From fb7b11ebb852fa255053ecab605bc9cfe9de0603 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 29 Apr 2016 00:31:49 +0200 Subject: don't show NO_PUBKEY warning if repo is signed by another key MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Daniel Kahn Gillmor highlights in the bugreport that security isn't improving by having the user import additional keys – especially as importing keys securely is hard. The bugreport was initially about dropping the warning to a notice, but in given the previously mentioned observation and the fact that we weren't printing a warning (or a notice) for expired or revoked keys providing a signature we drop it completely as the code to display a message if this was the only key is in another path – and is considered critical. Closes: 618445 --- test/integration/test-apt-key | 54 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 53 insertions(+), 1 deletion(-) (limited to 'test/integration/test-apt-key') diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key index 82b64963c..ddb9bf9d2 100755 --- a/test/integration/test-apt-key +++ b/test/integration/test-apt-key @@ -19,6 +19,11 @@ cleanplate() { rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg mkdir rootdir/etc/apt/trusted.gpg.d/ } +testmultigpg() { + testfailure --nomsg aptkey --quiet --readonly "$@" + testsuccess grep "^gpgv: Can't check signature" rootdir/tmp/testfailure.output + testsuccess grep '^gpgv: Good signature from' rootdir/tmp/testfailure.output +} echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub"; APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf @@ -178,7 +183,6 @@ gpg: unchanged: 1' aptkey --fakeroot update adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature testsuccess test -s signature.gpg -a -s signature - for GPGV in '' 'gpgv' 'gpgv2'; do echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd @@ -209,6 +213,54 @@ gpg: unchanged: 1' aptkey --fakeroot update echo 'lalalalala' > signature2 testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2 done + rm -f rootdir/etc/apt/apt.conf.d/00gpgvcmd + + msgtest 'Test verify a file' 'with good keyring' + testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature + + cleanplate + cat keys/joesixpack.pub keys/marvinparanoid.pub > keys/double.pub + cat keys/joesixpack.sec keys/marvinparanoid.sec > keys/double.sec + cp -a keys/double.pub rootdir/etc/apt/trusted.gpg.d/double.gpg + cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg + testsuccess aptkey --quiet --keyring keys/double.pub --secret-keyring keys/double.sec --readonly \ + adv --batch --yes -u 'Marvin' -u 'Joe' --armor --detach-sign --sign --output signature.gpg signature + testsuccess test -s signature.gpg -a -s signature + + for GPGV in '' 'gpgv' 'gpgv2'; do + echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd + + msgtest 'Test verify a doublesigned file' 'with all keys' + testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature + + msgtest 'Test verify a doublesigned file' 'with good keyring joe' + testmultigpg --keyring keys/joesixpack.pub verify signature.gpg signature + + msgtest 'Test verify a doublesigned file' 'with good keyring marvin' + testmultigpg --keyring keys/marvinparanoid.pub verify signature.gpg signature + + msgtest 'Test fail verify a doublesigned file' 'with bad keyring' + testfailure --nomsg aptkey --quiet --readonly --keyring keys/rexexpired.pub verify signature.gpg signature + + msgtest 'Test fail verify a doublesigned file' 'with non-existing keyring' + testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature + testfailure test -e keys/does-not-exist.pub + + # note: this isn't how apts gpgv method implements keyid for verify + msgtest 'Test verify a doublesigned file' 'with good keyid' + testmultigpg --keyid 'Paranoid' verify signature.gpg signature + + msgtest 'Test fail verify a doublesigned file' 'with bad keyid' + testfailure --nomsg aptkey --quiet --readonly --keyid 'Rex' verify signature.gpg signature + + msgtest 'Test fail verify a doublesigned file' 'with non-existing keyid' + testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature + + msgtest 'Test verify fails on' 'bad doublesigned file' + echo 'lalalalala' > signature2 + testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2 + done + rm -f rootdir/etc/apt/apt.conf.d/00gpgvcmd } setupgpgcommand() { -- cgit v1.2.3