tests/delta: new tests for signed deltas

Add tests to generate signed deltas and verify them using 'dummy' signature engine. Signed-off-by: Frédéric Danis <frederic.danis@collabora.com>
2019-11-29 16:17:17 +01:00 · 2019-11-29 16:17:17 +01:00 · c98a993c99
parent bf0c09ffe1
commit c98a993c99
2 changed files with 132 additions and 0 deletions
--- a/Makefile-tests.am
+++ b/Makefile-tests.am
@ -114,6 +114,7 @@ _installed_or_uninstalled_test_scripts = \
 	tests/test-reset-nonlinear.sh \
 	tests/test-oldstyle-partial.sh \
 	tests/test-delta.sh \
 	tests/test-delta-sign.sh \
 	tests/test-xattrs.sh \
 	tests/test-auto-summary.sh \
 	tests/test-prune.sh \
--- a/tests/test-delta-sign.sh
+++ b/tests/test-delta-sign.sh
@ -0,0 +1,131 @@
 #!/bin/bash
 #
 # Copyright (C) 2011,2013 Colin Walters <walters@verbum.org>
 #
 # SPDX-License-Identifier: LGPL-2.0+
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
 # License as published by the Free Software Foundation; either
 # version 2 of the License, or (at your option) any later version.
 #
 # This library is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 # Lesser General Public License for more details.
 #
 # You should have received a copy of the GNU Lesser General Public
 # License along with this library; if not, write to the
 # Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 # Boston, MA 02111-1307, USA.
 set -euo pipefail
 . $(dirname $0)/libtest.sh
 skip_without_user_xattrs
 bindatafiles="bash true ostree"
 echo '1..3'
 # This is explicitly opt in for testing
 export OSTREE_DUMMY_SIGN_ENABLED=1
 mkdir repo
 ostree_repo_init repo --mode=archive
 mkdir files
 for bin in ${bindatafiles}; do
    cp $(which ${bin}) files
 done
 ${CMD_PREFIX} ostree --repo=repo commit -b test -s test --tree=dir=files
 function permuteFile() {
    permutation=$(($1 % 2))
    output=$2
    case $permutation in
 	0) dd if=/dev/zero count=40 bs=1 >> $output;;
 	1) echo aheader | cat - $output >> $output.new && mv $output.new $output;;
    esac
 }
 function permuteDirectory() {
    permutation=$1
    dir=$2
    for x in ${dir}/*; do
 	for z in $(seq ${permutation}); do
 	    permuteFile ${z} ${x}
 	done
    done
 }
 get_assert_one_direntry_matching() {
    local path=$1
    local r=$2
    local child=""
    local bn
    for p in ${path}/*; do
 	bn=$(basename $p)
 	if ! echo ${bn} | grep -q "$r"; then
 	    continue
 	fi
 	if test -z "${child}"; then
 	    child=${bn}
 	else
 	    assert_not_reached "Expected only one child matching ${r} in ${path}";
 	fi
    done
    if test -z "${child}"; then
 	assert_not_reached "Failed to find child matching ${r}"
    fi
    echo ${child}
 }
 origrev=$(${CMD_PREFIX} ostree --repo=repo rev-parse test)
 permuteDirectory 1 files
 ${CMD_PREFIX} ostree --repo=repo commit -b test -s test --tree=dir=files
 newrev=$(${CMD_PREFIX} ostree --repo=repo rev-parse test)
 ${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev}
 ${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} dummysign > show-not-signed.txt 2>&1 && exit 1
 assert_file_has_content show-not-signed.txt "Verification fails"
 assert_file_has_content show-not-signed.txt "no signatures in static-delta"
 deltaprefix=$(get_assert_one_direntry_matching repo/deltas '.')
 deltadir=$(get_assert_one_direntry_matching repo/deltas/${deltaprefix} '-')
 rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
 ${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline
 ${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} dummysign > show-inline-not-signed.txt 2>&1 && exit 1
 assert_file_has_content show-not-signed.txt "Verification fails"
 assert_file_has_content show-not-signed.txt "no signatures in static-delta"
 echo 'ok verify ok with unsigned deltas'
 rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
 ${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=dummy --sign=dummysign
 ${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} dummysign > show-dummy-signed.txt
 assert_file_has_content show-dummy-signed.txt "Verification OK"
 rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
 ${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=dummy --sign=dummysign
 ${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} dummysign > show-dummy-inline-signed.txt
 assert_file_has_content show-dummy-inline-signed.txt "Verification OK"
 echo 'ok verified with dummy'
 rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
 ${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --sign-type=dummy --sign=dummysign
 ${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} badsign > show-dummy-bad-signed.txt && exit 1
 assert_file_has_content show-dummy-bad-signed.txt "Verification fails"
 rm -rf repo/deltas/${deltaprefix}/${deltadir}/*
 ${CMD_PREFIX} ostree --repo=repo static-delta generate --from=${origrev} --to=${newrev} --inline --sign-type=dummy --sign=dummysign
 ${CMD_PREFIX} ostree --repo=repo static-delta verify --sign-type=dummy ${origrev}-${newrev} badsign > show-dummy-bad-inline-signed.txt && exit 1
 assert_file_has_content show-dummy-bad-inline-signed.txt "Verification fails"
 echo 'ok verification failed with dummy and bad key'