Compatibility with GnuPG 1.x and 2.x, auto-detect GnuPG version

* aptly can sign and verify without issues with GnuPG 1.x and 2.x * aptly auto-detects GnuPG version and adapts accordingly * aptly automatically finds suitable GnuPG version Majority of the work was to get unit-tests which can work with GnuPG 1.x & 2.x. Locally I've verified that aptly supports GnuPG 1.4.x & 2.2.x. Travis CI environment is based on trusty, so it runs gpg2 tests with GnuPG 2.0.x. Configuration parameter gpgProvider now supports three values for GnuPG: * gpg (same as before, default): use GnuPG 1.x if available (checks gpg, gpg1), otherwise uses GnuPG 2.x; for aptly users who already have GnuPG 1.x environment (as it was the only supported version) nothing should change; new users might start with GnuPG 2.x if that's their installed version * gpg1 looks for GnuPG 1.x only, fails otherwise * gpg2 looks for GnuPG 2.x only, fails otherwise
2026-05-05 22:08:27 +00:00 · 2018-07-14 00:00:43 +03:00
parent 702c1ff217
commit 1b2fccb615
25 changed files with 559 additions and 93 deletions
--- a/pgp/sign_test.go
+++ b/pgp/sign_test.go
@@ -20,6 +20,12 @@ type SignerSuite struct {
 	cleartext []byte

 	passwordFile string
+
+	keyringNoPassphrase [2]string
+	keyringPassphrase   [2]string
+
+	noPassphraseKey Key
+	passphraseKey   Key
 }

 func (s *SignerSuite) SetUpTest(c *C) {
@@ -70,20 +76,23 @@ func (s *SignerSuite) testSignDetached(c *C) {
 }

 func (s *SignerSuite) TestSignDetachedNoPassphrase(c *C) {
-	s.signer.SetKeyRing("keyrings/aptly.pub", "keyrings/aptly.sec")
+	s.signer.SetKey(string(s.noPassphraseKey))
+	s.signer.SetKeyRing(s.keyringNoPassphrase[0], s.keyringNoPassphrase[1])

 	s.testSignDetached(c)
 }

 func (s *SignerSuite) TestSignDetachedPassphrase(c *C) {
-	s.signer.SetKeyRing("keyrings/aptly_passphrase.pub", "keyrings/aptly_passphrase.sec")
+	s.signer.SetKey(string(s.passphraseKey))
+	s.signer.SetKeyRing(s.keyringPassphrase[0], s.keyringPassphrase[1])
 	s.signer.SetPassphrase("verysecret", "")

 	s.testSignDetached(c)
 }

 func (s *SignerSuite) TestSignDetachedPassphraseFile(c *C) {
-	s.signer.SetKeyRing("keyrings/aptly_passphrase.pub", "keyrings/aptly_passphrase.sec")
+	s.signer.SetKey(string(s.passphraseKey))
+	s.signer.SetKeyRing(s.keyringPassphrase[0], s.keyringPassphrase[1])
 	s.signer.SetPassphrase("", s.passwordFile)

 	s.testSignDetached(c)
@@ -114,21 +123,24 @@ func (s *SignerSuite) testClearSign(c *C, expectedKey Key) {
 }

 func (s *SignerSuite) TestClearSignNoPassphrase(c *C) {
-	s.signer.SetKeyRing("keyrings/aptly.pub", "keyrings/aptly.sec")
+	s.signer.SetKey(string(s.noPassphraseKey))
+	s.signer.SetKeyRing(s.keyringNoPassphrase[0], s.keyringNoPassphrase[1])

-	s.testClearSign(c, "21DBB89C16DB3E6D")
+	s.testClearSign(c, s.noPassphraseKey)
 }

 func (s *SignerSuite) TestClearSignPassphrase(c *C) {
-	s.signer.SetKeyRing("keyrings/aptly_passphrase.pub", "keyrings/aptly_passphrase.sec")
+	s.signer.SetKey(string(s.passphraseKey))
+	s.signer.SetKeyRing(s.keyringPassphrase[0], s.keyringPassphrase[1])
 	s.signer.SetPassphrase("verysecret", "")

-	s.testClearSign(c, "F30E8CB9CDDE2AF8")
+	s.testClearSign(c, s.passphraseKey)
 }

 func (s *SignerSuite) TestClearSignPassphraseFile(c *C) {
-	s.signer.SetKeyRing("keyrings/aptly_passphrase.pub", "keyrings/aptly_passphrase.sec")
+	s.signer.SetKey(string(s.passphraseKey))
+	s.signer.SetKeyRing(s.keyringPassphrase[0], s.keyringPassphrase[1])
 	s.signer.SetPassphrase("", s.passwordFile)

-	s.testClearSign(c, "F30E8CB9CDDE2AF8")
+	s.testClearSign(c, s.passphraseKey)
 }