[4/5] Signing API: Removed old gpg interface and gpg mentions in code
diff mbox series

Message ID jmdChj8zFlWgVBVPoZ6H2WQTHMdc8JO3L7Mfy_B6WjyehHOhLx2AfIiXg2K5m60QC9La0_G5zqk48sv4ko9nh2emVVwFRWp_-qIThwxK_JM=@pm.me
State New
Headers show
Series
  • New signing interface API with pluggable drivers
Related show

Commit Message

Ibrahim El Aug. 26, 2019, 7:58 p.m. UTC
From: Ibrahim El Rhezzali <ibrahim.el@pm.me>

8a89a97d4 Removed old gpg interface and gpg mentions in code

Removing old GPG interface and updating the code to remove gpg mentions and make it transparent the signign tool that is used

Signed-off-by: Ibrahim El <ibrahim.el@pm.me>
---
 Makefile                           |   1 -
 builtin/am.c                       |   8 +-
 builtin/commit-tree.c              |   2 +-
 builtin/commit.c                   |   8 +-
 builtin/fmt-merge-msg.c            |   2 +-
 builtin/merge.c                    |   6 +-
 builtin/pull.c                     |  16 +-
 builtin/push.c                     |   2 +-
 builtin/rebase.c                   |  60 +++---
 builtin/receive-pack.c             |   2 +-
 builtin/replace.c                  |   2 +-
 builtin/revert.c                   |   6 +-
 builtin/send-pack.c                |   2 +-
 builtin/tag.c                      |   4 +-
 builtin/verify-commit.c            |   8 +-
 builtin/verify-tag.c               |   4 +-
 commit.c                           |  26 +--
 commit.h                           |   2 +-
 gpg-interface.c                    | 381 -------------------------------------
 gpg-interface.h                    |  70 -------
 log-tree.c                         |  18 +-
 sequencer.c                        |  56 +++---
 sequencer.h                        |   2 +-
 t/t5573-pull-verify-signatures.sh  |  10 +-
 t/t7612-merge-verify-signatures.sh |  18 +-
 tag.c                              |   6 +-
 tag.h                              |   2 +-
 27 files changed, 136 insertions(+), 588 deletions(-)
 delete mode 100644 gpg-interface.c
 delete mode 100644 gpg-interface.h

Patch
diff mbox series

diff --git a/Makefile b/Makefile
index 244540e8d..cc7344ca3 100644
--- a/Makefile
+++ b/Makefile
@@ -885,7 +885,6 @@  LIB_OBJS += fetch-pack.o
 LIB_OBJS += fsck.o
 LIB_OBJS += fsmonitor.o
 LIB_OBJS += gettext.o
-LIB_OBJS += gpg-interface.o
 LIB_OBJS += graph.o
 LIB_OBJS += grep.o
 LIB_OBJS += hashmap.o
diff --git a/builtin/am.c b/builtin/am.c
index a76efdd5d..55066bf64 100644
--- a/builtin/am.c
+++ b/builtin/am.c
@@ -127,7 +127,7 @@  struct am_state {
  */
 static void am_state_init(struct am_state *state)
 {
-	int gpgsign;
+	int sign_config;
 
 	memset(state, 0, sizeof(*state));
 
@@ -145,8 +145,8 @@  static void am_state_init(struct am_state *state)
 
 	argv_array_init(&state->git_apply_opts);
 
-	if (!git_config_get_bool("commit.gpgsign", &gpgsign))
-		state->sign_commit = gpgsign ? "" : NULL;
+	if (!git_config_get_bool("commit.gpgsign", &sign_config) || !git_config_get_bool("commit.sign", &sign_config))
+		state->sign_commit = sign_config ? "" : NULL;
 }
 
 /**
@@ -2251,7 +2251,7 @@  int cmd_am(int argc, const char **argv, const char *prefix)
 			N_("use current timestamp for author date")),
 		OPT_RERERE_AUTOUPDATE(&state.allow_rerere_autoupdate),
 		{ OPTION_STRING, 'S', "gpg-sign", &state.sign_commit, N_("key-id"),
-		  N_("GPG-sign commits"),
+		  N_("sign commits"),
 		  PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
 		OPT_HIDDEN_BOOL(0, "rebasing", &state.rebasing,
 			N_("(internal use for git-rebase)")),
diff --git a/builtin/commit-tree.c b/builtin/commit-tree.c
index 06bc5016d..7e5e5f821 100644
--- a/builtin/commit-tree.c
+++ b/builtin/commit-tree.c
@@ -118,7 +118,7 @@  int cmd_commit_tree(int argc, const char **argv, const char *prefix)
 			N_("read commit log message from file"), PARSE_OPT_NONEG,
 			parse_file_arg_callback },
 		{ OPTION_STRING, 'S', "gpg-sign", &sign_commit, N_("key-id"),
-			N_("GPG sign commit"), PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
+			N_("sign commit"), PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
 		OPT_END()
 	};
 
diff --git a/builtin/commit.c b/builtin/commit.c
index 3b446a029..3c8346b4f 100644
--- a/builtin/commit.c
+++ b/builtin/commit.c
@@ -1427,7 +1427,7 @@  static int git_commit_config(const char *k, const char *v, void *cb)
 	}
 	if (!strcmp(k, "commit.cleanup"))
 		return git_config_string(&cleanup_arg, k, v);
-	if (!strcmp(k, "commit.gpgsign")) {
+	if (!strcmp(k, "commit.gpgsign") || !strcmp(k, "commit.sign")) {
 		sign_commit = git_config_bool(k, v) ? "" : NULL;
 		return 0;
 	}
@@ -1489,7 +1489,7 @@  int cmd_commit(int argc, const char **argv, const char *prefix)
 		OPT_CLEANUP(&cleanup_arg),
 		OPT_BOOL(0, "status", &include_status, N_("include status in commit message template")),
 		{ OPTION_STRING, 'S', "gpg-sign", &sign_commit, N_("key-id"),
-		  N_("GPG sign commit"), PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
+		  N_("sign commit"), PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
 		/* end commit message options */
 
 		OPT_GROUP(N_("Commit contents options")),
@@ -1636,8 +1636,8 @@  int cmd_commit(int argc, const char **argv, const char *prefix)
 	}
 
 	if (amend) {
-		const char *exclude_gpgsig[2] = { "gpgsig", NULL };
-		extra = read_commit_extra_headers(current_head, exclude_gpgsig);
+		const char *exclude_sig[2] = { "gpgsig", NULL };
+		extra = read_commit_extra_headers(current_head, exclude_sig);
 	} else {
 		struct commit_extra_header **tail = &extra;
 		append_merge_tag_headers(parents, &tail);
diff --git a/builtin/fmt-merge-msg.c b/builtin/fmt-merge-msg.c
index 2dd0e9367..6ddf285b5 100644
--- a/builtin/fmt-merge-msg.c
+++ b/builtin/fmt-merge-msg.c
@@ -505,7 +505,7 @@  static void fmt_merge_msg_sigs(struct strbuf *out)
 			; /* merely annotated */
 		else if (verify_signed_buffer(buf, len, buf + len, size - len, &sig, NULL)) {
 			if (!sig.len)
-				strbuf_addstr(&sig, "gpg verification failed.\n");
+				strbuf_addstr(&sig, "sig verification failed.\n");
 		}
 
