(command.CommandList children: [ (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:test_description) op: assign_op.Equal rhs: {(SQ (Token id:Id.Lit_Chars val:'merge signature verification tests' span_id:6))} spids: [4] ) ] ) (C {(.)} {(./test-lib.sh)}) (C {(.)} {(DQ ($ Id.VSub_DollarName '$TEST_DIRECTORY') (/lib-gpg.sh))}) (C {(test_expect_success)} {(GPG)} {(SQ (Token id:Id.Lit_Chars val:'create signed commits' span_id:26))} { (SQ (Token id:Id.Lit_Chars val:'\n' span_id:30) (Token id:Id.Lit_Chars val:'\techo 1 >file && git add file &&\n' span_id:31) (Token id:Id.Lit_Chars val:'\ttest_tick && git commit -m initial &&\n' span_id:32) (Token id:Id.Lit_Chars val:'\tgit tag initial &&\n' span_id:33) (Token id:Id.Lit_Chars val:'\n' span_id:34) (Token id:Id.Lit_Chars val:'\tgit checkout -b side-signed &&\n' span_id:35) (Token id:Id.Lit_Chars val:'\techo 3 >elif && git add elif &&\n' span_id:36) (Token id: Id.Lit_Chars val: '\ttest_tick && git commit -S -m "signed on side" &&\n' span_id: 37 ) (Token id:Id.Lit_Chars val:'\tgit checkout initial &&\n' span_id:38) (Token id:Id.Lit_Chars val:'\n' span_id:39) (Token id:Id.Lit_Chars val:'\tgit checkout -b side-unsigned &&\n' span_id:40) (Token id:Id.Lit_Chars val:'\techo 3 >foo && git add foo &&\n' span_id:41) (Token id:Id.Lit_Chars val:'\ttest_tick && git commit -m "unsigned on side" &&\n' span_id:42) (Token id:Id.Lit_Chars val:'\tgit checkout initial &&\n' span_id:43) (Token id:Id.Lit_Chars val:'\n' span_id:44) (Token id:Id.Lit_Chars val:'\tgit checkout -b side-bad &&\n' span_id:45) (Token id:Id.Lit_Chars val:'\techo 3 >bar && git add bar &&\n' span_id:46) (Token id: Id.Lit_Chars val: '\ttest_tick && git commit -S -m "bad on side" &&\n' span_id: 47 ) (Token id:Id.Lit_Chars val:'\tgit cat-file commit side-bad >raw &&\n' span_id:48) (Token id: Id.Lit_Chars val: '\tsed -e "s/bad/forged bad/" raw >forged &&\n' span_id: 49 ) (Token id:Id.Lit_Chars val:'\tgit hash-object -w -t commit forged >forged.commit &&\n' span_id:50) (Token id:Id.Lit_Chars val:'\tgit checkout initial &&\n' span_id:51) (Token id:Id.Lit_Chars val:'\n' span_id:52) (Token id:Id.Lit_Chars val:'\tgit checkout -b side-untrusted &&\n' span_id:53) (Token id:Id.Lit_Chars val:'\techo 3 >baz && git add baz &&\n' span_id:54) (Token id: Id.Lit_Chars val: '\ttest_tick && git commit -SB7227189 -m "untrusted on side" &&\n' span_id: 55 ) (Token id:Id.Lit_Chars val:'\n' span_id:56) (Token id:Id.Lit_Chars val:'\tgit checkout master\n' span_id:57) ) } ) (C {(test_expect_success)} {(GPG)} {(SQ (Token id:Id.Lit_Chars val:'merge unsigned commit with verification' span_id:66))} { (SQ (Token id:Id.Lit_Chars val:'\n' span_id:70) (Token id: Id.Lit_Chars val: '\ttest_must_fail git merge --ff-only --verify-signatures side-unsigned 2>mergeerror &&\n' span_id: 71 ) (Token id:Id.Lit_Chars val:'\ttest_i18ngrep "does not have a GPG signature" mergeerror\n' span_id:72) ) } ) (C {(test_expect_success)} {(GPG)} { (SQ (Token id: Id.Lit_Chars val: 'merge commit with bad signature with verification' span_id: 81 ) ) } { (SQ (Token id:Id.Lit_Chars val:'\n' span_id:85) (Token id: Id.Lit_Chars val: '\ttest_must_fail git merge --ff-only --verify-signatures $(cat forged.commit) 2>mergeerror &&\n' span_id: 86 ) (Token id:Id.Lit_Chars val:'\ttest_i18ngrep "has a bad GPG signature" mergeerror\n' span_id:87) ) } ) (C {(test_expect_success)} {(GPG)} { (SQ (Token id: Id.Lit_Chars val: 'merge commit with untrusted signature with verification' span_id: 96 ) ) } { (SQ (Token id:Id.Lit_Chars val:'\n' span_id:100) (Token id: Id.Lit_Chars val: '\ttest_must_fail git merge --ff-only --verify-signatures side-untrusted 2>mergeerror &&\n' span_id: 101 ) (Token id: Id.Lit_Chars val: '\ttest_i18ngrep "has an untrusted GPG signature" mergeerror\n' span_id: 102 ) ) } ) (C {(test_expect_success)} {(GPG)} {(SQ (Token id:Id.Lit_Chars val:'merge signed commit with verification' span_id:111))} { (SQ (Token id:Id.Lit_Chars val:'\n' span_id:115) (Token id: Id.Lit_Chars val: '\tgit merge --verbose --ff-only --verify-signatures side-signed >mergeoutput &&\n' span_id: 116 ) (Token id:Id.Lit_Chars val:'\ttest_i18ngrep "has a good GPG signature" mergeoutput\n' span_id:117) ) } ) (C {(test_expect_success)} {(GPG)} { (SQ (Token id: Id.Lit_Chars val: 'merge commit with bad signature without verification' span_id: 126 ) ) } { (SQ (Token id:Id.Lit_Chars val:'\n' span_id:130) (Token id:Id.Lit_Chars val:'\tgit merge $(cat forged.commit)\n' span_id:131) ) } ) (C {(test_done)}) ] )