aboutsummaryrefslogtreecommitdiffstats
path: root/plumbing/object/commit.go
diff options
context:
space:
mode:
Diffstat (limited to 'plumbing/object/commit.go')
-rw-r--r--plumbing/object/commit.go30
1 files changed, 30 insertions, 0 deletions
diff --git a/plumbing/object/commit.go b/plumbing/object/commit.go
index b2f1f15..e54eb7d 100644
--- a/plumbing/object/commit.go
+++ b/plumbing/object/commit.go
@@ -8,6 +8,8 @@ import (
"io"
"strings"
+ "golang.org/x/crypto/openpgp"
+
"gopkg.in/src-d/go-git.v4/plumbing"
"gopkg.in/src-d/go-git.v4/plumbing/storer"
"gopkg.in/src-d/go-git.v4/utils/ioutil"
@@ -311,6 +313,34 @@ func (c *Commit) String() string {
)
}
+// Verify performs PGP verification of the commit with a provided armored
+// keyring and returns openpgp.Entity associated with verifying key on success.
+func (c *Commit) Verify(armoredKeyRing string) (*openpgp.Entity, error) {
+ keyRingReader := strings.NewReader(armoredKeyRing)
+ keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
+ if err != nil {
+ return nil, err
+ }
+
+ // Extract signature.
+ signature := strings.NewReader(c.PGPSignature)
+
+ // Remove signature. Keep only the commit components.
+ c.PGPSignature = ""
+
+ // Encode commit and get a reader object.
+ encoded := &plumbing.MemoryObject{}
+ if err := c.Encode(encoded); err != nil {
+ return nil, err
+ }
+ er, err := encoded.Reader()
+ if err != nil {
+ return nil, err
+ }
+
+ return openpgp.CheckArmoredDetachedSignature(keyring, er, signature)
+}
+
func indent(t string) string {
var output []string
for _, line := range strings.Split(t, "\n") {