 		if (!tag_number++) {
diff --git a/builtin/merge.c b/builtin/merge.c
index 67a0bcb35..c9b95b98e 100644
--- a/builtin/merge.c
+++ b/builtin/merge.c
@@ -262,7 +262,7 @@  static struct option builtin_merge_options[] = {
 		      FF_ONLY, PARSE_OPT_NONEG),
 	OPT_RERERE_AUTOUPDATE(&allow_rerere_auto),
 	OPT_BOOL(0, "verify-signatures", &verify_signatures,
-		N_("verify that the named commit has a valid GPG signature")),
+		N_("verify that the named commit has a valid signature")),
 	OPT_CALLBACK('s', "strategy", &use_strategies, N_("strategy"),
 		N_("merge strategy to use"), option_parse_strategy),
 	OPT_CALLBACK('X', "strategy-option", &xopts, N_("option=value"),
@@ -284,7 +284,7 @@  static struct option builtin_merge_options[] = {
 		 N_("allow merging unrelated histories")),
 	OPT_SET_INT(0, "progress", &show_progress, N_("force progress reporting"), 1),
 	{ OPTION_STRING, 'S', "gpg-sign", &sign_commit, N_("key-id"),
-	  N_("GPG sign commit"), PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
+	  N_("Sign commit"), PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
 	OPT_BOOL(0, "overwrite-ignore", &overwrite_ignore, N_("update ignored files (default)")),
 	OPT_BOOL(0, "signoff", &signoff, N_("add Signed-off-by:")),
 	OPT_BOOL(0, "verify", &verify_msg, N_("verify commit-msg hook")),
@@ -628,7 +628,7 @@  static int git_merge_config(const char *k, const char *v, void *cb)
 	} else if (!strcmp(k, "merge.defaulttoupstream")) {
 		default_to_upstream = git_config_bool(k, v);
 		return 0;
-	} else if (!strcmp(k, "commit.gpgsign")) {
+	} else if (!strcmp(k, "commit.gpgsign") || !strcmp(k, "commit.sign")) {
 		sign_commit = git_config_bool(k, v) ? "" : NULL;
 		return 0;
 	}
diff --git a/builtin/pull.c b/builtin/pull.c
index 9dd32a115..b60646b70 100644
--- a/builtin/pull.c
+++ b/builtin/pull.c
@@ -109,7 +109,7 @@  static int opt_autostash = -1;
 static int config_autostash;
 static struct argv_array opt_strategies = ARGV_ARRAY_INIT;
 static struct argv_array opt_strategy_opts = ARGV_ARRAY_INIT;
-static char *opt_gpg_sign;
+static char *opt_sign;
 static int opt_allow_unrelated_histories;
 
 /* Options passed to git-fetch */
@@ -178,7 +178,7 @@  static struct option pull_options[] = {
 		N_("abort if fast-forward is not possible"),
 		PARSE_OPT_NOARG | PARSE_OPT_NONEG),
 	OPT_PASSTHRU(0, "verify-signatures", &opt_verify_signatures, NULL,
-		N_("verify that the named commit has a valid GPG signature"),
+		N_("verify that the named commit has a valid signature"),
 		PARSE_OPT_NOARG),
 	OPT_BOOL(0, "autostash", &opt_autostash,
 		N_("automatically stash/stash pop before and after rebase")),
@@ -189,8 +189,8 @@  static struct option pull_options[] = {
 		N_("option=value"),
 		N_("option for selected merge strategy"),
 		0),
-	OPT_PASSTHRU('S', "gpg-sign", &opt_gpg_sign, N_("key-id"),
-		N_("GPG sign commit"),
+	OPT_PASSTHRU('S', "gpg-sign", &opt_sign, N_("key-id"),
+		N_("Sign commit"),
 		PARSE_OPT_OPTARG),
 	OPT_SET_INT(0, "allow-unrelated-histories",
 		    &opt_allow_unrelated_histories,
@@ -656,8 +656,8 @@  static int run_merge(void)
 		argv_array_push(&args, opt_verify_signatures);
 	argv_array_pushv(&args, opt_strategies.argv);
 	argv_array_pushv(&args, opt_strategy_opts.argv);
-	if (opt_gpg_sign)
-		argv_array_push(&args, opt_gpg_sign);
+	if (opt_sign)
+		argv_array_push(&args, opt_sign);
 	if (opt_allow_unrelated_histories > 0)
 		argv_array_push(&args, "--allow-unrelated-histories");
 
@@ -843,8 +843,8 @@  static int run_rebase(const struct object_id *curr_head,
 		argv_array_push(&args, opt_diffstat);
 	argv_array_pushv(&args, opt_strategies.argv);
 	argv_array_pushv(&args, opt_strategy_opts.argv);
-	if (opt_gpg_sign)
-		argv_array_push(&args, opt_gpg_sign);
+	if (opt_sign)
+		argv_array_push(&args, opt_sign);
 	if (opt_autostash == 0)
 		argv_array_push(&args, "--no-autostash");
 	else if (opt_autostash == 1)
diff --git a/builtin/push.c b/builtin/push.c
index 74a6758cd..f0d4f7545 100644
--- a/builtin/push.c
+++ b/builtin/push.c
@@ -580,7 +580,7 @@  int cmd_push(int argc, const char **argv, const char *prefix)
 		OPT_BIT(0, "follow-tags", &flags, N_("push missing but relevant tags"),
 			TRANSPORT_PUSH_FOLLOW_TAGS),
 		{ OPTION_CALLBACK,
-		  0, "signed", &push_cert, "(yes|no|if-asked)", N_("GPG sign the push"),
+		  0, "signed", &push_cert, "(yes|no|if-asked)", N_("sign the push"),
 		  PARSE_OPT_OPTARG, option_parse_push_signed },
 		OPT_BIT(0, "atomic", &flags, N_("request atomic transaction on remote side"), TRANSPORT_PUSH_ATOMIC),
 		OPT_STRING_LIST('o', "push-option", &push_options_cmdline, N_("server-specific"), N_("option to transmit")),
diff --git a/builtin/rebase.c b/builtin/rebase.c
index b8116db48..b63ce94d8 100644
--- a/builtin/rebase.c
+++ b/builtin/rebase.c
@@ -79,7 +79,7 @@  struct rebase_options {
 	int allow_rerere_autoupdate;
 	int keep_empty;
 	int autosquash;
-	char *gpg_sign_opt;
+	char *sign_opt;
 	int autostash;
 	char *cmd;
 	int allow_empty_message;
@@ -112,7 +112,7 @@  static struct replay_opts get_replay_opts(const struct rebase_options *opts)
 	replay.allow_empty_message = opts->allow_empty_message;
 	replay.verbose = opts->flags & REBASE_VERBOSE;
 	replay.reschedule_failed_exec = opts->reschedule_failed_exec;
-	replay.gpg_sign = xstrdup_or_null(opts->gpg_sign_opt);
+	replay.sign = xstrdup_or_null(opts->sign_opt);
 	replay.strategy = opts->strategy;
 	if (opts->strategy_opts)
 		parse_strategy_opts(&replay, opts->strategy_opts);
@@ -486,8 +486,8 @@  int cmd_rebase__interactive(int argc, const char **argv, const char *prefix)
 		  N_("the upstream commit"), PARSE_OPT_NONEG, parse_opt_commit,
 		  0 },
 		OPT_STRING(0, "head-name", &opts.head_name, N_("head-name"), N_("head name")),
-		{ OPTION_STRING, 'S', "gpg-sign", &opts.gpg_sign_opt, N_("key-id"),
-			N_("GPG-sign commits"),
+		{ OPTION_STRING, 'S', "gpg-sign", &opts.sign_opt, N_("key-id"),
+			N_("sign commits"),
 			PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
 		OPT_STRING(0, "strategy", &opts.strategy, N_("strategy"),
 			   N_("rebase strategy")),
@@ -627,13 +627,13 @@  static int read_basic_state(struct rebase_options *opts)
 				  "'%s'"), buf.buf);
 	}
 
-	if (file_exists(state_dir_path("gpg_sign_opt", opts))) {
+	if (file_exists(state_dir_path("sign_opt", opts))) {
 		strbuf_reset(&buf);
-		if (read_one(state_dir_path("gpg_sign_opt", opts),
+		if (read_one(state_dir_path("sign_opt", opts),
 			    &buf))
 			return -1;
-		free(opts->gpg_sign_opt);
-		opts->gpg_sign_opt = xstrdup(buf.buf);
+		free(opts->sign_opt);
+		opts->sign_opt = xstrdup(buf.buf);
 	}
 
 	if (file_exists(state_dir_path("strategy", opts))) {
@@ -680,9 +680,9 @@  static int rebase_write_basic_state(struct rebase_options *opts)
 			   "-%s-rerere-autoupdate",
 			   opts->allow_rerere_autoupdate == RERERE_AUTOUPDATE ?
 				"" : "-no");
-	if (opts->gpg_sign_opt)
-		write_file(state_dir_path("gpg_sign_opt", opts), "%s",
-			   opts->gpg_sign_opt);
+	if (opts->sign_opt)
+		write_file(state_dir_path("sign_opt", opts), "%s",
+			   opts->sign_opt);
 	if (opts->signoff)
 		write_file(state_dir_path("strategy", opts), "--signoff");
 
