commit: use expected signature header for SHA-256
The transition plan anticipates that we will allow signatures using multiple algorithms in a single commit. In order to do so, we need to use a different header per algorithm so that it will be obvious over which data to compute the signature. The transition plan specifies that we should use "gpgsig-sha256", so wire up the commit code such that it can write and parse the current algorithm, and it can remove the headers for any algorithm when creating a new commit. Add tests to ensure that we write using the right header and that git fsck doesn't reject these commits. Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
brian m. carlson
committed by
Junio C Hamano
Junio C Hamano
parent
e02a7141f8
commit
42d4e1d112
30
commit.c
30
commit.c
@ -961,14 +961,22 @@ cleanup_return:
|
||||
return ret;
|
||||
}
|
||||
|
||||
static const char gpg_sig_header[] = "gpgsig";
|
||||
static const int gpg_sig_header_len = sizeof(gpg_sig_header) - 1;
|
||||
/*
|
||||
* Indexed by hash algorithm identifier.
|
||||
*/
|
||||
static const char *gpg_sig_headers[] = {
|
||||
NULL,
|
||||
"gpgsig",
|
||||
"gpgsig-sha256",
|
||||
};
|
||||
|
||||
static int do_sign_commit(struct strbuf *buf, const char *keyid)
|
||||
{
|
||||
struct strbuf sig = STRBUF_INIT;
|
||||
int inspos, copypos;
|
||||
const char *eoh;
|
||||
const char *gpg_sig_header = gpg_sig_headers[hash_algo_by_ptr(the_hash_algo)];
|
||||
int gpg_sig_header_len = strlen(gpg_sig_header);
|
||||
|
||||
/* find the end of the header */
|
||||
eoh = strstr(buf->buf, "\n\n");
|
||||
@ -1010,6 +1018,8 @@ int parse_signed_commit(const struct commit *commit,
|
||||
const char *buffer = get_commit_buffer(commit, &size);
|
||||
int in_signature, saw_signature = -1;
|
||||
const char *line, *tail;
|
||||
const char *gpg_sig_header = gpg_sig_headers[hash_algo_by_ptr(the_hash_algo)];
|
||||
int gpg_sig_header_len = strlen(gpg_sig_header);
|
||||
|
||||
line = buffer;
|
||||
tail = buffer + size;
|
||||
@ -1056,11 +1066,17 @@ int remove_signature(struct strbuf *buf)
|
||||
|
||||
if (in_signature && line[0] == ' ')
|
||||
sig_end = next;
|
||||
else if (starts_with(line, gpg_sig_header) &&
|
||||
line[gpg_sig_header_len] == ' ') {
|
||||
sig_start = line;
|
||||
sig_end = next;
|
||||
in_signature = 1;
|
||||
else if (starts_with(line, "gpgsig")) {
|
||||
int i;
|
||||
for (i = 1; i < GIT_HASH_NALGOS; i++) {
|
||||
const char *p;
|
||||
if (skip_prefix(line, gpg_sig_headers[i], &p) &&
|
||||
*p == ' ') {
|
||||
sig_start = line;
|
||||
sig_end = next;
|
||||
in_signature = 1;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (*line == '\n')
|
||||
/* dump the whole remainder of the buffer */
|
||||
|
||||
Reference in New Issue
Block a user