On Tue, Jul 03, 2018 at 02:38:19PM +0200, Henning Schild wrote: > This commit allows git to create and check X509 type signatures using > gpgsm. > > Signed-off-by: Henning Schild <henning.sch...@siemens.com> > --- > Documentation/config.txt | 5 ++++- > gpg-interface.c | 10 +++++++++- > 2 files changed, 13 insertions(+), 2 deletions(-) > > diff --git a/Documentation/config.txt b/Documentation/config.txt > index c88903399..337df6e48 100644 > --- a/Documentation/config.txt > +++ b/Documentation/config.txt > @@ -1828,9 +1828,12 @@ gpg.program:: > signed, and the program is expected to send the result to its > standard output. > > +gpg.programX509::
I'm not super excited about this name. It seems to indicate we want a
level of hierarchy involved.
A hierarchy like sign.openpgp.program (falling back to gpg.program) and
sign.x509.program might be more logical.
> diff --git a/gpg-interface.c b/gpg-interface.c
> index aa747278e..85d721007 100644
> --- a/gpg-interface.c
> +++ b/gpg-interface.c
> @@ -16,13 +16,18 @@ struct gpg_format_data {
>
> #define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
> #define PGP_MESSAGE "-----BEGIN PGP MESSAGE-----"
> +#define X509_SIGNATURE "-----BEGIN SIGNED MESSAGE-----"
>
> -enum gpgformats { PGP_FMT };
> +enum gpgformats { PGP_FMT, X509_FMT };
> struct gpg_format_data gpg_formats[] = {
> { .format = "PGP", .program = "gpg",
> .extra_args_verify = { "--keyid-format=long", },
> .sigs = { PGP_SIGNATURE, PGP_MESSAGE, },
> },
> + { .format = "X509", .program = "gpgsm",
Similarly to my comment about "PGP", I think this would do well as
"x509".
--
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204
signature.asc
Description: PGP signature
