]> git.saurik.com Git - apt.git/blob - test/integration/test-apt-key
generalize secure->insecure downgrade protection
[apt.git] / test / integration / test-apt-key
1 #!/bin/sh
2 set -e
3
4 # apt-key is a shell script, so relatively prune to be effected by 'crazy' things:
5 # confuses config parser as there exists no way of escaping " currently.
6 #TMPDIR="$(mktemp -d)/This is \"fü\$\$ing cràzy\", \$(man man | head -n1 | cut -d' ' -f 1)\$!"
7 # gpg doesn't like | in path names – documented e.g. in the man gpg2 --agent-program
8 #TMPDIR="$(mktemp -d)/This is fü\$\$ing cràzy, \$(man man | head -n1 | cut -d' ' -f 1)\$!"
9 TMPDIR_ADD="This is fü\$\$ing cràzy, \$(apt -v)\$!"
10
11 TESTDIR="$(readlink -f "$(dirname "$0")")"
12 . "$TESTDIR/framework"
13
14 setupenvironment
15 configarchitecture 'amd64'
16
17 # start from a clean plate again
18 cleanplate() {
19 rm -rf "${ROOTDIR}/etc/apt/trusted.gpg.d/" "${ROOTDIR}/etc/apt/trusted.gpg"
20 mkdir "${ROOTDIR}/etc/apt/trusted.gpg.d/"
21 }
22 testmultigpg() {
23 testfailure --nomsg aptkey --quiet --readonly "$@"
24 testsuccess grep "^gpgv: Can't check signature" "${ROOTDIR}/tmp/testfailure.output"
25 testsuccess grep '^gpgv: Good signature from' "${ROOTDIR}/tmp/testfailure.output"
26 }
27
28 testrun() {
29 echo "APT::Key::ArchiveKeyring \"${KEYDIR}/joesixpack.pub\";
30 APT::Key::RemovedKeys \"${KEYDIR}/rexexpired.pub\";" > "${ROOTDIR}/etc/apt/apt.conf.d/aptkey.conf"
31
32 cleanplate
33 ln -sf "$(readlink -f "${KEYDIR}/joesixpack.pub")" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
34 testaptkeys 'Joe Sixpack'
35
36 testsuccess aptkey list
37 msgtest 'Check that paths in list output are not' 'double-slashed'
38 testfailure --nomsg grep '//' "${ROOTDIR}/tmp/testsuccess.output"
39
40 testsuccess aptkey finger
41 msgtest 'Check that paths in finger output are not' 'double-slashed'
42 testfailure --nomsg grep '//' "${ROOTDIR}/tmp/testsuccess.output"
43
44 testsuccessequal 'gpg: key DBAC8DAE: "Joe Sixpack (APT Testcases Dummy) <joe@example.org>" not changed
45 gpg: Total number processed: 1
46 gpg: unchanged: 1' aptkey --fakeroot update
47
48 testaptkeys 'Joe Sixpack'
49 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg"
50
51 testsuccess aptkey --fakeroot add "${KEYDIR}/rexexpired.pub"
52 testfilestats "${ROOTDIR}/etc/apt/trusted.gpg" '%a' '=' '644'
53
54 testaptkeys 'Rex Expired' 'Joe Sixpack'
55
56 msgtest 'Check that Sixpack key can be' 'exported'
57 aptkey export 'Sixpack' > "${TMPWORKINGDIRECTORY}/aptkey.export"
58 aptkey --keyring "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg" exportall > "${TMPWORKINGDIRECTORY}/aptkey.exportall"
59 testsuccess --nomsg cmp "${TMPWORKINGDIRECTORY}/aptkey.export" "${TMPWORKINGDIRECTORY}/aptkey.exportall"
60 testsuccess test -s "${TMPWORKINGDIRECTORY}/aptkey.export"
61 testsuccess test -s "${TMPWORKINGDIRECTORY}/aptkey.exportall"
62
63 msgtest 'Execute update again to trigger removal of' 'Rex Expired key'
64 testsuccess --nomsg aptkey --fakeroot update
65
66 testaptkeys 'Joe Sixpack'
67
68 msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
69 testsuccess --nomsg aptkey --fakeroot --keyring "${ROOTDIR}/etc/apt/trusted.gpg" del DBAC8DAE
70
71 testaptkeys 'Joe Sixpack'
72
73 testsuccess aptkey --fakeroot del DBAC8DAE
74 testempty aptkey list
75
76 msgtest 'Test key removal with' 'lowercase key ID' #keylength somewhere between 8byte and short
77 cleanplate
78 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
79 testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
80 testempty aptkey list
81
82 msgtest 'Test key removal with' 'single key in real file'
83 cleanplate
84 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
85 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
86 testempty aptkey list
87 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
88 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
89
90 msgtest 'Test key removal with' 'different key specs'
91 cleanplate
92 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
93 cp -a "${KEYDIR}/marvinparanoid.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/marvinparanoid.gpg"
94 testsuccess --nomsg aptkey --fakeroot del 0xDBAC8DAE 528144E2
95 testempty aptkey list
96 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
97 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
98 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/marvinparanoid.gpg"
99 testsuccess cmp "${KEYDIR}/marvinparanoid.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/marvinparanoid.gpg~"
100
101 msgtest 'Test key removal with' 'long key ID'
102 cleanplate
103 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
104 testsuccess --nomsg aptkey --fakeroot del 5A90D141DBAC8DAE
105 testempty aptkey list
106 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
