]> source.dussan.org Git - jgit.git/commit
projects / jgit.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6e127c0) | patch
GPG: use key fingerprint suffix to compare id for signing key 32/142532/1
authorThomas Wolf <thomas.wolf@paranor.ch>
Tue, 21 May 2019 16:08:48 +0000 (18:08 +0200)
committerThomas Wolf <thomas.wolf@paranor.ch>
Tue, 21 May 2019 16:11:28 +0000 (18:11 +0200)
commit6536b5cbca8b876e92c5943f25768ba0c450eada
tree8b0c2bedcbb300cc029c4e9b953e68f6ad933a2etree | snapshot
parent6e127c089a49f7d6ffc510332ceed3250c8ef9f3commit | diff
GPG: use key fingerprint suffix to compare id for signing key

Check whether the value of the git config user.signingKey is a suffix
of the full fingerprint of the key. This was already used for finding
keys in secring.gpg, but not in pubring.kbx. This mechanism allows a
user to use any unique suffix to identify keys; to avoid needless
collisions it's recommended to use at least the last 16 characters of
the hex representation of the fingerprint, which is the key id.[1]

[1] https://tools.ietf.org/html/rfc4880#section-12.2

Bug: 545673
Change-Id: If6fb4879502b6ee4b8c26c21b2714aeac4e4670c
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
org.eclipse.jgit/src/org/eclipse/jgit/lib/internal/BouncyCastleGpgKeyLocator.java diff | blob | history
JGit, the Java implementation of git: https://github.com/eclipse-jgit/jgit