@@ -957,8 +957,8 @@  static int run_am(struct rebase_options *opts)
 	if (opts->action && !strcmp("continue", opts->action)) {
 		argv_array_push(&am.args, "--resolved");
 		argv_array_pushf(&am.args, "--resolvemsg=%s", resolvemsg);
-		if (opts->gpg_sign_opt)
-			argv_array_push(&am.args, opts->gpg_sign_opt);
+		if (opts->sign_opt)
+			argv_array_push(&am.args, opts->sign_opt);
 		status = run_command(&am);
 		if (status)
 			return status;
@@ -1047,8 +1047,8 @@  static int run_am(struct rebase_options *opts)
 		argv_array_push(&am.args, "--rerere-autoupdate");
 	else if (opts->allow_rerere_autoupdate == RERERE_NOAUTOUPDATE)
 		argv_array_push(&am.args, "--no-rerere-autoupdate");
-	if (opts->gpg_sign_opt)
-		argv_array_push(&am.args, opts->gpg_sign_opt);
+	if (opts->sign_opt)
+		argv_array_push(&am.args, opts->sign_opt);
 	status = run_command(&am);
 	unlink(rebased_patches);
 	free(rebased_patches);
@@ -1077,11 +1077,11 @@  static int run_specific_rebase(struct rebase_options *opts, enum action action)
 			setenv("GIT_SEQUENCE_EDITOR", ":", 1);
 			opts->autosquash = 0;
 		}
-		if (opts->gpg_sign_opt) {
+		if (opts->sign_opt) {
 			/* remove the leading "-S" */
-			char *tmp = xstrdup(opts->gpg_sign_opt + 2);
-			free(opts->gpg_sign_opt);
-			opts->gpg_sign_opt = tmp;
+			char *tmp = xstrdup(opts->sign_opt + 2);
+			free(opts->sign_opt);
+			opts->sign_opt = tmp;
 		}
 
 		status = run_rebase_interactive(opts, action);
@@ -1129,7 +1129,7 @@  static int run_specific_rebase(struct rebase_options *opts, enum action action)
 			"--rerere-autoupdate" : "--no-rerere-autoupdate" : "");
 	add_var(&script_snippet, "keep_empty", opts->keep_empty ? "yes" : "");
 	add_var(&script_snippet, "autosquash", opts->autosquash ? "t" : "");
-	add_var(&script_snippet, "gpg_sign_opt", opts->gpg_sign_opt);
+	add_var(&script_snippet, "sign_opt", opts->sign_opt);
 	add_var(&script_snippet, "cmd", opts->cmd);
 	add_var(&script_snippet, "allow_empty_message",
 		opts->allow_empty_message ?  "--allow-empty-message" : "");
@@ -1207,9 +1207,9 @@  static int rebase_config(const char *var, const char *value, void *data)
 		return 0;
 	}
 
-	if (!strcmp(var, "commit.gpgsign")) {
-		free(opts->gpg_sign_opt);
-		opts->gpg_sign_opt = git_config_bool(var, value) ?
+	if (!strcmp(var, "commit.gpgsign") || !strcmp(var, "commit.sign")) {
+		free(opts->sign_opt);
+		opts->sign_opt = git_config_bool(var, value) ?
 			xstrdup("-S") : NULL;
 		return 0;
 	}
@@ -1372,7 +1372,7 @@  int cmd_rebase(int argc, const char **argv, const char *prefix)
 	struct strbuf buf = STRBUF_INIT;
 	struct object_id merge_base;
 	enum action action = ACTION_NONE;
-	const char *gpg_sign = NULL;
+	const char *sign = NULL;
 	struct string_list exec = STRING_LIST_INIT_NODUP;
 	const char *rebase_merges = NULL;
 	int fork_point = -1;
@@ -1445,8 +1445,8 @@  int cmd_rebase(int argc, const char **argv, const char *prefix)
 		OPT_BOOL(0, "autosquash", &options.autosquash,
 			 N_("move commits that begin with "
 			    "squash!/fixup! under -i")),
-		{ OPTION_STRING, 'S', "gpg-sign", &gpg_sign, N_("key-id"),
-			N_("GPG-sign commits"),
+		{ OPTION_STRING, 'S', "gpg-sign", &sign, N_("key-id"),
+			N_("sign commits"),
 			PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
 		OPT_BOOL(0, "autostash", &options.autostash,
 			 N_("automatically stash/stash pop before and after")),
@@ -1695,9 +1695,9 @@  int cmd_rebase(int argc, const char **argv, const char *prefix)
 	if (options.keep_empty)
 		imply_interactive(&options, "--keep-empty");
 
-	if (gpg_sign) {
-		free(options.gpg_sign_opt);
-		options.gpg_sign_opt = xstrfmt("-S%s", gpg_sign);
+	if (sign) {
+		free(options.sign_opt);
+		options.sign_opt = xstrfmt("-S%s", sign);
 	}
 
 	if (exec.nr) {
@@ -2143,7 +2143,7 @@  int cmd_rebase(int argc, const char **argv, const char *prefix)
 cleanup:
 	strbuf_release(&revisions);
 	free(options.head_name);
-	free(options.gpg_sign_opt);
+	free(options.sign_opt);
 	free(options.cmd);
 	free(squash_onto_name);
 	return ret;
diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c
index 1a90dea5a..11b4ba4e9 100644
--- a/builtin/receive-pack.c
+++ b/builtin/receive-pack.c
@@ -630,7 +630,7 @@  static void prepare_push_cert_sha1(struct child_process *proc)
 		return;
 
 	if (!already_done) {
-		int bogs /* beginning_of_gpg_sig */;
+		int bogs /* beginning_of_sig */;
 
 		already_done = 1;
 		if (write_object_file(push_cert.buf, push_cert.len, "blob",
diff --git a/builtin/replace.c b/builtin/replace.c
index 644b21ca8..94a56d07c 100644
--- a/builtin/replace.c
+++ b/builtin/replace.c
@@ -464,7 +464,7 @@  static int create_graft(int argc, const char **argv, int force, int gentle)
 	}
 
 	if (remove_signature(&buf)) {
-		warning(_("the original commit '%s' has a gpg signature"), old_ref);
+		warning(_("the original commit '%s' has a signature"), old_ref);
 		warning(_("the signature will be removed in the replacement commit!"));
 	}
 
diff --git a/builtin/revert.c b/builtin/revert.c
index d4dcedbdc..58c1c15a8 100644
--- a/builtin/revert.c
+++ b/builtin/revert.c
@@ -113,8 +113,8 @@  static int run_sequencer(int argc, const char **argv, struct replay_opts *opts)
 		OPT_STRING(0, "strategy", &opts->strategy, N_("strategy"), N_("merge strategy")),
 		OPT_CALLBACK('X', "strategy-option", &opts, N_("option"),
 			N_("option for merge strategy"), option_parse_x),
-		{ OPTION_STRING, 'S', "gpg-sign", &opts->gpg_sign, N_("key-id"),
-		  N_("GPG sign commit"), PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
+		{ OPTION_STRING, 'S', "gpg-sign", &opts->sign, N_("key-id"),
+		  N_("sign commit"), PARSE_OPT_OPTARG, NULL, (intptr_t) "" },
 		OPT_END()
 	};
 	struct option *options = base_options;
@@ -197,7 +197,7 @@  static int run_sequencer(int argc, const char **argv, struct replay_opts *opts)
 		usage_with_options(usage_str, options);
 
 	/* These option values will be free()d */
-	opts->gpg_sign = xstrdup_or_null(opts->gpg_sign);
+	opts->sign = xstrdup_or_null(opts->sign);
 	opts->strategy = xstrdup_or_null(opts->strategy);
 
 	if (cmd == 'q') {
diff --git a/builtin/send-pack.c b/builtin/send-pack.c
index ba21fb2df..171a5db8c 100644
--- a/builtin/send-pack.c
+++ b/builtin/send-pack.c
@@ -166,7 +166,7 @@  int cmd_send_pack(int argc, const char **argv, const char *prefix)
 		OPT_BOOL(0, "mirror", &send_mirror, N_("mirror all refs")),
 		OPT_BOOL('f', "force", &force_update, N_("force updates")),
 		{ OPTION_CALLBACK,
-		  0, "signed", &push_cert, "(yes|no|if-asked)", N_("GPG sign the push"),
+		  0, "signed", &push_cert, "(yes|no|if-asked)", N_("sign the push"),
 		  PARSE_OPT_OPTARG, option_parse_push_signed },
 		OPT_STRING_LIST(0, "push-option", &push_options,
 				N_("server-specific"),
diff --git a/builtin/tag.c b/builtin/tag.c
index a52aa54c0..7916d375e 100644
--- a/builtin/tag.c
+++ b/builtin/tag.c
@@ -116,7 +116,7 @@  static int verify_tag(const char *name, const char *ref,
 	if (format->format)
 		flags = OUTPUT_OMIT_STATUS;
 
