t / lib-gpg.shon commit t/t7510-signed-commit.sh: add signing subkey to Eris Discordia key (1e69084)
   1#!/bin/sh
   2
   3gpg_version=$(gpg --version 2>&1)
   4if test $? != 127
   5then
   6        # As said here: http://www.gnupg.org/documentation/faqs.html#q6.19
   7        # the gpg version 1.0.6 didn't parse trust packets correctly, so for
   8        # that version, creation of signed tags using the generated key fails.
   9        case "$gpg_version" in
  10        'gpg (GnuPG) 1.0.6'*)
  11                say "Your version of gpg (1.0.6) is too buggy for testing"
  12                ;;
  13        *)
  14                # Available key info:
  15                # * Type DSA and Elgamal, size 2048 bits, no expiration date,
  16                #   name and email: C O Mitter <committer@example.com>
  17                # * Type RSA, size 2048 bits, no expiration date,
  18                #   name and email: Eris Discordia <discord@example.net>
  19                # No password given, to enable non-interactive operation.
  20                # To generate new key:
  21                #       gpg --homedir /tmp/gpghome --gen-key
  22                # To write armored exported key to keyring:
  23                #       gpg --homedir /tmp/gpghome --export-secret-keys \
  24                #               --armor 0xDEADBEEF >> lib-gpg/keyring.gpg
  25                #       gpg --homedir /tmp/gpghome --export \
  26                #               --armor 0xDEADBEEF >> lib-gpg/keyring.gpg
  27                # To export ownertrust:
  28                #       gpg --homedir /tmp/gpghome --export-ownertrust \
  29                #               > lib-gpg/ownertrust
  30                mkdir ./gpghome &&
  31                chmod 0700 ./gpghome &&
  32                GNUPGHOME="$(pwd)/gpghome" &&
  33                export GNUPGHOME &&
  34                (gpgconf --kill gpg-agent >/dev/null 2>&1 || : ) &&
  35                gpg --homedir "${GNUPGHOME}" 2>/dev/null --import \
  36                        "$TEST_DIRECTORY"/lib-gpg/keyring.gpg &&
  37                gpg --homedir "${GNUPGHOME}" 2>/dev/null --import-ownertrust \
  38                        "$TEST_DIRECTORY"/lib-gpg/ownertrust &&
  39                gpg --homedir "${GNUPGHOME}" </dev/null >/dev/null 2>&1 \
  40                        --sign -u committer@example.com &&
  41                test_set_prereq GPG &&
  42                # Available key info:
  43                # * see t/lib-gpg/gpgsm-gen-key.in
  44                # To generate new certificate:
  45                #  * no passphrase
  46                #       gpgsm --homedir /tmp/gpghome/ \
  47                #               -o /tmp/gpgsm.crt.user \
  48                #               --generate-key \
  49                #               --batch t/lib-gpg/gpgsm-gen-key.in
  50                # To import certificate:
  51                #       gpgsm --homedir /tmp/gpghome/ \
  52                #               --import /tmp/gpgsm.crt.user
  53                # To export into a .p12 we can later import:
  54                #       gpgsm --homedir /tmp/gpghome/ \
  55                #               -o t/lib-gpg/gpgsm_cert.p12 \
  56                #               --export-secret-key-p12 "committer@example.com"
  57                echo | gpgsm --homedir "${GNUPGHOME}" 2>/dev/null \
  58                        --passphrase-fd 0 --pinentry-mode loopback \
  59                        --import "$TEST_DIRECTORY"/lib-gpg/gpgsm_cert.p12 &&
  60                gpgsm --homedir "${GNUPGHOME}" 2>/dev/null -K \
  61                        | grep fingerprint: | cut -d" " -f4 | tr -d '\n' > \
  62                        ${GNUPGHOME}/trustlist.txt &&
  63                echo " S relax" >> ${GNUPGHOME}/trustlist.txt &&
  64                (gpgconf --kill gpg-agent >/dev/null 2>&1 || : ) &&
  65                echo hello | gpgsm --homedir "${GNUPGHOME}" >/dev/null \
  66                        -u committer@example.com -o /dev/null --sign - 2>&1 &&
  67                test_set_prereq GPGSM
  68                ;;
  69        esac
  70fi
  71
  72if test_have_prereq GPG &&
  73    echo | gpg --homedir "${GNUPGHOME}" -b --rfc1991 >/dev/null 2>&1
  74then
  75        test_set_prereq RFC1991
  76fi
  77
  78sanitize_pgp() {
  79        perl -ne '
  80                /^-----END PGP/ and $in_pgp = 0;
  81                print unless $in_pgp;
  82                /^-----BEGIN PGP/ and $in_pgp = 1;
  83        '
  84}