Diff of the two buildlogs:
--
--- b1/build.log 2025-02-23 05:00:10.939787262 +0000
+++ b2/build.log 2025-02-23 05:01:55.943044582 +0000
@@ -1,6 +1,6 @@
I: pbuilder: network access will be disabled during build
-I: Current time: Fri Mar 27 23:22:39 -12 2026
-I: pbuilder-time-stamp: 1774696959
+I: Current time: Sun Feb 23 19:00:15 +14 2025
+I: pbuilder-time-stamp: 1740286815
I: Building the build Environment
I: extracting base tarball [/var/cache/pbuilder/unstable-reproducible-base.tgz]
I: copying local configuration
@@ -21,54 +21,86 @@
dpkg-source: info: unpacking debsig-verify_0.32.tar.xz
I: Not using root during the build.
I: Installing the build-deps
-I: user script /srv/workspace/pbuilder/70588/tmp/hooks/D02_print_environment starting
+I: user script /srv/workspace/pbuilder/59304/tmp/hooks/D01_modify_environment starting
+debug: Running on ionos2-i386.
+I: Changing host+domainname to test build reproducibility
+I: Adding a custom variable just for the fun of it...
+I: Changing /bin/sh to bash
+'/bin/sh' -> '/bin/bash'
+lrwxrwxrwx 1 root root 9 Feb 23 05:00 /bin/sh -> /bin/bash
+I: Setting pbuilder2's login shell to /bin/bash
+I: Setting pbuilder2's GECOS to second user,second room,second work-phone,second home-phone,second other
+I: user script /srv/workspace/pbuilder/59304/tmp/hooks/D01_modify_environment finished
+I: user script /srv/workspace/pbuilder/59304/tmp/hooks/D02_print_environment starting
I: set
- BUILDDIR='/build/reproducible-path'
- BUILDUSERGECOS='first user,first room,first work-phone,first home-phone,first other'
- BUILDUSERNAME='pbuilder1'
- BUILD_ARCH='i386'
- DEBIAN_FRONTEND='noninteractive'
- DEB_BUILD_OPTIONS='buildinfo=+all reproducible=+all parallel=22 '
- DISTRIBUTION='unstable'
- HOME='/root'
- HOST_ARCH='i386'
+ BASH=/bin/sh
+ BASHOPTS=checkwinsize:cmdhist:complete_fullquote:extquote:force_fignore:globasciiranges:globskipdots:hostcomplete:interactive_comments:patsub_replacement:progcomp:promptvars:sourcepath
+ BASH_ALIASES=()
+ BASH_ARGC=()
+ BASH_ARGV=()
+ BASH_CMDS=()
+ BASH_LINENO=([0]="12" [1]="0")
+ BASH_LOADABLES_PATH=/usr/local/lib/bash:/usr/lib/bash:/opt/local/lib/bash:/usr/pkg/lib/bash:/opt/pkg/lib/bash:.
+ BASH_SOURCE=([0]="/tmp/hooks/D02_print_environment" [1]="/tmp/hooks/D02_print_environment")
+ BASH_VERSINFO=([0]="5" [1]="2" [2]="37" [3]="1" [4]="release" [5]="i686-pc-linux-gnu")
+ BASH_VERSION='5.2.37(1)-release'
+ BUILDDIR=/build/reproducible-path
+ BUILDUSERGECOS='second user,second room,second work-phone,second home-phone,second other'
+ BUILDUSERNAME=pbuilder2
+ BUILD_ARCH=i386
+ DEBIAN_FRONTEND=noninteractive
+ DEB_BUILD_OPTIONS='buildinfo=+all reproducible=+all parallel=10 '
+ DIRSTACK=()
+ DISTRIBUTION=unstable
+ EUID=0
+ FUNCNAME=([0]="Echo" [1]="main")
+ GROUPS=()
+ HOME=/root
+ HOSTNAME=i-capture-the-hostname
+ HOSTTYPE=i686
+ HOST_ARCH=i386
IFS='
'
- INVOCATION_ID='6d1b54358929424b9ebb44584b0f18bc'
- LANG='C'
- LANGUAGE='en_US:en'
- LC_ALL='C'
- LD_LIBRARY_PATH='/usr/lib/libeatmydata'
- LD_PRELOAD='libeatmydata.so'
- MAIL='/var/mail/root'
- OPTIND='1'
- PATH='/usr/sbin:/usr/bin:/sbin:/bin:/usr/games'
- PBCURRENTCOMMANDLINEOPERATION='build'
- PBUILDER_OPERATION='build'
- PBUILDER_PKGDATADIR='/usr/share/pbuilder'
- PBUILDER_PKGLIBDIR='/usr/lib/pbuilder'
- PBUILDER_SYSCONFDIR='/etc'
- PPID='70588'
- PS1='# '
- PS2='> '
+ INVOCATION_ID=42a766c467604e2e9c66ff6976b7261c
+ LANG=C
+ LANGUAGE=de_CH:de
+ LC_ALL=C
+ LD_LIBRARY_PATH=/usr/lib/libeatmydata
+ LD_PRELOAD=libeatmydata.so
+ MACHTYPE=i686-pc-linux-gnu
+ MAIL=/var/mail/root
+ OPTERR=1
+ OPTIND=1
+ OSTYPE=linux-gnu
+ PATH=/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/i/capture/the/path
+ PBCURRENTCOMMANDLINEOPERATION=build
+ PBUILDER_OPERATION=build
+ PBUILDER_PKGDATADIR=/usr/share/pbuilder
+ PBUILDER_PKGLIBDIR=/usr/lib/pbuilder
+ PBUILDER_SYSCONFDIR=/etc
+ PIPESTATUS=([0]="0")
+ POSIXLY_CORRECT=y
+ PPID=59304
PS4='+ '
- PWD='/'
- SHELL='/bin/bash'
- SHLVL='2'
- SUDO_COMMAND='/usr/bin/timeout -k 18.1h 18h /usr/bin/ionice -c 3 /usr/bin/nice /usr/sbin/pbuilder --build --configfile /srv/reproducible-results/rbuild-debian/r-b-build.UjJP7fXV/pbuilderrc_NgB5 --distribution unstable --hookdir /etc/pbuilder/first-build-hooks --debbuildopts -b --basetgz /var/cache/pbuilder/unstable-reproducible-base.tgz --buildresult /srv/reproducible-results/rbuild-debian/r-b-build.UjJP7fXV/b1 --logfile b1/build.log debsig-verify_0.32.dsc'
- SUDO_GID='112'
- SUDO_UID='107'
- SUDO_USER='jenkins'
- TERM='unknown'
- TZ='/usr/share/zoneinfo/Etc/GMT+12'
- USER='root'
- _='/usr/bin/systemd-run'
- http_proxy='http://213.165.73.152:3128'
+ PWD=/
+ SHELL=/bin/bash
+ SHELLOPTS=braceexpand:errexit:hashall:interactive-comments:posix
+ SHLVL=3
+ SUDO_COMMAND='/usr/bin/timeout -k 24.1h 24h /usr/bin/ionice -c 3 /usr/bin/nice -n 11 /usr/bin/unshare --uts -- /usr/sbin/pbuilder --build --configfile /srv/reproducible-results/rbuild-debian/r-b-build.UjJP7fXV/pbuilderrc_MZoA --distribution unstable --hookdir /etc/pbuilder/rebuild-hooks --debbuildopts -b --basetgz /var/cache/pbuilder/unstable-reproducible-base.tgz --buildresult /srv/reproducible-results/rbuild-debian/r-b-build.UjJP7fXV/b2 --logfile b2/build.log debsig-verify_0.32.dsc'
+ SUDO_GID=112
+ SUDO_UID=107
+ SUDO_USER=jenkins
+ TERM=unknown
+ TZ=/usr/share/zoneinfo/Etc/GMT-14
+ UID=0
+ USER=root
+ _='I: set'
+ http_proxy=http://46.16.76.132:3128
