Validate package signatures on db-update

author: Pierre Schmitz <pierre@archlinux.de> 2011-12-18 14:16:30 +0100
committer: Pierre Schmitz <pierre@archlinux.de> 2011-12-18 14:16:30 +0100
commit: 2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e (patch)
tree: 215c7aacc2d23b6b553f8b1f1d033273fea571cd /test/test.d
parent: a8b219b325cd642a781a64d8e08a0e66d25c1b44 (diff)
download: dbscripts-2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e.tar.gz
dbscripts-2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e.tar.xz
1 files changed, 19 insertions, 1 deletions
diff --git a/test/test.d/signed-packages.sh b/test/test.d/signed-packages.sh
index 5d6f4ff..20ad844 100755
--- a/test/test.d/signed-packages.sh
+++ b/test/test.d/signed-packages.sh
@@ -5,9 +5,27 @@ curdir=$(readlink -e $(dirname $0))
 
 testAddUnsignedPackage() {
 	releasePackage extra 'pkg-simple-a' 'i686'
-	# remove any signature
 	rm "${STAGING}"/extra/*.sig
 	../db-update >/dev/null 2>&1 && fail "db-update should fail when a signature is missing!"
 }
 
+testAddInvalidSignedPackage() {
+	local p
+	releasePackage extra 'pkg-simple-a' 'i686'
+	for p in "${STAGING}"/extra/*${PKGEXT}; do
+		unxz $p
+		xz -0 ${p%%.xz}
+	done
+	../db-update >/dev/null 2>&1 && fail "db-update should fail when a signature is invalid!"
+}
+
+testAddBrokenSignature() {
+	local s
+	releasePackage extra 'pkg-simple-a' 'i686'
+	for s in "${STAGING}"/extra/*.sig; do
+		echo 0 > $s
+	done
+	../db-update >/dev/null 2>&1 && fail "db-update should fail when a signature is broken!"
+}
+
 . "${curdir}/../lib/shunit2"
author	Pierre Schmitz <pierre@archlinux.de>	2011-12-18 14:16:30 +0100
committer	Pierre Schmitz <pierre@archlinux.de>	2011-12-18 14:16:30 +0100
commit	2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e (patch)
tree	215c7aacc2d23b6b553f8b1f1d033273fea571cd /test/test.d
parent	a8b219b325cd642a781a64d8e08a0e66d25c1b44 (diff)
download	dbscripts-2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e.tar.gz dbscripts-2b7bb0c6b7aa4f7a43c82db1cf9a18d27600c62e.tar.xz