char *keyid = get_signing_key();
int ret = -1;
- if (sign_buffer(buffer, &sig, keyid))
+ if (sign_buffer(buffer, &sig, keyid, 0))
goto out;
if (compat) {
if (convert_object_file(the_repository ,&compat_buf, algo, compat,
buffer->buf, buffer->len, OBJ_TAG, 1))
goto out;
- if (sign_buffer(&compat_buf, &compat_sig, keyid))
+ if (sign_buffer(&compat_buf, &compat_sig, keyid, 0))
goto out;
add_header_signature(&compat_buf, &sig, algo);
strbuf_addbuf(&compat_buf, &compat_sig);
return 0;
}
-static int sign_commit_to_strbuf(struct strbuf *sig, struct strbuf *buf, const char *keyid)
-{
- char *keyid_to_free = NULL;
- int ret = 0;
- if (!keyid || !*keyid)
- keyid = keyid_to_free = get_signing_key();
- if (sign_buffer(buf, sig, keyid))
- ret = -1;
- free(keyid_to_free);
- return ret;
-}
-
int parse_signed_commit(const struct commit *commit,
struct strbuf *payload, struct strbuf *signature,
const struct git_hash_algo *algop)
oidcpy(&parent_buf[i++], &p->item->object.oid);
write_commit_tree(&buffer, msg, msg_len, tree, parent_buf, nparents, author, committer, extra);
- if (sign_commit && sign_commit_to_strbuf(&sig, &buffer, sign_commit)) {
+ if (sign_commit && sign_buffer(&buffer, &sig, sign_commit,
+ SIGN_BUFFER_USE_DEFAULT_KEY)) {
result = -1;
goto out;
}
free_commit_extra_headers(compat_extra);
free(mapped_parents);
- if (sign_commit && sign_commit_to_strbuf(&compat_sig, &compat_buffer, sign_commit)) {
+ if (sign_commit && sign_buffer(&compat_buffer, &compat_sig,
+ sign_commit,
+ SIGN_BUFFER_USE_DEFAULT_KEY)) {
result = -1;
goto out;
}
return sigcheck_gpg_trust_level[level].display_key;
}
-int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key)
+int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
+ const char *signing_key, enum sign_buffer_flags flags)
{
+ char *keyid_to_free = NULL;
+ int ret = 0;
+
gpg_interface_lazy_init();
- return use_format->sign_buffer(buffer, signature, signing_key);
+ if ((flags & SIGN_BUFFER_USE_DEFAULT_KEY) && (!signing_key || !*signing_key))
+ signing_key = keyid_to_free = get_signing_key();
+
+ ret = use_format->sign_buffer(buffer, signature, signing_key);
+ free(keyid_to_free);
+ return ret;
}
/*
*/
size_t parse_signed_buffer(const char *buf, size_t size);
+/* Flags for sign_buffer(). */
+enum sign_buffer_flags {
+ /*
+ * Use the default configured signing key as returned by `get_signing_key()`
+ * when the provided "signing_key" is NULL or empty.
+ */
+ SIGN_BUFFER_USE_DEFAULT_KEY = (1 << 0),
+};
+
/*
* Create a detached signature for the contents of "buffer" and append
* it after "signature"; "buffer" and "signature" can be the same
* at the end. Returns 0 on success, non-zero on failure.
*/
int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
- const char *signing_key);
-
+ const char *signing_key, enum sign_buffer_flags flags);
/*
* Returns corresponding string in lowercase for a given member of
if (!update_seen)
goto free_return;
- if (sign_buffer(&cert, &cert, signing_key))
+ if (sign_buffer(&cert, &cert, signing_key, 0))
die(_("failed to sign the push certificate"));
packet_buf_write(req_buf, "push-cert%c%s", 0, cap_string);
projects / thirdparty / git.git / commitdiff
