From: Junio C Hamano <gitster@pobox.com>
To: git@vger.kernel.org
Subject: [PATCH v6 14/23] gpg-interface: move parse_signature() to where it should be
Date: Wed, 17 Sep 2014 15:45:49 -0700 [thread overview]
Message-ID: <1410993958-32394-15-git-send-email-gitster@pobox.com> (raw)
In-Reply-To: <1410993958-32394-1-git-send-email-gitster@pobox.com>
Our signed-tag objects set the standard format used by Git to store
GPG-signed payload (i.e. the payload followed by its detached
signature) [*1*], and it made sense to have a helper to find the
boundary between the payload and its signature in tag.c back then.
Newer code added later to parse other kinds of objects that learned
to use the same format to store GPG-signed payload (e.g. signed
commits), however, kept using the helper from the same location.
Move it to gpg-interface; the helper is no longer about signed tag,
but it is how our code and data interact with GPG.
[Reference]
*1* http://thread.gmane.org/gmane.linux.kernel/297998/focus=1383
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
Unchanged since v5.
gpg-interface.c | 21 +++++++++++++++++++++
gpg-interface.h | 1 +
tag.c | 20 --------------------
tag.h | 1 -
4 files changed, 22 insertions(+), 21 deletions(-)
diff --git a/gpg-interface.c b/gpg-interface.c
index 3c9624c..0dd11ea 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -7,6 +7,9 @@
static char *configured_signing_key;
static const char *gpg_program = "gpg";
+#define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
+#define PGP_MESSAGE "-----BEGIN PGP MESSAGE-----"
+
void signature_check_clear(struct signature_check *sigc)
{
free(sigc->payload);
@@ -57,6 +60,24 @@ void parse_gpg_output(struct signature_check *sigc)
}
}
+/*
+ * Look at GPG signed content (e.g. a signed tag object), whose
+ * payload is followed by a detached signature on it. Return the
+ * offset where the embedded detached signature begins, or the end of
+ * the data when there is no such signature.
+ */
+size_t parse_signature(const char *buf, unsigned long size)
+{
+ char *eol;
+ size_t len = 0;
+ while (len < size && !starts_with(buf + len, PGP_SIGNATURE) &&
+ !starts_with(buf + len, PGP_MESSAGE)) {
+ eol = memchr(buf + len, '\n', size - len);
+ len += eol ? eol - (buf + len) + 1 : size - len;
+ }
+ return len;
+}
+
void set_signing_key(const char *key)
{
free(configured_signing_key);
diff --git a/gpg-interface.h b/gpg-interface.h
index 82493b7..87a4f2e 100644
--- a/gpg-interface.h
+++ b/gpg-interface.h
@@ -20,6 +20,7 @@ struct signature_check {
};
extern void signature_check_clear(struct signature_check *sigc);
+extern size_t parse_signature(const char *buf, unsigned long size);
extern void parse_gpg_output(struct signature_check *);
extern int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key);
extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output, struct strbuf *gpg_status);
diff --git a/tag.c b/tag.c
index 82d841b..5b0ac62 100644
--- a/tag.c
+++ b/tag.c
@@ -4,9 +4,6 @@
#include "tree.h"
#include "blob.h"
-#define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
-#define PGP_MESSAGE "-----BEGIN PGP MESSAGE-----"
-
const char *tag_type = "tag";
struct object *deref_tag(struct object *o, const char *warn, int warnlen)
@@ -143,20 +140,3 @@ int parse_tag(struct tag *item)
free(data);
return ret;
}
-
-/*
- * Look at a signed tag object, and return the offset where
- * the embedded detached signature begins, or the end of the
- * data when there is no such signature.
- */
-size_t parse_signature(const char *buf, unsigned long size)
-{
- char *eol;
- size_t len = 0;
- while (len < size && !starts_with(buf + len, PGP_SIGNATURE) &&
- !starts_with(buf + len, PGP_MESSAGE)) {
- eol = memchr(buf + len, '\n', size - len);
- len += eol ? eol - (buf + len) + 1 : size - len;
- }
- return len;
-}
diff --git a/tag.h b/tag.h
index bc8a1e4..f4580ae 100644
--- a/tag.h
+++ b/tag.h
@@ -17,6 +17,5 @@ extern int parse_tag_buffer(struct tag *item, const void *data, unsigned long si
extern int parse_tag(struct tag *item);
extern struct object *deref_tag(struct object *, const char *, int);
extern struct object *deref_tag_noverify(struct object *);
-extern size_t parse_signature(const char *buf, unsigned long size);
#endif /* TAG_H */
--
2.1.0-403-g099cf47
next prev parent reply other threads:[~2014-09-17 22:47 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-17 22:45 [PATCH v6 00/23] Signed push Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 01/23] receive-pack: do not overallocate command structure Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 02/23] receive-pack: parse feature request a bit earlier Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 03/23] receive-pack: do not reuse old_sha1[] for other things Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 04/23] receive-pack: factor out queueing of command Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 05/23] send-pack: move REF_STATUS_REJECT_NODELETE logic a bit higher Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 06/23] send-pack: refactor decision to send update per ref Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 07/23] send-pack: always send capabilities Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 08/23] send-pack: factor out capability string generation Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 09/23] receive-pack: " Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 10/23] send-pack: rename "new_refs" to "need_pack_data" Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 11/23] send-pack: refactor inspecting and resetting status and sending commands Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 12/23] send-pack: clarify that cmds_sent is a boolean Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 13/23] gpg-interface: move parse_gpg_output() to where it should be Junio C Hamano
2014-09-17 22:45 ` Junio C Hamano [this message]
2014-09-17 22:45 ` [PATCH v6 15/23] pack-protocol doc: typofix for PKT-LINE Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 16/23] push: the beginning of "git push --signed" Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 17/23] receive-pack: GPG-validate push certificates Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 18/23] send-pack: send feature request on push-cert packet Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 19/23] signed push: remove duplicated protocol info Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 20/23] signed push: add "pushee" header to push certificate Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 21/23] signed push: fortify against replay attacks Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 22/23] signed push: teach smart-HTTP to pass "git push --signed" around Junio C Hamano
2014-09-17 22:45 ` [PATCH v6 23/23] signed push: allow stale nonce in stateless mode Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1410993958-32394-15-git-send-email-gitster@pobox.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).