undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8e92c2cf37
git-commit-vandalism/t/t7510-signed-commit.sh
Michael J Gruber 8e92c2cf37 t7510: test verify-commit 
This mixes the "git verify-commit" tests in with the "git show
--show-signature" tests, to keep the tests more readable.

The tests already mix in the "call show" tests with the "verify" tests.
So in case of a test beakage, a '-v' run would be needed to reveal the
exact point of breakage anyway.

Additionally, test the actual output of "git verify-commit" and "git
show --show-signature" and compare to "git cat-file".

Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-06-23 15:50:31 -07:00

116 lines
3.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
test_description='signed commit tests'
. ./test-lib.sh
. "$TEST_DIRECTORY/lib-gpg.sh"
test_expect_success GPG 'create signed commits' '
test_when_finished "test_unconfig commit.gpgsign" &&
echo 1 >file && git add file &&
test_tick && git commit -S -m initial &&
git tag initial &&
git branch side &&
echo 2 >file && test_tick && git commit -a -S -m second &&
git tag second &&
git checkout side &&
echo 3 >elif && git add elif &&
test_tick && git commit -m "third on side" &&
git checkout master &&
test_tick && git merge -S side &&
git tag merge &&
echo 4 >file && test_tick && git commit -a -m "fourth unsigned" &&
git tag fourth-unsigned &&
test_tick && git commit --amend -S -m "fourth signed" &&
git tag fourth-signed &&
git config commit.gpgsign true &&
echo 5 >file && test_tick && git commit -a -m "fifth signed" &&
git tag fifth-signed &&
git config commit.gpgsign false &&
echo 6 >file && test_tick && git commit -a -m "sixth" &&
git tag sixth-unsigned &&
git config commit.gpgsign true &&
echo 7 >file && test_tick && git commit -a -m "seventh" --no-gpg-sign &&
git tag seventh-unsigned &&
test_tick && git rebase -f HEAD^^ && git tag sixth-signed HEAD^ &&
git tag seventh-signed
'
test_expect_success GPG 'verify and show signatures' '
(
for commit in initial second merge fourth-signed fifth-signed sixth-signed master
do
git verify-commit $commit &&
git show --pretty=short --show-signature $commit >actual &&
grep "Good signature from" actual &&
! grep "BAD signature from" actual || exit 1
echo $commit OK
done
) &&
(
for commit in merge^2 fourth-unsigned sixth-unsigned seventh-unsigned
do
test_must_fail git verify-commit $commit &&
git show --pretty=short --show-signature $commit >actual &&
! grep "Good signature from" actual &&
! grep "BAD signature from" actual || exit 1
echo $commit OK
done
)
'
test_expect_success GPG 'show signed commit with signature' '
git show -s initial >commit &&
git show -s --show-signature initial >show &&
git verify-commit -v initial >verify.1 2>verify.2 &&
git cat-file commit initial >cat &&
grep -v "gpg: " show >show.commit &&
grep "gpg: " show >show.gpg &&
grep -v "^ " cat | grep -v "^gpgsig " >cat.commit &&
test_cmp show.commit commit &&
test_cmp show.gpg verify.2 &&
test_cmp cat.commit verify.1
'
test_expect_success GPG 'detect fudged signature' '
git cat-file commit master >raw &&
sed -e "s/seventh/7th forged/" raw >forged1 &&
git hash-object -w -t commit forged1 >forged1.commit &&
! git verify-commit $(cat forged1.commit) &&
git show --pretty=short --show-signature $(cat forged1.commit) >actual1 &&
grep "BAD signature from" actual1 &&
! grep "Good signature from" actual1
'
test_expect_success GPG 'detect fudged signature with NUL' '
git cat-file commit master >raw &&
cat raw >forged2 &&
echo Qwik | tr "Q" "\000" >>forged2 &&
git hash-object -w -t commit forged2 >forged2.commit &&
! git verify-commit $(cat forged2.commit) &&
git show --pretty=short --show-signature $(cat forged2.commit) >actual2 &&
grep "BAD signature from" actual2 &&
! grep "Good signature from" actual2
'
test_expect_success GPG 'amending already signed commit' '
git checkout fourth-signed^0 &&
git commit --amend -S --no-edit &&
git verify-commit HEAD &&
git show -s --show-signature HEAD >actual &&
grep "Good signature from" actual &&
! grep "BAD signature from" actual
'
test_done
Reference in New Issue View Git Blame Copy Permalink