[apt.git] / test / integration / test-apt-key

#!/bin/sh
set -e

TESTDIR=$(readlink -f $(dirname $0))
. $TESTDIR/framework

setupenvironment
configarchitecture 'amd64'

# start from a clean plate again
cleanplate() {
	rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
	mkdir rootdir/etc/apt/trusted.gpg.d/
}

createlistofkeys() {
	while [ -n "$1" ]; do
		# gpg 2.1 has a slightly different output format
		if grep -q ' rsa2048/' aptkey.list; then
			case "$1" in
				*Joe*|*Sixpack*) echo 'pub   rsa2048/DBAC8DAE 2010-08-18';;
				*Rex*|*Expired*) echo 'pub   rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
				*Marvin*|*Paranoid*) echo 'pub   rsa2048/528144E2 2011-01-16';;
				*) echo 'UNKNOWN KEY';;
			esac
		else
			case "$1" in
				*Joe*|*Sixpack*) echo 'pub   2048R/DBAC8DAE 2010-08-18';;
				*Rex*|*Expired*) echo 'pub   2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
				*Marvin*|*Paranoid*) echo 'pub   2048R/528144E2 2011-01-16';;
				*) echo 'UNKNOWN KEY';;
			esac
		fi
		shift
	done
}

testaptkeys() {
	if ! aptkey list | grep '^pub' > aptkey.list; then
		echo -n > aptkey.list
	fi
	testfileequal './aptkey.list' "$(createlistofkeys "$@")"
}

echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf

testrun() {
	cleanplate
	ln -sf ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg

	msgtest 'Check that paths in list output are not' 'double-slashed'
	aptkey list 2>&1 | grep -q '//' && msgfail || msgpass

	msgtest 'Check that paths in finger output are not' 'double-slashed'
	aptkey finger 2>&1 | grep -q '//' && msgfail || msgpass
	testaptkeys 'Joe Sixpack'

	testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1' aptkey --fakeroot update

	testaptkeys 'Joe Sixpack'
	testfailure test -e rootdir/etc/apt/trusted.gpg

	testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
	msgtest 'Check if trusted.gpg is created with permissions set to' '0644'
	if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then
		msgpass
	else
		msgfail
	fi

	testaptkeys 'Rex Expired' 'Joe Sixpack'

	msgtest 'Check that Sixpack key can be' 'exported'
	aptkey export 'Sixpack' > aptkey.export
	aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall
	testsuccess --nomsg cmp aptkey.export aptkey.exportall
	testsuccess test -s aptkey.export
	testsuccess test -s aptkey.exportall

	msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
	testsuccess --nomsg aptkey --fakeroot update

	testaptkeys 'Joe Sixpack'

	msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
	testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE

	testaptkeys 'Joe Sixpack'

	testsuccess aptkey --fakeroot del DBAC8DAE
	testempty aptkey list

	msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
	testempty aptkey list

	msgtest 'Test key removal with' 'single key in real file'
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testempty aptkey list
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~

	msgtest 'Test key removal with' 'long key ID'
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
	testempty aptkey list
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~

	msgtest 'Test key removal with' 'fingerprint'
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
	testempty aptkey list
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~

	msgtest 'Test key removal with' 'single key in softlink'
	cleanplate
	ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testempty aptkey list
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~

	cleanplate
	testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
	testsuccess aptkey --fakeroot add ./keys/marvinparanoid.pub
	testaptkeys 'Joe Sixpack' 'Marvin Paranoid'
	cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse

	msgtest 'Test key removal with' 'multi key in real file'
	cleanplate
	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testaptkeys 'Marvin Paranoid'
	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~

	msgtest 'Test key removal with' 'multi key in softlink'
	cleanplate
	ln -s $(readlink -f ./keys/testcase-multikey.pub) rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testaptkeys 'Marvin Paranoid'
	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
	testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~

	msgtest 'Test key removal with' 'multiple files including key'
	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	testaptkeys 'Marvin Paranoid'
	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~

