[apt.git] / test / integration / test-apt-key

#!/bin/sh
set -e

# apt-key is a shell script, so relatively prune to be effected by 'crazy' things:
# confuses config parser as there exists no way of escaping " currently.
#TMPDIR="$(mktemp -d)/This is \"fü\$\$ing cràzy\", \$(man man | head -n1 | cut -d' ' -f 1)\$!"
# gpg doesn't like | in path names – documented e.g. in the man gpg2 --agent-program
#TMPDIR="$(mktemp -d)/This is fü\$\$ing cràzy, \$(man man | head -n1 | cut -d' ' -f 1)\$!"
TMPDIR_ADD="This is fü\$\$ing cràzy, \$(apt -v)\$!"

TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"

setupenvironment
configarchitecture 'amd64'

# start from a clean plate again
cleanplate() {
	rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
	mkdir rootdir/etc/apt/trusted.gpg.d/
}

echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf

testrun() {
	cleanplate
	ln -sf "${TMPWORKINGDIRECTORY}/keys/joesixpack.pub" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg

	msgtest 'Check that paths in list output are not' 'double-slashed'
	aptkey list 2>&1 | grep -q '//' && msgfail || msgpass

	msgtest 'Check that paths in finger output are not' 'double-slashed'
	aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass
	testaptkeys 'Joe Sixpack'

	testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1' aptkey --fakeroot update

	testaptkeys 'Joe Sixpack'
	testfailure test -e rootdir/etc/apt/trusted.gpg

	testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
	msgtest 'Check if trusted.gpg is created with permissions set to' '0644'
	if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then
		msgpass
	else
		msgfail
	fi

	testaptkeys 'Rex Expired' 'Joe Sixpack'

	msgtest 'Check that Sixpack key can be' 'exported'
	aptkey export 'Sixpack' > aptkey.export
	aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall
	testsuccess --nomsg cmp aptkey.export aptkey.exportall
	testsuccess test -s aptkey.export
	testsuccess test -s aptkey.exportall

	msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
	testsuccess --nomsg aptkey --fakeroot update

	testaptkeys 'Joe Sixpack'

	msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
	testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE

	testaptkeys 'Joe Sixpack'

	testsuccess aptkey --fakeroot del DBAC8DAE
	testempty aptkey list

	msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
	testempty aptkey list

	msgtest 'Test key removal with' 'single key in real file'
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testempty aptkey list
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~

	msgtest 'Test key removal with' 'different key specs'
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	cp -a keys/marvinparanoid.pub rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg
	testsuccess --nomsg aptkey --fakeroot del 0xDBAC8DAE 528144E2
	testempty aptkey list
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg
	testsuccess cmp keys/marvinparanoid.pub rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg~

	msgtest 'Test key removal with' 'long key ID'
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
	testempty aptkey list
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~

	msgtest 'Test key removal with' 'fingerprint'
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
	testempty aptkey list
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~

	msgtest 'Test key removal with' 'single key in softlink'
	cleanplate
	ln -s "$(readlink -f ./keys/joesixpack.pub)" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testempty aptkey list
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~

	cleanplate
	testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
	ln -sf "$(readlink -f ./keys/marvinparanoid.pub)" "./keys/marvin paránöid.pub"
	testsuccess aptkey --fakeroot add "./keys/marvin paránöid.pub"
	testaptkeys 'Joe Sixpack' 'Marvin Paranoid'
	cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse

	msgtest 'Test key removal with' 'multi key in real file'
	cleanplate
	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testaptkeys 'Marvin Paranoid'
	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~

	msgtest 'Test key removal with' 'multi key in softlink'
	cleanplate
	ln -s "$(readlink -f ./keys/testcase-multikey.pub)" rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testaptkeys 'Marvin Paranoid'
	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
	testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~

	msgtest 'Test key removal with' 'multiple files including key'
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testaptkeys 'Marvin Paranoid'
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~

