From: Justin Tobler <jltobler@gmail.com>
To: git@vger.kernel.org
Cc: sandals@crustytoothpaste.net, christian.couder@gmail.com,
ps@pks.im, gitster@pobox.com, peff@peff.net,
Justin Tobler <jltobler@gmail.com>
Subject: [PATCH v6 2/3] gpg-interface: allow sign_buffer() to use default signing key
Date: Thu, 12 Mar 2026 20:39:37 -0500 [thread overview]
Message-ID: <20260313013938.2742124-3-jltobler@gmail.com> (raw)
In-Reply-To: <20260313013938.2742124-1-jltobler@gmail.com>
The `sign_commit_to_strbuf()` helper in "commit.c" provides fallback
logic to get the default configured signing key when a key is not
provided and handles generating the commit signature accordingly. This
signing operation is not really specific to commits as any arbitrary
buffer can be signed. Also, in a subsequent commit, this same logic is
reused by git-fast-import(1) when signing commits with invalid
signatures.
Remove the `sign_commit_to_strbuf()` helper from "commit.c" and extend
`sign_buffer()` in "gpg-interface.c" to support using the default key as
a fallback when the `SIGN_BUFFER_USE_DEFAULT_KEY` flag is provided. Call
sites are updated accordingly.
Signed-off-by: Justin Tobler <jltobler@gmail.com>
---
builtin/tag.c | 4 ++--
commit.c | 19 +++++--------------
gpg-interface.c | 13 +++++++++++--
gpg-interface.h | 12 ++++++++++--
send-pack.c | 2 +-
5 files changed, 29 insertions(+), 21 deletions(-)
diff --git a/builtin/tag.c b/builtin/tag.c
index aeb04c487f..540d783c67 100644
--- a/builtin/tag.c
+++ b/builtin/tag.c
@@ -167,7 +167,7 @@ static int do_sign(struct strbuf *buffer, struct object_id **compat_oid,
char *keyid = get_signing_key();
int ret = -1;
- if (sign_buffer(buffer, &sig, keyid))
+ if (sign_buffer(buffer, &sig, keyid, 0))
goto out;
if (compat) {
@@ -176,7 +176,7 @@ static int do_sign(struct strbuf *buffer, struct object_id **compat_oid,
if (convert_object_file(the_repository ,&compat_buf, algo, compat,
buffer->buf, buffer->len, OBJ_TAG, 1))
goto out;
- if (sign_buffer(&compat_buf, &compat_sig, keyid))
+ if (sign_buffer(&compat_buf, &compat_sig, keyid, 0))
goto out;
add_header_signature(&compat_buf, &sig, algo);
strbuf_addbuf(&compat_buf, &compat_sig);
diff --git a/commit.c b/commit.c
index d16ae73345..1b9b2d4499 100644
--- a/commit.c
+++ b/commit.c
@@ -1148,18 +1148,6 @@ int add_header_signature(struct strbuf *buf, struct strbuf *sig, const struct gi
return 0;
}
-static int sign_commit_to_strbuf(struct strbuf *sig, struct strbuf *buf, const char *keyid)
-{
- char *keyid_to_free = NULL;
- int ret = 0;
- if (!keyid || !*keyid)
- keyid = keyid_to_free = get_signing_key();
- if (sign_buffer(buf, sig, keyid))
- ret = -1;
- free(keyid_to_free);
- return ret;
-}
-
int parse_signed_commit(const struct commit *commit,
struct strbuf *payload, struct strbuf *signature,
const struct git_hash_algo *algop)
@@ -1737,7 +1725,8 @@ int commit_tree_extended(const char *msg, size_t msg_len,
oidcpy(&parent_buf[i++], &p->item->object.oid);
write_commit_tree(&buffer, msg, msg_len, tree, parent_buf, nparents, author, committer, extra);
- if (sign_commit && sign_commit_to_strbuf(&sig, &buffer, sign_commit)) {
+ if (sign_commit && sign_buffer(&buffer, &sig, sign_commit,
+ SIGN_BUFFER_USE_DEFAULT_KEY)) {