I: uname -a
- Linux ionos16-i386 6.1.0-31-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.128-1 (2025-02-07) x86_64 GNU/Linux
+ Linux i-capture-the-hostname 6.1.0-31-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.128-1 (2025-02-07) x86_64 GNU/Linux
I: ls -l /bin
- lrwxrwxrwx 1 root root 7 Nov 22 2024 /bin -> usr/bin
-I: user script /srv/workspace/pbuilder/70588/tmp/hooks/D02_print_environment finished
+ lrwxrwxrwx 1 root root 7 Nov 22 14:40 /bin -> usr/bin
+I: user script /srv/workspace/pbuilder/59304/tmp/hooks/D02_print_environment finished
-> Attempting to satisfy build-dependencies
-> Creating pbuilder-satisfydepends-dummy package
Package: pbuilder-satisfydepends-dummy
@@ -181,7 +213,7 @@
Get: 49 http://deb.debian.org/debian unstable/main i386 libpkgconf3 i386 1.8.1-4 [38.4 kB]
Get: 50 http://deb.debian.org/debian unstable/main i386 pkgconf-bin i386 1.8.1-4 [30.6 kB]
Get: 51 http://deb.debian.org/debian unstable/main i386 pkgconf i386 1.8.1-4 [26.2 kB]
-Fetched 25.5 MB in 0s (102 MB/s)
+Fetched 25.5 MB in 1s (32.1 MB/s)
Preconfiguring packages ...
Selecting previously unselected package readline-common.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 19761 files and directories currently installed.)
@@ -404,7 +436,11 @@
Building tag database...
-> Finished parsing the build-deps
I: Building the package
-I: Running cd /build/reproducible-path/debsig-verify-0.32/ && env PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games" HOME="/nonexistent/first-build" dpkg-buildpackage -us -uc -b && env PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games" HOME="/nonexistent/first-build" dpkg-genchanges -S > ../debsig-verify_0.32_source.changes
+I: user script /srv/workspace/pbuilder/59304/tmp/hooks/A99_set_merged_usr starting
+Not re-configuring usrmerge for unstable
+I: user script /srv/workspace/pbuilder/59304/tmp/hooks/A99_set_merged_usr finished
+hostname: Name or service not known
+I: Running cd /build/reproducible-path/debsig-verify-0.32/ && env PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/i/capture/the/path" HOME="/nonexistent/second-build" dpkg-buildpackage -us -uc -b && env PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/i/capture/the/path" HOME="/nonexistent/second-build" dpkg-genchanges -S > ../debsig-verify_0.32_source.changes
dpkg-buildpackage: info: source package debsig-verify
dpkg-buildpackage: info: source version 0.32
dpkg-buildpackage: info: source distribution unstable
@@ -457,8 +493,8 @@
checking whether make supports the include directive... yes (GNU style)
checking whether make supports nested variables... yes
checking xargs -n works... yes
-checking whether UID '1111' is supported by ustar format... yes
-checking whether GID '1111' is supported by ustar format... yes
+checking whether UID '2222' is supported by ustar format... yes
+checking whether GID '2222' is supported by ustar format... yes
checking how to create a ustar tar archive... gnutar
checking dependency style of gcc... none
checking for gcc... (cached) gcc
@@ -511,7 +547,7 @@
config.status: executing test/atconfig commands
config.status: executing depfiles commands
dh_auto_build -O--builddir=build-tree
- cd build-tree && make -j22
+ cd build-tree && make -j10
make[1]: Entering directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
make all-recursive
make[2]: Entering directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
@@ -534,7 +570,7 @@
make[2]: Leaving directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
make[1]: Leaving directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
dh_auto_test -O--builddir=build-tree
- cd build-tree && make -j22 check "TESTSUITEFLAGS=-j22 --verbose" VERBOSE=1
+ cd build-tree && make -j10 check "TESTSUITEFLAGS=-j10 --verbose" VERBOSE=1
make[1]: Entering directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
Making check in .
make[2]: Entering directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
@@ -543,7 +579,7 @@
make[2]: Entering directory '/build/reproducible-path/debsig-verify-0.32/build-tree/test'
make check-local
make[3]: Entering directory '/build/reproducible-path/debsig-verify-0.32/build-tree/test'
-/bin/bash ../../test/testsuite -j22 --verbose
+/bin/sh ../../test/testsuite -j10 --verbose
## ------------------------------ ##
## debsig-verify 0.32 test suite. ##
## ------------------------------ ##
@@ -557,30 +593,27 @@
-
-
-
-
-
-1. debsig-cmd.at:3: testing debsig-verify --version ...
-../../test/debsig-cmd.at:5: debsig-verify --version
+8. debsig-sig.at:39: testing deb validates with fprid, fprid db ...
2. debsig-cmd.at:8: testing debsig-verify --help ...
../../test/debsig-cmd.at:10: debsig-verify --help
-
-3. debsig-sig.at:3: testing deb no validates, no sig ...
-
+1. debsig-cmd.at:3: testing debsig-verify --version ...
+../../test/debsig-cmd.at:5: debsig-verify --version
4. debsig-sig.at:9: testing deb no validates, bad sig ...
-5. debsig-sig.at:16: testing deb no validates, good sig, no policy dir ...
stdout:
-
-
-stdout:
-6. debsig-sig.at:23: testing deb no validates, good sig, no policy (fprid) ...
Debsig Program Version - 0.32
Signature Version - 1.0
Signature Namespace - https://www.debian.org/debsig/1.0/
Policies Directory - /etc/debsig/policies
Keyrings Directory - /usr/share/debsig/keyrings
+7. debsig-sig.at:31: testing deb no validates, good sig, no policy (keyid) ...