	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
	msgtest 'Test merge-back of' 'added keys'
	testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub
	testaptkeys 'Rex Expired' 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'

	msgtest 'Test merge-back of' 'removed keys'
	testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
	testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'

	msgtest 'Test merge-back of' 'removed duplicate keys'
	testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
	testaptkeys 'Marvin Paranoid'

	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	msgtest 'Test signing a file' 'with a key'
	echo 'Verify me. This is my signature.' > signature
	testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
		adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
	testsuccess test -s signature.gpg -a -s signature


	for GPGV in '' 'gpgv' 'gpgv2'; do
		echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd

		msgtest 'Test verify a file' 'with all keys'
		testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature

		msgtest 'Test verify a file' 'with good keyring'
		testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature

		msgtest 'Test fail verify a file' 'with bad keyring'
		testfailure --nomsg aptkey --quiet --readonly --keyring keys/joesixpack.pub verify signature.gpg signature

		msgtest 'Test fail verify a file' 'with non-existing keyring'
		testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
		testfailure test -e keys/does-not-exist.pub

		# note: this isn't how apts gpgv method implements keyid for verify
		msgtest 'Test verify a file' 'with good keyid'
		testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature

		msgtest 'Test fail verify a file' 'with bad keyid'
		testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify signature.gpg signature

		msgtest 'Test fail verify a file' 'with non-existing keyid'
		testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature

		msgtest 'Test verify fails on' 'bad file'
		echo 'lalalalala' > signature2
		testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
	done
}

setupgpgcommand() {
	echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd
	msgmsg 'Force tests to be run with' "$1"
	testsuccess aptkey --readonly adv --version
	cp rootdir/tmp/testsuccess.output aptkey.version
	testsuccess grep "^gpg (GnuPG) $2\." aptkey.version
}

