diff options
| author | zeripath <art27@cantab.net> | 2020-06-03 16:36:41 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-03 11:36:41 -0400 |
| commit | a730dc1419b7e7171da816d5bc727dc5f2edf3ab (patch) | |
| tree | 8973771802a0eb56ac98be7cbc57b83a744a1c82 /models | |
| parent | 160c23c4abda1cd3e742405bab81469c01163eac (diff) | |
| download | gitea-a730dc1419b7e7171da816d5bc727dc5f2edf3ab.tar.gz gitea-a730dc1419b7e7171da816d5bc727dc5f2edf3ab.zip | |
Fix verification of subkeys of default gpg key (#11713)
* Fix verification of subkeys of default gpg key
Fix #10309
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove debug log
* Update models/gpg_key.go
* As per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'models')
| -rw-r--r-- | models/gpg_key.go | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/models/gpg_key.go b/models/gpg_key.go index bebd33191a..49e510839f 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -741,6 +741,21 @@ func verifyWithGPGSettings(gpgSettings *git.GPGSettings, sig *packet.Signature, CanSign: pubkey.CanSign(), KeyID: pubkey.KeyIdString(), } + for _, subKey := range ekey.Subkeys { + content, err := base64EncPubKey(subKey.PublicKey) + if err != nil { + return &CommitVerification{ + CommittingUser: committer, + Verified: false, + Reason: "gpg.error.generate_hash", + } + } + k.SubsKey = append(k.SubsKey, &GPGKey{ + Content: content, + CanSign: subKey.PublicKey.CanSign(), + KeyID: subKey.PublicKey.KeyIdString(), + }) + } if commitVerification := hashAndVerifyWithSubKeys(sig, payload, k, committer, &User{ Name: gpgSettings.Name, Email: gpgSettings.Email, |