From 2b2a3623c1cbc6b1654ca87933a9089274ad0804 Mon Sep 17 00:00:00 2001
From: Vitaly Chikunov <vt@altlinux.org>
Date: Sat, 12 Sep 2020 22:36:14 +0300
Subject: [PATCH] ima-evm-utils: Add test for sigfile reading

Test reading of detached IMA signature (--sigfile).

Suggested-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 tests/sign_verify.test | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/tests/sign_verify.test b/tests/sign_verify.test
index 4f08bed..288e133 100755
--- a/tests/sign_verify.test
+++ b/tests/sign_verify.test
@@ -100,7 +100,8 @@ _test_sigfile() {
     return "$FAIL"
   fi
 
-  rm "$file_sig" "$file_sig2"
+  # Leave '$file_sig' for ima_verify --sigfile test.
+  rm "$file_sig2"
 }
 
 # Run single sign command
@@ -261,9 +262,12 @@ sign_verify() {
 
     # Normal verify with proper key should pass
     expect_pass check_verify
+    expect_pass check_verify OPTS="--sigfile"
 
     # Multiple files and some don't verify
     expect_fail check_verify FILE="/dev/null $file"
+
+    rm "$FILE.sig"
   fi
 
   TYPE=evm