result = -1;
goto out;
}
@@ -1769,7 +1758,9 @@ int commit_tree_extended(const char *msg, size_t msg_len,
free_commit_extra_headers(compat_extra);
free(mapped_parents);
- if (sign_commit && sign_commit_to_strbuf(&compat_sig, &compat_buffer, sign_commit)) {
+ if (sign_commit && sign_buffer(&compat_buffer, &compat_sig,
+ sign_commit,
+ SIGN_BUFFER_USE_DEFAULT_KEY)) {
result = -1;
goto out;
}
diff --git a/gpg-interface.c b/gpg-interface.c
index 87fb6605fb..dca192d5c4 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -973,11 +973,20 @@ const char *gpg_trust_level_to_str(enum signature_trust_level level)
return sigcheck_gpg_trust_level[level].display_key;
}
-int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key)
+int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
+ const char *signing_key, enum sign_buffer_flags flags)
{
+ char *keyid_to_free = NULL;
+ int ret = 0;
+
gpg_interface_lazy_init();
- return use_format->sign_buffer(buffer, signature, signing_key);
+ if ((flags & SIGN_BUFFER_USE_DEFAULT_KEY) && (!signing_key || !*signing_key))
+ signing_key = keyid_to_free = get_signing_key();
+
+ ret = use_format->sign_buffer(buffer, signature, signing_key);
+ free(keyid_to_free);
+ return ret;
}
/*
diff --git a/gpg-interface.h b/gpg-interface.h
index 789d1ffac4..37f3ac42db 100644
--- a/gpg-interface.h
+++ b/gpg-interface.h
@@ -74,6 +74,15 @@ int parse_signature(const char *buf, size_t size, struct strbuf *payload, struct
*/
size_t parse_signed_buffer(const char *buf, size_t size);
+/* Flags for sign_buffer(). */
+enum sign_buffer_flags {
+ /*
+ * Use the default configured signing key as returned by `get_signing_key()`
+ * when the provided "signing_key" is NULL or empty.
+ */
+ SIGN_BUFFER_USE_DEFAULT_KEY = (1 << 0),
+};
+
/*
* Create a detached signature for the contents of "buffer" and append
* it after "signature"; "buffer" and "signature" can be the same
@@ -81,8 +90,7 @@ size_t parse_signed_buffer(const char *buf, size_t size);
* at the end. Returns 0 on success, non-zero on failure.
*/
int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
- const char *signing_key);
-
+ const char *signing_key, enum sign_buffer_flags flags);
/*
* Returns corresponding string in lowercase for a given member of
diff --git a/send-pack.c b/send-pack.c
index 67d6987b1c..07ecfae4de 100644
--- a/send-pack.c
+++ b/send-pack.c
@@ -391,7 +391,7 @@ static int generate_push_cert(struct strbuf *req_buf,
if (!update_seen)
goto free_return;
- if (sign_buffer(&cert, &cert, signing_key))
+ if (sign_buffer(&cert, &cert, signing_key, 0))
die(_("failed to sign the push certificate"));
packet_buf_write(req_buf, "push-cert%c%s", 0, cap_string);
--
2.53.0.381.g628a66ccf6
next prev parent reply other threads:[~2026-03-13 1:39 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-23 19:41 [PATCH 0/2] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-02-23 19:41 ` [PATCH 1/2] commit: remove unused forward declaration Justin Tobler
2026-02-24 9:35 ` Patrick Steinhardt
2026-02-23 19:41 ` [PATCH 2/2] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-02-24 9:33 ` Patrick Steinhardt
2026-02-24 18:33 ` Justin Tobler
2026-02-24 13:40 ` [PATCH 0/2] " Christian Couder
