]>
Commit | Line | Data |
---|---|---|
247503f2 JH |
1 | #!/bin/sh |
2 | ||
3 | test_description='signed commit tests' | |
4 | . ./test-lib.sh | |
5 | . "$TEST_DIRECTORY/lib-gpg.sh" | |
6 | ||
7 | test_expect_success GPG 'create signed commits' ' | |
4b8d14b4 NV |
8 | test_when_finished "test_unconfig commit.gpgsign" && |
9 | ||
247503f2 JH |
10 | echo 1 >file && git add file && |
11 | test_tick && git commit -S -m initial && | |
12 | git tag initial && | |
13 | git branch side && | |
14 | ||
15 | echo 2 >file && test_tick && git commit -a -S -m second && | |
16 | git tag second && | |
17 | ||
18 | git checkout side && | |
19 | echo 3 >elif && git add elif && | |
20 | test_tick && git commit -m "third on side" && | |
21 | ||
22 | git checkout master && | |
23 | test_tick && git merge -S side && | |
24 | git tag merge && | |
25 | ||
26 | echo 4 >file && test_tick && git commit -a -m "fourth unsigned" && | |
27 | git tag fourth-unsigned && | |
28 | ||
c871a1d1 | 29 | test_tick && git commit --amend -S -m "fourth signed" && |
4b8d14b4 NV |
30 | git tag fourth-signed && |
31 | ||
32 | git config commit.gpgsign true && | |
33 | echo 5 >file && test_tick && git commit -a -m "fifth signed" && | |
34 | git tag fifth-signed && | |
35 | ||
36 | git config commit.gpgsign false && | |
37 | echo 6 >file && test_tick && git commit -a -m "sixth" && | |
38 | git tag sixth-unsigned && | |
39 | ||
40 | git config commit.gpgsign true && | |
41 | echo 7 >file && test_tick && git commit -a -m "seventh" --no-gpg-sign && | |
42 | git tag seventh-unsigned && | |
43 | ||
44 | test_tick && git rebase -f HEAD^^ && git tag sixth-signed HEAD^ && | |
45 | git tag seventh-signed | |
247503f2 JH |
46 | ' |
47 | ||
48 | test_expect_success GPG 'show signatures' ' | |
49 | ( | |
4b8d14b4 | 50 | for commit in initial second merge fourth-signed fifth-signed sixth-signed master |
247503f2 JH |
51 | do |
52 | git show --pretty=short --show-signature $commit >actual && | |
53 | grep "Good signature from" actual || exit 1 | |
54 | ! grep "BAD signature from" actual || exit 1 | |
55 | echo $commit OK | |
56 | done | |
57 | ) && | |
58 | ( | |
4b8d14b4 | 59 | for commit in merge^2 fourth-unsigned sixth-unsigned seventh-unsigned |
247503f2 JH |
60 | do |
61 | git show --pretty=short --show-signature $commit >actual && | |
62 | grep "Good signature from" actual && exit 1 | |
63 | ! grep "BAD signature from" actual || exit 1 | |
64 | echo $commit OK | |
65 | done | |
66 | ) | |
67 | ' | |
68 | ||
69 | test_expect_success GPG 'detect fudged signature' ' | |
70 | git cat-file commit master >raw && | |
71 | ||
4b8d14b4 | 72 | sed -e "s/seventh/7th forged/" raw >forged1 && |
247503f2 JH |
73 | git hash-object -w -t commit forged1 >forged1.commit && |
74 | git show --pretty=short --show-signature $(cat forged1.commit) >actual1 && | |
75 | grep "BAD signature from" actual1 && | |
76 | ! grep "Good signature from" actual1 | |
77 | ' | |
78 | ||
79 | test_expect_success GPG 'detect fudged signature with NUL' ' | |
80 | git cat-file commit master >raw && | |
81 | cat raw >forged2 && | |
82 | echo Qwik | tr "Q" "\000" >>forged2 && | |
83 | git hash-object -w -t commit forged2 >forged2.commit && | |
84 | git show --pretty=short --show-signature $(cat forged2.commit) >actual2 && | |
85 | grep "BAD signature from" actual2 && | |
86 | ! grep "Good signature from" actual2 | |
87 | ' | |
88 | ||
c871a1d1 JH |
89 | test_expect_success GPG 'amending already signed commit' ' |
90 | git checkout fourth-signed^0 && | |
91 | git commit --amend -S --no-edit && | |
92 | git show -s --show-signature HEAD >actual && | |
93 | grep "Good signature from" actual && | |
94 | ! grep "BAD signature from" actual | |
95 | ' | |
96 | ||
247503f2 | 97 | test_done |