+1. debsig-cmd.at:3: ok
+6. debsig-sig.at:23: testing deb no validates, good sig, no policy (fprid) ...
+3. debsig-sig.at:3: testing deb no validates, no sig ...
+5. debsig-sig.at:16: testing deb no validates, good sig, no policy dir ...
+stdout:
+9. debsig-sig.at:46: testing deb validates with keyid, fprid db ...
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
Usage: debsig-verify [<option>...] <deb>
Options:
@@ -595,69 +628,58 @@
--root <dir> Use an alternative root directory for policy lookup.
--help Output usage info, and exit.
--version Output version info, and exit.
-8. debsig-sig.at:39: testing deb validates with fprid, fprid db ...
-
-
-7. debsig-sig.at:31: testing deb no validates, good sig, no policy (keyid) ...
-1. debsig-cmd.at:3: 2. debsig-cmd.at:8: ok
- ok
-9. debsig-sig.at:46: testing deb validates with keyid, fprid db ...
-11. debsig-sig.at:60: testing deb validates with fprid, keyid db ...
+2. debsig-cmd.at:8: ok
10. debsig-sig.at:53: testing deb validates with nameid, fprid db ...
-14. debsig-sig.at:87: testing deb validates with subkey, fprid, fprid db ...
-13. debsig-sig.at:78: testing deb validates with nameid, keyid db ...
-12. debsig-sig.at:69: testing deb validates with keyid, keyid db ...
-15. debsig-sig.at:95: testing deb validates with subkey, keyid, fprid db ...
dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-17. debsig-sig.at:111: testing deb validates with subkey, nameid, fprid db ...
-18. debsig-sig.at:119: testing deb validates with subkey, fprid, keyid db ...
dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-16. debsig-sig.at:103: testing deb validates with subkey, subid, fprid db ...
dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-21. debsig-sig.at:149: testing deb validates with subkey, nameid, keyid db ...
-19. debsig-sig.at:129: testing deb validates with subkey, keyid, keyid db ...
dpkg-deb: building package 'debraw' in 'debraw_1.0.deb'.
-20. debsig-sig.at:139: testing deb validates with subkey, subid, keyid db ...
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
-dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+
dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+
+11. debsig-sig.at:60: testing deb validates with fprid, keyid db ...
dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+../../test/debsig-sig.at:6: $DEBSIG debraw_1.0.deb
+stdout:
+debsig: Starting verification for: debraw_1.0.deb
+debsig: Origin Signature check failed. This deb might not be signed.
+
+3. debsig-sig.at:3: ok
+12. debsig-sig.at:69: testing deb validates with keyid, keyid db ...
gpg: enabled compatibility flags:
-gpg: keybox '/tmp/debsig-test-tmp.hu3ebSSKaF/pubring.kbx' created
+gpg: keybox '/tmp/debsig-test-tmp.HFOvATMo84/pubring.kbx' created
gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: Total number processed: 1
+gpg: imported: 1
gpg: enabled compatibility flags:
-gpg: keybox '/tmp/debsig-test-tmp.HxWFkIsGkl/pubring.kbx' created
+gpg: keybox '/tmp/debsig-test-tmp.R8GfWhvj5z/pubring.kbx' created
+gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+
+gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.eB5NuY5HoF/pubring.kbx' created
gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
gpg: enabled compatibility flags:
-gpg: keybox '/tmp/debsig-test-tmp.JidlU8Vu9S/pubring.kbx' created
+gpg: keybox '/tmp/debsig-test-tmp.bKx1WHO3TO/pubring.kbx' created
gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: Total number processed: 1
-gpg: imported: 1
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
-gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: enabled compatibility flags:
gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
gpg: enabled compatibility flags:
-gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: enabled compatibility flags:
-gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: keybox '/tmp/debsig-test-tmp.dRicK0bq6h/pubring.kbx' created
+gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
gpg: key E9F3837DB59CDACD: secret key imported
@@ -665,142 +687,76 @@
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+13. debsig-sig.at:78: testing deb validates with nameid, keyid db ...
gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
-gpg: key E9F3837DB59CDACD: secret key imported
gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
+gpg: imported: 1
gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
gpg: key E9F3837DB59CDACD: secret key imported
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1
-../../test/debsig-sig.at:6: $DEBSIG debraw_1.0.deb
-stdout:
-debsig: Starting verification for: debraw_1.0.deb
-debsig: Origin Signature check failed. This deb might not be signed.
-
-3. debsig-sig.at:3: ok
gpg: enabled compatibility flags:
-gpg: keybox '/tmp/debsig-test-tmp.SkqCH6IzTY/pubring.kbx' created
+gpg: keybox '/tmp/debsig-test-tmp.MhyYReoJzC/pubring.kbx' created
gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
gpg: enabled compatibility flags:
-gpg: keybox '/tmp/debsig-test-tmp.jxG1sgIfGv/pubring.kbx' created
-gpg: enabled compatibility flags:
-gpg: enabled compatibility flags:
-gpg: enabled compatibility flags:
-gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: keybox '/tmp/debsig-test-tmp.9IsuDz7Bf5/pubring.kbx' created
-gpg: keybox '/tmp/debsig-test-tmp.beZrzSPnbt/pubring.kbx' created
-gpg: enabled compatibility flags:
-gpg: keybox '/tmp/debsig-test-tmp.biM978xn56/pubring.kbx' created
-gpg: enabled compatibility flags:
gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.BVcNilCwb3/pubring.kbx' created
gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: enabled compatibility flags:
-gpg: enabled compatibility flags:
-gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: enabled compatibility flags:
-gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: keybox '/tmp/debsig-test-tmp.8A1a5n3S31/pubring.kbx' created
-gpg: keybox '/tmp/debsig-test-tmp.x1C4AqxMRP/pubring.kbx' created
-gpg: keybox '/tmp/debsig-test-tmp.3tEMXW7Hke/pubring.kbx' created
-gpg: keybox '/tmp/debsig-test-tmp.kj1m2lM7CZ/pubring.kbx' created
-gpg: keybox '/tmp/debsig-test-tmp.YXy5ib3I3b/pubring.kbx' created
-gpg: enabled compatibility flags:
-gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: enabled compatibility flags:
-gpg: keybox '/tmp/debsig-test-tmp.HVzTs8C6gK/pubring.kbx' created
-gpg: keybox '/tmp/debsig-test-tmp.voAOBKgspY/pubring.kbx' created
-gpg: keybox '/tmp/debsig-test-tmp.vkzdW1CarT/pubring.kbx' created
-gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: enabled compatibility flags:
-gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: enabled compatibility flags:
-gpg: keybox '/tmp/debsig-test-tmp.E9mEzhGYAD/pubring.kbx' created
-gpg: keybox '/tmp/debsig-test-tmp.yp7WpEV4iW/pubring.kbx' created
-gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: Total number processed: 1
-gpg: imported: 1
-gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: Total number processed: 1
-gpg: imported: 1
gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
+gpg: key E9F3837DB59CDACD: secret key imported
gpg: Total number processed: 1
-gpg: imported: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
-gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
+gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
+gpg: key E9F3837DB59CDACD: secret key imported
gpg: Total number processed: 1
-gpg: imported: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
gpg: Total number processed: 1
gpg: imported: 1
gpg: enabled compatibility flags:
-gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: keybox '/tmp/debsig-test-tmp.U4NHzUTPFo/pubring.kbx' created
+gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
gpg: enabled compatibility flags:
gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: Total number processed: 1
-gpg: imported: 1
-gpg: enabled compatibility flags:
-gpg: enabled compatibility flags:
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
gpg: enabled compatibility flags:
gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
gpg: enabled compatibility flags:
gpg: enabled compatibility flags:
gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
-gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: Total number processed: 1
-gpg: imported: 1
-gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: Total number processed: 1
-gpg: imported: 1
-gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: Total number processed: 1
-gpg: imported: 1
gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
-gpg: Total number processed: 1
-gpg: imported: 1
gpg: Total number processed: 1
gpg: imported: 1
-gpg: Total number processed: 1
-gpg: imported: 1
-gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
gpg: key E9F3837DB59CDACD: secret key imported
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1
-gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+gpg: keybox '/tmp/debsig-test-tmp.BPoyAOlg6q/pubring.kbx' created
+gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
gpg: enabled compatibility flags:
+gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
gpg: key E9F3837DB59CDACD: secret key imported
gpg: Total number processed: 1
@@ -815,8 +771,6 @@
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1
-gpg: enabled compatibility flags:
-gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
gpg: key E9F3837DB59CDACD: secret key imported
gpg: Total number processed: 1
@@ -824,7 +778,8 @@
gpg: secret keys read: 1
gpg: secret keys imported: 1
gpg: enabled compatibility flags:
-gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
gpg: key E9F3837DB59CDACD: secret key imported
gpg: Total number processed: 1
@@ -832,116 +787,101 @@
gpg: secret keys read: 1
gpg: secret keys imported: 1
gpg: enabled compatibility flags:
-gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: enabled compatibility flags:
-gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: enabled compatibility flags:
-gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: enabled compatibility flags:
-gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
-gpg: key E9F3837DB59CDACD: secret key imported
+gpg: keybox '/tmp/debsig-test-tmp.uOxJnjVsTz/pubring.kbx' created
+gpg: pub rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
+gpg: imported: 1
+gpg: enabled compatibility flags:
+../../test/debsig-sig.at:64: mkdir -p policies/$TESTKEYID
+cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
+$DEBSIG --policies-dir policies debsig_1.0.deb
+gpg: sec rsa4096/E9F3837DB59CDACD 2022-07-18 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key E9F3837DB59CDACD: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+../../test/debsig-sig.at:20: $DEBSIG --policies-dir "nonexistent" debsig_1.0.deb
+../../test/debsig-sig.at:27: mkdir -p policies/$TESTFPRID
+$DEBSIG --policies-dir "policies" debsig_1.0.deb
+../../test/debsig-sig.at:57: $DEBSIG --use-policy nameid.pol debsig_1.0.deb
gpg: key E9F3837DB59CDACD/E9F3837DB59CDACD: secret key imported
gpg: key E9F3837DB59CDACD: secret key imported
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1
-gpg: enabled compatibility flags:
-gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
-gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
-gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
-gpg: key 4832DEA0A066232B: secret key imported
-gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
-gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
-gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
-gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
-gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
-gpg: key 4832DEA0A066232B: secret key imported
-gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
-gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
-gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
-gpg: key 4832DEA0A066232B: secret key imported
-gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
-gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
-gpg: key 4832DEA0A066232B: secret key imported
-gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
-gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
-gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
-gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
-gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
-gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
-gpg: key 4832DEA0A066232B: secret key imported
-gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
-gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
-gpg: key 4832DEA0A066232B: secret key imported
-gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
-gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
-gpg: key 4832DEA0A066232B: secret key imported
-gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
-gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
-gpg: key 4832DEA0A066232B: secret key imported
-gpg: Total number processed: 1
-gpg: unchanged: 1
-gpg: secret keys read: 1
-gpg: secret keys imported: 1
-../../test/debsig-sig.at:57: $DEBSIG --use-policy nameid.pol debsig_1.0.deb
+stdout:
+debsig: Starting verification for: debsig_1.0.deb
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: Could not find Origin directory for B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+
+../../test/debsig-sig.at:43: $DEBSIG debsig_1.0.deb
+5. debsig-sig.at:16: ok
+stdout:
+debsig: Starting verification for: debsig_1.0.deb
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: getDbPathname: using policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD keyring
+debsig: Using policy directory: policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+debsig: No applicable policy found.
+6. debsig-sig.at:23: ok
../../test/debsig-sig.at:35: mkdir -p policies/$TESTKEYID
$DEBSIG --policies-dir "policies" debsig_1.0.deb
-../../test/debsig-sig.at:20: $DEBSIG --policies-dir "nonexistent" debsig_1.0.deb
+../../test/debsig-sig.at:50: $DEBSIG --use-policy keyid.pol debsig_1.0.deb
+
+stderr:
+gpg: Signature made Sun Feb 23 05:01:44 2025 UTC
+gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
+gpg: WARNING: This key is not certified with a trusted signature!
+gpg: There is no indication that the signature belongs to the owner.
+Primary key fingerprint: B255 1A21 5CE5 C745 84C6 AE0D E9F3 837D B59C DACD
+stdout:
stdout:
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
debsig: getDbPathname: using policies/E9F3837DB59CDACD keyring
debsig: Using policy directory: policies/E9F3837DB59CDACD
-debsig: No applicable policy found.
-stdout:
+debsig: Parsing policy file: policies/E9F3837DB59CDACD/keyid.pol
+debsig: parsePolicyFile: parsing 'policies/E9F3837DB59CDACD/keyid.pol'
+debsig: parsePolicyFile: completed
+debsig: Checking Selection group(s).
+debsig: Processing 'origin' key...
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
+debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: Selection group(s) passed, policy is usable.
+debsig: Using policy file: policies/E9F3837DB59CDACD/keyid.pol
+debsig: Checking Verification group(s).
+debsig: Processing 'origin' key...
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
+debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: Verification group(s) passed, deb is validated.
