[gentoo-dev] [PATCH v2 1/4] eclass/tests: Add initial tests for verify-sig

[gentoo-dev] [PATCH v2 1/4] eclass/tests: Add initial tests for verify-sig

[Michał Górny]

Signed-off-by: Michał Górny <mgorny@gentoo.org>
---
 eclass/tests/verify-sig.sh | 65 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100755 eclass/tests/verify-sig.sh

diff --git a/eclass/tests/verify-sig.sh b/eclass/tests/verify-sig.sh
new file mode 100755
index 000000000000..fcd2ee7480a2
--- /dev/null
+++ b/eclass/tests/verify-sig.sh
@@ -0,0 +1,65 @@
+#!/bin/bash
+# Copyright 2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+source tests-common.sh || exit
+
+inherit verify-sig
+
+TMP=$(mktemp -d)
+trap 'rm -rf "${TMP}"' EXIT
+cd "${TMP}" || die
+> empty || die
+> fail || die
+echo "The quick brown fox jumps over the lazy dog." > text || die
+
+testit() {
+	local expect=${1}
+	shift
+
+	tbegin "${*@Q}"
+	( "${@}" )
+	[[ ${?} -eq ${expect} ]]
+	tend "${?}"
+}
+
+test_verify_unsigned_checksums() {
+	local format=${1}
+
+	testit 0 verify-sig_verify_unsigned_checksums checksums.txt "${format}" empty
+	testit 0 verify-sig_verify_unsigned_checksums checksums.txt "${format}" "empty text"
+	testit 1 verify-sig_verify_unsigned_checksums checksums.txt "${format}" other
+	testit 1 verify-sig_verify_unsigned_checksums checksums.txt "${format}" "empty other"
+	testit 1 verify-sig_verify_unsigned_checksums checksums.txt "${format}" fail
+	testit 1 verify-sig_verify_unsigned_checksums checksums.txt "${format}" "empty fail"
+}
+
+einfo "Testing coreutils format."
+eindent
+
+cat > checksums.txt <<-EOF || die
+	# some junk to test junk protection
+	b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380 empty junk line
+	b47cc0f104b62d4c7c30bcd68gd8e67613e287dc4ad8c310ef10cbadea9c4380 empty
+
+	# sha1sums
+	da39a3ee5e6b4b0d3255bfef95601890afd80709 empty
+	9c04cd6372077e9b11f70ca111c9807dc7137e4b	text
+	9c04cd6372077e9b11f70ca111c9807dc7137e4b fail
+
+	# sha256sums
+	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 empty
+	b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380	text
+	b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380 fail
+
+	# sha512sums
+	cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e empty
+	020da0f4d8a4c8bfbc98274027740061d7df52ee07091ed6595a083e0f45327bbe59424312d86f218b74ed2e25507abaf5c7a5fcf4cafcf9538b705808fd55ec	text
+	020da0f4d8a4c8bfbc98274027740061d7df52ee07091ed6595a083e0f45327bbe59424312d86f218b74ed2e25507abaf5c7a5fcf4cafcf9538b705808fd55ec fail
+EOF
+
+test_verify_unsigned_checksums sha256
+eoutdent
+
+texit
-- 
2.42.0

[gentoo-dev] [PATCH v2 2/4] verify-sig.eclass: Support `openssl dgst` format checksums

[Michał Górny]

Signed-off-by: Michał Górny <mgorny@gentoo.org>
---
 eclass/tests/verify-sig.sh | 18 +++++++++++++
 eclass/verify-sig.eclass   | 54 +++++++++++++++++++++++++-------------
 2 files changed, 54 insertions(+), 18 deletions(-)

Changes:
- referring to the var as `format` consistently
- fixed eclassdoc
- used explicit if;fi

diff --git a/eclass/tests/verify-sig.sh b/eclass/tests/verify-sig.sh
index fcd2ee7480a2..fb7f2cdb2a5d 100755
--- a/eclass/tests/verify-sig.sh
+++ b/eclass/tests/verify-sig.sh
@@ -62,4 +62,22 @@ EOF
 test_verify_unsigned_checksums sha256
 eoutdent
 
