]> git.saurik.com Git - apt.git/blame - test/integration/test-apt-key
reset HOME, USER(NAME), TMPDIR & SHELL in DropPrivileges
[apt.git] / test / integration / test-apt-key
CommitLineData
80f3aeb0
DK
1#!/bin/sh
2set -e
3
bc8f83a5
DK
4# apt-key is a shell script, so relatively prune to be effected by 'crazy' things:
5# confuses config parser as there exists no way of escaping " currently.
6#TMPDIR="$(mktemp -d)/This is \"fü\$\$ing cràzy\", \$(man man | head -n1 | cut -d' ' -f 1)\$!"
7# gpg doesn't like | in path names – documented e.g. in the man gpg2 --agent-program
8#TMPDIR="$(mktemp -d)/This is fü\$\$ing cràzy, \$(man man | head -n1 | cut -d' ' -f 1)\$!"
9TMPDIR_ADD="This is fü\$\$ing cràzy, \$(apt -v)\$!"
10
3abb6a6a
DK
11TESTDIR="$(readlink -f "$(dirname "$0")")"
12. "$TESTDIR/framework"
80f3aeb0
DK
13
14setupenvironment
15configarchitecture 'amd64'
16
93d0d08c
DK
17# start from a clean plate again
18cleanplate() {
0cfec3ab
DK
19 rm -rf "${ROOTDIR}/etc/apt/trusted.gpg.d/" "${ROOTDIR}/etc/apt/trusted.gpg"
20 mkdir "${ROOTDIR}/etc/apt/trusted.gpg.d/"
93d0d08c 21}
fb7b11eb
DK
22testmultigpg() {
23 testfailure --nomsg aptkey --quiet --readonly "$@"
0cfec3ab
DK
24 testsuccess grep "^gpgv: Can't check signature" "${ROOTDIR}/tmp/testfailure.output"
25 testsuccess grep '^gpgv: Good signature from' "${ROOTDIR}/tmp/testfailure.output"
fb7b11eb 26}
80f3aeb0 27
93d0d08c 28testrun() {
0cfec3ab
DK
29 echo "APT::Key::ArchiveKeyring \"${KEYDIR}/joesixpack.pub\";
30APT::Key::RemovedKeys \"${KEYDIR}/rexexpired.pub\";" > "${ROOTDIR}/etc/apt/apt.conf.d/aptkey.conf"
31
93d0d08c 32 cleanplate
0cfec3ab
DK
33 ln -sf "$(readlink -f "${KEYDIR}/joesixpack.pub")" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
34 testaptkeys 'Joe Sixpack'
80f3aeb0 35
0cfec3ab 36 testsuccess aptkey list
93d0d08c 37 msgtest 'Check that paths in list output are not' 'double-slashed'
0cfec3ab 38 testfailure --nomsg grep '//' "${ROOTDIR}/tmp/testsuccess.output"
80f3aeb0 39
0cfec3ab 40 testsuccess aptkey finger
93d0d08c 41 msgtest 'Check that paths in finger output are not' 'double-slashed'
0cfec3ab 42 testfailure --nomsg grep '//' "${ROOTDIR}/tmp/testsuccess.output"
80f3aeb0 43
19fdf93d
DK
44 testequalor2 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
45gpg: Total number processed: 1
46gpg: unchanged: 1' 'gpg: key 5A90D141DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
93d0d08c
DK
47gpg: Total number processed: 1
48gpg: unchanged: 1' aptkey --fakeroot update
80f3aeb0 49
f14cde2c 50 testaptkeys 'Joe Sixpack'
0cfec3ab 51 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg"
f14cde2c 52
0cfec3ab
DK
53 testsuccess aptkey --fakeroot add "${KEYDIR}/rexexpired.pub"
54 testfilestats "${ROOTDIR}/etc/apt/trusted.gpg" '%a' '=' '644'
04937adc 55
f14cde2c 56 testaptkeys 'Rex Expired' 'Joe Sixpack'
04937adc 57
38005d8b 58 msgtest 'Check that Sixpack key can be' 'exported'
0cfec3ab
DK
59 aptkey export 'Sixpack' > "${TMPWORKINGDIRECTORY}/aptkey.export"
60 aptkey --keyring "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg" exportall > "${TMPWORKINGDIRECTORY}/aptkey.exportall"
61 testsuccess --nomsg cmp "${TMPWORKINGDIRECTORY}/aptkey.export" "${TMPWORKINGDIRECTORY}/aptkey.exportall"
62 testsuccess test -s "${TMPWORKINGDIRECTORY}/aptkey.export"
63 testsuccess test -s "${TMPWORKINGDIRECTORY}/aptkey.exportall"
38005d8b 64
93d0d08c
DK
65 msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
66 testsuccess --nomsg aptkey --fakeroot update
67
f14cde2c 68 testaptkeys 'Joe Sixpack'
93d0d08c
DK
69
70 msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
0cfec3ab 71 testsuccess --nomsg aptkey --fakeroot --keyring "${ROOTDIR}/etc/apt/trusted.gpg" del DBAC8DAE
93d0d08c 72
f14cde2c 73 testaptkeys 'Joe Sixpack'
93d0d08c
DK
74
75 testsuccess aptkey --fakeroot del DBAC8DAE
76 testempty aptkey list
77
b0d40854 78 msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
05f64ca2 79 cleanplate
0cfec3ab 80 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
05f64ca2
DK
81 testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
82 testempty aptkey list
83
105503b4
DK
84 if [ "$(id -u)" != '0' ]; then
85 msgtest 'Test key removal with' 'unreadable key'
86 cleanplate
87 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
88 echo 'foobar' > "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
89 chmod 000 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
90 testwarning --nomsg aptkey --fakeroot del d141dbac8dae
91 testwarning aptkey list
