From 1fb5cf0da657ef046c4eb4d0de6f2defb2fb09c6 Mon Sep 17 00:00:00 2001 From: "brian m. carlson" Date: Mon, 18 Jan 2021 23:49:11 +0000 Subject: commit: ignore additional signatures when parsing signed commits When we create a commit with multiple signatures, neither of these signatures includes the other. Consequently, when we produce the payload which has been signed so we can verify the commit, we must strip off any other signatures, or the payload will differ from what was signed. Do so, and in preparation for verifying with multiple algorithms, pass the algorithm we want to verify into parse_signed_commit. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano --- commit.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'commit.h') diff --git a/commit.h b/commit.h index f4e7b0158e..030aa65ab8 100644 --- a/commit.h +++ b/commit.h @@ -317,7 +317,8 @@ void set_merge_remote_desc(struct commit *commit, struct commit *get_merge_parent(const char *name); int parse_signed_commit(const struct commit *commit, - struct strbuf *message, struct strbuf *signature); + struct strbuf *message, struct strbuf *signature, + const struct git_hash_algo *algop); int remove_signature(struct strbuf *buf); /* -- cgit v1.2.3 From 937032e14aaf1eab59c96dd78938be1c48c648e1 Mon Sep 17 00:00:00 2001 From: "brian m. carlson" Date: Thu, 11 Feb 2021 02:08:04 +0000 Subject: commit: allow parsing arbitrary buffers with headers Currently only commits are signed with headers. However, in the future, we'll also sign tags with headers as well. Let's refactor out a function called parse_buffer_signed_by_header which does exactly that. In addition, since we'll want to sign things other than commits this way, let's call the function sign_with_header instead of do_sign_commit. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano --- commit.h | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'commit.h') diff --git a/commit.h b/commit.h index 030aa65ab8..e2856ce8ef 100644 --- a/commit.h +++ b/commit.h @@ -360,4 +360,13 @@ int compare_commits_by_gen_then_commit_date(const void *a_, const void *b_, void LAST_ARG_MUST_BE_NULL int run_commit_hook(int editor_is_used, const char *index_file, const char *name, ...); +/* Sign a commit or tag buffer, storing the result in a header. */ +int sign_with_header(struct strbuf *buf, const char *keyid); +/* Parse the signature out of a header. */ +int parse_buffer_signed_by_header(const char *buffer, + unsigned long size, + struct strbuf *payload, + struct strbuf *signature, + const struct git_hash_algo *algop); + #endif /* COMMIT_H */ -- cgit v1.2.3