	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
	msgtest 'Test merge-back of' 'added keys'
	testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub
	testaptkeys 'Rex Expired' 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'

	msgtest 'Test merge-back of' 'removed keys'
	testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
	testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'

	msgtest 'Test merge-back of' 'removed duplicate keys'
	testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
	testaptkeys 'Marvin Paranoid'

	cleanplate
	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	msgtest 'Test signing a file' 'with a key'
	echo 'Verify me. This is my signature.' > signature
	testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
		adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature


	for GPGV in 'gpgv' 'gpgv2' '/does/not/exist'; do
		echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd

		msgtest 'Test verify a file' 'with all keys'
		testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature

		msgtest 'Test verify a file' 'with good keyring'
		testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature

		msgtest 'Test fail verify a file' 'with bad keyring'
		testfailure --nomsg aptkey --quiet --readonly --keyring keys/joesixpack.pub verify signature.gpg signature

		msgtest 'Test fail verify a file' 'with non-existing keyring'
		testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
		testfailure test -e keys/does-not-exist.pub

		msgtest 'Test verify a file' 'with good keyid'
		testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature

		msgtest 'Test fail verify a file' 'with bad keyid'
		testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify signature.gpg signature

		msgtest 'Test fail verify a file' 'with non-existing keyid'
		testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature

		msgtest 'Test verify fails on' 'bad file'
		echo 'lalalalala' > signature2
		testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
	done
}

setupgpgcommand() {
	echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd
	msgmsg 'Force tests to be run with' "$1"
	testsuccess aptkey --readonly adv --version
	cp rootdir/tmp/testsuccess.output aptkey.version
	testsuccess grep "^Executing: $1 --" aptkey.version
}

