summaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2023-02-15openpgp: Do not reject signatures made prior to key expirationMichał Górny
If the key is expired, reject it only if the signature was made after the key expired. This only works in isolated environments where we control key trust explicitly — as GnuPG will consider all expired keys untrusted. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-02-15test_openpgp: Inline MANIFEST_*_SIGMichał Górny
Inline MANIFEST_GOOD_SIG and MANIFEST_BAD_SIG lists. They are both being used in only one test, and they are combined there too. Add one missing Manifest to the list. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22tests: Extend test_verify_detached() to 1-out-of-2 caseMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22tests: Make assert_signature() more reusableMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22openpgp: Add a function to verify detached signatureMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22openpgp: Allow verifying a subset of signaturesMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22test_openpgp: Add more tests for the multi-signature caseMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-22openpgp: Store all verification results in OpenPGPSignatureDataMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21openpgp: Initial support for multiple signaturesMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21test_openpgp: Workaround pyflakes' failuresMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21test_openpgp: Put common part of Manifest into a varMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21tests: Move the combined keys to keydataMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2023-01-21tests.keydata: Add __main__ that prints keydataMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-26Modernize via pyupgradeMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Include full path in ManifestNoSupportedHashes exceptionMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Fix a corner case when open() fails w/ NXIO/OPNOTSUPP on reg fileMichał Górny
Closes: https://github.com/projg2/gemato/issues/21 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Support --require-secure-hashes in verifyMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Do not verify Manifests when calling update_entry_for_path()Michał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Fix handling --no-require-secure-hashesMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Fix linting failuresMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Fix update w/ require_secure_hashes to require at least one hashMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Support requiring a secure hash when verifyingMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-17Support controlling secure hashes req in CLI updateMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-16Support defaulting secure_hashes to top-level Manifest signingMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-16Support requiring secure hashes in ManifestRecursiveLoaderMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-16Support rejecting insecure hashes when updatingMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-13Fix linter failureMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-13Revert "Fix tests not to rely on entries without checksum"Michał Górny
Thinking about it more, GLEP 74 does not explicitly forbid entries without a single checksum, so neither should we. Reverts: 6e48fd1c908b902329d873ddd9d3c91294fbd148 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-13Fix tests not to rely on entries without checksumMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2022-09-13Handle unknown hashes gracefully when verifyingMichał Górny
Closes: https://github.com/projg2/gemato/issues/19 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-10-01openpgp: Fix handling connection errors in WKD refreshMichał Górny
Bug: https://bugs.gentoo.org/745771 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-10test_openpgp: Fix race conditions in mocked system env cleanupMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-08test_recursiveloader: Attempt to fix misordered Manifest testsMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-08openpgp: Handle non-utf8 UIDs gracefullyMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-08test_compression: Decode test string as ASCIIMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-07test_openpgp: Fix ResourceWarning (cleaning up tmpdir)Michał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-06Add a partial experimental PGPy-based OpenPGP providerMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-06test_openpgp: Add more tests for importing key combosMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-06openpgp: Move get_wkd_url() to global scopeMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-06openpgp: Rename GPG-based environments to *GPGEnvironmentMichał Górny
Rename the GPG-based OpenPGP support implementations to SystemGPGEnvironment and IsolatedGPGEnvironment. OpenPGPEnvironment and OpenPGPSystemEnvironment remain as aliases to the currently preferred implementations. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05Replace IOError/OSError whenever possibleMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05Do not call signal.strsignal() when not available (py<3.8)Michał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05Add gpg-wrap commandMichał Górny
Closes: https://github.com/mgorny/gemato/issues/18 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05openpgp: Verify key validity for signaturesMichał Górny
Require keys to have at least minimal validity for signature verification to be successful. Appropriately mark imported keys ultimately trusted/valid by default. Closes: https://github.com/mgorny/gemato/issues/17 Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05openpgp: Move listing keys to a separate methodMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05test_openpgp: Test using UID with no e-mail addressMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05test_recursiveloader: Cache tmp_paths for read-only layoutsMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05Handle invalid compressed files when collecting ManifestsMichał Górny
Fix load_unregistered_manifests() not to crash on 'Manifest*' files that do not contain valid compressed data. Instead, treat them as unknown files, similarly how Manifests with invalid data are handled. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05Fix wrongly determining uncompressed sizeMichał Górny
Flush the file after writing to ensure that .buffer.tell() gives non-zero value. This fixes a number of cases of Manifests not being compressed. It also pointed out a major mistake in profile tests. Signed-off-by: Michał Górny <mgorny@gentoo.org>
2020-09-05tests: Port test_recursiveloader to pytestMichał Górny
Signed-off-by: Michał Górny <mgorny@gentoo.org>
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-21 14:18:08 +0000