107 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
108
109 msgtest 'Test key removal with' 'fingerprint'
110 cleanplate
111 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
112 testsuccess --nomsg aptkey --fakeroot del 34A8E9D18DB320F367E8EAA05A90D141DBAC8DAE
113 testempty aptkey list
114 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
115 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
116
117 msgtest 'Test key removal with' 'single key in softlink'
118 cleanplate
119 ln -s "$(readlink -f "${KEYDIR}/joesixpack.pub")" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
120 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
121 testempty aptkey list
122 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
123 testsuccess test -L "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
124
125 cleanplate
126 testsuccess aptkey --fakeroot add "${KEYDIR}/joesixpack.pub"
127 ln -sf "$(readlink -f "${KEYDIR}/marvinparanoid.pub")" "${KEYDIR}/marvin paránöid.pub"
128 testsuccess aptkey --fakeroot add "${KEYDIR}/marvin paránöid.pub"
129 testaptkeys 'Joe Sixpack' 'Marvin Paranoid'
130 cp -a "${ROOTDIR}/etc/apt/trusted.gpg" "${KEYDIR}/testcase-multikey.pub" # store for reuse
131
132 msgtest 'Test key removal with' 'multi key in real file'
133 cleanplate
134 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
135 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
136 testaptkeys 'Marvin Paranoid'
137 testsuccess cmp "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg~"
138
139 msgtest 'Test key removal with' 'multi key in softlink'
140 cleanplate
141 ln -s "$(readlink -f "${KEYDIR}/testcase-multikey.pub")" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
142 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
143 testaptkeys 'Marvin Paranoid'
144 testsuccess cmp "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg~"
145 testfailure test -L "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
146 testsuccess test -L "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg~"
147
148 msgtest 'Test key removal with' 'multiple files including key'
149 cleanplate
150 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
151 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
152 testsuccess --nomsg aptkey --fakeroot del DBAC8DAE
153 testaptkeys 'Marvin Paranoid'
154 testfailure test -e "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
155 testsuccess cmp "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg~"
156 testsuccess cmp "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg~"
157
158 cleanplate
159 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
160 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
161 testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
162 msgtest 'Test merge-back of' 'added keys'
163 testsuccess --nomsg aptkey adv --batch --yes --import "${KEYDIR}/rexexpired.pub"
164 testaptkeys 'Rex Expired' 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
165
166 msgtest 'Test merge-back of' 'removed keys'
167 testsuccess --nomsg aptkey adv --batch --yes --delete-keys 27CE74F9
168 testaptkeys 'Joe Sixpack' 'Joe Sixpack' 'Marvin Paranoid'
169
170 msgtest 'Test merge-back of' 'removed duplicate keys'
171 testsuccess --nomsg aptkey adv --batch --yes --delete-keys DBAC8DAE
172 testaptkeys 'Marvin Paranoid'
173
174 cleanplate
175 cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
176 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
177 local SIGNATURE="${TMPWORKINGDIRECTORY}/signature"
178 msgtest 'Test signing a file' 'with a key'
179 echo 'Verify me. This is my signature.' > "$SIGNATURE"
180 echo 'lalalalala' > "${SIGNATURE}2"
181 testsuccess --nomsg aptkey --quiet --keyring "${KEYDIR}/marvinparanoid.pub" --secret-keyring "${KEYDIR}/marvinparanoid.sec" --readonly \
182 adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output "${SIGNATURE}.gpg" "${SIGNATURE}"
183 testsuccess test -s "${SIGNATURE}.gpg" -a -s "${SIGNATURE}"
184
185 msgtest 'Test verify a file' 'with no sig'
186 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/testcase-multikey.pub" verify "${SIGNATURE}" "${SIGNATURE}2"
187
188 for GPGV in '' 'gpgv' 'gpgv2'; do
189 echo "APT::Key::GPGVCommand \"$GPGV\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd"
190
191 msgtest 'Test verify a file' 'with all keys'
192 testsuccess --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}"
193
194 msgtest 'Test verify a file' 'with good keyring'
195 testsuccess --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/testcase-multikey.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
196
197 msgtest 'Test fail verify a file' 'with bad keyring'
198 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/joesixpack.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
