projects / thirdparty / git.git / blame
| Commit | Line | Data |
|---|---|---|
| 247503f2 JH |
1 | #!/bin/sh |
| 2 | ||
| 3 | test_description='signed commit tests' | |
| 4 | . ./test-lib.sh | |
| 5 | . "$TEST_DIRECTORY/lib-gpg.sh" | |
| 6 | ||
| 7 | test_expect_success GPG 'create signed commits' ' | |
| 4b8d14b4 NV |
8 | test_when_finished "test_unconfig commit.gpgsign" && |
| 9 | ||
| 247503f2 JH |
10 | echo 1 >file && git add file && |
| 11 | test_tick && git commit -S -m initial && | |
| 12 | git tag initial && | |
| 13 | git branch side && | |
| 14 | ||
| 15 | echo 2 >file && test_tick && git commit -a -S -m second && | |
| 16 | git tag second && | |
| 17 | ||
| 18 | git checkout side && | |
| 19 | echo 3 >elif && git add elif && | |
| 20 | test_tick && git commit -m "third on side" && | |
| 21 | ||
| 22 | git checkout master && | |
| 23 | test_tick && git merge -S side && | |
| 24 | git tag merge && | |
| 25 | ||
| 26 | echo 4 >file && test_tick && git commit -a -m "fourth unsigned" && | |
| 27 | git tag fourth-unsigned && | |
| 28 | ||
| c871a1d1 | 29 | test_tick && git commit --amend -S -m "fourth signed" && |
| 4b8d14b4 NV |
30 | git tag fourth-signed && |
| 31 | ||
| 32 | git config commit.gpgsign true && | |
| 33 | echo 5 >file && test_tick && git commit -a -m "fifth signed" && | |
| 34 | git tag fifth-signed && | |
| 35 | ||
| 36 | git config commit.gpgsign false && | |
| 37 | echo 6 >file && test_tick && git commit -a -m "sixth" && | |
| 38 | git tag sixth-unsigned && | |
| 39 | ||
| 40 | git config commit.gpgsign true && | |
| 41 | echo 7 >file && test_tick && git commit -a -m "seventh" --no-gpg-sign && | |
| 42 | git tag seventh-unsigned && | |
| 43 | ||
| 44 | test_tick && git rebase -f HEAD^^ && git tag sixth-signed HEAD^ && | |
| 45 | git tag seventh-signed | |
| 247503f2 JH |
46 | ' |
| 47 | ||
| 48 | test_expect_success GPG 'show signatures' ' | |
| 49 | ( | |
| 4b8d14b4 | 50 | for commit in initial second merge fourth-signed fifth-signed sixth-signed master |
| 247503f2 JH |
51 | do |
| 52 | git show --pretty=short --show-signature $commit >actual && | |
| 53 | grep "Good signature from" actual || exit 1 | |
| 54 | ! grep "BAD signature from" actual || exit 1 | |
| 55 | echo $commit OK | |
| 56 | done | |
| 57 | ) && | |
| 58 | ( | |
| 4b8d14b4 | 59 | for commit in merge^2 fourth-unsigned sixth-unsigned seventh-unsigned |
| 247503f2 JH |
60 | do |
| 61 | git show --pretty=short --show-signature $commit >actual && | |
| 62 | grep "Good signature from" actual && exit 1 | |
| 63 | ! grep "BAD signature from" actual || exit 1 | |
| 64 | echo $commit OK | |
| 65 | done | |
| 66 | ) | |
| 67 | ' | |
| 68 | ||
| 69 | test_expect_success GPG 'detect fudged signature' ' | |
| 70 | git cat-file commit master >raw && | |
| 71 | ||
| 4b8d14b4 | 72 | sed -e "s/seventh/7th forged/" raw >forged1 && |
| 247503f2 JH |
73 | git hash-object -w -t commit forged1 >forged1.commit && |
| 74 | git show --pretty=short --show-signature $(cat forged1.commit) >actual1 && | |
| 75 | grep "BAD signature from" actual1 && | |
| 76 | ! grep "Good signature from" actual1 | |
| 77 | ' | |
| 78 | ||
| 79 | test_expect_success GPG 'detect fudged signature with NUL' ' | |
| 80 | git cat-file commit master >raw && | |
| 81 | cat raw >forged2 && | |
| 82 | echo Qwik | tr "Q" "\000" >>forged2 && | |
| 83 | git hash-object -w -t commit forged2 >forged2.commit && | |
| 84 | git show --pretty=short --show-signature $(cat forged2.commit) >actual2 && | |
| 85 | grep "BAD signature from" actual2 && | |
| 86 | ! grep "Good signature from" actual2 | |
| 87 | ' | |
| 88 | ||
| c871a1d1 JH |
89 | test_expect_success GPG 'amending already signed commit' ' |
| 90 | git checkout fourth-signed^0 && | |
| 91 | git commit --amend -S --no-edit && | |
| 92 | git show -s --show-signature HEAD >actual && | |
| 93 | grep "Good signature from" actual && | |
| 94 | ! grep "BAD signature from" actual | |
| 95 | ' | |
| 96 | ||
| 247503f2 | 97 | test_done |