+debsig: Verified package from 'Debsig testing' (Debsig)
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
-debsig: Could not find Origin directory for B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-
+debsig: getDbPathname: using policies/E9F3837DB59CDACD keyring
+debsig: Using policy directory: policies/E9F3837DB59CDACD
+debsig: No applicable policy found.
+11. debsig-sig.at:60: ok
7. debsig-sig.at:31: ok
-5. debsig-sig.at:16: ok
+
+stderr:
stderr:
-gpg: Signature made Sat Mar 28 11:23:05 2026 UTC
+14. debsig-sig.at:87: testing deb validates with subkey, fprid, fprid db ...
+gpg: Signature made Sun Feb 23 05:01:44 2025 UTC
+gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
+gpg: WARNING: This key is not certified with a trusted signature!
+gpg: There is no indication that the signature belongs to the owner.
+Primary key fingerprint: B255 1A21 5CE5 C745 84C6 AE0D E9F3 837D B59C DACD
+stdout:
+gpg: Signature made Sun Feb 23 05:01:44 2025 UTC
gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: B255 1A21 5CE5 C745 84C6 AE0D E9F3 837D B59C DACD
stdout:
+15. debsig-sig.at:95: testing deb validates with subkey, keyid, fprid db ...
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD keyring
@@ -964,31 +904,50 @@
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
10. debsig-sig.at:53: ok
-../../test/debsig-sig.at:64: mkdir -p policies/$TESTKEYID
-cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
-$DEBSIG --policies-dir policies debsig_1.0.deb
-../../test/debsig-sig.at:108: $DEBSIG --use-policy subid.pol debsig_1.0.deb
-../../test/debsig-sig.at:124: mkdir -p policies/$TESTKEYID
-cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
-$DEBSIG --policies-dir policies debsig_1.0.deb
-../../test/debsig-sig.at:154: mkdir -p policies/$TESTKEYID
-cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
-$DEBSIG --policies-dir policies --use-policy nameid.pol debsig_1.0.deb
+debsig: Starting verification for: debsig_1.0.deb
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD keyring
+debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol
+debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol'
+debsig: parsePolicyFile: completed
+debsig: Checking Selection group(s).
+debsig: Processing 'origin' key...
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
+debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: Selection group(s) passed, policy is usable.
+debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol
+debsig: Checking Verification group(s).
+debsig: Processing 'origin' key...
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
+debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: Verification group(s) passed, deb is validated.
+debsig: Verified package from 'Debsig testing' (Debsig)
+8. debsig-sig.at:39: ok
../../test/debsig-sig.at:13: $DEBSIG debsig_1.0.deb
+
+
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+../../test/debsig-sig.at:73: mkdir -p policies/$TESTKEYID
+cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
+$DEBSIG --policies-dir policies --use-policy keyid.pol debsig_1.0.deb
stderr:
-gpg: Signature made Sat Mar 28 11:23:05 2026 UTC
+gpg: Signature made Sun Feb 23 05:01:44 2025 UTC
gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: B255 1A21 5CE5 C745 84C6 AE0D E9F3 837D B59C DACD
stdout:
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
-debsig: getDbPathname: using policies/E9F3837DB59CDACD keyring
-debsig: Using policy directory: policies/E9F3837DB59CDACD
-debsig: Parsing policy file: policies/E9F3837DB59CDACD/keyid.pol
-debsig: parsePolicyFile: parsing 'policies/E9F3837DB59CDACD/keyid.pol'
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD keyring
+debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol
+debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol'
debsig: parsePolicyFile: completed
debsig: Checking Selection group(s).
debsig: Processing 'origin' key...
@@ -996,7 +955,7 @@
debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: policies/E9F3837DB59CDACD/keyid.pol
+debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol
debsig: Checking Verification group(s).
debsig: Processing 'origin' key...
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
@@ -1004,18 +963,25 @@
debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
-../../test/debsig-sig.at:144: mkdir -p policies/$TESTKEYID
-cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
-$DEBSIG --policies-dir policies --use-policy subid.pol debsig_1.0.deb
-11. debsig-sig.at:60: ok
+16. debsig-sig.at:103: testing deb validates with subkey, subid, fprid db ...
../../test/debsig-sig.at:82: mkdir -p policies/$TESTKEYID
cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
$DEBSIG --policies-dir policies --use-policy nameid.pol debsig_1.0.deb
+9. debsig-sig.at:46: ok
+
+
+17. debsig-sig.at:111: testing deb validates with subkey, nameid, fprid db ...
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+18. debsig-sig.at:119: testing deb validates with subkey, fprid, keyid db ...
+
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
stderr:
-gpg: Signature made Sat Mar 28 11:23:05 2026 UTC
+19. debsig-sig.at:129: testing deb validates with subkey, keyid, keyid db ...
+gpg: Signature made Sun Feb 23 05:01:45 2025 UTC
gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
gpg: BAD signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
stdout:
+20. debsig-sig.at:139: testing deb validates with subkey, subid, keyid db ...
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD keyring
@@ -1039,115 +1005,70 @@
debsig: verifyGroupRules: failed for origin
debsig: Verification group failed checks.
debsig: Failed verification for debsig_1.0.deb.
-stderr:
-gpg: Signature made Sat Mar 28 11:23:06 2026 UTC
-gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
-gpg: WARNING: This key is not certified with a trusted signature!
-gpg: There is no indication that the signature belongs to the owner.
-Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
- Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
-stdout:
4. debsig-sig.at:9: ok
-debsig: Starting verification for: debsig_1.0.deb
-debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 keyring
-debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/subid.pol
-debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/subid.pol'
-debsig: parsePolicyFile: completed
-debsig: Checking Selection group(s).
-debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/subid.pol
-debsig: Checking Verification group(s).
-debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: Verification group(s) passed, deb is validated.
-debsig: Verified package from 'Debsig testing' (Debsig)
-16. debsig-sig.at:103: ok
-stderr:
-gpg: Signature made Sat Mar 28 11:23:06 2026 UTC
-gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
-gpg: WARNING: This key is not certified with a trusted signature!
-gpg: There is no indication that the signature belongs to the owner.
-Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
- Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
-stdout:
-debsig: Starting verification for: debsig_1.0.deb
-debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: getDbPathname: using policies/4C2E30ED5C790356 keyring
-debsig: Using policy directory: policies/4C2E30ED5C790356
-debsig: Parsing policy file: policies/4C2E30ED5C790356/subid.pol
-debsig: parsePolicyFile: parsing 'policies/4C2E30ED5C790356/subid.pol'
-debsig: parsePolicyFile: completed
-debsig: Checking Selection group(s).
-debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: policies/4C2E30ED5C790356/subid.pol
-debsig: Checking Verification group(s).
-debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: Verification group(s) passed, deb is validated.
