summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Istrate <daniel.alexandrux.istrate@intel.com>2015-11-10 16:38:39 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2015-11-24 15:55:41 +0000
commit92328b43bcda730839bdfbf7fa8ac5171d784868 (patch)
tree091efb2cef774976ef2ac26edff3b4a00b892b1c
parentfbb03a8c900e89f3dff3d3f6176240f055bd8a0f (diff)
downloadpoky-92328b43bcda730839bdfbf7fa8ac5171d784868.tar.gz
oeqa/selftest/signing: Added new test for signing sstate.
[YOCTO #8182] Optional signing sstate archives and signature verification [YOCTO #8559] Signing sstate archives with custom dir for gpg keys (From OE-Core rev: 6a462fbb11db2085e4b6763a601c7fc4ac0025c8) Signed-off-by: Daniel Istrate <daniel.alexandrux.istrate@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/lib/oeqa/selftest/signing.py48
1 files changed, 48 insertions, 0 deletions
diff --git a/meta/lib/oeqa/selftest/signing.py b/meta/lib/oeqa/selftest/signing.py
index 879c3e0e59..c33662b253 100644
--- a/meta/lib/oeqa/selftest/signing.py
+++ b/meta/lib/oeqa/selftest/signing.py
@@ -2,6 +2,7 @@ from oeqa.selftest.base import oeSelfTest
2from oeqa.utils.commands import runCmd, bitbake, get_bb_var 2from oeqa.utils.commands import runCmd, bitbake, get_bb_var
3import os 3import os
4import glob 4import glob
5import re
5from oeqa.utils.decorators import testcase 6from oeqa.utils.decorators import testcase
6 7
7 8
@@ -74,3 +75,50 @@ class Signing(oeSelfTest):
74 # tmp/deploy/rpm/i586/ed-1.9-r0.i586.rpm: rsa sha1 md5 OK 75 # tmp/deploy/rpm/i586/ed-1.9-r0.i586.rpm: rsa sha1 md5 OK
75 self.assertIn('rsa sha1 md5 OK', ret.output, 'Package signed incorrectly.') 76 self.assertIn('rsa sha1 md5 OK', ret.output, 'Package signed incorrectly.')
76 77
78 @testcase(1382)
79 def test_signing_sstate_archive(self):
80 """
81 Summary: Test that sstate archives can be signed
82 Expected: Package should be signed with the correct key
83 Product: oe-core
84 Author: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
85 AutomatedBy: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
86 """
87
88 test_recipe = 'ed'
89
90 builddir = os.environ.get('BUILDDIR')
91 sstatedir = os.path.join(builddir, 'test-sstate')
92
93 self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe)
94 self.add_command_to_tearDown('bitbake -c cleansstate %s' % test_recipe)
95 self.add_command_to_tearDown('rm -rf %s' % sstatedir)
96
97 # Determine the pub key signature
98 ret = runCmd('gpg --homedir %s --list-keys' % self.gpg_dir)
99 pub_key = re.search(r'^pub\s+\S+/(\S+)\s+', ret.output, re.M)
100 self.assertIsNotNone(pub_key, 'Failed to determine the public key signature.')
101 pub_key = pub_key.group(1)
102
103 feature = 'SSTATE_SIG_KEY ?= "%s"\n' % pub_key
104 feature += 'SSTATE_SIG_PASSPHRASE ?= "test123"\n'
105 feature += 'SSTATE_VERIFY_SIG ?= "1"\n'
106 feature += 'GPG_PATH = "%s"\n' % self.gpg_dir
107 feature += 'SSTATE_DIR = "%s"\n' % sstatedir
108
109 self.write_config(feature)
110
111 bitbake('-c cleansstate %s' % test_recipe)
112 bitbake(test_recipe)
113
114 recipe_sig = glob.glob(sstatedir + '/*/*:ed:*_package.tgz.sig')
115 recipe_tgz = glob.glob(sstatedir + '/*/*:ed:*_package.tgz')
116
117 self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.')
118 self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.')
119
120 ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0]))
121 # gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30
122 # gpg: Good signature from "testuser (nocomment) <testuser@email.com>"
123 self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.')
124