gpgme and passprhases

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Jan 27 18:59:44 CET 2016 

Hi all--

I'm trying to get the pygpgme test suite in shape when working with gpg
2.1, and the remaining problems i see with it have to do with failed
attempts to set the passphrase with a callback.

Is there an expectation that gpgme should work without the agent?
should gpgme's passphrase callbacks work in 2.1 at all?

Below are the errors i'm seeing in the test suite when i run it with
"make check".

fwiw, the underlying command is:
   DISPLAY= DBUS_SESSION_BUS_ADDRESS= GPG_AGENT_INFO= python test_all.py -v



======================================================================
ERROR: test_encrypt_symmetric (tests.test_encrypt_decrypt.EncryptDecryptTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/dkg/src/pygpgme/pygpgme/tests/test_encrypt_decrypt.py", line 136, in test_encrypt_symmetric
    ctx.encrypt(None, 0, plaintext, ciphertext)
GpgmeError: (7, 11, u'Bad passphrase')

======================================================================
ERROR: test_sign_with_passphrase_cb (tests.test_passphrase.PassphraseTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/dkg/src/pygpgme/pygpgme/tests/test_passphrase.py", line 65, in test_sign_with_passphrase_cb
    new_sigs = ctx.sign(plaintext, signature, gpgme.SIG_MODE_CLEAR)
GpgmeError: (5, 99, u'Operation cancelled')

======================================================================
FAIL: test_sign_without_passphrase_cb (tests.test_passphrase.PassphraseTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/dkg/src/pygpgme/pygpgme/tests/test_passphrase.py", line 43, in test_sign_without_passphrase_cb
    self.assertEqual(exc.args[0], gpgme.ERR_SOURCE_GPGME)
AssertionError: 5 != 7

----------------------------------------------------------------------

(fwiw, the latter failure shows that the error source is
gpgme.GPG_ERR_SOURCE_PINENTRY instead of gpgme.ERR_SOURCE_GPGME).

so i see a couple potential approaches:

 a) strip these tests from the test suite

 b) modify the test suite to use a loopback pinentry somehow

 c) make a custom pinentry specifically for use with the test suite

(a) is obviously the easiest, but maybe the least responsible.

Any suggestions for what the right thing to do is here?

    --dkg

More information about the Gnupg-devel mailing list