199
200 msgtest 'Test fail verify a file' 'with non-existing keyring'
201 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/does-not-exist.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
202 testfailure test -e "${KEYDIR}/does-not-exist.pub"
203
204 # note: this isn't how apts gpgv method implements keyid for verify
205 msgtest 'Test verify a file' 'with good keyid'
206 testsuccess --nomsg aptkey --quiet --readonly --keyid 'Paranoid' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
207
208 msgtest 'Test fail verify a file' 'with bad keyid'
209 testfailure --nomsg aptkey --quiet --readonly --keyid 'Sixpack' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
210
211 msgtest 'Test fail verify a file' 'with non-existing keyid'
212 testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
213
214 msgtest 'Test verify fails on' 'bad file'
215 testfailure --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}2"
216 done
217 rm -f "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd"
218
219 msgtest 'Test verify a file' 'with good keyring'
220 testsuccess --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/testcase-multikey.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
221
222 cleanplate
223 cat "${KEYDIR}/joesixpack.pub" "${KEYDIR}/marvinparanoid.pub" > "${KEYDIR}/double.pub"
224 cat "${KEYDIR}/joesixpack.sec" "${KEYDIR}/marvinparanoid.sec" > "${KEYDIR}/double.sec"
225 cp -a "${KEYDIR}/double.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/double.gpg"
226 cp -a "${KEYDIR}/testcase-multikey.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/multikey.gpg"
227 rm -f "${SIGNATURE}.gpg"
228 testsuccess aptkey --quiet --keyring "${KEYDIR}/double.pub" --secret-keyring "${KEYDIR}/double.sec" --readonly \
229 adv --batch --yes -u 'Marvin' -u 'Joe' --armor --detach-sign --sign --output "${SIGNATURE}.gpg" "${SIGNATURE}"
230 testsuccess test -s "${SIGNATURE}.gpg" -a -s "${SIGNATURE}"
231
232 for GPGV in '' 'gpgv' 'gpgv2'; do
233 echo "APT::Key::GPGVCommand \"$GPGV\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd"
234
235 msgtest 'Test verify a doublesigned file' 'with all keys'
236 testsuccess --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}"
237
238 msgtest 'Test verify a doublesigned file' 'with good keyring joe'
239 testmultigpg --keyring "${KEYDIR}/joesixpack.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
240
241 msgtest 'Test verify a doublesigned file' 'with good keyring marvin'
242 testmultigpg --keyring "${KEYDIR}/marvinparanoid.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
243
244 msgtest 'Test fail verify a doublesigned file' 'with bad keyring'
245 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/rexexpired.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
246
247 msgtest 'Test fail verify a doublesigned file' 'with non-existing keyring'
248 testfailure --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/does-not-exist.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"
249 testfailure test -e "${KEYDIR}/does-not-exist.pub"
250
251 # note: this isn't how apts gpgv method implements keyid for verify
252 msgtest 'Test verify a doublesigned file' 'with good keyid'
253 testmultigpg --keyid 'Paranoid' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
254
255 msgtest 'Test fail verify a doublesigned file' 'with bad keyid'
256 testfailure --nomsg aptkey --quiet --readonly --keyid 'Rex' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
257
258 msgtest 'Test fail verify a doublesigned file' 'with non-existing keyid'
259 testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify "${SIGNATURE}.gpg" "${SIGNATURE}"
260
261 msgtest 'Test verify fails on' 'bad doublesigned file'
262 testfailure --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}2"
263 done
264 rm -f "${ROOTDIR}/etc/apt/apt.conf.d/00gpgvcmd"
265 }
266
267 setupgpgcommand() {
268 echo "APT::Key::GPGCommand \"$1\";" > "${ROOTDIR}/etc/apt/apt.conf.d/00gpgcmd"
269 msgmsg 'Force tests to be run with' "$1"
270 testsuccess aptkey --readonly adv --version
271 cp "${ROOTDIR}/tmp/testsuccess.output" "${TMPWORKINGDIRECTORY}/aptkey.version"
272 testsuccess grep "^gpg (GnuPG) $2\." "${TMPWORKINGDIRECTORY}/aptkey.version"
273 }
274
275 # run with default (whatever this is) in current CWD with relative paths
276 ROOTDIR="./rootdir"
277 KEYDIR="./keys"
278 testrun
279
280 # run with … and up the game with a strange CWD & absolute paths
281 ROOTDIR="${TMPWORKINGDIRECTORY}/rootdir"
282 KEYDIR="${TMPWORKINGDIRECTORY}/keys"
283 mkdir inaccessible
284 cd inaccessible
285 chmod 600 ../inaccessible
286 testfilestats "${TMPWORKINGDIRECTORY}/inaccessible" '%a' '=' '600'
287
288 setupgpgcommand 'gpg' '1'
289 testrun
290 setupgpgcommand 'gpg2' '2'
291 testrun