1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
#!/bin/bash
set -e
SECRET="secret message"
# two GnuPG homedirs (A, B) represent different users
for x in A B; do
tmpdir="${AUTOPKGTEST_TMP}/gpg${x}"
declare gpg$x="gpg --homedir=${tmpdir} --quiet --batch --no-tty"
mkdir -m 0700 "$tmpdir"
done
# A has the secret key
$gpgA --debug-quick-random --pinentry-mode=loopback --passphrase '' \
--quick-gen-key 'Test User <test@example.org>' 2>&1
$gpgA --list-keys
# A publishes their pubkey to "the keyserver"
$gpgA --export test@example.org > "${AUTOPKGTEST_TMP}/pseudo-keyserver"
# A backs up their secret key
$gpgA --export-secret-key test@example.org | paperkey -o "${AUTOPKGTEST_TMP}/paperkey.backup"
# B is a peer who learns about A's key from "the keyserver"
$gpgB --import < "${AUTOPKGTEST_TMP}/pseudo-keyserver"
# B sends A a secret message
echo "$SECRET" | $gpgB --trust-model=always --recipient test@example.org --armor \
--encrypt > "${AUTOPKGTEST_TMP}/encrypted.asc"
# A drops their computer in the toilet
rm -rf "${AUTOPKGTEST_TMP}/gpgA"
mkdir -m 0700 "${AUTOPKGTEST_TMP}/gpgA"
# A sets up a new computer, and recovers their pubkey from the
# keyserver and their backup
paperkey --pubring="${AUTOPKGTEST_TMP}/pseudo-keyserver" \
< "${AUTOPKGTEST_TMP}/paperkey.backup" \
| $gpgA --import
# A tries to read the secret message
diff -u <($gpgA --decrypt < "${AUTOPKGTEST_TMP}/encrypted.asc") <(echo "$SECRET")
|
