On Fri, Sep 10 2021, Fabian Stelzer via GitGitGadget wrote:
> From: Fabian Stelzer <fs@xxxxxxxxxxxx>
>
> Test that verify-commit/tag will fail when a gpg key is completely
> unknown. To do this we have to generate a key, use it for a signature
> and delete it from our keyring aferwards completely.
>
> Signed-off-by: Fabian Stelzer <fs@xxxxxxxxxxxx>
> ---
> t/t7510-signed-commit.sh | 29 ++++++++++++++++++++++++++++-
> 1 file changed, 28 insertions(+), 1 deletion(-)
>
> diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh
> index 8df5a74f1db..d65a0171f29 100755
> --- a/t/t7510-signed-commit.sh
> +++ b/t/t7510-signed-commit.sh
> @@ -71,7 +71,25 @@ test_expect_success GPG 'create signed commits' '
> git tag eleventh-signed $(cat oid) &&
> echo 12 | git commit-tree --gpg-sign=B7227189 HEAD^{tree} >oid &&
> test_line_count = 1 oid &&
> - git tag twelfth-signed-alt $(cat oid)
> + git tag twelfth-signed-alt $(cat oid) &&
> +
> + cat >keydetails <<-\EOF &&
> + Key-Type: RSA
> + Key-Length: 2048
> + Subkey-Type: RSA
> + Subkey-Length: 2048
> + Name-Real: Unknown User
> + Name-Email: unknown@xxxxxxx
> + Expire-Date: 0
> + %no-ask-passphrase
> + %no-protection
> + EOF
> + gpg --batch --gen-key keydetails &&
> + echo 13 >file && git commit -a -S"unknown@xxxxxxx" -m thirteenth &&
> + git tag thirteenth-signed &&
> + DELETE_FINGERPRINT=$(gpg -K --with-colons --fingerprint --batch unknown@xxxxxxx | grep "^fpr" | head -n 1 | awk -F ":" "{print \$10;}") &&
> + gpg --batch --yes --delete-secret-keys $DELETE_FINGERPRINT &&
> + gpg --batch --yes --delete-keys unknown@xxxxxxx
> '
>
> test_expect_success GPG 'verify and show signatures' '
> @@ -110,6 +128,13 @@ test_expect_success GPG 'verify and show signatures' '
> )
> '
>
> +test_expect_success GPG 'verify-commit exits failure on unknown signature' '
> + test_must_fail git verify-commit thirteenth-signed 2>actual &&
> + ! grep "Good signature from" actual &&
> + ! grep "BAD signature from" actual &&
> + grep -q -F -e "No public key" -e "public key not found" actual
> +'
> +
> test_expect_success GPG 'verify-commit exits success on untrusted signature' '
> git verify-commit eighth-signed-alt 2>actual &&
> grep "Good signature from" actual &&
> @@ -338,6 +363,8 @@ test_expect_success GPG 'show double signature with custom format' '
> '
>
>
> +# NEEDSWORK: This test relies on the test_tick commit/author dates from the first
> +# 'create signed commits' test even though it creates its own
> test_expect_success GPG 'verify-commit verifies multiply signed commits' '
> git init multiply-signed &&
> cd multiply-signed &&
The t7510-signed-commit.sh script hangs on startup with this change, and
with -vx we show:
[...]
++ git tag twelfth-signed-alt 17f06d503ee50df92746c17f6cced6feb5940cf5
++ cat
++ gpg --batch --gen-key keydetails
gpg: skipping control `%no-protection' ()
This is on a CentOS 7.9 box on the GCC Farm:
[avar@gcc135 t]$ uname -a ; gpg --version
Linux gcc135.osuosl.org 4.18.0-80.7.2.el7.ppc64le #1 SMP Thu Sep 12 15:45:05 UTC 2019 ppc64le ppc64le ppc64le GNU/Linux
gpg (GnuPG) 2.0.22
libgcrypt 1.5.3
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ?, ?, ELG, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
