From 2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Sun, 18 Dec 2011 14:16:30 +0100
Subject: Validate package signatures on db-update

---
 test/test.d/signed-packages.sh | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

(limited to 'test/test.d/signed-packages.sh')

diff --git a/test/test.d/signed-packages.sh b/test/test.d/signed-packages.sh
index 5d6f4ff..20ad844 100755
--- a/test/test.d/signed-packages.sh
+++ b/test/test.d/signed-packages.sh
@@ -5,9 +5,27 @@ curdir=$(readlink -e $(dirname $0))
 
 testAddUnsignedPackage() {
 	releasePackage extra 'pkg-simple-a' 'i686'
-	# remove any signature
 	rm "${STAGING}"/extra/*.sig
 	../db-update >/dev/null 2>&1 && fail "db-update should fail when a signature is missing!"
 }
 
+testAddInvalidSignedPackage() {
+	local p
+	releasePackage extra 'pkg-simple-a' 'i686'
+	for p in "${STAGING}"/extra/*${PKGEXT}; do
+		unxz $p
+		xz -0 ${p%%.xz}
+	done
+	../db-update >/dev/null 2>&1 && fail "db-update should fail when a signature is invalid!"
+}
+
+testAddBrokenSignature() {
+	local s
+	releasePackage extra 'pkg-simple-a' 'i686'
+	for s in "${STAGING}"/extra/*.sig; do
+		echo 0 > $s
+	done
+	../db-update >/dev/null 2>&1 && fail "db-update should fail when a signature is broken!"
+}
+
 . "${curdir}/../lib/shunit2"
-- 
cgit v1.2.3-2-g168b


From 8d85e0d1617fa319701e1c18b2dfb63ee7012fe7 Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Sun, 19 Feb 2012 02:21:11 +0100
Subject: Add at least one positive signing test

---
 test/test.d/signed-packages.sh | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'test/test.d/signed-packages.sh')

diff --git a/test/test.d/signed-packages.sh b/test/test.d/signed-packages.sh
index 20ad844..03566ef 100755
--- a/test/test.d/signed-packages.sh
+++ b/test/test.d/signed-packages.sh
@@ -3,6 +3,11 @@
 curdir=$(readlink -e $(dirname $0))
 . "${curdir}/../lib/common.inc"
 
+testAddSignedPackage() {
+	releasePackage extra 'pkg-simple-a' 'i686'
+	../db-update || fail "db-update failed!"
+}
+
 testAddUnsignedPackage() {
 	releasePackage extra 'pkg-simple-a' 'i686'
 	rm "${STAGING}"/extra/*.sig
-- 
cgit v1.2.3-2-g168b