From be3c5e44bcaa49c101dfedf195fdbd10f1b9414b2a5f1261d65ac8f546bc2d4b Mon Sep 17 00:00:00 2001 From: Nicholas Johnson Date: Sun, 13 Mar 2022 00:00:00 +0000 Subject: Initial commit --- git-signify | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 git-signify diff --git a/git-signify b/git-signify new file mode 100644 index 0000000..faaebf3 --- /dev/null +++ b/git-signify @@ -0,0 +1,69 @@ +#!/bin/sh +# git-signify [GIT COMMAND] - use git with signify(1) +# +# First, you need to set the signing key for the repo, e.g. +# git config --local user.signingKey ~/.signify/cwm +# This will use cwm.sec and cwm.pub. +# +# Then you can use +# gpg signify commit -S +# gpg signify verify-commit +# +# gpg signify tag -s +# gpg signify verify-tag +# +# You also can set this script as "gpg.program" to use signify +# automatically. +# +# To the extent possible under law, Leah Neukirchen has waived +# all copyright and related or neighboring rights to this work. +# http://creativecommons.org/publicdomain/zero/1.0/ + +getkey() { + key=$(git config user.signingKey) + if [ -z "$key" ]; then + echo "git-signify: no user.signingKey defined!" 1>&2 + exit 7 + fi +} + +while :; do +case "$1" in +-bsau) + getkey + echo "-----BEGIN PGP SIGNATURE----- (really git-signify)" + { + signify -S -s "$key.sec" -m - -x - + if [ $? -eq 0 ] && [ -n "$statusfd" ]; then + printf '\n[GNUPG:] SIG_CREATED ' >/dev/fd/$statusfd + fi + } | sed "s/: .*/: verify with git-signify and ${key##*/}.pub/" + echo "-----END PGP SIGNATURE-----" + exit 0 + ;; +--verify) + getkey + sed -i '/-----.* PGP SIGNATURE-----/d' "$2" + if signify -V -p "$key.pub" -m - -x "$2" 1>&2; then + echo "[GNUPG:] GOODSIG " + exit 0 + else + r=$? + echo "[GNUPG:] BADSIG " + exit $r + fi + ;; +--status-fd=*) + statusfd=${1#--status-fd=} + shift + ;; +--*) + # ignore all other arguments + shift + ;; +*) + exec git -c "gpg.program=$0" "$@" + ;; +esac +done + -- cgit v1.2.3