aboutsummaryrefslogtreecommitdiff
path: root/t/t7510-signed-commit.sh
diff options
context:
space:
mode:
authorJunio C Hamano <gitster@pobox.com>2021-10-12 10:35:19 -0700
committerJunio C Hamano <gitster@pobox.com>2021-10-12 10:35:19 -0700
commite8191a52657ecfc12928cfe9eada80a883111ef2 (patch)
tree31e4a1539d8a8fd19e7c65de777f6bf9b577dfdf /t/t7510-signed-commit.sh
parent2a97289ad8b103625d3a1a12f66c27f50df822ce (diff)
parent1bfb57f642d34dc4b65be3602bb429abd9f32b58 (diff)
downloadgit-e8191a52657ecfc12928cfe9eada80a883111ef2.tar.xz
Merge branch 'fs/ssh-signing' into fs/ssh-signing-fix
* fs/ssh-signing: ssh signing: test that gpg fails for unknown keys ssh signing: tests for logs, tags & push certs ssh signing: duplicate t7510 tests for commits ssh signing: verify signatures using ssh-keygen ssh signing: provide a textual signing_key_id ssh signing: retrieve a default key from ssh-agent ssh signing: add ssh key format and signing code ssh signing: add test prereqs ssh signing: preliminary refactoring and clean-up
Diffstat (limited to 't/t7510-signed-commit.sh')
-rwxr-xr-xt/t7510-signed-commit.sh29
1 files changed, 28 insertions, 1 deletions
diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh
index 8df5a74f1d..d65a0171f2 100755
--- a/t/t7510-signed-commit.sh
+++ b/t/t7510-signed-commit.sh
@@ -71,7 +71,25 @@ test_expect_success GPG 'create signed commits' '
git tag eleventh-signed $(cat oid) &&
echo 12 | git commit-tree --gpg-sign=B7227189 HEAD^{tree} >oid &&
test_line_count = 1 oid &&
- git tag twelfth-signed-alt $(cat oid)
+ git tag twelfth-signed-alt $(cat oid) &&
+
+ cat >keydetails <<-\EOF &&
+ Key-Type: RSA
+ Key-Length: 2048
+ Subkey-Type: RSA
+ Subkey-Length: 2048
+ Name-Real: Unknown User
+ Name-Email: unknown@git.com
+ Expire-Date: 0
+ %no-ask-passphrase
+ %no-protection
+ EOF
+ gpg --batch --gen-key keydetails &&
+ echo 13 >file && git commit -a -S"unknown@git.com" -m thirteenth &&
+ git tag thirteenth-signed &&
+ DELETE_FINGERPRINT=$(gpg -K --with-colons --fingerprint --batch unknown@git.com | grep "^fpr" | head -n 1 | awk -F ":" "{print \$10;}") &&
+ gpg --batch --yes --delete-secret-keys $DELETE_FINGERPRINT &&
+ gpg --batch --yes --delete-keys unknown@git.com
'
test_expect_success GPG 'verify and show signatures' '
@@ -110,6 +128,13 @@ test_expect_success GPG 'verify and show signatures' '
)
'
+test_expect_success GPG 'verify-commit exits failure on unknown signature' '
+ test_must_fail git verify-commit thirteenth-signed 2>actual &&
+ ! grep "Good signature from" actual &&
+ ! grep "BAD signature from" actual &&
+ grep -q -F -e "No public key" -e "public key not found" actual
+'
+
test_expect_success GPG 'verify-commit exits success on untrusted signature' '
git verify-commit eighth-signed-alt 2>actual &&
grep "Good signature from" actual &&
@@ -338,6 +363,8 @@ test_expect_success GPG 'show double signature with custom format' '
'
+# NEEDSWORK: This test relies on the test_tick commit/author dates from the first
+# 'create signed commits' test even though it creates its own
test_expect_success GPG 'verify-commit verifies multiply signed commits' '
git init multiply-signed &&
cd multiply-signed &&
generated by cgit v1.3 (git 2.53.0) at 2026-04-15 22:07:01 +0000