This commit allows git to create and check x509 type signatures using gpgsm. Signed-off-by: Henning Schild <henning.schild@xxxxxxxxxxx> --- Documentation/config.txt | 5 +++-- gpg-interface.c | 15 +++++++++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/Documentation/config.txt b/Documentation/config.txt index 0e871346a..ff1d4a76c 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -1830,12 +1830,13 @@ gpg.program:: gpg.format:: Specifies which key format to use when signing with `--gpg-sign`. - Default is "openpgp", that is also the only supported value. + Default is "openpgp" and another possible value is "x509". gpg.<format>.program:: Use this to customize the program used for the signing format you chose. (see `gpg.program` and `gpg.format`) `gpg.program` can still - be used as a legacy synonym for `gpg.openpgp.program`. + be used as a legacy synonym for `gpg.openpgp.program`. The default + value for `gpg.x509.program` is "gpgsm". gui.commitMsgWidth:: Defines how wide the commit message window is in the diff --git a/gpg-interface.c b/gpg-interface.c index a158f08c1..bb8ea668b 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -24,11 +24,23 @@ static const char *openpgp_sigs[] = { NULL }; +static const char *x509_verify_args[] = { + NULL +}; +static const char *x509_sigs[] = { + "-----BEGIN SIGNED MESSAGE-----", + NULL +}; + static struct gpg_format gpg_format[] = { { .name = "openpgp", .program = "gpg", .verify_args = openpgp_verify_args, .sigs = openpgp_sigs }, + { .name = "x509", .program = "gpgsm", + .verify_args = x509_verify_args, + .sigs = x509_sigs + }, }; static struct gpg_format *use_format = &gpg_format[0]; @@ -192,6 +204,9 @@ int git_gpg_config(const char *var, const char *value, void *cb) if (!strcmp(var, "gpg.program") || !strcmp(var, "gpg.openpgp.program")) fmtname = "openpgp"; + if (!strcmp(var, "gpg.x509.program")) + fmtname = "x509"; + if (fmtname) { fmt = get_format_by_name(fmtname); return git_config_string(&fmt->program, var, value); -- 2.16.4