92 chmod 644 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
93 rm -f "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
94 grep -v '^W: ' "${ROOTDIR}/tmp/testwarning.output" > "${ROOTDIR}/aptkeylist.output" || true
95 testempty cat "${ROOTDIR}/aptkeylist.output"
96 fi
97
93d0d08c
DK
98 msgtest 'Test key removal with' 'single key in real file'
99 cleanplate
0cfec3ab 100 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
93d0d08c
DK
101 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
102 testempty aptkey list
0cfec3ab
DK
103 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
104 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
93d0d08c 105
031a3f25
DK
106 msgtest 'Test key removal with' 'different key specs'
107 cleanplate
0cfec3ab
DK
108 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
109 cp -a "${KEYDIR}/marvinparanoid.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/marvinparanoid.gpg"
031a3f25
DK
110 testsuccess --nomsg aptkey --fakeroot del 0xDBAC8DAE 528144E2
111 testempty aptkey list
0cfec3ab
DK
112 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
113 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
114 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/marvinparanoid.gpg"
115 testsuccess cmp "${KEYDIR}/marvinparanoid.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/marvinparanoid.gpg~"
031a3f25 116
29f1b977
JM
117 msgtest 'Test key removal with' 'long key ID'
118 cleanplate
0cfec3ab 119 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
29f1b977
JM
120 testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
121 testempty aptkey list
0cfec3ab
DK
122 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
123 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
29f1b977 124
ba72845c
DK
125 msgtest 'Test key removal with' 'fingerprint'
126 cleanplate
0cfec3ab 127 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
ba72845c
DK
128 testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
129 testempty aptkey list
0cfec3ab
DK
130 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
131 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
ba72845c 132
e289907f
DK
133 msgtest 'Test key removal with' 'spaced fingerprint'
134 cleanplate
135 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
136 testsuccess --nomsg aptkey --fakeroot del '34A8 E9D1 8DB3 20F3 67E8 EAA0 5A90 D141 DBAC 8DAE'
137 testempty aptkey list
138 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
139 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
140
93d0d08c
DK
141 msgtest 'Test key removal with' 'single key in softlink'
142 cleanplate
0cfec3ab 143 ln -s "$(readlink -f "${KEYDIR}/joesixpack.pub")" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
93d0d08c
DK
144 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
145 testempty aptkey list
0cfec3ab
DK
146 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
147 testsuccess test -L "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
93d0d08c
DK
148
149 cleanplate
0cfec3ab
DK
150 testsuccess aptkey --fakeroot add "${KEYDIR}/joesixpack.pub"
151 ln -sf "$(readlink -f "${KEYDIR}/marvinparanoid.pub")" "${KEYDIR}/marvin paránöid.pub"
152 testsuccess aptkey --fakeroot add "${KEYDIR}/marvin paránöid.pub"
f14cde2c 153 testaptkeys 'Joe Sixpack' 'Marvin Paranoid'
0cfec3ab 154 cp -a "${ROOTDIR}/etc/apt/trusted.gpg" "${KEYDIR}/testcase-multikey.pub" # store for reuse
93d0d08c
DK
155
156 msgtest 'Test key removal with' 'multi key in real file'
157 cleanplate
0cfec3ab 158 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
93d0d08c 159 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c 160 testaptkeys 'Marvin Paranoid'
0cfec3ab 161 testsuccess cmp "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg~"
93d0d08c
DK
162
163 msgtest 'Test key removal with' 'multi key in softlink'
164 cleanplate
0cfec3ab 165 ln -s "$(readlink -f "${KEYDIR}/testcase-multikey.pub")" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
93d0d08c 166 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c 167 testaptkeys 'Marvin Paranoid'
0cfec3ab
DK
168 testsuccess cmp "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg~"
169 testfailure test -L "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
170 testsuccess test -L "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg~"
93d0d08c
DK
171
172 msgtest 'Test key removal with' 'multiple files including key'
173 cleanplate
0cfec3ab
DK
