Add Testcases for time-stamping functionality

This commit adds testcases for the new time-stamping functionality. To trigger these testcases, the environment variables $GIT_TEST_TSA_URL and $GIT_TEST_TSA_CAPATH have to be set. They do not default to any value to avoid spamming a pre-defined Time Stamping Authority (TSA). As testing the RFC3161 functionality without a trusted time-stamp signature is not possible, all tests are disabled by default. Signed-off-by: Anton Würfel <anton.wuerfel@fau.de> Signed-off-by: Phillip Raffeck <phillip.raffeck@fau.de>

Add Testcases for time-stamping functionality
d008a0b2 · Anton Wuerfel · 667dcbfb · d008a0b2
Commit d008a0b2 authored 9 years ago by Anton Wuerfel
--- a/t/t7031-verify-tag.sh
+++ b/t/t7031-verify-tag.sh
+#!/bin/sh
+test_description='signed time-stamped tag tests'
+. ./test-lib.sh
+. "$TEST_DIRECTORY/lib-gpg.sh"
+# Tests for RFC3161 implementation
+if test -n "$NO_OPENSSL"
+then
+	skip_all='skipping test, git built without openssl support'
+	test_done
+fi
+# Disable remote tests by default to avoid spamming of TSAs and to be able to
+# test without internet connection
+if test -z "$GIT_TEST_TSA_URL"
+then
+	skip_all='Remote TSA testing disabled (set GIT_TEST_TSA_URL to enable)'
+	test_done
+fi
+if test -z "$GIT_TEST_TSA_CAPATH"
+then
+	skip_all='Remote TSA testing disabled (set GIT_TEST_TSA_CAPATH to enable)'
+	test_done
+fi
+test_expect_success 'create a tag with a timestamp signature' '
+	git config ts.tsaurl $GIT_TEST_TSA_URL &&
+	git config ts.capath $GIT_TEST_TSA_CAPATH &&
+	git config ts.failonverify 1 &&
+	test_tick &&
+	echo foo > foo &&
+	git add foo &&
+	git commit -m foo &&
+	git tag -t -m onlytime tsa_onlytime
+'
+test_expect_success GPG 'create a tag with gpg and timestamp signatures' '
+	echo foobar > bar &&
+	git add bar &&
+	git commit -m test123 &&
+	git tag -s -t -m tsa_both tsa_both
+'
+test_expect_success 'verify tag with gpg and timestamp signature' '
+	git verify-tag tsa_both
+'
+test_expect_success 'verify tag with timestamp signature' '
+	test_must_fail git verify-tag tsa_onlytime
+'
+test_expect_success 'verify tag with timestamp signature with -t' '
+	git verify-tag -t tsa_onlytime
+'
+test_expect_success 'verify fudged timestamp' '
+	git cat-file tag tsa_onlytime >raw &&
+	sed -e "s/onlytime/morethantime/" raw >forged1 &&
+	git hash-object -w -t tag forged1 >forged1.tag &&
+	test_must_fail git verify-tag $(cat forged1.tag) >actual1 2>&1 &&
+	grep "BAD time-stamp signature" actual1 &&
+	! grep "Verified timestamp" actual1
+'
+test_done