1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
gnupg/tests/openpgp/export.test
Daniel Kahn Gillmor c41c46fa84
g10: Export cleartext keys as cleartext
* g10/export.c (do_export_stream): If a key is stored by the agent in
cleartext, then try to export it as cleartext.
* tests/openpgp/export.test: For secret keys that are stored in
cleartext, test should try to export without pinentry interaction.
--

This restores the behavior of GnuPG 2.0 and 1.4 when exporting
passphraseless secret keys, and fixes the test suite accordingly.

GnuPG-bug-id: 2070, 2324
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-06-11 11:18:58 +02:00

111 lines
2.7 KiB
Bash
Executable File

#!/bin/sh
. $srcdir/defs.inc || exit 3
check_exported_public_key()
{
$GPG --list-packets $1 >$1.packets
grep '^:public key packet:' $1.packets >/dev/null
grep "^ keyid: .*$KEY$" $1.packets >/dev/null
grep '^:user ID packet:' $1.packets >/dev/null
grep "^:signature packet:.*keyid.*$KEY" $1.packets >/dev/null
rm $1.packets
}
check_armored_public_key()
{
grep '^-----BEGIN PGP PUBLIC KEY BLOCK-----$' $1 >/dev/null
grep '^-----END PGP PUBLIC KEY BLOCK-----$' $1 >/dev/null
check_exported_public_key $1
}
check_exported_private_key()
{
$GPG --list-packets $1 >$1.packets
grep '^:secret key packet:' $1.packets >/dev/null
grep "^ keyid: .*$KEY$" $1.packets >/dev/null
grep '^:user ID packet:' $1.packets >/dev/null
grep "^:signature packet:.*keyid.*$KEY" $1.packets >/dev/null
rm $1.packets
}
check_armored_private_key()
{
grep '^-----BEGIN PGP PRIVATE KEY BLOCK-----$' $1 >/dev/null
grep '^-----END PGP PRIVATE KEY BLOCK-----$' $1 >/dev/null
check_exported_private_key $1
}
logfile="`pwd`/pinentry.log"
ppfile="`pwd`/passphrases"
rm -f -- $logfile $ppfile
touch $ppfile
prepare_passphrase()
{
echo $* >>$ppfile
}
prepare_passphrase_confirm()
{
echo "fake-entry being started to CONFIRM the weak phrase" >>$ppfile
}
assert_passphrases_consumed()
{
if test -s $ppfile; then
echo "Expected $ppfile to be empty, but these are enqueued:" >&2
cat "$ppfile" >&2
exit 1
fi
rm -f -- $logfile
}
export PINENTRY_USER_DATA="--logfile=$logfile --passphrasefile=$ppfile"
info "Checking key export."
for KEY in D74C5F22 C40FDECF ECABF51D
do
progress $KEY
$GPG --export $KEY >$KEY.public
check_exported_public_key $KEY.public
rm $KEY.public
$GPG --armor --export $KEY >$KEY.public
check_armored_public_key $KEY.public
rm $KEY.public
# test without --armor:
if [ $KEY = D74C5F22 ]; then
# Key D74C5F22 is protected by a passphrase. Prepare this
# one. Currently, GnuPG does not ask for an export passphrase
# in this case.
prepare_passphrase "$usrpass1"
fi
$GPG --export-secret-keys $KEY >$KEY.private
check_exported_private_key $KEY.private
rm $KEY.private
assert_passphrases_consumed
# test with --armor:
if [ $KEY = D74C5F22 ]; then
# Key D74C5F22 is protected by a passphrase. Prepare this
# one. Currently, GnuPG does not ask for an export passphrase
# in this case.
prepare_passphrase "$usrpass1"
fi
$GPG --armor --export-secret-keys $KEY >$KEY.private
check_armored_private_key $KEY.private
rm $KEY.private
assert_passphrases_consumed
done
progress_end