summaryrefslogtreecommitdiffstats
path: root/t/t7004-tag.sh
diff options
context:
space:
mode:
authorHenning Schild <henning.schild@siemens.com>2018-07-20 10:28:07 +0200
committerJunio C Hamano <gitster@pobox.com>2018-07-20 17:41:42 +0200
commit53fc999306af60213e18b3ffd4c0347e4a88af0a (patch)
tree93da297efbc28c5d9a0d04ee767d1e02fd5cb29c /t/t7004-tag.sh
parentgpg-interface: introduce new signature format "x509" using gpgsm (diff)
downloadgit-53fc999306af60213e18b3ffd4c0347e4a88af0a.tar.xz
git-53fc999306af60213e18b3ffd4c0347e4a88af0a.zip
gpg-interface t: extend the existing GPG tests with GPGSM
Add test cases to cover the new X509/gpgsm support. Most of them resemble existing ones. They just switch the format to x509 and set the signingkey when creating signatures. Validation of signatures does not need any configuration of git, it does need gpgsm to be configured to trust the key(-chain). Several of the testcases build on top of existing gpg testcases. The commit ships a self-signed key for committer@example.com and configures gpgsm to trust it. Signed-off-by: Henning Schild <henning.schild@siemens.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t7004-tag.sh')
-rwxr-xr-xt/t7004-tag.sh13
1 files changed, 13 insertions, 0 deletions
diff --git a/t/t7004-tag.sh b/t/t7004-tag.sh
index d7b319e919..2147938aa1 100755
--- a/t/t7004-tag.sh
+++ b/t/t7004-tag.sh
@@ -1354,6 +1354,19 @@ test_expect_success GPG \
'test_config gpg.program echo &&
test_must_fail git tag -s -m tail tag-gpg-failure'
+# try to sign with bad user.signingkey
+test_expect_success GPGSM \
+ 'git tag -s fails if gpgsm is misconfigured (bad key)' \
+ 'test_config user.signingkey BobTheMouse &&
+ test_config gpg.format x509 &&
+ test_must_fail git tag -s -m tail tag-gpg-failure'
+
+# try to produce invalid signature
+test_expect_success GPGSM \
+ 'git tag -s fails if gpgsm is misconfigured (bad signature format)' \
+ 'test_config gpg.x509.program echo &&
+ test_config gpg.format x509 &&
+ test_must_fail git tag -s -m tail tag-gpg-failure'
# try to verify without gpg: