From patchwork Sat May 8 06:18:23 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Huseby X-Patchwork-Id: 12245843 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 15B52C43460 for ; Sat, 8 May 2021 06:18:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D57CF61432 for ; Sat, 8 May 2021 06:18:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229869AbhEHGT3 (ORCPT ); Sat, 8 May 2021 02:19:29 -0400 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:36039 "EHLO out4-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229713AbhEHGT1 (ORCPT ); Sat, 8 May 2021 02:19:27 -0400 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 95F115C012F for ; Sat, 8 May 2021 02:18:26 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Sat, 08 May 2021 02:18:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= linuxprogrammer.org; h=from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; s=fm3; bh=pWUapxD1rMkvFdD9bDr1sSkrT1dX7AqO1O/MOvo5lEE=; b=REe6F EX7yKhGs0AeJlO1nXbL0alC0BX3zZ6CTUfw/YtYLg7j+bADM1T7XIwDrzM+VolCz d3SYngktn7K9bXRW6YEqGvrx7VCze6UslrxOQul/IquXs76Voy1HdzupxpsN3tVb hsX5XNifCV+7jftwv7y3t6M1wtavp7bgsYB2L5ghfv8rZO5OVOZnXcTu+P7YqM3S sY/aIqfiYj9P+MTwymCnbHYD6f3cusx8VC3NvD3Tk+JuZcZ9z+2Gsgg8JHgp6+K1 6mg8l8ZF87qrUzBfUn5xloUZE2OBpoas90x+q0CFaKlY1fS0Cf4aOv388zKeXfM4 I3wJj9XSqDpnSL7DQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=pWUapxD1rMkvFdD9bDr1sSkrT1dX7AqO1O/MOvo5lEE=; b=gV+VWTL9 tX4/uf+HzRnaKyyz4zfCzqmMIxKmCrxUnSLxgJ5MO8vUZH/KVbP72wwq400U7PwX ZAK12zG5jmTiOc/PjmOPXgZ2uKYxFFprtnmU0bwE2OlmM48cghSvLfoDkqzoL2ru XHTWw0XmK2+e2ykITLyNdd/FR/f+7wWuQov+HKnqg6Nx9NYNAkHz+ijuvNSroNBc oL+rdgyu5wIqFXfgHivmk0U25D4D88bwHDpC0RrmO2MVUEx4u0BKJfYlJxT/fIpH GYuUfJq78jABLQay6dkeFeQLhEn0VKYJYB2lL7Yx5oK1FXqytgmfDt+/2y7avSBV 3003Af0IXFSRWQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrvdegfedguddthecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecuogfuuhhsphgvtghtffhomhgrihhnucdlgeelmd enucfjughrpefhvffufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgrvhgv ucfjuhhsvggshicuoegufihhsehlihhnuhigphhrohhgrhgrmhhmvghrrdhorhhgqeenuc ggtffrrghtthgvrhhnpedvleelffffteevfeeutddvvddtfeehjeduudfggfefieevueet ffdvgfeuteefgeenucffohhmrghinhepohhpvghnphhgphdrihhspdhgihhthhhusgdrih honecukfhppeeikedrvddvgedrieekrdehnecuvehluhhsthgvrhfuihiivgeptdenucfr rghrrghmpehmrghilhhfrhhomhepugifhheslhhinhhugihprhhoghhrrghmmhgvrhdroh hrgh X-ME-Proxy: Received: from linuxprogrammer.org (ip68-224-68-5.lv.lv.cox.net [68.224.68.5]) by mail.messagingengine.com (Postfix) with ESMTPA for ; Sat, 8 May 2021 02:18:26 -0400 (EDT) From: Dave Huseby To: git@vger.kernel.org Subject: [RFC PATCH v1 1/1] Modifies documentation for universal cryptographic signing Date: Fri, 7 May 2021 23:18:23 -0700 Message-Id: X-Mailer: git-send-email 2.20.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Signed-off-by: Dave Huseby --- Documentation/config.txt | 2 + Documentation/config/commit.txt | 23 +- Documentation/config/gpg.txt | 36 +-- Documentation/config/push.txt | 18 +- Documentation/config/sign.txt | 72 ++++++ Documentation/config/tag.txt | 27 +- Documentation/config/user.txt | 12 +- Documentation/git-am.txt | 43 +++- Documentation/git-cherry-pick.txt | 43 +++- Documentation/git-commit-tree.txt | 44 +++- Documentation/git-commit.txt | 43 +++- Documentation/git-fast-import.txt | 2 +- Documentation/git-for-each-ref.txt | 2 +- Documentation/git-mktag.txt | 32 ++- Documentation/git-rebase.txt | 44 +++- Documentation/git-revert.txt | 44 +++- Documentation/git-tag.txt | 102 +++++--- Documentation/git-verify-commit.txt | 8 +- Documentation/git-verify-tag.txt | 8 +- Documentation/merge-options.txt | 40 ++- Documentation/pretty-formats.txt | 2 +- Documentation/pretty-options.txt | 2 +- .../technical/hash-function-transition.txt | 31 ++- .../technical/signature-format-v2.txt | 232 ++++++++++++++++++ Documentation/user-manual.txt | 40 +-- 25 files changed, 747 insertions(+), 205 deletions(-) create mode 100644 Documentation/config/sign.txt create mode 100644 Documentation/technical/signature-format-v2.txt diff --git a/Documentation/config.txt b/Documentation/config.txt index bf82766a6a..71eb46117f 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -446,6 +446,8 @@ include::config/sequencer.txt[] include::config/showbranch.txt[] +include::config/sign.txt[] + include::config/splitindex.txt[] include::config/ssh.txt[] diff --git a/Documentation/config/commit.txt b/Documentation/config/commit.txt index 2c95573930..9004a2f3cb 100644 --- a/Documentation/config/commit.txt +++ b/Documentation/config/commit.txt @@ -7,13 +7,24 @@ commit.cleanup:: have to remove the help lines that begin with `#` in the commit log template yourself, if you do this). -commit.gpgSign:: +commit.gpgSign (deprecated):: + Interpreted as an alias for 'commit.sign'. Use of this implies + 'commit.signType = openpgp' and the config values for + 'sign.openpgp.