From d05bcafe14b6ed4e2e8864dfac45ae97f353e865 Mon Sep 17 00:00:00 2001
From: Jochen Sprickerhof <git@jochen.sprickerhof.de>
Date: Sun, 10 Apr 2022 20:03:08 +0200
Subject: [PATCH 1/2] Test index before signing

---
 fdroidserver/signindex.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/fdroidserver/signindex.py b/fdroidserver/signindex.py
index a586c92b..c1a53b89 100644
--- a/fdroidserver/signindex.py
+++ b/fdroidserver/signindex.py
@@ -16,6 +16,7 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+import json
 import os
 import time
 import zipfile
@@ -24,6 +25,7 @@ import logging
 
 from . import _
 from . import common
+from . import metadata
 from .exception import FDroidException
 
 config = None
@@ -78,6 +80,12 @@ def sign_index_v1(repodir, json_name):
     """
     name, ext = common.get_extension(json_name)
     index_file = os.path.join(repodir, json_name)
+
+    # Test if index is valid
+    with open(index_file, encoding="utf-8") as fp:
+        index = json.load(fp)
+        [metadata.App(app) for app in index["apps"]]
+
     jar_file = os.path.join(repodir, name + '.jar')
     with zipfile.ZipFile(jar_file, 'w', zipfile.ZIP_DEFLATED) as jar:
         jar.write(index_file, json_name)

From 9f477dee560144fa10f1be94b1004c101b29ccbc Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Mon, 25 Apr 2022 22:25:32 +0200
Subject: [PATCH 2/2] signindex: added simple test case

---
 .gitlab-ci.yml           |  1 +
 MANIFEST.in              |  1 +
 tests/signindex.TestCase | 75 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 77 insertions(+)
 create mode 100755 tests/signindex.TestCase

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 2ce215bc..e571652e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -246,6 +246,7 @@ black:
         tests/metadata.TestCase
         tests/ndk-release-checksums.py
         tests/rewritemeta.TestCase
+        tests/signindex.TestCase
 
 
 fedora_latest:
diff --git a/MANIFEST.in b/MANIFEST.in
index e05a92c3..87b82802 100644
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -695,6 +695,7 @@ include tests/rewritemeta.TestCase
 include tests/run-tests
 include tests/scanner.TestCase
 include tests/signatures.TestCase
+include tests/signindex.TestCase
 include tests/signindex/guardianproject.jar
 include tests/signindex/guardianproject-v1.jar
 include tests/signindex/testy.jar
diff --git a/tests/signindex.TestCase b/tests/signindex.TestCase
new file mode 100755
index 00000000..84b19655
--- /dev/null
+++ b/tests/signindex.TestCase
@@ -0,0 +1,75 @@
+#!/usr/bin/env python3
+
+import inspect
+import json
+import logging
+import optparse
+import os
+import shutil
+import sys
+import tempfile
+import unittest
+
+localmodule = os.path.realpath(
+    os.path.join(os.path.dirname(inspect.getfile(inspect.currentframe())), '..')
+)
+print('localmodule: ' + localmodule)
+if localmodule not in sys.path:
+    sys.path.insert(0, localmodule)
+
+from fdroidserver import common, signindex
+from pathlib import Path
+
+
+class SignindexTest(unittest.TestCase):
+
+    basedir = Path(__file__).resolve().parent
+
+    def setUp(self):
+        signindex.config = None
+        config = common.read_config(common.options)
+        config['jarsigner'] = common.find_sdk_tools_cmd('jarsigner')
+        config['verbose'] = True
+        config['keystore'] = str(self.basedir / 'keystore.jks')
+        config['repo_keyalias'] = 'sova'
+        config['keystorepass'] = 'r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI='
+        config['keypass'] = 'r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI='
+        signindex.config = config
+
+        logging.basicConfig(level=logging.DEBUG)
+        self.tempdir = tempfile.TemporaryDirectory()
+        os.chdir(self.tempdir.name)
+        self.repodir = Path('repo')
+        self.repodir.mkdir()
+
+    def tearDown(self):
+        self.tempdir.cleanup()
+
+    def test_sign_index_v1(self):
+        shutil.copy(str(self.basedir / 'repo/index-v1.json'), 'repo')
+        signindex.sign_index_v1(str(self.repodir), 'index-v1.json')
+        self.assertTrue((self.repodir / 'index-v1.jar').exists())
+
+    def test_sign_index_v1_corrupt(self):
+        with open('repo/index-v1.json', 'w') as fp:
+            fp.write('corrupt JSON!')
+        with self.assertRaises(json.decoder.JSONDecodeError, msg='error on bad JSON'):
+            signindex.sign_index_v1(str(self.repodir), 'index-v1.json')
+
+
+if __name__ == "__main__":
+    os.chdir(os.path.dirname(__file__))
+
+    parser = optparse.OptionParser()
+    parser.add_option(
+        "-v",
+        "--verbose",
+        action="store_true",
+        default=False,
+        help="Spew out even more information than normal",
+    )
+    (common.options, args) = parser.parse_args(['--verbose'])
+
+    newSuite = unittest.TestSuite()
+    newSuite.addTest(unittest.makeSuite(SignindexTest))
+    unittest.main(failfast=False)