/Options.pm b/lib/GnuPG/Options.pm index 86261a0..7788662 100644 --- a/lib/GnuPG/Options.pm +++ b/lib/GnuPG/Options.pm @@ -198,7 +198,7 @@ GnuPG::Options - GnuPG options embodiment # assuming $gnupg is a GnuPG::Interface object $gnupg->options->armor( 1 ); - $gnupg->options->push_recipients( 'ftobin', '0xABCD1234' ); + $gnupg->options->push_recipients( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); =head1 DESCRIPTION diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index a309698..c8764cc 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -46,7 +46,7 @@ $gpg_is_modern = ($version[0] > 2 || ($version[0] == 2 && $version[1] >= 1)); $gnupg->options->hash_init( homedir => 'test/gnupghome', armor => 1, meta_interactive => 0, - meta_signing_key_id => '0xF950DA9C', + meta_signing_key_id => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', always_trust => 1, ); diff --git a/t/encrypt.t b/t/encrypt.t index 3183ac4..e6bdc08 100644 --- a/t/encrypt.t +++ b/t/encrypt.t @@ -27,7 +27,7 @@ TEST $gnupg->options->clear_recipients(); $gnupg->options->clear_meta_recipients_keys(); - $gnupg->options->push_recipients( '0x2E854A6B' ); + $gnupg->options->push_recipients( '0x7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' ); my $pid = $gnupg->encrypt( handles => $handles ); @@ -43,7 +43,7 @@ TEST { reset_handles(); - my @keys = $gnupg->get_public_keys( '0xF950DA9C' ); + my @keys = $gnupg->get_public_keys( '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); $gnupg->options->clear_recipients(); $gnupg->options->clear_meta_recipients_keys(); $gnupg->options->push_meta_recipients_keys( @keys ); @@ -64,7 +64,7 @@ TEST $gnupg->options->clear_recipients(); $gnupg->options->clear_meta_recipients_keys(); - $gnupg->options->push_recipients( '0x2E854A6B' ); + $gnupg->options->push_recipients( '0x7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' ); $handles->stdin( $texts{plain}->fh() ); $handles->options( 'stdin' )->{direct} = 1; diff --git a/t/export_keys.t b/t/export_keys.t index cf5c82b..5add064 100644 --- a/t/export_keys.t +++ b/t/export_keys.t @@ -15,7 +15,7 @@ TEST reset_handles(); my $pid = $gnupg->export_keys( handles => $handles, - command_args => '0xF950DA9C' ); + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); close $stdin; waitpid $pid, 0; @@ -31,7 +31,7 @@ TEST $handles->options( 'stdout' )->{direct} = 1; my $pid = $gnupg->export_keys( handles => $handles, - command_args => '0xF950DA9C' ); + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); waitpid $pid, 0; return $CHILD_ERROR == 0; }; diff --git a/t/get_public_keys.t b/t/get_public_keys.t index 9e96f7d..7893625 100644 --- a/t/get_public_keys.t +++ b/t/get_public_keys.t @@ -19,7 +19,7 @@ TEST { reset_handles(); - my @returned_keys = $gnupg->get_public_keys_with_sigs( '0xF950DA9C' ); + my @returned_keys = $gnupg->get_public_keys_with_sigs( '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); return 0 unless @returned_keys == 1; diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t index c798cce..a7f1348 100644 --- a/t/get_secret_keys.t +++ b/t/get_secret_keys.t @@ -18,7 +18,7 @@ TEST { reset_handles(); - my @returned_keys = $gnupg->get_secret_keys( '0xF950DA9C' ); + my @returned_keys = $gnupg->get_secret_keys( '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); return 0 unless @returned_keys == 1; diff --git a/t/list_public_keys.t b/t/list_public_keys.t index a36a78b..622b092 100644 --- a/t/list_public_keys.t +++ b/t/list_public_keys.t @@ -38,7 +38,7 @@ TEST reset_handles(); my $pid = $gnupg->list_public_keys( handles => $handles, - command_args => '0xF950DA9C' + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); close $stdin; @@ -64,7 +64,7 @@ TEST $handles->options( 'stdout' )->{direct} = 1; my $pid = $gnupg->list_public_keys( handles => $handles, - command_args => '0xF950DA9C', + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', ); waitpid $pid, 0; diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t index 51e3651..7040c38 100644 --- a/t/list_secret_keys.t +++ b/t/list_secret_keys.t @@ -55,7 +55,7 @@ TEST reset_handles(); my $pid = $gnupg->list_secret_keys( handles => $handles, - command_args => '0xF950DA9C' ); + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); close $stdin; $outfile = 'test/secret-keys/2.out'; @@ -80,7 +80,7 @@ TEST $handles->options( 'stdout' )->{direct} = 1; my $pid = $gnupg->list_secret_keys( handles => $handles, - command_args => '0xF950DA9C' ); + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); waitpid $pid, 0; diff --git a/t/list_sigs.t b/t/list_sigs.t index 16cfa6a..1301fb2 100644 --- a/t/list_sigs.t +++ b/t/list_sigs.t @@ -36,7 +36,7 @@ TEST reset_handles(); my $pid = $gnupg->list_sigs( handles => $handles, - command_args => '0xF950DA9C', + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', ); close $stdin; @@ -60,7 +60,7 @@ TEST $handles->options( 'stdout' )->{direct} = 1; my $pid = $gnupg->list_sigs( handles => $handles, - command_args => '0xF950DA9C', + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', ); waitpid $pid, 0; diff --git a/t/sign_and_encrypt.t b/t/sign_and_encrypt.t index 5dc1c08..df0fc75 100644 --- a/t/sign_and_encrypt.t +++ b/t/sign_and_encrypt.t @@ -14,7 +14,7 @@ TEST { reset_handles(); - $gnupg->options->push_recipients( '0x2E854A6B' ); + $gnupg->options->push_recipients( '0x7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' ); my $pid = $gnupg->sign_and_encrypt( handles => $handles ); print $stdin @{ $texts{plain}->data() }; -- cgit v1.2.3 From 9e0245075ca45ba059c4cdd3e2fa50ae60e7fd38 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 20:17:49 -0400 Subject: move key files to generic names Gbp-Pq: Name 0013-move-key-files-to-generic-names.patch --- t/000_setup.t | 2 +- test/public_keys.pgp | Bin 0 -> 3418 bytes test/pubring.gpg | Bin 3418 -> 0 bytes test/secret_keys.pgp | Bin 0 -> 1241 bytes test/secring.gpg | Bin 1241 -> 0 bytes 5 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 test/public_keys.pgp delete mode 100644 test/pubring.gpg create mode 100644 test/secret_keys.pgp delete mode 100644 test/secring.gpg diff --git a/t/000_setup.t b/t/000_setup.t index 7f7f7b0..a8e3042 100644 --- a/t/000_setup.t +++ b/t/000_setup.t @@ -19,7 +19,7 @@ TEST copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); reset_handles(); - my $pid = $gnupg->import_keys(command_args => [ 'test/pubring.gpg', 'test/secring.gpg' ], + my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp' ], options => [ 'batch'], handles => $handles); waitpid $pid, 0; diff --git a/test/public_keys.pgp b/test/public_keys.pgp new file mode 100644 index 0000000..60b008a Binary files /dev/null and b/test/public_keys.pgp differ diff --git a/test/pubring.gpg b/test/pubring.gpg deleted file mode 100644 index 60b008a..0000000 Binary files a/test/pubring.gpg and /dev/null differ diff --git a/test/secret_keys.pgp b/test/secret_keys.pgp new file mode 100644 index 0000000..aa34674 Binary files /dev/null and b/test/secret_keys.pgp differ diff --git a/test/secring.gpg b/test/secring.gpg deleted file mode 100644 index aa34674..0000000 Binary files a/test/secring.gpg and /dev/null differ -- cgit v1.2.3 From 7c706156866d92b36c2c6a6727de2a114ae3184f Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 20:25:48 -0400 Subject: fix spelling: s/convience/convenience/ Gbp-Pq: Name 0014-fix-spelling-s-convience-convenience.patch --- README | 4 ++-- lib/GnuPG/Interface.pm | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README b/README index ed94ede..a05ef9b 100644 --- a/README +++ b/README @@ -143,7 +143,7 @@ OBJECT METHODS does not come into play. If the passphrase data member handle of the handles object is not defined, but the the passphrase data member handle of GnuPG::Interface object is, GnuPG::Interface will handle - passing this information into GnuPG for the user as a convience. + passing this information into GnuPG for the user as a convenience. Note that this will result in GnuPG::Interface storing the passphrase in memory, instead of having it simply 'pass-through' to GnuPG via a handle. @@ -271,7 +271,7 @@ EXAMPLES ); # indicate our pasphrase through the - # convience method + # convenience method $gnupg->passphrase( $passphrase ); # this sets up the communication diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 6eaef7d..29205f0 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -1008,7 +1008,7 @@ and so this information is not generated and does not come into play. If the B data member handle of the B object is not defined, but the the B data member handle of GnuPG::Interface object is, GnuPG::Interface will handle passing this information into GnuPG -for the user as a convience. Note that this will result in +for the user as a convenience. Note that this will result in GnuPG::Interface storing the passphrase in memory, instead of having it simply 'pass-through' to GnuPG via a handle. @@ -1175,7 +1175,7 @@ The following setup can be done before any of the following examples: ); # indicate our pasphrase through the - # convience method + # convenience method $gnupg->passphrase( $passphrase ); # this sets up the communication -- cgit v1.2.3 From 500c5565705d73d7b06e809b14fbf2fa417bd685 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 20:59:43 -0400 Subject: added new secret key with different passphrase Adding a new secret key with a different passphrase should allow us to differentiate between passing the passphrase explicitly and relying on the agent + pinentry. Gbp-Pq: Name 0015-added-new-secret-key-with-different-passphrase.patch --- t/000_setup.t | 2 +- test/new_secret.pgp | 58 ++++++++++++++++++++++++++++++++++++++++++ test/secret-keys/1.0.test | 4 +++ test/secret-keys/1.modern.test | 5 ++++ 4 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 test/new_secret.pgp diff --git a/t/000_setup.t b/t/000_setup.t index a8e3042..b183241 100644 --- a/t/000_setup.t +++ b/t/000_setup.t @@ -19,7 +19,7 @@ TEST copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); reset_handles(); - my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp' ], + my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp', 'test/new_secret.pgp' ], options => [ 'batch'], handles => $handles); waitpid $pid, 0; diff --git a/test/new_secret.pgp b/test/new_secret.pgp new file mode 100644 index 0000000..5feb72c --- /dev/null +++ b/test/new_secret.pgp @@ -0,0 +1,58 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQPGBFf9iNIBCACZGF36JFTAggUJK85gweUquqh0kvVQICUtyiHXFXBBPzCK+RWL +oc5yeOfILHH7FfOztwPH1oJ7SWQtOgpuoiMHPtF7ne+MYevMf9jTYb/xCT0yZID5 +/ieoHwUQQPiowxGewOww23RLQ1Cf46nqGBUD+fsWwT2Eq6ojLp/H72h+2lQ1ZCWd +Q/9MSQQgDo5tWptokFGmLBKCS59pYMBaLbKSj7lFa/ekPm9zhcdmmLrLHCS9rIUP +VKlWAg02MVmMB4fYm9nbtuwYHWvbDFYzpVr2WNlRZlPy0Y46ahxFbFwhtmOJAgT1 +tgaQtDXo3kXRXngYZstDfe61Hqmc44j1vJ4VABEBAAH+BwMCnvb4v9vnhhzmdZdJ +EzK3ikXYQp3PcOMDlRE5qtBmXhOJXH2tdEmXjegjWGA501eeoks0VnpBba2m4B36 +Z37fjpOEi4QOuTn6emVwijJZgmmTAC7JHNzAW+IsiRvk/2907UZCwa/1UQpC0bik +pHTZx+yKp33vGbkbCkKgHFQoHcS9D1by0WOkaLSlcE9CUCKb5LCe2Q1KDwZGrg60 +4WUvg9eM2eatixAyOJEoRONlXDcQnUhSnG5+TUPNhVVWIaM/tPAgYmBG5oCSJ/N0 +ls8cXoOVup/itBHo2Bfn+nyh0OAWdgdVmB0rPYUCLJV0FiQx5tB59OHmA3Naokj5 +rvumyklCg314NnkEXrbPq7kKbX0X8UPoXdzAmalb4++OhgzEwd3NkWxvFSxKkQAt +XAU5i9XNHJXLwATAMlEaXMBmfcpjyIx4WpBUSmYMTjh0Nu5ee+kGvMY9fUxOKbet +IS9agFSMwVNRsX91+pKtBCQc7Je5tIrLhC8Hbvotn0GA8iFgu6LBqkrUO9Rh30Xs +vzz3oXm7WgHbL30m9h+rJ2dmPZOwmW/0zRUec/7alizx0T4sLx7T0qUPUxeEjkeU +JWtqfrcXEc3xIR9r5S2xqsUSKx6h1UhHMeMtQaDBgeH/Syq7a2gnkNoY84xxojGj +lGkis5PF3xFpYqvjY0thyPFNxQguRlqktN8gNB+V1dShbCpNI9bDzv4pzvogEiM0 +EM/xvJSCkARCe6nqOugWV8j5f3+9tuyREqcidHq+PR+USoNYdUWQO14kPY6e62wO +lC5B4G7TDQtigCfOyEOiPXYC/qnC8sPVR2u5bCYm2YJT7L+rYRLSN+628qz7BwH3 +9XtpnRtBFWpjI5qjn4uMM42e3k5UVB/r4GyrLXhEuO8D81TVzRQhjiqLweguk73h +VDjEd0yachHbtCxHbnVQRzo6SW50ZXJmYWNlIFRlc3Qga2V5IDx0ZXN0QGV4YW1w +bGUub3JnPokBNwQTAQgAIQUCV/2I0gIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIX +gAAKCRAbkTzptnR93EZkB/9groVsVMBJtGP1GSFMg2Q9loyijXT2P6hCbUTS4YMz +O4jQPB8UQ39XIhyWo7hVGsXeA777+7VTto7q0CG9Ph7FTGKK8W2AnzTUKNdXAC6h +qIc+ymvlm71GxhkKFR0vDbFg6CLJ/MX/x1Bd0TKh4RZtgOqX6A7Pzw/AI7f2YJcJ +BKPT+/q/F/Wp1r+mxZ5pxUvYm643GVzdnbtuoqgBLng/3n1zjIz+oIz6RGBjzHni +3TUTKe//ewn1lIdTxPdUZA9G4vTE5dCnM4MHTxQSXA+aUexuONswQhiANtfVCW8c +sf9MQpkQ/Vqv9hfeYwH4pJ8IPK1No9F0a0fvnq2JaX4gnQPGBFf9iNIBCADEQ6HK +s5tWN2Ph/3A6D0A2nSc6m1Mh/AXhdptka0aPhhVgspCmQ1lJP/Kdf6AnlCi6u1G7 +QXvGX8OtbKNosLi91nIqvNwckUOvXrLcAk/epkmidopOuHUZhE+1UaLKs7UssBOe +TQTtADdl2786E3qbtaNrjDTvbNesU1DEZjNoBWfKYHZYv2wCF170Lwzp7NJhAueO +bTwfUO8EusST6d1NYB0zFxbBi60/hJHCfcAuaSn00jFQ+kj8m7jXCgcyB+1+25d2 +gpPbs19S4pi9f7eQflhglm0wB13C6yl+YgwVZQxU/fU70jgSYhkXNPx5bEN3WGkg +4hnP53hrsI4p3se1ABEBAAH+BwMCAppvwSTp9Y/mu317D14a9k6m/zC2LrzPx6dl +P3GtDJUCs1CVH/wXsUxLY4hAgS188xPhNLuIWuXwQ7qX7E8kanxgPqeK7NTAPKxH +CEqJPevFRBtftHq3zqZZF9CHXulDO3KkWxIHANMclq+zcUotrc4GXIxeYjewXv9p +tzKEjlt27Q00VvwRM7JVxBlC3xJvKXf6zyRoUt2/Clq+CFkb2s+dAzCI52o7tlB9 +El84sTIlJr0+b6+GcwrKonS8HcGUECfYmSiIiNmxlkJ/4OabDlDYlzvmCYv2pMjc +Bif70Dowb8TBD/iTFLPY2lkhqBFi3Bcqc51MVecaQk3rRbVyOqhvGaRE084/LmkN +gkE6vQKRSbzRmYwyKC/QUKOW5qbl5Jf3lrjVeM5tEnvJeRCfZEokKjIZul4nX4dK +zxH+l+sCUA+RnEeGB2y1yhnPkP4dYHEb8iMLINqXQd18FpBFSs9yv9tFWJhdblUK +SiS8DXmuoZI2Mk8yMZ0j0bi8mu9eh52dqYgBGD7TgjP5vpYU/zbtpNgMP0Zvne1X +gig6NKK1+3VAZaiOvYUUHZERJGp/eggTtF66cD/0EHJjoZ/0pAciEvWYUyXWVBdj +eVWBZE/RVOwrTMBVtrxQsPJ3sfeGlLt21IZYKathTZ/dn5PSlU+i4f9VyC/hHd8S +xouQU3nB//ihbrR65YH5E53e8+jPaRtFvLbcqmY8YftV0y/5BZwduZoxcOtxD3A0 +J/2GVpUhs3WngCksdUAEbrEXzKKSOC7b4KDw2sTIT5xHra4CBK5L5N85ny8tG7A6 +wmTt+6PHo51gx/W/0jiMB3rEiGoTZ86uWLaGv5SgqLP49euCIEXNKK9srFK3o7QE +04upH9zOXR8ytvPOLy/K5zT6YH2eyNs19sWfjAfP/bxhnrDYajsZ2WKZiQEfBBgB +CAAJBQJX/YjSAhsMAAoJEBuRPOm2dH3c+6kH+wWoEqTlPdPLZcTN8I5a6HHD0Ul8 +7xt3OtiRFoMD2M+zgLvImaj8AULap4w/0G+J+7PCUER8JhcePSzLbizfpTczbDP2 +E1LhEM8IBE6GT8yL8VB9AL1xW+hXIi5sWW/f900deOhoh7ikrP7KxT0c8zQjaaqV +n6bio93CvZ3yBqMO20apwWDyiSoBpXVjLrW00BdL8i9Rsf6v5UwIIy9o7pfjK5zo +mAZM2dKzlp9z4q5P6yE4aXI0bHz+XvG7hdpkHmjG5A+EQCnN2qoDNIA4QiRhH8TQ +aTaj4AlCiCAV2hEelPYve5QKccAsfC//qr+FMF+0bhZa05X2afxLYtku0Ms= +=ftgB +-----END PGP PRIVATE KEY BLOCK----- diff --git a/test/secret-keys/1.0.test b/test/secret-keys/1.0.test index 129d472..f8239a9 100644 --- a/test/secret-keys/1.0.test +++ b/test/secret-keys/1.0.test @@ -5,3 +5,7 @@ uid GnuPG test key (for testing purposes only) uid Foo Bar (1) ssb 768g/2E854A6B 2000-02-06 +sec 2048R/B6747DDC 2016-10-12 +uid GnuPG::Interface Test key +ssb 2048R/AE441D0F 2016-10-12 + diff --git a/test/secret-keys/1.modern.test b/test/secret-keys/1.modern.test index 3e46407..42b27a1 100644 --- a/test/secret-keys/1.modern.test +++ b/test/secret-keys/1.modern.test @@ -6,3 +6,8 @@ uid [ unknown] GnuPG test key (for testing purposes only) uid [ unknown] Foo Bar (1) ssb elg768 2000-02-06 [E] +sec rsa2048 2016-10-12 [SC] + 278F850AA702911F1318F0A61B913CE9B6747DDC +uid [ unknown] GnuPG::Interface Test key +ssb rsa2048 2016-10-12 [E] + -- cgit v1.2.3 From f1a0d94040443490400b08b37307212f775bfc68 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 21:29:22 -0400 Subject: Test use of gpg without explicit passphrase (agent+pinentry) The modern GnuPG suite encourages the use of gpg-agent to control access to secret key material. In this use case, we avoid setting an explicit passphrase in code, and rely on either a correctly-configured and primed gpg-agent or a dedicated pinentry program to supply the passphrase. This additional test verifies that the passphrase can be handled by the agent. Note that the passphrase for this additional test key is *not* the default passphrase, so this test should fail in the event that gpg can't use the agent and the pinentry for this task. Unfortunately, this all assumes that we're using GnuPG "Modern". I've noted concerns about writing forward- and backward-compatible bindings for GnuPG here: https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html Gbp-Pq: Name 0016-Test-use-of-gpg-without-explicit-passphrase-agent-pi.patch --- README | 41 +++++++++++++++++++++++++++-------------- lib/GnuPG/Interface.pm | 26 +++++++++++++++++++++++++- t/MyTestSpecific.pm | 10 ++++++++-- t/decrypt.t | 27 +++++++++++++++++++++++++++ test/encrypted.2.gpg | 12 ++++++++++++ test/fake-pinentry.pl | 2 +- test/plain.2.txt | 1 + 7 files changed, 101 insertions(+), 18 deletions(-) create mode 100644 test/encrypted.2.gpg create mode 100644 test/plain.2.txt diff --git a/README b/README index a05ef9b..be06ef3 100644 --- a/README +++ b/README @@ -5,7 +5,7 @@ SYNOPSIS # A simple example use IO::Handle; use GnuPG::Interface; - + # setting up the situation my $gnupg = GnuPG::Interface->new(); $gnupg->options->hash_init( armor => 1, @@ -24,7 +24,7 @@ SYNOPSIS # Now we'll go about encrypting with the options already set my @plaintext = ( 'foobar' ); my $pid = $gnupg->encrypt( handles => $handles ); - + # Now we write to the input of GnuPG print $input @plaintext; close $input; @@ -140,13 +140,26 @@ OBJECT METHODS standard error, standard output, or standard error. If the status or logger handle is not defined, this channel of communication is never established with GnuPG, and so this information is not generated and - does not come into play. If the passphrase data member handle of the - handles object is not defined, but the the passphrase data member - handle of GnuPG::Interface object is, GnuPG::Interface will handle - passing this information into GnuPG for the user as a convenience. - Note that this will result in GnuPG::Interface storing the - passphrase in memory, instead of having it simply 'pass-through' to - GnuPG via a handle. + does not come into play. + + If the passphrase data member handle of the handles object is not + defined, but the the passphrase data member handle of + GnuPG::Interface object is, GnuPG::Interface will handle passing + this information into GnuPG for the user as a convenience. Note that + this will result in GnuPG::Interface storing the passphrase in + memory, instead of having it simply 'pass-through' to GnuPG via a + handle. + + If neither the passphrase data member of the GnuPG::Interface nor + the passphrase data member of the handles object is defined, then + GnuPG::Interface assumes that access and control over the secret key + will be handled by the running gpg-agent process. This represents + the simplest mode of operation with the GnuPG "modern" suite + (version 2.1 and later). It is also the preferred mode for tools + intended to be user-facing, since the user will be prompted directly + by gpg-agent for use of the secret key material. Note that for + programmatic use, this mode requires the gpg-agent and pinentry to + already be correctly configured. Other Methods get_public_keys( @search_strings ) @@ -241,7 +254,7 @@ EXAMPLES my $handles = GnuPG::Handles->new( stdin => $input, stdout => $output ); - + # this sets up the communication # Note that the recipients were specified earlier # in the 'options' data member of the $gnupg object. @@ -315,7 +328,7 @@ EXAMPLES # a file written to disk # Make sure you "use IO::File" if you use this module! my $cipher_file = IO::File->new( 'encrypted.gpg' ); - + # this sets up the communication my $pid = $gnupg->decrypt( handles => $handles ); @@ -346,7 +359,7 @@ EXAMPLES # This time we'll just let GnuPG print to our own output # and read from our input, because no input is needed! my $handles = GnuPG::Handles->new(); - + my @ids = ( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); # this time we need to specify something for @@ -354,7 +367,7 @@ EXAMPLES # search ids as arguments my $pid = $gnupg->list_public_keys( handles => $handles, command_args => [ @ids ] ); - + waitpid $pid, 0; Creating GnuPG::PublicKey Objects @@ -372,7 +385,7 @@ EXAMPLES command_args => [ qw( test/key.1.asc ) ], handles => $handles, ); - + my @out = <$handles->stdout()>; waitpid $pid, 0; diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 29205f0..5d8b0ec 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -106,6 +106,14 @@ sub fork_attach_exec( $% ) { my ( $self, %args ) = @_; my $handles = $args{handles} or croak 'no GnuPG::Handles passed'; + my $use_loopback_pinentry = 0; + + # WARNING: this assumes that we're using the "modern" GnuPG suite + # -- version 2.1.x or later. It's not clear to me how we can + # safely and efficiently avoid this assumption (see + # https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html) + $use_loopback_pinentry = 1 + if ($handles->passphrase()); # deprecation support $args{commands} ||= $args{gnupg_commands}; @@ -293,8 +301,12 @@ sub fork_attach_exec( $% ) { $self->options->$option($fileno); } + my @args = $self->options->get_args(); + push @args, '--pinentry-mode', 'loopback' + if $use_loopback_pinentry; + my @command = ( - $self->call(), $self->options->get_args(), + $self->call(), @args, @commands, @command_args ); @@ -1005,6 +1017,7 @@ and standard error will be tied to the running program's standard error, standard output, or standard error. If the B or B handle is not defined, this channel of communication is never established with GnuPG, and so this information is not generated and does not come into play. + If the B data member handle of the B object is not defined, but the the B data member handle of GnuPG::Interface object is, GnuPG::Interface will handle passing this information into GnuPG @@ -1012,6 +1025,17 @@ for the user as a convenience. Note that this will result in GnuPG::Interface storing the passphrase in memory, instead of having it simply 'pass-through' to GnuPG via a handle. +If neither the B data member of the GnuPG::Interface nor +the B data member of the B object is defined, +then GnuPG::Interface assumes that access and control over the secret +key will be handled by the running gpg-agent process. This represents +the simplest mode of operation with the GnuPG "modern" suite (version +2.1 and later). It is also the preferred mode for tools intended to +be user-facing, since the user will be prompted directly by gpg-agent +for use of the secret key material. Note that for programmatic use, +this mode requires the gpg-agent and pinentry to already be correctly +configured. + =back =head2 Other Methods diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index c8764cc..e513c25 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -55,9 +55,15 @@ struct( Text => { fn => "\$", fh => "\$", data => "\$" } ); $texts{plain} = Text->new(); $texts{plain}->fn( 'test/plain.1.txt' ); +$texts{alt_plain} = Text->new(); +$texts{alt_plain}->fn( 'test/plain.2.txt' ); + $texts{encrypted} = Text->new(); $texts{encrypted}->fn( 'test/encrypted.1.gpg' ); +$texts{alt_encrypted} = Text->new(); +$texts{alt_encrypted}->fn( 'test/encrypted.2.gpg' ); + $texts{signed} = Text->new(); $texts{signed}->fn( 'test/signed.1.asc' ); @@ -68,7 +74,7 @@ $texts{temp} = Text->new(); $texts{temp}->fn( 'test/temp' ); -foreach my $name ( qw( plain encrypted signed key ) ) +foreach my $name ( qw( plain alt_plain encrypted alt_encrypted signed key ) ) { my $entry = $texts{$name}; my $filename = $entry->fn(); @@ -90,7 +96,7 @@ sub reset_handles stderr => $stderr ); - foreach my $name ( qw( plain encrypted signed key ) ) + foreach my $name ( qw( plain alt_plain encrypted alt_encrypted signed key ) ) { my $entry = $texts{$name}; my $filename = $entry->fn(); diff --git a/t/decrypt.t b/t/decrypt.t index b2639ed..ee41448 100644 --- a/t/decrypt.t +++ b/t/decrypt.t @@ -58,3 +58,30 @@ TEST { return compare( $texts{plain}->fn(), $texts{temp}->fn() ) == 0; }; + + +# test without default_passphrase (that is, by using the agent) +TEST +{ + reset_handles(); + + $handles->stdin( $texts{alt_encrypted}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + + $handles->stdout( $texts{temp}->fh() ); + $handles->options( 'stdout' )->{direct} = 1; + + $gnupg->clear_passphrase(); + + my $pid = $gnupg->decrypt( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + return compare( $texts{alt_plain}->fn(), $texts{temp}->fn() ) == 0; +}; diff --git a/test/encrypted.2.gpg b/test/encrypted.2.gpg new file mode 100644 index 0000000..105cbb3 --- /dev/null +++ b/test/encrypted.2.gpg @@ -0,0 +1,12 @@ +-----BEGIN PGP MESSAGE----- + +hQEMAw3NS2KuRB0PAQgAuCMQO6blPRIJZib+kDa51gac+BYPl8caXYTLqIHtiz2/ +YRVqePJON4lNAqT6qUksIzQHtejFO6tb1SLqgX9Ti+fKAMLrQw9VGOYaJFoRrTJs ++X33S4GHVVikRTu0dydAsekbfPSc2nRmTFUlSEV3psgAmg9xy8KA6cZroK9Xfcuh +xW7KLE0hLP+2NZ7zNmJMdu6LDGzvlQsnm1UeElXK8XdMGf8kA3R+GgeeOnR/oEQc +Uep77k/fLc+UV4fp9Dk1OBeg3Ko/irSaefk4mU7F4HmS8jIERHRvXBTiur1Zx8Nx +9U3fcQuc+P9+JC89iS4PJPF1Hr0MlezAghZYJrhOrtJIAe5Uaft5KMGRfy0VQnAs +MHqGnGtzzVWK6GK83ibgG4tTfPEHHIgNFsJf3rM4cWklUmCS9TeeDJJZfhnRA6+/ +X82e6OI7QNbO +=DlGE +-----END PGP MESSAGE----- diff --git a/test/fake-pinentry.pl b/test/fake-pinentry.pl index 12d3611..40b8b08 100755 --- a/test/fake-pinentry.pl +++ b/test/fake-pinentry.pl @@ -21,7 +21,7 @@ while () { chomp; next if (/^$/); next if (/^#/); - print ("D test\n") if (/^getpin/i); + print ("D supercalifragilisticexpialidocious\n") if (/^getpin/i); print "OK\n"; exit if (/^bye/i); } diff --git a/test/plain.2.txt b/test/plain.2.txt new file mode 100644 index 0000000..da5a1d5 --- /dev/null +++ b/test/plain.2.txt @@ -0,0 +1 @@ +test message -- cgit v1.2.3 From ddc919c9c1fa7181662bfcb60ee3edf8d715b589 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 25 May 2017 16:07:45 -0400 Subject: Kill any GnuPG agent before and after the test suite. This helps to ensure that the test suite daemon is started fresh at every test suite run. And it also avoids leaving a daemon running after the test suite, assuming the test suite manages to reach the end. This is considered a reasonable practice by upstream. Gbp-Pq: Name 0017-Kill-any-GnuPG-agent-before-and-after-the-test-suite.patch --- t/000_setup.t | 3 +++ t/zzz_cleanup.t | 2 ++ 2 files changed, 5 insertions(+) diff --git a/t/000_setup.t b/t/000_setup.t index b183241..4dc4329 100644 --- a/t/000_setup.t +++ b/t/000_setup.t @@ -17,6 +17,9 @@ TEST $agentconf->write("pinentry-program " . getcwd() . "/test/fake-pinentry.pl\n"); $agentconf->close(); copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); + # reset the state of any long-lived gpg-agent, ignoring errors: + system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); + reset_handles(); my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp', 'test/new_secret.pgp' ], diff --git a/t/zzz_cleanup.t b/t/zzz_cleanup.t index 5c03a72..eea3a48 100644 --- a/t/zzz_cleanup.t +++ b/t/zzz_cleanup.t @@ -12,6 +12,8 @@ use File::Path qw (remove_tree); TEST { my $err = []; + # kill off any long-lived gpg-agent, ignoring errors: + system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); remove_tree('test/gnupghome', {error => \$err}); return ! @$err; }; -- cgit v1.2.3 From fc8cd3e445b2c8b94c8515695bd906b896b8cb1d Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 26 May 2017 09:51:40 -0400 Subject: Use a short temporary homedir during the test suite This avoids problems with the length of the path to the homedir as compared to the size limits of sockaddr_un.sun_path, particularly on systems where /run/user/$(id -u) is not present or available (such as many minimalist build environments). Gbp-Pq: Name 0018-Use-a-short-temporary-homedir-during-the-test-suite.patch --- t/000_setup.t | 9 +++++---- t/MyTestSpecific.pm | 18 +++++++++++++++++- t/list_secret_keys.t | 3 ++- t/zzz_cleanup.t | 6 ++++-- 4 files changed, 28 insertions(+), 8 deletions(-) diff --git a/t/000_setup.t b/t/000_setup.t index 4dc4329..82d7005 100644 --- a/t/000_setup.t +++ b/t/000_setup.t @@ -12,13 +12,14 @@ use File::Copy; TEST { - make_path('test/gnupghome', { mode => 0700 }); - my $agentconf = IO::File->new( "> test/gnupghome/gpg-agent.conf" ); + my $homedir = $gnupg->options->homedir(); + make_path($homedir, { mode => 0700 }); + my $agentconf = IO::File->new( "> " . $homedir . "/gpg-agent.conf" ); $agentconf->write("pinentry-program " . getcwd() . "/test/fake-pinentry.pl\n"); $agentconf->close(); - copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); + copy('test/gpg.conf', $homedir . '/gpg.conf'); # reset the state of any long-lived gpg-agent, ignoring errors: - system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); + system('gpgconf', '--homedir', $homedir, '--quiet', '--kill', 'gpg-agent'); reset_handles(); diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index e513c25..809d55c 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -22,6 +22,7 @@ use IO::Seekable; use File::Compare; use Exporter; use Class::Struct; +use File::Temp qw (tempdir); use GnuPG::Interface; use GnuPG::Handles; @@ -40,10 +41,25 @@ use vars qw( @ISA @EXPORT $gnupg = GnuPG::Interface->new( passphrase => 'test' ); + +my $homedir; +if (-f "test/gnupghome") { + my $record = IO::File->new( "< test/gnupghome" ); + $homedir = <$record>; + $record->close(); +} else { + $homedir = tempdir( DIR => '/tmp'); + my $record = IO::File->new( "> test/gnupghome" ); + $record->write($homedir); + $record->close(); +} + my @version = split('\.', $gnupg->version()); $gpg_is_modern = ($version[0] > 2 || ($version[0] == 2 && $version[1] >= 1)); -$gnupg->options->hash_init( homedir => 'test/gnupghome', + + +$gnupg->options->hash_init( homedir => $homedir, armor => 1, meta_interactive => 0, meta_signing_key_id => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t index 7040c38..d1e3f30 100644 --- a/t/list_secret_keys.t +++ b/t/list_secret_keys.t @@ -23,8 +23,9 @@ TEST $outfile = 'test/secret-keys/1.out'; my $out = IO::File->new( "> $outfile" ) or die "cannot open $outfile for writing: $ERRNO"; + my $modern_pubring_line = $gnupg->options->homedir() . "/pubring.kbx\n"; while (<$stdout>) { - if ($gpg_is_modern && /^\/.*\/test\/gnupghome\/pubring.kbx$/) { + if ($gpg_is_modern && ($_ eq $modern_pubring_line)) { $out->print("test/gnupghome/pubring.kbx\n"); } elsif ($gpg_is_modern && /^--*$/) { $out->print("--------------------------\n"); diff --git a/t/zzz_cleanup.t b/t/zzz_cleanup.t index eea3a48..c3ec16f 100644 --- a/t/zzz_cleanup.t +++ b/t/zzz_cleanup.t @@ -11,9 +11,11 @@ use File::Path qw (remove_tree); # this is actually no test, just cleanup. TEST { + my $homedir = $gnupg->options->homedir(); my $err = []; # kill off any long-lived gpg-agent, ignoring errors: - system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); - remove_tree('test/gnupghome', {error => \$err}); + system('gpgconf', '--homedir', $homedir, '--quiet', '--kill', 'gpg-agent'); + remove_tree($homedir, {error => \$err}); + unlink('test/gnupghome'); return ! @$err; }; -- cgit v1.2.3 From a8bc0d1d8ef41c5236839e5fe8b1e7ec0ed5ac22 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 26 May 2017 18:15:24 -0400 Subject: Make things work with gpg1 (assuming plain 'gpg' is modern) * avoid sending --pinentry-mode=loopback if gpg is invoked as gpg1 * fix up t/list_secret_keys to account for the varied output * t/decrypt.t still fails two agent-only tests, but presumably folks who use gpg1 are not expecting to use the agent. Gbp-Pq: Name 0019-Make-things-work-with-gpg1-assuming-plain-gpg-is-mod.patch --- lib/GnuPG/Interface.pm | 5 ++++- t/list_secret_keys.t | 9 +++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 5d8b0ec..f80ead5 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -112,8 +112,11 @@ sub fork_attach_exec( $% ) { # -- version 2.1.x or later. It's not clear to me how we can # safely and efficiently avoid this assumption (see # https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html) + # + # as a (brittle and incomplete) cleanup, we will avoid trying to + # send pinentry-loopback if the program is invoked as "gpg1" $use_loopback_pinentry = 1 - if ($handles->passphrase()); + if ($handles->passphrase() && ! ($self->call =~ m/gpg1$/)); # deprecation support $args{commands} ||= $args{gnupg_commands}; diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t index d1e3f30..8e3c911 100644 --- a/t/list_secret_keys.t +++ b/t/list_secret_keys.t @@ -23,11 +23,12 @@ TEST $outfile = 'test/secret-keys/1.out'; my $out = IO::File->new( "> $outfile" ) or die "cannot open $outfile for writing: $ERRNO"; - my $modern_pubring_line = $gnupg->options->homedir() . "/pubring.kbx\n"; + my $seckey_file = $gpg_is_modern ? 'pubring.kbx' : 'secring.gpg'; + my $pubring_line = $gnupg->options->homedir() . '/' . $seckey_file . "\n"; while (<$stdout>) { - if ($gpg_is_modern && ($_ eq $modern_pubring_line)) { - $out->print("test/gnupghome/pubring.kbx\n"); - } elsif ($gpg_is_modern && /^--*$/) { + if ($_ eq $pubring_line) { + $out->print('test/gnupghome/'.$seckey_file."\n"); + } elsif (/^--*$/) { $out->print("--------------------------\n"); } else { $out->print( $_ ); -- cgit v1.2.3 From 7d8d87b92bedd946bf8b4da21b587974eb123294 Mon Sep 17 00:00:00 2001 From: Niko Tyni Date: Wed, 20 Jun 2018 21:57:50 +0300 Subject: [PATCH] Fix test suite for GnuPG >= 2.2.6 compatibility GnuPG 2.2.6 (commit 1a5d95e7319e7e6f) started marking signatures with an expired key with '?', as seen with for instance GNUPGHOME=./test/gnupghome/ gpg --list-sigs 0xF950DA9C Adapt the test suite accordingly. See https://dev.gnupg.org/rG1a5d95e7319e7e6f0dd11064a26cbbc371b05214 Bug-Debian: https://bugs.debian.org/900051 Bug: https://github.com/bestpractical/gnupg-interface/pull/1 Gbp-Pq: Name 0001-Fix-test-suite-for-GnuPG-2.2.6-compatibility.patch --- t/get_public_keys.t | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/t/get_public_keys.t b/t/get_public_keys.t index 7893625..ede080a 100644 --- a/t/get_public_keys.t +++ b/t/get_public_keys.t @@ -13,8 +13,12 @@ use MyTestSpecific; use GnuPG::PrimaryKey; use GnuPG::SubKey; +use version; + my ( $given_key, $handmade_key ); +my $gnupg_version = version->parse($gnupg->version); + TEST { reset_handles(); @@ -74,7 +78,7 @@ TEST date_string => '2000-03-16', hex_id => '56FFD10A260C4FA3', sig_class => 0x10, - validity => '!'), + validity => $gnupg_version < version->parse('2.2.6') ? '!' : '?'), GnuPG::Signature->new( date => 949813093, algo_num => 17, @@ -115,7 +119,7 @@ TEST date_string => '2000-03-16', hex_id => '56FFD10A260C4FA3', sig_class => 0x10, - validity => '!'), + validity => $gnupg_version < version->parse('2.2.6') ? '!' : '?'), GnuPG::Signature->new( date => 953179891, algo_num => 17, -- cgit v1.2.3 From f2789efe8a4c0a856057d67fbb594195651de2b1 Mon Sep 17 00:00:00 2001 From: Niko Tyni Date: Sun, 24 Jun 2018 16:19:25 +0300 Subject: [PATCH] Fix test suite for GnuPG >= 2.2.8 compatibility GnuPG 2.2.8 onwards issues a hard failure when decrypting messages not using the MDC mode. Bug-Debian: https://bugs.debian.org/900051 Bug: https://github.com/bestpractical/gnupg-interface/pull/1 Gbp-Pq: Name 0001-Fix-test-suite-for-GnuPG-2.2.8-compatibility.patch --- t/decrypt.t | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/t/decrypt.t b/t/decrypt.t index ee41448..2d6740c 100644 --- a/t/decrypt.t +++ b/t/decrypt.t @@ -6,6 +6,7 @@ use strict; use English qw( -no_match_vars ); use File::Compare; +use version; use lib './t'; use MyTest; @@ -13,6 +14,8 @@ use MyTestSpecific; my $compare; +my $gnupg_version = version->parse($gnupg->version); + TEST { reset_handles(); @@ -26,7 +29,13 @@ TEST close $stdout; waitpid $pid, 0; - return $CHILD_ERROR == 0;; + if ($gnupg_version < version->parse('2.2.8')) { + return $CHILD_ERROR == 0;; + } else { + local $/ = undef; + my $errstr = <$stderr>; + return (($CHILD_ERROR >> 8 == 2) and ($errstr =~ /ignore-mdc-error/)); + } }; @@ -50,7 +59,13 @@ TEST waitpid $pid, 0; - return $CHILD_ERROR == 0; + if ($gnupg_version < version->parse('2.2.8')) { + return $CHILD_ERROR == 0; + } else { + local $/ = undef; + my $errstr = <$stderr>; + return (($CHILD_ERROR >> 8 == 2) and ($errstr =~ /ignore-mdc-error/)); + } }; -- cgit v1.2.3 From 9134c9226e18e80252e32a8c697026de99f4efb7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 07:26:00 +0200 Subject: fix spelling error ("settting" should be "setting") Gbp-Pq: Name 0001-fix-spelling-error-settting-should-be-setting.patch --- README | 2 +- lib/GnuPG/Interface.pm | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README b/README index fcb982a..f457577 100644 --- a/README +++ b/README @@ -6,7 +6,7 @@ SYNOPSIS use IO::Handle; use GnuPG::Interface; - # settting up the situation + # setting up the situation my $gnupg = GnuPG::Interface->new(); $gnupg->options->hash_init( armor => 1, homedir => '/home/foobar' ); diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index f952f3e..83a4b1a 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -834,7 +834,7 @@ GnuPG::Interface - Perl interface to GnuPG use IO::Handle; use GnuPG::Interface; - # settting up the situation + # setting up the situation my $gnupg = GnuPG::Interface->new(); $gnupg->options->hash_init( armor => 1, homedir => '/home/foobar' ); -- cgit v1.2.3 From f55869325ab108b79061af5678156229b4a28454 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 10:38:12 -0400 Subject: Generalize the test suite The test suite currently assumes it knows something about the internal state of GnuPG's homedir. It's safer and less brittle to rely explicitly on the public interface that GnuPG has committed to, such as --import-keys and --list-keys, rather than assuming that certain files are in certain places in the GnuPG homedir. It's also better to create a fresh homedir and allow GnuPG to populate it during the test suite, cleaning it up at the end, rather than hope that GnuPG will leave a pre-existing homedir untouched. With this change, many more of the tests pass when /usr/bin/gpg is provided by GnuPG 2.1. Gbp-Pq: Name 0002-Generalize-the-test-suite.patch --- t/000_setup.t | 28 ++++++++++++++++++++++++++++ t/MyTestSpecific.pm | 2 +- t/zzz_cleanup.t | 17 +++++++++++++++++ test/fake-pinentry.pl | 28 ++++++++++++++++++++++++++++ test/gpg.conf | 2 ++ test/options | 2 -- test/secret-keys/1.0.test | 4 ++-- 7 files changed, 78 insertions(+), 5 deletions(-) create mode 100644 t/000_setup.t create mode 100644 t/zzz_cleanup.t create mode 100755 test/fake-pinentry.pl create mode 100644 test/gpg.conf delete mode 100644 test/options diff --git a/t/000_setup.t b/t/000_setup.t new file mode 100644 index 0000000..7f7f7b0 --- /dev/null +++ b/t/000_setup.t @@ -0,0 +1,28 @@ +#!/usr/bin/perl -w + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; +use Cwd; +use File::Path qw (make_path); +use File::Copy; + +TEST +{ + make_path('test/gnupghome', { mode => 0700 }); + my $agentconf = IO::File->new( "> test/gnupghome/gpg-agent.conf" ); + $agentconf->write("pinentry-program " . getcwd() . "/test/fake-pinentry.pl\n"); + $agentconf->close(); + copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); + reset_handles(); + + my $pid = $gnupg->import_keys(command_args => [ 'test/pubring.gpg', 'test/secring.gpg' ], + options => [ 'batch'], + handles => $handles); + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index 053b749..1af98ae 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -40,7 +40,7 @@ use vars qw( @ISA @EXPORT $gnupg = GnuPG::Interface->new( passphrase => 'test' ); -$gnupg->options->hash_init( homedir => 'test', +$gnupg->options->hash_init( homedir => 'test/gnupghome', armor => 1, meta_interactive => 0, meta_signing_key_id => '0xF950DA9C', diff --git a/t/zzz_cleanup.t b/t/zzz_cleanup.t new file mode 100644 index 0000000..5c03a72 --- /dev/null +++ b/t/zzz_cleanup.t @@ -0,0 +1,17 @@ +#!/usr/bin/perl -w + +use strict; +use English qw( -no_match_vars ); + +use lib './t'; +use MyTest; +use MyTestSpecific; +use File::Path qw (remove_tree); + +# this is actually no test, just cleanup. +TEST +{ + my $err = []; + remove_tree('test/gnupghome', {error => \$err}); + return ! @$err; +}; diff --git a/test/fake-pinentry.pl b/test/fake-pinentry.pl new file mode 100755 index 0000000..12d3611 --- /dev/null +++ b/test/fake-pinentry.pl @@ -0,0 +1,28 @@ +#!/usr/bin/perl -w +# Use this for your test suites when a perl interpreter is available. +# +# The encrypted keys in your test suite that you expect to work must +# be locked with a passphrase of "test" +# +# Author: Daniel Kahn Gillmor +# +# License: This trivial work is hereby explicitly placed into the +# public domain. Anyone may reuse it, modify it, redistribute it for +# any purpose. + +use strict; +use warnings; + +# turn off buffering +$| = 1; + +print "OK This is only for test suites, and should never be used in production\n"; +while () { + chomp; + next if (/^$/); + next if (/^#/); + print ("D test\n") if (/^getpin/i); + print "OK\n"; + exit if (/^bye/i); +} +1; diff --git a/test/gpg.conf b/test/gpg.conf new file mode 100644 index 0000000..1f319a6 --- /dev/null +++ b/test/gpg.conf @@ -0,0 +1,2 @@ +no-secmem-warning +armor diff --git a/test/options b/test/options deleted file mode 100644 index 1f319a6..0000000 --- a/test/options +++ /dev/null @@ -1,2 +0,0 @@ -no-secmem-warning -armor diff --git a/test/secret-keys/1.0.test b/test/secret-keys/1.0.test index 5999484..129d472 100644 --- a/test/secret-keys/1.0.test +++ b/test/secret-keys/1.0.test @@ -1,5 +1,5 @@ -test/secring.gpg ----------------- +test/gnupghome/secring.gpg +-------------------------- sec 1024D/F950DA9C 2000-02-06 uid GnuPG test key (for testing purposes only) uid Foo Bar (1) -- cgit v1.2.3 From c036f7548b6b58fd7b917182640509d337cec5f1 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 11:35:31 -0400 Subject: subkey validity of an key when we have established no trust anchors This apparently isn't tested by deep comparisons, though, so it was never caught. Gbp-Pq: Name 0003-subkey-validity-of-an-key-when-we-have-established-n.patch --- t/get_public_keys.t | 2 +- t/get_secret_keys.t | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/t/get_public_keys.t b/t/get_public_keys.t index 53db021..73e320b 100644 --- a/t/get_public_keys.t +++ b/t/get_public_keys.t @@ -175,7 +175,7 @@ TEST ]; my $subkey = GnuPG::SubKey->new - ( validity => 'u', + ( validity => '-', length => 768, algo_num => 16, hex_id => 'ADB99D9C2E854A6B', diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t index 3a1d99f..7bba083 100644 --- a/t/get_secret_keys.t +++ b/t/get_secret_keys.t @@ -48,7 +48,7 @@ TEST my $subkey = GnuPG::SubKey->new - ( validity => 'u', + ( validity => '-', length => 768, algo_num => 16, hex_id => 'ADB99D9C2E854A6B', -- cgit v1.2.3 From dc0e2fb7020ac48c15edbe6ca01643079924dc2a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 11:39:04 -0400 Subject: ensure that test covers all signatures The earlier test wasn't reporting on one of the known self-sigs for the test key for some reason. This change ensures that all known signatures are present. Gbp-Pq: Name 0004-ensure-that-test-covers-all-signatures.patch --- t/get_public_keys.t | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/t/get_public_keys.t b/t/get_public_keys.t index 73e320b..9e96f7d 100644 --- a/t/get_public_keys.t +++ b/t/get_public_keys.t @@ -83,7 +83,17 @@ TEST date_string => '2000-02-06', hex_id => '53AE596EF950DA9C', sig_class => 0x13, - validity => '!')); + validity => '!'), + GnuPG::Signature->new( + date => 1177086329, + algo_num => 17, + is_exportable => 1, + user_id_string => 'GnuPG test key (for testing purposes only)', + date_string => '2007-04-20', + hex_id => '53AE596EF950DA9C', + sig_class => 0x13, + validity => '!'), + ); my $uid1 = GnuPG::UserId->new( as_string => 'Foo Bar (1)', validity => '-'); -- cgit v1.2.3 From 9b53aee8e46cb6f3bcb95d680d354ded5ff224d7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 14:31:38 -0400 Subject: add $gpg_is_modern to test suite MyTestSpecific.pm now produces a new variable indicating whether it the version of GnuPG we run against is from the "Modern" line of GnuPG development (2.1 or later). This will be useful when comparing output that we can't expect from earlier versions. Gbp-Pq: Name 0005-add-gpg_is_modern-to-test-suite.patch --- t/MyTestSpecific.pm | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index 1af98ae..a309698 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -29,17 +29,20 @@ use GnuPG::Handles; use vars qw( @ISA @EXPORT $stdin $stdout $stderr $gpg_program $handles $gnupg - %texts + %texts $gpg_is_modern ); @ISA = qw( Exporter ); @EXPORT = qw( stdin stdout stderr gnupg_program handles reset_handles - texts file_match + texts file_match gpg_is_modern ); $gnupg = GnuPG::Interface->new( passphrase => 'test' ); +my @version = split('\.', $gnupg->version()); +$gpg_is_modern = ($version[0] > 2 || ($version[0] == 2 && $version[1] >= 1)); + $gnupg->options->hash_init( homedir => 'test/gnupghome', armor => 1, meta_interactive => 0, -- cgit v1.2.3 From 248b0443af724cf2577cc8c7b7dd9b1348a74de9 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 14:12:40 -0400 Subject: Modern GnuPG (2.1) reports more detail about secret keys the GnuPG "modern" suite (version 2.1 or later) reports more detail about secret keys than previous versions did. In particular, it reports stored ownertrust, public key data, and designated revokers for secret keys. Older versions only reported those attributes for public keys. This patch adjusts the test suite to ensure that our handmade key matches the produced key when /usr/bin/gpg is supplied by the modern suite. Gbp-Pq: Name 0006-Modern-GnuPG-2.1-reports-more-detail-about-secret-ke.patch --- t/get_secret_keys.t | 66 +++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 54 insertions(+), 12 deletions(-) diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t index 7bba083..c798cce 100644 --- a/t/get_secret_keys.t +++ b/t/get_secret_keys.t @@ -23,16 +23,34 @@ TEST return 0 unless @returned_keys == 1; $given_key = shift @returned_keys; - - $handmade_key = GnuPG::PrimaryKey->new - ( length => 1024, + my $pubkey_data = [ + Math::BigInt->from_hex('0x'. + '88FCAAA5BCDCD52084D46143F44ED1715A339794641158DE03AA2092AFD3174E3DCA2CB7DF2DDC6FEDF7C3620F5A8BDAD06713E6153F8748DD76CB97305F30CBA8F8801DB47FAC11EED725F55672CB9BDAD629178A677CBB089B3E8AE0D9A9AD7741697A35F2868C62D25670994A92D810480173DC24263EEA0F103A43C0B64B'), + Math::BigInt->from_hex('0x'. + '8F2A3842C70FF17660CBB78C78FC93F534AB9A17'), + Math::BigInt->from_hex('0x'. + '83E348C2AA65F56DE84E8FDCE6DA7B0991B1C75EC8CA446FA85869A43350907BFF36BE512385E8E7E095578BB2138C04E318495873218286DE2B8C86F36EA670135434967AC798EBA28581F709F0C6B696EB512D3E561E381A06E4B5239BCC655015F9A926C74E4B859B26EAD604F208A556511A76A40EDCD9C38E6BD82CCCB4'), + Math::BigInt->from_hex('0x'. + '80DE04C85E30C9D62C13F90CFF927A84A5A59D0900B3533D4D6193FEF8C5DAEF9FF8A7D5F76B244FBC17644F50D524E0B19CD3A4B5FC2D78DAECA3FE58FA1C1A64E6C7B96C4EE618173543163A72EF954DFD593E84342699096E9CA76578AC1DE3D893BCCD0BF470CEF625FAF816A0F503EF75C18C6173E35C8675AF919E5704') + ]; + + + my $args = { + length => 1024, algo_num => 17, hex_id => '53AE596EF950DA9C', creation_date => 949813093, creation_date_string => '2000-02-06', - owner_trust => '', # secret keys do not report ownertrust? + owner_trust => '-', usage_flags => 'scaESCA', - ); + pubkey_data => $pubkey_data, + }; + if (!$gpg_is_modern) { + # older versions don't report ownertrust or pubkey_data for secret keys: + delete $args->{pubkey_data}; + $args->{owner_trust} = ''; + } + $handmade_key = GnuPG::PrimaryKey->new($args); $handmade_key->fingerprint ( GnuPG::Fingerprint->new( as_hex_string => @@ -42,20 +60,42 @@ TEST $handmade_key->push_user_ids( GnuPG::UserId->new( as_string => 'GnuPG test key (for testing purposes only)', - validity => ''), # secret keys do not report uid validity? + validity => $args->{owner_trust}), GnuPG::UserId->new( as_string => 'Foo Bar (1)', - validity => '')); # secret keys do not report uid validity? - - - my $subkey = GnuPG::SubKey->new - ( validity => '-', + validity => $args->{owner_trust})); + + my $revoker = GnuPG::Revoker->new + ( algo_num => 17, + class => 0x80, + fingerprint => GnuPG::Fingerprint->new( as_hex_string => + '4F863BBBA8166F0A340F600356FFD10A260C4FA3'), + ); + + my $subkey_pub_data = [ + Math::BigInt->from_hex('0x'. + '8831982DADC4C5D05CBB01D9EAF612131DDC9C24CEA7246557679423FB0BA42F74D10D8E7F5564F6A4FB8837F8DC4A46571C19B122E6DF4B443D15197A6A22688863D0685FADB6E402316DAA9B560D1F915475364580A67E6DF0A727778A5CF3'), + Math::BigInt->from_hex('0x'. + '6'), + Math::BigInt->from_hex('0x'. + '2F3850FF130C6AC9AA0962720E86539626FAA9B67B33A74DFC0DE843FF3E90E43E2F379EE0182D914FA539CCCF5C83A20DB3A7C45E365B8A2A092E799A3DFF4AD8274EB977BAAF5B1AFB2ACB8D6F92454F01682F555565E73E56793C46EF7C3E') + ]; + + my $sub_args = { + validity => '-', length => 768, algo_num => 16, hex_id => 'ADB99D9C2E854A6B', creation_date => 949813119, creation_date_string => '2000-02-06', usage_flags => 'e', - ); + pubkey_data => $subkey_pub_data, + }; + + if (!