1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 */ 19 package org.apache.maven.plugins.gpg; 20 21 import java.io.File; 22 23 import org.eclipse.aether.DefaultRepositorySystemSession; 24 import org.eclipse.aether.internal.impl.DefaultLocalPathComposer; 25 import org.eclipse.aether.internal.impl.SimpleLocalRepositoryManagerFactory; 26 import org.eclipse.aether.repository.LocalRepository; 27 import org.junit.jupiter.api.Disabled; 28 import org.junit.jupiter.api.Test; 29 30 /** 31 * Tests for {@link BcSigner}. 32 */ 33 class BcSignerTest { 34 35 /** 36 * Test for BC agent use. Disabled, as this test cannot run on CI, only on computer that have gpg-agent. 37 * The goal of this test is to prepare BC signer, but to be able to prepare, it needs passphrase for the 38 * passphrase protected signing key (provided in src/test/resources/signing-key.asc). Passphrase is "TEST" 39 * (without quotes, all caps). If you want to execute this test, remove disabled annotation and run it from 40 * IDE (or whatever is your preferred way). On first run, Agent will pop a dialogue asking for password, 41 * and it will cache your response, so subsequent invocation will NOT ask for password. 42 * <p> 43 * IF you enter correct password ("TEST"), the test will pass (prepare will execute without any issue). 44 * IF you enter incorrect password, the test will fail with some message like: 45 * {@code org.apache.maven.plugin.MojoFailureException: org.bouncycastle.openpgp.PGPException: checksum mismatch at in checksum of 20 bytes} 46 * and this would cause plugin failure as well. 47 * <p> 48 * On Un*x, to make agent "forget" what you entered, use {@code gpg-connect-agent RELOADAGENT} command. To exit use 49 * Ctrl+D (EOF). 50 */ 51 @Disabled 52 @Test 53 void testAgent() throws Exception { 54 DefaultRepositorySystemSession session = new DefaultRepositorySystemSession(); 55 session.setLocalRepositoryManager(new SimpleLocalRepositoryManagerFactory(new DefaultLocalPathComposer()) 56 .newInstance(session, new LocalRepository("target/local-repo"))); 57 // first: interactive session: it will pop up a pinentry dialogue, enter "TEST" 58 BcSigner signer = new BcSigner( 59 session, 60 "unimportant", 61 "unimportant", 62 ".gnupg/S.gpg-agent", 63 new File("src/test/resources/signing-key.asc").getAbsolutePath(), 64 null); 65 signer.setUseAgent(true); 66 signer.setInteractive(true); 67 signer.prepare(); 68 69 // second: non-interactive: will use agent but no 2nd popup will appear 70 signer = new BcSigner( 71 session, 72 "unimportant", 73 "unimportant", 74 ".gnupg/S.gpg-agent", 75 new File("src/test/resources/signing-key.asc").getAbsolutePath(), 76 null); 77 signer.setUseAgent(true); 78 signer.setInteractive(false); 79 signer.prepare(); 80 } 81 }