174 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
175 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
93d0d08c 176 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c 177 testaptkeys 'Marvin Paranoid'
0cfec3ab
DK
178 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
179 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
180 testsuccess cmp "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg~"
0dae96a2
DK
181
182 cleanplate
0cfec3ab
DK
183 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
184 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
f14cde2c 185 testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2 186 msgtest 'Test merge-back of' 'added keys'
0cfec3ab 187 testsuccess --nomsg aptkey adv --batch --yes --import "${KEYDIR}/rexexpired.pub"
f14cde2c 188 testaptkeys 'Rex Expired' 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2
DK
189
190 msgtest 'Test merge-back of' 'removed keys'
191 testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
f14cde2c 192 testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2
DK
193
194 msgtest 'Test merge-back of' 'removed duplicate keys'
195 testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
f14cde2c 196 testaptkeys 'Marvin Paranoid'
b0d40854
DK
197
198 cleanplate
0cfec3ab
DK
199 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
200 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
201 local SIGNATURE="${TMPWORKINGDIRECTORY}/signature"
b0d40854 202 msgtest 'Test signing a file' 'with a key'
0cfec3ab
DK
203 echo 'Verify me. This is my signature.' > "$SIGNATURE"
204 echo 'lalalalala' > "${SIGNATURE}2"
205 testsuccess --nomsg aptkey --quiet --keyring "${KEYDIR}/marvinparanoid.pub" --secret-keyring "${KEYDIR}/marvinparanoid.sec" --readonly \
206 adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output "${SIGNATURE}.gpg" "${SIGNATURE}"
207 testsuccess test -s "${SIGNATURE}.gpg" -a -s "${SIGNATURE}"
b0d40854 208
2fac0dd5 209 msgtest 'Test verify a file' 'with no sig'
0cfec3ab 210 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/testcase-multikey.pub" verify "${SIGNATURE}" "${SIGNATURE}2"
2fac0dd5 211
19fdf93d 212 for GPGV in '' 'gpgv' 'gpgv1' 'gpgv2'; do
0cfec3ab 213 echo "APT::Key::GPGVCommand \"$GPGV\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd"
19fdf93d 214 if [ -n "$GPGV" ] && ! command dpkg -l gnupg1 2>&1 | grep -q '^ii'; then continue; fi
f14cde2c
DK
215
216 msgtest 'Test verify a file' 'with all keys'
0cfec3ab 217 testsuccess --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}"
b0d40854 218
105503b4
DK
219 if [ "$(id -u)" != '0' ]; then
220 msgtest 'Test verify a file' 'with unreadable key'
221 echo 'foobar' > "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
222 chmod 000 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
223 testwarning --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}"
224 testwarning aptkey list
225 chmod 644 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
226 rm -f "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
227 fi
228
f14cde2c 229 msgtest 'Test verify a file' 'with good keyring'
0cfec3ab 230 testsuccess --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/testcase-multikey.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
b0d40854 231
f14cde2c 232 msgtest 'Test fail verify a file' 'with bad keyring'
0cfec3ab 233 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/joesixpack.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
b0d40854 234
f14cde2c 235 msgtest 'Test fail verify a file' 'with non-existing keyring'
0cfec3ab
DK
236 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/does-not-exist.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
237 testfailure test -e "${KEYDIR}/does-not-exist.pub"
b0d40854 238
4e03c47d 239 # note: this isn't how apts gpgv method implements keyid for verify
f14cde2c 240 msgtest 'Test verify a file' 'with good keyid'
0cfec3ab 241 testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
b0d40854 242
f14cde2c 243 msgtest 'Test fail verify a file' 'with bad keyid'
0cfec3ab 244 testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
b0d40854 245
f14cde2c 246 msgtest 'Test fail verify a file' 'with non-existing keyid'
0cfec3ab 247 testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
f14cde2c
DK
248
249 msgtest 'Test verify fails on' 'bad file'
0cfec3ab 250 testfailure --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}2"
f14cde2c 251 done
0cfec3ab 252 rm -f "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd"
