blob: e1be08c65150f2026317d8237a938c253cd6335e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
|
#!/bin/sh
set -e
TESTDIR=$(readlink -f $(dirname $0))
. $TESTDIR/framework
setupenvironment
configarchitecture 'amd64'
# start from a clean plate again
cleanplate() {
rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
mkdir rootdir/etc/apt/trusted.gpg.d/
}
testaptkeys() {
if ! aptkey list | grep '^pub' > aptkey.list; then
echo -n > aptkey.list
fi
testfileequal './aptkey.list' "$1"
}
echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf
testrun() {
cleanplate
ln -sf ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
msgtest 'Check that paths in list output are not' 'double-slashed'
aptkey list 2>&1 | grep -q '//' && msgfail || msgpass
msgtest 'Check that paths in finger output are not' 'double-slashed'
aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass
testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18'
testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1' aptkey --fakeroot update
testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18'
testfailure test -e rootdir/etc/apt/trusted.gpg
testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
msgtest 'Check if trusted.gpg is created with permissions set to' '0644'
if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then
msgpass
else
msgfail
fi
testaptkeys 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]
pub 2048R/DBAC8DAE 2010-08-18'
msgtest 'Check that Sixpack key can be' 'exported'
aptkey export 'Sixpack' > aptkey.export
aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall
testsuccess --nomsg cmp aptkey.export aptkey.exportall
testsuccess test -s aptkey.export
testsuccess test -s aptkey.exportall
msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
testsuccess --nomsg aptkey --fakeroot update
testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18'
msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE
testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18'
testsuccess aptkey --fakeroot del DBAC8DAE
testempty aptkey list
msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
cleanplate
cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
testempty aptkey list
msgtest 'Test key removal with' 'single key in real file'
cleanplate
cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
testempty aptkey list
testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
msgtest 'Test key removal with' 'long key ID'
cleanplate
cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
testempty aptkey list
testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
msgtest 'Test key removal with' 'fingerprint'
cleanplate
cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
testempty aptkey list
testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
msgtest 'Test key removal with' 'single key in softlink'
cleanplate
ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
testempty aptkey list
testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
cleanplate
testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
testsuccess aptkey --fakeroot add ./keys/marvinparanoid.pub
testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18
pub 2048R/528144E2 2011-01-16'
cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse
msgtest 'Test key removal with' 'multi key in real file'
cleanplate
cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
testaptkeys 'pub 2048R/528144E2 2011-01-16'
testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
msgtest 'Test key removal with' 'multi key in softlink'
cleanplate
ln -s $(readlink -f ./keys/testcase-multikey.pub) rootdir/etc/apt/trusted.gpg.d/multikey.gpg
testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
testaptkeys 'pub 2048R/528144E2 2011-01-16'
testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
msgtest 'Test key removal with' 'multiple files including key'
cleanplate
cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
testaptkeys 'pub 2048R/528144E2 2011-01-16'
testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
cleanplate
cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18
pub 2048R/DBAC8DAE 2010-08-18
pub 2048R/528144E2 2011-01-16'
msgtest 'Test merge-back of' 'added keys'
testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub
testaptkeys 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]
pub 2048R/DBAC8DAE 2010-08-18
pub 2048R/DBAC8DAE 2010-08-18
pub 2048R/528144E2 2011-01-16'
msgtest 'Test merge-back of' 'removed keys'
testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
testaptkeys 'pub 2048R/DBAC8DAE 2010-08-18
pub 2048R/DBAC8DAE 2010-08-18
pub 2048R/528144E2 2011-01-16'
msgtest 'Test merge-back of' 'removed duplicate keys'
testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
testaptkeys 'pub 2048R/528144E2 2011-01-16'
cleanplate
cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
msgtest 'Test signing a file' 'with a key'
echo 'Verify me. This is my signature.' > signature
testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
msgtest 'Test verify a file' 'with all keys'
testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature
msgtest 'Test verify a file' 'with good keyring'
testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature
msgtest 'Test fail verify a file' 'with bad keyring'
testfailure --nomsg aptkey --quiet --readonly --keyring keys/joesixpack.pub verify signature.gpg signature
msgtest 'Test fail verify a file' 'with non-existing keyring'
testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
testfailure test -e keys/does-not-exist.pub
msgtest 'Test verify a file' 'with good keyid'
testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature
msgtest 'Test fail verify a file' 'with bad keyid'
testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify signature.gpg signature
msgtest 'Test fail verify a file' 'with non-existing keyid'
testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
msgtest 'Test verify fails on' 'bad file'
echo 'lalalalala' > signature
testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature
}
setupgpgcommand() {
echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd
msgtest 'Test that apt-key uses for the following tests command' "$1"
aptkey adv --version >aptkey.version 2>&1
if grep -q "^Executing: $1 --" aptkey.version; then
msgpass
else
cat aptkey.version
msgfail
fi
}
# run with default (whatever this is)
testrun
# run with …
setupgpgcommand 'gpg'
testrun
setupgpgcommand 'gpg2'
testrun
|