3 #include "run-command.h"
5 #include "gpg-interface.h"
9 static char *configured_signing_key
;
10 static const char *gpg_program
= "gpg";
12 #define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
13 #define PGP_MESSAGE "-----BEGIN PGP MESSAGE-----"
15 void signature_check_clear(struct signature_check
*sigc
)
17 FREE_AND_NULL(sigc
->payload
);
18 FREE_AND_NULL(sigc
->gpg_output
);
19 FREE_AND_NULL(sigc
->gpg_status
);
20 FREE_AND_NULL(sigc
->signer
);
21 FREE_AND_NULL(sigc
->key
);
27 } sigcheck_gpg_status
[] = {
28 { 'G', "\n[GNUPG:] GOODSIG " },
29 { 'B', "\n[GNUPG:] BADSIG " },
30 { 'U', "\n[GNUPG:] TRUST_NEVER" },
31 { 'U', "\n[GNUPG:] TRUST_UNDEFINED" },
32 { 'E', "\n[GNUPG:] ERRSIG "},
33 { 'X', "\n[GNUPG:] EXPSIG "},
34 { 'Y', "\n[GNUPG:] EXPKEYSIG "},
35 { 'R', "\n[GNUPG:] REVKEYSIG "},
38 void parse_gpg_output(struct signature_check
*sigc
)
40 const char *buf
= sigc
->gpg_status
;
43 /* Iterate over all search strings */
44 for (i
= 0; i
< ARRAY_SIZE(sigcheck_gpg_status
); i
++) {
45 const char *found
, *next
;
47 if (!skip_prefix(buf
, sigcheck_gpg_status
[i
].check
+ 1, &found
)) {
48 found
= strstr(buf
, sigcheck_gpg_status
[i
].check
);
51 found
+= strlen(sigcheck_gpg_status
[i
].check
);
53 sigc
->result
= sigcheck_gpg_status
[i
].result
;
54 /* The trust messages are not followed by key/signer information */
55 if (sigc
->result
!= 'U') {
56 sigc
->key
= xmemdupz(found
, 16);
57 /* The ERRSIG message is not followed by signer information */
58 if (sigc
-> result
!= 'E') {
60 next
= strchrnul(found
, '\n');
61 sigc
->signer
= xmemdupz(found
, next
- found
);
67 int check_signature(const char *payload
, size_t plen
, const char *signature
,
68 size_t slen
, struct signature_check
*sigc
)
70 struct strbuf gpg_output
= STRBUF_INIT
;
71 struct strbuf gpg_status
= STRBUF_INIT
;
76 status
= verify_signed_buffer(payload
, plen
, signature
, slen
,
77 &gpg_output
, &gpg_status
);
78 if (status
&& !gpg_output
.len
)
80 sigc
->payload
= xmemdupz(payload
, plen
);
81 sigc
->gpg_output
= strbuf_detach(&gpg_output
, NULL
);
82 sigc
->gpg_status
= strbuf_detach(&gpg_status
, NULL
);
83 parse_gpg_output(sigc
);
86 strbuf_release(&gpg_status
);
87 strbuf_release(&gpg_output
);
89 return sigc
->result
!= 'G' && sigc
->result
!= 'U';
92 void print_signature_buffer(const struct signature_check
*sigc
, unsigned flags
)
94 const char *output
= flags
& GPG_VERIFY_RAW
?
95 sigc
->gpg_status
: sigc
->gpg_output
;
97 if (flags
& GPG_VERIFY_VERBOSE
&& sigc
->payload
)
98 fputs(sigc
->payload
, stdout
);
101 fputs(output
, stderr
);
104 size_t parse_signature(const char *buf
, unsigned long size
)
108 while (len
< size
&& !starts_with(buf
+ len
, PGP_SIGNATURE
) &&
109 !starts_with(buf
+ len
, PGP_MESSAGE
)) {
110 eol
= memchr(buf
+ len
, '\n', size
- len
);
111 len
+= eol
? eol
- (buf
+ len
) + 1 : size
- len
;
116 void set_signing_key(const char *key
)
118 free(configured_signing_key
);
119 configured_signing_key
= xstrdup(key
);
122 int git_gpg_config(const char *var
, const char *value
, void *cb
)
124 if (!strcmp(var
, "user.signingkey")) {
126 return config_error_nonbool(var
);
127 set_signing_key(value
);
131 if (!strcmp(var
, "gpg.program")) {
133 return config_error_nonbool(var
);
134 gpg_program
= xstrdup(value
);
141 const char *get_signing_key(void)
143 if (configured_signing_key
)
144 return configured_signing_key
;
145 return git_committer_info(IDENT_STRICT
|IDENT_NO_DATE
);
148 int sign_buffer(struct strbuf
*buffer
, struct strbuf
*signature
, const char *signing_key
)
150 struct child_process gpg
= CHILD_PROCESS_INIT
;
153 struct strbuf gpg_status
= STRBUF_INIT
;
155 argv_array_pushl(&gpg
.args
,
158 "-bsau", signing_key
,
161 bottom
= signature
->len
;
164 * When the username signingkey is bad, program could be terminated
165 * because gpg exits without reading and then write gets SIGPIPE.
167 sigchain_push(SIGPIPE
, SIG_IGN
);
168 ret
= pipe_command(&gpg
, buffer
->buf
, buffer
->len
,
169 signature
, 1024, &gpg_status
, 0);
170 sigchain_pop(SIGPIPE
);
172 ret
|= !strstr(gpg_status
.buf
, "\n[GNUPG:] SIG_CREATED ");
173 strbuf_release(&gpg_status
);
175 return error(_("gpg failed to sign the data"));
177 /* Strip CR from the line endings, in case we are on Windows. */
178 for (i
= j
= bottom
; i
< signature
->len
; i
++)
179 if (signature
->buf
[i
] != '\r') {
181 signature
->buf
[j
] = signature
->buf
[i
];
184 strbuf_setlen(signature
, j
);
189 int verify_signed_buffer(const char *payload
, size_t payload_size
,
190 const char *signature
, size_t signature_size
,
191 struct strbuf
*gpg_output
, struct strbuf
*gpg_status
)
193 struct child_process gpg
= CHILD_PROCESS_INIT
;
194 struct tempfile
*temp
;
196 struct strbuf buf
= STRBUF_INIT
;
198 temp
= mks_tempfile_t(".git_vtag_tmpXXXXXX");
200 return error_errno(_("could not create temporary file"));
201 if (write_in_full(temp
->fd
, signature
, signature_size
) < 0 ||
202 close_tempfile_gently(temp
) < 0) {
203 error_errno(_("failed writing detached signature to '%s'"),
205 delete_tempfile(&temp
);
209 argv_array_pushl(&gpg
.args
,
212 "--keyid-format=long",
213 "--verify", temp
->filename
.buf
, "-",
219 sigchain_push(SIGPIPE
, SIG_IGN
);
220 ret
= pipe_command(&gpg
, payload
, payload_size
,
221 gpg_status
, 0, gpg_output
, 0);
222 sigchain_pop(SIGPIPE
);
224 delete_tempfile(&temp
);
226 ret
|= !strstr(gpg_status
->buf
, "\n[GNUPG:] GOODSIG ");
227 strbuf_release(&buf
); /* no matter it was used or not */