You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

239 lines
9.3 KiB

  1. #!/bin/sh
  2. set -e
  3. TESTDIR="$(readlink -f "$(dirname "$0")")"
  4. . "$TESTDIR/framework"
  5. setupenvironment
  6. configarchitecture 'amd64'
  7. # start from a clean plate again
  8. cleanplate() {
  9. rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
  10. mkdir rootdir/etc/apt/trusted.gpg.d/
  11. }
  12. createlistofkeys() {
  13. while [ -n "$1" ]; do
  14. # gpg 2.1 has a slightly different output format
  15. if grep -q ' rsa2048/' aptkey.list; then
  16. case "$1" in
  17. *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18';;
  18. *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
  19. *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16';;
  20. *) echo 'UNKNOWN KEY';;
  21. esac
  22. else
  23. case "$1" in
  24. *Joe*|*Sixpack*) echo 'pub 2048R/DBAC8DAE 2010-08-18';;
  25. *Rex*|*Expired*) echo 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
  26. *Marvin*|*Paranoid*) echo 'pub 2048R/528144E2 2011-01-16';;
  27. *) echo 'UNKNOWN KEY';;
  28. esac
  29. fi
  30. shift
  31. done
  32. }
  33. testaptkeys() {
  34. if ! aptkey list | grep '^pub' > aptkey.list; then
  35. echo -n > aptkey.list
  36. fi
  37. testfileequal './aptkey.list' "$(createlistofkeys "$@")"
  38. }
  39. echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
  40. APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf
  41. testrun() {
  42. cleanplate
  43. ln -sf "${TMPWORKINGDIRECTORY}/keys/joesixpack.pub" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  44. msgtest 'Check that paths in list output are not' 'double-slashed'
  45. aptkey list 2>&1 | grep -q '//' && msgfail || msgpass
  46. msgtest 'Check that paths in finger output are not' 'double-slashed'
  47. aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass
  48. testaptkeys 'Joe Sixpack'
  49. testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
  50. gpg: Total number processed: 1
  51. gpg: unchanged: 1' aptkey --fakeroot update
  52. testaptkeys 'Joe Sixpack'
  53. testfailure test -e rootdir/etc/apt/trusted.gpg
  54. testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
  55. msgtest 'Check if trusted.gpg is created with permissions set to' '0644'
  56. if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then
  57. msgpass
  58. else
  59. msgfail
  60. fi
  61. testaptkeys 'Rex Expired' 'Joe Sixpack'
  62. msgtest 'Check that Sixpack key can be' 'exported'
  63. aptkey export 'Sixpack' > aptkey.export
  64. aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall
  65. testsuccess --nomsg cmp aptkey.export aptkey.exportall
  66. testsuccess test -s aptkey.export
  67. testsuccess test -s aptkey.exportall
  68. msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
  69. testsuccess --nomsg aptkey --fakeroot update
  70. testaptkeys 'Joe Sixpack'
  71. msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
  72. testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE
  73. testaptkeys 'Joe Sixpack'
  74. testsuccess aptkey --fakeroot del DBAC8DAE
  75. testempty aptkey list
  76. msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
  77. cleanplate
  78. cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  79. testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
  80. testempty aptkey list
  81. msgtest 'Test key removal with' 'single key in real file'
  82. cleanplate
  83. cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  84. testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
  85. testempty aptkey list
  86. testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  87. testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
  88. msgtest 'Test key removal with' 'long key ID'
  89. cleanplate
  90. cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  91. testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
  92. testempty aptkey list
  93. testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  94. testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
  95. msgtest 'Test key removal with' 'fingerprint'
  96. cleanplate
  97. cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  98. testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
  99. testempty aptkey list
  100. testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  101. testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
  102. msgtest 'Test key removal with' 'single key in softlink'
  103. cleanplate
  104. ln -s "$(readlink -f ./keys/joesixpack.pub)" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  105. testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
  106. testempty aptkey list
  107. testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  108. testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
  109. cleanplate
  110. testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
  111. ln -sf "$(readlink -f ./keys/marvinparanoid.pub)" "./keys/marvin paránöid.pub"
  112. testsuccess aptkey --fakeroot add "./keys/marvin paránöid.pub"
  113. testaptkeys 'Joe Sixpack' 'Marvin Paranoid'
  114. cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse
  115. msgtest 'Test key removal with' 'multi key in real file'
  116. cleanplate
  117. cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
  118. testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
  119. testaptkeys 'Marvin Paranoid'
  120. testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
  121. msgtest 'Test key removal with' 'multi key in softlink'
  122. cleanplate
  123. ln -s "$(readlink -f ./keys/testcase-multikey.pub)" rootdir/etc/apt/trusted.gpg.d/multikey.gpg
  124. testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
  125. testaptkeys 'Marvin Paranoid'
  126. testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
  127. testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
  128. testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
  129. msgtest 'Test key removal with' 'multiple files including key'
  130. cleanplate
  131. cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  132. cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
  133. testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
  134. testaptkeys 'Marvin Paranoid'
  135. testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  136. testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
  137. testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
  138. cleanplate
  139. cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  140. cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
  141. testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
  142. msgtest 'Test merge-back of' 'added keys'
  143. testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub
  144. testaptkeys 'Rex Expired' 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
  145. msgtest 'Test merge-back of' 'removed keys'
  146. testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
  147. testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
  148. msgtest 'Test merge-back of' 'removed duplicate keys'
  149. testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
  150. testaptkeys 'Marvin Paranoid'
  151. cleanplate
  152. cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
  153. cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
  154. msgtest 'Test signing a file' 'with a key'
  155. echo 'Verify me. This is my signature.' > signature
  156. testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
  157. adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
  158. for GPGV in '' 'gpgv' 'gpgv2'; do
  159. echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd
  160. msgtest 'Test verify a file' 'with all keys'
  161. testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature
  162. msgtest 'Test verify a file' 'with good keyring'
  163. testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature
  164. msgtest 'Test fail verify a file' 'with bad keyring'
  165. testfailure --nomsg aptkey --quiet --readonly --keyring keys/joesixpack.pub verify signature.gpg signature
  166. msgtest 'Test fail verify a file' 'with non-existing keyring'
  167. testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
  168. testfailure test -e keys/does-not-exist.pub
  169. # note: this isn't how apts gpgv method implements keyid for verify
  170. msgtest 'Test verify a file' 'with good keyid'
  171. testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature
  172. msgtest 'Test fail verify a file' 'with bad keyid'
  173. testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify signature.gpg signature
  174. msgtest 'Test fail verify a file' 'with non-existing keyid'
  175. testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
  176. msgtest 'Test verify fails on' 'bad file'
  177. echo 'lalalalala' > signature2
  178. testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
  179. done
  180. }
  181. setupgpgcommand() {
  182. echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd
  183. msgmsg 'Force tests to be run with' "$1"
  184. testsuccess aptkey --readonly adv --version
  185. cp rootdir/tmp/testsuccess.output aptkey.version
  186. testsuccess grep "^gpg (GnuPG) $2\." aptkey.version
  187. }
  188. # run with default (whatever this is)
  189. testrun
  190. # run with …
  191. setupgpgcommand 'gpg' '1'
  192. testrun
  193. setupgpgcommand 'gpg2' '2'
  194. testrun