ubuntu-buildroot/support/testing/tests/package/test_gnupg2.py

115 lines
4.1 KiB
Python

import os
import infra.basetest
class TestGnupg2(infra.basetest.BRTest):
config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
"""
BR2_PACKAGE_GNUPG2=y
BR2_TARGET_ROOTFS_CPIO=y
# BR2_TARGET_ROOTFS_TAR is not set
"""
def test_run(self):
cpio_file = os.path.join(self.builddir, "images", "rootfs.cpio")
self.emulator.boot(arch="armv5",
kernel="builtin",
options=["-initrd", cpio_file])
self.emulator.login()
# Some common data for all the tests
plain_data = "Some plain text data"
plain_file = "file.txt"
gpg_file = plain_file + ".gpg"
asc_file = plain_file + ".asc"
sig_file = plain_file + ".sig"
good_passphrase = "Good Passphrase"
gpg_userid = "br-test@buildroot"
# Test the program can execute
self.assertRunOk("gpg --version")
# Generate plain text data
cmd = "echo '{}' > {}".format(plain_data, plain_file)
self.assertRunOk(cmd)
# Test symmetric encrypt
cmd = "gpg --batch --symmetric"
cmd += " --passphrase '{}' {}".format(good_passphrase, plain_file)
self.assertRunOk(cmd)
# Test symmetric decrypt
cmd = "gpg --batch --decrypt"
cmd += " --passphrase '{}' {}".format(good_passphrase, gpg_file)
output, exit_code = self.emulator.run(cmd)
self.assertEqual(exit_code, 0)
self.assertIn(plain_data, output)
# Test a failed decrypt with a bad password
cmd = "gpg --batch --decrypt"
cmd += " --passphrase 'A-Bad-Password' {}".format(gpg_file)
_, exit_code = self.emulator.run(cmd)
self.assertNotEqual(exit_code, 0)
# Test the generation of an asymmetric key
cmd = "gpg --batch --passphrase ''"
cmd += " --quick-generate-key {} default default".format(gpg_userid)
self.assertRunOk(cmd)
# Test asymmetric encrypt+sign
cmd = "gpg --batch --yes --encrypt --sign"
cmd += " --recipient {} {}".format(gpg_userid, plain_file)
self.assertRunOk(cmd)
# Test asymmetric decrypt+verify
cmd = "gpg --decrypt {}".format(gpg_file)
output, exit_code = self.emulator.run(cmd)
self.assertEqual(exit_code, 0)
self.assertIn(plain_data, output)
self.assertRegex("\n".join(output), r'gpg: Good signature')
# Test asymmetric armored encrypt+sign
cmd = "gpg --batch --yes --armor --encrypt --sign"
cmd += " --recipient {} {}".format(gpg_userid, plain_file)
self.assertRunOk(cmd)
# Test asymmetric armored decrypt+verify
cmd = "gpg --armor --decrypt {}".format(asc_file)
output, exit_code = self.emulator.run(cmd)
self.assertEqual(exit_code, 0)
self.assertIn(plain_data, output)
self.assertRegex("\n".join(output), r'gpg: Good signature')
# Test detached signature
cmd = "gpg --batch --yes --detach-sign {}".format(plain_file)
self.assertRunOk(cmd)
# Test detached signature verification
cmd = "gpg --verify {}".format(sig_file)
output, exit_code = self.emulator.run(cmd)
self.assertEqual(exit_code, 0)
self.assertRegex("\n".join(output), r'gpg: Good signature')
# Test detached armored signature
cmd = "gpg --batch --yes --armor --detach-sign {}".format(plain_file)
self.assertRunOk(cmd)
# Test detached armored signature verification
cmd = "gpg --armor --verify {}".format(asc_file)
output, exit_code = self.emulator.run(cmd)
self.assertEqual(exit_code, 0)
self.assertRegex("\n".join(output), r'gpg: Good signature')
# Test the signature verification of a corrupted file actually fails
cmd = "echo 'CORRUPTED' >> {}".format(plain_file)
self.assertRunOk(cmd)
cmd = "gpg --verify {}".format(sig_file)
_, exit_code = self.emulator.run(cmd)
self.assertNotEqual(exit_code, 0)
cmd = "gpg --armor --verify {}".format(asc_file)
_, exit_code = self.emulator.run(cmd)
self.assertNotEqual(exit_code, 0)