Re: [PATCH 7/8] gpg-interface: introduce new signature format "X509" using gpgsm
Henning Schild writes:
> -enum gpgformats { PGP_FMT };
> +enum gpgformats { PGP_FMT, X509_FMT };
> struct gpg_format_data gpg_formats[] = {
> { .format = "PGP", .program = "gpg",
> .extra_args_verify = { "--keyid-format=long", },
> .sigs = { PGP_SIGNATURE, PGP_MESSAGE, },
> },
> + { .format = "X509", .program = "gpgsm",
> + .extra_args_verify = { NULL },
> + .sigs = {X509_SIGNATURE, NULL, }
Missing SP between "{X" is a bit irritating.
Also the trailing comma (the issue is shared with the PGP side) when
the initializer is smashed on a single line feels pretty much
pointless. If it were multi-line, then such a trailing comma would
help future developers to add a new entry, i.e.
.sigs = {
PGP_SIGNATURE,
PGP_MESSAGE,
+ PGP_SOMETHING_NEW,
}
without touching the last existing entry. But on a single line?
-.sigs = { PGP_SIGNATURE, PGP_MESSAGE }
+.sigs = { PGP_SIGNATURE, PGP_MESSAGE, PGP_SOMETHING_NEW }
is probably prettier without such a trailing comma.
> @@ -190,6 +195,9 @@ int git_gpg_config(const char *var, const char *value,
> void *cb)
> if (!strcmp(var, "gpg.program"))
> return git_config_string(_formats[PGP_FMT].program, var,
>value);
> + if (!strcmp(var, "gpg.programX509"))
> + return git_config_string(_formats[X509_FMT].program, var,
> + value);
This is a git_config() callback, isn't it? A two-level variable
name is given to a callback after downcasing, so nothing will match
"gpg.programX509", I suspect. I see Brian already commented on the
name and the better organization being
- gpg.format defines 'openpgp' or whatever other values;
- gpg..program defines the actual program
where is the value gpg.format would take
(e.g. "gpg.openpgp.program = gnupg"). And I agree with these
suggestions.
Re: [PATCH 7/8] gpg-interface: introduce new signature format "X509" using gpgsm
Am Fri, 6 Jul 2018 01:10:13 +
schrieb "brian m. carlson" :
> On Tue, Jul 03, 2018 at 02:38:19PM +0200, Henning Schild wrote:
> > This commit allows git to create and check X509 type signatures
> > using gpgsm.
> >
> > Signed-off-by: Henning Schild
> > ---
> > Documentation/config.txt | 5 -
> > gpg-interface.c | 10 +-
> > 2 files changed, 13 insertions(+), 2 deletions(-)
> >
> > diff --git a/Documentation/config.txt b/Documentation/config.txt
> > index c88903399..337df6e48 100644
> > --- a/Documentation/config.txt
> > +++ b/Documentation/config.txt
> > @@ -1828,9 +1828,12 @@ gpg.program::
> > signed, and the program is expected to send the result to
> > its standard output.
> >
> > +gpg.programX509::
>
> I'm not super excited about this name. It seems to indicate we want a
> level of hierarchy involved.
>
> A hierarchy like sign.openpgp.program (falling back to gpg.program)
> and sign.x509.program might be more logical.
>
> > diff --git a/gpg-interface.c b/gpg-interface.c
> > index aa747278e..85d721007 100644
> > --- a/gpg-interface.c
> > +++ b/gpg-interface.c
> > @@ -16,13 +16,18 @@ struct gpg_format_data {
> >
> > #define PGP_SIGNATURE "-BEGIN PGP SIGNATURE-"
> > #define PGP_MESSAGE "-BEGIN PGP MESSAGE-"
> > +#define X509_SIGNATURE "-BEGIN SIGNED MESSAGE-"
> >
> > -enum gpgformats { PGP_FMT };
> > +enum gpgformats { PGP_FMT, X509_FMT };
> > struct gpg_format_data gpg_formats[] = {
> > { .format = "PGP", .program = "gpg",
> > .extra_args_verify = { "--keyid-format=long", },
> > .sigs = { PGP_SIGNATURE, PGP_MESSAGE, },
> > },
> > + { .format = "X509", .program = "gpgsm",
>
> Similarly to my comment about "PGP", I think this would do well as
> "x509".
Another naming discussion, lets keep discussing and i will implement it
once settled.
