packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tests/gpg: Test ostree_gpg_verify_result_require_valid_signature 

Add explicit tests for
`ostree_gpg_verify_result_require_valid_signature` in addition to the
implicit tests via `ostree pull` and others. This allows checking the
error code raised.
This commit is contained in:
Dan Nicholson 2019-06-21 06:16:13 -05:00
parent 0fbfc0b207
commit 01da2371c5
1 changed files with 136 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
tests/test-gpg-verify-result.c
View File

@ -36,6 +36,18 @@
} \ } \
} G_STMT_END } G_STMT_END
#define assert_str_contains(s1, s2) \
G_STMT_START { \
const char *__s1 = (s1), *__s2 = (s2); \
if (strstr (__s1, __s2) == NULL) { \
g_autoptr(GString) string = g_string_new ("assertion failed (" #s1 " contains " #s2 "): "); \
g_autofree char *__es1 = g_strescape (__s1, NULL); \
g_autofree char *__es2 = g_strescape (__s2, NULL); \
g_string_append_printf (string, "(\"%s\", \"%s\")", __es1, __es2); \
g_assertion_message (G_LOG_DOMAIN, __FILE__, __LINE__, G_STRFUNC, string->str); \
} \
} G_STMT_END
typedef struct { typedef struct {
OstreeGpgVerifyResult *result; OstreeGpgVerifyResult *result;
} TestFixture; } TestFixture;
@ -413,6 +425,83 @@ test_expired_signature (TestFixture *fixture,
g_assert_cmpint (key_exp_timestamp, ==, 0); g_assert_cmpint (key_exp_timestamp, ==, 0);
} }
static void
test_require_valid_signature (TestFixture *fixture,
gconstpointer user_data)
{
GError *error = NULL;
gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
&error);
g_assert_true (res);
g_assert_no_error (error);
}
static void
test_require_valid_signature_expired_key (TestFixture *fixture,
gconstpointer user_data)
{
GError *error = NULL;
gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
&error);
g_assert_false (res);
g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_EXPIRED_KEY);
assert_str_contains (error->message, "Key expired");
}
static void
test_require_valid_signature_revoked_key (TestFixture *fixture,
gconstpointer user_data)
{
GError *error = NULL;
gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
&error);
g_assert_false (res);
g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_REVOKED_KEY);
assert_str_contains (error->message, "Key revoked");
}
static void
test_require_valid_signature_missing_key (TestFixture *fixture,
gconstpointer user_data)
{
GError *error = NULL;
gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
&error);
g_assert_false (res);
g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_MISSING_KEY);
assert_str_contains (error->message, "public key not found");
}
static void
test_require_valid_signature_expired_signature (TestFixture *fixture,
gconstpointer user_data)
{
GError *error = NULL;
gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
&error);
g_assert_false (res);
g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_EXPIRED_SIGNATURE);
assert_str_contains (error->message, "Signature expired");
}
static void
test_require_valid_signature_expired_missing_key (TestFixture *fixture,
gconstpointer user_data)
{
GError *error = NULL;
gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
&error);
g_assert_false (res);
/*
* The error will be for the last signature, which is for a missing key, but
* the message should show both issues.
*/
g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_MISSING_KEY);
assert_str_contains (error->message, "Key expired");
assert_str_contains (error->message, "public key not found");
}
int int
main (int argc, char **argv) main (int argc, char **argv)
{ {
@ -476,5 +565,52 @@ main (int argc, char **argv)
test_expired_signature, test_expired_signature,
test_fixture_teardown); test_fixture_teardown);
g_test_add ("/gpg-verify-result/require-valid-signature",
TestFixture,
NULL,
test_fixture_setup,
test_require_valid_signature,
test_fixture_teardown);
const char *expired_key_files[] = { "lgpl2.sig1", NULL };
g_test_add ("/gpg-verify-result/require-valid-signature-expired-key",
TestFixture,
expired_key_files,
test_fixture_setup,
test_require_valid_signature_expired_key,
test_fixture_teardown);
const char *revoked_key_files[] = { "lgpl2.sig2", NULL };
g_test_add ("/gpg-verify-result/require-valid-signature-revoked-key",
TestFixture,
revoked_key_files,
test_fixture_setup,
test_require_valid_signature_revoked_key,
test_fixture_teardown);
const char *missing_key_files[] = { "lgpl2.sig3", NULL };
g_test_add ("/gpg-verify-result/require-valid-signature-missing-key",
TestFixture,
missing_key_files,
test_fixture_setup,
test_require_valid_signature_missing_key,
test_fixture_teardown);
const char *expired_signature_files[] = { "lgpl2.sig4", NULL };
g_test_add ("/gpg-verify-result/require-valid-signature-expired-signature",
TestFixture,
expired_signature_files,
test_fixture_setup,
test_require_valid_signature_expired_signature,
test_fixture_teardown);
const char *expired_missing_key_files[] = { "lgpl2.sig1", "lgpl2.sig3", NULL };
g_test_add ("/gpg-verify-result/require-valid-signature-expired-missing-key",
TestFixture,
expired_missing_key_files,
test_fixture_setup,
test_require_valid_signature_expired_missing_key,
test_fixture_teardown);
return g_test_run (); return g_test_run ();
} }