+einfo "Testing openssl-dgst format."
+eindent
+
+> "annoying ( filename )= yes ).txt" || die
+
+cat > checksums.txt <<-EOF || die
+	junk text that ought to be ignored
+
+	SHA256(empty)=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+	SHA256(text)= b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380
+	SHA256(fail)=b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380
+
+	SHA256(annoying ( filename )= yes )= e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+EOF
+
+test_verify_unsigned_checksums openssl-dgst
+eoutdent
+
 texit
diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass
index d99dc3461858..815299b419ed 100644
--- a/eclass/verify-sig.eclass
+++ b/eclass/verify-sig.eclass
@@ -214,12 +214,15 @@ verify-sig_verify_message() {
 }
 
 # @FUNCTION: verify-sig_verify_unsigned_checksums
-# @USAGE: <checksum-file> <algo> <files>
+# @USAGE: <checksum-file> <format> <files>
 # @DESCRIPTION:
 # Verify the checksums for all files listed in the space-separated list
-# <files> (akin to ${A}) using a <checksum-file>.  <algo> specifies
-# the checksum algorithm (e.g. sha256).  <checksum-file> can be "-"
-# for stdin.
+# <files> (akin to ${A}) using a <checksum-file>.  <format> specifies
+# the checksum file format.  <checksum-file> can be "-" for stdin.
+#
+# The following formats are supported:
+#  - sha256 -- sha256sum (<hash> <filename>)
+#  - openssl-dgst -- openssl dgst (<algo>(<filename>)=<hash>)
 #
 # The function dies if one of the files does not match checksums or
 # is missing from the checksum file.
@@ -231,35 +234,50 @@ verify-sig_verify_message() {
 # verify-sig_verify_signed_checksums instead.
 verify-sig_verify_unsigned_checksums() {
 	local checksum_file=${1}
-	local algo=${2}
+	local format=${2}
 	local files=()
 	read -r -d '' -a files <<<"${3}"
-	local chksum_prog chksum_len
+	local chksum_prog chksum_len algo=${format}
 
-	case ${algo} in
+	case ${format} in
 		sha256)
-			chksum_prog=sha256sum
 			chksum_len=64
 			;;
+		openssl-dgst)
+			;;
 		*)
-			die "${FUNCNAME}: unknown checksum algo ${algo}"
+			die "${FUNCNAME}: unknown checksum format ${format}"
 			;;
 	esac
 
 	[[ ${checksum_file} == - ]] && checksum_file=/dev/stdin
-	local checksum filename junk ret=0 count=0
-	while read -r checksum filename junk; do
-		if [[ ${checksum} == "-----BEGIN" ]]; then
+	local line checksum filename junk ret=0 count=0
+	while read -r line; do
+		if [[ ${line} == "-----BEGIN"* ]]; then
 			die "${FUNCNAME}: PGP armor found, use verify-sig_verify_signed_checksums instead"
 		fi
 
-		[[ ${#checksum} -eq ${chksum_len} ]] || continue
-		[[ -z ${checksum//[0-9a-f]} ]] || continue
-		has "${filename}" "${files[@]}" || continue
-		[[ -z ${junk} ]] || continue
+		case ${format} in
+			sha256)
+				read -r checksum filename junk <<<"${line}"
+				[[ ${#checksum} -ne ${chksum_len} ]] && continue
+				[[ -n ${checksum//[0-9a-f]} ]] && continue
+				[[ -n ${junk} ]] && continue
+				;;
+			openssl-dgst)
+				[[ ${line} != *"("*")="* ]] && continue
+				checksum=${line##*)=}
+				algo=${line%%(*}
+				filename=${line#*(}
+				filename=${filename%)=*}
+				;;
+		esac
+
+		if ! has "${filename}" "${files[@]}"; then
+			continue
+		fi
 
-		"${chksum_prog}" -c --strict - <<<"${checksum} ${filename}"
-		if [[ ${?} -eq 0 ]]; then
+		if "${algo,,}sum" -c --strict - <<<"${checksum} ${filename}"; then
 			(( count++ ))
 		else
 			ret=1
-- 
2.42.0

[gentoo-dev] [PATCH v2 3/4] verify-sig.eclass: Fix handling multiple/duplicate signatures

[Michał Górny]

