]> git.saurik.com Git - apt.git/blame - test/integration/test-apt-key
Merge remote-tracking branch 'donkult/debian/experimental' into debian/experimental
[apt.git] / test / integration / test-apt-key
CommitLineData
80f3aeb0
DK
1#!/bin/sh
2set -e
3
4TESTDIR=$(readlink -f $(dirname $0))
5. $TESTDIR/framework
6
7setupenvironment
8configarchitecture 'amd64'
9
93d0d08c
DK
10# start from a clean plate again
11cleanplate() {
12 rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
13 mkdir rootdir/etc/apt/trusted.gpg.d/
14}
80f3aeb0 15
f14cde2c
DK
16createlistofkeys() {
17 while [ -n "$1" ]; do
18 # gpg 2.1 has a slightly different output format
19 if grep -q ' rsa2048/' aptkey.list; then
20 case "$1" in
21 *Joe*|*Sixpack*) echo 'pub rsa2048/DBAC8DAE 2010-08-18';;
22 *Rex*|*Expired*) echo 'pub rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
23 *Marvin*|*Paranoid*) echo 'pub rsa2048/528144E2 2011-01-16';;
24 *) echo 'UNKNOWN KEY';;
25 esac
26 else
27 case "$1" in
28 *Joe*|*Sixpack*) echo 'pub 2048R/DBAC8DAE 2010-08-18';;
29 *Rex*|*Expired*) echo 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
30 *Marvin*|*Paranoid*) echo 'pub 2048R/528144E2 2011-01-16';;
31 *) echo 'UNKNOWN KEY';;
32 esac
33 fi
34 shift
35 done
36}
37
0dae96a2
DK
38testaptkeys() {
39 if ! aptkey list | grep '^pub' > aptkey.list; then
40 echo -n > aptkey.list
41 fi
f14cde2c 42 testfileequal './aptkey.list' "$(createlistofkeys "$@")"
0dae96a2
DK
43}
44
80f3aeb0
DK
45echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
46APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf
47
93d0d08c
DK
48testrun() {
49 cleanplate
fecfbf2e 50 ln -sf "${TMPWORKINGDIRECTORY}/keys/joesixpack.pub" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
80f3aeb0 51
93d0d08c
DK
52 msgtest 'Check that paths in list output are not' 'double-slashed'
53 aptkey list 2>&1 | grep -q '//' && msgfail || msgpass
80f3aeb0 54
93d0d08c
DK
55 msgtest 'Check that paths in finger output are not' 'double-slashed'
56 aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass
f14cde2c 57 testaptkeys 'Joe Sixpack'
80f3aeb0 58
25b86db1 59 testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
93d0d08c
DK
60gpg: Total number processed: 1
61gpg: unchanged: 1' aptkey --fakeroot update
80f3aeb0 62
f14cde2c 63 testaptkeys 'Joe Sixpack'
e52aad52 64 testfailure test -e rootdir/etc/apt/trusted.gpg
f14cde2c 65
93d0d08c 66 testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
8b32e72c
DK
67 msgtest 'Check if trusted.gpg is created with permissions set to' '0644'
68 if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then
69 msgpass
70 else
71 msgfail
72 fi
04937adc 73
f14cde2c 74 testaptkeys 'Rex Expired' 'Joe Sixpack'
04937adc 75
38005d8b
DK
76 msgtest 'Check that Sixpack key can be' 'exported'
77 aptkey export 'Sixpack' > aptkey.export
78 aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall
79 testsuccess --nomsg cmp aptkey.export aptkey.exportall
80 testsuccess test -s aptkey.export
81 testsuccess test -s aptkey.exportall
82
93d0d08c
DK
83 msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
84 testsuccess --nomsg aptkey --fakeroot update
85
f14cde2c 86 testaptkeys 'Joe Sixpack'
93d0d08c
DK
87
88 msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
89 testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE
90
f14cde2c 91 testaptkeys 'Joe Sixpack'
93d0d08c
DK
92
93 testsuccess aptkey --fakeroot del DBAC8DAE
94 testempty aptkey list
95
b0d40854 96 msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
05f64ca2
DK
97 cleanplate
98 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
99 testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
100 testempty aptkey list
101
93d0d08c
DK
102 msgtest 'Test key removal with' 'single key in real file'
103 cleanplate
104 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
105 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
106 testempty aptkey list
e52aad52 107 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c
DK
108 testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
109
29f1b977
JM
110 msgtest 'Test key removal with' 'long key ID'
111 cleanplate
112 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
113 testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
114 testempty aptkey list
e52aad52 115 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
29f1b977
JM
116 testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
117
ba72845c
DK
118 msgtest 'Test key removal with' 'fingerprint'
119 cleanplate
120 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
121 testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
122 testempty aptkey list
e52aad52 123 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
ba72845c
DK
124 testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
125
93d0d08c
DK
126 msgtest 'Test key removal with' 'single key in softlink'
127 cleanplate
fecfbf2e 128 ln -s "$(readlink -f ./keys/joesixpack.pub)" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c
DK
129 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
