3 ;; Copyright (C) 2016 g10 Code GmbH
5 ;; This file is part of GnuPG.
7 ;; GnuPG is free software; you can redistribute it and/or modify
8 ;; it under the terms of the GNU General Public License as published by
9 ;; the Free Software Foundation; either version 3 of the License, or
10 ;; (at your option) any later version.
12 ;; GnuPG is distributed in the hope that it will be useful,
13 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
14 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 ;; GNU General Public License for more details.
17 ;; You should have received a copy of the GNU General Public License
18 ;; along with this program; if not, see <http://www.gnu.org/licenses/>.
20 (load (with-path "defs.scm"))
21 (setup-legacy-environment)
23 (define (check-for predicate lines message)
24 (unless (any predicate lines)
27 (define (check-exported-key dump keyid)
28 (check-for (lambda (l)
29 (and (string-prefix? l " keyid: ")
30 (string-suffix? l keyid))) dump
32 (check-for (lambda (l) (string-prefix? l ":user ID packet:")) dump
33 "User ID packet not found")
34 (check-for (lambda (l)
35 (and (string-prefix? l ":signature packet:")
36 (string-contains? l "keyid")
37 (string-suffix? l keyid))) dump
38 "Signature packet not found"))
40 (define (check-exported-public-key packet-dump keyid)
41 (let ((dump (string-split-newlines packet-dump)))
42 (check-for (lambda (l) (string-prefix? l ":public key packet:")) dump
43 "Public key packet not found")
44 (check-exported-key dump keyid)))
46 (define (check-exported-private-key packet-dump keyid)
47 (let ((dump (string-split-newlines packet-dump)))
48 (check-for (lambda (l) (string-prefix? l ":secret key packet:")) dump
49 "Secret key packet not found")
50 (check-exported-key dump keyid)))
53 ;; Prepare two temporary files for communication with the fake
57 (define (prepare-passphrases . passphrases)
58 (call-with-output-file ppfile
60 (for-each (lambda (passphrase)
61 (display passphrase port)
62 (display #\newline port)) passphrases))))
64 (define CONFIRM "fake-entry being started to CONFIRM the weak phrase")
66 (define (assert-passphrases-consumed)
67 (call-with-input-file ppfile
70 (eof-object? (peek-char port))
72 "Expected all passphrases to be consumed, but found: "
75 (setenv "PINENTRY_USER_DATA"
76 (string-append "--logfile=" logfile " --passphrasefile=" ppfile) #t)
83 (pipe:gpg `(--export ,keyid))
84 (pipe:gpg '(--list-packets)))
85 (tr:call-with-content check-exported-public-key keyid))
87 (if (string=? "D74C5F22" keyid)
88 ;; Key D74C5F22 is protected by a passphrase. Prepare this
89 ;; one. Currently, GnuPG does not ask for an export passphrase
91 (prepare-passphrases usrpass1))
95 (pipe:gpg `(--export-secret-keys ,keyid))
96 (pipe:gpg '(--list-packets)))
97 (tr:call-with-content check-exported-private-key keyid))
99 (assert-passphrases-consumed))
100 '("D74C5F22" "C40FDECF" "ECABF51D")))