*' are used if specified. If this is enabled and + 'sign.openpgp.*' is not defined, backwards compatible defaults + are used that emulate the old behavior. - A boolean to specify whether all commits should be GPG signed. - Use of this option when doing operations such as rebase can - result in a large number of commits being signed. It may be - convenient to use an agent to avoid typing your GPG passphrase - several times. +commit.sign:: + A boolean to specify whether all commits should be cryptographically + signed. Use of this option when doing operations such as rebase can + result in a large number of commits being signed. + +commit.signType:: + A string value to specify the type of signature to use whenever + '--sign' is used or 'commit.sign' is enabled. If this is not defined + the signature type defined by 'sign.default' is used. If neither + this nor 'sign.default' are defined backwards compatible defaults + for "openpgp" signatures are used. commit.status:: A boolean to enable/disable inclusion of status information in the diff --git a/Documentation/config/gpg.txt b/Documentation/config/gpg.txt index d94025cb36..40629cb105 100644 --- a/Documentation/config/gpg.txt +++ b/Documentation/config/gpg.txt @@ -1,32 +1,16 @@ -gpg.program:: - Use this custom program instead of "`gpg`" found on `$PATH` when - making or verifying a PGP signature. The program must support the - same command-line interface as GPG, namely, to verify a detached - signature, "`gpg --verify $signature - <$file`" is run, and the - program is expected to signal a good signature by exiting with - code 0, and to generate an ASCII-armored detached signature, the - standard input of "`gpg -bsau $key`" is fed with the contents to be - signed, and the program is expected to send the result to its - standard output. +gpg.program (deprecated):: + Interpreted as an alias for 'sign.openpgp.program'. -gpg.format:: - Specifies which key format to use when signing with `--gpg-sign`. - Default is "openpgp" and another possible value is "x509". +gpg.format (deprecated):: + Interpreted as an alias for 'sign.default'. -gpg..program:: - Use this to customize the program used for the signing format you - chose. (see `gpg.program` and `gpg.format`) `gpg.program` can still - be used as a legacy synonym for `gpg.openpgp.program`. The default - value for `gpg.x509.program` is "gpgsm". +gpg..program (deprecated):: + Interpreted as an alias for 'sign..program' for format + values of "openpgp" and "x509". -gpg.minTrustLevel:: - Specifies a minimum trust level for signature verification. If - this option is unset, then signature verification for merge - operations require a key with at least `marginal` trust. Other - operations that perform signature verification require a key - with at least `undefined` trust. Setting this option overrides - the required trust-level for all operations. Supported values, - in increasing order of significance: +gpg.minTrustLevel (deprecated):: + Interpreted as an alias for 'sign..options.minTrustLevel' for + format values of "openpgp" and "x509". + * `undefined` * `never` diff --git a/Documentation/config/push.txt b/Documentation/config/push.txt index 21b256e0a4..9a63bb273a 100644 --- a/Documentation/config/push.txt +++ b/Documentation/config/push.txt @@ -61,15 +61,27 @@ push.followTags:: may override this configuration at time of push by specifying `--no-follow-tags`. -push.gpgSign:: +push.gpgSign (deprecated):: + Interpreted as an alias for 'push.sign'. Use of this implies + 'push.signType = openpgp' and the config values for + 'sign.openpgp.*' are used if specified. If 'sign.openpgp.*' is not + defined, backwards compatible defaults are used. + +push.sign:: May be set to a boolean value, or the string 'if-asked'. A true - value causes all pushes to be GPG signed, as if `--signed` is + value causes all pushes to be signed, as if `--sign` is passed to linkgit:git-push[1]. The string 'if-asked' causes pushes to be signed if the server supports it, as if - `--signed=if-asked` is passed to 'git push'. A false value may + `--sign=if-asked` is passed to 'git push'. A false value may override a value from a lower-priority config file. An explicit command-line flag always overrides this config option. +push.signType:: + Specifies the type of signature to use whenever '--sign' or + 'push.sign' is enabled. If not defined, 'sign.default' determines + the type of signature otherwise backwards compatible defaults are + used. + push.pushOption:: When no `--push-option=