[PATCH] tests/openpgp: Provide fake pinentries for downstream developers.

Neal H. Walfield neal at walfield.org
Tue Sep 13 10:27:08 CEST 2016


Hi Daniel,

Thanks for working on this.  Why not cc0 instead of public domain?

From https://creativecommons.org/share-your-work/public-domain/cc0/:

  The Problem

  Dedicating works to the public domain is difficult if not impossible
  for those wanting to contribute their works for public use before
  applicable copyright or database protection terms expire. Few if any
  jurisdictions have a process for doing so easily and reliably. Laws
  vary from jurisdiction to jurisdiction as to what rights are
  automatically granted and how and when they expire or may be
  voluntarily relinquished. More challenging yet, many legal systems
  effectively prohibit any attempt by these owners to surrender rights
  automatically conferred by law, particularly moral rights, even when
  the author wishing to do so is well informed and resolute about
  doing so and contributing their work to the public domain.

:) Neal


On Tue, 13 Sep 2016 08:09:58 +0200,
Daniel Kahn Gillmor wrote:
> 
> * tests/openpgp/fake-pinentries/README.txt and
>   tests/openpgp/fake-pinentries/fake-pinentry.{sh,py,pl,php}}: New
>   public domain files to encourage better test suite practices from
>   downstream developers.
> 
> Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
> ---
>  tests/openpgp/fake-pinentries/README.txt        | 28 ++++++++++++++++++++
>  tests/openpgp/fake-pinentries/fake-pinentry.php | 25 ++++++++++++++++++
>  tests/openpgp/fake-pinentries/fake-pinentry.pl  | 28 ++++++++++++++++++++
>  tests/openpgp/fake-pinentries/fake-pinentry.py  | 29 +++++++++++++++++++++
>  tests/openpgp/fake-pinentries/fake-pinentry.sh  | 34 +++++++++++++++++++++++++
>  5 files changed, 144 insertions(+)
>  create mode 100644 tests/openpgp/fake-pinentries/README.txt
>  create mode 100755 tests/openpgp/fake-pinentries/fake-pinentry.php
>  create mode 100755 tests/openpgp/fake-pinentries/fake-pinentry.pl
>  create mode 100755 tests/openpgp/fake-pinentries/fake-pinentry.py
>  create mode 100755 tests/openpgp/fake-pinentries/fake-pinentry.sh
> 
> diff --git a/tests/openpgp/fake-pinentries/README.txt b/tests/openpgp/fake-pinentries/README.txt
> new file mode 100644
> index 0000000..7a08b32
> --- /dev/null
> +++ b/tests/openpgp/fake-pinentries/README.txt
> @@ -0,0 +1,28 @@
> +Fake Pinentries for Test Suites
> +===============================
> +
> +If you're writing a test suite, it should use one of these pinentries
> +by setting the following line in $GNUPGHOME/gpg-agent.conf:
> +
> +    pinentry-program /path/to/fake-pinentry.ext
> +
> +Note that different fake-pinentry programs have been supplied here in
> +different languages, with the intent of making them available to
> +developers who have different languages available.
> +
> +They are in the public domain, so they should be reusable by any
> +project.  Feel free to copy them into your own project's test suite.
> +
> +Rationale
> +---------
> +
> +If you're implementing software that uses GnuPG, you probably want a
> +test suite that exercises your code, and you may have some that
> +involve secret key material locked with a passphrase.  However, you
> +don't want to require your developers to manually enter a passphrase
> +while tests are run, and you probably also don't want to deal with
> +alternate codepaths/workflows like using gpg's loopback pinentry.
> +
> +The solution for this is to use a fake pinentry in your test suite,
> +one that simply returns a pre-selected passphrase.  In this case, all
> +the other code is the 
> diff --git a/tests/openpgp/fake-pinentries/fake-pinentry.php b/tests/openpgp/fake-pinentries/fake-pinentry.php
> new file mode 100755
> index 0000000..2d8f2c8
> --- /dev/null
> +++ b/tests/openpgp/fake-pinentries/fake-pinentry.php
> @@ -0,0 +1,25 @@
> +#!/usr/bin/php
> +# Use this for your test suites when a PHP interpreter is available.
> +#
> +# The encrypted keys in your test suite that you expect to work must
> +# be locked with a passphrase of "passphrase"
> +#
> +# Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
> +#