fb7b11eb
DK
253
254 msgtest 'Test verify a file' 'with good keyring'
0cfec3ab 255 testsuccess --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/testcase-multikey.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
fb7b11eb
DK
256
257 cleanplate
0cfec3ab
DK
258 cat "${KEYDIR}/joesixpack.pub" "${KEYDIR}/marvinparanoid.pub" > "${KEYDIR}/double.pub"
259 cat "${KEYDIR}/joesixpack.sec" "${KEYDIR}/marvinparanoid.sec" > "${KEYDIR}/double.sec"
260 cp -a "${KEYDIR}/double.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/double.gpg"
261 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
262 rm -f "${SIGNATURE}.gpg"
263 testsuccess aptkey --quiet --keyring "${KEYDIR}/double.pub" --secret-keyring "${KEYDIR}/double.sec" --readonly \
264 adv --batch --yes -u 'Marvin' -u 'Joe' --armor --detach-sign --sign --output "${SIGNATURE}.gpg" "${SIGNATURE}"
265 testsuccess test -s "${SIGNATURE}.gpg" -a -s "${SIGNATURE}"
fb7b11eb 266
19fdf93d 267 for GPGV in '' 'gpgv' 'gpgv1' 'gpgv2'; do
0cfec3ab 268 echo "APT::Key::GPGVCommand \"$GPGV\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd"
19fdf93d 269 if [ -n "$GPGV" ] && ! command dpkg -l gnupg1 2>&1 | grep -q '^ii'; then continue; fi
fb7b11eb
DK
270
271 msgtest 'Test verify a doublesigned file' 'with all keys'
0cfec3ab 272 testsuccess --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}"
fb7b11eb
DK
273
274 msgtest 'Test verify a doublesigned file' 'with good keyring joe'
0cfec3ab 275 testmultigpg --keyring "${KEYDIR}/joesixpack.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
fb7b11eb
DK
276
277 msgtest 'Test verify a doublesigned file' 'with good keyring marvin'
0cfec3ab 278 testmultigpg --keyring "${KEYDIR}/marvinparanoid.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
fb7b11eb
DK
279
280 msgtest 'Test fail verify a doublesigned file' 'with bad keyring'
0cfec3ab 281 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/rexexpired.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
fb7b11eb
DK
282
283 msgtest 'Test fail verify a doublesigned file' 'with non-existing keyring'
0cfec3ab
DK
284 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/does-not-exist.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
285 testfailure test -e "${KEYDIR}/does-not-exist.pub"
fb7b11eb
DK
286
287 # note: this isn't how apts gpgv method implements keyid for verify
288 msgtest 'Test verify a doublesigned file' 'with good keyid'
0cfec3ab 289 testmultigpg --keyid 'Paranoid' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
fb7b11eb
DK
290
291 msgtest 'Test fail verify a doublesigned file' 'with bad keyid'
0cfec3ab 292 testfailure --nomsg aptkey --quiet --readonly --keyid 'Rex' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
fb7b11eb
DK
293
294 msgtest 'Test fail verify a doublesigned file' 'with non-existing keyid'
0cfec3ab 295 testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
fb7b11eb
DK
296
297 msgtest 'Test verify fails on' 'bad doublesigned file'
0cfec3ab 298 testfailure --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}2"
fb7b11eb 299 done
0cfec3ab 300 rm -f "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd"
93d0d08c 301}
04937adc 302
93d0d08c 303setupgpgcommand() {
19fdf93d
DK
304 local GPGEXE;
305 if command dpkg -l gnupg1 2>&1 | grep -q '^ii'; then
306 if [ "$1" = '1' ]; then
307 GPGEXE='gpg1'
308 else
309 GPGEXE='gpg'
310 fi
311 else
312 if [ "$1" = '1' ]; then
313 GPGEXE='gpg'
314 else
315 GPGEXE='gpg2'
316 fi
317 fi
318 msgmsg 'Force tests to be run with' "$GPGEXE"
319 echo "APT::Key::GPGCommand \"$GPGEXE\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgcmd"
f14cde2c 320 testsuccess aptkey --readonly adv --version
0cfec3ab 321 cp "${ROOTDIR}/tmp/testsuccess.output" "${TMPWORKINGDIRECTORY}/aptkey.version"
19fdf93d 322 testsuccess grep "^gpg (GnuPG) $1\." "${TMPWORKINGDIRECTORY}/aptkey.version"
04937adc
DK
323}
324
0cfec3ab
DK
325# run with default (whatever this is) in current CWD with relative paths
326ROOTDIR="./rootdir"
327KEYDIR="./keys"
93d0d08c 328testrun
0cfec3ab
DK
329
330# run with … and up the game with a strange CWD & absolute paths
331ROOTDIR="${TMPWORKINGDIRECTORY}/rootdir"
332KEYDIR="${TMPWORKINGDIRECTORY}/keys"
333mkdir inaccessible
334cd inaccessible
335chmod 600 ../inaccessible
336testfilestats "${TMPWORKINGDIRECTORY}/inaccessible" '%a' '=' '600'
337
19fdf93d 338setupgpgcommand '1'
93d0d08c 339testrun
19fdf93d 340setupgpgcommand '2'
93d0d08c 341testrun