GPG signature verification fails incorrectly for commits with empty message

[castedo]

I've hit this problem in my messy dev environment. I figure I should make a PR for a nice clean repo case as a unit test. Do you have a recommendation on where commit signature verification test cases should go?

An example of a GPG signed commit that I am 95% sure will fail incorrectly is this one:

https://archive.softwareheritage.org/api/1/revision/92b3f55bcec30906a39796c90018475bc1cbabb7/

I think the problem is the calling of _format_message with an argument of self._message to the body parameter:

dulwich/dulwich/objects.py

Line 1576 in e7e83d6

return list(_format_message(headers, self._message))

When the commit message is empty, I believe this causes the newline on this line:

dulwich/dulwich/objects.py

Line 730 in e7e83d6

yield b"\n" # There must be a new line after the headers

that is inside the if statement (instead of above it) to not get output (when it should). But when a signature-less commit is generated on this line:

dulwich/dulwich/objects.py

Line 1531 in e7e83d6

self_without_gpgsig.as_raw_string(),

the GPG signature verification will fail when the commit has an empty commit message, because a newline will be missing at the end.

[jelmer]

Tests for signatures should probably just live in dulwich.objects, probably as a separate testcase that calls skipTest in its setUp() if the gpg module is not present.

[castedo]

I've got a nice clean reproduction case for this issue based on the unit test case I just added for PR #1438.

STEPS:

From PR #1438, inside tests/compat/test_porcelain.py CommitCreateSignTestCase.test_verify, change the message string "foo" to simply an empty string "".

RESULT:
the commit.verify() and the unit test will fail.