From: Fabian Stelzer <fs@gigacodes.de>
To: git@vger.kernel.org
Cc: "Junio C Hamano" <gitster@pobox.com>,
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>,
"Eric Sunshine" <sunshine@sunshineco.com>,
"Fabian Stelzer" <fs@gigacodes.de>
Subject: [RFC PATCH 2/2] crypto sign: add cryptoSign.* config
Date: Mon, 20 Dec 2021 15:09:28 +0100 [thread overview]
Message-ID: <20211220140928.1205586-3-fs@gigacodes.de> (raw)
In-Reply-To: <20211220140928.1205586-1-fs@gigacodes.de>
Since git now supports multiple cryptographic methods/formats to sign
objects, the `gpg.` configuration prefix is misleading.
Add `cryptoSign.`, but keep `gpg.` as a compatibility alias at least for
all existing options.
`gpg.mintrustlevel` is moved to `cryptosign.gpg.mintrustlevel` while
also still allowing the former.
---
Documentation/config/gpg.txt | 31 ++++++++++++++++++++-----------
gpg-interface.c | 30 ++++++++++++++++++++++--------
2 files changed, 42 insertions(+), 19 deletions(-)
diff --git a/Documentation/config/gpg.txt b/Documentation/config/gpg.txt
index 4f30c7dbdd..ef21eb8249 100644
--- a/Documentation/config/gpg.txt
+++ b/Documentation/config/gpg.txt
@@ -1,6 +1,17 @@
gpg.program::
- Use this custom program instead of "`gpg`" found on `$PATH` when
- making or verifying a PGP signature. The program must support the
+ Deprecated alias for `cryptoSign.<format>.program`.
+
+cryptoSign.format::
+gpg.format::
+ Specifies which key format to use when signing with `--crypto-sign`.
+ Default is "openpgp". Other possible values are "x509", "ssh".
+
+cryptoSign.<format>.program::
+gpg.<format>.program::
+ Use this to customize the program used for the signing format you
+ chose (see `cryptoSign.format`). The default value for
+ `gpg.x509.program` is "gpgsm" and `gpg.ssh.program` is "ssh-keygen".
+ With the format set to "opengpg" or "x509" the program must support the
same command-line interface as GPG, namely, to verify a detached
signature, "`gpg --verify $signature - <$file`" is run, and the
program is expected to signal a good signature by exiting with
@@ -8,17 +19,12 @@ gpg.program::
standard input of "`gpg -bsau $key`" is fed with the contents to be
signed, and the program is expected to send the result to its
standard output.
+ If the format is "ssh", then the configured program must implement the
+ `ssh-keygen -Y find-principals|check-novalidate|verify|sign` commands
+ (see ssh-keygen(1) man page).
-gpg.format::
- Specifies which key format to use when signing with `--gpg-sign`.
- Default is "openpgp". Other possible values are "x509", "ssh".
-
-gpg.<format>.program::
- Use this to customize the program used for the signing format you
- chose. (see `gpg.program` and `gpg.format`) `gpg.program` can still
- be used as a legacy synonym for `gpg.openpgp.program`. The default
- value for `gpg.x509.program` is "gpgsm" and `gpg.ssh.program` is "ssh-keygen".
+crpytoSign.gpg.minTrustLevel::
gpg.minTrustLevel::
Specifies a minimum trust level for signature verification. If
this option is unset, then signature verification for merge
@@ -34,12 +40,14 @@ gpg.minTrustLevel::
* `fully`
* `ultimate`
+cryptoSign.ssh.defaultKeyCommand::
gpg.ssh.defaultKeyCommand:
This command that will be run when user.signingkey is not set and a ssh
signature is requested. On successful exit a valid ssh public key is
expected in the first line of its output. To automatically use the first
available key from your ssh-agent set this to "ssh-add -L".
+cryptoSign.ssh.allowedSignersFile::
gpg.ssh.allowedSignersFile::
A file containing ssh public keys which you are willing to trust.
The file consists of one or more lines of principals followed by an ssh
@@ -67,6 +75,7 @@ This way only committers with an already valid key can add or change keys in the
Using a SSH CA key with the cert-authority option
(see ssh-keygen(1) "CERTIFICATES") is also valid.
