diff options
author | Colin Walters <walters@verbum.org> | 2020-06-16 13:18:07 +0000 |
---|---|---|
committer | Denis Pynkin <denis.pynkin@collabora.com> | 2020-06-16 18:20:54 +0300 |
commit | 1f3c8c5b3de978f6e069c24938967f823cce7ee8 (patch) | |
tree | ed6ee9422e086f6233f2cc4b8a4e3628adecb439 /tests/test-signed-commit.sh | |
parent | fa70ab417b81691135f329d69c3335f4119dda0e (diff) | |
download | ostree-1f3c8c5b3de978f6e069c24938967f823cce7ee8.tar.gz |
sign/ed25519: Output failed signatures in error message
To aid debuggability, when we find a commit that isn't signed
by our expected key, output a specific error message with the
key.
(And then add code to switch to just printing the count beyond 3
because the test suite injects 100 keys and hopefully no one
ever actually does that)
Diffstat (limited to 'tests/test-signed-commit.sh')
-rwxr-xr-x | tests/test-signed-commit.sh | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/tests/test-signed-commit.sh b/tests/test-signed-commit.sh index 4dcf38a4..6bdbfdd6 100755 --- a/tests/test-signed-commit.sh +++ b/tests/test-signed-commit.sh @@ -148,9 +148,10 @@ for((i=0;i<100;i++)); do gen_ed25519_random_public done > ${PUBKEYS} # Check if file contain no valid signatures -if ${CMD_PREFIX} ostree --repo=${test_tmpdir}/repo sign --verify --sign-type=ed25519 --keys-file=${PUBKEYS} ${COMMIT}; then - exit 1 +if ${CMD_PREFIX} ostree --repo=${test_tmpdir}/repo sign --verify --sign-type=ed25519 --keys-file=${PUBKEYS} ${COMMIT} 2>err.txt; then + fatal "validated with no signatures" fi +assert_file_has_content err.txt 'error:.* ed25519: Signature couldn.t be verified; tried 100 keys' # Check if no valid signatures provided via args&file if ${CMD_PREFIX} ostree --repo=${test_tmpdir}/repo sign --verify --sign-type=ed25519 --keys-file=${PUBKEYS} ${COMMIT} ${WRONG_PUBLIC}; then exit 1 |