2013-09-02 19:43:49 -06:00
#!/bin/bash
#
# Copyright (C) 2013 Jeremy Whiting <jeremy.whiting@collabora.com>
2015-03-17 11:22:27 -04:00
# Copyright (C) 2015 Red Hat, Inc.
2013-09-02 19:43:49 -06:00
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
set -e
2015-03-03 13:13:54 +01:00
if ! ${ CMD_PREFIX } ostree --version | grep -q -e '\+gpgme' ; then
2013-09-02 19:43:49 -06:00
exit 77
fi
. $( dirname $0 ) /libtest.sh
setup_test_repository "archive-z2"
2015-03-17 11:22:27 -04:00
export OSTREE_GPG_SIGN = " ${ OSTREE } gpg-sign --gpg-homedir= ${ TEST_GPG_KEYHOME } "
2013-09-02 19:43:49 -06:00
cd ${ test_tmpdir }
2015-03-17 11:22:27 -04:00
${ OSTREE } commit -b test2 -s "A GPG signed commit" -m "Signed commit body" --gpg-sign= ${ TEST_GPG_KEYID_1 } --gpg-homedir= ${ TEST_GPG_KEYHOME } --tree= dir = files
${ OSTREE } show test2 | grep -o 'Found [[:digit:]] signature' > test2-show
2013-09-02 19:43:49 -06:00
# We at least got some content here and ran through the code; later
# tests will actually do verification
2015-03-17 11:22:27 -04:00
assert_file_has_content test2-show 'Found 1 signature'
2013-09-02 19:43:49 -06:00
2015-03-17 11:22:27 -04:00
# Now sign a commit with 3 different keys
2013-09-02 19:43:49 -06:00
cd ${ test_tmpdir }
2015-03-17 11:22:27 -04:00
${ OSTREE } commit -b test2 -s "A GPG signed commit" -m "Signed commit body" --gpg-sign= ${ TEST_GPG_KEYID_1 } --gpg-sign= ${ TEST_GPG_KEYID_2 } --gpg-sign= ${ TEST_GPG_KEYID_3 } --gpg-homedir= ${ TEST_GPG_KEYHOME } --tree= dir = files
${ OSTREE } show test2 | grep -o 'Found [[:digit:]] signature' > test2-show
assert_file_has_content test2-show 'Found 3 signature'
2015-02-25 13:55:14 -05:00
2015-03-17 11:22:27 -04:00
# Commit and sign separately, then monkey around with signatures
2015-02-25 13:55:14 -05:00
cd ${ test_tmpdir }
${ OSTREE } commit -b test2 -s "A GPG signed commit" -m "Signed commit body" --tree= dir = files
2015-03-17 11:22:27 -04:00
if ${ OSTREE } show test2 | grep -o 'Found [[:digit:]] signature' ; then
assert_not_reached
fi
${ OSTREE_GPG_SIGN } test2 ${ TEST_GPG_KEYID_1 }
${ OSTREE } show test2 | grep -o 'Found [[:digit:]] signature' > test2-show
assert_file_has_content test2-show 'Found 1 signature'
# Signing with a previously used key should be caught
if ${ OSTREE_GPG_SIGN } test2 ${ TEST_GPG_KEYID_1 } 2>/dev/null; then
assert_not_reached
fi
# Add a few more signatures and then delete them
${ OSTREE_GPG_SIGN } test2 ${ TEST_GPG_KEYID_2 } ${ TEST_GPG_KEYID_3 }
${ OSTREE } show test2 | grep -o 'Found [[:digit:]] signature' > test2-show
assert_file_has_content test2-show 'Found 3 signature'
${ OSTREE_GPG_SIGN } --delete test2 ${ TEST_GPG_KEYID_2 } | grep -o 'Signatures deleted: [[:digit:]]' > test2-delete
assert_file_has_content test2-delete 'Signatures deleted: 1'
${ OSTREE } show test2 | grep -o 'Found [[:digit:]] signature' > test2-show
assert_file_has_content test2-show 'Found 2 signature'
# Already deleted TEST_GPG_KEYID_2; should be ignored
${ OSTREE_GPG_SIGN } --delete test2 ${ TEST_GPG_KEYID_1 } ${ TEST_GPG_KEYID_2 } ${ TEST_GPG_KEYID_3 } | grep -o 'Signatures deleted: [[:digit:]]' > test2-delete
assert_file_has_content test2-delete 'Signatures deleted: 2'
# Verify all signatures are gone
if ${ OSTREE } show test2 | grep -o 'Found [[:digit:]] signature' ; then
assert_not_reached
fi