-debsig: Verified package from 'Debsig testing' (Debsig)
+gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.6lLKiVC5SS/pubring.kbx' created
+gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: Total number processed: 1
+gpg: imported: 1
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
stderr:
-gpg: Signature made Sat Mar 28 11:23:06 2026 UTC
-gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+gpg: Signature made Sun Feb 23 05:01:45 2025 UTC
+gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
-Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
- Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
+Primary key fingerprint: B255 1A21 5CE5 C745 84C6 AE0D E9F3 837D B59C DACD
stdout:
-18. debsig-sig.at:119: ok
+gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
+gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.f3EkXrk3w0/pubring.kbx' created
+gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
+gpg: key 4832DEA0A066232B: secret key imported
+gpg: Total number processed: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
debsig: Starting verification for: debsig_1.0.deb
-debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: getDbPathname: using policies/4C2E30ED5C790356 keyring
-debsig: Using policy directory: policies/4C2E30ED5C790356
-debsig: Parsing policy file: policies/4C2E30ED5C790356/nameid.pol
-debsig: parsePolicyFile: parsing 'policies/4C2E30ED5C790356/nameid.pol'
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: getDbPathname: using policies/E9F3837DB59CDACD keyring
+debsig: Using policy directory: policies/E9F3837DB59CDACD
+debsig: Parsing policy file: policies/E9F3837DB59CDACD/keyid.pol
+debsig: parsePolicyFile: parsing 'policies/E9F3837DB59CDACD/keyid.pol'
debsig: parsePolicyFile: completed
debsig: Checking Selection group(s).
debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped Debsig Origin Test Key <debsig-test@example.com> -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
+debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: policies/4C2E30ED5C790356/nameid.pol
+debsig: Using policy file: policies/E9F3837DB59CDACD/keyid.pol
debsig: Checking Verification group(s).
debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
+debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
-../../test/debsig-sig.at:50: $DEBSIG --use-policy keyid.pol debsig_1.0.deb
-21. debsig-sig.at:149: ok
-../../test/debsig-sig.at:27: mkdir -p policies/$TESTFPRID
-$DEBSIG --policies-dir "policies" debsig_1.0.deb
stderr:
-../../test/debsig-sig.at:43: $DEBSIG debsig_1.0.deb
-../../test/debsig-sig.at:73: mkdir -p policies/$TESTKEYID
-cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
-$DEBSIG --policies-dir policies --use-policy keyid.pol debsig_1.0.deb
-gpg: Signature made Sat Mar 28 11:23:05 2026 UTC
+gpg: Signature made Sun Feb 23 05:01:45 2025 UTC
gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: B255 1A21 5CE5 C745 84C6 AE0D E9F3 837D B59C DACD
+12. debsig-sig.at:69: ok
stdout:
+gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+21. debsig-sig.at:149: testing deb validates with subkey, nameid, keyid db ...
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
debsig: getDbPathname: using policies/E9F3837DB59CDACD keyring
@@ -1170,20 +1091,119 @@
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
13. debsig-sig.at:78: ok
-stdout:
-debsig: Starting verification for: debsig_1.0.deb
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
-debsig: getDbPathname: using policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD keyring
-debsig: Using policy directory: policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-debsig: No applicable policy found.
-6. debsig-sig.at:23: ok
-../../test/debsig-sig.at:134: mkdir -p policies/$TESTKEYID
-cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
-$DEBSIG --policies-dir policies --use-policy keyid.pol debsig_1.0.deb
-../../test/debsig-sig.at:116: $DEBSIG --use-policy nameid.pol debsig_1.0.deb
+gpg: Total number processed: 1
+gpg: imported: 1
+dpkg-deb: building package 'debsig' in 'debsig_1.0.deb'.
+gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.8DKaIG82QO/pubring.kbx' created
+gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: Total number processed: 1
+gpg: imported: 1
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
+gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
+gpg: key 4832DEA0A066232B: secret key imported
+gpg: Total number processed: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
+gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
+gpg: key 4832DEA0A066232B: secret key imported
+gpg: Total number processed: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
+gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.JTU9nNk6UT/pubring.kbx' created
+gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.WgSRm9rw3R/pubring.kbx' created
+gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.LKjNd4K9Cp/pubring.kbx' created
+gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: Total number processed: 1
+gpg: imported: 1
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
+gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
+gpg: key 4832DEA0A066232B: secret key imported
+gpg: Total number processed: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
+gpg: Total number processed: 1
+gpg: imported: 1
+gpg: Total number processed: 1
+gpg: imported: 1
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.bnOKNQ6Llf/pubring.kbx' created
+gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
+gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
+gpg: key 4832DEA0A066232B: secret key imported
+gpg: Total number processed: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
+gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
+gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
+gpg: key 4832DEA0A066232B: secret key imported
+gpg: Total number processed: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
+gpg: enabled compatibility flags:
+gpg: keybox '/tmp/debsig-test-tmp.7mhk6WjuzB/pubring.kbx' created
+gpg: pub rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: public key "Debsig Origin Test Key <debsig-test@example.com>" imported
+gpg: Total number processed: 1
+gpg: imported: 1
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
+gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
+gpg: key 4832DEA0A066232B: secret key imported
+gpg: Total number processed: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
../../test/debsig-sig.at:92: $DEBSIG debsig_1.0.deb
+gpg: Total number processed: 1
+gpg: imported: 1
+gpg: enabled compatibility flags:
+gpg: sec rsa4096/4832DEA0A066232B 2023-12-20 Debsig Origin Test Key <debsig-test@example.com>
+gpg: key 4832DEA0A066232B: "Debsig Origin Test Key <debsig-test@example.com>" not changed
+gpg: key 4832DEA0A066232B/4832DEA0A066232B: secret key imported
+gpg: key 4832DEA0A066232B/4C2E30ED5C790356: secret key imported
+gpg: key 4832DEA0A066232B: secret key imported
+gpg: Total number processed: 1
+gpg: unchanged: 1
+gpg: secret keys read: 1
+gpg: secret keys imported: 1
+../../test/debsig-sig.at:100: $DEBSIG --use-policy keyid.pol debsig_1.0.deb
stderr:
-gpg: Signature made Sat Mar 28 11:23:06 2026 UTC
+gpg: Signature made Sun Feb 23 05:01:45 2025 UTC
gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
@@ -1191,121 +1211,137 @@
Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
stdout:
-../../test/debsig-sig.at:100: $DEBSIG --use-policy keyid.pol debsig_1.0.deb
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: getDbPathname: using policies/4C2E30ED5C790356 keyring
-debsig: Using policy directory: policies/4C2E30ED5C790356
-debsig: Parsing policy file: policies/4C2E30ED5C790356/subid.pol
-debsig: parsePolicyFile: parsing 'policies/4C2E30ED5C790356/subid.pol'
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 keyring
+debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/keyid.pol
+debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/keyid.pol'
debsig: parsePolicyFile: completed
debsig: Checking Selection group(s).
debsig: Processing 'origin' key...