130 testempty aptkey list
e52aad52 131 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c
DK
132 testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
133
134 cleanplate
135 testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
fecfbf2e
DK
136 ln -sf "$(readlink -f ./keys/marvinparanoid.pub)" "./keys/marvin paránöid.pub"
137 testsuccess aptkey --fakeroot add "./keys/marvin paránöid.pub"
f14cde2c 138 testaptkeys 'Joe Sixpack' 'Marvin Paranoid'
93d0d08c
DK
139 cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse
140
141 msgtest 'Test key removal with' 'multi key in real file'
142 cleanplate
143 cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
144 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c 145 testaptkeys 'Marvin Paranoid'
93d0d08c
DK
146 testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
147
148 msgtest 'Test key removal with' 'multi key in softlink'
149 cleanplate
fecfbf2e 150 ln -s "$(readlink -f ./keys/testcase-multikey.pub)" rootdir/etc/apt/trusted.gpg.d/multikey.gpg
93d0d08c 151 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c 152 testaptkeys 'Marvin Paranoid'
93d0d08c 153 testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
e52aad52 154 testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
93d0d08c
DK
155 testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
156
157 msgtest 'Test key removal with' 'multiple files including key'
158 cleanplate
159 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
160 cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
161 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c 162 testaptkeys 'Marvin Paranoid'
e52aad52 163 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c
DK
164 testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
165 testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
0dae96a2
DK
166
167 cleanplate
168 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
169 cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
f14cde2c 170 testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2
DK
171 msgtest 'Test merge-back of' 'added keys'
172 testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub
f14cde2c 173 testaptkeys 'Rex Expired' 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2
DK
174
175 msgtest 'Test merge-back of' 'removed keys'
176 testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
f14cde2c 177 testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2
DK
178
179 msgtest 'Test merge-back of' 'removed duplicate keys'
180 testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
f14cde2c 181 testaptkeys 'Marvin Paranoid'
b0d40854
DK
182
183 cleanplate
184 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
185 cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
186 msgtest 'Test signing a file' 'with a key'
187 echo 'Verify me. This is my signature.' > signature
188 testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
189 adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
190
b0d40854 191
25f27319 192 for GPGV in '' 'gpgv' 'gpgv2'; do
f14cde2c
DK
193 echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd
194
195 msgtest 'Test verify a file' 'with all keys'
196 testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature
b0d40854 197
f14cde2c
DK
198 msgtest 'Test verify a file' 'with good keyring'
199 testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature
b0d40854 200
f14cde2c
DK
201 msgtest 'Test fail verify a file' 'with bad keyring'
202 testfailure --nomsg aptkey --quiet --readonly --keyring keys/joesixpack.pub verify signature.gpg signature
b0d40854 203
f14cde2c
DK
204 msgtest 'Test fail verify a file' 'with non-existing keyring'
205 testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
206 testfailure test -e keys/does-not-exist.pub
b0d40854 207
4e03c47d 208 # note: this isn't how apts gpgv method implements keyid for verify
f14cde2c
DK
209 msgtest 'Test verify a file' 'with good keyid'
210 testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature
b0d40854 211
f14cde2c
DK
212 msgtest 'Test fail verify a file' 'with bad keyid'
213 testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify signature.gpg signature
b0d40854 214
f14cde2c
DK
215 msgtest 'Test fail verify a file' 'with non-existing keyid'
216 testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
217
218 msgtest 'Test verify fails on' 'bad file'
219 echo 'lalalalala' > signature2
220 testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
221 done
93d0d08c 222}
04937adc 223
93d0d08c
DK
224setupgpgcommand() {
225 echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd
f14cde2c
DK
226 msgmsg 'Force tests to be run with' "$1"
227 testsuccess aptkey --readonly adv --version
228 cp rootdir/tmp/testsuccess.output aptkey.version
fecfbf2e 229 testsuccess grep "^gpg (GnuPG) $2\." aptkey.version
04937adc
DK
230}
231
93d0d08c
DK
232# run with default (whatever this is)
233testrun
234# run with …
fecfbf2e 235setupgpgcommand 'gpg' '1'
93d0d08c 236testrun
fecfbf2e 237setupgpgcommand 'gpg2' '2'
93d0d08c 238testrun