1 files changed, 48 insertions, 0 deletions
diff --git a/meta/lib/oeqa/selftest/signing.py b/meta/lib/oeqa/selftest/signing.py
index 879c3e0e59..c33662b253 100644
--- a/meta/lib/oeqa/selftest/signing.py
+++ b/meta/lib/oeqa/selftest/signing.py
@@ -2,6 +2,7 @@ from oeqa.selftest.base import oeSelfTest
 from oeqa.utils.commands import runCmd, bitbake, get_bb_var
 import os
 import glob
+import re
 from oeqa.utils.decorators import testcase
@@ -74,3 +75,50 @@ class Signing(oeSelfTest):
        # tmp/deploy/rpm/i586/ed-1.9-r0.i586.rpm: rsa sha1 md5 OK
        self.assertIn('rsa sha1 md5 OK', ret.output, 'Package signed incorrectly.')
+    @testcase(1382)
+    def test_signing_sstate_archive(self):
+        """
+        Summary:     Test that sstate archives can be signed
+        Expected:    Package should be signed with the correct key
+        Product:     oe-core
+        Author:      Daniel Istrate <daniel.alexandrux.istrate@intel.com>
+        AutomatedBy: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
+        """
+        test_recipe = 'ed'
+        builddir = os.environ.get('BUILDDIR')
+        sstatedir = os.path.join(builddir, 'test-sstate')
+        self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe)
+        self.add_command_to_tearDown('bitbake -c cleansstate %s' % test_recipe)
+        self.add_command_to_tearDown('rm -rf %s' % sstatedir)
+        # Determine the pub key signature
+        ret = runCmd('gpg --homedir %s --list-keys' % self.gpg_dir)
+        pub_key = re.search(r'^pub\s+\S+/(\S+)\s+', ret.output, re.M)
+        self.assertIsNotNone(pub_key, 'Failed to determine the public key signature.')
+        pub_key = pub_key.group(1)
+        feature = 'SSTATE_SIG_KEY ?= "%s"\n' % pub_key
+        feature += 'SSTATE_SIG_PASSPHRASE ?= "test123"\n'
+        feature += 'SSTATE_VERIFY_SIG ?= "1"\n'
+        feature += 'GPG_PATH = "%s"\n' % self.gpg_dir
+        feature += 'SSTATE_DIR = "%s"\n' % sstatedir
+        self.write_config(feature)
+        bitbake('-c cleansstate %s' % test_recipe)
+        bitbake(test_recipe)
+        recipe_sig = glob.glob(sstatedir + '/*/*:ed:*_package.tgz.sig')
+        recipe_tgz = glob.glob(sstatedir + '/*/*:ed:*_package.tgz')
+        self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.')
+        self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.')
+        ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0]))
+        # gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30
+        # gpg: Good signature from "testuser (nocomment) <testuser@email.com>"
+        self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.')

diff --git a/meta/lib/oeqa/selftest/signing.py b/meta/lib/oeqa/selftest/signing.py index 879c3e0e59..c33662b253 100644 --- a/meta/lib/oeqa/selftest/signing.py +++ b/meta/lib/oeqa/selftest/signing.py
@@ -2,6 +2,7 @@ from oeqa.selftest.base import oeSelfTest
2	from oeqa.utils.commands import runCmd, bitbake, get_bb_var	2	from oeqa.utils.commands import runCmd, bitbake, get_bb_var
3	import os	3	import os
4	import glob	4	import glob
		5	import re
5	from oeqa.utils.decorators import testcase	6	from oeqa.utils.decorators import testcase
6		7
7		8
@@ -74,3 +75,50 @@ class Signing(oeSelfTest):
74	# tmp/deploy/rpm/i586/ed-1.9-r0.i586.rpm: rsa sha1 md5 OK	75	# tmp/deploy/rpm/i586/ed-1.9-r0.i586.rpm: rsa sha1 md5 OK
75	self.assertIn('rsa sha1 md5 OK', ret.output, 'Package signed incorrectly.')	76	self.assertIn('rsa sha1 md5 OK', ret.output, 'Package signed incorrectly.')
76		77
		78	@testcase(1382)
		79	def test_signing_sstate_archive(self):
		80	"""
		81	Summary: Test that sstate archives can be signed
		82	Expected: Package should be signed with the correct key
		83	Product: oe-core
		84	Author: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
		85	AutomatedBy: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
		86	"""
		87
		88	test_recipe = 'ed'
		89
		90	builddir = os.environ.get('BUILDDIR')
		91	sstatedir = os.path.join(builddir, 'test-sstate')
		92
		93	self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe)
		94	self.add_command_to_tearDown('bitbake -c cleansstate %s' % test_recipe)
		95	self.add_command_to_tearDown('rm -rf %s' % sstatedir)
		96
		97	# Determine the pub key signature
		98	ret = runCmd('gpg --homedir %s --list-keys' % self.gpg_dir)
		99	pub_key = re.search(r'^pub\s+\S+/(\S+)\s+', ret.output, re.M)
		100	self.assertIsNotNone(pub_key, 'Failed to determine the public key signature.')
		101	pub_key = pub_key.group(1)
		102
		103	feature = 'SSTATE_SIG_KEY ?= "%s"\n' % pub_key
		104	feature += 'SSTATE_SIG_PASSPHRASE ?= "test123"\n'
		105	feature += 'SSTATE_VERIFY_SIG ?= "1"\n'
		106	feature += 'GPG_PATH = "%s"\n' % self.gpg_dir
		107	feature += 'SSTATE_DIR = "%s"\n' % sstatedir
		108
		109	self.write_config(feature)
		110
		111	bitbake('-c cleansstate %s' % test_recipe)
		112	bitbake(test_recipe)
		113
		114	recipe_sig = glob.glob(sstatedir + '//:ed:*_package.tgz.sig')
		115	recipe_tgz = glob.glob(sstatedir + '//:ed:*_package.tgz')
		116
		117	self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.')
		118	self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.')
		119
		120	ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0]))
		121	# gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30
		122	# gpg: Good signature from "testuser (nocomment) <testuser@email.com>"
		123	self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.')
		124