From: Justin Tobler <jltobler@gmail.com>
To: git@vger.kernel.org
Cc: sandals@crustytoothpaste.net, christian.couder@gmail.com,
ps@pks.im, gitster@pobox.com, peff@peff.net,
Justin Tobler <jltobler@gmail.com>
Subject: [PATCH v6 2/3] gpg-interface: allow sign_buffer() to use default signing key
Date: Thu, 12 Mar 2026 20:39:37 -0500 [thread overview]
Message-ID: <20260313013938.2742124-3-jltobler@gmail.com> (raw)
In-Reply-To: <20260313013938.2742124-1-jltobler@gmail.com>
The `sign_commit_to_strbuf()` helper in "commit.c" provides fallback
logic to get the default configured signing key when a key is not
provided and handles generating the commit signature accordingly. This
signing operation is not really specific to commits as any arbitrary
buffer can be signed. Also, in a subsequent commit, this same logic is
reused by git-fast-import(1) when signing commits with invalid
signatures.
Remove the `sign_commit_to_strbuf()` helper from "commit.c" and extend
`sign_buffer()` in "gpg-interface.c" to support using the default key as
a fallback when the `SIGN_BUFFER_USE_DEFAULT_KEY` flag is provided. Call
sites are updated accordingly.
Signed-off-by: Justin Tobler <jltobler@gmail.com>
---
builtin/tag.c | 4 ++--
commit.c | 19 +++++--------------
gpg-interface.c | 13 +++++++++++--
gpg-interface.h | 12 ++++++++++--
send-pack.c | 2 +-
5 files changed, 29 insertions(+), 21 deletions(-)
diff --git a/builtin/tag.c b/builtin/tag.c
index aeb04c487f..540d783c67 100644
--- a/builtin/tag.c
+++ b/builtin/tag.c
@@ -167,7 +167,7 @@ static int do_sign(struct strbuf *buffer, struct object_id **compat_oid,
char *keyid = get_signing_key();
int ret = -1;
- if (sign_buffer(buffer, &sig, keyid))
+ if (sign_buffer(buffer, &sig, keyid, 0))
goto out;
if (compat) {
@@ -176,7 +176,7 @@ static int do_sign(struct strbuf *buffer, struct object_id **compat_oid,
if (convert_object_file(the_repository ,&compat_buf, algo, compat,
buffer->buf, buffer->len, OBJ_TAG, 1))
goto out;
- if (sign_buffer(&compat_buf, &compat_sig, keyid))
+ if (sign_buffer(&compat_buf, &compat_sig, keyid, 0))
goto out;
add_header_signature(&compat_buf, &sig, algo);
strbuf_addbuf(&compat_buf, &compat_sig);
diff --git a/commit.c b/commit.c
index d16ae73345..1b9b2d4499 100644
--- a/commit.c
+++ b/commit.c
@@ -1148,18 +1148,6 @@ int add_header_signature(struct strbuf *buf, struct strbuf *sig, const struct gi
return 0;
}
-static int sign_commit_to_strbuf(struct strbuf *sig, struct strbuf *buf, const char *keyid)
-{
- char *keyid_to_free = NULL;
- int ret = 0;
- if (!keyid || !*keyid)
- keyid = keyid_to_free = get_signing_key();
- if (sign_buffer(buf, sig, keyid))
- ret = -1;
- free(keyid_to_free);
- return ret;
-}
-
int parse_signed_commit(const struct commit *commit,
struct strbuf *payload, struct strbuf *signature,
const struct git_hash_algo *algop)
@@ -1737,7 +1725,8 @@ int commit_tree_extended(const char *msg, size_t msg_len,
oidcpy(&parent_buf[i++], &p->item->object.oid);
write_commit_tree(&buffer, msg, msg_len, tree, parent_buf, nparents, author, committer, extra);
- if (sign_commit && sign_commit_to_strbuf(&sig, &buffer, sign_commit)) {
+ if (sign_commit && sign_buffer(&buffer, &sig, sign_commit,
+ SIGN_BUFFER_USE_DEFAULT_KEY)) {
