Task #2959
tests for adding repos with fingerprints
| Status: | New | Start date: | 02/13/2014 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | |||
| Target version: | - | |||
| Component: |
Description
write tests for adding repos, it should test things like:
- add a repo with a fingerprint, then compare it to the actual key
- add a repo that conflicts with an existing repo
- add a repo with off-by-one fingerprints
These can be included in the Android Test Project in fdroidclient/test
Related issues
Associated revisions
Utils tests: formatFingerprint() and calcFingerprint(String)
Prevent another stupid bug like what is fixed by commit
5ff177cd1884ed61def491a813363f96c5de628a
test index.jar signature checking
I got scared by seeing the Android docs' version of JarFile.getInputStream,
which didn't mention SecurityException or the signature checking. But it
seems that even tho its not in the Android docs, Android implements it the
same as Java does. It is good to have these tests in place anyhow, since
this is an essential piece of the security process of FDroid.
- http://docs.oracle.com/javase/6/docs/api/java/util/jar/JarFile.html#getInputStream(java.util.zip.ZipEntry)
- https://developer.android.com/reference/java/util/jar/JarFile.html#getInputStream(java.util.zip.ZipEntry)
refs #2627 https://dev.guardianproject.info/issues/2627
refs #2959 https://dev.guardianproject.info/issues/2959
History
#1 Updated by hans over 3 years ago
- Target version changed from improved security/usability to Integrate Kerplapp into FDroid
#2 Updated by hans over 3 years ago
- Target version changed from Integrate Kerplapp into FDroid to 134
#3 Updated by hans over 2 years ago
- Target version deleted (
134)