110 lines
2.7 KiB
Bash
Executable file
110 lines
2.7 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
# Copyright (C) 2018, Chris Lamb <lamby@debian.org>
|
|
#
|
|
# This program is free software; you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
set -u
|
|
|
|
WORKDIR="$(readlink -f "${0%/*}")"
|
|
|
|
if test "${1:-}" = --installed; then
|
|
COMMAND="debsign --no-conf"
|
|
shift
|
|
else
|
|
COMMAND="$WORKDIR/../scripts/debsign.sh --no-conf"
|
|
fi
|
|
|
|
GPG=gpg
|
|
GPGHOME=$(mktemp -d -p /tmp gpg.XXXXX)
|
|
if ! command -v $GPG >/dev/null 2>&1; then
|
|
echo "$GPG missing"
|
|
exit 1
|
|
fi
|
|
|
|
oneTimeSetUp () {
|
|
$GPG -v --homedir "$GPGHOME" --no-options -q --batch --no-default-keyring \
|
|
--output $GPGHOME/secring.gpg --dearmor $WORKDIR/debsign/private_key.asc
|
|
|
|
$GPG -v --homedir "$GPGHOME" --no-options -q --batch --no-default-keyring \
|
|
--output $GPGHOME/pubring.gpg --dearmor $WORKDIR/debsign/public_key.asc
|
|
|
|
export GNUPGHOME=$GPGHOME
|
|
}
|
|
|
|
oneTimeTearDown () {
|
|
gpgconf --homedir "$GPGHOME" --verbose --kill gpg-agent
|
|
rm -rf "$GPGHOME"
|
|
}
|
|
|
|
setUp() {
|
|
TEMPDIR=$(mktemp -d -p /tmp debsign.XXXXX)
|
|
cp $WORKDIR/debsign/* $TEMPDIR
|
|
CHANGES=$(echo $TEMPDIR/*changes)
|
|
}
|
|
|
|
tearDown() {
|
|
rm -rf $TEMPDIR
|
|
}
|
|
|
|
assertSigned() {
|
|
expected=$1
|
|
shift
|
|
$COMMAND "$@" $CHANGES >$TEMPDIR/stdout 2>$TEMPDIR/stderr
|
|
rc=$?
|
|
assertEquals 'error code' $expected $rc
|
|
}
|
|
|
|
testEmailKeyID () {
|
|
assertSigned 0 -k none@debian.org
|
|
}
|
|
|
|
testShortKeyID () {
|
|
assertSigned 1 -k 72543FAF
|
|
assertTrue 'error not seen' "grep -q 'short key ID' $TEMPDIR/stderr"
|
|
}
|
|
|
|
testPrefixedShortKeyID () {
|
|
assertSigned 1 -k 0x72543FAF
|
|
assertTrue 'error not seen' "grep -q 'short key ID' $TEMPDIR/stderr"
|
|
}
|
|
|
|
testLongKeyID() {
|
|
assertSigned 0 -k C77E2D6872543FAF
|
|
assertTrue 'not signed' "grep -q 'BEGIN PGP SIGNATURE' $CHANGES"
|
|
}
|
|
|
|
testPrefixedLongKeyID() {
|
|
assertSigned 0 -k 0xC77E2D6872543FAF
|
|
assertTrue 'not signed' "grep -q 'BEGIN PGP SIGNATURE' $CHANGES"
|
|
}
|
|
|
|
testFingerprintKeyID () {
|
|
assertSigned 0 -k CF218F0E7EABF584B7E20402C77E2D6872543FAF
|
|
}
|
|
|
|
testUnknownKeyID () {
|
|
assertSigned 2 -k AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
|
assertTrue 'warning not seen' "grep -q 'No secret key' $TEMPDIR/stderr"
|
|
}
|
|
|
|
testNameKeyID () {
|
|
assertSigned 0 -k 'uscan test key (no secret)'
|
|
}
|
|
|
|
testFullNameAsKeyID () {
|
|
assertSigned 0 -k 'uscan test key (no secret) <none@debian.org>'
|
|
}
|
|
|
|
. shunit2
|