# run with default (whatever this is)
testrun
# run with …
setupgpgcommand 'gpg'
testrun
setupgpgcommand 'gpg2'
testrun
Commit	Line	Data
80f3aeb0 DK	1	#!/bin/sh
	2	set -e
	3
	4	TESTDIR=$(readlink -f $(dirname $0))
	5	. $TESTDIR/framework
	6
	7	setupenvironment
	8	configarchitecture 'amd64'
	9
93d0d08c DK	10	# start from a clean plate again
	11	cleanplate() {
	12	rm -rf rootdir/etc/apt/trusted.gpg.d/ rootdir/etc/apt/trusted.gpg
	13	mkdir rootdir/etc/apt/trusted.gpg.d/
	14	}
80f3aeb0	15
f14cde2c DK	16	createlistofkeys() {
	17	while [ -n "$1" ]; do
	18	# gpg 2.1 has a slightly different output format
	19	if grep -q ' rsa2048/' aptkey.list; then
	20	case "$1" in
	21	Joe\|Sixpack) echo 'pub rsa2048/DBAC8DAE 2010-08-18';;
	22	Rex\|Expired) echo 'pub rsa2048/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
	23	Marvin\|Paranoid) echo 'pub rsa2048/528144E2 2011-01-16';;
	24	*) echo 'UNKNOWN KEY';;
	25	esac
	26	else
	27	case "$1" in
	28	Joe\|Sixpack) echo 'pub 2048R/DBAC8DAE 2010-08-18';;
	29	Rex\|Expired) echo 'pub 2048R/27CE74F9 2013-07-12 [expired: 2013-07-13]';;
	30	Marvin\|Paranoid) echo 'pub 2048R/528144E2 2011-01-16';;
	31	*) echo 'UNKNOWN KEY';;
	32	esac
	33	fi
	34	shift
	35	done
	36	}
	37
0dae96a2 DK	38	testaptkeys() {
	39	if ! aptkey list \| grep '^pub' > aptkey.list; then
	40	echo -n > aptkey.list
	41	fi
f14cde2c	42	testfileequal './aptkey.list' "$(createlistofkeys "$@")"
0dae96a2 DK	43	}
0dae96a2 DK	44
80f3aeb0 DK	45	echo 'APT::Key::ArchiveKeyring "./keys/joesixpack.pub";
	46	APT::Key::RemovedKeys "./keys/rexexpired.pub";' > rootdir/etc/apt/apt.conf.d/aptkey.conf
	47
93d0d08c DK	48	testrun() {
	49	cleanplate
	50	ln -sf ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
80f3aeb0	51
93d0d08c DK	52	msgtest 'Check that paths in list output are not' 'double-slashed'
93d0d08c DK	53	aptkey list 2>&1 \| grep -q '//' && msgfail \|\| msgpass
80f3aeb0	54
93d0d08c DK	55	msgtest 'Check that paths in finger output are not' 'double-slashed'
93d0d08c DK	56	aptkey finger 2>&1 \| grep -q '//' && msgfail \|\| msgpass
f14cde2c	57	testaptkeys 'Joe Sixpack'
80f3aeb0	58
25b86db1	59	testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
93d0d08c DK	60	gpg: Total number processed: 1
93d0d08c DK	61	gpg: unchanged: 1' aptkey --fakeroot update
80f3aeb0	62
f14cde2c	63	testaptkeys 'Joe Sixpack'
e52aad52	64	testfailure test -e rootdir/etc/apt/trusted.gpg
f14cde2c	65
93d0d08c	66	testsuccess aptkey --fakeroot add ./keys/rexexpired.pub
8b32e72c DK	67	msgtest 'Check if trusted.gpg is created with permissions set to' '0644'
	68	if [ "$(stat -c '%a' rootdir/etc/apt/trusted.gpg )" = '644' ]; then
	69	msgpass
	70	else
	71	msgfail
	72	fi
04937adc	73
f14cde2c	74	testaptkeys 'Rex Expired' 'Joe Sixpack'
04937adc	75
38005d8b DK	76	msgtest 'Check that Sixpack key can be' 'exported'
	77	aptkey export 'Sixpack' > aptkey.export
	78	aptkey --keyring rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg exportall > aptkey.exportall
	79	testsuccess --nomsg cmp aptkey.export aptkey.exportall
	80	testsuccess test -s aptkey.export
	81	testsuccess test -s aptkey.exportall
	82
93d0d08c DK	83	msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
	84	testsuccess --nomsg aptkey --fakeroot update
	85
f14cde2c	86	testaptkeys 'Joe Sixpack'
93d0d08c DK	87
	88	msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
	89	testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE
	90
f14cde2c	91	testaptkeys 'Joe Sixpack'
93d0d08c DK	92
	93	testsuccess aptkey --fakeroot del DBAC8DAE
	94	testempty aptkey list
	95
b0d40854	96	msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
05f64ca2 DK	97	cleanplate
	98	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	99	testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
	100	testempty aptkey list
	101
93d0d08c DK	102	msgtest 'Test key removal with' 'single key in real file'
	103	cleanplate
	104	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	105	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	106	testempty aptkey list
e52aad52	107	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c DK	108	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
93d0d08c DK	109
29f1b977 JM	110	msgtest 'Test key removal with' 'long key ID'
	111	cleanplate
	112	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	113	testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
	114	testempty aptkey list
e52aad52	115	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
29f1b977 JM	116	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
29f1b977 JM	117
ba72845c DK	118	msgtest 'Test key removal with' 'fingerprint'
	119	cleanplate
	120	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	121	testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
	122	testempty aptkey list
e52aad52	123	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
ba72845c DK	124	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
ba72845c DK	125
93d0d08c DK	126	msgtest 'Test key removal with' 'single key in softlink'
	127	cleanplate
	128	ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	129	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
	130	testempty aptkey list
