t/lib-gpg.sh

   1 #!/bin/sh
   2
   3 gpg_version=$(gpg --version 2>&1)
   4 if test $? != 127
   5 then
   6         # As said here: http://www.gnupg.org/documentation/faqs.html#q6.19
   7         # the gpg version 1.0.6 didn't parse trust packets correctly, so for
   8         # that version, creation of signed tags using the generated key fails.
   9         case "$gpg_version" in
  10         'gpg (GnuPG) 1.0.6'*)
  11                 say "Your version of gpg (1.0.6) is too buggy for testing"
  12                 ;;
  13         *)
  14                 # Available key info:
  15                 # * Type DSA and Elgamal, size 2048 bits, no expiration date,
  16                 #   name and email: C O Mitter <committer@example.com>
  17                 # * Type RSA, size 2048 bits, no expiration date,
  18                 #   name and email: Eris Discordia <discord@example.net>
  19                 # No password given, to enable non-interactive operation.
  20                 # To generate new key:
  21                 #       gpg --homedir /tmp/gpghome --gen-key
  22                 # To write armored exported key to keyring:
  23                 #       gpg --homedir /tmp/gpghome --export-secret-keys \
  24                 #               --armor 0xDEADBEEF >> lib-gpg/keyring.gpg
  25                 #       gpg --homedir /tmp/gpghome --export \
  26                 #               --armor 0xDEADBEEF >> lib-gpg/keyring.gpg
  27                 # To export ownertrust:
  28                 #       gpg --homedir /tmp/gpghome --export-ownertrust \
  29                 #               > lib-gpg/ownertrust
  30                 mkdir ./gpghome &&
  31                 chmod 0700 ./gpghome &&
  32                 GNUPGHOME="$(pwd)/gpghome" &&
  33                 export GNUPGHOME &&
  34                 (gpgconf --kill gpg-agent >/dev/null 2>&1 || : ) &&
  35                 gpg --homedir "${GNUPGHOME}" 2>/dev/null --import \
  36                         "$TEST_DIRECTORY"/lib-gpg/keyring.gpg &&
  37                 gpg --homedir "${GNUPGHOME}" 2>/dev/null --import-ownertrust \
  38                         "$TEST_DIRECTORY"/lib-gpg/ownertrust &&
  39                 gpg --homedir "${GNUPGHOME}" </dev/null >/dev/null 2>&1 \
  40                         --sign -u committer@example.com &&
  41                 test_set_prereq GPG &&
  42                 # Available key info:
  43                 # * see t/lib-gpg/gpgsm-gen-key.in
  44                 # To generate new certificate:
  45                 #  * no passphrase
  46                 #       gpgsm --homedir /tmp/gpghome/ \
  47                 #               -o /tmp/gpgsm.crt.user \
  48                 #               --generate-key \
  49                 #               --batch t/lib-gpg/gpgsm-gen-key.in
  50                 # To import certificate:
  51                 #       gpgsm --homedir /tmp/gpghome/ \
  52                 #               --import /tmp/gpgsm.crt.user
  53                 # To export into a .p12 we can later import:
  54                 #       gpgsm --homedir /tmp/gpghome/ \
  55                 #               -o t/lib-gpg/gpgsm_cert.p12 \
  56                 #               --export-secret-key-p12 "committer@example.com"
  57                 echo | gpgsm --homedir "${GNUPGHOME}" 2>/dev/null \
  58                         --passphrase-fd 0 --pinentry-mode loopback \
  59                         --import "$TEST_DIRECTORY"/lib-gpg/gpgsm_cert.p12 &&
  60
  61                 gpgsm --homedir "${GNUPGHOME}" 2>/dev/null -K |
  62                 grep fingerprint: |
  63                 cut -d" " -f4 |
  64                 tr -d '\n' >"${GNUPGHOME}/trustlist.txt" &&
  65
  66                 echo " S relax" >> ${GNUPGHOME}/trustlist.txt &&
  67                 (gpgconf --kill gpg-agent >/dev/null 2>&1 || : ) &&
  68                 echo hello | gpgsm --homedir "${GNUPGHOME}" >/dev/null \
  69                         -u committer@example.com -o /dev/null --sign - 2>&1 &&
  70                 test_set_prereq GPGSM
  71                 ;;
  72         esac
  73 fi
  74
  75 if test_have_prereq GPG &&
  76     echo | gpg --homedir "${GNUPGHOME}" -b --rfc1991 >/dev/null 2>&1
  77 then
  78         test_set_prereq RFC1991
  79 fi
  80
  81 sanitize_pgp() {
  82         perl -ne '
  83                 /^-----END PGP/ and $in_pgp = 0;
  84                 print unless $in_pgp;
  85                 /^-----BEGIN PGP/ and $in_pgp = 1;
  86         '
  87 }