aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSunny <me@darkowlzz.space>2017-11-22 23:51:54 +0530
committerSunny <me@darkowlzz.space>2017-11-23 19:49:00 +0530
commit1ecb988046028e75891e039a2b1d90974b15310f (patch)
treebabcfa99e643f824aed3da8a229a86cdf6238422
parentb08cc8dc5450981530af3e6f6ad1159ae8ea8705 (diff)
downloadgo-git-1ecb988046028e75891e039a2b1d90974b15310f.tar.gz
plumbing: object, add Commit.Verify method
Commit.Verify() performs PGP verification of a signed commit given an armored keyring.
-rw-r--r--plumbing/object/commit.go30
1 files changed, 30 insertions, 0 deletions
diff --git a/plumbing/object/commit.go b/plumbing/object/commit.go
index b2f1f15..e54eb7d 100644
--- a/plumbing/object/commit.go
+++ b/plumbing/object/commit.go
@@ -8,6 +8,8 @@ import (
"io"
"strings"
+ "golang.org/x/crypto/openpgp"
+
"gopkg.in/src-d/go-git.v4/plumbing"
"gopkg.in/src-d/go-git.v4/plumbing/storer"
"gopkg.in/src-d/go-git.v4/utils/ioutil"
@@ -311,6 +313,34 @@ func (c *Commit) String() string {
)
}
+// Verify performs PGP verification of the commit with a provided armored
+// keyring and returns openpgp.Entity associated with verifying key on success.
+func (c *Commit) Verify(armoredKeyRing string) (*openpgp.Entity, error) {
+ keyRingReader := strings.NewReader(armoredKeyRing)
+ keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
+ if err != nil {
+ return nil, err
+ }
+
+ // Extract signature.
+ signature := strings.NewReader(c.PGPSignature)
+
+ // Remove signature. Keep only the commit components.
+ c.PGPSignature = ""
+
+ // Encode commit and get a reader object.
+ encoded := &plumbing.MemoryObject{}
+ if err := c.Encode(encoded); err != nil {
+ return nil, err
+ }
+ er, err := encoded.Reader()
+ if err != nil {
+ return nil, err
+ }
+
+ return openpgp.CheckArmoredDetachedSignature(keyring, er, signature)
+}
+
func indent(t string) string {
var output []string
for _, line := range strings.Split(t, "\n") {