From 902db8103612bf74d8a7dc6bc3d0df52e5c1c0e3 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Mon, 26 Jun 2017 13:51:32 +0100
Subject: [PATCH] Update key checks

---
 tests/check-apt-key.sh | 70 +++++++++++++++++++++++++-----------------
 1 file changed, 42 insertions(+), 28 deletions(-)

diff --git a/tests/check-apt-key.sh b/tests/check-apt-key.sh
index 993cc3e4..47a752b6 100644
--- a/tests/check-apt-key.sh
+++ b/tests/check-apt-key.sh
@@ -1,6 +1,48 @@
 #!/bin/bash
 #Verify with the key fatch from https://ftp-master.debian.org/keys.html
 
+#---------------------------------------------------------------------------
+#"Debian Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>"
+
+STRETCHARCHIVEKEY=" E1CF 20DD FFE4 B89E 8026  58F1 E0B1 1894 F66A EC98"
+CHECKTMP=$(apt-key finger | grep -B 1 "Debian Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>" | head -n1 | awk -F '=' '{printf $2}')
+
+if [ "$CHECKTMP" == "$STRETCHARCHIVEKEY" ];then
+       echo Good
+       :
+else
+       echo bad
+       exit 1
+fi
+
+#---------------------------------------------------------------------------
+#"Debian Security Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>"
+
+STRETCHSECURITYKEY=" 6ED6 F5CB 5FA6 FB2F 460A  E88E EDA0 D238 8AE2 2BA9"
+CHECKTMP=$(apt-key finger | grep -B 1 "Debian Security Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>" | head -n1 | awk -F '=' '{printf $2}')
+
+if [ "$CHECKTMP" == "$STRETCHSECURITYKEY" ];then
+       echo Good
+       :
+else
+       echo bad
+       exit 1
+fi
+
+#---------------------------------------------------------------------------
+#"Debian Stable Release Key (9/stretch) <debian-release@lists.debian.org>"
+
+STRETCHSTABLEKEY=" 067E 3C45 6BAE 240A CEE8  8F6F EF0F 382A 1A7B 6500"
+CHECKTMP=$(apt-key finger | grep -B 1 "Debian Stable Release Key (9/stretch) <debian-release@lists.debian.org>" | head -n1 | awk -F '=' '{printf $2}')
+
+if [ "$CHECKTMP" == "$STRETCHSTABLEKEY" ];then
+       echo Good
+       :
+else
+       echo bad
+       exit 1
+fi
+
 #---------------------------------------------------------------------------
 #"Debian Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>"
 
@@ -43,34 +85,6 @@ else
        exit 1
 fi
 
-#---------------------------------------------------------------------------
-#"Debian Archive Automatic Signing Key (6.0/squeeze) <ftpmaster@debian.org>"
-
-SQUEEZEARCHIVEKEY=" 9FED 2BCB DCD2 9CDF 7626  78CB AED4 B06F 4730 41FA"
-CHECKTMP=$(apt-key finger | grep -B 1 "Debian Archive Automatic Signing Key (6.0/squeeze) <ftpmaster@debian.org>" | head -n1 | awk -F '=' '{printf $2}')
-
-if [ "$CHECKTMP" == "$SQUEEZEARCHIVEKEY" ];then
-       echo Good
-       :
-else
-       echo bad
-       exit 1
-fi
-
-#---------------------------------------------------------------------------
-#"Squeeze Stable Release Key <debian-release@lists.debian.org>"
-
-SQUEEZESTABLEKEY=" 0E4E DE2C 7F3E 1FC0 D033  800E 6448 1591 B983 21F9"
-CHECKTMP=$(apt-key finger | grep -B 1 "Squeeze Stable Release Key <debian-release@lists.debian.org>" | head -n1 | awk -F '=' '{printf $2}')
-
-if [ "$CHECKTMP" == "$SQUEEZESTABLEKEY" ];then
-       echo Good
-       :
-else
-       echo bad
-       exit 1
-fi
-
 #---------------------------------------------------------------------------
 #"Debian Archive Automatic Signing Key (7.0/wheezy) <ftpmaster@debian.org>"