115 lines
4.1 KiB
Python
115 lines
4.1 KiB
Python
import os
|
|
|
|
import infra.basetest
|
|
|
|
|
|
class TestGnupg2(infra.basetest.BRTest):
|
|
config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
|
|
"""
|
|
BR2_PACKAGE_GNUPG2=y
|
|
BR2_TARGET_ROOTFS_CPIO=y
|
|
# BR2_TARGET_ROOTFS_TAR is not set
|
|
"""
|
|
|
|
def test_run(self):
|
|
cpio_file = os.path.join(self.builddir, "images", "rootfs.cpio")
|
|
self.emulator.boot(arch="armv5",
|
|
kernel="builtin",
|
|
options=["-initrd", cpio_file])
|
|
self.emulator.login()
|
|
|
|
# Some common data for all the tests
|
|
plain_data = "Some plain text data"
|
|
plain_file = "file.txt"
|
|
gpg_file = plain_file + ".gpg"
|
|
asc_file = plain_file + ".asc"
|
|
sig_file = plain_file + ".sig"
|
|
good_passphrase = "Good Passphrase"
|
|
gpg_userid = "br-test@buildroot"
|
|
|
|
# Test the program can execute
|
|
self.assertRunOk("gpg --version")
|
|
|
|
# Generate plain text data
|
|
cmd = "echo '{}' > {}".format(plain_data, plain_file)
|
|
self.assertRunOk(cmd)
|
|
|
|
# Test symmetric encrypt
|
|
cmd = "gpg --batch --symmetric"
|
|
cmd += " --passphrase '{}' {}".format(good_passphrase, plain_file)
|
|
self.assertRunOk(cmd)
|
|
|
|
# Test symmetric decrypt
|
|
cmd = "gpg --batch --decrypt"
|
|
cmd += " --passphrase '{}' {}".format(good_passphrase, gpg_file)
|
|
output, exit_code = self.emulator.run(cmd)
|
|
self.assertEqual(exit_code, 0)
|
|
self.assertIn(plain_data, output)
|
|
|
|
# Test a failed decrypt with a bad password
|
|
cmd = "gpg --batch --decrypt"
|
|
cmd += " --passphrase 'A-Bad-Password' {}".format(gpg_file)
|
|
_, exit_code = self.emulator.run(cmd)
|
|
self.assertNotEqual(exit_code, 0)
|
|
|
|
# Test the generation of an asymmetric key
|
|
cmd = "gpg --batch --passphrase ''"
|
|
cmd += " --quick-generate-key {} default default".format(gpg_userid)
|
|
self.assertRunOk(cmd)
|
|
|
|
# Test asymmetric encrypt+sign
|
|
cmd = "gpg --batch --yes --encrypt --sign"
|
|
cmd += " --recipient {} {}".format(gpg_userid, plain_file)
|
|
self.assertRunOk(cmd)
|
|
|
|
# Test asymmetric decrypt+verify
|
|
cmd = "gpg --decrypt {}".format(gpg_file)
|
|
output, exit_code = self.emulator.run(cmd)
|
|
self.assertEqual(exit_code, 0)
|
|
self.assertIn(plain_data, output)
|
|
self.assertRegex("\n".join(output), r'gpg: Good signature')
|
|
|
|
# Test asymmetric armored encrypt+sign
|
|
cmd = "gpg --batch --yes --armor --encrypt --sign"
|
|
cmd += " --recipient {} {}".format(gpg_userid, plain_file)
|
|
self.assertRunOk(cmd)
|
|
|
|
# Test asymmetric armored decrypt+verify
|
|
cmd = "gpg --armor --decrypt {}".format(asc_file)
|
|
output, exit_code = self.emulator.run(cmd)
|
|
self.assertEqual(exit_code, 0)
|
|
self.assertIn(plain_data, output)
|
|
self.assertRegex("\n".join(output), r'gpg: Good signature')
|
|
|
|
# Test detached signature
|
|
cmd = "gpg --batch --yes --detach-sign {}".format(plain_file)
|
|
self.assertRunOk(cmd)
|
|
|
|
# Test detached signature verification
|
|
cmd = "gpg --verify {}".format(sig_file)
|
|
output, exit_code = self.emulator.run(cmd)
|
|
self.assertEqual(exit_code, 0)
|
|
self.assertRegex("\n".join(output), r'gpg: Good signature')
|
|
|
|
# Test detached armored signature
|
|
cmd = "gpg --batch --yes --armor --detach-sign {}".format(plain_file)
|
|
self.assertRunOk(cmd)
|
|
|
|
# Test detached armored signature verification
|
|
cmd = "gpg --armor --verify {}".format(asc_file)
|
|
output, exit_code = self.emulator.run(cmd)
|
|
self.assertEqual(exit_code, 0)
|
|
self.assertRegex("\n".join(output), r'gpg: Good signature')
|
|
|
|
# Test the signature verification of a corrupted file actually fails
|
|
cmd = "echo 'CORRUPTED' >> {}".format(plain_file)
|
|
self.assertRunOk(cmd)
|
|
|
|
cmd = "gpg --verify {}".format(sig_file)
|
|
_, exit_code = self.emulator.run(cmd)
|
|
self.assertNotEqual(exit_code, 0)
|
|
|
|
cmd = "gpg --armor --verify {}".format(asc_file)
|
|
_, exit_code = self.emulator.run(cmd)
|
|
self.assertNotEqual(exit_code, 0)
|