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getKeyID: mapped 4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: policies/4C2E30ED5C790356/subid.pol
+debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/keyid.pol
debsig: Checking Verification group(s).
debsig: Processing 'origin' key...
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getKeyID: mapped 4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
+14. debsig-sig.at:87: ok
+../../test/debsig-sig.at:116: $DEBSIG --use-policy nameid.pol debsig_1.0.deb
+../../test/debsig-sig.at:108: $DEBSIG --use-policy subid.pol debsig_1.0.deb
+../../test/debsig-sig.at:144: mkdir -p policies/$TESTKEYID
+cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
+$DEBSIG --policies-dir policies --use-policy subid.pol debsig_1.0.deb
stderr:
-gpg: Signature made Sat Mar 28 11:23:05 2026 UTC
-gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+gpg: Signature made Sun Feb 23 05:01:46 2025 UTC
+gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
-Primary key fingerprint: B255 1A21 5CE5 C745 84C6 AE0D E9F3 837D B59C DACD
+Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
+ Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
stdout:
-20. debsig-sig.at:139: ok
debsig: Starting verification for: debsig_1.0.deb
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD keyring
-debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol
-debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol'
+debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 keyring
+debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/keyid.pol
+debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/keyid.pol'
debsig: parsePolicyFile: completed
debsig: Checking Selection group(s).
debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
-debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
+debsig: getKeyID: mapped 4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol
+debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/keyid.pol
debsig: Checking Verification group(s).
debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
-debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
+debsig: getKeyID: mapped 4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
-9. debsig-sig.at:46: ok
+15. debsig-sig.at:95: ok
+../../test/debsig-sig.at:124: mkdir -p policies/$TESTKEYID
+cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
+$DEBSIG --policies-dir policies debsig_1.0.deb
+../../test/debsig-sig.at:134: mkdir -p policies/$TESTKEYID
+cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
+$DEBSIG --policies-dir policies --use-policy keyid.pol debsig_1.0.deb
+../../test/debsig-sig.at:154: mkdir -p policies/$TESTKEYID
+cp -a $TESTPOLICIES/$TESTFPRID/* policies/$TESTKEYID
+$DEBSIG --policies-dir policies --use-policy nameid.pol debsig_1.0.deb
stderr:
-gpg: Signature made Sat Mar 28 11:23:05 2026 UTC
-gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
+stderr:
+gpg: Signature made Sun Feb 23 05:01:46 2025 UTC
+gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
-Primary key fingerprint: B255 1A21 5CE5 C745 84C6 AE0D E9F3 837D B59C DACD
+Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
+ Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
+gpg: Signature made Sun Feb 23 05:01:46 2025 UTC
+gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
+gpg: WARNING: This key is not certified with a trusted signature!
+gpg: There is no indication that the signature belongs to the owner.
+Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
+ Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
+stdout:
stdout:
debsig: Starting verification for: debsig_1.0.deb
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD keyring
-debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol
-debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol'
+debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 keyring
+debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/subid.pol
+debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/subid.pol'
debsig: parsePolicyFile: completed
debsig: Checking Selection group(s).
debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
-debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
+debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/keyid.pol
+debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/subid.pol
debsig: Checking Verification group(s).
debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
-debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
+debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
-8. debsig-sig.at:39: stderr:
- ok
-gpg: Signature made Sat Mar 28 11:23:05 2026 UTC
-gpg: using RSA key B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
-gpg: WARNING: This key is not certified with a trusted signature!
-gpg: There is no indication that the signature belongs to the owner.
-Primary key fingerprint: B255 1A21 5CE5 C745 84C6 AE0D E9F3 837D B59C DACD
-stdout:
+16. debsig-sig.at:103: ok
debsig: Starting verification for: debsig_1.0.deb
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
-debsig: getDbPathname: using policies/E9F3837DB59CDACD keyring
-debsig: Using policy directory: policies/E9F3837DB59CDACD
-debsig: Parsing policy file: policies/E9F3837DB59CDACD/keyid.pol
-debsig: parsePolicyFile: parsing 'policies/E9F3837DB59CDACD/keyid.pol'
+debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 keyring
+debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/nameid.pol
+debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/nameid.pol'
debsig: parsePolicyFile: completed
debsig: Checking Selection group(s).
debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
-debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
+debsig: getKeyID: mapped Debsig Origin Test Key <debsig-test@example.com> -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: policies/E9F3837DB59CDACD/keyid.pol
+debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/nameid.pol
debsig: Checking Verification group(s).
debsig: Processing 'origin' key...
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/B2551A215CE5C74584C6AE0DE9F3837DB59CDACD/pubring.pgp keyring
-debsig: getKeyID: mapped E9F3837DB59CDACD -> B2551A215CE5C74584C6AE0DE9F3837DB59CDACD
-debsig: getSigKeyID: got B2551A215CE5C74584C6AE0DE9F3837DB59CDACD for origin key
+debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
+debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
-12. debsig-sig.at:69: ok
+17. debsig-sig.at:111: ok
stderr:
-gpg: Signature made Sat Mar 28 11:23:06 2026 UTC
+gpg: Signature made Sun Feb 23 05:01:46 2025 UTC
gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
@@ -1313,21 +1349,20 @@
Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
stdout:
-stderr:
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 keyring
-debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/nameid.pol
-debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/nameid.pol'
+debsig: getDbPathname: using policies/4C2E30ED5C790356 keyring
+debsig: Using policy directory: policies/4C2E30ED5C790356
+debsig: Parsing policy file: policies/4C2E30ED5C790356/subid.pol
+debsig: parsePolicyFile: parsing 'policies/4C2E30ED5C790356/subid.pol'
debsig: parsePolicyFile: completed
debsig: Checking Selection group(s).
debsig: Processing 'origin' key...
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped Debsig Origin Test Key <debsig-test@example.com> -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/nameid.pol
+debsig: Using policy file: policies/4C2E30ED5C790356/subid.pol
debsig: Checking Verification group(s).
debsig: Processing 'origin' key...
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
@@ -1335,7 +1370,9 @@
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
-gpg: Signature made Sat Mar 28 11:23:06 2026 UTC
+20. debsig-sig.at:139: ok
+stderr:
+gpg: Signature made Sun Feb 23 05:01:46 2025 UTC
gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
@@ -1343,7 +1380,6 @@
Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
stdout:
-17. debsig-sig.at:111: ok
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: getDbPathname: using policies/4C2E30ED5C790356 keyring
@@ -1365,69 +1401,69 @@
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
-19. debsig-sig.at:129: ok
stderr:
-gpg: Signature made Sat Mar 28 11:23:06 2026 UTC
+gpg: Signature made Sun Feb 23 05:01:46 2025 UTC
gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
-stderr:
stdout:
-gpg: Signature made Sat Mar 28 11:23:06 2026 UTC
-gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
-gpg: WARNING: This key is not certified with a trusted signature!