-	if (gpg_verify_tag(oid, name, flags))
+	if (sig_verify_tag(oid, name, flags))
 		return -1;
 
 	if (format->format)
@@ -408,7 +408,7 @@  int cmd_tag(int argc, const char **argv, const char *prefix)
 		  N_("tag message"), PARSE_OPT_NONEG, parse_msg_arg },
 		OPT_FILENAME('F', "file", &msgfile, N_("read message from file")),
 		OPT_BOOL('e', "edit", &edit_flag, N_("force edit of tag message")),
-		OPT_BOOL('s', "sign", &opt.sign, N_("annotated and GPG-signed tag")),
+		OPT_BOOL('s', "sign", &opt.sign, N_("annotated and signed tag")),
 		OPT_CLEANUP(&cleanup_arg),
 		OPT_STRING('u', "local-user", &keyid, N_("key-id"),
 					N_("use another key to sign the tag")),
diff --git a/builtin/verify-commit.c b/builtin/verify-commit.c
index 0f701ee70..c1a8e1410 100644
--- a/builtin/verify-commit.c
+++ b/builtin/verify-commit.c
@@ -21,7 +21,7 @@  static const char * const verify_commit_usage[] = {
 		NULL
 };
 
-static int run_gpg_verify(struct commit *commit, unsigned flags)
+static int run_sig_verify(struct commit *commit, unsigned flags)
 {
 	struct signature signature_check;
 	int ret;
@@ -50,7 +50,7 @@  static int verify_commit(const char *name, unsigned flags)
 		return error("%s: cannot verify a non-commit object of type %s.",
 				name, type_name(obj->type));
 
-	return run_gpg_verify((struct commit *)obj, flags);
+	return run_sig_verify((struct commit *)obj, flags);
 }
 
 static int git_verify_commit_config(const char *var, const char *value, void *cb)
@@ -67,7 +67,7 @@  int cmd_verify_commit(int argc, const char **argv, const char *prefix)
 	unsigned flags = 0;
 	const struct option verify_commit_options[] = {
 		OPT__VERBOSE(&verbose, N_("print commit contents")),
-		OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), OUTPUT_RAW),
+		OPT_BIT(0, "raw", &flags, N_("print raw sig status output"), OUTPUT_RAW),
 		OPT_END()
 	};
 
@@ -82,7 +82,7 @@  int cmd_verify_commit(int argc, const char **argv, const char *prefix)
 		flags |= OUTPUT_VERBOSE;
 
 	/* sometimes the program was terminated because this signal
-	 * was received in the process of writing the gpg input: */
+	 * was received in the process of writing the sig input: */
 	signal(SIGPIPE, SIG_IGN);
 	while (i < argc)
 		if (verify_commit(argv[i++], flags))
diff --git a/builtin/verify-tag.c b/builtin/verify-tag.c
index d25f47d38..59099fd38 100644
--- a/builtin/verify-tag.c
+++ b/builtin/verify-tag.c
@@ -35,7 +35,7 @@  int cmd_verify_tag(int argc, const char **argv, const char *prefix)
 	struct ref_format format = REF_FORMAT_INIT;
 	const struct option verify_tag_options[] = {
 		OPT__VERBOSE(&verbose, N_("print tag contents")),
-		OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), OUTPUT_RAW),
+		OPT_BIT(0, "raw", &flags, N_("print raw sig status output"), OUTPUT_RAW),
 		OPT_STRING(0, "format", &format.format, N_("format"), N_("format to use for the output")),
 		OPT_END()
 	};
@@ -66,7 +66,7 @@  int cmd_verify_tag(int argc, const char **argv, const char *prefix)
 			continue;
 		}
 
-		if (gpg_verify_tag(&oid, name, flags)) {
+		if (sig_verify_tag(&oid, name, flags)) {
 			had_error = 1;
 			continue;
 		}
diff --git a/commit.c b/commit.c
index 2727c9231..ca00ded8d 100644
--- a/commit.c
+++ b/commit.c
@@ -937,8 +937,8 @@  struct commit *get_fork_point(const char *refname, struct commit *commit)
 	return ret;
 }
 
-static const char gpg_sig_header[] = "gpgsig";
-static const int gpg_sig_header_len = sizeof(gpg_sig_header) - 1;
+static const char sig_header[] = "gpgsig";
+static const int sig_header_len = sizeof(sig_header) - 1;
 
 static int do_sign_commit(struct strbuf *buf, const char *keyid)
 {
@@ -967,8 +967,8 @@  static int do_sign_commit(struct strbuf *buf, const char *keyid)
 		int len = (eol - bol) + !!*eol;
 
 		if (!copypos) {
-			strbuf_insert(buf, inspos, gpg_sig_header, gpg_sig_header_len);
-			inspos += gpg_sig_header_len;
+			strbuf_insert(buf, inspos, sig_header, sig_header_len);
+			inspos += sig_header_len;
 		}
 		strbuf_insert(buf, inspos++, " ", 1);
 		strbuf_insert(buf, inspos, bol, len);
@@ -999,9 +999,9 @@  int parse_signed_commit(const struct commit *commit,
 		next = next ? next + 1 : tail;
 		if (in_signature && line[0] == ' ')
 			sig = line + 1;
-		else if (starts_with(line, gpg_sig_header) &&
-			 line[gpg_sig_header_len] == ' ')
-			sig = line + gpg_sig_header_len + 1;
+		else if (starts_with(line, sig_header) &&
+			 line[sig_header_len] == ' ')
+			sig = line + sig_header_len + 1;
 		if (sig) {
 			strbuf_add(signature, sig, next - sig);
 			saw_signature = 1;
@@ -1033,8 +1033,8 @@  int remove_signature(struct strbuf *buf)
 
 		if (in_signature && line[0] == ' ')
 			sig_end = next;
-		else if (starts_with(line, gpg_sig_header) &&
-			 line[gpg_sig_header_len] == ' ') {
+		else if (starts_with(line, sig_header) &&
+			 line[sig_header_len] == ' ') {
 			sig_start = line;
 			sig_end = next;
 			in_signature = 1;
@@ -1126,16 +1126,16 @@  void verify_merge_signature(struct commit *commit, int verbosity)
 	case 'G':
 		break;
 	case 'U':
-		die(_("Commit %s has an untrusted GPG signature, "
+		die(_("Commit %s has an untrusted signature, "
 		      "allegedly by %s."), hex, signature_check.signer);
 	case 'B':
-		die(_("Commit %s has a bad GPG signature "
+		die(_("Commit %s has a bad signature "
 		      "allegedly by %s."), hex, signature_check.signer);
 	default: /* 'N' */
-		die(_("Commit %s does not have a GPG signature."), hex);
+		die(_("Commit %s does not have a signature."), hex);
 	}
 	if (verbosity >= 0 && signature_check.result == 'G')
-		printf(_("Commit %s has a good GPG signature by %s\n"),
+		printf(_("Commit %s has a good signature by %s\n"),
 		       hex, signature_check.signer);
 
