From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id iE9rK0EDWF87JgAA0tVLHw (envelope-from ) for ; Tue, 08 Sep 2020 22:18:41 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id sO+DJ0EDWF9jZAAA1q6Kng (envelope-from ) for ; Tue, 08 Sep 2020 22:18:41 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 4278B9402C8 for ; Tue, 8 Sep 2020 22:18:41 +0000 (UTC) Received: from localhost ([::1]:35526 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kFlwm-000748-9Q for larch@yhetil.org; Tue, 08 Sep 2020 18:18:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43428) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kFlvD-0005Pk-23 for guix-patches@gnu.org; Tue, 08 Sep 2020 18:17:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:45132) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kFlvC-0004ZH-OQ for guix-patches@gnu.org; Tue, 08 Sep 2020 18:17:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kFlvC-0002tp-KB for guix-patches@gnu.org; Tue, 08 Sep 2020 18:17:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#43285] [PATCH 1/3] store: Test 'import-paths' with unauthorized and unsigned nar bundles. References: <20200908215837.32037-1-ludo@gnu.org> In-Reply-To: <20200908215837.32037-1-ludo@gnu.org> Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 08 Sep 2020 22:17:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 43285 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 43285@debbugs.gnu.org Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 43285-submit@debbugs.gnu.org id=B43285.159960341810966 (code B ref 43285); Tue, 08 Sep 2020 22:17:02 +0000 Received: (at 43285) by debbugs.gnu.org; 8 Sep 2020 22:16:58 +0000 Received: from localhost ([127.0.0.1]:56674 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kFlv8-0002qP-6n for submit@debbugs.gnu.org; Tue, 08 Sep 2020 18:16:58 -0400 Received: from eggs.gnu.org ([209.51.188.92]:33262) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kFlv5-0002k1-3j for 43285@debbugs.gnu.org; Tue, 08 Sep 2020 18:16:57 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:50275) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kFluz-0004WR-4T; Tue, 08 Sep 2020 18:16:49 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=54296 helo=gnu.org) by fencepost.gnu.org with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1kFlux-0008Ez-Vn; Tue, 08 Sep 2020 18:16:48 -0400 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Date: Wed, 9 Sep 2020 00:16:33 +0200 Message-Id: <20200908221635.32684-1-ludo@gnu.org> X-Mailer: git-send-email 2.28.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: 3.99 X-TUID: 9uKZVDWJ/a+P * tests/store.scm ("import not signed") ("import signed by unauthorized key"): New tests. --- tests/store.scm | 72 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/tests/store.scm b/tests/store.scm index e168d3dcf6..8ff76e8f98 100644 --- a/tests/store.scm +++ b/tests/store.scm @@ -23,6 +23,8 @@ #:use-module (guix utils) #:use-module (guix monads) #:use-module ((gcrypt hash) #:prefix gcrypt:) + #:use-module ((gcrypt pk-crypto) #:prefix gcrypt:) + #:use-module (guix pki) #:use-module (guix base32) #:use-module (guix packages) #:use-module (guix derivations) @@ -966,6 +968,76 @@ (list out1 out2)))) #:guile-for-build (%guile-for-build))) + +(test-assert "import not signed" + (let* ((text (random-text)) + (file (add-file-tree-to-store %store + `("tree" directory + ("text" regular (data ,text)) + ("link" symlink "text")))) + (dump (call-with-bytevector-output-port + (lambda (port) + (write-int 1 port) ;start + + (write-file file port) ;contents + (write-int #x4558494e port) ;%export-magic + (write-string file port) ;store item + (write-string-list '() port) ;references + (write-string "" port) ;deriver + (write-int 0 port) ;not signed + + (write-int 0 port))))) ;done + + ;; Ensure 'import-paths' raises an exception. + (guard (c ((store-protocol-error? c) + (and (not (zero? (store-protocol-error-status (pk 'C c)))) + (string-contains (store-protocol-error-message c) + "lacks a signature")))) + (let* ((source (open-bytevector-input-port dump)) + (imported (import-paths %store source))) + (pk 'unsigned-imported imported) + #f)))) + +(test-assert "import signed by unauthorized key" + (let* ((text (random-text)) + (file (add-file-tree-to-store %store + `("tree" directory + ("text" regular (data ,text)) + ("link" symlink "text")))) + (key (gcrypt:generate-key + (gcrypt:string->canonical-sexp + "(genkey (ecdsa (curve Ed25519) (flags rfc6979)))"))) + (dump (call-with-bytevector-output-port + (lambda (port) + (write-int 1 port) ;start + + (write-file file port) ;contents + (write-int #x4558494e port) ;%export-magic + (write-string file port) ;store item + (write-string-list '() port) ;references + (write-string "" port) ;deriver + (write-int 1 port) ;signed + (write-string (gcrypt:canonical-sexp->string + (signature-sexp + (gcrypt:bytevector->hash-data + (gcrypt:sha256 #vu8(0 1 2)) + #:key-type 'ecc) + (gcrypt:find-sexp-token key 'private-key) + (gcrypt:find-sexp-token key 'public-key))) + port) + + (write-int 0 port))))) ;done + + ;; Ensure 'import-paths' raises an exception. + (guard (c ((store-protocol-error? c) + ;; XXX: The daemon-provided error message currently doesn't + ;; mention the reason of the failure. + (not (zero? (store-protocol-error-status c))))) + (let* ((source (open-bytevector-input-port dump)) + (imported (import-paths %store source))) + (pk 'unauthorized-imported imported) + #f)))) + (test-assert "import corrupt path" (let* ((text (random-text)) (file (add-text-to-store %store "text" text)) -- 2.28.0