-gpg: There is no indication that the signature belongs to the owner.
-Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
- Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 keyring
-debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/subid.pol
-debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/subid.pol'
+debsig: getDbPathname: using policies/4C2E30ED5C790356 keyring
+debsig: Using policy directory: policies/4C2E30ED5C790356
+debsig: Parsing policy file: policies/4C2E30ED5C790356/keyid.pol
+debsig: parsePolicyFile: parsing 'policies/4C2E30ED5C790356/keyid.pol'
debsig: parsePolicyFile: completed
debsig: Checking Selection group(s).
debsig: Processing 'origin' key...
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getKeyID: mapped 4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/subid.pol
+debsig: Using policy file: policies/4C2E30ED5C790356/keyid.pol
debsig: Checking Verification group(s).
debsig: Processing 'origin' key...
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getKeyID: mapped 4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
+18. debsig-sig.at:119: ok
+19. debsig-sig.at:129: ok
+stderr:
+gpg: Signature made Sun Feb 23 05:01:46 2025 UTC
+gpg: using RSA key 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+gpg: Good signature from "Debsig Origin Test Key <debsig-test@example.com>" [unknown]
+gpg: WARNING: This key is not certified with a trusted signature!
+gpg: There is no indication that the signature belongs to the owner.
+Primary key fingerprint: 900A C211 3233 F5DF 47C0 B665 4832 DEA0 A066 232B
+ Subkey fingerprint: 0DB5 9D1F 9C5B 1C3A 4504 175B 4C2E 30ED 5C79 0356
stdout:
-14. debsig-sig.at:87: debsig: Starting verification for: debsig_1.0.deb
+debsig: Starting verification for: debsig_1.0.deb
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
-debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 keyring
-debsig: Using policy directory: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
-debsig: Parsing policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/keyid.pol
-debsig: parsePolicyFile: parsing '/build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/keyid.pol'
+debsig: getDbPathname: using policies/4C2E30ED5C790356 keyring
+debsig: Using policy directory: policies/4C2E30ED5C790356
+debsig: Parsing policy file: policies/4C2E30ED5C790356/nameid.pol
+debsig: parsePolicyFile: parsing 'policies/4C2E30ED5C790356/nameid.pol'
debsig: parsePolicyFile: completed
debsig: Checking Selection group(s).
debsig: Processing 'origin' key...
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getKeyID: mapped Debsig Origin Test Key <debsig-test@example.com> -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Selection group(s) passed, policy is usable.
-debsig: Using policy file: /build/reproducible-path/debsig-verify-0.32/build-tree/../test/policies/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/keyid.pol
+debsig: Using policy file: policies/4C2E30ED5C790356/nameid.pol
debsig: Checking Verification group(s).
debsig: Processing 'origin' key...
debsig: getDbPathname: using /build/reproducible-path/debsig-verify-0.32/build-tree/../test/keyrings/0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356/pubring.pgp keyring
-debsig: getKeyID: mapped 4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
+debsig: getKeyID: mapped 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 -> 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356
debsig: getSigKeyID: got 0DB59D1F9C5B1C3A4504175B4C2E30ED5C790356 for origin key
debsig: Verification group(s) passed, deb is validated.
debsig: Verified package from 'Debsig testing' (Debsig)
- ok
-15. debsig-sig.at:95: ok
+21. debsig-sig.at:149: ok
## ------------- ##
## Test results. ##
@@ -1441,16 +1477,16 @@
dh_testroot -O--builddir=build-tree
dh_prep -O--builddir=build-tree
dh_auto_install --destdir=debian/debsig-verify/ -O--builddir=build-tree
- cd build-tree && make -j22 install DESTDIR=/build/reproducible-path/debsig-verify-0.32/debian/debsig-verify AM_UPDATE_INFO_DIR=no
+ cd build-tree && make -j10 install DESTDIR=/build/reproducible-path/debsig-verify-0.32/debian/debsig-verify AM_UPDATE_INFO_DIR=no
make[1]: Entering directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
Making install in .
make[2]: Entering directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
make[3]: Entering directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
-/usr/bin/mkdir -p /build/reproducible-path/debsig-verify-0.32/debian/debsig-verify/etc/debsig/policies
/usr/bin/mkdir -p '/build/reproducible-path/debsig-verify-0.32/debian/debsig-verify/usr/bin'
+/usr/bin/mkdir -p /build/reproducible-path/debsig-verify-0.32/debian/debsig-verify/etc/debsig/policies
/usr/bin/mkdir -p /build/reproducible-path/debsig-verify-0.32/debian/debsig-verify/usr/share/debsig/keyrings
- /usr/bin/mkdir -p '/build/reproducible-path/debsig-verify-0.32/debian/debsig-verify/usr/share/man/man1'
/usr/bin/install -c src/debsig-verify '/build/reproducible-path/debsig-verify-0.32/debian/debsig-verify/usr/bin'
+ /usr/bin/mkdir -p '/build/reproducible-path/debsig-verify-0.32/debian/debsig-verify/usr/share/man/man1'
/usr/bin/install -c -m 644 doc/debsig-verify.1 '/build/reproducible-path/debsig-verify-0.32/debian/debsig-verify/usr/share/man/man1'
make[3]: Leaving directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
make[2]: Leaving directory '/build/reproducible-path/debsig-verify-0.32/build-tree'
@@ -1497,12 +1533,14 @@
dpkg-buildpackage: info: binary-only upload (no source included)
dpkg-genchanges: info: including full source code in upload
I: copying local configuration
+I: user script /srv/workspace/pbuilder/59304/tmp/hooks/B01_cleanup starting
+I: user script /srv/workspace/pbuilder/59304/tmp/hooks/B01_cleanup finished
I: unmounting dev/ptmx filesystem
I: unmounting dev/pts filesystem
I: unmounting dev/shm filesystem
I: unmounting proc filesystem
I: unmounting sys filesystem
I: cleaning the build env
-I: removing directory /srv/workspace/pbuilder/70588 and its subdirectories
-I: Current time: Fri Mar 27 23:23:09 -12 2026
-I: pbuilder-time-stamp: 1774696989
+I: removing directory /srv/workspace/pbuilder/59304 and its subdirectories
+I: Current time: Sun Feb 23 19:01:55 +14 2025
+I: pbuilder-time-stamp: 1740286915