# run with default (whatever this is)
testrun
# run with …
setupgpgcommand 'gpg' '1'
testrun
setupgpgcommand 'gpg2' '2'
testrun
Commit	Line	Data
80f3aeb0 DK	1	#!/bin/sh
	2	set -e
	3
bc8f83a5 DK	4	# apt-key is a shell script, so relatively prune to be effected by 'crazy' things:
	5	# confuses config parser as there exists no way of escaping " currently.
	6	#TMPDIR="$(mktemp -d)/This is \"fü\$\$ing cràzy\", \$(man man \| head -n1 \| cut -d' ' -f 1)\$!"
	7	# gpg doesn't like \| in path names – documented e.g. in the man gpg2 --agent-program
	8	#TMPDIR="$(mktemp -d)/This is fü\$\$ing cràzy, \$(man man \| head -n1 \| cut -d' ' -f 1)\$!"
	9	TMPDIR_ADD="This is fü\$\$ing cràzy, \$(apt -v)\$!"
	10
3abb6a6a DK	11	TESTDIR="$(readlink -f "$(dirname "$0")")"
3abb6a6a DK	12	. "$TESTDIR/framework"
80f3aeb0 DK	13
	14	setupenvironment
	15	configarchitecture 'amd64'
	16
93d0d08c DK	17	# start from a clean plate again
	18	cleanplate() {
	19	rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
	20	mkdir rootdir/etc/apt/trusted.gpg.d/
	21	}
80f3aeb0 DK	22
	23	echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
	24	APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf
	25
93d0d08c DK	26	testrun() {
93d0d08c DK	27	cleanplate
fecfbf2e	28	ln -sf "${TMPWORKINGDIRECTORY}/keys/joesixpack.pub" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
80f3aeb0	29
93d0d08c DK	30	msgtest 'Check that paths in list output are not' 'double-slashed'
93d0d08c DK	31	aptkey list 2>&1 \| grep -q '//' && msgfail \|\| msgpass
80f3aeb0	32
93d0d08c DK	33	msgtest 'Check that paths in finger output are not' 'double-slashed'
93d0d08c DK	34	aptkey finger 2>&1 \| grep -q '//' && msgfail \|\| msgpass
f14cde2c	35	testaptkeys 'Joe Sixpack'
80f3aeb0	36
25b86db1	37	testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
93d0d08c DK	38	gpg: Total number processed: 1
93d0d08c DK	39	gpg: unchanged: 1' aptkey --fakeroot update
80f3aeb0	40
f14cde2c	41	testaptkeys 'Joe Sixpack'
e52aad52	42	testfailure test -e rootdir/etc/apt/trusted.gpg
f14cde2c	43
93d0d08c	44	testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
8b32e72c DK	45	msgtest 'Check if trusted.gpg is created with permissions set to' '0644'
	46	if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then
	47	msgpass
	48	else
	49	msgfail
	50	fi
04937adc	51
f14cde2c	52	testaptkeys 'Rex Expired' 'Joe Sixpack'
04937adc	53
38005d8b DK	54	msgtest 'Check that Sixpack key can be' 'exported'
	55	aptkey export 'Sixpack' > aptkey.export
	56	aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall
	57	testsuccess --nomsg cmp aptkey.export aptkey.exportall
	58	testsuccess test -s aptkey.export
	59	testsuccess test -s aptkey.exportall
	60
93d0d08c DK	61	msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
	62	testsuccess --nomsg aptkey --fakeroot update
	63
f14cde2c	64	testaptkeys 'Joe Sixpack'
93d0d08c DK	65
	66	msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
	67	testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE
	68
f14cde2c	69	testaptkeys 'Joe Sixpack'
93d0d08c DK	70
	71	testsuccess aptkey --fakeroot del DBAC8DAE
	72	testempty aptkey list
	73
b0d40854	74	msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
05f64ca2 DK	75	cleanplate
	76	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	77	testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
	78	testempty aptkey list
	79
93d0d08c DK	80	msgtest 'Test key removal with' 'single key in real file'
	81	cleanplate
	82	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	83	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	84	testempty aptkey list
e52aad52	85	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c DK	86	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
93d0d08c DK	87
031a3f25 DK	88	msgtest 'Test key removal with' 'different key specs'
	89	cleanplate
	90	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	91	cp -a keys/marvinparanoid.pub rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg
	92	testsuccess --nomsg aptkey --fakeroot del 0xDBAC8DAE 528144E2
	93	testempty aptkey list
	94	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	95	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
	96	testfailure test -e rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg
	97	testsuccess cmp keys/marvinparanoid.pub rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg~
	98
29f1b977 JM	99	msgtest 'Test key removal with' 'long key ID'
	100	cleanplate
	101	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	102	testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
	103	testempty aptkey list
e52aad52	104	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
29f1b977 JM	105	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
29f1b977 JM	106
ba72845c DK	107	msgtest 'Test key removal with' 'fingerprint'
	108	cleanplate
	109	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	110	testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
	111	testempty aptkey list
e52aad52	112	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
ba72845c DK	113	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
ba72845c DK	114
93d0d08c DK	115	msgtest 'Test key removal with' 'single key in softlink'
93d0d08c DK	116	cleanplate
fecfbf2e	117	ln -s "$(readlink -f ./keys/joesixpack.pub)" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c DK	118	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
