Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
.. abi.sh add.sh alias.sh annotate.sh audit.sh autoremove.sh autoupgrade.sh backup_lib.sh check.sh clean.sh config.sh configmerge.sh conflicts-multirepo.sh conflicts.sh create-parsebin.sh create.sh delete.sh dfly.binin extract.sh fetch.sh fingerprint.sh force_reinstall_shlib.sh formula.sh freebsd-aarch64.binin freebsd-amd64.binin freebsd-armv6.binin freebsd-armv7.binin freebsd-i386.binin freebsd-powerpc.binin freebsd-powerpc64.binin freebsd-powerpc64le.binin freebsd-riscv64.binin http.sh info.sh install.sh issue1374.sh issue1425.sh issue1440.sh issue1445.sh jpeg.sh key.sh libfoo.so.1in libtest2fbsd.so.1in libtestfbsd.so.1in linux.binin lock.sh lua.sh macos.binin macos106.binin macos150.binin macosfat.binin macosfatlib.binin messages.sh multipleprovider.sh packagemerge.sh packagesplit.sh php-pr.sh pkg.sh png.ucl pubkey.sh query.sh register.sh repo.sh repositories.sh requires.sh rootdir.sh rquery.sh rubypuppet.sh rwhich.sh search.sh set.sh shellscript.sh sqlite3.ucl test_environment.sh.in test_subr.sh triggers.sh unregister.sh update.sh updating.sh upgrade.sh version.sh vital.sh which.sh
S
Shawn Webb
Merge remote-tracking branch 'upstream/main' 1 year ago c3b674e History
HardenedBSD-pkg tests frontend pubkey.sh 
#! /usr/bin/env atf-sh

. $(atf_get_srcdir)/test_environment.sh

tests_init \
	pubkey_ecdsa \
	pubkey_eddsa \
	pubkey_rsa \
	pubkey_legacy

ecc_test() {
	local _type

	_type="$1"

	case "$_type" in
	eddsa)
		atf_check -o save:repo.pub -e ignore \
			pkg key --create -t "$_type" repo.key
		;;
	ecdsa)
		# pkg can generate these, but we want to be sure that we're still
		# compatible with what openssl produces.
		atf_check -o ignore -e ignore \
			openssl ecparam -genkey -name secp256k1 -out repo.key -outform DER
		chmod 0400 repo.key
		atf_check -o ignore -e ignore \
			openssl ec -inform DER -in repo.key -pubout -out repo.pub -outform DER
		;;
	esac

	mkdir fakerepo

	sh ${RESOURCEDIR}/test_subr.sh new_pkg test test 1 /

	atf_check -o ignore -e ignore \
		pkg create -M test.ucl -o fakerepo
	atf_check -o ignore -e ignore \
		pkg repo fakerepo "$_type":repo.key
	cat >> repo.conf << EOF
local: {
	url: file:///${TMPDIR}/fakerepo
	enabled: true
	pubkey: ${TMPDIR}/repo.pub
	signature_type: "pubkey"
}
EOF
	atf_check \
		-o ignore \
		pkg -o REPOS_DIR="${TMPDIR}" \
		-o ${PKG_CACHEDIR}="${TMPDIR}" update

	atf_check -o inline:"1\n" \
		pkg -o REPOS_DIR="${TMPDIR}" \
		-o ${PKG_CACHEDIR}="${TMPDIR}" rquery -U %v test
}

pubkey_ecdsa_body() {
	ecc_test "ecdsa"
}

pubkey_eddsa_body() {
	ecc_test "eddsa"
}

pubkey_rsa_body() {
	atf_check -o save:repo.pub -e ignore \
		pkg key --create repo.key
	mkdir fakerepo

	atf_check sh ${RESOURCEDIR}/test_subr.sh new_pkg test test 1 /

	atf_check -o ignore -e ignore \
		pkg create -M test.ucl -o fakerepo
	atf_check -o ignore -e ignore \
		pkg repo fakerepo rsa:repo.key
	cat >> repo.conf << EOF
local: {
	url: file:///${TMPDIR}/fakerepo
	enabled: true
	pubkey: ${TMPDIR}/repo.pub
	signature_type: "pubkey"
}
EOF
	atf_check \
		-o ignore \
		pkg -o REPOS_DIR="${TMPDIR}" \
		-o ${PKG_CACHEDIR}="${TMPDIR}" update

	atf_check -o inline:"1\n" \
		pkg -o REPOS_DIR="${TMPDIR}" \
		-o ${PKG_CACHEDIR}="${TMPDIR}" rquery -U %v test
}

# Legacy format, unprefixed key passed to pkg-repo
pubkey_legacy_body() {
	atf_check -o save:repo.pub -e ignore \
		pkg key --create repo.key
	mkdir fakerepo

	atf_check sh ${RESOURCEDIR}/test_subr.sh new_pkg test test 1 /

	atf_check -o ignore -e ignore \
		pkg create -M test.ucl -o fakerepo
	atf_check -o ignore -e ignore \
		pkg repo fakerepo repo.key
	cat >> repo.conf << EOF
local: {
	url: file:///${TMPDIR}/fakerepo
	enabled: true
	pubkey: ${TMPDIR}/repo.pub
	signature_type: "pubkey"
}
EOF
	atf_check \
		-o ignore \
		pkg -o REPOS_DIR="${TMPDIR}" \
		-o ${PKG_CACHEDIR}="${TMPDIR}" update

	atf_check -o inline:"1\n" \
		pkg -o REPOS_DIR="${TMPDIR}" \
		-o ${PKG_CACHEDIR}="${TMPDIR}" rquery -U %v test
}