View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.maven.plugins.gpg;
20  
21  import java.io.File;
22  
23  import org.eclipse.aether.DefaultRepositorySystemSession;
24  import org.eclipse.aether.internal.impl.DefaultLocalPathComposer;
25  import org.eclipse.aether.internal.impl.SimpleLocalRepositoryManagerFactory;
26  import org.eclipse.aether.repository.LocalRepository;
27  import org.junit.jupiter.api.Disabled;
28  import org.junit.jupiter.api.Test;
29  
30  /**
31   * Tests for {@link BcSigner}.
32   */
33  class BcSignerTest {
34  
35      /**
36       * Test for BC agent use. Disabled, as this test cannot run on CI, only on computer that have gpg-agent.
37       * The goal of this test is to prepare BC signer, but to be able to prepare, it needs passphrase for the
38       * passphrase protected signing key (provided in src/test/resources/signing-key.asc). Passphrase is "TEST"
39       * (without quotes, all caps). If you want to execute this test, remove disabled annotation and run it from
40       * IDE (or whatever is your preferred way). On first run, Agent will pop a dialogue asking for password,
41       * and it will cache your response, so subsequent invocation will NOT ask for password.
42       * <p>
43       * IF you enter correct password ("TEST"), the test will pass (prepare will execute without any issue).
44       * IF you enter incorrect password, the test will fail with some message like:
45       * {@code org.apache.maven.plugin.MojoFailureException: org.bouncycastle.openpgp.PGPException: checksum mismatch at in checksum of 20 bytes}
46       * and this would cause plugin failure as well.
47       * <p>
48       * On Un*x, to make agent "forget" what you entered, use {@code gpg-connect-agent RELOADAGENT} command. To exit use
49       * Ctrl+D (EOF).
50       */
51      @Disabled
52      @Test
53      void testAgent() throws Exception {
54          DefaultRepositorySystemSession session = new DefaultRepositorySystemSession();
55          session.setLocalRepositoryManager(new SimpleLocalRepositoryManagerFactory(new DefaultLocalPathComposer())
56                  .newInstance(session, new LocalRepository("target/local-repo")));
57          // first: interactive session: it will pop up a pinentry dialogue, enter "TEST"
58          BcSigner signer = new BcSigner(
59                  session,
60                  "unimportant",
61                  "unimportant",
62                  ".gnupg/S.gpg-agent",
63                  new File("src/test/resources/signing-key.asc").getAbsolutePath(),
64                  null);
65          signer.setUseAgent(true);
66          signer.setInteractive(true);
67          signer.prepare();
68  
69          // second: non-interactive: will use agent but no 2nd popup will appear
70          signer = new BcSigner(
71                  session,
72                  "unimportant",
73                  "unimportant",
74                  ".gnupg/S.gpg-agent",
75                  new File("src/test/resources/signing-key.asc").getAbsolutePath(),
76                  null);
77          signer.setUseAgent(true);
78          signer.setInteractive(false);
79          signer.prepare();
80      }
81  }