93d0d08c DK	119	testempty aptkey list
e52aad52	120	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c DK	121	testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
	122
	123	cleanplate
	124	testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
fecfbf2e DK	125	ln -sf "$(readlink -f ./keys/marvinparanoid.pub)" "./keys/marvin paránöid.pub"
fecfbf2e DK	126	testsuccess aptkey --fakeroot add "./keys/marvin paránöid.pub"
f14cde2c	127	testaptkeys 'Joe Sixpack' 'Marvin Paranoid'
93d0d08c DK	128	cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse
	129
	130	msgtest 'Test key removal with' 'multi key in real file'
	131	cleanplate
	132	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	133	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c	134	testaptkeys 'Marvin Paranoid'
93d0d08c DK	135	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
	136
	137	msgtest 'Test key removal with' 'multi key in softlink'
	138	cleanplate
fecfbf2e	139	ln -s "$(readlink -f ./keys/testcase-multikey.pub)" rootdir/etc/apt/trusted.gpg.d/multikey.gpg
93d0d08c	140	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c	141	testaptkeys 'Marvin Paranoid'
93d0d08c	142	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
e52aad52	143	testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
93d0d08c DK	144	testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
	145
	146	msgtest 'Test key removal with' 'multiple files including key'
	147	cleanplate
	148	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	149	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	150	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c	151	testaptkeys 'Marvin Paranoid'
e52aad52	152	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c DK	153	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
93d0d08c DK	154	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
0dae96a2 DK	155
	156	cleanplate
	157	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	158	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
f14cde2c	159	testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2 DK	160	msgtest 'Test merge-back of' 'added keys'
0dae96a2 DK	161	testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub
f14cde2c	162	testaptkeys 'Rex Expired' 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2 DK	163
	164	msgtest 'Test merge-back of' 'removed keys'
	165	testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
f14cde2c	166	testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2 DK	167
	168	msgtest 'Test merge-back of' 'removed duplicate keys'
	169	testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
f14cde2c	170	testaptkeys 'Marvin Paranoid'
b0d40854 DK	171
	172	cleanplate
	173	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	174	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	175	msgtest 'Test signing a file' 'with a key'
	176	echo 'Verify me. This is my signature.' > signature
	177	testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
	178	adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
bc8f83a5	179	testsuccess test -s signature.gpg -a -s signature
b0d40854	180
b0d40854	181
25f27319	182	for GPGV in '' 'gpgv' 'gpgv2'; do
f14cde2c DK	183	echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd
	184
	185	msgtest 'Test verify a file' 'with all keys'
	186	testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature
b0d40854	187
f14cde2c DK	188	msgtest 'Test verify a file' 'with good keyring'
f14cde2c DK	189	testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature
b0d40854	190
f14cde2c DK	191	msgtest 'Test fail verify a file' 'with bad keyring'
f14cde2c DK	192	testfailure --nomsg aptkey --quiet --readonly --keyring keys/joesixpack.pub verify signature.gpg signature
b0d40854	193
f14cde2c DK	194	msgtest 'Test fail verify a file' 'with non-existing keyring'
	195	testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
	196	testfailure test -e keys/does-not-exist.pub
b0d40854	197
4e03c47d	198	# note: this isn't how apts gpgv method implements keyid for verify
f14cde2c DK	199	msgtest 'Test verify a file' 'with good keyid'
f14cde2c DK	200	testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature
b0d40854	201
f14cde2c DK	202	msgtest 'Test fail verify a file' 'with bad keyid'
f14cde2c DK	203	testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify signature.gpg signature
b0d40854	204
f14cde2c DK	205	msgtest 'Test fail verify a file' 'with non-existing keyid'
	206	testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
	207
	208	msgtest 'Test verify fails on' 'bad file'
	209	echo 'lalalalala' > signature2
	210	testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
	211	done
93d0d08c	212	}
04937adc	213
93d0d08c DK	214	setupgpgcommand() {
93d0d08c DK	215	echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd
f14cde2c DK	216	msgmsg 'Force tests to be run with' "$1"
	217	testsuccess aptkey --readonly adv --version
	218	cp rootdir/tmp/testsuccess.output aptkey.version
fecfbf2e	219	testsuccess grep "^gpg (GnuPG) $2\." aptkey.version
04937adc DK	220	}
04937adc DK	221
93d0d08c DK	222	# run with default (whatever this is)
	223	testrun
	224	# run with …
fecfbf2e	225	setupgpgcommand 'gpg' '1'
93d0d08c	226	testrun
fecfbf2e	227	setupgpgcommand 'gpg2' '2'
93d0d08c	228	testrun