result = -1;
goto out;
}
@@ -1769,7 +1758,9 @@ int commit_tree_extended(const char *msg, size_t msg_len,
free_commit_extra_headers(compat_extra);
free(mapped_parents);
- if (sign_commit && sign_commit_to_strbuf(&compat_sig, &compat_buffer, sign_commit)) {
+ if (sign_commit && sign_buffer(&compat_buffer, &compat_sig,
+ sign_commit,
+ SIGN_BUFFER_USE_DEFAULT_KEY)) {
result = -1;
goto out;
}
diff --git a/gpg-interface.c b/gpg-interface.c
index 87fb6605fb..dca192d5c4 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -973,11 +973,20 @@ const char *gpg_trust_level_to_str(enum signature_trust_level level)
return sigcheck_gpg_trust_level[level].display_key;
}
-int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key)
+int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
+ const char *signing_key, enum sign_buffer_flags flags)
{
+ char *keyid_to_free = NULL;
+ int ret = 0;
+
gpg_interface_lazy_init();
- return use_format->sign_buffer(buffer, signature, signing_key);
+ if ((flags & SIGN_BUFFER_USE_DEFAULT_KEY) && (!signing_key || !*signing_key))
+ signing_key = keyid_to_free = get_signing_key();
+
+ ret = use_format->sign_buffer(buffer, signature, signing_key);
+ free(keyid_to_free);
+ return ret;
}
/*
diff --git a/gpg-interface.h b/gpg-interface.h
index 789d1ffac4..37f3ac42db 100644
--- a/gpg-interface.h
+++ b/gpg-interface.h
@@ -74,6 +74,15 @@ int parse_signature(const char *buf, size_t size, struct strbuf *payload, struct
*/
size_t parse_signed_buffer(const char *buf, size_t size);
+/* Flags for sign_buffer(). */
+enum sign_buffer_flags {
+ /*
+ * Use the default configured signing key as returned by `get_signing_key()`
+ * when the provided "signing_key" is NULL or empty.
+ */
+ SIGN_BUFFER_USE_DEFAULT_KEY = (1 << 0),
+};
+
/*
* Create a detached signature for the contents of "buffer" and append
* it after "signature"; "buffer" and "signature" can be the same
@@ -81,8 +90,7 @@ size_t parse_signed_buffer(const char *buf, size_t size);
* at the end. Returns 0 on success, non-zero on failure.
*/
int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
- const char *signing_key);
-
+ const char *signing_key, enum sign_buffer_flags flags);
/*
* Returns corresponding string in lowercase for a given member of
diff --git a/send-pack.c b/send-pack.c
index 67d6987b1c..07ecfae4de 100644
--- a/send-pack.c
+++ b/send-pack.c
@@ -391,7 +391,7 @@ static int generate_push_cert(struct strbuf *req_buf,
if (!update_seen)
goto free_return;
- if (sign_buffer(&cert, &cert, signing_key))
+ if (sign_buffer(&cert, &cert, signing_key, 0))
die(_("failed to sign the push certificate"));
packet_buf_write(req_buf, "push-cert%c%s", 0, cap_string);
--
2.53.0.381.g628a66ccf6
next prev parent reply other threads:[~2026-03-13 1:39 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-23 19:41 [PATCH 0/2] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-02-23 19:41 ` [PATCH 1/2] commit: remove unused forward declaration Justin Tobler
2026-02-24 9:35 ` Patrick Steinhardt
2026-02-23 19:41 ` [PATCH 2/2] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-02-24 9:33 ` Patrick Steinhardt
2026-02-24 18:33 ` Justin Tobler
2026-02-24 13:40 ` [PATCH 0/2] " Christian Couder
2026-02-24 22:41 ` brian m. carlson
