From 0ef699d06cd038b73ea22a6d1eb19aff2761156f Mon Sep 17 00:00:00 2001 From: Chris Marchesi Date: Thu, 16 Aug 2018 17:46:07 -0700 Subject: git: Add ability to PGP sign commits This adds the ability to sign commits by adding the SignKey field to CommitOptions. If present, the commit will be signed during the WorkTree.Commit call. The supplied SignKey must already be decrypted by the caller. Signed-off-by: Chris Marchesi --- worktree_commit.go | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'worktree_commit.go') diff --git a/worktree_commit.go b/worktree_commit.go index 5fa63ab..ad7880a 100644 --- a/worktree_commit.go +++ b/worktree_commit.go @@ -4,6 +4,7 @@ import ( "path" "strings" + "golang.org/x/crypto/openpgp" "gopkg.in/src-d/go-git.v4/plumbing" "gopkg.in/src-d/go-git.v4/plumbing/filemode" "gopkg.in/src-d/go-git.v4/plumbing/format/index" @@ -92,6 +93,14 @@ func (w *Worktree) buildCommitObject(msg string, opts *CommitOptions, tree plumb ParentHashes: opts.Parents, } + if opts.SignKey != nil { + sig, err := w.buildCommitSignature(commit, opts.SignKey) + if err != nil { + return plumbing.ZeroHash, err + } + commit.PGPSignature = sig + } + obj := w.r.Storer.NewEncodedObject() if err := commit.Encode(obj); err != nil { return plumbing.ZeroHash, err @@ -99,6 +108,22 @@ func (w *Worktree) buildCommitObject(msg string, opts *CommitOptions, tree plumb return w.r.Storer.SetEncodedObject(obj) } +func (w *Worktree) buildCommitSignature(commit *object.Commit, signKey *openpgp.Entity) (string, error) { + encoded := &plumbing.MemoryObject{} + if err := commit.Encode(encoded); err != nil { + return "", err + } + r, err := encoded.Reader() + if err != nil { + return "", err + } + var b strings.Builder + if err := openpgp.ArmoredDetachSign(&b, signKey, r, nil); err != nil { + return "", err + } + return b.String(), nil +} + // buildTreeHelper converts a given index.Index file into multiple git objects // reading the blobs from the given filesystem and creating the trees from the // index structure. The created objects are pushed to a given Storer. -- cgit From c9b2eac59cf97c9a20ea3e9e5ad9bdef6f1dc82b Mon Sep 17 00:00:00 2001 From: Chris Marchesi Date: Thu, 16 Aug 2018 18:15:49 -0700 Subject: git: Remove use of strings.Builder This was added in Go 1.10 and is not supported on Go 1.9. Switched to bytes.Buffer to ensure compatibility. Signed-off-by: Chris Marchesi --- worktree_commit.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'worktree_commit.go') diff --git a/worktree_commit.go b/worktree_commit.go index ad7880a..b83bf0c 100644 --- a/worktree_commit.go +++ b/worktree_commit.go @@ -1,6 +1,7 @@ package git import ( + "bytes" "path" "strings" @@ -117,7 +118,7 @@ func (w *Worktree) buildCommitSignature(commit *object.Commit, signKey *openpgp. if err != nil { return "", err } - var b strings.Builder + var b bytes.Buffer if err := openpgp.ArmoredDetachSign(&b, signKey, r, nil); err != nil { return "", err } -- cgit