Add a test for valid signature using an unknown public key

(The key was one-time-generated in a temporary directory, and is, intentionally, not available.) This is not conceptually related to the rest of the PR, just adding a missing case to the test, except that the added fixture will be reused in a prSignedBy test.
2025-08-01 23:07:51 +00:00 · 2016-05-30 20:41:49 +02:00 · 2016-05-30 20:41:49 +02:00 · e2839c38c5
commit e2839c38c5
parent ee7c5ebae9
2 changed files with 7 additions and 0 deletions
--- a/signature/fixtures/unknown-key.signature
+++ b/signature/fixtures/unknown-key.signature
--- a/signature/mechanism_test.go
+++ b/signature/mechanism_test.go
@ -138,5 +138,12 @@ func TestGPGSigningMechanismVerify(t *testing.T) {
 	require.NoError(t, err)
 	content, signingFingerprint, err = mech.Verify(signature)
 	assertSigningError(t, content, signingFingerprint, err)
+
+	// Valid signature with an unknown key
+	signature, err = ioutil.ReadFile("./fixtures/unknown-key.signature")
+	require.NoError(t, err)
+	content, signingFingerprint, err = mech.Verify(signature)
+	assertSigningError(t, content, signingFingerprint, err)
+
 	// The various GPG/GPGME failures cases are not obviously easy to reach.
 }