Skip to content
Snippets Groups Projects
Commit 0c01bce6 authored by Anton Wuerfel's avatar Anton Wuerfel
Browse files

Add time-stamping functionality to git verify-tag


This commit introduces command line options for git verify-tag to allow
verification of RFC3161 time-stamped tags.

To keep consistent with the current behavior of verifying gpg signatures, the
return value of `git verify-tag` still indicates only the success of gpg
signature verification by default. To influence this behavior, the configuration
variable `ts.failonverify` is introduced.

ts.failonverify set to 0: use default behavior
	Return 1 if gpg verification failed or no signature was found
	Return 0 on success.

If config variable ts.failonverify is set, the return value includes the status
of time-stamp verification in the second lowest bit. Possible return values are:
	0 - both gpg and time stamp verification succeeded
	1 - gpg failed, time stamp succeeded
	2 - gpg succeeded, time stamp failed
	3 - both gpg and time stamp verification failed

Command line parameters `-s` or `-t` override the configuration
variable mentioned above.

Signed-off-by: default avatarAnton Würfel <anton.wuerfel@fau.de>
Signed-off-by: default avatarPhillip Raffeck <phillip.raffeck@fau.de>
parent 3338ac62
No related branches found
No related tags found
No related merge requests found
......@@ -12,9 +12,15 @@
#include <signal.h>
#include "parse-options.h"
#include "gpg-interface.h"
#include "rfc3161.h"
#define GPG_VERIFY_RET 4
#define TS_VERIFY_RET 8
static const char *config_key_verify_ts = "ts.failonverify";
static const char * const verify_tag_usage[] = {
N_("git verify-tag [-v | --verbose] <tag>..."),
N_("git verify-tag [-s | --signature] [-t | --timestamp] [-v | --verbose] [--raw] <tag>..."),
NULL
};
......@@ -31,7 +37,8 @@ static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags)
if (size == len) {
if (flags & GPG_VERIFY_VERBOSE)
write_in_full(1, buf, len);
return error("no signature found");
printf("pgp: no signature found\n");
return 1;
}
ret = check_signature(buf, len, buf + len, size - len, &sigc);
......@@ -47,7 +54,12 @@ static int verify_tag(const char *name, unsigned flags)
unsigned char sha1[20];
char *buf;
unsigned long size;
int ret;
int gpg_had_error = 0;
int ret = 0;
int config_failonverify = 0;
int ts_had_error = 0;
git_config_get_bool(config_key_verify_ts, &config_failonverify);
if (get_sha1(name, sha1))
return error("tag '%s' not found.", name);
......@@ -61,9 +73,48 @@ static int verify_tag(const char *name, unsigned flags)
if (!buf)
return error("%s: unable to read file.", name);
ret = run_gpg_verify(buf, size, flags);
if (run_gpg_verify(buf, size, flags))
gpg_had_error = 1;
#if defined(NO_CURL) || defined(NO_OPENSSL)
fputs("git has been compiled without RFC3161 time-stamp support. "
"NO_CURL and NO_OPENSSL must not be defined", stderr);
#else
if (verify_time_signature(buf, size))
ts_had_error = 1;
#endif
free(buf);
/*
* If the config variable ts.failonverify is not set, behave like older
* versions of git verify-tag:
* Return 1 if gpg verification failed or no signature was found
* Return 0 on success.
*
* If the config variable ts.failonverify is set and neither -s nor -t
* are set as command line parameters, the return value includes the
* status of time-stamp verification in the second lowest bit. Possible
* return values are:
* 0 - both gpg and time stamp verification succeeded
* 1 - gpg failed, time stamp succeeded
* 2 - gpg succeeded, time stamp failed
* 3 - both gpg and time stamp verification failed
*
* Command line parameters `-s` or `-t` override the configuration
* variable mentioned above.
*/
if (flags & (GPG_VERIFY_RET | TS_VERIFY_RET)) {
if (flags & GPG_VERIFY_RET)
ret = gpg_had_error;
if (flags & TS_VERIFY_RET)
ret |= (ts_had_error << 1);
} else {
ret = gpg_had_error;
if (config_failonverify)
ret |= (ts_had_error << 1);
}
return ret;
}
......@@ -82,6 +133,8 @@ int cmd_verify_tag(int argc, const char **argv, const char *prefix)
const struct option verify_tag_options[] = {
OPT__VERBOSE(&verbose, N_("print tag contents")),
OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), GPG_VERIFY_RAW),
OPT_BIT('s', "signature", &flags, N_("report return value of gpg signature"), GPG_VERIFY_RET),
OPT_BIT('t', "timestamp", &flags, N_("report return value of time-stamp signature"), TS_VERIFY_RET),
OPT_END()
};
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment