File Coverage

blib/lib/Test/Signature.pm
Criterion Covered Total %
statement 27 35 77.1
branch 3 8 37.5
condition 2 6 33.3
subroutine 8 10 80.0
pod 2 4 50.0
total 42 63 66.6


line stmt bran cond sub pod time code
1             package Test::Signature;
2              
3 1     1   14533 use 5.005;
  1         4  
  1         43  
4 1     1   4 use strict;
  1         1  
  1         29  
5 1     1   3 use vars qw( $VERSION @ISA @EXPORT @EXPORT_OK );
  1         4  
  1         82  
6 1     1   6 use Exporter;
  1         2  
  1         56  
7 1     1   5 use Test::Builder;
  1         2  
  1         46  
8              
9             BEGIN {
10 1     1   1 $VERSION = '1.11';
11 1         9 @ISA = qw( Exporter );
12 1         2 @EXPORT = qw( signature_ok );
13 1         364 @EXPORT_OK = qw( signature_force_ok );
14             }
15              
16             my $test = Test::Builder->new();
17              
18             =head1 NAME
19              
20             Test::Signature - Automated SIGNATURE testing
21              
22             =head1 SYNOPSIS
23              
24             # This is actually the t/0-signature.t file from this distribution.
25             use Test::More tests => 1;
26             use Test::Signature;
27              
28             signature_ok();
29              
30             =head1 ABSTRACT
31              
32             C verifies that the C generated
33             signature of a module is correct.
34              
35             =head1 DESCRIPTION
36              
37             C allows you to verify that a distribution has
38             not been tampered with. C lets that be tested
39             as part of the distribution's test suite.
40              
41             By default, if C is not installed then it will just
42             say so and not fail the test. That can be overridden though.
43              
44             B: This is not a substitute for the users verifying
45             the distribution themselves. By the time this module is run, the
46             users will have already run your F or F scripts
47             which could have been compromised.
48              
49             This module is more for ensuring you've updated your signature
50             appropriately before distributing, and for preventing accidental
51             errors during transmission or packaging.
52              
53             =cut
54              
55             =head1 FUNCTIONS
56              
57             C is exported by default. C must be
58             explicitly exported.
59              
60             =head2 signature_ok()
61              
62             This will test that the C generated signature
63             is valid for the distribution. It can be given two optional parameters.
64             The first is a name for the test. The default is C.
65             The second is whether a lack of C should be regarded
66             as a failure. The default is C<0> meaning 'no'.
67              
68             # Test with defaults
69             signature_ok()
70             # Test with custom name
71             signature_ok( "Is the signature valid?" );
72             # Test with custom name and force C to exist
73             signature_ok( "Is the signature valid?", 1 );
74             # Test without custom name, but forcing
75             signature_ok( undef, 1 );
76              
77             =cut
78              
79 1     1 0 6 sub action_skip { $test->skip( $_[0] ) }
80 0     0 0 0 sub action_ok { $test->ok( 0, $_[0] ) }
81              
82             sub signature_ok {
83 1   50 1 1 8 my $name = shift || 'Valid signature';
84 1   50     4 my $force = shift || 0;
85 1 50       3 my $action = $force ? \&action_ok : \&action_skip;
86             SKIP: {
87 1 50       1 if ( !-s 'SIGNATURE' ) {
  1 50       11  
    0          
88 0         0 $action->("No SIGNATURE file found.");
89             }
90 1         159 elsif ( !eval { require Module::Signature; 1 } ) {
  0         0  
91 1         3 $action->(
92             "Next time around, consider installing Module::Signature, "
93             . "so you can verify the integrity of this distribution." );
94             }
95 0           elsif ( !eval { require Socket; Socket::inet_aton('pgp.mit.edu') } ) {
  0            
96 0           $action->("Cannot connect to the keyserver.");
97             }
98             else {
99 0           $test->ok( Module::Signature::verify(skip => 1) ==
100             Module::Signature::SIGNATURE_OK() => $name );
101             }
102             }
103             }
104              
105             =head2 signature_force_ok()
106              
107             This is equivalent to calling C<< signature_ok( $name, 1 ) >>
108             but is more readable.
109              
110             # These are equivalent:
111             signature_force_ok( "Is our signature valid?" );
112             signature_ok( "Is our signature valid?", 1);
113              
114             # These are equivalent:
115             signature_force_ok();
116             signature_ok( undef, 1 );
117              
118             =cut
119              
120             sub signature_force_ok {
121 0   0 0 1   signature_ok( $_[0] || undef, 1 );
122             }
123              
124             1;
125             __END__