Henning
Re: [PATCH 7/8] gpg-interface: introduce new signature format "X509" using gpgsm
On Tue, Jul 03, 2018 at 02:38:19PM +0200, Henning Schild wrote:
> This commit allows git to create and check X509 type signatures using
> gpgsm.
>
> Signed-off-by: Henning Schild
> ---
> Documentation/config.txt | 5 -
> gpg-interface.c | 10 +-
> 2 files changed, 13 insertions(+), 2 deletions(-)
>
> diff --git a/Documentation/config.txt b/Documentation/config.txt
> index c88903399..337df6e48 100644
> --- a/Documentation/config.txt
> +++ b/Documentation/config.txt
> @@ -1828,9 +1828,12 @@ gpg.program::
> signed, and the program is expected to send the result to its
> standard output.
>
> +gpg.programX509::
I'm not super excited about this name. It seems to indicate we want a
level of hierarchy involved.
A hierarchy like sign.openpgp.program (falling back to gpg.program) and
sign.x509.program might be more logical.
> diff --git a/gpg-interface.c b/gpg-interface.c
> index aa747278e..85d721007 100644
> --- a/gpg-interface.c
> +++ b/gpg-interface.c
> @@ -16,13 +16,18 @@ struct gpg_format_data {
>
> #define PGP_SIGNATURE "-BEGIN PGP SIGNATURE-"
> #define PGP_MESSAGE "-BEGIN PGP MESSAGE-"
> +#define X509_SIGNATURE "-BEGIN SIGNED MESSAGE-"
>
> -enum gpgformats { PGP_FMT };
> +enum gpgformats { PGP_FMT, X509_FMT };
> struct gpg_format_data gpg_formats[] = {
> { .format = "PGP", .program = "gpg",
> .extra_args_verify = { "--keyid-format=long", },
> .sigs = { PGP_SIGNATURE, PGP_MESSAGE, },
> },
> + { .format = "X509", .program = "gpgsm",
Similarly to my comment about "PGP", I think this would do well as
"x509".
--
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204
signature.asc
Description: PGP signature
[PATCH 7/8] gpg-interface: introduce new signature format "X509" using gpgsm
This commit allows git to create and check X509 type signatures using
gpgsm.
Signed-off-by: Henning Schild
---
Documentation/config.txt | 5 -
gpg-interface.c | 10 +-
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/Documentation/config.txt b/Documentation/config.txt
index c88903399..337df6e48 100644
--- a/Documentation/config.txt
+++ b/Documentation/config.txt
@@ -1828,9 +1828,12 @@ gpg.program::
signed, and the program is expected to send the result to its
standard output.
+gpg.programX509::
+ Just like gpg.program, here the default you override is "`gpgsm`".
+
gpg.format::
Specifies which key format to use when signing with `--gpg-sign`.
- Default is "PGP", that is also the only supported value.
+ Default is "PGP" and another possible value is "X509".
gui.commitMsgWidth::
Defines how wide the commit message window is in the
diff --git a/gpg-interface.c b/gpg-interface.c
index aa747278e..85d721007 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -16,13 +16,18 @@ struct gpg_format_data {
#define PGP_SIGNATURE "-BEGIN PGP SIGNATURE-"
#define PGP_MESSAGE "-BEGIN PGP MESSAGE-"
+#define X509_SIGNATURE "-BEGIN SIGNED MESSAGE-"
-enum gpgformats { PGP_FMT };
+enum gpgformats { PGP_FMT, X509_FMT };
struct gpg_format_data gpg_formats[] = {
{ .format = "PGP", .program = "gpg",
.extra_args_verify = { "--keyid-format=long", },
.sigs = { PGP_SIGNATURE, PGP_MESSAGE, },
},
+ { .format = "X509", .program = "gpgsm",
+ .extra_args_verify = { NULL },
+ .sigs = {X509_SIGNATURE, NULL, }
+ },
};
static const char *gpg_format = "PGP";
@@ -190,6 +195,9 @@ int git_gpg_config(const char *var, const char *value, void
*cb)
if (!strcmp(var, "gpg.program"))
return git_config_string(_formats[PGP_FMT].program, var,
value);
+ if (!strcmp(var, "gpg.programX509"))
+ return git_config_string(_formats[X509_FMT].program, var,
+value);
return 0;
}
--
2.16.4