e52aad52	131	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c DK	132	testsuccess test -L rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
	133
	134	cleanplate
	135	testsuccess aptkey --fakeroot add ./keys/joesixpack.pub
	136	testsuccess aptkey --fakeroot add ./keys/marvinparanoid.pub
f14cde2c	137	testaptkeys 'Joe Sixpack' 'Marvin Paranoid'
93d0d08c DK	138	cp -a rootdir/etc/apt/trusted.gpg keys/testcase-multikey.pub # store for reuse
	139
	140	msgtest 'Test key removal with' 'multi key in real file'
	141	cleanplate
	142	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	143	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c	144	testaptkeys 'Marvin Paranoid'
93d0d08c DK	145	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
	146
	147	msgtest 'Test key removal with' 'multi key in softlink'
	148	cleanplate
	149	ln -s $(readlink -f ./keys/testcase-multikey.pub) rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	150	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c	151	testaptkeys 'Marvin Paranoid'
93d0d08c	152	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
e52aad52	153	testfailure test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg
93d0d08c DK	154	testsuccess test -L rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
	155
	156	msgtest 'Test key removal with' 'multiple files including key'
	157	cleanplate
	158	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	159	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	160	testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
f14cde2c	161	testaptkeys 'Marvin Paranoid'
e52aad52	162	testfailure test -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
93d0d08c DK	163	testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
93d0d08c DK	164	testsuccess cmp keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg~
0dae96a2 DK	165
	166	cleanplate
	167	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	168	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
f14cde2c	169	testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2 DK	170	msgtest 'Test merge-back of' 'added keys'
0dae96a2 DK	171	testsuccess --nomsg aptkey adv --batch --yes --import keys/rexexpired.pub
f14cde2c	172	testaptkeys 'Rex Expired' 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2 DK	173
	174	msgtest 'Test merge-back of' 'removed keys'
	175	testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
f14cde2c	176	testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
0dae96a2 DK	177
	178	msgtest 'Test merge-back of' 'removed duplicate keys'
	179	testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
f14cde2c	180	testaptkeys 'Marvin Paranoid'
b0d40854 DK	181
	182	cleanplate
	183	cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
	184	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
	185	msgtest 'Test signing a file' 'with a key'
	186	echo 'Verify me. This is my signature.' > signature
	187	testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
	188	adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
	189
b0d40854	190
f14cde2c DK	191	for GPGV in 'gpgv' 'gpgv2' '/does/not/exist'; do
	192	echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd
	193
	194	msgtest 'Test verify a file' 'with all keys'
	195	testsuccess --nomsg aptkey --quiet --readonly verify signature.gpg signature
b0d40854	196
f14cde2c DK	197	msgtest 'Test verify a file' 'with good keyring'
f14cde2c DK	198	testsuccess --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature.gpg signature
b0d40854	199
f14cde2c DK	200	msgtest 'Test fail verify a file' 'with bad keyring'
f14cde2c DK	201	testfailure --nomsg aptkey --quiet --readonly --keyring keys/joesixpack.pub verify signature.gpg signature
b0d40854	202
f14cde2c DK	203	msgtest 'Test fail verify a file' 'with non-existing keyring'
	204	testfailure --nomsg aptkey --quiet --readonly --keyring keys/does-not-exist.pub verify signature.gpg signature
	205	testfailure test -e keys/does-not-exist.pub
b0d40854	206
f14cde2c DK	207	msgtest 'Test verify a file' 'with good keyid'
f14cde2c DK	208	testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify signature.gpg signature
b0d40854	209
f14cde2c DK	210	msgtest 'Test fail verify a file' 'with bad keyid'
f14cde2c DK	211	testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify signature.gpg signature
b0d40854	212
f14cde2c DK	213	msgtest 'Test fail verify a file' 'with non-existing keyid'
	214	testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
	215
	216	msgtest 'Test verify fails on' 'bad file'
	217	echo 'lalalalala' > signature2
	218	testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
	219	done
93d0d08c	220	}
04937adc	221
93d0d08c DK	222	setupgpgcommand() {
93d0d08c DK	223	echo "APT::Key::GPGCommand \"$1\";" > rootdir/etc/apt/apt.conf.d/00gpgcmd
f14cde2c DK	224	msgmsg 'Force tests to be run with' "$1"
	225	testsuccess aptkey --readonly adv --version
	226	cp rootdir/tmp/testsuccess.output aptkey.version
	227	testsuccess grep "^Executing: $1 --" aptkey.version
04937adc DK	228	}
04937adc DK	229
93d0d08c DK	230	# run with default (whatever this is)
	231	testrun
	232	# run with …
	233	setupgpgcommand 'gpg'
	234	testrun
	235	setupgpgcommand 'gpg2'
	236	testrun