diff options
author | Sunny <me@darkowlzz.space> | 2017-11-22 23:51:54 +0530 |
---|---|---|
committer | Sunny <me@darkowlzz.space> | 2017-11-23 19:49:00 +0530 |
commit | 1ecb988046028e75891e039a2b1d90974b15310f (patch) | |
tree | babcfa99e643f824aed3da8a229a86cdf6238422 | |
parent | b08cc8dc5450981530af3e6f6ad1159ae8ea8705 (diff) | |
download | go-git-1ecb988046028e75891e039a2b1d90974b15310f.tar.gz |
plumbing: object, add Commit.Verify method
Commit.Verify() performs PGP verification of a signed commit given an
armored keyring.
-rw-r--r-- | plumbing/object/commit.go | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/plumbing/object/commit.go b/plumbing/object/commit.go index b2f1f15..e54eb7d 100644 --- a/plumbing/object/commit.go +++ b/plumbing/object/commit.go @@ -8,6 +8,8 @@ import ( "io" "strings" + "golang.org/x/crypto/openpgp" + "gopkg.in/src-d/go-git.v4/plumbing" "gopkg.in/src-d/go-git.v4/plumbing/storer" "gopkg.in/src-d/go-git.v4/utils/ioutil" @@ -311,6 +313,34 @@ func (c *Commit) String() string { ) } +// Verify performs PGP verification of the commit with a provided armored +// keyring and returns openpgp.Entity associated with verifying key on success. +func (c *Commit) Verify(armoredKeyRing string) (*openpgp.Entity, error) { + keyRingReader := strings.NewReader(armoredKeyRing) + keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) + if err != nil { + return nil, err + } + + // Extract signature. + signature := strings.NewReader(c.PGPSignature) + + // Remove signature. Keep only the commit components. + c.PGPSignature = "" + + // Encode commit and get a reader object. + encoded := &plumbing.MemoryObject{} + if err := c.Encode(encoded); err != nil { + return nil, err + } + er, err := encoded.Reader() + if err != nil { + return nil, err + } + + return openpgp.CheckArmoredDetachedSignature(keyring, er, signature) +} + func indent(t string) string { var output []string for _, line := range strings.Split(t, "\n") { |