sign/ed25519: Output failed signatures in error message

To aid debuggability, when we find a commit that isn't signed
by our expected key, output a specific error message with the
key.

(And then add code to switch to just printing the count beyond 3
 because the test suite injects 100 keys and hopefully no one
 ever actually does that)

1 files changed, 3 insertions, 2 deletions

diff --git a/tests/test-signed-commit.sh b/tests/test-signed-commit.sh
index 4dcf38a4..6bdbfdd6 100755
--- a/tests/test-signed-commit.sh
+++ b/tests/test-signed-commit.sh
@@ -148,9 +148,10 @@ for((i=0;i<100;i++)); do
     gen_ed25519_random_public
 done > ${PUBKEYS}
 # Check if file contain no valid signatures
-if ${CMD_PREFIX} ostree --repo=${test_tmpdir}/repo sign --verify --sign-type=ed25519 --keys-file=${PUBKEYS} ${COMMIT}; then
-    exit 1
+if ${CMD_PREFIX} ostree --repo=${test_tmpdir}/repo sign --verify --sign-type=ed25519 --keys-file=${PUBKEYS} ${COMMIT} 2>err.txt; then
+    fatal "validated with no signatures"
 fi
+assert_file_has_content err.txt 'error:.* ed25519: Signature couldn.t be verified; tried 100 keys'
 # Check if no valid signatures provided via args&file
 if ${CMD_PREFIX} ostree --repo=${test_tmpdir}/repo sign --verify --sign-type=ed25519 --keys-file=${PUBKEYS} ${COMMIT} ${WRONG_PUBLIC}; then
     exit 1