blob: 9c7ccf581fa2b02f51c3ccef6be9e83c92ea56dc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
#!/bin/sh
# Copyright (C) 2018, Chris Lamb <lamby@debian.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
set -u
WORKDIR="$(readlink -f "${0%/*}")"
if test "${1:-}" = --installed; then
COMMAND="debsign --no-conf"
shift
else
COMMAND="$WORKDIR/../scripts/debsign.sh --no-conf"
fi
GPG=gpg
GPGHOME=$(mktemp -d -p /tmp gpg.XXXXX)
if ! command -v $GPG >/dev/null 2>&1; then
echo "$GPG missing"
GPG=gpg2
if ! command -v $GPG >/dev/null 2>&1; then
echo "$GPG missing"
exit 1
fi
fi
oneTimeSetUp () {
$GPG -v --homedir "$GPGHOME" --no-options -q --batch --no-default-keyring \
--output $GPGHOME/secring.gpg --dearmor $WORKDIR/debsign/private_key.asc
$GPG -v --homedir "$GPGHOME" --no-options -q --batch --no-default-keyring \
--output $GPGHOME/pubring.gpg --dearmor $WORKDIR/debsign/public_key.asc
export GNUPGHOME=$GPGHOME
}
oneTimeTearDown () {
gpgconf --homedir "$GPGHOME" --verbose --kill gpg-agent
rm -rf "$GPGHOME"
}
setUp() {
TEMPDIR=$(mktemp -d -p /tmp debsign.XXXXX)
cp $WORKDIR/debsign/* $TEMPDIR
CHANGES=$(echo $TEMPDIR/*changes)
}
tearDown() {
rm -rf $TEMPDIR
}
assertSigned() {
expected=$1
shift
$COMMAND "$@" $CHANGES >$TEMPDIR/stdout 2>$TEMPDIR/stderr
rc=$?
assertEquals 'error code' $expected $rc
}
testEmailKeyID () {
assertSigned 0 -k none@debian.org
}
testShortKeyID () {
assertSigned 1 -k 72543FAF
assertTrue 'error not seen' "grep -q 'short key ID' $TEMPDIR/stderr"
}
testPrefixedShortKeyID () {
assertSigned 1 -k 0x72543FAF
assertTrue 'error not seen' "grep -q 'short key ID' $TEMPDIR/stderr"
}
testLongKeyID() {
assertSigned 0 -k C77E2D6872543FAF
assertTrue 'not signed' "grep -q 'BEGIN PGP SIGNATURE' $CHANGES"
}
testPrefixedLongKeyID() {
assertSigned 0 -k 0xC77E2D6872543FAF
assertTrue 'not signed' "grep -q 'BEGIN PGP SIGNATURE' $CHANGES"
}
testFingerprintKeyID () {
assertSigned 0 -k CF218F0E7EABF584B7E20402C77E2D6872543FAF
}
testUnknownKeyID () {
assertSigned 2 -k AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
assertTrue 'warning not seen' "grep -q 'No secret key' $TEMPDIR/stderr"
}
testNameKeyID () {
assertSigned 0 -k 'uscan test key (no secret)'
}
testFullNameAsKeyID () {
assertSigned 0 -k 'uscan test key (no secret) <none@debian.org>'
}
. shunit2
|