2026-02-24 22:41 ` brian m. carlson
2026-02-24 22:45 ` Junio C Hamano
2026-03-02 22:49 ` Justin Tobler
2026-03-06 20:53 ` [PATCH v2 0/3] " Justin Tobler
2026-03-06 20:53 ` [PATCH v2 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-06 20:53 ` [PATCH v2 2/3] gpg-interface: introduce sign_buffer_with_key() Justin Tobler
2026-03-10 9:01 ` Christian Couder
2026-03-10 18:04 ` Justin Tobler
2026-03-06 20:53 ` [PATCH v2 3/3] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-03-10 9:27 ` Christian Couder
2026-03-10 18:09 ` Justin Tobler
2026-03-10 20:11 ` [PATCH v3 0/3] " Justin Tobler
2026-03-10 20:11 ` [PATCH v3 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-10 22:29 ` Junio C Hamano
2026-03-10 20:11 ` [PATCH v3 2/3] gpg-interface: introduce sign_buffer_with_key() Justin Tobler
2026-03-10 22:33 ` Junio C Hamano
2026-03-10 20:11 ` [PATCH v3 3/3] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-03-10 20:49 ` [PATCH v3 0/3] " Junio C Hamano
2026-03-10 21:06 ` Justin Tobler
2026-03-10 21:20 ` Junio C Hamano
2026-03-10 22:13 ` Justin Tobler
2026-03-10 22:39 ` Junio C Hamano
2026-03-10 23:03 ` Justin Tobler
2026-03-11 17:31 ` [PATCH v4 " Justin Tobler
2026-03-11 17:31 ` [PATCH v4 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-11 17:31 ` [PATCH v4 2/3] gpg-interface: introduce sign_buffer_with_key() Justin Tobler
2026-03-12 10:22 ` Patrick Steinhardt
2026-03-12 13:58 ` Justin Tobler
2026-03-11 17:31 ` [PATCH v4 3/3] fast-import: add mode to sign commits with invalid signatures Justin Tobler
2026-03-12 10:23 ` Patrick Steinhardt
2026-03-12 14:08 ` Justin Tobler
2026-03-12 14:22 ` Patrick Steinhardt
2026-03-12 17:21 ` Justin Tobler
2026-03-12 19:22 ` [PATCH v5 0/3] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-03-12 19:22 ` [PATCH v5 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-12 19:22 ` [PATCH v5 2/3] gpg-interface: allow sign_buffer() to use default signing key Justin Tobler
2026-03-12 20:20 ` Junio C Hamano
2026-03-12 20:24 ` Justin Tobler
2026-03-12 19:22 ` [PATCH v5 3/3] fast-import: add mode to sign commits with invalid signatures Justin Tobler
2026-03-12 20:20 ` Junio C Hamano
2026-03-12 20:29 ` Justin Tobler
2026-03-12 23:58 ` Jeff King
2026-03-13 0:17 ` Justin Tobler
2026-03-12 20:20 ` [PATCH v5 0/3] fast-import: add mode to re-sign invalid commit signatures Junio C Hamano
2026-03-12 20:30 ` Justin Tobler
2026-03-13 1:39 ` [PATCH v6 " Justin Tobler
2026-03-13 1:39 ` [PATCH v6 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-13 1:39 ` Justin Tobler [this message]
2026-03-13 6:31 ` [PATCH v6 2/3] gpg-interface: allow sign_buffer() to use default signing key Patrick Steinhardt
2026-03-13 1:39 ` [PATCH v6 3/3] fast-import: add mode to sign commits with invalid signatures Justin Tobler
2026-03-13 6:31 ` Patrick Steinhardt
2026-03-13 4:29 ` [PATCH v6 0/3] fast-import: add mode to re-sign invalid commit signatures Junio C Hamano
2026-03-13 6:31 ` Patrick Steinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260313013938.2742124-3-jltobler@gmail.com \
--to=jltobler@gmail.com \
--cc=christian.couder@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
--cc=ps@pks.im \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.