action #50606
closed[sle] Refine GnuPG case to use a better solution for interactive command
0%
Description
Now, tests/console/gpg.pm
uses a "blind input" method for the user interactive of key generating. It is not elegant, unstable prone, and not friendly for debugging. Some other methods we usually use, eg. disable pipe buffer with 'unbuffer' command or typescript, do not work on gpg.
Unless we really want to test the user interface for key generating, we could always use --batch
arguement to make gpg get all the necessary user input value include passphrase from a file.
A simple input file format could be like:
$ cat >foo <<EOF
%echo Generating a standard key
Key-Type: default
Key-Length: 2048
Subkey-Type: default
Subkey-Length: 2048
Name-Real: SUSE Tester
Name-Email: tester@suse.de
Passphrase: testingpassword
Expire-Date: 0
EOF
Then generate the key with
$ gpg --batch --gen-key foo
Updated by pcervinka almost 5 years ago
This approach will skip using pinentry for passphrase. Pinentry integration was original reason for gpg test existence.
Updated by whdu almost 5 years ago
pcervinka wrote:
This approach will skip using pinentry for passphrase. Pinentry integration was original reason for gpg test existence.
Okay, let me find a way to do not skip it, maybe needles are needed.
Updated by whdu almost 5 years ago
For gpg version < 2.1 (on SLES12), "batch" mode does not work normally. If you do not specify passphrase in the config file which to be passed to batch mode, gpg will create empty passphrase automatically. So that pinentry interface will not be shown up.
To avoid using batch mode, we can consider tools like 'expect' or 'typescript', but the pinentry always act incorrectly with them. So we have to use needles matching to solve this issue.
Updated by whdu almost 5 years ago
- Status changed from In Progress to Resolved
Merged
Commit 184bc75f029578567cca76a03ef31dd4bbc73458