mirrors/git
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gpg-interface: improve interface for parsing tags

Browse Source 
We have a function which parses a buffer with a signature at the end,
parse_signature, and this function is used for signed tags.  However,
we'll need to store values for multiple algorithms, and we'll do this by
using a header for the non-default algorithm.

Adjust the parse_signature interface to store the parsed data in two
strbufs and turn the existing function into parse_signed_buffer.  The
latter is still used in places where we know we always have a signed
buffer, such as push certs.

Adjust all the callers to deal with this new interface.

Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
brian m. carlson
2021-02-11 02:08:03 +00:00
committed by Junio C Hamano
parent 1fb5cf0da6
commit 482c119186
9 changed files with 87 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
fmt-merge-msg.c
View File

@ -509,22 +509,28 @@ static void fmt_merge_msg_sigs(struct strbuf *out)
for (i = 0; i < origins.nr; i++) {
struct object_id *oid = origins.items[i].util;
enum object_type type;
unsigned long size, len;
unsigned long size;
char *buf = read_object_file(oid, &type, &size);
char *origbuf = buf;
unsigned long len = size;
struct signature_check sigc = { NULL };
struct strbuf sig = STRBUF_INIT;
struct strbuf payload = STRBUF_INIT, sig = STRBUF_INIT;
if (!buf || type != OBJ_TAG)
goto next;
len = parse_signature(buf, size);
if (size == len)
; /* merely annotated */
else if (check_signature(buf, len, buf + len, size - len, &sigc) &&
!sigc.gpg_output)
strbuf_addstr(&sig, "gpg verification failed.\n");
else
strbuf_addstr(&sig, sigc.gpg_output);
if (!parse_signature(buf, size, &payload, &sig))
;/* merely annotated */
else {
buf = payload.buf;
len = payload.len;
if (check_signature(payload.buf, payload.len, sig.buf,
sig.len, &sigc) &&
!sigc.gpg_output)
strbuf_addstr(&sig, "gpg verification failed.\n");
else
strbuf_addstr(&sig, sigc.gpg_output);
}
signature_check_clear(&sigc);
if (!tag_number++) {
@ -547,9 +553,10 @@ static void fmt_merge_msg_sigs(struct strbuf *out)
strlen(origins.items[i].string));
fmt_tag_signature(&tagbuf, &sig, buf, len);
}
strbuf_release(&payload);
strbuf_release(&sig);
next:
free(buf);
free(origbuf);
}
if (tagbuf.len) {
strbuf_addch(out, '\n');