On Tue, Jul 03, 2018 at 02:38:19PM +0200, Henning Schild wrote: > This commit allows git to create and check X509 type signatures using > gpgsm. > > Signed-off-by: Henning Schild <henning.sch...@siemens.com> > --- > Documentation/config.txt | 5 ++++- > gpg-interface.c | 10 +++++++++- > 2 files changed, 13 insertions(+), 2 deletions(-) > > diff --git a/Documentation/config.txt b/Documentation/config.txt > index c88903399..337df6e48 100644 > --- a/Documentation/config.txt > +++ b/Documentation/config.txt > @@ -1828,9 +1828,12 @@ gpg.program:: > signed, and the program is expected to send the result to its > standard output. > > +gpg.programX509::
I'm not super excited about this name. It seems to indicate we want a level of hierarchy involved. A hierarchy like sign.openpgp.program (falling back to gpg.program) and sign.x509.program might be more logical. > diff --git a/gpg-interface.c b/gpg-interface.c > index aa747278e..85d721007 100644 > --- a/gpg-interface.c > +++ b/gpg-interface.c > @@ -16,13 +16,18 @@ struct gpg_format_data { > > #define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----" > #define PGP_MESSAGE "-----BEGIN PGP MESSAGE-----" > +#define X509_SIGNATURE "-----BEGIN SIGNED MESSAGE-----" > > -enum gpgformats { PGP_FMT }; > +enum gpgformats { PGP_FMT, X509_FMT }; > struct gpg_format_data gpg_formats[] = { > { .format = "PGP", .program = "gpg", > .extra_args_verify = { "--keyid-format=long", }, > .sigs = { PGP_SIGNATURE, PGP_MESSAGE, }, > }, > + { .format = "X509", .program = "gpgsm", Similarly to my comment about "PGP", I think this would do well as "x509". -- brian m. carlson: Houston, Texas, US OpenPGP: https://keybase.io/bk2204
signature.asc
Description: PGP signature