summaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2024-06-17Relicense as GPL-2.0-or-laterMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-08-13testutil: Remove obsolete test classesMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-05-29Remove leftover debug printsMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-05-29tests: Make StrayCompressedManifestLayout allow any gzip outputMichał Górny
Update StrayCompressedManifestLayout test not to rely on specific gzip output. It changes in Python 3.12, and it was a bad idea anyway. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-03-01Support verifying detached signatures of data from stdinMichał Górny
Closes: https://github.com/projg2/gemato/issues/28 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-02-15test_openpgp: Inline signature timestampMichał Górny
The signature timestamp is a property of the signature, not the key, so it does not belong in keydata. Also, they are used only once, so inline them both. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-02-15openpgp: Do not reject signatures made prior to key expirationMichał Górny
If the key is expired, reject it only if the signature was made after the key expired. This only works in isolated environments where we control key trust explicitly — as GnuPG will consider all expired keys untrusted. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-02-15test_openpgp: Inline MANIFEST_*_SIGMichał Górny
Inline MANIFEST_GOOD_SIG and MANIFEST_BAD_SIG lists. They are both being used in only one test, and they are combined there too. Add one missing Manifest to the list. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22tests: Extend test_verify_detached() to 1-out-of-2 caseMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22tests: Make assert_signature() more reusableMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22openpgp: Add a function to verify detached signatureMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22openpgp: Allow verifying a subset of signaturesMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22test_openpgp: Add more tests for the multi-signature caseMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22openpgp: Store all verification results in OpenPGPSignatureDataMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21openpgp: Initial support for multiple signaturesMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21test_openpgp: Workaround pyflakes' failuresMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21test_openpgp: Put common part of Manifest into a varMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21tests: Move the combined keys to keydataMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21tests.keydata: Add __main__ that prints keydataMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-26Modernize via pyupgradeMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Include full path in ManifestNoSupportedHashes exceptionMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Fix a corner case when open() fails w/ NXIO/OPNOTSUPP on reg fileMichał Górny
Closes: https://github.com/projg2/gemato/issues/21 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Support --require-secure-hashes in verifyMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Do not verify Manifests when calling update_entry_for_path()Michał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Fix handling --no-require-secure-hashesMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Fix linting failuresMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Fix update w/ require_secure_hashes to require at least one hashMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Support requiring a secure hash when verifyingMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Support controlling secure hashes req in CLI updateMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-16Support defaulting secure_hashes to top-level Manifest signingMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-16Support requiring secure hashes in ManifestRecursiveLoaderMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-16Support rejecting insecure hashes when updatingMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-13Fix linter failureMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-13Revert "Fix tests not to rely on entries without checksum"Michał Górny
Thinking about it more, GLEP 74 does not explicitly forbid entries without a single checksum, so neither should we. Reverts: 6e48fd1c908b902329d873ddd9d3c91294fbd148 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-13Fix tests not to rely on entries without checksumMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-13Handle unknown hashes gracefully when verifyingMichał Górny
Closes: https://github.com/projg2/gemato/issues/19 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-10-01openpgp: Fix handling connection errors in WKD refreshMichał Górny
Bug: https://bugs.gentoo.org/745771 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-10test_openpgp: Fix race conditions in mocked system env cleanupMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-08test_recursiveloader: Attempt to fix misordered Manifest testsMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-08openpgp: Handle non-utf8 UIDs gracefullyMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-08test_compression: Decode test string as ASCIIMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-07test_openpgp: Fix ResourceWarning (cleaning up tmpdir)Michał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-06Add a partial experimental PGPy-based OpenPGP providerMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-06test_openpgp: Add more tests for importing key combosMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-06openpgp: Move get_wkd_url() to global scopeMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-06openpgp: Rename GPG-based environments to *GPGEnvironmentMichał Górny
Rename the GPG-based OpenPGP support implementations to SystemGPGEnvironment and IsolatedGPGEnvironment. OpenPGPEnvironment and OpenPGPSystemEnvironment remain as aliases to the currently preferred implementations. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05Replace IOError/OSError whenever possibleMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05Do not call signal.strsignal() when not available (py<3.8)Michał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05Add gpg-wrap commandMichał Górny
Closes: https://github.com/mgorny/gemato/issues/18 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05openpgp: Verify key validity for signaturesMichał Górny
Require keys to have at least minimal validity for signature verification to be successful. Appropriately mark imported keys ultimately trusted/valid by default. Closes: https://github.com/mgorny/gemato/issues/17 Signed-off-by: Michał Górny <mgorny@gentoo.org>
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-20 20:13:21 +0000