[PATCH 1/8] tests/openpgp: add export-cleartext

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sat May 21 01:41:04 CEST 2016


* tests/openpgp/export-cleartext.test: test that it's possible to
  export secret keys that are stored without a passphrase without
  interaction.

This has historically been possible with older versions of gpg, but
the test currently fails, due to attempts by the agent to set a
passphrase on any export, even those stored in the clear.

The following patch series fixes this regression.
---
 tests/openpgp/Makefile.am           |  1 +
 tests/openpgp/export-cleartext.test | 23 +++++++++++++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100755 tests/openpgp/export-cleartext.test

diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am
index bab0b7d..cf1848d 100644
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@@ -57,6 +57,7 @@ TESTS = version.test mds.test \
 	import.test ecc.test 4gb-packet.test \
 	$(sqlite3_dependent_tests) \
 	gpgtar.test use-exact-key.test default-key.test \
+	export-cleartext.test \
 	finish.test
 
 
diff --git a/tests/openpgp/export-cleartext.test b/tests/openpgp/export-cleartext.test
new file mode 100755
index 0000000..99ac5ae
--- /dev/null
+++ b/tests/openpgp/export-cleartext.test
@@ -0,0 +1,23 @@
+#!/bin/sh
+# Copyright 2016 Free Software Foundation, Inc.
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.  This file is
+# distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY, to the extent permitted by law; without even the implied
+# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+. $srcdir/defs.inc || exit 3
+
+#info Checking that exporting of cleartext secret key is possible without a passphrase.
+for i in $usrname2 $usrname3; do
+    $GPG --armor --export-secret-key "$i" > /dev/null || \
+        error "$i: failed to export secret key"
+done
+
+#info Check that export of passphrase-protected secret key fails without a passphrase.
+for i in $usrname1; do
+    (! $GPG --armor --export-secret-key "$i" > /dev/null) || \
+        error "$i: export protected secret key succeeded (should have failed)"
+done
+
-- 
2.8.1




More information about the Gnupg-devel mailing list