 	signature_clear(&signature_check);
diff --git a/commit.h b/commit.h
index f5a942fc5..9316fb737 100644
--- a/commit.h
+++ b/commit.h
@@ -367,7 +367,7 @@  int remove_signature(struct strbuf *buf);
  * Check the signature of the given commit. The result of the check is stored
  * in sig->check_result, 'G' for a good signature, 'U' for a good signature
  * from an untrusted signer, 'B' for a bad signature and 'N' for no signature
- * at all.  This may allocate memory for sig->gpg_output, sig->gpg_status,
+ * at all.  This may allocate memory for sig->output, sig->status,
  * sig->signer and sig->key.
  */
 int check_commit_signature(const struct commit *commit, struct signature *sigc);
diff --git a/gpg-interface.c b/gpg-interface.c
deleted file mode 100644
index 5e7dee6fe..000000000
--- a/gpg-interface.c
+++ /dev/null
@@ -1,381 +0,0 @@ 
-#include "cache.h"
-#include "config.h"
-#include "run-command.h"
-#include "strbuf.h"
-#include "gpg-interface.h"
-#include "sigchain.h"
-#include "tempfile.h"
-
-#if 0
-static char *configured_signing_key;
-struct gpg_format {
-	const char *name;
-	const char *program;
-	const char **verify_args;
-	const char **sigs;
-};
-
-static const char *openpgp_verify_args[] = {
-	"--keyid-format=long",
-	NULL
-};
-static const char *openpgp_sigs[] = {
-	"-----BEGIN PGP SIGNATURE-----",
-	"-----BEGIN PGP MESSAGE-----",
-	NULL
-};
-
-static const char *x509_verify_args[] = {
-	NULL
-};
-static const char *x509_sigs[] = {
-	"-----BEGIN SIGNED MESSAGE-----",
-	NULL
-};
-
-static struct gpg_format gpg_format[] = {
-	{ .name = "openpgp", .program = "gpg",
-	  .verify_args = openpgp_verify_args,
-	  .sigs = openpgp_sigs
-	},
-	{ .name = "x509", .program = "gpgsm",
-	  .verify_args = x509_verify_args,
-	  .sigs = x509_sigs
-	},
-};
-
-static struct gpg_format *use_format = &gpg_format[0];
-
-static struct gpg_format *get_format_by_name(const char *str)
-{
-	int i;
-
-	for (i = 0; i < ARRAY_SIZE(gpg_format); i++)
-		if (!strcmp(gpg_format[i].name, str))
-			return gpg_format + i;
-	return NULL;
-}
-
-static struct gpg_format *get_format_by_sig(const char *sig)
-{
-	int i, j;
-
-	for (i = 0; i < ARRAY_SIZE(gpg_format); i++)
-		for (j = 0; gpg_format[i].sigs[j]; j++)
-			if (starts_with(sig, gpg_format[i].sigs[j]))
-				return gpg_format + i;
-	return NULL;
-}
-
-void signature_check_clear(struct signature_check *sigc)
-{
-	FREE_AND_NULL(sigc->payload);
-	FREE_AND_NULL(sigc->gpg_output);
-	FREE_AND_NULL(sigc->gpg_status);
-	FREE_AND_NULL(sigc->signer);
-	FREE_AND_NULL(sigc->key);
-	FREE_AND_NULL(sigc->fingerprint);
-	FREE_AND_NULL(sigc->primary_key_fingerprint);
-}
-
-/* An exclusive status -- only one of them can appear in output */
-#define GPG_STATUS_EXCLUSIVE	(1<<0)
-/* The status includes key identifier */
-#define GPG_STATUS_KEYID	(1<<1)
-/* The status includes user identifier */
-#define GPG_STATUS_UID		(1<<2)
-/* The status includes key fingerprints */
-#define GPG_STATUS_FINGERPRINT	(1<<3)
-
-/* Short-hand for standard exclusive *SIG status with keyid & UID */
-#define GPG_STATUS_STDSIG	(GPG_STATUS_EXCLUSIVE|GPG_STATUS_KEYID|GPG_STATUS_UID)
-
-static struct {
-	char result;
-	const char *check;
-	unsigned int flags;
-} sigcheck_gpg_status[] = {
-	{ 'G', "GOODSIG ", GPG_STATUS_STDSIG },
-	{ 'B', "BADSIG ", GPG_STATUS_STDSIG },
-	{ 'U', "TRUST_NEVER", 0 },
-	{ 'U', "TRUST_UNDEFINED", 0 },
-	{ 'E', "ERRSIG ", GPG_STATUS_EXCLUSIVE|GPG_STATUS_KEYID },
-	{ 'X', "EXPSIG ", GPG_STATUS_STDSIG },
-	{ 'Y', "EXPKEYSIG ", GPG_STATUS_STDSIG },
-	{ 'R', "REVKEYSIG ", GPG_STATUS_STDSIG },
-	{ 0, "VALIDSIG ", GPG_STATUS_FINGERPRINT },
-};
-
-static void parse_gpg_output(struct signature_check *sigc)
-{
-	const char *buf = sigc->gpg_status;
-	const char *line, *next;
-	int i, j;
-	int seen_exclusive_status = 0;
-
-	/* Iterate over all lines */
-	for (line = buf; *line; line = strchrnul(line+1, '\n')) {
-		while (*line == '\n')
-			line++;
-		/* Skip lines that don't start with GNUPG status */
-		if (!skip_prefix(line, "[GNUPG:] ", &line))
-			continue;
-
-		/* Iterate over all search strings */
-		for (i = 0; i < ARRAY_SIZE(sigcheck_gpg_status); i++) {
-			if (skip_prefix(line, sigcheck_gpg_status[i].check, &line)) {
-				if (sigcheck_gpg_status[i].flags & GPG_STATUS_EXCLUSIVE) {
-					if (seen_exclusive_status++)
-						goto found_duplicate_status;
-				}
-
-				if (sigcheck_gpg_status[i].result)
-					sigc->result = sigcheck_gpg_status[i].result;
-				/* Do we have key information? */
-				if (sigcheck_gpg_status[i].flags & GPG_STATUS_KEYID) {
-					next = strchrnul(line, ' ');
-					free(sigc->key);
-					sigc->key = xmemdupz(line, next - line);
-					/* Do we have signer information? */
-					if (*next && (sigcheck_gpg_status[i].flags & GPG_STATUS_UID)) {
-						line = next + 1;
-						next = strchrnul(line, '\n');
-						free(sigc->signer);
-						sigc->signer = xmemdupz(line, next - line);
-					}
-				}
-				/* Do we have fingerprint? */
-				if (sigcheck_gpg_status[i].flags & GPG_STATUS_FINGERPRINT) {
-					next = strchrnul(line, ' ');
-					free(sigc->fingerprint);
-					sigc->fingerprint = xmemdupz(line, next - line);
-
-					/* Skip interim fields */
-					for (j = 9; j > 0; j--) {
-						if (!*next)
-							break;
-						line = next + 1;
-						next = strchrnul(line, ' ');
-					}
-
-					next = strchrnul(line, '\n');
-					free(sigc->primary_key_fingerprint);
-					sigc->primary_key_fingerprint = xmemdupz(line, next - line);
-				}
-
-				break;
-			}
-		}
-	}
-	return;
-
-found_duplicate_status:
-	/*
-	 * GOODSIG, BADSIG etc. can occur only once for each signature.
-	 * Therefore, if we had more than one then we're dealing with multiple
-	 * signatures.  We don't support them currently, and they're rather
-	 * hard to create, so something is likely fishy and we should reject
-	 * them altogether.
-	 */
-	sigc->result = 'E';
-	/* Clear partial data to avoid confusion */
-	FREE_AND_NULL(sigc->primary_key_fingerprint);
-	FREE_AND_NULL(sigc->fingerprint);
-	FREE_AND_NULL(sigc->signer);
-	FREE_AND_NULL(sigc->key);
-}
-
-int check_signature(const char *payload, size_t plen, const char *signature,
-	size_t slen, struct signature_check *sigc)
-{
-	struct strbuf gpg_output = STRBUF_INIT;
-	struct strbuf gpg_status = STRBUF_INIT;
-	int status;
-
-	sigc->result = 'N';
-
-	status = verify_signed_buffer(payload, plen, signature, slen,
-				      &gpg_output, &gpg_status);
-	if (status && !gpg_output.len)
-		goto out;
-	sigc->payload = xmemdupz(payload, plen);
-	sigc->gpg_output = strbuf_detach(&gpg_output, NULL);
-	sigc->gpg_status = strbuf_detach(&gpg_status, NULL);
-	parse_gpg_output(sigc);
-	status |= sigc->result != 'G' && sigc->result != 'U';
-
- out:
-	strbuf_release(&gpg_status);
-	strbuf_release(&gpg_output);
