Add an API to verify a commit signature explicitly

We have a bunch of APIs to do GPG verification of a commit, but that doesn't generalize to signapi. Further, they require the caller to check the signature status explicitly which seems like a trap. This much higher level API works with both GPG and signapi. The intention is to use this in things that are doing "external pulls" like the ostree-ext tar import support. There we will get the commitmeta from the tarball and we want to verify it at the same time we import the commit.
author: Colin Walters <walters@verbum.org> 2021-04-12 18:42:05 -0400
committer: Colin Walters <walters@verbum.org> 2021-08-30 13:27:38 -0400
commit: 359435de843ce2a1e94941c24ec4ddd7d5a7bccb (patch)
tree: e1d745d1575c30526c7d5074a285703fe720bc45 /Makefile-tests.am
parent: 30909a28f2aff54b615837a184f53509cbccc381 (diff)
download: ostree-359435de843ce2a1e94941c24ec4ddd7d5a7bccb.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/Makefile-tests.am b/Makefile-tests.am
index 81fe2b76..efbcad9a 100644
--- a/Makefile-tests.am
+++ b/Makefile-tests.am
@@ -391,6 +391,10 @@ tests_test_rfc2616_dates_SOURCES = \
 tests_test_rfc2616_dates_CFLAGS = $(TESTS_CFLAGS)
 tests_test_rfc2616_dates_LDADD = $(TESTS_LDADD)
 
+noinst_PROGRAMS += tests/test-commit-sign-sh-ext
+tests_test_commit_sign_sh_ext_CFLAGS = $(TESTS_CFLAGS)
+tests_test_commit_sign_sh_ext_LDADD = $(TESTS_LDADD)
+
 if USE_GPGME
 tests_test_gpg_verify_result_SOURCES = \
 	src/libostree/ostree-gpg-verify-result-private.h \
author	Colin Walters <walters@verbum.org>	2021-04-12 18:42:05 -0400
committer	Colin Walters <walters@verbum.org>	2021-08-30 13:27:38 -0400
commit	359435de843ce2a1e94941c24ec4ddd7d5a7bccb (patch)
tree	e1d745d1575c30526c7d5074a285703fe720bc45 /Makefile-tests.am
parent	30909a28f2aff54b615837a184f53509cbccc381 (diff)
download	ostree-359435de843ce2a1e94941c24ec4ddd7d5a7bccb.tar.gz