1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-14 11:00:10 +01:00
fdroidserver/tests
Hans-Christoph Steiner 8776221988 check signature and OpenSSL after APK has proven valid
If working with a random grabbag of APKs, there can be all sorts of
issues like corrupt entries in the ZIP, bad signatures, signatures that
are invalid since they use MD5, etc.  Moving these two checks later means
that the APKs can be renamed still.

This does change how common.getsig() works.  For years, it returned
None if the signature check failed.  Now that I've started working
with giant APK collections gathered from the wild, I can see that
`fdroid update` needs to be able to first index what's there, then
make decisions based on that information.  So that means separating
the getsig() fingerprint fetching from the APK signature verification.

This is not hugely security sensitive, since the APKs still have to
get past the Android checks, e.g. update signature checks.  Plus the
APK hash is already included in the signed index.
2017-06-01 17:45:29 +02:00
..
extra test script for vmtools 2017-05-23 20:06:06 +02:00
getsig include test cases for python getsig replacement 2014-11-07 09:20:33 +00:00
gnupghome gpg-sign all valid files in the repo, including source tarballs 2016-11-07 14:53:01 +01:00
metadata make tests pass new lint rules 2017-05-26 21:03:38 +02:00
repo strip file extension from generated name for non-APKs 2017-06-01 16:01:05 +02:00
signindex Support ETag when downloading repository index 2017-05-02 15:37:02 -03:00
source-files build: improve regsub pattern for setting buildToolsVersion 2015-08-19 17:55:17 +02:00
stats regexs for getting packageName and versionCode from filenames 2017-06-01 16:01:05 +02:00
androguard_test.py update: find aapt when it is not in the PATH 2017-05-18 17:21:05 +02:00
build.TestCase add force_build_tools config option 2016-06-21 10:29:56 +02:00
common.TestCase regexs for getting packageName and versionCode from filenames 2017-06-01 16:01:05 +02:00
complete-ci-tests update outdated pylint setup 2017-05-23 22:34:16 +02:00
config.py test for original "v0" index XML compatibility 2017-02-24 11:01:01 +01:00
description-parsing.py tests: switch to python3 2016-03-11 13:27:00 +00:00
dump_internal_metadata_format.py fix metadata dump test to run on CI servers 2017-02-28 12:08:04 +01:00
import_proxy.py add a basic test of fdroid import 2015-09-10 11:08:40 +02:00
import.TestCase convert App to subclass of dict to support parsing/dumping libs 2017-02-24 11:01:01 +01:00
index.TestCase Support ETag when downloading repository index 2017-05-02 15:37:02 -03:00
install.TestCase refactor env handling for FDroidPopen to support .fdroid.* metadata 2016-03-23 17:16:27 +01:00
keystore.jks test for original "v0" index XML compatibility 2017-02-24 11:01:01 +01:00
metadata.TestCase convert metadata.Build to a subclass of dict 2017-02-24 11:01:01 +01:00
org.dyndns.fules.ck_20.apk use androguard if aapt isn't found 2017-05-04 23:35:17 +02:00
run-tests index.xml cannot handle APKs with the same packageName/versionCode 2017-06-01 16:01:05 +02:00
update.TestCase check signature and OpenSSL after APK has proven valid 2017-06-01 17:45:29 +02:00
urzip-badcert.apk include test cases for python getsig replacement 2014-11-07 09:20:33 +00:00
urzip-badsig.apk include test cases for python getsig replacement 2014-11-07 09:20:33 +00:00
urzip-release-unsigned.apk added test case for common.isApkDebuggable() 2014-12-14 13:25:20 +01:00
urzip-release.apk added test case for common.isApkDebuggable() 2014-12-14 13:25:20 +01:00
urzip.apk tests: try fdroid update after adding an APK to an existing repo 2014-06-04 21:54:55 -04:00