-
-	return !!status;
-}
-
-void print_signature_buffer(const struct signature_check *sigc, unsigned flags)
-{
-	const char *output = flags & GPG_VERIFY_RAW ?
-		sigc->gpg_status : sigc->gpg_output;
-
-	if (flags & GPG_VERIFY_VERBOSE && sigc->payload)
-		fputs(sigc->payload, stdout);
-
-	if (output)
-		fputs(output, stderr);
-}
-
-size_t parse_signature(const char *buf, size_t size)
-{
-	size_t len = 0;
-	size_t match = size;
-	while (len < size) {
-		const char *eol;
-
-		if (get_format_by_sig(buf + len))
-			match = len;
-
-		eol = memchr(buf + len, '\n', size - len);
-		len += eol ? eol - (buf + len) + 1 : size - len;
-	}
-	return match;
-}
-
-void set_signing_key(const char *key)
-{
-	free(configured_signing_key);
-	configured_signing_key = xstrdup(key);
-}
-
-int git_gpg_config(const char *var, const char *value, void *cb)
-{
-	struct gpg_format *fmt = NULL;
-	char *fmtname = NULL;
-
-	if (!strcmp(var, "user.signingkey")) {
-		if (!value)
-			return config_error_nonbool(var);
-		set_signing_key(value);
-		return 0;
-	}
-
-	if (!strcmp(var, "gpg.format")) {
-		if (!value)
-			return config_error_nonbool(var);
-		fmt = get_format_by_name(value);
-		if (!fmt)
-			return error("unsupported value for %s: %s",
-				     var, value);
-		use_format = fmt;
-		return 0;
-	}
-
-	if (!strcmp(var, "gpg.program") || !strcmp(var, "gpg.openpgp.program"))
-		fmtname = "openpgp";
-
-	if (!strcmp(var, "gpg.x509.program"))
-		fmtname = "x509";
-
-	if (fmtname) {
-		fmt = get_format_by_name(fmtname);
-		return git_config_string(&fmt->program, var, value);
-	}
-
-	return 0;
-}
-
-const char *get_signing_key(void)
-{
-	if (configured_signing_key)
-		return configured_signing_key;
-	return git_committer_info(IDENT_STRICT|IDENT_NO_DATE);
-}
-
-int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key)
-{	
-	struct child_process gpg = CHILD_PROCESS_INIT;
-	int ret;
-	size_t i, j, bottom;
-	struct strbuf gpg_status = STRBUF_INIT;
-
-	argv_array_pushl(&gpg.args,
-			 use_format->program,
-			 "--status-fd=2",
-			 "-bsau", signing_key,
-			 NULL);
-
-	bottom = signature->len;
-
-	/*
-	 * When the username signingkey is bad, program could be terminated
-	 * because gpg exits without reading and then write gets SIGPIPE.
-	 */
-	sigchain_push(SIGPIPE, SIG_IGN);
-	ret = pipe_command(&gpg, buffer->buf, buffer->len,
-			   signature, 1024, &gpg_status, 0);
-	sigchain_pop(SIGPIPE);
-
-	ret |= !strstr(gpg_status.buf, "\n[GNUPG:] SIG_CREATED ");
-	strbuf_release(&gpg_status);
-	if (ret)
-		return error(_("gpg failed to sign the data"));
-
-	/* Strip CR from the line endings, in case we are on Windows. */
-	for (i = j = bottom; i < signature->len; i++)
-		if (signature->buf[i] != '\r') {
-			if (i != j)
-				signature->buf[j] = signature->buf[i];
-			j++;
-		}
-	strbuf_setlen(signature, j);
-
-	return 0;
-}
-
-int verify_signed_buffer(const char *payload, size_t payload_size,
-			 const char *signature, size_t signature_size,
-			 struct strbuf *gpg_output, struct strbuf *gpg_status)
-{
-	struct child_process gpg = CHILD_PROCESS_INIT;
-	struct gpg_format *fmt;
-	struct tempfile *temp;
-	int ret;
-	struct strbuf buf = STRBUF_INIT;
-
-	temp = mks_tempfile_t(".git_vtag_tmpXXXXXX");
-	if (!temp)
-		return error_errno(_("could not create temporary file"));
-	if (write_in_full(temp->fd, signature, signature_size) < 0 ||
-	    close_tempfile_gently(temp) < 0) {
-		error_errno(_("failed writing detached signature to '%s'"),
-			    temp->filename.buf);
-		delete_tempfile(&temp);
-		return -1;
-	}
-
-	fmt = get_format_by_sig(signature);
-	if (!fmt)
-		BUG("bad signature '%s'", signature);
-
-	argv_array_push(&gpg.args, fmt->program);
-	argv_array_pushv(&gpg.args, fmt->verify_args);
-	argv_array_pushl(&gpg.args,
-			 "--status-fd=1",
-			 "--verify", temp->filename.buf, "-",
-			 NULL);
-
-	if (!gpg_status)
-		gpg_status = &buf;
-
-	sigchain_push(SIGPIPE, SIG_IGN);
-	ret = pipe_command(&gpg, payload, payload_size,
-			   gpg_status, 0, gpg_output, 0);
-	sigchain_pop(SIGPIPE);
-
-	delete_tempfile(&temp);
-
-	ret |= !strstr(gpg_status->buf, "\n[GNUPG:] GOODSIG ");
-	strbuf_release(&buf); /* no matter it was used or not */
-
-	return ret;
-}
-
-#endif
\ No newline at end of file
diff --git a/gpg-interface.h b/gpg-interface.h
deleted file mode 100644
index c808d1685..000000000
--- a/gpg-interface.h
+++ /dev/null
@@ -1,70 +0,0 @@ 
-#ifndef GPG_INTERFACE_H
-#define GPG_INTERFACE_H
-
-#if 0
-struct strbuf;
-
-#define GPG_VERIFY_VERBOSE		1
-#define GPG_VERIFY_RAW			2
-#define GPG_VERIFY_OMIT_STATUS	4
-
-struct signature_check {
-	char *payload;
-	char *gpg_output;
-	char *gpg_status;
-
-	/*
-	 * possible "result":
-	 * 0 (not checked)
-	 * N (checked but no further result)
-	 * U (untrusted good)
-	 * G (good)
-	 * B (bad)
-	 */
-	char result;
-	char *signer;
-	char *key;
-	char *fingerprint;
-	char *primary_key_fingerprint;
-};
-
-void signature_check_clear(struct signature_check *sigc);
-
-/*
- * Look at GPG signed content (e.g. a signed tag object), whose
- * payload is followed by a detached signature on it.  Return the
- * offset where the embedded detached signature begins, or the end of
- * the data when there is no such signature.
- */
-size_t parse_signature(const char *buf, size_t size);
-
-/*
- * Create a detached signature for the contents of "buffer" and append
- * it after "signature"; "buffer" and "signature" can be the same
- * strbuf instance, which would cause the detached signature appended
- * at the end.
- */
-int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
-		const char *signing_key);
-
-/*
- * Run "gpg" to see if the payload matches the detached signature.
- * gpg_output, when set, receives the diagnostic output from GPG.
- * gpg_status, when set, receives the status output from GPG.
- */
-int verify_signed_buffer(const char *payload, size_t payload_size,
-			 const char *signature, size_t signature_size,
-			 struct strbuf *gpg_output, struct strbuf *gpg_status);
-
-int git_gpg_config(const char *, const char *, void *);
-void set_signing_key(const char *);
-const char *get_signing_key(void);
-int check_signature(const char *payload, size_t plen,
-		    const char *signature, size_t slen,
-		    struct signature_check *sigc);
-void print_signature_buffer(const struct signature_check *sigc,
-			    unsigned flags);
-
-#endif
-
-#endif
\ No newline at end of file
diff --git a/log-tree.c b/log-tree.c
index c13a7e06d..4d59d000c 100644
--- a/log-tree.c
+++ b/log-tree.c
@@ -448,7 +448,7 @@  static void show_signature(struct rev_info *opt, struct commit *commit)
 {
 	struct strbuf payload = STRBUF_INIT;
 	struct strbuf signature = STRBUF_INIT;
-	struct strbuf gpg_output = STRBUF_INIT;
+	struct strbuf sig_output = STRBUF_INIT;
 	int status;
 
