+ rm -f rootdir/etc/apt/trusted.gpg.d/marvinparanoid.gpg
+
+ msgmsg 'Cold archive signed by bad keyid' 'Joe Sixpack'
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Joe Sixpack'
+ find aptarchive/ -name "$DELETEFILE" -delete
+ updatewithwarnings '^W: .* be verified because the public key is not available: .*'
+
+ sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/*
+}
+
+runtest2() {
+ msgmsg 'Cold archive signed by' 'Joe Sixpack'
+ prepare "${PKGFILE}"
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Joe Sixpack'
+ successfulaptgetupdate
+
+ # New .deb but now an unsigned archive. For example MITM to circumvent
+ # package verification.
+ msgmsg 'Warm archive signed by' 'nobody'
+ prepare "${PKGFILE}-new"
+ find aptarchive/ -name InRelease -delete
+ find aptarchive/ -name Release.gpg -delete
+ updatewithwarnings 'W: .* no longer signed.'
+ testsuccessequal "$(cat "${PKGFILE}-new")
+" aptcache show apt
+ failaptnew
+
+ # Unsigned archive from the beginning must also be detected.
+ msgmsg 'Cold archive signed by' 'nobody'
+ rm -rf rootdir/var/lib/apt/lists
+ updatewithwarnings 'W: .* is not signed.'
+ testsuccessequal "$(cat "${PKGFILE}-new")
+" aptcache show apt
+ failaptnew
+}
+
+runtest3() {
+ echo "APT::Hashes::$APT_TESTS_DIGEST_ALGO::$1 \"yes\";" > rootdir/etc/apt/apt.conf.d/truststate
+ msgmsg "Running base test with $1 digest"
+ runtest2
+
+ for DELETEFILE in 'InRelease' 'Release.gpg'; do
+ msgmsg "Running test with deletion of $DELETEFILE and $1 digest"
+ runtest "$DELETEFILE"
+ done
+}
+
+# diable some protection by default and ensure we still do the verification
+# correctly
+cat > rootdir/etc/apt/apt.conf.d/weaken-security <<EOF
+Acquire::AllowInsecureRepositories "1";
+Acquire::AllowDowngradeToInsecureRepositories "1";
+EOF
+# the hash marked as configureable in our gpgv method
+export APT_TESTS_DIGEST_ALGO='SHA224'
+
+successfulaptgetupdate() {
+ testsuccess aptget update -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ if [ -n "$1" ]; then
+ cp rootdir/tmp/testsuccess.output aptupdate.output
+ testsuccess grep "$1" aptupdate.output
+ fi
+}
+runtest3 'Trusted'
+
+successfulaptgetupdate() {
+ testwarning aptget update -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ if [ -n "$1" ]; then
+ testsuccess grep "$1" rootdir/tmp/testwarning.output
+ fi
+ testsuccess grep 'uses weak digest algorithm' rootdir/tmp/testwarning.output
+}
+runtest3 'Weak'
+
+msgmsg "Running test with apt-untrusted digest"
+echo "APT::Hashes::$APT_TESTS_DIGEST_ALGO::Untrusted \"yes\";" > rootdir/etc/apt/apt.conf.d/truststate
+runfailure() {
+ for DELETEFILE in 'InRelease' 'Release.gpg'; do
+ msgmsg 'Cold archive signed by' 'Joe Sixpack'
+ prepare "${PKGFILE}"
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Joe Sixpack'
+ find aptarchive/ -name "$DELETEFILE" -delete
+ testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ testsuccess grep 'The following signatures were invalid' rootdir/tmp/testfailure.output
+ testnopackage 'apt'
+ testwarning aptget update --allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ failaptold
+
+ msgmsg 'Cold archive signed by' 'Marvin Paranoid'
+ prepare "${PKGFILE}"
+ rm -rf rootdir/var/lib/apt/lists
+ signreleasefiles 'Marvin Paranoid'
+ find aptarchive/ -name "$DELETEFILE" -delete
+ testfailure aptget update --no-allow-insecure-repositories -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
+ testnopackage 'apt'
+ updatewithwarnings '^W: .* NO_PUBKEY'
+ testsuccessequal "$(cat "${PKGFILE}")
+" aptcache show apt
+ failaptold
+ done