diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 09:59:15 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 09:59:15 +0000 |
commit | 8de1ee1b2b676b0d07586f0752750dd6b0fb7511 (patch) | |
tree | dd46fd7dc3863045696cd0e48032d8a36fa0daf5 /tests/fake-pinentries | |
parent | Initial commit. (diff) | |
download | gnupg2-8de1ee1b2b676b0d07586f0752750dd6b0fb7511.tar.xz gnupg2-8de1ee1b2b676b0d07586f0752750dd6b0fb7511.zip |
Adding upstream version 2.2.27.upstream/2.2.27upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'tests/fake-pinentries')
-rw-r--r-- | tests/fake-pinentries/README.txt | 38 | ||||
-rwxr-xr-x | tests/fake-pinentries/fake-pinentry.php | 27 | ||||
-rwxr-xr-x | tests/fake-pinentries/fake-pinentry.pl | 27 | ||||
-rwxr-xr-x | tests/fake-pinentries/fake-pinentry.py | 30 | ||||
-rwxr-xr-x | tests/fake-pinentries/fake-pinentry.sh | 33 |
5 files changed, 155 insertions, 0 deletions
diff --git a/tests/fake-pinentries/README.txt b/tests/fake-pinentries/README.txt new file mode 100644 index 0000000..0654f56 --- /dev/null +++ b/tests/fake-pinentries/README.txt @@ -0,0 +1,38 @@ +Fake Pinentries for Test Suites +=============================== + +If you're writing a test suite, it should use one of these pinentries +by setting the following line in $GNUPGHOME/gpg-agent.conf: + + pinentry-program /path/to/fake-pinentry.ext + +Note that different fake-pinentry programs have been supplied here in +different languages, with the intent of making them available to +developers who have different languages available. + +They are all licensed Creative Commons Zero (CC0-1.0-Universal, see +the COPYING.CC0 file in GnuPG's top directory), so they should be +reusable by any project. Feel free to copy them into your own +project's test suite. + +Rationale +--------- + +If you're implementing software that uses GnuPG, you probably want a +test suite that exercises your code, and you may have some that +involve secret key material locked with a passphrase. However, you +don't want to require your developers to manually enter a passphrase +while tests are run, and you probably also don't want to deal with +alternate codepaths/workflows like using gpg's loopback pinentry. + +The solution for this is to use a fake pinentry in your test suite, +one that simply returns a pre-selected passphrase. In this case, all +the other code follows the same path as normal, but the user +interaction is bypassed because the fake-pinentry is used instead. + +Troubleshooting +--------------- + +If you have any trouble with this technique, please drop a line to the +GnuPG development mailing list <gnupg-devel@gnupg.org> or open a +report on the GnuPG bug tracker at https://dev.gnupg.org/gnupg diff --git a/tests/fake-pinentries/fake-pinentry.php b/tests/fake-pinentries/fake-pinentry.php new file mode 100755 index 0000000..bc4088f --- /dev/null +++ b/tests/fake-pinentries/fake-pinentry.php @@ -0,0 +1,27 @@ +#!/usr/bin/php +<?php +# Use this for your test suites when a PHP interpreter is available. +# +# The encrypted keys in your test suite that you expect to work must +# be locked with a passphrase of "passphrase" +# +# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +# +# License: Creative Commons Zero ("Public Domain Dedication") -- +# Anyone may reuse it, modify it, redistribute it for any purpose. + +print("OK This is only for test suites, and should never be used in production\n"); +while (true) { + $line = fgets(STDIN); + if (False === $line) + break; + $line = strtolower(trim($line)); + if (($line === "") || ($line[0] == '#')) + continue; + if ((0 === strncmp("getpin", $line, 6))) + print("D passphrase\n"); + print("OK\n"); + if ((0 === strncmp("bye", $line, 3))) + break; +} +?> diff --git a/tests/fake-pinentries/fake-pinentry.pl b/tests/fake-pinentries/fake-pinentry.pl new file mode 100755 index 0000000..8cb337d --- /dev/null +++ b/tests/fake-pinentries/fake-pinentry.pl @@ -0,0 +1,27 @@ +#!/usr/bin/perl -w +# Use this for your test suites when a perl interpreter is available. +# +# The encrypted keys in your test suite that you expect to work must +# be locked with a passphrase of "passphrase" +# +# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +# +# License: Creative Commons Zero ("Public Domain Dedication") -- +# Anyone may reuse it, modify it, redistribute it for any purpose. + +use strict; +use warnings; + +# turn off buffering +$| = 1; + +print "OK This is only for test suites, and should never be used in production\n"; +while (<STDIN>) { + chomp; + next if (/^$/); + next if (/^#/); + print ("D passphrase\n") if (/^getpin/i); + print "OK\n"; + exit if (/^bye/i); +} +1; diff --git a/tests/fake-pinentries/fake-pinentry.py b/tests/fake-pinentries/fake-pinentry.py new file mode 100755 index 0000000..78735c9 --- /dev/null +++ b/tests/fake-pinentries/fake-pinentry.py @@ -0,0 +1,30 @@ +#!/usr/bin/env python +# Use this for your test suites when a python interpreter is available. +# +# The encrypted keys in your test suite that you expect to work must +# be locked with a passphrase of "passphrase" +# +# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +# +# License: Creative Commons Zero ("Public Domain Dedication") -- +# Anyone may reuse it, modify it, redistribute it for any purpose. + +import sys, os + +# turn off buffering: +sys.stdin = os.fdopen(sys.stdin.fileno(), 'r', 0) +sys.stdout = os.fdopen(sys.stdout.fileno(), 'w', 0) + +print("OK This is only for test suites, and should never be used in production") +while True: + ln = sys.stdin.readline() + if (ln == ''): + break + ln = ln.lower() + if (ln.strip() == '') or (ln.startswith('#')): + continue + if (ln.startswith('getpin')): + sys.stdout.write('D passphrase\n') + sys.stdout.write('OK\n') + if (ln.startswith('bye')): + break diff --git a/tests/fake-pinentries/fake-pinentry.sh b/tests/fake-pinentries/fake-pinentry.sh new file mode 100755 index 0000000..44aca21 --- /dev/null +++ b/tests/fake-pinentries/fake-pinentry.sh @@ -0,0 +1,33 @@ +#!/bin/sh +# Use this for your test suites when a POSIX shell is available. +# +# The encrypted keys in your test suite that you expect to work must +# be locked with a passphrase of "passphrase" +# +# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +# +# License: Creative Commons Zero ("Public Domain Dedication") -- +# Anyone may reuse it, modify it, redistribute it for any purpose. + +echo "OK This is only for test suites, and should never be used in production" +while read cmd rest; do + cmd=$(printf "%s" "$cmd" | tr 'A-Z' 'a-z') + if [ -z "$cmd" ]; then + continue; + fi + case "$cmd" in + \#*) + ;; + getpin) + echo "D passphrase" + echo "OK" + ;; + bye) + echo "OK" + exit 0 + ;; + *) + echo "OK" + ;; + esac +done |