1 files changed, 76 insertions, 0 deletions
diff --git a/meta/lib/oeqa/selftest/signing.py b/meta/lib/oeqa/selftest/signing.py
new file mode 100644
index 0000000000..879c3e0e59
--- /dev/null
+++ b/meta/lib/oeqa/selftest/signing.py
@@ -0,0 +1,76 @@
+from oeqa.selftest.base import oeSelfTest
+from oeqa.utils.commands import runCmd, bitbake, get_bb_var
+import os
+import glob
+from oeqa.utils.decorators import testcase
+class Signing(oeSelfTest):
+    gpg_dir = ""
+    pub_key_name = 'key.pub'
+    secret_key_name = 'key.secret'
+    @classmethod
+    def setUpClass(cls):
+        # Import the gpg keys
+        cls.gpg_dir = os.path.join(cls.testlayer_path, 'files/signing/')
+        # key.secret key.pub are located in gpg_dir
+        pub_key_location = cls.gpg_dir + cls.pub_key_name
+        secret_key_location = cls.gpg_dir + cls.secret_key_name
+        runCmd('gpg --homedir %s --import %s %s' % (cls.gpg_dir, pub_key_location, secret_key_location))
+    @classmethod
+    def tearDownClass(cls):
+        # Delete the files generated by 'gpg --import'
+        gpg_files = glob.glob(cls.gpg_dir + '*.gpg*')
+        random_seed_file = cls.gpg_dir + 'random_seed'
+        gpg_files.append(random_seed_file)
+        for gpg_file in gpg_files:
+            runCmd('rm -f ' + gpg_file)
+    @testcase(1362)
+    def test_signing_packages(self):
+        """
+        Summary:     Test that packages can be signed in the package feed
+        Expected:    Package should be signed with the correct key
+        Product:     oe-core
+        Author:      Daniel Istrate <daniel.alexandrux.istrate@intel.com>
+        AutomatedBy: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
+        """
+        package_classes = get_bb_var('PACKAGE_CLASSES')
+        if 'package_rpm' not in package_classes:
+            self.skipTest('This test requires RPM Packaging.')
+        test_recipe = 'ed'
+        feature = 'INHERIT += "sign_rpm"\n'
+        feature += 'RPM_GPG_PASSPHRASE_FILE = "%ssecret.txt"\n' % self.gpg_dir
+        feature += 'RPM_GPG_NAME = "testuser"\n'
+        feature += 'RPM_GPG_PUBKEY = "%s%s"\n' % (self.gpg_dir, self.pub_key_name)
+        feature += 'GPG_PATH = "%s"\n' % self.gpg_dir
+        self.write_config(feature)
+        bitbake('-c cleansstate %s' % test_recipe)
+        bitbake(test_recipe)
+        self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe)
+        pf = get_bb_var('PF', test_recipe)
+        deploy_dir_rpm = get_bb_var('DEPLOY_DIR_RPM', test_recipe)
+        package_arch = get_bb_var('PACKAGE_ARCH', test_recipe).replace('-', '_')
+        staging_bindir_native = get_bb_var('STAGING_BINDIR_NATIVE')
+        pkg_deploy = os.path.join(deploy_dir_rpm, package_arch, '.'.join((pf, package_arch, 'rpm')))
+        runCmd('%s/rpm --import %s%s' % (staging_bindir_native, self.gpg_dir, self.pub_key_name))
+        ret = runCmd('%s/rpm --checksig %s' % (staging_bindir_native, pkg_deploy))
+        # tmp/deploy/rpm/i586/ed-1.9-r0.i586.rpm: rsa sha1 md5 OK
+        self.assertIn('rsa sha1 md5 OK', ret.output, 'Package signed incorrectly.')

diff --git a/meta/lib/oeqa/selftest/signing.py b/meta/lib/oeqa/selftest/signing.py new file mode 100644 index 0000000000..879c3e0e59 --- /dev/null +++ b/meta/lib/oeqa/selftest/signing.py
@@ -0,0 +1,76 @@
	1	from oeqa.selftest.base import oeSelfTest
	2	from oeqa.utils.commands import runCmd, bitbake, get_bb_var
	3	import os
	4	import glob
	5	from oeqa.utils.decorators import testcase
	6
	7
	8	class Signing(oeSelfTest):
	9
	10	gpg_dir = ""
	11	pub_key_name = 'key.pub'
	12	secret_key_name = 'key.secret'
	13
	14	@classmethod
	15	def setUpClass(cls):
	16	# Import the gpg keys
	17
	18	cls.gpg_dir = os.path.join(cls.testlayer_path, 'files/signing/')
	19
	20	# key.secret key.pub are located in gpg_dir
	21	pub_key_location = cls.gpg_dir + cls.pub_key_name
	22	secret_key_location = cls.gpg_dir + cls.secret_key_name
	23	runCmd('gpg --homedir %s --import %s %s' % (cls.gpg_dir, pub_key_location, secret_key_location))
	24
	25	@classmethod
	26	def tearDownClass(cls):
	27	# Delete the files generated by 'gpg --import'
	28
	29	gpg_files = glob.glob(cls.gpg_dir + '.gpg')
	30	random_seed_file = cls.gpg_dir + 'random_seed'
	31	gpg_files.append(random_seed_file)
	32
	33	for gpg_file in gpg_files:
	34	runCmd('rm -f ' + gpg_file)
	35
	36	@testcase(1362)
	37	def test_signing_packages(self):
	38	"""
	39	Summary: Test that packages can be signed in the package feed
	40	Expected: Package should be signed with the correct key
	41	Product: oe-core
	42	Author: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
	43	AutomatedBy: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
	44	"""
	45
	46	package_classes = get_bb_var('PACKAGE_CLASSES')
	47	if 'package_rpm' not in package_classes:
	48	self.skipTest('This test requires RPM Packaging.')
	49
	50	test_recipe = 'ed'
	51
	52	feature = 'INHERIT += "sign_rpm"\n'
	53	feature += 'RPM_GPG_PASSPHRASE_FILE = "%ssecret.txt"\n' % self.gpg_dir
	54	feature += 'RPM_GPG_NAME = "testuser"\n'
	55	feature += 'RPM_GPG_PUBKEY = "%s%s"\n' % (self.gpg_dir, self.pub_key_name)
	56	feature += 'GPG_PATH = "%s"\n' % self.gpg_dir
	57
	58	self.write_config(feature)
	59
	60	bitbake('-c cleansstate %s' % test_recipe)
	61	bitbake(test_recipe)
	62	self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe)
	63
	64	pf = get_bb_var('PF', test_recipe)
	65	deploy_dir_rpm = get_bb_var('DEPLOY_DIR_RPM', test_recipe)
	66	package_arch = get_bb_var('PACKAGE_ARCH', test_recipe).replace('-', '_')
	67	staging_bindir_native = get_bb_var('STAGING_BINDIR_NATIVE')
	68
	69	pkg_deploy = os.path.join(deploy_dir_rpm, package_arch, '.'.join((pf, package_arch, 'rpm')))
	70
	71	runCmd('%s/rpm --import %s%s' % (staging_bindir_native, self.gpg_dir, self.pub_key_name))
	72
	73	ret = runCmd('%s/rpm --checksig %s' % (staging_bindir_native, pkg_deploy))
	74	# tmp/deploy/rpm/i586/ed-1.9-r0.i586.rpm: rsa sha1 md5 OK
	75	self.assertIn('rsa sha1 md5 OK', ret.output, 'Package signed incorrectly.')
	76