> +# License: This trivial work is hereby explicitly placed into the
> +# public domain.  Anyone may reuse it, modify it, redistribute it for
> +# any purpose.
> +
> +<?php
> +print("OK This is only for test suites, and should never be used in production\n");
> +while (true) {
> +    $line = strtolower(trim(fgets(STDIN)));
> +    if (($line === "") || ($line[0] == '#'))
> +        continue;
> +    if ((0 === strncmp("getpin", $line, 6)))
> +        print("D passphrase\n");
> +    print("OK\n");
> +    if ((0 === strncmp("bye", $line, 3)))
> +        break;
> +}
> +?>
> \ No newline at end of file
> diff --git a/tests/openpgp/fake-pinentries/fake-pinentry.pl b/tests/openpgp/fake-pinentries/fake-pinentry.pl
> new file mode 100755
> index 0000000..250b27c
> --- /dev/null
> +++ b/tests/openpgp/fake-pinentries/fake-pinentry.pl
> @@ -0,0 +1,28 @@
> +#!/usr/bin/perl -w
> +# Use this for your test suites when a perl interpreter is available.
> +#
> +# The encrypted keys in your test suite that you expect to work must
> +# be locked with a passphrase of "passphrase"
> +#
> +# Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
> +#
> +# License: This trivial work is hereby explicitly placed into the
> +# public domain.  Anyone may reuse it, modify it, redistribute it for
> +# any purpose.
> +
> +use strict;
> +use warnings;
> +
> +# turn off buffering
> +$| = 1;
> +
> +print "OK This is only for test suites, and should never be used in production\n";
> +while (<STDIN>) {
> +  chomp;
> +  next if (/^$/);
> +  next if (/^#/)
> +  print ("D passphrase\n") if (/^getpin/i);
> +  print "OK\n";
> +  exit if (/^bye/i);
> +}
> +1;
> diff --git a/tests/openpgp/fake-pinentries/fake-pinentry.py b/tests/openpgp/fake-pinentries/fake-pinentry.py
> new file mode 100755
> index 0000000..57d6941
> --- /dev/null
> +++ b/tests/openpgp/fake-pinentries/fake-pinentry.py
> @@ -0,0 +1,29 @@
> +#!/usr/bin/env python
> +# Use this for your test suites when a python interpreter is available.
> +#
> +# The encrypted keys in your test suite that you expect to work must
> +# be locked with a passphrase of "passphrase"
> +#
> +# Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
> +#
> +# License: This trivial work is hereby explicitly placed into the
> +# public domain.  Anyone may reuse it, modify it, redistribute it for
> +# any purpose.
> +
> +import sys, os
> +
> +# turn off buffering:
> +sys.stdin = os.fdopen(sys.stdin.fileno(), 'r', 0)
> +sys.stdout = os.fdopen(sys.stdout.fileno(), 'w', 0)
> +
> +print("OK This is only for test suites, and should never be used in production")
> +while True:
> +    ln = sys.stdin.readline().lower()
> +    if (ln.strip() == '') or (ln.startswith('#')):
> +        continue
> +    if (ln.startswith('getpin')):
> +        sys.stdout.write('D passphrase\n')
> +    sys.stdout.write('OK\n')
> +    if (ln.startswith('bye')):
> +        break
> +        
> diff --git a/tests/openpgp/fake-pinentries/fake-pinentry.sh b/tests/openpgp/fake-pinentries/fake-pinentry.sh
> new file mode 100755
> index 0000000..57bbf91
> --- /dev/null
> +++ b/tests/openpgp/fake-pinentries/fake-pinentry.sh
> @@ -0,0 +1,34 @@
> +#!/bin/sh
> +# Use this for your test suites when a POSIX shell is available.
> +#
> +# The encrypted keys in your test suite that you expect to work must
> +# be locked with a passphrase of "passphrase"
> +#
> +# Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
> +#
> +# License: This trivial work is hereby explicitly placed into the
> +# public domain.  Anyone may reuse it, modify it, redistribute it for
> +# any purpose.
> +
> +echo "OK This is only for test suites, and should never be used in production"
> +while read cmd rest; do
> +    cmd=$(printf "%s" "$cmd" | tr 'A-Z' 'a-z')
> +    if [ -z "$cmd" ]; then
> +        continue;
> +    fi
> +    case "$cmd" in
> +        \#*)
> +        ;;
> +        getpin)
> +            echo "D passphrase"
> +            echo "OK"
> +            ;;
> +        bye)
> +            echo "OK"
> +            exit 0
> +            ;;
> +        *)
> +            echo "OK"
> +            ;;
> +    esac
> +done
> -- 
> 2.9.3
> 
> 
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
> 



More information about the Gnupg-devel mailing list