brz-git

Merge lp:~jelmer/brz-git/gpg-signatures into lp:brz-git

  1. gpg-signatures
  2. Merge into trunk
Proposed by Jelmer Vernooij
Status: Merged
Approved by: Jelmer Vernooij
Approved revision: 1848
Merge reported by: The Breezy Bot
Merged at revision: not available
Proposed branch: lp:~jelmer/brz-git/gpg-signatures
Merge into: lp:brz-git
Diff against target: 122 lines (+67/-2)
3 files modified
commit.py (+5/-0)
repository.py (+39/-2)
tests/test_repository.py (+23/-0)
To merge this branch: bzr merge lp:~jelmer/brz-git/gpg-signatures
Reviewer Review Type Date Requested Status
Jelmer Vernooij Approve
Review via email: mp+341288@code.launchpad.net

Description of the change

Add support for signing commits.

This depends on lp:~jelmer/brz/gpg-detached-sign

To post a comment you must log in.
lp:~jelmer/brz-git/gpg-signatures updated
1845. By Jelmer Vernooij

Support verifying signatures.

1846. By Jelmer Vernooij

use new API.

Revision history for this message
Jelmer Vernooij (jelmer) :
review: Approve
lp:~jelmer/brz-git/gpg-signatures updated
1847. By Jelmer Vernooij

Merge trunk.

1848. By Jelmer Vernooij

Merge lp:~jelmer/brz-git/gpg-signatures.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'commit.py'
--- commit.py 2018-03-17 19:20:55 +0000
+++ commit.py 2018-03-17 23:04:35 +0000
@@ -29,6 +29,8 @@
29 entry_factory,29 entry_factory,
30 )30 )
31from ... import (31from ... import (
32 config as _mod_config,
33 gpg,
32 osutils,34 osutils,
33 revision as _mod_revision,35 revision as _mod_revision,
34 )36 )
@@ -229,6 +231,9 @@
229 c.commit_timezone = self._timezone231 c.commit_timezone = self._timezone
230 c.author_timezone = self._timezone232 c.author_timezone = self._timezone
231 c.message = message.encode(c.encoding)233 c.message = message.encode(c.encoding)
234 if self._config_stack.get('create_signatures') == _mod_config.SIGN_ALWAYS:
235 strategy = gpg.GPGStrategy(self._config_stack)
236 c.gpgsig = strategy.sign(c.as_raw_string(), gpg.MODE_DETACH)
232 self.store.add_object(c)237 self.store.add_object(c)
233 self.repository.commit_write_group()238 self.repository.commit_write_group()
234 self._new_revision_id = self._mapping.revision_id_foreign_to_bzr(c.id)239 self._new_revision_id = self._mapping.revision_id_foreign_to_bzr(c.id)
235240
=== modified file 'repository.py'
--- repository.py 2018-03-17 19:20:55 +0000
+++ repository.py 2018-03-17 23:04:35 +0000
@@ -408,7 +408,14 @@
408 return _mod_graph.KnownGraph(parent_map)408 return _mod_graph.KnownGraph(parent_map)
409409
410 def get_signature_text(self, revision_id):410 def get_signature_text(self, revision_id):
411 raise errors.NoSuchRevision(self, revision_id)411 git_commit_id, mapping = self.lookup_bzr_revision_id(revision_id)
412 try:
413 commit = self._git.object_store[git_commit_id]
414 except KeyError:
415 raise errors.NoSuchRevision(self, revision_id)
416 if commit.gpgsig is None:
417 raise errors.NoSuchRevision(self, revision_id)
418 return commit.gpgsig
412419
413 def check(self, revision_ids=None, callback_refs=None, check_repo=True):420 def check(self, revision_ids=None, callback_refs=None, check_repo=True):
414 result = GitCheck(self, check_repo=check_repo)421 result = GitCheck(self, check_repo=check_repo)
@@ -448,7 +455,37 @@
448455
449 This is never the case for Git repositories.456 This is never the case for Git repositories.
450 """457 """
451 return False458 try:
459 self.get_signature_text(revision_id)
460 except errors.NoSuchRevision:
461 return False
462 else:
463 return True
464
465 def verify_revision_signature(self, revision_id, gpg_strategy):
466 """Verify the signature on a revision.
467
468 :param revision_id: the revision to verify
469 :gpg_strategy: the GPGStrategy object to used
470
471 :return: gpg.SIGNATURE_VALID or a failed SIGNATURE_ value
472 """
473 from breezy import gpg
474 with self.lock_read():
475 git_commit_id, mapping = self.lookup_bzr_revision_id(revision_id)
476 try:
477 commit = self._git.object_store[git_commit_id]
478 except KeyError:
479 raise errors.NoSuchRevision(self, revision_id)
480
481 if commit.gpgsig is None:
482 return gpg.SIGNATURE_NOT_SIGNED, None
483
484 without_sig = Commit.from_string(commit.as_raw_string())
485 without_sig.gpgsig = None
486
487 (result, key, plain_text) = gpg_strategy.verify(without_sig.as_raw_string(), commit.gpgsig)
488 return (result, key)
452489
453 def lookup_bzr_revision_id(self, bzr_revid, mapping=None):490 def lookup_bzr_revision_id(self, bzr_revid, mapping=None):
454 """Lookup a bzr revision id in a Git repository.491 """Lookup a bzr revision id in a Git repository.
455492
=== modified file 'tests/test_repository.py'
--- tests/test_repository.py 2018-03-17 17:34:12 +0000
+++ tests/test_repository.py 2018-03-17 23:04:35 +0000
@@ -26,6 +26,7 @@
26import os26import os
2727
28from .... import (28from .... import (
29 config,
29 errors,30 errors,
30 revision,31 revision,
31 )32 )
@@ -192,6 +193,28 @@
192 self.git_repo.get_parent_map([revision.NULL_REVISION]))193 self.git_repo.get_parent_map([revision.NULL_REVISION]))
193194
194195
196class SigningGitRepository(tests.TestCaseWithTransport):
197
198 def test_signed_commit(self):
199 import breezy.gpg
200 oldstrategy = breezy.gpg.GPGStrategy
201 wt = self.make_branch_and_tree('.', format='git')
202 branch = wt.branch
203 revid = wt.commit("base", allow_pointless=True)
204 self.assertFalse(branch.repository.has_signature_for_revision_id(revid))
205 try:
206 breezy.gpg.GPGStrategy = breezy.gpg.LoopbackGPGStrategy
207 conf = config.MemoryStack('''
208create_signatures=always
209''')
210 revid2 = wt.commit(config=conf, message="base", allow_pointless=True)
211 def sign(text):
212 return breezy.gpg.LoopbackGPGStrategy(None).sign(text)
213 self.assertIsInstance(branch.repository.get_signature_text(revid2), str)
214 finally:
215 breezy.gpg.GPGStrategy = oldstrategy
216
217
195class GitRepositoryFormat(tests.TestCase):218class GitRepositoryFormat(tests.TestCase):
196219
197 def setUp(self):220 def setUp(self):

Subscribers

People subscribed via source and target branches

to all changes: