]> git.saurik.com Git - apt.git/blame - test/integration/test-apt-key
test: Fix apt-key tests to work with current gpg 2.1
[apt.git] / test / integration / test-apt-key
CommitLineData
80f3aeb0
DK
1#!/bin/sh
2set -e
3
bc8f83a5
DK
4# apt-key is a shell script, so relatively prune to be effected by 'crazy' things:
5# confuses config parser as there exists no way of escaping " currently.
6#TMPDIR="$(mktemp -d)/This is \"fü\$\$ing cràzy\", \$(man man | head -n1 | cut -d' ' -f 1)\$!"
7# gpg doesn't like | in path names – documented e.g. in the man gpg2 --agent-program
8#TMPDIR="$(mktemp -d)/This is fü\$\$ing cràzy, \$(man man | head -n1 | cut -d' ' -f 1)\$!"
9TMPDIR_ADD="This is fü\$\$ing cràzy, \$(apt -v)\$!"
10
3abb6a6a
DK
11TESTDIR="$(readlink -f "$(dirname "$0")")"
12. "$TESTDIR/framework"
80f3aeb0
DK
13
14setupenvironment
15configarchitecture 'amd64'
16
93d0d08c
DK
17# start from a clean plate again
18cleanplate() {
19 rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
20 mkdir rootdir/etc/apt/trusted.gpg.d/
21}
80f3aeb0
DK
22
23echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
24APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf
25
93d0d08c
DK
26testrun() {
27 cleanplate
fecfbf2e 28 ln -sf "${TMPWORKINGDIRECTORY}/keys/joesixpack.pub" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
80f3aeb0 29
93d0d08c
DK
30 msgtest 'Check that paths in list output are not' 'double-slashed'
31 aptkey list 2>&1 | grep -q '//' && msgfail || msgpass
80f3aeb0 32
93d0d08c
DK
33 msgtest 'Check that paths in finger output are not' 'double-slashed'
34 aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass
f14cde2c 35 testaptkeys 'Joe Sixpack'
80f3aeb0 36
25b86db1 37 testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
93d0d08c
DK
38gpg: Total number processed: 1
39gpg: unchanged: 1' aptkey --fakeroot update
80f3aeb0 40
f14cde2c 41 testaptkeys 'Joe Sixpack'
e52aad52 42 testfailure test -e rootdir/etc/apt/trusted.gpg
f14cde2c 43
93d0d08c 44 testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
8b32e72c
DK
45 msgtest 'Check if trusted.gpg is created with permissions set to' '0644'
46 if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then
47 msgpass
48 else
49 msgfail
50 fi
04937adc 51
f14cde2c 52 testaptkeys 'Rex Expired' 'Joe Sixpack'
04937adc 53
38005d8b
DK
54 msgtest 'Check that Sixpack key can be' 'exported'
55 aptkey export 'Sixpack' > aptkey.export
56 aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall
57 testsuccess --nomsg cmp aptkey.export aptkey.exportall
58 testsuccess test -s aptkey.export
59 testsuccess test -s aptkey.exportall
60
93d0d08c
DK
61 msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
62 testsuccess --nomsg aptkey --fakeroot update
63
f14cde2c 64 testaptkeys 'Joe Sixpack'
93d0d08c
DK
65
66 msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
67 testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE
68
f14cde2c 69 testaptkeys 'Joe Sixpack'
93d0d08c
DK
70
71 testsuccess aptkey --fakeroot del DBAC8DAE
72 testempty aptkey list
73
b0d40854 74 msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
05f64ca2
DK
75 cleanplate
76 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
77 testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
78 testempty aptkey list
79
93d0d08c
DK
80 msgtest 'Test key removal with' 'single key in real file'
81 cleanplate
82 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
83 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
84 testempty aptkey list
e52aad52 85 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c
DK
86 testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
87
29f1b977
JM
88 msgtest 'Test key removal with' 'long key ID'
89 cleanplate
90 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
91 testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
92 testempty aptkey list
e52aad52 93 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
29f1b977
JM
94 testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
95
ba72845c
DK
96 msgtest 'Test key removal with' 'fingerprint'
97 cleanplate
98 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
99 testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
100 testempty aptkey list
e52aad52 101 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
ba72845c
DK
102 testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
103
93d0d08c
DK
104 msgtest 'Test key removal with' 'single key in softlink'
105 cleanplate
fecfbf2e 106 ln -s "$(readlink -f ./keys/joesixpack.pub)" rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c
DK
107 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
108 testempty aptkey list
e52aad52 109 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c
DK
110 testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
111
112 cleanplate
113 testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
fecfbf2e
DK
114 ln -sf "$(readlink -f ./keys/marvinparanoid.pub)" "./keys/marvin paránöid.pub"
115 testsuccess aptkey --fakeroot add "./keys/marvin paránöid.pub"
f14cde2c 116 testaptkeys 'Joe Sixpack' 'Marvin Paranoid'
93d0d08c
DK
117 cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse
118
119 msgtest 'Test key removal with' 'multi key in real file'
120 cleanplate
121 cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
122 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c 123 testaptkeys 'Marvin Paranoid'
93d0d08c
DK
124 testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
125
126 msgtest 'Test key removal with' 'multi key in softlink'
127 cleanplate
fecfbf2e 128 ln -s "$(readlink -f ./keys/testcase-multikey.pub)" rootdir/etc/apt/trusted.gpg.d/multikey.gpg
93d0d08c 129 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c 130 testaptkeys 'Marvin Paranoid'
93d0d08c 131 testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
e52aad52 132 testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
93d0d08c
DK
133 testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
134
135 msgtest 'Test key removal with' 'multiple files including key'
136 cleanplate
137 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
138 cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
139 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c 140 testaptkeys 'Marvin Paranoid'
e52aad52 141 testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c
DK
142 testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
143 testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
0dae96a2
DK
144
145 cleanplate
146 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
147 cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
f14cde2c 148 testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2
DK
149 msgtest 'Test merge-back of' 'added keys'
150 testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub
f14cde2c 151 testaptkeys 'Rex Expired' 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2
DK
152
153 msgtest 'Test merge-back of' 'removed keys'
154 testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
f14cde2c 155 testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2
DK
156
157 msgtest 'Test merge-back of' 'removed duplicate keys'
158 testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
f14cde2c 159 testaptkeys 'Marvin Paranoid'
b0d40854
DK
160
161 cleanplate
162 cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
163 cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
164 msgtest 'Test signing a file' 'with a key'
165 echo 'Verify me. This is my signature.' > signature
166 testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
167 adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
bc8f83a5 168 testsuccess test -s signature.gpg -a -s signature
b0d40854 169
b0d40854 170
25f27319 171 for GPGV in '' 'gpgv' 'gpgv2'; do
f14cde2c
DK
172 echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd
173
174 msgtest 'Test verify a file' 'with all keys'
175 testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature
b0d40854 176
f14cde2c
DK
177 msgtest 'Test verify a file' 'with good keyring'
178 testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature
b0d40854 179
f14cde2c
DK
180 msgtest 'Test fail verify a file' 'with bad keyring'
181 testfailure --nomsg aptkey --quiet --readonly --keyring keys/joesixpack.pub verify signature.gpg signature
b0d40854 182
f14cde2c
DK
183 msgtest 'Test fail verify a file' 'with non-existing keyring'
184 testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
185 testfailure test -e keys/does-not-exist.pub
b0d40854 186
4e03c47d 187 # note: this isn't how apts gpgv method implements keyid for verify
f14cde2c
DK
188 msgtest 'Test verify a file' 'with good keyid'
189 testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature
b0d40854 190
f14cde2c
DK
191 msgtest 'Test fail verify a file' 'with bad keyid'
192 testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify signature.gpg signature
b0d40854 193
f14cde2c
DK
194 msgtest 'Test fail verify a file' 'with non-existing keyid'
195 testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
196
197 msgtest 'Test verify fails on' 'bad file'
198 echo 'lalalalala' > signature2
199 testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
200 done
93d0d08c 201}
04937adc 202
93d0d08c
DK
203setupgpgcommand() {
204 echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd
f14cde2c
DK
205 msgmsg 'Force tests to be run with' "$1"
206 testsuccess aptkey --readonly adv --version
207 cp rootdir/tmp/testsuccess.output aptkey.version
fecfbf2e 208 testsuccess grep "^gpg (GnuPG) $2\." aptkey.version
04937adc
DK
209}
210
93d0d08c
DK
211# run with default (whatever this is)
212testrun
213# run with …
fecfbf2e 214setupgpgcommand 'gpg' '1'
93d0d08c 215testrun
fecfbf2e 216setupgpgcommand 'gpg2' '2'
93d0d08c 217testrun