diff options
Diffstat (limited to 'plumbing/object')
| -rw-r--r-- | plumbing/object/commit.go | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/plumbing/object/commit.go b/plumbing/object/commit.go index b2f1f15..e54eb7d 100644 --- a/plumbing/object/commit.go +++ b/plumbing/object/commit.go @@ -8,6 +8,8 @@ import ( "io" "strings" + "golang.org/x/crypto/openpgp" + "gopkg.in/src-d/go-git.v4/plumbing" "gopkg.in/src-d/go-git.v4/plumbing/storer" "gopkg.in/src-d/go-git.v4/utils/ioutil" @@ -311,6 +313,34 @@ func (c *Commit) String() string { ) } +// Verify performs PGP verification of the commit with a provided armored +// keyring and returns openpgp.Entity associated with verifying key on success. +func (c *Commit) Verify(armoredKeyRing string) (*openpgp.Entity, error) { + keyRingReader := strings.NewReader(armoredKeyRing) + keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) + if err != nil { + return nil, err + } + + // Extract signature. + signature := strings.NewReader(c.PGPSignature) + + // Remove signature. Keep only the commit components. + c.PGPSignature = "" + + // Encode commit and get a reader object. + encoded := &plumbing.MemoryObject{} + if err := c.Encode(encoded); err != nil { + return nil, err + } + er, err := encoded.Reader() + if err != nil { + return nil, err + } + + return openpgp.CheckArmoredDetachedSignature(keyring, er, signature) +} + func indent(t string) string { var output []string for _, line := range strings.Split(t, "\n") { |