$gpg_is_modern) { + # older versions do not report pubkey data for secret keys + delete $sub_args->{pubkey_data}; + } + my $subkey = GnuPG::SubKey->new($sub_args); $subkey->fingerprint ( GnuPG::Fingerprint->new( as_hex_string => @@ -64,6 +104,8 @@ TEST ); $handmade_key->push_subkeys( $subkey ); + # older versions do not report designated revokers for secret keys + $handmade_key->push_revokers( $revoker ) if ($gpg_is_modern); $handmade_key->compare( $given_key ); }; -- cgit v1.2.3 From 07855c8e7762268d20542af7e96ec4e6b902c28c Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 14:46:13 -0400 Subject: test suite: match plaintext output across versions of GnuPG The human-readable version of --list-keys is *not* expected to be static over time or as the user's environment changes (e.g. LANG or LC_MESSAGES), so expecting it to be machine-parseable is probably a mistake. That said, some users might want to pull textual information about specific keys to display directly to the user, so it's not a terrible idea to have it in the test suite. Modern GnuPG (2.1 or later) changes the default structure of the human-readable output in a few significant ways: * it writes the path to the keyring as an absolute path, even if $GNUPGHOME is set to a non-absolute path. * it shows the calculated user id validity by default (see show-uid-validity in gpg's --list-options). (note that this is a translated string, so that "unknown" (in the default C locale) becomes "inconnue" when LANG or LC_MESSAGES is set to fr_CH.UTF-8, for example. * it writes the key algorithm names differently (e.g. rsa2048 instead of 2048R) * it does not display the key ID at all by default * it displays the full fingerprint in compact form by default This changeset fixes the test suite so that it can do a rough verification of the human-readable text output by list_secret_keys in the C locale in modern versions of GnuPG, while leaving it working for older GnuPG suites. Gbp-Pq: Name 0007-test-suite-match-plaintext-output-across-versions-of.patch --- t/list_secret_keys.t | 15 +++++++++++++-- test/secret-keys/1.modern.test | 8 ++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) create mode 100644 test/secret-keys/1.modern.test diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t index 1fe9b7e..51e3651 100644 --- a/t/list_secret_keys.t +++ b/t/list_secret_keys.t @@ -16,13 +16,22 @@ TEST { reset_handles(); + $ENV{LC_MESSAGES} = 'C'; my $pid = $gnupg->list_secret_keys( handles => $handles ); close $stdin; $outfile = 'test/secret-keys/1.out'; my $out = IO::File->new( "> $outfile" ) or die "cannot open $outfile for writing: $ERRNO"; - $out->print( <$stdout> ); + while (<$stdout>) { + if ($gpg_is_modern && /^\/.*\/test\/gnupghome\/pubring.kbx$/) { + $out->print("test/gnupghome/pubring.kbx\n"); + } elsif ($gpg_is_modern && /^--*$/) { + $out->print("--------------------------\n"); + } else { + $out->print( $_ ); + } + } close $stdout; $out->close(); waitpid $pid, 0; @@ -33,7 +42,9 @@ TEST TEST { - my @files_to_test = ( 'test/secret-keys/1.0.test' ); + my $suffix = '0'; + $suffix = 'modern' if ($gpg_is_modern); + my @files_to_test = ( 'test/secret-keys/1.'.$suffix.'.test' ); return file_match( $outfile, @files_to_test ); }; diff --git a/test/secret-keys/1.modern.test b/test/secret-keys/1.modern.test new file mode 100644 index 0000000..3e46407 --- /dev/null +++ b/test/secret-keys/1.modern.test @@ -0,0 +1,8 @@ +test/gnupghome/pubring.kbx +-------------------------- +sec dsa1024 2000-02-06 [SCA] + 93AFC4B1B0288A104996B44253AE596EF950DA9C +uid [ unknown] GnuPG test key (for testing purposes only) +uid [ unknown] Foo Bar (1) +ssb elg768 2000-02-06 [E] + -- cgit v1.2.3 From 0c9b4fe4e9485fd815eb4cdfd79f28bd08247f08 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 13 Sep 2016 15:22:27 -0400 Subject: fix test_default_key_passphrase when passphrase comes from agent In the modern GnuPG suite, where the passphrase is always managed by the agent, gpg itself doesn't emit the GOOD_PASSPHRASE status. Instead, if signing is successful it emits plain old SIG_CREATED. There are probably even better ways to test whether a given key is unlocked in this case, but this is a straightforward baseline fix that should get this part of the test suite to pass with all available versions of GnuPG. Gbp-Pq: Name 0008-fix-test_default_key_passphrase-when-passphrase-come.patch --- lib/GnuPG/Interface.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 83a4b1a..1f1e6d5 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -808,7 +808,7 @@ sub test_default_key_passphrase() { # all we realy want to check is the status fh while (<$status>) { - if (/^\[GNUPG:\]\s*GOOD_PASSPHRASE/) { + if (/^\[GNUPG:\]\s*(GOOD_PASSPHRASE|SIG_CREATED)/) { waitpid $pid, 0; return 1; } -- cgit v1.2.3 From 2c3382f8fde782ff31e1771a5f5711e649e6e34b Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 19:52:13 -0400 Subject: clean up trailing whitespace Gbp-Pq: Name 0009-clean-up-trailing-whitespace.patch --- lib/GnuPG/Fingerprint.pm | 2 +- lib/GnuPG/Handles.pm | 2 +- lib/GnuPG/Interface.pm | 16 ++++++++-------- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/GnuPG/Fingerprint.pm b/lib/GnuPG/Fingerprint.pm index fcb1028..81c38a7 100644 --- a/lib/GnuPG/Fingerprint.pm +++ b/lib/GnuPG/Fingerprint.pm @@ -20,7 +20,7 @@ with qw(GnuPG::HashInit); has as_hex_string => ( isa => 'Any', - is => 'rw', + is => 'rw', ); sub compare { diff --git a/lib/GnuPG/Handles.pm b/lib/GnuPG/Handles.pm index b30ca57..3eee0e3 100644 --- a/lib/GnuPG/Handles.pm +++ b/lib/GnuPG/Handles.pm @@ -73,7 +73,7 @@ GnuPG::Handles - GnuPG handles bundle = ( IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), IO::Handle->new(), ); - + my $handles = GnuPG::Handles->new ( stdin => $stdin, stdout => $stdout, diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 1f1e6d5..19e8070 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -833,7 +833,7 @@ GnuPG::Interface - Perl interface to GnuPG # A simple example use IO::Handle; use GnuPG::Interface; - + # setting up the situation my $gnupg = GnuPG::Interface->new(); $gnupg->options->hash_init( armor => 1, @@ -852,7 +852,7 @@ GnuPG::Interface - Perl interface to GnuPG # Now we'll go about encrypting with the options already set my @plaintext = ( 'foobar' ); my $pid = $gnupg->encrypt( handles => $handles ); - + # Now we write to the input of GnuPG print $input @plaintext; close $input; @@ -1144,7 +1144,7 @@ The following setup can be done before any of the following examples: my $handles = GnuPG::Handles->new( stdin => $input, stdout => $output ); - + # this sets up the communication # Note that the recipients were specified earlier # in the 'options' data member of the $gnupg object. @@ -1220,7 +1220,7 @@ The following setup can be done before any of the following examples: # a file written to disk # Make sure you "use IO::File" if you use this module! my $cipher_file = IO::File->new( 'encrypted.gpg' ); - + # this sets up the communication my $pid = $gnupg->decrypt( handles => $handles ); @@ -1252,7 +1252,7 @@ The following setup can be done before any of the following examples: # This time we'll just let GnuPG print to our own output # and read from our input, because no input is needed! my $handles = GnuPG::Handles->new(); - + my @ids = ( 'ftobin', '0xABCD1234' ); # this time we need to specify something for @@ -1260,7 +1260,7 @@ The following setup can be done before any of the following examples: # search ids as arguments my $pid = $gnupg->list_public_keys( handles => $handles, command_args => [ @ids ] ); - + waitpid $pid, 0; =head2 Creating GnuPG::PublicKey Objects @@ -1280,7 +1280,7 @@ The following setup can be done before any of the following examples: command_args => [ qw( test/key.1.asc ) ], handles => $handles, ); - + my @out = <$handles->stdout()>; waitpid $pid, 0; @@ -1357,7 +1357,7 @@ under the same terms as Perl itself. =head1 AUTHOR -GnuPg::Interface is currently maintained by Jesse Vincent . +GnuPg::Interface is currently maintained by Jesse Vincent . Frank J. Tobin, ftobin@cpan.org was the original author of the package. -- cgit v1.2.3 From 72f252673e5b196ae760e11400dc29cbbfcb4020 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 19:52:58 -0400 Subject: fix capitalization of GnuPG Gbp-Pq: Name 0010-fix-capitalization-of-GnuPG.patch --- README | 2 +- lib/GnuPG/Interface.pm | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README b/README index f457577..aa7c984 100644 --- a/README +++ b/README @@ -427,7 +427,7 @@ LICENSE under the same terms as Perl itself. AUTHOR - GnuPg::Interface is currently maintained by Jesse Vincent + GnuPG::Interface is currently maintained by Jesse Vincent . Frank J. Tobin, ftobin@cpan.org was the original author of the package. diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 19e8070..cf7138f 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -1357,7 +1357,7 @@ under the same terms as Perl itself. =head1 AUTHOR -GnuPg::Interface is currently maintained by Jesse Vincent . +GnuPG::Interface is currently maintained by Jesse Vincent . Frank J. Tobin, ftobin@cpan.org was the original author of the package. -- cgit v1.2.3 From 673267d75b85d559ae0081b08eff5eb6b05a8950 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 19:57:10 -0400 Subject: ommand_args should be command_args Gbp-Pq: Name 0011-ommand_args-should-be-command_args.patch --- t/list_public_keys.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/t/list_public_keys.t b/t/list_public_keys.t index 7e563c1..a36a78b 100644 --- a/t/list_public_keys.t +++ b/t/list_public_keys.t @@ -38,7 +38,7 @@ TEST reset_handles(); my $pid = $gnupg->list_public_keys( handles => $handles, - ommand_args => '0xF950DA9C' + command_args => '0xF950DA9C' ); close $stdin; -- cgit v1.2.3 From 1cab7dc2bf4980e4823bbd446a4dc22b2a9d8d83 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 20:05:16 -0400 Subject: use fingerprints as inputs during tests to demonstrate explicit usage Gbp-Pq: Name 0012-use-fingerprints-as-inputs-during-tests-to-demonstra.patch --- README | 6 +++--- lib/GnuPG/Interface.pm | 6 +++--- lib/GnuPG/Options.pm | 2 +- t/MyTestSpecific.pm | 2 +- t/encrypt.t | 6 +++--- t/export_keys.t | 4 ++-- t/get_public_keys.t | 2 +- t/get_secret_keys.t | 2 +- t/list_public_keys.t | 4 ++-- t/list_secret_keys.t | 4 ++-- t/list_sigs.t | 4 ++-- t/sign_and_encrypt.t | 2 +- 12 files changed, 22 insertions(+), 22 deletions(-) diff --git a/README b/README index aa7c984..ed94ede 100644 --- a/README +++ b/README @@ -228,7 +228,7 @@ EXAMPLES $gnupg->options->hash_init( armor => 1, recipients => [ 'ftobin@uiuc.edu', - '0xABCD1234' ], + '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ], meta_interactive => 0 , ); @@ -347,7 +347,7 @@ EXAMPLES # and read from our input, because no input is needed! my $handles = GnuPG::Handles->new(); - my @ids = ( 'ftobin', '0xABCD1234' ); + my @ids = ( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); # this time we need to specify something for # command_args because --list-public-keys takes @@ -358,7 +358,7 @@ EXAMPLES waitpid $pid, 0; Creating GnuPG::PublicKey Objects - my @ids = [ 'ftobin', '0xABCD1234' ]; + my @ids = [ 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ]; my @keys = $gnupg->get_public_keys( @ids ); diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index cf7138f..6eaef7d 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -1130,7 +1130,7 @@ The following setup can be done before any of the following examples: $gnupg->options->hash_init( armor => 1, recipients => [ 'ftobin@uiuc.edu', - '0xABCD1234' ], + '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ], meta_interactive => 0 , ); @@ -1253,7 +1253,7 @@ The following setup can be done before any of the following examples: # and read from our input, because no input is needed! my $handles = GnuPG::Handles->new(); - my @ids = ( 'ftobin', '0xABCD1234' ); + my @ids = ( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); # this