summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNicholas Johnson <nick@nicksphere.ch>2022-03-13 00:00:00 +0000
committerNicholas Johnson <nick@nicksphere.ch>2022-03-13 00:00:00 +0000
commitbe3c5e44bcaa49c101dfedf195fdbd10f1b9414b2a5f1261d65ac8f546bc2d4b (patch)
treeda365d3c10a5deae4f5be6985949c10ea7e644f0b4faf8c4490ef21479b4eb68
downloadgit-signify-be3c5e44bcaa49c101dfedf195fdbd10f1b9414b2a5f1261d65ac8f546bc2d4b.tar.gz
git-signify-be3c5e44bcaa49c101dfedf195fdbd10f1b9414b2a5f1261d65ac8f546bc2d4b.zip
Initial commit
-rw-r--r--git-signify69
1 files changed, 69 insertions, 0 deletions
diff --git a/git-signify b/git-signify
new file mode 100644
index 0000000..faaebf3
--- /dev/null
+++ b/git-signify
@@ -0,0 +1,69 @@
+#!/bin/sh
+# git-signify [GIT COMMAND] - use git with signify(1)
+#
+# First, you need to set the signing key for the repo, e.g.
+# git config --local user.signingKey ~/.signify/cwm
+# This will use cwm.sec and cwm.pub.
+#
+# Then you can use
+# gpg signify commit -S
+# gpg signify verify-commit
+#
+# gpg signify tag -s
+# gpg signify verify-tag
+#
+# You also can set this script as "gpg.program" to use signify
+# automatically.
+#
+# To the extent possible under law, Leah Neukirchen has waived
+# all copyright and related or neighboring rights to this work.
+# http://creativecommons.org/publicdomain/zero/1.0/
+
+getkey() {
+ key=$(git config user.signingKey)
+ if [ -z "$key" ]; then
+ echo "git-signify: no user.signingKey defined!" 1>&2
+ exit 7
+ fi
+}
+
+while :; do
+case "$1" in
+-bsau)
+ getkey
+ echo "-----BEGIN PGP SIGNATURE----- (really git-signify)"
+ {
+ signify -S -s "$key.sec" -m - -x -
+ if [ $? -eq 0 ] && [ -n "$statusfd" ]; then
+ printf '\n[GNUPG:] SIG_CREATED ' >/dev/fd/$statusfd
+ fi
+ } | sed "s/: .*/: verify with git-signify and ${key##*/}.pub/"
+ echo "-----END PGP SIGNATURE-----"
+ exit 0
+ ;;
+--verify)
+ getkey
+ sed -i '/-----.* PGP SIGNATURE-----/d' "$2"
+ if signify -V -p "$key.pub" -m - -x "$2" 1>&2; then
+ echo "[GNUPG:] GOODSIG "
+ exit 0
+ else
+ r=$?
+ echo "[GNUPG:] BADSIG "
+ exit $r
+ fi
+ ;;
+--status-fd=*)
+ statusfd=${1#--status-fd=}
+ shift
+ ;;
+--*)
+ # ignore all other arguments
+ shift
+ ;;
+*)
+ exec git -c "gpg.program=$0" "$@"
+ ;;
+esac
+done
+