 	if (parse_signed_commit(commit, &payload, &signature) <= 0)
@@ -456,14 +456,14 @@  static void show_signature(struct rev_info *opt, struct commit *commit)
 
 	status = verify_signed_buffer(payload.buf, payload.len,
 				      signature.buf, signature.len,
-				      &gpg_output, NULL);
-	if (status && !gpg_output.len)
-		strbuf_addstr(&gpg_output, "No signature\n");
+				      &sig_output, NULL);
+	if (status && !sig_output.len)
+		strbuf_addstr(&sig_output, "No signature\n");
 
-	show_sig_lines(opt, status, gpg_output.buf);
+	show_sig_lines(opt, status, sig_output.buf);
 
  out:
-	strbuf_release(&gpg_output);
+	strbuf_release(&sig_output);
 	strbuf_release(&payload);
 	strbuf_release(&signature);
 }
@@ -497,7 +497,7 @@  static int show_one_mergetag(struct commit *commit,
 	struct tag *tag;
 	struct strbuf verify_message;
 	int status, nth;
-	size_t payload_size, gpg_message_offset;
+	size_t payload_size, sig_message_offset;
 
 	hash_object_file(extra->value, extra->len, type_name(OBJ_TAG), &oid);
 	tag = lookup_tag(the_repository, &oid);
@@ -518,7 +518,7 @@  static int show_one_mergetag(struct commit *commit,
 	else
 		strbuf_addf(&verify_message,
 			    "parent #%d, tagged '%s'\n", nth + 1, tag->tag);
-	gpg_message_offset = verify_message.len;
+	sig_message_offset = verify_message.len;
 
 	payload_size = parse_signature(extra->value, extra->len);
 	status = -1;
@@ -529,7 +529,7 @@  static int show_one_mergetag(struct commit *commit,
 					  extra->len - payload_size,
 					  &verify_message, NULL))
 			status = 0; /* good */
-		else if (verify_message.len <= gpg_message_offset)
+		else if (verify_message.len <= sig_message_offset)
 			strbuf_addstr(&verify_message, "No signature\n");
 		/* otherwise we couldn't verify, which is shown as bad */
 	}
diff --git a/sequencer.c b/sequencer.c
index e3cfe40d2..95147ba82 100644
--- a/sequencer.c
+++ b/sequencer.c
@@ -147,7 +147,7 @@  static GIT_PATH_FUNC(rebase_path_refs_to_delete, "rebase-merge/refs-to-delete")
  * The following files are written by git-rebase just after parsing the
  * command-line.
  */
-static GIT_PATH_FUNC(rebase_path_gpg_sign_opt, "rebase-merge/gpg_sign_opt")
+static GIT_PATH_FUNC(rebase_path_sign_opt, "rebase-merge/sign_opt")
 static GIT_PATH_FUNC(rebase_path_orig_head, "rebase-merge/orig-head")
 static GIT_PATH_FUNC(rebase_path_verbose, "rebase-merge/verbose")
 static GIT_PATH_FUNC(rebase_path_quiet, "rebase-merge/quiet")
@@ -193,8 +193,8 @@  static int git_sequencer_config(const char *k, const char *v, void *cb)
 		return status;
 	}
 
-	if (!strcmp(k, "commit.gpgsign")) {
-		opts->gpg_sign = git_config_bool(k, v) ? xstrdup("") : NULL;
+	if (!strcmp(k, "commit.gpgsign") || !strcmp(k, "commit.sign")) {
+		opts->sign = git_config_bool(k, v) ? xstrdup("") : NULL;
 		return 0;
 	}
 
@@ -267,13 +267,13 @@  static int has_conforming_footer(struct strbuf *sb, struct strbuf *sob,
 	return 1;
 }
 
-static const char *gpg_sign_opt_quoted(struct replay_opts *opts)
+static const char *sign_opt_quoted(struct replay_opts *opts)
 {
 	static struct strbuf buf = STRBUF_INIT;
 
 	strbuf_reset(&buf);
-	if (opts->gpg_sign)
-		sq_quotef(&buf, "-S%s", opts->gpg_sign);
+	if (opts->sign)
+		sq_quotef(&buf, "-S%s", opts->sign);
 	return buf.buf;
 }
 
@@ -297,7 +297,7 @@  int sequencer_remove_state(struct replay_opts *opts)
 		}
 	}
 
-	free(opts->gpg_sign);
+	free(opts->sign);
 	free(opts->strategy);
 	for (i = 0; i < opts->xopts_nr; i++)
 		free(opts->xopts[i]);
@@ -980,7 +980,7 @@  static int run_git_commit(struct repository *r,
 		else
 			res = commit_tree(msg.buf, msg.len, cache_tree_oid,
 					  NULL, &root_commit, author,
-					  opts->gpg_sign);
+					  opts->sign);
 
 		strbuf_release(&msg);
 		strbuf_release(&script);
@@ -996,10 +996,10 @@  static int run_git_commit(struct repository *r,
 	cmd.git_cmd = 1;
 
 	if (is_rebase_i(opts) && read_env_script(&cmd.env_array)) {
-		const char *gpg_opt = gpg_sign_opt_quoted(opts);
+		const char *sig_opt = sign_opt_quoted(opts);
 
 		return error(_(staged_changes_advice),
-			     gpg_opt, gpg_opt);
+			     sig_opt, sig_opt);
 	}
 
 	argv_array_push(&cmd.args, "commit");
@@ -1008,8 +1008,8 @@  static int run_git_commit(struct repository *r,
 		argv_array_push(&cmd.args, "-n");
 	if ((flags & AMEND_MSG))
 		argv_array_push(&cmd.args, "--amend");
-	if (opts->gpg_sign)
-		argv_array_pushf(&cmd.args, "-S%s", opts->gpg_sign);
+	if (opts->sign)
+		argv_array_pushf(&cmd.args, "-S%s", opts->sign);
 	if (defmsg)
 		argv_array_pushl(&cmd.args, "-F", defmsg, NULL);
 	else if (!(flags & EDIT_MSG))
@@ -1390,7 +1390,7 @@  static int try_to_commit(struct repository *r,
 		return -1;
 
 	if (flags & AMEND_MSG) {
-		const char *exclude_gpgsig[] = { "gpgsig", NULL };
+		const char *exclude_sig[] = { "gpgsig", NULL };
 		const char *out_enc = get_commit_output_encoding();
 		const char *message = logmsg_reencode(current_head, NULL,
 						      out_enc);
@@ -1410,7 +1410,7 @@  static int try_to_commit(struct repository *r,
 			goto out;
 		}
 		parents = copy_commit_list(current_head->parents);
-		extra = read_commit_extra_headers(current_head, exclude_gpgsig);
+		extra = read_commit_extra_headers(current_head, exclude_sig);
 	} else if (current_head) {
 		commit_list_insert(current_head, &parents);
 	}
@@ -1459,7 +1459,7 @@  static int try_to_commit(struct repository *r,
 	reset_ident_date();
 
 	if (commit_tree_extended(msg->buf, msg->len, &tree, parents,
-				 oid, author, opts->gpg_sign, extra)) {
+				 oid, author, opts->sign, extra)) {
 		res = error(_("failed to write commit object"));
 		goto out;
 	}
@@ -2445,7 +2445,7 @@  static int populate_opts_cb(const char *key, const char *value, void *data)
 	else if (!strcmp(key, "options.strategy"))
 		git_config_string_dup(&opts->strategy, key, value);
 	else if (!strcmp(key, "options.gpg-sign"))
-		git_config_string_dup(&opts->gpg_sign, key, value);
+		git_config_string_dup(&opts->sign, key, value);
 	else if (!strcmp(key, "options.strategy-option")) {
 		ALLOC_GROW(opts->xopts, opts->xopts_nr + 1, opts->xopts_alloc);
 		opts->xopts[opts->xopts_nr++] = xstrdup(value);
@@ -2500,12 +2500,12 @@  static int read_populate_opts(struct replay_opts *opts)
 	if (is_rebase_i(opts)) {
 		struct strbuf buf = STRBUF_INIT;
 
-		if (read_oneliner(&buf, rebase_path_gpg_sign_opt(), 1)) {
+		if (read_oneliner(&buf, rebase_path_sign_opt(), 1)) {
 			if (!starts_with(buf.buf, "-S"))
 				strbuf_reset(&buf);
 			else {
-				free(opts->gpg_sign);
-				opts->gpg_sign = xstrdup(buf.buf + 2);
+				free(opts->sign);
+				opts->sign = xstrdup(buf.buf + 2);
 			}
 			strbuf_reset(&buf);
 		}
@@ -2607,8 +2607,8 @@  int write_basic_state(struct replay_opts *opts, const char *head_name,
 	else if (opts->allow_rerere_auto == RERERE_NOAUTOUPDATE)
 		write_file(rebase_path_allow_rerere_autoupdate(), "--no-rerere-autoupdate\n");
 
-	if (opts->gpg_sign)
-		write_file(rebase_path_gpg_sign_opt(), "-S%s\n", opts->gpg_sign);
+	if (opts->sign)
+		write_file(rebase_path_sign_opt(), "-S%s\n", opts->sign);
 	if (opts->signoff)
 		write_file(rebase_path_signoff(), "--signoff\n");
 	if (opts->reschedule_failed_exec)
@@ -2864,9 +2864,9 @@  static int save_opts(struct replay_opts *opts)
 	if (opts->strategy)
 		res |= git_config_set_in_file_gently(opts_file,
 					"options.strategy", opts->strategy);
-	if (opts->gpg_sign)
+	if (opts->sign)
 		res |= git_config_set_in_file_gently(opts_file,
-					"options.gpg-sign", opts->gpg_sign);
+					"options.gpg-sign", opts->sign);
 	if (opts->xopts) {
 		int i;
 		for (i = 0; i < opts->xopts_nr; i++)
@@ -2971,7 +2971,7 @@  static int error_with_patch(struct repository *r,
 			  "Once you are satisfied with your changes, run\n"
 			  "\n"
 			  "  git rebase --continue\n"),
-			gpg_sign_opt_quoted(opts));
+			sign_opt_quoted(opts));
 	} else if (exit_code) {
 		if (commit)
 			fprintf_ln(stderr, _("Could not apply %s... %.*s"),
@@ -3414,9 +3414,9 @@  static int do_merge(struct repository *r,
 		struct child_process cmd = CHILD_PROCESS_INIT;
 
 		if (read_env_script(&cmd.env_array)) {
-			const char *gpg_opt = gpg_sign_opt_quoted(opts);
+			const char *sig_opt = sign_opt_quoted(opts);
 