2026-02-24 22:45 ` Junio C Hamano
2026-03-02 22:49 ` Justin Tobler
2026-03-06 20:53 ` [PATCH v2 0/3] " Justin Tobler
2026-03-06 20:53 ` [PATCH v2 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-06 20:53 ` [PATCH v2 2/3] gpg-interface: introduce sign_buffer_with_key() Justin Tobler
2026-03-10 9:01 ` Christian Couder
2026-03-10 18:04 ` Justin Tobler
2026-03-06 20:53 ` [PATCH v2 3/3] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-03-10 9:27 ` Christian Couder
2026-03-10 18:09 ` Justin Tobler
2026-03-10 20:11 ` [PATCH v3 0/3] " Justin Tobler
2026-03-10 20:11 ` [PATCH v3 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-10 22:29 ` Junio C Hamano
2026-03-10 20:11 ` [PATCH v3 2/3] gpg-interface: introduce sign_buffer_with_key() Justin Tobler
2026-03-10 22:33 ` Junio C Hamano
2026-03-10 20:11 ` [PATCH v3 3/3] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-03-10 20:49 ` [PATCH v3 0/3] " Junio C Hamano
2026-03-10 21:06 ` Justin Tobler
2026-03-10 21:20 ` Junio C Hamano
2026-03-10 22:13 ` Justin Tobler
2026-03-10 22:39 ` Junio C Hamano
2026-03-10 23:03 ` Justin Tobler
2026-03-11 17:31 ` [PATCH v4 " Justin Tobler
2026-03-11 17:31 ` [PATCH v4 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-11 17:31 ` [PATCH v4 2/3] gpg-interface: introduce sign_buffer_with_key() Justin Tobler
2026-03-12 10:22 ` Patrick Steinhardt
2026-03-12 13:58 ` Justin Tobler
2026-03-11 17:31 ` [PATCH v4 3/3] fast-import: add mode to sign commits with invalid signatures Justin Tobler
2026-03-12 10:23 ` Patrick Steinhardt
2026-03-12 14:08 ` Justin Tobler
2026-03-12 14:22 ` Patrick Steinhardt
2026-03-12 17:21 ` Justin Tobler
2026-03-12 19:22 ` [PATCH v5 0/3] fast-import: add mode to re-sign invalid commit signatures Justin Tobler
2026-03-12 19:22 ` [PATCH v5 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-12 19:22 ` [PATCH v5 2/3] gpg-interface: allow sign_buffer() to use default signing key Justin Tobler
2026-03-12 20:20 ` Junio C Hamano
2026-03-12 20:24 ` Justin Tobler
2026-03-12 19:22 ` [PATCH v5 3/3] fast-import: add mode to sign commits with invalid signatures Justin Tobler
2026-03-12 20:20 ` Junio C Hamano
2026-03-12 20:29 ` Justin Tobler
2026-03-12 23:58 ` Jeff King
2026-03-13 0:17 ` Justin Tobler
2026-03-12 20:20 ` [PATCH v5 0/3] fast-import: add mode to re-sign invalid commit signatures Junio C Hamano
2026-03-12 20:30 ` Justin Tobler
2026-03-13 1:39 ` [PATCH v6 " Justin Tobler
2026-03-13 1:39 ` [PATCH v6 1/3] commit: remove unused forward declaration Justin Tobler
2026-03-13 1:39 ` Justin Tobler [this message]
2026-03-13 6:31 ` [PATCH v6 2/3] gpg-interface: allow sign_buffer() to use default signing key Patrick Steinhardt
2026-03-13 1:39 ` [PATCH v6 3/3] fast-import: add mode to sign commits with invalid signatures Justin Tobler
2026-03-13 6:31 ` Patrick Steinhardt
2026-03-13 4:29 ` [PATCH v6 0/3] fast-import: add mode to re-sign invalid commit signatures Junio C Hamano
2026-03-13 6:31 ` Patrick Steinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260313013938.2742124-3-jltobler@gmail.com \
--to=jltobler@gmail.com \
--cc=christian.couder@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
--cc=ps@pks.im \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox