abuild/tests/abuild_keygen_test
Natanael Copa f2978eb33f abuild-keygen: add support for creating kernel signing key
We need to have a key that can be used to sign kernel modules and
specifically 3rd party kernel modules. Add support for creating this key
in abuild-keygen.

ref: https://gitlab.alpinelinux.org/alpine/aports/-/issues/14873
2023-05-05 13:39:47 +02:00

118 lines
2.7 KiB
Plaintext
Executable File

#!/usr/bin/env atf-sh
SRCDIR="$(atf_get_srcdir)"
. "$SRCDIR"/test_env.sh
init_tests \
abuild_keygen_help \
abuild_keygen_invalid_opts \
abuild_keygen_invalid_arg \
abuild_keygen_non_interactive \
abuild_keygen_append \
abuild_keygen_install_without_sudo \
abuild_keygen_install_interactive \
abuild_keygen_install_non_interactive \
abuild_keygen_install_doas \
abuild_keygen_kernel \
export ABUILD_SHAREDIR="$SRCDIR"/..
export GIT=false
export FAKEKEY="$SRCDIR/testdata/abuild.key"
export FAKEKEYPUB="$SRCDIR/testdata/abuild.key.pub"
PATH="$SRCDIR/bin:$PATH"
abuild_keygen_help_body() {
atf_check -s exit:0 \
-o not-empty \
-e empty \
abuild-keygen --help
}
abuild_keygen_invalid_opts_body() {
atf_check -s exit:1 \
-o empty \
-e not-empty \
abuild-keygen -INVALID
}
abuild_keygen_invalid_arg_body() {
atf_check -s exit:2 \
-o empty \
-e not-empty \
abuild-keygen INVALID
}
abuild_keygen_non_interactive_body() {
atf_check -s exit:0 \
-o empty \
-e match:"(Generating|writing) RSA" \
abuild-keygen -n
}
abuild_keygen_append_body() {
PACKAGER="Test User <user@example.com>" \
atf_check -s exit:0 \
\
-o empty \
-e match:"(Generating|writing) RSA" \
abuild-keygen --append -n
grep '^PACKAGER_PRIVKEY=.*user@example.com' "$HOME"/.abuild/abuild.conf \
|| atf_fail 'PACKAGER_PRIVKEY not set in abuild.conf'
}
abuild_keygen_install_without_sudo_body() {
SUDO=false \
atf_check -s exit:1 \
\
-o empty \
-e match:"(Generating|writing) RSA" \
abuild-keygen --install -n
}
abuild_keygen_install_interactive_body() {
echo | abuild_keygen_install_root="$PWD" SUDO= \
atf_check -s exit:0 \
\
-o match:"Enter file" \
-e match:"(Generating|writing) RSA" \
abuild-keygen --install
}
abuild_keygen_install_non_interactive_body() {
abuild_keygen_install_root="$PWD" SUDO= \
atf_check -s exit:0 \
\
-o empty \
-e match:"(Generating|writing) RSA" \
abuild-keygen --install -n
}
abuild_keygen_install_doas_body() {
mkdir bin
cat >bin/doas<<-EOF
#!/bin/sh
echo "fake doas"
"\$@"
EOF
chmod +x bin/doas
PATH="$PWD/bin:$PATH" abuild_keygen_install_root="$PWD" \
atf_check -s exit:0 \
\
-o match:"fake doas" \
-e match:"(Generating|writing) RSA" \
abuild-keygen --install -n
}
abuild_keygen_kernel_body() {
atf_check -s exit:0 \
-e match:"(Generating|writing) RSA" \
-e match:"signing key was created:.*kernel_signing_key.pem" \
-e match:"KERNEL_SIGNING_KEY=.*was added to.*abuild.conf" \
abuild-keygen --kernel
grep '^KERNEL_SIGNING_KEY=.*' "$HOME"/.abuild/abuild.conf \
|| atf_fail 'KERNEL_SIGNING_KEY not set in abuild.conf'
test -f "$HOME"/.abuild/kernel_signing_key.pem \
|| atf_fail '$HOME/.abuild/kernel_signing_key.pem was not created'
}