diff options
author | Ludovic Courtès <ludo@gnu.org> | 2020-09-08 14:47:41 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-09-11 17:53:58 +0200 |
commit | 6310283bae7aaaf810e3a3792b25007ebe52d0c5 (patch) | |
tree | 46e5b83284d89484492fbcb637419a534e8a5459 | |
parent | 58833aec3fc7ceb04b487f26873e032d7c51b6d2 (diff) | |
download | guix-6310283bae7aaaf810e3a3792b25007ebe52d0c5.tar guix-6310283bae7aaaf810e3a3792b25007ebe52d0c5.tar.gz |
store: Test 'import-paths' with unauthorized and unsigned nar bundles.
* tests/store.scm ("import not signed")
("import signed by unauthorized key"): New tests.
-rw-r--r-- | tests/store.scm | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/tests/store.scm b/tests/store.scm index e168d3dcf6..8ff76e8f98 100644 --- a/tests/store.scm +++ b/tests/store.scm @@ -23,6 +23,8 @@ #:use-module (guix utils) #:use-module (guix monads) #:use-module ((gcrypt hash) #:prefix gcrypt:) + #:use-module ((gcrypt pk-crypto) #:prefix gcrypt:) + #:use-module (guix pki) #:use-module (guix base32) #:use-module (guix packages) #:use-module (guix derivations) @@ -966,6 +968,76 @@ (list out1 out2)))) #:guile-for-build (%guile-for-build))) + +(test-assert "import not signed" + (let* ((text (random-text)) + (file (add-file-tree-to-store %store + `("tree" directory + ("text" regular (data ,text)) + ("link" symlink "text")))) + (dump (call-with-bytevector-output-port + (lambda (port) + (write-int 1 port) ;start + + (write-file file port) ;contents + (write-int #x4558494e port) ;%export-magic + (write-string file port) ;store item + (write-string-list '() port) ;references + (write-string "" port) ;deriver + (write-int 0 port) ;not signed + + (write-int 0 port))))) ;done + + ;; Ensure 'import-paths' raises an exception. + (guard (c ((store-protocol-error? c) + (and (not (zero? (store-protocol-error-status (pk 'C c)))) + (string-contains (store-protocol-error-message c) + "lacks a signature")))) + (let* ((source (open-bytevector-input-port dump)) + (imported (import-paths %store source))) + (pk 'unsigned-imported imported) + #f)))) + +(test-assert "import signed by unauthorized key" + (let* ((text (random-text)) + (file (add-file-tree-to-store %store + `("tree" directory + ("text" regular (data ,text)) + ("link" symlink "text")))) + (key (gcrypt:generate-key + (gcrypt:string->canonical-sexp + "(genkey (ecdsa (curve Ed25519) (flags rfc6979)))"))) + (dump (call-with-bytevector-output-port + (lambda (port) + (write-int 1 port) ;start + + (write-file file port) ;contents + (write-int #x4558494e port) ;%export-magic + (write-string file port) ;store item + (write-string-list '() port) ;references + (write-string "" port) ;deriver + (write-int 1 port) ;signed + (write-string (gcrypt:canonical-sexp->string + (signature-sexp + (gcrypt:bytevector->hash-data + (gcrypt:sha256 #vu8(0 1 2)) + #:key-type 'ecc) + (gcrypt:find-sexp-token key 'private-key) + (gcrypt:find-sexp-token key 'public-key))) + port) + + (write-int 0 port))))) ;done + + ;; Ensure 'import-paths' raises an exception. + (guard (c ((store-protocol-error? c) + ;; XXX: The daemon-provided error message currently doesn't + ;; mention the reason of the failure. + (not (zero? (store-protocol-error-status c))))) + (let* ((source (open-bytevector-input-port dump)) + (imported (import-paths %store source))) + (pk 'unauthorized-imported imported) + #f)))) + (test-assert "import corrupt path" (let* ((text (random-text)) (file (add-text-to-store %store "text" text)) |