Signed-off-by: Michał Górny <mgorny@gentoo.org>
---
 eclass/tests/verify-sig.sh | 11 +++++++++++
 eclass/verify-sig.eclass   |  5 +++--
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/eclass/tests/verify-sig.sh b/eclass/tests/verify-sig.sh
index fb7f2cdb2a5d..a87e2c7703d7 100755
--- a/eclass/tests/verify-sig.sh
+++ b/eclass/tests/verify-sig.sh
@@ -57,6 +57,9 @@ cat > checksums.txt <<-EOF || die
 	cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e empty
 	020da0f4d8a4c8bfbc98274027740061d7df52ee07091ed6595a083e0f45327bbe59424312d86f218b74ed2e25507abaf5c7a5fcf4cafcf9538b705808fd55ec	text
 	020da0f4d8a4c8bfbc98274027740061d7df52ee07091ed6595a083e0f45327bbe59424312d86f218b74ed2e25507abaf5c7a5fcf4cafcf9538b705808fd55ec fail
+
+	# duplicate checksum
+	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 empty
 EOF
 
 test_verify_unsigned_checksums sha256
@@ -70,11 +73,19 @@ eindent
 cat > checksums.txt <<-EOF || die
 	junk text that ought to be ignored
 
+	SHA1(empty)=da39a3ee5e6b4b0d3255bfef95601890afd80709
+	SHA1(text)= 9c04cd6372077e9b11f70ca111c9807dc7137e4b
+	SHA1(fail)=9c04cd6372077e9b11f70ca111c9807dc7137e4b
+
 	SHA256(empty)=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
 	SHA256(text)= b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380
 	SHA256(fail)=b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380
 
 	SHA256(annoying ( filename )= yes )= e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+
+	SHA512(empty)=cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
+	SHA512(text)= 020da0f4d8a4c8bfbc98274027740061d7df52ee07091ed6595a083e0f45327bbe59424312d86f218b74ed2e25507abaf5c7a5fcf4cafcf9538b705808fd55ec
+	SHA512(fail)=020da0f4d8a4c8bfbc98274027740061d7df52ee07091ed6595a083e0f45327bbe59424312d86f218b74ed2e25507abaf5c7a5fcf4cafcf9538b705808fd55ec
 EOF
 
 test_verify_unsigned_checksums openssl-dgst
diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass
index 815299b419ed..010361bfbc98 100644
--- a/eclass/verify-sig.eclass
+++ b/eclass/verify-sig.eclass
@@ -252,6 +252,7 @@ verify-sig_verify_unsigned_checksums() {
 
 	[[ ${checksum_file} == - ]] && checksum_file=/dev/stdin
 	local line checksum filename junk ret=0 count=0
+	local -A verified
 	while read -r line; do
 		if [[ ${line} == "-----BEGIN"* ]]; then
 			die "${FUNCNAME}: PGP armor found, use verify-sig_verify_signed_checksums instead"
@@ -278,7 +279,7 @@ verify-sig_verify_unsigned_checksums() {
 		fi
 
 		if "${algo,,}sum" -c --strict - <<<"${checksum} ${filename}"; then
-			(( count++ ))
+			verified["${filename}"]=1
 		else
 			ret=1
 		fi
@@ -286,7 +287,7 @@ verify-sig_verify_unsigned_checksums() {
 
 	[[ ${ret} -eq 0 ]] ||
 		die "${FUNCNAME}: at least one file did not verify successfully"
-	[[ ${count} -eq ${#files[@]} ]] ||
+	[[ ${#verified[@]} -eq ${#files[@]} ]] ||
 		die "${FUNCNAME}: checksums for some of the specified files were missing"
 }
 
-- 
2.42.0

[gentoo-dev] [PATCH v2 4/4] verify-sig.eclass: Fix list formatting for VERIFY_SIG_METHOD

[Michał Górny]

Thanks to ulm for reporting.