time we need to specify something for # command_args because --list-public-keys takes @@ -1265,7 +1265,7 @@ The following setup can be done before any of the following examples: =head2 Creating GnuPG::PublicKey Objects - my @ids = [ 'ftobin', '0xABCD1234' ]; + my @ids = [ 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ]; my @keys = $gnupg->get_public_keys( @ids ); diff --git a/lib/GnuPG/Options.pm b/lib/GnuPG/Options.pm index 86261a0..7788662 100644 --- a/lib/GnuPG/Options.pm +++ b/lib/GnuPG/Options.pm @@ -198,7 +198,7 @@ GnuPG::Options - GnuPG options embodiment # assuming $gnupg is a GnuPG::Interface object $gnupg->options->armor( 1 ); - $gnupg->options->push_recipients( 'ftobin', '0xABCD1234' ); + $gnupg->options->push_recipients( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); =head1 DESCRIPTION diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index a309698..c8764cc 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -46,7 +46,7 @@ $gpg_is_modern = ($version[0] > 2 || ($version[0] == 2 && $version[1] >= 1)); $gnupg->options->hash_init( homedir => 'test/gnupghome', armor => 1, meta_interactive => 0, - meta_signing_key_id => '0xF950DA9C', + meta_signing_key_id => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', always_trust => 1, ); diff --git a/t/encrypt.t b/t/encrypt.t index 3183ac4..e6bdc08 100644 --- a/t/encrypt.t +++ b/t/encrypt.t @@ -27,7 +27,7 @@ TEST $gnupg->options->clear_recipients(); $gnupg->options->clear_meta_recipients_keys(); - $gnupg->options->push_recipients( '0x2E854A6B' ); + $gnupg->options->push_recipients( '0x7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' ); my $pid = $gnupg->encrypt( handles => $handles ); @@ -43,7 +43,7 @@ TEST { reset_handles(); - my @keys = $gnupg->get_public_keys( '0xF950DA9C' ); + my @keys = $gnupg->get_public_keys( '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); $gnupg->options->clear_recipients(); $gnupg->options->clear_meta_recipients_keys(); $gnupg->options->push_meta_recipients_keys( @keys ); @@ -64,7 +64,7 @@ TEST $gnupg->options->clear_recipients(); $gnupg->options->clear_meta_recipients_keys(); - $gnupg->options->push_recipients( '0x2E854A6B' ); + $gnupg->options->push_recipients( '0x7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' ); $handles->stdin( $texts{plain}->fh() ); $handles->options( 'stdin' )->{direct} = 1; diff --git a/t/export_keys.t b/t/export_keys.t index cf5c82b..5add064 100644 --- a/t/export_keys.t +++ b/t/export_keys.t @@ -15,7 +15,7 @@ TEST reset_handles(); my $pid = $gnupg->export_keys( handles => $handles, - command_args => '0xF950DA9C' ); + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); close $stdin; waitpid $pid, 0; @@ -31,7 +31,7 @@ TEST $handles->options( 'stdout' )->{direct} = 1; my $pid = $gnupg->export_keys( handles => $handles, - command_args => '0xF950DA9C' ); + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); waitpid $pid, 0; return $CHILD_ERROR == 0; }; diff --git a/t/get_public_keys.t b/t/get_public_keys.t index 9e96f7d..7893625 100644 --- a/t/get_public_keys.t +++ b/t/get_public_keys.t @@ -19,7 +19,7 @@ TEST { reset_handles(); - my @returned_keys = $gnupg->get_public_keys_with_sigs( '0xF950DA9C' ); + my @returned_keys = $gnupg->get_public_keys_with_sigs( '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); return 0 unless @returned_keys == 1; diff --git a/t/get_secret_keys.t b/t/get_secret_keys.t index c798cce..a7f1348 100644 --- a/t/get_secret_keys.t +++ b/t/get_secret_keys.t @@ -18,7 +18,7 @@ TEST { reset_handles(); - my @returned_keys = $gnupg->get_secret_keys( '0xF950DA9C' ); + my @returned_keys = $gnupg->get_secret_keys( '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); return 0 unless @returned_keys == 1; diff --git a/t/list_public_keys.t b/t/list_public_keys.t index a36a78b..622b092 100644 --- a/t/list_public_keys.t +++ b/t/list_public_keys.t @@ -38,7 +38,7 @@ TEST reset_handles(); my $pid = $gnupg->list_public_keys( handles => $handles, - command_args => '0xF950DA9C' + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); close $stdin; @@ -64,7 +64,7 @@ TEST $handles->options( 'stdout' )->{direct} = 1; my $pid = $gnupg->list_public_keys( handles => $handles, - command_args => '0xF950DA9C', + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', ); waitpid $pid, 0; diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t index 51e3651..7040c38 100644 --- a/t/list_secret_keys.t +++ b/t/list_secret_keys.t @@ -55,7 +55,7 @@ TEST reset_handles(); my $pid = $gnupg->list_secret_keys( handles => $handles, - command_args => '0xF950DA9C' ); + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); close $stdin; $outfile = 'test/secret-keys/2.out'; @@ -80,7 +80,7 @@ TEST $handles->options( 'stdout' )->{direct} = 1; my $pid = $gnupg->list_secret_keys( handles => $handles, - command_args => '0xF950DA9C' ); + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C' ); waitpid $pid, 0; diff --git a/t/list_sigs.t b/t/list_sigs.t index 16cfa6a..1301fb2 100644 --- a/t/list_sigs.t +++ b/t/list_sigs.t @@ -36,7 +36,7 @@ TEST reset_handles(); my $pid = $gnupg->list_sigs( handles => $handles, - command_args => '0xF950DA9C', + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', ); close $stdin; @@ -60,7 +60,7 @@ TEST $handles->options( 'stdout' )->{direct} = 1; my $pid = $gnupg->list_sigs( handles => $handles, - command_args => '0xF950DA9C', + command_args => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', ); waitpid $pid, 0; diff --git a/t/sign_and_encrypt.t b/t/sign_and_encrypt.t index 5dc1c08..df0fc75 100644 --- a/t/sign_and_encrypt.t +++ b/t/sign_and_encrypt.t @@ -14,7 +14,7 @@ TEST { reset_handles(); - $gnupg->options->push_recipients( '0x2E854A6B' ); + $gnupg->options->push_recipients( '0x7466B7E98C4CCB64C2CE738BADB99D9C2E854A6B' ); my $pid = $gnupg->sign_and_encrypt( handles => $handles ); print $stdin @{ $texts{plain}->data() }; -- cgit v1.2.3 From bc8d99226f40f40e6a41b21a0249b05367c31783 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 20:17:49 -0400 Subject: move key files to generic names Gbp-Pq: Name 0013-move-key-files-to-generic-names.patch --- t/000_setup.t | 2 +- test/public_keys.pgp | Bin 0 -> 3418 bytes test/pubring.gpg | Bin 3418 -> 0 bytes test/secret_keys.pgp | Bin 0 -> 1241 bytes test/secring.gpg | Bin 1241 -> 0 bytes 5 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 test/public_keys.pgp delete mode 100644 test/pubring.gpg create mode 100644 test/secret_keys.pgp delete mode 100644 test/secring.gpg diff --git a/t/000_setup.t b/t/000_setup.t index 7f7f7b0..a8e3042 100644 --- a/t/000_setup.t +++ b/t/000_setup.t @@ -19,7 +19,7 @@ TEST copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); reset_handles(); - my $pid = $gnupg->import_keys(command_args => [ 'test/pubring.gpg', 'test/secring.gpg' ], + my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp' ], options => [ 'batch'], handles => $handles); waitpid $pid, 0; diff --git a/test/public_keys.pgp b/test/public_keys.pgp new file mode 100644 index 0000000..60b008a Binary files /dev/null and b/test/public_keys.pgp differ diff --git a/test/pubring.gpg b/test/pubring.gpg deleted file mode 100644 index 60b008a..0000000 Binary files a/test/pubring.gpg and /dev/null differ diff --git a/test/secret_keys.pgp b/test/secret_keys.pgp new file mode 100644 index 0000000..aa34674 Binary files /dev/null and b/test/secret_keys.pgp differ diff --git a/test/secring.gpg b/test/secring.gpg deleted file mode 100644 index aa34674..0000000 Binary files a/test/secring.gpg and /dev/null differ -- cgit v1.2.3 From fccf720869a77776cd874578ab74831c80b25fe6 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 20:25:48 -0400 Subject: fix spelling: s/convience/convenience/ Gbp-Pq: Name 0014-fix-spelling-s-convience-convenience.patch --- README | 4 ++-- lib/GnuPG/Interface.pm | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README b/README index ed94ede..a05ef9b 100644 --- a/README +++ b/README @@ -143,7 +143,7 @@ OBJECT METHODS does not come into play. If the passphrase data member handle of the handles object is not defined, but the the passphrase data member handle of GnuPG::Interface object is, GnuPG::Interface will handle - passing this information into GnuPG for the user as a convience. + passing this information into GnuPG for the user as a convenience. Note that this will result in GnuPG::Interface storing the passphrase in memory, instead of having it simply 'pass-through' to GnuPG via a handle. @@ -271,7 +271,7 @@ EXAMPLES ); # indicate our pasphrase through the - # convience method + # convenience method $gnupg->passphrase( $passphrase ); # this sets up the communication diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 6eaef7d..29205f0 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -1008,7 +1008,7 @@ and so this information is not generated and does not come into play. If the B data member handle of the B object is not defined, but the the B data member handle of GnuPG::Interface object is, GnuPG::Interface will handle passing this information into GnuPG -for the user as a convience. Note that this will result in +for the user as a convenience. Note that this will result in GnuPG::Interface storing the passphrase in memory, instead of having it simply 'pass-through' to GnuPG via a handle. @@ -1175,7 +1175,7 @@ The following setup can be done before any of the following examples: ); # indicate our pasphrase through the - # convience method + # convenience method $gnupg->passphrase( $passphrase ); # this sets up the communication -- cgit v1.2.3 From 12ac9a03ee22dc3408abc5597982ed8309df26e0 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 20:59:43 -0400 Subject: added new secret key with different passphrase Adding a new secret key with a different passphrase should allow us to differentiate between passing the passphrase explicitly and relying on the agent + pinentry. Gbp-Pq: Name 0015-added-new-secret-key-with-different-passphrase.patch --- t/000_setup.t | 2 +- test/new_secret.pgp | 58 ++++++++++++++++++++++++++++++++++++++++++ test/secret-keys/1.0.test | 4 +++ test/secret-keys/1.modern.test | 5 ++++ 4 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 test/new_secret.pgp diff --git a/t/000_setup.t b/t/000_setup.t index a8e3042..b183241 100644 --- a/t/000_setup.t +++ b/t/000_setup.t @@ -19,7 +19,7 @@ TEST copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); reset_handles(); - my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp' ], + my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp', 'test/new_secret.pgp' ], options => [ 'batch'], handles => $handles); waitpid $pid, 0; diff --git a/test/new_secret.pgp b/test/new_secret.pgp new file mode 100644 index 0000000..5feb72c --- /dev/null +++ b/test/new_secret.pgp @@ -0,0 +1,58 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQPGBFf9iNIBCACZGF36JFTAggUJK85gweUquqh0kvVQICUtyiHXFXBBPzCK+RWL +oc5yeOfILHH7FfOztwPH1oJ7SWQtOgpuoiMHPtF7ne+MYevMf9jTYb/xCT0yZID5 +/ieoHwUQQPiowxGewOww23RLQ1Cf46nqGBUD+fsWwT2Eq6ojLp/H72h+2lQ1ZCWd +Q/9MSQQgDo5tWptokFGmLBKCS59pYMBaLbKSj7lFa/ekPm9zhcdmmLrLHCS9rIUP +VKlWAg02MVmMB4fYm9nbtuwYHWvbDFYzpVr2WNlRZlPy0Y46ahxFbFwhtmOJAgT1 +tgaQtDXo3kXRXngYZstDfe61Hqmc44j1vJ4VABEBAAH+BwMCnvb4v9vnhhzmdZdJ +EzK3ikXYQp3PcOMDlRE5qtBmXhOJXH2tdEmXjegjWGA501eeoks0VnpBba2m4B36 +Z37fjpOEi4QOuTn6emVwijJZgmmTAC7JHNzAW+IsiRvk/2907UZCwa/1UQpC0bik +pHTZx+yKp33vGbkbCkKgHFQoHcS9D1by0WOkaLSlcE9CUCKb5LCe2Q1KDwZGrg60 +4WUvg9eM2eatixAyOJEoRONlXDcQnUhSnG5+TUPNhVVWIaM/tPAgYmBG5oCSJ/N0 +ls8cXoOVup/itBHo2Bfn+nyh0OAWdgdVmB0rPYUCLJV0FiQx5tB59OHmA3Naokj5 +rvumyklCg314NnkEXrbPq7kKbX0X8UPoXdzAmalb4++OhgzEwd3NkWxvFSxKkQAt +XAU5i9XNHJXLwATAMlEaXMBmfcpjyIx4WpBUSmYMTjh0Nu5ee+kGvMY9fUxOKbet +IS9agFSMwVNRsX91+pKtBCQc7Je5tIrLhC8Hbvotn0GA8iFgu6LBqkrUO9Rh30Xs +vzz3oXm7WgHbL30m9h+rJ2dmPZOwmW/0zRUec/7alizx0T4sLx7T0qUPUxeEjkeU +JWtqfrcXEc3xIR9r5S2xqsUSKx6h1UhHMeMtQaDBgeH/Syq7a2gnkNoY84xxojGj +lGkis5PF3xFpYqvjY0thyPFNxQguRlqktN8gNB+V1dShbCpNI9bDzv4pzvogEiM0 +EM/xvJSCkARCe6nqOugWV8j5f3+9tuyREqcidHq+PR+USoNYdUWQO14kPY6e62wO +lC5B4G7TDQtigCfOyEOiPXYC/qnC8sPVR2u5bCYm2YJT7L+rYRLSN+628qz7BwH3 +9XtpnRtBFWpjI5qjn4uMM42e3k5UVB/r4GyrLXhEuO8D81TVzRQhjiqLweguk73h +VDjEd0yachHbtCxHbnVQRzo6SW50ZXJmYWNlIFRlc3Qga2V5IDx0ZXN0QGV4YW1w +bGUub3JnPokBNwQTAQgAIQUCV/2I0gIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIX +gAAKCRAbkTzptnR93EZkB/9groVsVMBJtGP1GSFMg2Q9loyijXT2P6hCbUTS4YMz +O4jQPB8UQ39XIhyWo7hVGsXeA777+7VTto7q0CG9Ph7FTGKK8W2AnzTUKNdXAC6h +qIc+ymvlm71GxhkKFR0vDbFg6CLJ/MX/x1Bd0TKh4RZtgOqX6A7Pzw/AI7f2YJcJ +BKPT+/q/F/Wp1r+mxZ5pxUvYm643GVzdnbtuoqgBLng/3n1zjIz+oIz6RGBjzHni +3TUTKe//ewn1lIdTxPdUZA9G4vTE5dCnM4MHTxQSXA+aUexuONswQhiANtfVCW8c +sf9MQpkQ/Vqv9hfeYwH4pJ8IPK1No9F0a0fvnq2JaX4gnQPGBFf9iNIBCADEQ6HK +s5tWN2Ph/3A6D0A2nSc6m1Mh/AXhdptka0aPhhVgspCmQ1lJP/Kdf6AnlCi6u1G7 +QXvGX8OtbKNosLi91nIqvNwckUOvXrLcAk/epkmidopOuHUZhE+1UaLKs7UssBOe +TQTtADdl2786E3qbtaNrjDTvbNesU1DEZjNoBWfKYHZYv2wCF170Lwzp7NJhAueO +bTwfUO8EusST6d1NYB0zFxbBi60/hJHCfcAuaSn00jFQ+kj8m7jXCgcyB+1+25d2 +gpPbs19S4pi9f7eQflhglm0wB13C6yl+YgwVZQxU/fU70jgSYhkXNPx5bEN3WGkg +4hnP53hrsI4p3se1ABEBAAH+BwMCAppvwSTp9Y/mu317D14a9k6m/zC2LrzPx6dl +P3GtDJUCs1CVH/wXsUxLY4hAgS188xPhNLuIWuXwQ7qX7E8kanxgPqeK7NTAPKxH +CEqJPevFRBtftHq3zqZZF9CHXulDO3KkWxIHANMclq+zcUotrc4GXIxeYjewXv9p +tzKEjlt27Q00VvwRM7JVxBlC3xJvKXf6zyRoUt2/Clq+CFkb2s+dAzCI52o7tlB9 +El84sTIlJr0+b6+GcwrKonS8HcGUECfYmSiIiNmxlkJ/4OabDlDYlzvmCYv2pMjc +Bif70Dowb8TBD/iTFLPY2lkhqBFi3Bcqc51MVecaQk3rRbVyOqhvGaRE084/LmkN +gkE6vQKRSbzRmYwyKC/QUKOW5qbl5Jf3lrjVeM5tEnvJeRCfZEokKjIZul4nX4dK +zxH+l+sCUA+RnEeGB2y1yhnPkP4dYHEb8iMLINqXQd18FpBFSs9yv9tFWJhdblUK +SiS8DXmuoZI2Mk8yMZ0j0bi8mu9eh52dqYgBGD7TgjP5vpYU/zbtpNgMP0Zvne1X +gig6NKK1+3VAZaiOvYUUHZERJGp/eggTtF66cD/0EHJjoZ/0pAciEvWYUyXWVBdj +eVWBZE/RVOwrTMBVtrxQsPJ3sfeGlLt21IZYKathTZ/dn5PSlU+i4f9VyC/hHd8S +xouQU3nB//ihbrR65YH5E53e8+jPaRtFvLbcqmY8YftV0y/5BZwduZoxcOtxD3A0 +J/2GVpUhs3WngCksdUAEbrEXzKKSOC7b4KDw2sTIT5xHra4CBK5L5N85ny8tG7A6 +wmTt+6PHo51gx/W/0jiMB3rEiGoTZ86uWLaGv5SgqLP49euCIEXNKK9srFK3o7QE +04upH9zOXR8ytvPOLy/K5zT6YH2eyNs19sWfjAfP/bxhnrDYajsZ2WKZiQEfBBgB +CAAJBQJX/YjSAhsMAAoJEBuRPOm2dH3c+6kH+wWoEqTlPdPLZcTN8I5a6HHD0Ul8 +7xt3OtiRFoMD2M+zgLvImaj8AULap4w/0G+J+7PCUER8JhcePSzLbizfpTczbDP2 +E1LhEM8IBE6GT8yL8VB9AL1xW+hXIi5sWW/f900deOhoh7ikrP7KxT0c8zQjaaqV +n6bio93CvZ3yBqMO20apwWDyiSoBpXVjLrW00BdL8i9Rsf6v5UwIIy9o7pfjK5zo +mAZM2dKzlp9z4q5P6yE4aXI0bHz+XvG7hdpkHmjG5A+EQCnN2qoDNIA4QiRhH8TQ +aTaj4AlCiCAV2hEelPYve5QKccAsfC//qr+FMF+0bhZa05X2afxLYtku0Ms= +=ftgB +-----END PGP PRIVATE KEY BLOCK----- diff --git a/test/secret-keys/1.0.test b/test/secret-keys/1.0.test index 129d472..f8239a9 100644 --- a/test/secret-keys/1.0.test +++ b/test/secret-keys/1.0.test @@ -5,3 +5,7 @@ uid GnuPG test key (for testing purposes only) uid Foo Bar (1) ssb 768g/2E854A6B 2000-02-06 +sec 2048R/B6747DDC 2016-10-12 +uid GnuPG::Interface Test key +ssb 2048R/AE441D0F 2016-10-12 + diff --git a/test/secret-keys/1.modern.test b/test/secret-keys/1.modern.test index 3e46407..42b27a1 100644 --- a/test/secret-keys/1.modern.test +++ b/test/secret-keys/1.modern.test @@ -6,3 +6,8 @@ uid [ unknown] GnuPG test key (for testing purposes only) uid [ unknown] Foo Bar (1) ssb elg768 2000-02-06 [E] +sec rsa2048 2016-10-12 [SC] + 278F850AA702911F1318F0A61B913CE9B6747DDC +uid [ unknown] GnuPG::Interface Test key +ssb rsa2048 2016-10-12 [E] + -- cgit v1.2.3 From dadbe2db0c51ff918dcfeb9802cad2739c1f3a70 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 11 Oct 2016 21:29:22 -0400 Subject: Test use of gpg without explicit passphrase (agent+pinentry) The modern GnuPG suite encourages the use of gpg-agent to control access to secret key material. In this use case, we avoid setting an explicit passphrase in code, and rely on either a correctly-configured and primed gpg-agent or a dedicated pinentry program to supply the passphrase. This additional test verifies that the passphrase can be handled by the agent. Note that the passphrase for this additional test key is *not* the default passphrase, so this test should fail in the event that gpg can't use the agent and the pinentry for this task. Unfortunately, this all assumes that we're using GnuPG "Modern". I've noted concerns about writing forward- and backward-compatible bindings for GnuPG here: https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html Gbp-Pq: Name 0016-Test-use-of-gpg-without-explicit-passphrase-agent-pi.patch --- README | 41 +++++++++++++++++++++++++++-------------- lib/GnuPG/Interface.pm | 26 +++++++++++++++++++++++++- t/MyTestSpecific.pm | 10 ++++++++-- t/decrypt.t | 27 +++++++++++++++++++++++++++ test/encrypted.2.gpg | 12 ++++++++++++ test/fake-pinentry.pl | 2 +- test/plain.2.txt | 1 + 7 files changed, 101 insertions(+), 18 deletions(-) create mode 100644 test/encrypted.2.gpg create mode 100644 test/plain.2.txt diff --git a/README b/README index a05ef9b..be06ef3 100644 --- a/README +++ b/README @@ -5,7 +5,7 @@ SYNOPSIS # A simple example use IO::Handle; use GnuPG::Interface; - + # setting up the situation my $gnupg = GnuPG::Interface->new(); $gnupg->options->hash_init( armor => 1, @@ -24,7 +24,7 @@ SYNOPSIS # Now we'll go about encrypting with the options already set my @plaintext = ( 'foobar' ); my $pid = $gnupg->encrypt( handles => $handles ); - + # Now we write to the input of GnuPG print $input @plaintext; close $input; @@ -140,13 +140,26 @@ OBJECT METHODS standard error, standard output, or standard error. If the status or logger handle is not defined, this channel of communication is never established with GnuPG, and so this information is not generated and - does not come into play. If the passphrase data member handle of the - handles object is not defined, but the the passphrase data member - handle of GnuPG::Interface object is, GnuPG::Interface will handle - passing this information into GnuPG for the user as a convenience. - Note that this will result in GnuPG::Interface storing the - passphrase in memory, instead of having it simply 'pass-through' to - GnuPG via a handle. + does not come into play. + + If the passphrase data member handle of the handles object is not + defined, but the the passphrase data member handle of + GnuPG::Interface object is, GnuPG::Interface will handle passing + this information into GnuPG for the user as a convenience. Note that + this will result in GnuPG::Interface storing the passphrase in + memory, instead of having it simply 'pass-through' to GnuPG via a + handle. + + If neither the passphrase data member of the GnuPG::Interface nor + the passphrase data member of the handles object is defined, then + GnuPG::Interface assumes that access and control over the secret key + will be handled by the running gpg-agent process. This represents + the simplest mode of operation with the GnuPG "modern" suite + (version 2.1 and later). It is also the preferred mode for tools + intended to be user-facing, since the user will be prompted directly + by gpg-agent for use of the secret key material. Note that for + programmatic use, this mode requires the gpg-agent and pinentry to + already be correctly configured. Other Methods get_public_keys( @search_strings ) @@ -241,7 +254,7 @@ EXAMPLES my $handles = GnuPG::Handles->new( stdin => $input, stdout => $output ); - + # this sets up the communication # Note that the recipients were specified earlier # in the 'options' data member of the $gnupg object. @@ -315,7 +328,7 @@ EXAMPLES # a file written to disk # Make sure you "use IO::File" if you use this module! my $cipher_file = IO::File->new( 'encrypted.gpg' ); - + # this sets up the communication my $pid = $gnupg->decrypt( handles => $handles ); @@ -346,7 +359,7 @@ EXAMPLES # This time we'll just let GnuPG print to our own output # and read from our input, because no input is needed! my $handles = GnuPG::Handles->new(); - + my @ids = ( 'ftobin', '0xABCD1234ABCD1234ABCD1234ABCD1234ABCD1234' ); # this time we need to specify something for @@ -354,7 +367,7 @@ EXAMPLES # search ids as arguments my $pid = $gnupg->list_public_keys( handles => $handles, command_args => [ @ids ] ); - + waitpid $pid, 0; Creating GnuPG::PublicKey Objects @@ -372,7 +385,7 @@ EXAMPLES command_args => [ qw( test/key.1.asc ) ], handles => $handles, ); - + my @out = <$handles->stdout()>; waitpid $pid, 0; diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 29205f0..5d8b0ec 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -106,6 +106,14 @@ sub fork_attach_exec( $% ) { my ( $self, %args ) = @_; my $handles = $args{handles} or croak 'no GnuPG::Handles passed'; + my $use_loopback_pinentry = 0; + + # WARNING: this assumes that we're using the "modern" GnuPG suite + # -- version 2.1.x or later. It's not clear to me how we can + # safely and efficiently avoid this assumption (see + # https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html) + $use_loopback_pinentry = 1 + if ($handles->passphrase()); # deprecation support $args{commands} ||= $args{gnupg_commands}; @@ -293,8 +301,12 @@ sub fork_attach_exec( $% ) { $self->options->$option($fileno); } + my @args = $self->options->get_args(); + push @args, '--pinentry-mode', 'loopback' + if $use_loopback_pinentry; + my @command = ( - $self->call(), $self->options->get_args(), + $self->call(), @args, @commands, @command_args ); @@ -1005,6 +1017,7 @@ and standard error will be tied to the running program's standard error, standard output, or standard error. If the B or B handle is not defined, this channel of communication is never established with GnuPG, and so this information is not generated and does not come into play. + If the B data member handle of the B object is not defined, but the the B data member handle of GnuPG::Interface object is, GnuPG::Interface will handle passing this information into GnuPG @@ -1012,6 +1025,17 @@ for the user as a convenience. Note that this will result in GnuPG::Interface storing the passphrase in memory, instead of having it simply 'pass-through' to GnuPG via a handle. +If neither the B data member of the GnuPG::Interface nor +the B data member of the B object is defined, +then GnuPG::Interface assumes that access and control over the secret +key will be handled by the running gpg-agent process. This represents +the simplest mode of operation with the GnuPG "modern" suite (version +2.1 and later). It is also the preferred mode for tools intended to +be user-facing, since the user will be prompted directly by gpg-agent +for use of the secret key material. Note that for programmatic use, +this mode requires the gpg-agent and pinentry to already be correctly +configured. + =back =head2 Other Methods diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index c8764cc..e513c25 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -55,9 +55,15 @@ struct( Text => { fn => "\$", fh => "\$", data => "\$" } ); $texts{plain} = Text->new(); $texts{plain}->fn( 'test/plain.1.txt' ); +$texts{alt_plain} = Text->new(); +$texts{alt_plain}->fn( 'test/plain.2.txt' ); + $texts{encrypted} = Text->new(); $texts{encrypted}->fn( 'test/encrypted.1.gpg' ); +$texts{alt_encrypted} = Text->new(); +$texts{alt_encrypted}->fn( 'test/encrypted.2.gpg' ); + $texts{signed} = Text->new(); $texts{signed}->fn( 'test/signed.1.asc' ); @@ -68,7 +74,7 @@ $texts{temp} = Text->new(); $texts{temp}->fn( 'test/temp' ); -foreach my $name ( qw( plain encrypted signed key ) ) +foreach my $name ( qw( plain alt_plain encrypted alt_encrypted signed key ) ) { my $entry = $texts{$name}; my $filename = $entry->fn(); @@ -90,7 +96,7 @@ sub reset_handles stderr => $stderr ); - foreach my $name ( qw( plain encrypted signed key ) ) + foreach my $name ( qw( plain alt_plain encrypted alt_encrypted signed key ) ) { my $entry = $texts{$name}; my $filename = $entry->fn(); diff --git a/t/decrypt.t b/t/decrypt.t index b2639ed..ee41448 100644 --- a/t/decrypt.t +++ b/t/decrypt.t @@ -58,3 +58,30 @@ TEST { return compare( $texts{plain}->fn(), $texts{temp}->fn() ) == 0; }; + + +# test without default_passphrase (that is, by using the agent) +TEST +{ + reset_handles(); + + $handles->stdin( $texts{alt_encrypted}->fh() ); + $handles->options( 'stdin' )->{direct} = 1; + + $handles->stdout( $texts{temp}->fh() ); + $handles->options( 'stdout' )->{direct} = 1; + + $gnupg->clear_passphrase(); + + my $pid = $gnupg->decrypt( handles => $handles ); + + waitpid $pid, 0; + + return $CHILD_ERROR == 0; +}; + + +TEST +{ + return compare( $texts{alt_plain}->fn(), $texts{temp}->fn() ) == 0; +}; diff --git a/test/encrypted.2.gpg b/test/encrypted.2.gpg new file mode 100644 index 0000000..105cbb3 --- /dev/null +++ b/test/encrypted.2.gpg @@ -0,0 +1,12 @@ +-----BEGIN PGP MESSAGE----- + +hQEMAw3NS2KuRB0PAQgAuCMQO6blPRIJZib+kDa51gac+BYPl8caXYTLqIHtiz2/ +YRVqePJON4lNAqT6qUksIzQHtejFO6tb1SLqgX9Ti+fKAMLrQw9VGOYaJFoRrTJs ++X33S4GHVVikRTu0dydAsekbfPSc2nRmTFUlSEV3psgAmg9xy8KA6cZroK9Xfcuh +xW7KLE0hLP+2NZ7zNmJMdu6LDGzvlQsnm1UeElXK8XdMGf8kA3R+GgeeOnR/oEQc +Uep77k/fLc+UV4fp9Dk1OBeg3Ko/irSaefk4mU7F4HmS8jIERHRvXBTiur1Zx8Nx +9U3fcQuc+P9+JC89iS4PJPF1Hr0MlezAghZYJrhOrtJIAe5Uaft5KMGRfy0VQnAs +MHqGnGtzzVWK6GK83ibgG4tTfPEHHIgNFsJf3rM4cWklUmCS9TeeDJJZfhnRA6+/ +X82e6OI7QNbO +=DlGE +-----END PGP MESSAGE----- diff --git a/test/fake-pinentry.pl b/test/fake-pinentry.pl index 12d3611..40b8b08 100755 --- a/test/fake-pinentry.pl +++ b/test/fake-pinentry.pl @@ -21,7 +21,7 @@ while () { chomp; next if (/^$/); next if (/^#/); - print ("D test\n") if (/^getpin/i); + print ("D supercalifragilisticexpialidocious\n") if (/^getpin/i); print "OK\n"; exit if (/^bye/i); } diff --git a/test/plain.2.txt b/test/plain.2.txt new file mode 100644 index 0000000..da5a1d5 --- /dev/null +++ b/test/plain.2.txt @@ -0,0 +1 @@ +test message -- cgit v1.2.3 From 8f4f43c53d716f1e8d5fda858addb2725cc38fa2 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 25 May 2017 16:07:45 -0400 Subject: Kill any GnuPG agent before and after the test suite. This helps to ensure that the test suite daemon is started fresh at every test suite run. And it also avoids leaving a daemon running after the test suite, assuming the test suite manages to reach the end. This is considered a reasonable practice by upstream. Gbp-Pq: Name 0017-Kill-any-GnuPG-agent-before-and-after-the-test-suite.patch --- t/000_setup.t | 3 +++ t/zzz_cleanup.t | 2 ++ 2 files changed, 5 insertions(+) diff --git a/t/000_setup.t b/t/000_setup.t index b183241..4dc4329 100644 --- a/t/000_setup.t +++ b/t/000_setup.t @@ -17,6 +17,9 @@ TEST $agentconf->write("pinentry-program " . getcwd() . "/test/fake-pinentry.pl\n"); $agentconf->close(); copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); + # reset the state of any long-lived gpg-agent, ignoring errors: + system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); + reset_handles(); my $pid = $gnupg->import_keys(command_args => [ 'test/public_keys.pgp', 'test/secret_keys.pgp', 'test/new_secret.pgp' ], diff --git a/t/zzz_cleanup.t b/t/zzz_cleanup.t index 5c03a72..eea3a48 100644 --- a/t/zzz_cleanup.t +++ b/t/zzz_cleanup.t @@ -12,6 +12,8 @@ use File::Path qw (remove_tree); TEST { my $err = []; + # kill off any long-lived gpg-agent, ignoring errors: + system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); remove_tree('test/gnupghome', {error => \$err}); return ! @$err; }; -- cgit v1.2.3 From aca86ef5d8ea22902cc59cde35755a064e7cdf70 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 26 May 2017 09:51:40 -0400 Subject: Use a short temporary homedir during the test suite This avoids problems with the length of the path to the homedir as compared to the size limits of sockaddr_un.sun_path, particularly on systems where /run/user/$(id -u) is not present or available (such as many minimalist build environments). Gbp-Pq: Name 0018-Use-a-short-temporary-homedir-during-the-test-suite.patch --- t/000_setup.t | 9 +++++---- t/MyTestSpecific.pm | 18 +++++++++++++++++- t/list_secret_keys.t | 3 ++- t/zzz_cleanup.t | 6 ++++-- 4 files changed, 28 insertions(+), 8 deletions(-) diff --git a/t/000_setup.t b/t/000_setup.t index 4dc4329..82d7005 100644 --- a/t/000_setup.t +++ b/t/000_setup.t @@ -12,13 +12,14 @@ use File::Copy; TEST { - make_path('test/gnupghome', { mode => 0700 }); - my $agentconf = IO::File->new( "> test/gnupghome/gpg-agent.conf" ); + my $homedir = $gnupg->options->homedir(); + make_path($homedir, { mode => 0700 }); + my $agentconf = IO::File->new( "> " . $homedir . "/gpg-agent.conf" ); $agentconf->write("pinentry-program " . getcwd() . "/test/fake-pinentry.pl\n"); $agentconf->close(); - copy('test/gpg.conf', 'test/gnupghome/gpg.conf'); + copy('test/gpg.conf', $homedir . '/gpg.conf'); # reset the state of any long-lived gpg-agent, ignoring errors: - system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); + system('gpgconf', '--homedir', $homedir, '--quiet', '--kill', 'gpg-agent'); reset_handles(); diff --git a/t/MyTestSpecific.pm b/t/MyTestSpecific.pm index e513c25..809d55c 100644 --- a/t/MyTestSpecific.pm +++ b/t/MyTestSpecific.pm @@ -22,6 +22,7 @@ use IO::Seekable; use File::Compare; use Exporter; use Class::Struct; +use File::Temp qw (tempdir); use GnuPG::Interface; use GnuPG::Handles; @@ -40,10 +41,25 @@ use vars qw( @ISA @EXPORT $gnupg = GnuPG::Interface->new( passphrase => 'test' ); + +my $homedir; +if (-f "test/gnupghome") { + my $record = IO::File->new( "< test/gnupghome" ); + $homedir = <$record>; + $record->close(); +} else { + $homedir = tempdir( DIR => '/tmp'); + my $record = IO::File->new( "> test/gnupghome" ); + $record->write($homedir); + $record->close(); +} + my @version = split('\.', $gnupg->version()); $gpg_is_modern = ($version[0] > 2 || ($version[0] == 2 && $version[1] >= 1)); -$gnupg->options->hash_init( homedir => 'test/gnupghome', + + +$gnupg->options->hash_init( homedir => $homedir, armor => 1, meta_interactive => 0, meta_signing_key_id => '0x93AFC4B1B0288A104996B44253AE596EF950DA9C', diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t index 7040c38..d1e3f30 100644 --- a/t/list_secret_keys.t +++ b/t/list_secret_keys.t @@ -23,8 +23,9 @@ TEST $outfile = 'test/secret-keys/1.out'; my $out = IO::File->new( "> $outfile" ) or die "cannot open $outfile for writing: $ERRNO"; + my $modern_pubring_line = $gnupg->options->homedir() . "/pubring.kbx\n"; while (<$stdout>) { - if ($gpg_is_modern && /^\/.*\/test\/gnupghome\/pubring.kbx$/) { + if ($gpg_is_modern && ($_ eq $modern_pubring_line)) { $out->print("test/gnupghome/pubring.kbx\n"); } elsif ($gpg_is_modern && /^--*$/) { $out->print("--------------------------\n"); diff --git a/t/zzz_cleanup.t b/t/zzz_cleanup.t index eea3a48..c3ec16f 100644 --- a/t/zzz_cleanup.t +++ b/t/zzz_cleanup.t @@ -11,9 +11,11 @@ use File::Path qw (remove_tree); # this is actually no test, just cleanup. TEST { + my $homedir = $gnupg->options->homedir(); my $err = []; # kill off any long-lived gpg-agent, ignoring errors: - system('gpgconf', '--homedir=test/gnupghome', '--quiet', '--kill', 'gpg-agent'); - remove_tree('test/gnupghome', {error => \$err}); + system('gpgconf', '--homedir', $homedir, '--quiet', '--kill', 'gpg-agent'); + remove_tree($homedir, {error => \$err}); + unlink('test/gnupghome'); return ! @$err; }; -- cgit v1.2.3 From f619db00ec569d7ab95e8b35e1dbf4b0c9a8d771 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 26 May 2017 18:15:24 -0400 Subject: Make things work with gpg1 (assuming plain 'gpg' is modern) * avoid sending --pinentry-mode=loopback if gpg is invoked as gpg1 * fix up t/list_secret_keys to account for the varied output * t/decrypt.t still fails two agent-only tests, but presumably folks who use gpg1 are not expecting to use the agent. Gbp-Pq: Name 0019-Make-things-work-with-gpg1-assuming-plain-gpg-is-mod.patch --- lib/GnuPG/Interface.pm | 5 ++++- t/list_secret_keys.t | 9 +++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/lib/GnuPG/Interface.pm b/lib/GnuPG/Interface.pm index 5d8b0ec..f80ead5 100644 --- a/lib/GnuPG/Interface.pm +++ b/lib/GnuPG/Interface.pm @@ -112,8 +112,11 @@ sub fork_attach_exec( $% ) { # -- version 2.1.x or later. It's not clear to me how we can # safely and efficiently avoid this assumption (see # https://lists.gnupg.org/pipermail/gnupg-devel/2016-October/031800.html) + # + # as a (brittle and incomplete) cleanup, we will avoid trying to + # send pinentry-loopback if the program is invoked as "gpg1" $use_loopback_pinentry = 1 - if ($handles->passphrase()); + if ($handles->passphrase() && ! ($self->call =~ m/gpg1$/)); # deprecation support $args{commands} ||= $args{gnupg_commands}; diff --git a/t/list_secret_keys.t b/t/list_secret_keys.t index d1e3f30..8e3c911 100644 --- a/t/list_secret_keys.t +++ b/t/list_secret_keys.t @@ -23,11 +23,12 @@ TEST $outfile = 'test/secret-keys/1.out'; my $out = IO::File->new( "> $outfile" ) or die "cannot open $outfile for writing: $ERRNO"; - my $modern_pubring_line = $gnupg->options->homedir() . "/pubring.kbx\n"; + my $seckey_file = $gpg_is_modern ? 'pubring.kbx' : 'secring.gpg'; + my $pubring_line = $gnupg->options->homedir() . '/' . $seckey_file . "\n"; while (<$stdout>) { - if ($gpg_is_modern && ($_ eq $modern_pubring_line)) { - $out->print("test/gnupghome/pubring.kbx\n"); - } elsif ($gpg_is_modern && /^--*$/) { + if ($_ eq $pubring_line) { + $out->print('test/gnupghome/'.$seckey_file."\n"); + } elsif (/^--*$/) { $out->print("--------------------------\n"); } else { $out->print( $_ ); -- cgit v1.2.3 From ba4283b11091b1cdd9a7648ee9bceec7b74204f3 Mon Sep 17 00:00:00 2001 From: Niko Tyni Date: Wed, 20 Jun 2018 21:57:50 +0300 Subject: [PATCH] Fix test suite for GnuPG >= 2.2.6 compatibility GnuPG 2.2.6 (commit 1a5d95e7319e7e6f) started marking signatures with an expired key with '?', as seen with for instance GNUPGHOME=./test/gnupghome/ gpg --list-sigs 0xF950DA9C Adapt the test suite accordingly. See https://dev.gnupg.org/rG1a5d95e7319e7e6f0dd11064a26cbbc371b05214 Bug-Debian: https://bugs.debian.org/900051 Bug: https://github.com/bestpractical/gnupg-interface/pull/1 Gbp-Pq: Name 0001-Fix-test-suite-for-GnuPG-2.2.6-compatibility.patch --- t/get_public_keys.t | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/t/get_public_keys.t b/t/get_public_keys.t index 7893625..ede080a 100644 --- a/t/get_public_keys.t +++ b/t/get_public_keys.t @@ -13,8 +13,12 @@ use MyTestSpecific; use GnuPG::PrimaryKey; use GnuPG::SubKey; +use version; + my ( $given_key, $handmade_key ); +my $gnupg_version = version->parse($gnupg->version); + TEST { reset_handles(); @@ -74,7 +78,7 @@ TEST date_string => '2000-03-16', hex_id => '56FFD10A260C4FA3', sig_class => 0x10, - validity => '!'), + validity => $gnupg_version < version->parse('2.2.6') ? '!' : '?'), GnuPG::Signature->new( date => 949813093, algo_num => 17, @@ -115,7 +119,7 @@ TEST date_string => '2000-03-16', hex_id => '56FFD10A260C4FA3', sig_class => 0x10, - validity => '!'), + validity => $gnupg_version < version->parse('2.2.6') ? '!' : '?'), GnuPG::Signature->new( date => 953179891, algo_num => 17, -- cgit v1.2.3 From f5e14f37e1c18462d6f0830ca2da4dec4bf41680 Mon Sep 17 00:00:00 2001 From: Niko Tyni Date: Sun, 24 Jun 2018 16:19:25 +0300 Subject: [PATCH] Fix test suite for GnuPG >= 2.2.8 compatibility GnuPG 2.2.8 onwards issues a hard failure when decrypting messages not using the MDC mode. Bug-Debian: https://bugs.debian.org/900051 Bug: https://github.com/bestpractical/gnupg-interface/pull/1 Gbp-Pq: Name 0001-Fix-test-suite-for-GnuPG-2.2.8-compatibility.patch --- t/decrypt.t | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/t/decrypt.t b/t/decrypt.t index ee41448..2d6740c 100644 --- a/t/decrypt.t +++ b/t/decrypt.t @@ -6,6 +6,7 @@ use strict; use English qw( -no_match_vars ); use File::Compare; +use version; use lib './t'; use MyTest; @@ -13,6 +14,8 @@ use MyTestSpecific; my $compare; +my $gnupg_version = version->parse($gnupg->version); + TEST { reset_handles(); @@ -26,7 +29,13 @@ TEST close $stdout; waitpid $pid, 0; - return $CHILD_ERROR == 0;; + if ($gnupg_version < version->parse('2.2.8')) { + return $CHILD_ERROR == 0;; + } else { + local $/ = undef; + my $errstr = <$stderr>; + return (($CHILD_ERROR >> 8 == 2) and ($errstr =~ /ignore-mdc-error/)); + } }; @@ -50,7 +59,13 @@ TEST waitpid $pid, 0; - return $CHILD_ERROR == 0; + if ($gnupg_version < version->parse('2.2.8')) { + return $CHILD_ERROR == 0; + } else { + local $/ = undef; + my $errstr = <$stderr>; + return (($CHILD_ERROR >> 8 == 2) and ($errstr =~ /ignore-mdc-error/)); + } }; -- cgit v1.2.3