Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/pkg
 Path: blob/main/tests/frontend/fingerprint.sh
2065 views
1
#! /usr/bin/env atf-sh

2


3
. $(atf_get_srcdir)/test_environment.sh

4


5
tests_init \

6
	fingerprint_ecc \

7
	fingerprint_rsa \

8
	fingerprint_rootdir

9


10
setup() {

11
	local _root=$1

12
	local _type=$2

13
	local _fingerprint

14
	local _typecmd

15


16
	case "$_type" in

17
	rsa)

18
		atf_skip_on Linux Test fails on Linux

19
		atf_check -o save:repo.pub -e ignore \

20
			pkg key --create repo.key

21
		keyform=""

22
		_typecmd=""

23
		;;

24
	ecc)

25
		atf_skip_on Linux Test fails on Linux

26
		atf_check -o ignore -e ignore \

27
			openssl ecparam -genkey -name secp256k1 -out repo.key -outform DER

28
		chmod 0400 repo.key

29
		atf_check -o ignore -e ignore \

30
			openssl ec -inform DER -in repo.key -pubout -out repo.pub -outform DER

31
		keyform="-keyform DER"

32
		_typecmd='printf "%s\n%s\n" "TYPE" "ecdsa"'

33
		;;

34
	esac

35


36
	rm -rf ${TMPDIR}/keys || :

37
	mkdir -p ${_root}/${TMPDIR}/keys/trusted

38
	mkdir -p ${_root}/${TMPDIR}/keys/revoked

39
	_fingerprint=$(openssl dgst -sha256 -hex repo.pub | sed 's/^.* //')

40
	echo "function: sha256" > ${_root}/${TMPDIR}/keys/trusted/key

41
	echo "fingerprint: \"${_fingerprint}\"" >> ${_root}/${TMPDIR}/keys/trusted/key

42
	mkdir fakerepo

43


44
	cat >> sign.sh << EOF

45
#!/bin/sh

46
read -t 2 sum

47
[ -z "\$sum" ] && exit 1

48


49
$_typecmd

50
echo SIGNATURE

51
echo -n \$sum | openssl dgst $keyform -sign repo.key -sha256 -binary

52
echo

53
echo CERT

54
cat repo.pub

55
echo END

56
EOF

57


58
	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "test" "test" "1"

59


60
	atf_check -o ignore -e ignore \

61
		pkg create -M test.ucl -o fakerepo

62
	atf_check -o ignore \

63
		pkg repo fakerepo signing_command: sh sign.sh

64


65
	cat >> repo.conf << EOF

66
local: {

67
	url: file:///${TMPDIR}/fakerepo

68
	enabled: true

69
	signature_type: FINGERPRINTS

70
	fingerprints: ${TMPDIR}/keys

71
}

72
EOF

73
}

74


75
fingerprint_ecc_body() {

76
	setup "" "ecc"

77


78
	atf_check \

79
		-o ignore \

80
		-e match:".*extracting signature of repo.*" \

81
		pkg -dd -o REPOS_DIR="${TMPDIR}" \

82
		-o PKG_CACHEDIR="${TMPDIR}" update

83
}

84


85
fingerprint_rsa_body() {

86
	setup "" "rsa"

87


88
	atf_check \

89
		-o ignore \

90
		-e match:".*extracting signature of repo.*" \

91
		pkg -dd -o REPOS_DIR="${TMPDIR}" \

92
		-o PKG_CACHEDIR="${TMPDIR}" update

93
}

94


95
fingerprint_rootdir_body() {

96
	setup "${TMPDIR}/rootdir" "rsa"

97


98
	atf_check \

99
		-o ignore \

100
		-e match:".*extracting signature of repo.*" \

101
		pkg -dd -o REPOS_DIR="${TMPDIR}" \

102
		-o PKG_CACHEDIR="${TMPDIR}" -r "${TMPDIR}/rootdir" update

103
}

104


105