This mixes the "git verify-commit" tests in with the "git show --show-signature" tests, to keep the tests more readable. The tests already mix in the "call show" tests with the "verify" tests. So in case of a test beakage, a '-v' run would be needed to reveal the exact point of breakage anyway. Additionally, test the actual output of "git verify-commit" and "git show --show-signature" and compare to "git cat-file". Signed-off-by: Michael J Gruber <git@xxxxxxxxxxxxxxxxxxxx> --- t/t7510-signed-commit.sh | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh index 96cfddf..dd4b948 100755 --- a/t/t7510-signed-commit.sh +++ b/t/t7510-signed-commit.sh @@ -45,10 +45,11 @@ test_expect_success GPG 'create signed commits' ' git tag seventh-signed ' -test_expect_success GPG 'show signatures' ' +test_expect_success GPG 'verify and show signatures' ' ( for commit in initial second merge fourth-signed fifth-signed sixth-signed master do + git verify-commit $commit && git show --pretty=short --show-signature $commit >actual && grep "Good signature from" actual && ! grep "BAD signature from" actual || exit 1 @@ -58,6 +59,7 @@ test_expect_success GPG 'show signatures' ' ( for commit in merge^2 fourth-unsigned sixth-unsigned seventh-unsigned do + test_must_fail git verify-commit $commit && git show --pretty=short --show-signature $commit >actual && ! grep "Good signature from" actual && ! grep "BAD signature from" actual || exit 1 @@ -66,11 +68,25 @@ test_expect_success GPG 'show signatures' ' ) ' +test_expect_success GPG 'show signed commit with signature' ' + git show -s initial >commit && + git show -s --show-signature initial >show && + git verify-commit -v initial >verify.1 2>verify.2 && + git cat-file commit initial >cat && + grep -v "gpg: " show >show.commit && + grep "gpg: " show >show.gpg && + grep -v "^ " cat | grep -v "^gpgsig " >cat.commit && + test_cmp show.commit commit && + test_cmp show.gpg verify.2 && + test_cmp cat.commit verify.1 +' + test_expect_success GPG 'detect fudged signature' ' git cat-file commit master >raw && sed -e "s/seventh/7th forged/" raw >forged1 && git hash-object -w -t commit forged1 >forged1.commit && + ! git verify-commit $(cat forged1.commit) && git show --pretty=short --show-signature $(cat forged1.commit) >actual1 && grep "BAD signature from" actual1 && ! grep "Good signature from" actual1 @@ -81,6 +97,7 @@ test_expect_success GPG 'detect fudged signature with NUL' ' cat raw >forged2 && echo Qwik | tr "Q" "\000" >>forged2 && git hash-object -w -t commit forged2 >forged2.commit && + ! git verify-commit $(cat forged2.commit) && git show --pretty=short --show-signature $(cat forged2.commit) >actual2 && grep "BAD signature from" actual2 && ! grep "Good signature from" actual2 @@ -89,6 +106,7 @@ test_expect_success GPG 'detect fudged signature with NUL' ' test_expect_success GPG 'amending already signed commit' ' git checkout fourth-signed^0 && git commit --amend -S --no-edit && + git verify-commit HEAD && git show -s --show-signature HEAD >actual && grep "Good signature from" actual && ! grep "BAD signature from" actual -- 2.0.0.426.g37dbf84 -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html