Add latest changes from gitlab-org/gitlab@master

2 files changed, 45 insertions, 0 deletions

diff --git a/lib/gitlab/x509/signature.rb b/lib/gitlab/x509/signature.rb
index ed248e29211..7d4d4d9d13a 100644
--- a/lib/gitlab/x509/signature.rb
+++ b/lib/gitlab/x509/signature.rb
@@ -22,6 +22,10 @@ module Gitlab
         X509Certificate.safe_create!(certificate_attributes) unless verified_signature.nil?
       end
 
+      def user
+        User.find_by_any_email(@email)
+      end
+
       def verified_signature
         strong_memoize(:verified_signature) { verified_signature? }
       end
diff --git a/lib/gitlab/x509/tag.rb b/lib/gitlab/x509/tag.rb
new file mode 100644
index 00000000000..48582c17764
--- /dev/null
+++ b/lib/gitlab/x509/tag.rb
@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+require 'openssl'
+require 'digest'
+
+module Gitlab
+  module X509
+    class Tag
+      include Gitlab::Utils::StrongMemoize
+
+      def initialize(raw_tag)
+        @raw_tag = raw_tag
+      end
+
+      def signature
+        signature = X509::Signature.new(signature_text, signed_text, @raw_tag.tagger.email, Time.at(@raw_tag.tagger.date.seconds))
+
+        return if signature.verified_signature.nil?
+
+        signature
+      end
+
+      private
+
+      def signature_text
+        @raw_tag.message.slice(@raw_tag.message.index("-----BEGIN SIGNED MESSAGE-----")..-1)
+      rescue
+        nil
+      end
+
+      def signed_text
+        # signed text is reconstructed as long as there is no specific gitaly function
+        %{object #{@raw_tag.target_commit.id}
+type commit
+tag #{@raw_tag.name}
+tagger #{@raw_tag.tagger.name} <#{@raw_tag.tagger.email}> #{@raw_tag.tagger.date.seconds} #{@raw_tag.tagger.timezone}
+
+#{@raw_tag.message.gsub(/-----BEGIN SIGNED MESSAGE-----(.*)-----END SIGNED MESSAGE-----/m, "")}}
+      end
+    end
+  end
+end