diff options
author | Sunny <me@darkowlzz.space> | 2017-11-24 19:48:10 +0530 |
---|---|---|
committer | Sunny <me@darkowlzz.space> | 2017-11-24 23:34:01 +0530 |
commit | e2dbd3a4f6ec8c6467eb1bc30ed937399a4456e4 (patch) | |
tree | 0eb7d38b619d6da57ff46a9e262896408d6197c2 /plumbing/object/tag.go | |
parent | 850b9f81c2f025d8a75c4728520553504e3a425c (diff) | |
download | go-git-e2dbd3a4f6ec8c6467eb1bc30ed937399a4456e4.tar.gz |
plumbing: object/tag, add signature verification
Diffstat (limited to 'plumbing/object/tag.go')
-rw-r--r-- | plumbing/object/tag.go | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/plumbing/object/tag.go b/plumbing/object/tag.go index 6295205..9b4250f 100644 --- a/plumbing/object/tag.go +++ b/plumbing/object/tag.go @@ -8,6 +8,8 @@ import ( stdioutil "io/ioutil" "strings" + "golang.org/x/crypto/openpgp" + "gopkg.in/src-d/go-git.v4/plumbing" "gopkg.in/src-d/go-git.v4/plumbing/storer" "gopkg.in/src-d/go-git.v4/utils/ioutil" @@ -267,6 +269,33 @@ func (t *Tag) String() string { ) } +// Verify performs PGP verification of the tag with a provided armored +// keyring and returns openpgp.Entity associated with verifying key on success. +func (t *Tag) Verify(armoredKeyRing string) (*openpgp.Entity, error) { + keyRingReader := strings.NewReader(armoredKeyRing) + keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) + if err != nil { + return nil, err + } + + // Extract signature. + signature := strings.NewReader(t.PGPSignature) + + // Remove signature. Keep only the tag components. + t.PGPSignature = "" + + encoded := &plumbing.MemoryObject{} + if err := t.Encode(encoded); err != nil { + return nil, err + } + er, err := encoded.Reader() + if err != nil { + return nil, err + } + + return openpgp.CheckArmoredDetachedSignature(keyring, er, signature) +} + // TagIter provides an iterator for a set of tags. type TagIter struct { storer.EncodedObjectIter |