-			ret = error(_(staged_changes_advice), gpg_opt, gpg_opt);
+			ret = error(_(staged_changes_advice), sig_opt, sig_opt);
 			goto leave_merge;
 		}
 
@@ -3430,8 +3430,8 @@  static int do_merge(struct repository *r,
 		argv_array_push(&cmd.args, "--no-stat");
 		argv_array_push(&cmd.args, "-F");
 		argv_array_push(&cmd.args, git_path_merge_msg(r));
-		if (opts->gpg_sign)
-			argv_array_push(&cmd.args, opts->gpg_sign);
+		if (opts->sign)
+			argv_array_push(&cmd.args, opts->sign);
 
 		/* Add the tips to be merged */
 		for (j = to_merge; j; j = j->next)
diff --git a/sequencer.h b/sequencer.h
index 0c494b83d..353547d12 100644
--- a/sequencer.h
+++ b/sequencer.h
@@ -46,7 +46,7 @@  struct replay_opts {
 
 	int mainline;
 
-	char *gpg_sign;
+	char *sign;
 	enum commit_msg_cleanup_mode default_msg_cleanup;
 	int explicit_cleanup;
 
diff --git a/t/t5573-pull-verify-signatures.sh b/t/t5573-pull-verify-signatures.sh
index 3e9876e19..6dfe3f8c1 100755
--- a/t/t5573-pull-verify-signatures.sh
+++ b/t/t5573-pull-verify-signatures.sh
@@ -45,25 +45,25 @@  test_expect_success GPG 'create repositories with signed commits' '
 test_expect_success GPG 'pull unsigned commit with --verify-signatures' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_must_fail git pull --ff-only --verify-signatures unsigned 2>pullerror &&
-	test_i18ngrep "does not have a GPG signature" pullerror
+	test_i18ngrep "does not have a signature" pullerror
 '
 
 test_expect_success GPG 'pull commit with bad signature with --verify-signatures' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_must_fail git pull --ff-only --verify-signatures bad 2>pullerror &&
-	test_i18ngrep "has a bad GPG signature" pullerror
+	test_i18ngrep "has a bad signature" pullerror
 '
 
 test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
-	test_i18ngrep "has an untrusted GPG signature" pullerror
+	test_i18ngrep "has an untrusted signature" pullerror
 '
 
 test_expect_success GPG 'pull signed commit with --verify-signatures' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	git pull --verify-signatures signed >pulloutput &&
-	test_i18ngrep "has a good GPG signature" pulloutput
+	test_i18ngrep "has a good signature" pulloutput
 '
 
 test_expect_success GPG 'pull commit with bad signature without verification' '
@@ -82,7 +82,7 @@  test_expect_success GPG 'pull unsigned commit into unborn branch' '
 	git init empty-repo &&
 	test_must_fail \
 		git -C empty-repo pull --verify-signatures ..  2>pullerror &&
-	test_i18ngrep "does not have a GPG signature" pullerror
+	test_i18ngrep "does not have a signature" pullerror
 '
 
 test_done
diff --git a/t/t7612-merge-verify-signatures.sh b/t/t7612-merge-verify-signatures.sh
index d99218a72..207c7ae2a 100755
--- a/t/t7612-merge-verify-signatures.sh
+++ b/t/t7612-merge-verify-signatures.sh
@@ -37,53 +37,53 @@  test_expect_success GPG 'create signed commits' '
 test_expect_success GPG 'merge unsigned commit with verification' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_must_fail git merge --ff-only --verify-signatures side-unsigned 2>mergeerror &&
-	test_i18ngrep "does not have a GPG signature" mergeerror
+	test_i18ngrep "does not have a signature" mergeerror
 '
 
 test_expect_success GPG 'merge unsigned commit with merge.verifySignatures=true' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_config merge.verifySignatures true &&
 	test_must_fail git merge --ff-only side-unsigned 2>mergeerror &&
-	test_i18ngrep "does not have a GPG signature" mergeerror
+	test_i18ngrep "does not have a signature" mergeerror
 '
 
 test_expect_success GPG 'merge commit with bad signature with verification' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_must_fail git merge --ff-only --verify-signatures $(cat forged.commit) 2>mergeerror &&
-	test_i18ngrep "has a bad GPG signature" mergeerror
+	test_i18ngrep "has a bad signature" mergeerror
 '
 
 test_expect_success GPG 'merge commit with bad signature with merge.verifySignatures=true' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_config merge.verifySignatures true &&
 	test_must_fail git merge --ff-only $(cat forged.commit) 2>mergeerror &&
-	test_i18ngrep "has a bad GPG signature" mergeerror
+	test_i18ngrep "has a bad signature" mergeerror
 '
 
 test_expect_success GPG 'merge commit with untrusted signature with verification' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_must_fail git merge --ff-only --verify-signatures side-untrusted 2>mergeerror &&
-	test_i18ngrep "has an untrusted GPG signature" mergeerror
+	test_i18ngrep "has an untrusted signature" mergeerror
 '
 
 test_expect_success GPG 'merge commit with untrusted signature with merge.verifySignatures=true' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_config merge.verifySignatures true &&
 	test_must_fail git merge --ff-only side-untrusted 2>mergeerror &&
-	test_i18ngrep "has an untrusted GPG signature" mergeerror
+	test_i18ngrep "has an untrusted signature" mergeerror
 '
 
 test_expect_success GPG 'merge signed commit with verification' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	git merge --verbose --ff-only --verify-signatures side-signed >mergeoutput &&
-	test_i18ngrep "has a good GPG signature" mergeoutput
+	test_i18ngrep "has a good signature" mergeoutput
 '
 
 test_expect_success GPG 'merge signed commit with merge.verifySignatures=true' '
 	test_when_finished "git reset --hard && git checkout initial" &&
 	test_config merge.verifySignatures true &&
 	git merge --verbose --ff-only side-signed >mergeoutput &&
-	test_i18ngrep "has a good GPG signature" mergeoutput
+	test_i18ngrep "has a good signature" mergeoutput
 '
 
 test_expect_success GPG 'merge commit with bad signature without verification' '
@@ -107,7 +107,7 @@  test_expect_success GPG 'merge unsigned commit into unborn branch' '
 	test_when_finished "git checkout initial" &&
 	git checkout --orphan unborn &&
 	test_must_fail git merge --verify-signatures side-unsigned 2>mergeerror &&
-	test_i18ngrep "does not have a GPG signature" mergeerror
+	test_i18ngrep "does not have a signature" mergeerror
 '
 
 test_done
diff --git a/tag.c b/tag.c
index d9bbf5249..6eb045fba 100644
--- a/tag.c
+++ b/tag.c
@@ -10,7 +10,7 @@ 
 
 const char *tag_type = "tag";
 
-static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags)
+static int run_sig_verify(const char *buf, unsigned long size, unsigned flags)
 {
 	struct signature sigc;
 	size_t payload_size;
@@ -36,7 +36,7 @@  static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags)
 	return ret;
 }
 
-int gpg_verify_tag(const struct object_id *oid, const char *name_to_report,
+int sig_verify_tag(const struct object_id *oid, const char *name_to_report,
 		unsigned flags)
 {
 	enum object_type type;
@@ -59,7 +59,7 @@  int gpg_verify_tag(const struct object_id *oid, const char *name_to_report,
 				name_to_report :
 				find_unique_abbrev(oid, DEFAULT_ABBREV));
 
-	ret = run_gpg_verify(buf, size, flags);
+	ret = run_sig_verify(buf, size, flags);
 
 	free(buf);
 	return ret;
diff --git a/tag.h b/tag.h
index 03265fbfe..24f1e8538 100644
--- a/tag.h
+++ b/tag.h
@@ -17,7 +17,7 @@  int parse_tag(struct tag *item);
 void release_tag_memory(struct tag *t);
 struct object *deref_tag(struct repository *r, struct object *, const char *, int);
 struct object *deref_tag_noverify(struct object *);
-int gpg_verify_tag(const struct object_id *oid,
+int sig_verify_tag(const struct object_id *oid,
 		   const char *name_to_report, unsigned flags);
 
 #endif /* TAG_H */