+cryptoSign.ssh.revocationFile::
gpg.ssh.revocationFile::
Either a SSH KRL or a list of revoked public keys (without the principal prefix).
See ssh-keygen(1) for details.
diff --git a/gpg-interface.c b/gpg-interface.c
index 3e7255a2a9..eacafcd56e 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -638,6 +638,7 @@ int git_gpg_config(const char *var, const char *value, void *cb)
struct gpg_format *fmt = NULL;
char *fmtname = NULL;
char *trust;
+ const char *crypto_var = NULL;
int ret;
if (!strcmp(var, "user.signingkey")) {
@@ -647,7 +648,17 @@ int git_gpg_config(const char *var, const char *value, void *cb)
return 0;
}
- if (!strcmp(var, "gpg.format")) {
+ /*
+ * `gpg.` is a backwards compatibility prefix alias for `cryptosign.`
+ * All following vars expect a prefix so we can return early if
+ * there is none
+ */
+ if (!skip_prefix(var, "gpg.", &crypto_var) &&
+ !skip_prefix(var, "cryptosign.", &crypto_var))
+ return 0;
+
+
+ if (!strcmp(crypto_var, "format")) {
if (!value)
return config_error_nonbool(var);
fmt = get_format_by_name(value);
@@ -658,7 +669,9 @@ int git_gpg_config(const char *var, const char *value, void *cb)
return 0;
}
- if (!strcmp(var, "gpg.mintrustlevel")) {
+ /* `gpg.mintrustlevel` moved to `cryptosign.gpg.mintrustlevel` */
+ if (!strcmp(crypto_var, "mintrustlevel") ||
+ !strcmp(crypto_var, "gpg.mintrustlevel")) {
if (!value)
return config_error_nonbool(var);
@@ -672,31 +685,32 @@ int git_gpg_config(const char *var, const char *value, void *cb)
return 0;
}
- if (!strcmp(var, "gpg.ssh.defaultkeycommand")) {
+ if (!strcmp(crypto_var, "ssh.defaultkeycommand")) {
if (!value)
return config_error_nonbool(var);
return git_config_string(&ssh_default_key_command, var, value);
}
- if (!strcmp(var, "gpg.ssh.allowedsignersfile")) {
+ if (!strcmp(crypto_var, "ssh.allowedsignersfile")) {
if (!value)
return config_error_nonbool(var);
return git_config_pathname(&ssh_allowed_signers, var, value);
}
- if (!strcmp(var, "gpg.ssh.revocationfile")) {
+ if (!strcmp(crypto_var, "ssh.revocationfile")) {
if (!value)
return config_error_nonbool(var);
return git_config_pathname(&ssh_revocation_file, var, value);
}
- if (!strcmp(var, "gpg.program") || !strcmp(var, "gpg.openpgp.program"))
+ if (!strcmp(crypto_var, "program") ||
+ !strcmp(crypto_var, "openpgp.program"))
fmtname = "openpgp";
- if (!strcmp(var, "gpg.x509.program"))
+ if (!strcmp(crypto_var, "x509.program"))
fmtname = "x509";
- if (!strcmp(var, "gpg.ssh.program"))
+ if (!strcmp(crypto_var, "ssh.program"))
fmtname = "ssh";
if (fmtname) {
--
2.33.1
next prev parent reply other threads:[~2021-12-20 14:09 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-20 14:09 [RFC PATCH 0/2] cryptoSign flag & config Fabian Stelzer
2021-12-20 14:09 ` [RFC PATCH 1/2] crypto sign: add crypto-sign alias flag Fabian Stelzer
2021-12-20 21:54 ` Junio C Hamano
2021-12-21 9:37 ` Fabian Stelzer
2021-12-20 14:09 ` Fabian Stelzer [this message]
2021-12-20 22:07 ` [RFC PATCH 2/2] crypto sign: add cryptoSign.* config Eric Sunshine
2021-12-21 9:39 ` Fabian Stelzer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211220140928.1205586-3-fs@gigacodes.de \
--to=fs@gigacodes.de \
--cc=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=sunshine@sunshineco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).