t / t7510-signed-commit.shon commit Merge branch 'sp/smart-http-failure-to-push' (200e96e)
   1#!/bin/sh
   2
   3test_description='signed commit tests'
   4. ./test-lib.sh
   5. "$TEST_DIRECTORY/lib-gpg.sh"
   6
   7test_expect_success GPG 'create signed commits' '
   8        echo 1 >file && git add file &&
   9        test_tick && git commit -S -m initial &&
  10        git tag initial &&
  11        git branch side &&
  12
  13        echo 2 >file && test_tick && git commit -a -S -m second &&
  14        git tag second &&
  15
  16        git checkout side &&
  17        echo 3 >elif && git add elif &&
  18        test_tick && git commit -m "third on side" &&
  19
  20        git checkout master &&
  21        test_tick && git merge -S side &&
  22        git tag merge &&
  23
  24        echo 4 >file && test_tick && git commit -a -m "fourth unsigned" &&
  25        git tag fourth-unsigned &&
  26
  27        test_tick && git commit --amend -S -m "fourth signed" &&
  28        git tag fourth-signed
  29'
  30
  31test_expect_success GPG 'show signatures' '
  32        (
  33                for commit in initial second merge master
  34                do
  35                        git show --pretty=short --show-signature $commit >actual &&
  36                        grep "Good signature from" actual || exit 1
  37                        ! grep "BAD signature from" actual || exit 1
  38                        echo $commit OK
  39                done
  40        ) &&
  41        (
  42                for commit in merge^2 fourth-unsigned
  43                do
  44                        git show --pretty=short --show-signature $commit >actual &&
  45                        grep "Good signature from" actual && exit 1
  46                        ! grep "BAD signature from" actual || exit 1
  47                        echo $commit OK
  48                done
  49        )
  50'
  51
  52test_expect_success GPG 'detect fudged signature' '
  53        git cat-file commit master >raw &&
  54
  55        sed -e "s/fourth signed/4th forged/" raw >forged1 &&
  56        git hash-object -w -t commit forged1 >forged1.commit &&
  57        git show --pretty=short --show-signature $(cat forged1.commit) >actual1 &&
  58        grep "BAD signature from" actual1 &&
  59        ! grep "Good signature from" actual1
  60'
  61
  62test_expect_success GPG 'detect fudged signature with NUL' '
  63        git cat-file commit master >raw &&
  64        cat raw >forged2 &&
  65        echo Qwik | tr "Q" "\000" >>forged2 &&
  66        git hash-object -w -t commit forged2 >forged2.commit &&
  67        git show --pretty=short --show-signature $(cat forged2.commit) >actual2 &&
  68        grep "BAD signature from" actual2 &&
  69        ! grep "Good signature from" actual2
  70'
  71
  72test_expect_success GPG 'amending already signed commit' '
  73        git checkout fourth-signed^0 &&
  74        git commit --amend -S --no-edit &&
  75        git show -s --show-signature HEAD >actual &&
  76        grep "Good signature from" actual &&
  77        ! grep "BAD signature from" actual
  78'
  79
  80test_done