Signed-off-by: Michał Górny <mgorny@gentoo.org>
---
 eclass/verify-sig.eclass | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass
index 010361bfbc98..49557b633c87 100644
--- a/eclass/verify-sig.eclass
+++ b/eclass/verify-sig.eclass
@@ -55,8 +55,8 @@ IUSE="verify-sig"
 # @DESCRIPTION:
 # Signature verification method to use.  The allowed value are:
 #
-# - openpgp -- verify PGP signatures using app-crypt/gnupg (the default)
-# - signify -- verify signatures with Ed25519 public key using app-crypt/signify
+#  - openpgp -- verify PGP signatures using app-crypt/gnupg (the default)
+#  - signify -- verify signatures with Ed25519 public key using app-crypt/signify
 : "${VERIFY_SIG_METHOD:=openpgp}"
 
 case ${VERIFY_SIG_METHOD} in
-- 
2.42.0

Re: [gentoo-dev] [PATCH v2 1/4] eclass/tests: Add initial tests for verify-sig

[Sam James]

Michał Górny <mgorny@gentoo.org> writes:

> Signed-off-by: Michał Górny <mgorny@gentoo.org>

The lot lgtm with Bug/Closes tags for https://bugs.gentoo.org/913394.

> ---
>  eclass/tests/verify-sig.sh | 65 ++++++++++++++++++++++++++++++++++++++
>  1 file changed, 65 insertions(+)
>  create mode 100755 eclass/tests/verify-sig.sh
>
> diff --git a/eclass/tests/verify-sig.sh b/eclass/tests/verify-sig.sh
> new file mode 100755
> index 000000000000..fcd2ee7480a2
> --- /dev/null
> +++ b/eclass/tests/verify-sig.sh
> @@ -0,0 +1,65 @@
> +#!/bin/bash
> +# Copyright 2023 Gentoo Authors
> +# Distributed under the terms of the GNU General Public License v2
> +
> +EAPI=8
> +source tests-common.sh || exit
> +
> +inherit verify-sig
> +
> +TMP=$(mktemp -d)
> +trap 'rm -rf "${TMP}"' EXIT
> +cd "${TMP}" || die
> +> empty || die
> +> fail || die
> +echo "The quick brown fox jumps over the lazy dog." > text || die
> +
> +testit() {
> +	local expect=${1}
> +	shift
> +
> +	tbegin "${*@Q}"
> +	( "${@}" )
> +	[[ ${?} -eq ${expect} ]]
> +	tend "${?}"
> +}
> +
> +test_verify_unsigned_checksums() {
> +	local format=${1}
> +
> +	testit 0 verify-sig_verify_unsigned_checksums checksums.txt "${format}" empty
> +	testit 0 verify-sig_verify_unsigned_checksums checksums.txt "${format}" "empty text"
> +	testit 1 verify-sig_verify_unsigned_checksums checksums.txt "${format}" other
> +	testit 1 verify-sig_verify_unsigned_checksums checksums.txt "${format}" "empty other"
> +	testit 1 verify-sig_verify_unsigned_checksums checksums.txt "${format}" fail
> +	testit 1 verify-sig_verify_unsigned_checksums checksums.txt "${format}" "empty fail"
> +}
> +
> +einfo "Testing coreutils format."
> +eindent
> +
> +cat > checksums.txt <<-EOF || die
> +	# some junk to test junk protection
> +	b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380 empty junk line
> +	b47cc0f104b62d4c7c30bcd68gd8e67613e287dc4ad8c310ef10cbadea9c4380 empty
> +
> +	# sha1sums
> +	da39a3ee5e6b4b0d3255bfef95601890afd80709 empty
> +	9c04cd6372077e9b11f70ca111c9807dc7137e4b	text
> +	9c04cd6372077e9b11f70ca111c9807dc7137e4b fail
> +
> +	# sha256sums
> +	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 empty
> +	b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380	text
> +	b47cc0f104b62d4c7c30bcd68fd8e67613e287dc4ad8c310ef10cbadea9c4380 fail
> +
> +	# sha512sums
> +	cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e empty
> +	020da0f4d8a4c8bfbc98274027740061d7df52ee07091ed6595a083e0f45327bbe59424312d86f218b74ed2e25507abaf5c7a5fcf4cafcf9538b705808fd55ec	text
> +	020da0f4d8a4c8bfbc98274027740061d7df52ee07091ed6595a083e0f45327bbe59424312d86f218b74ed2e25507abaf5c7a5fcf4cafcf9538b705808fd55ec fail
> +EOF
> +
> +test_verify_unsigned_checksums sha256
> +eoutdent
> +
> +texit