diff options
| author | zeripath <art27@cantab.net> | 2021-07-13 14:28:07 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-07-13 15:28:07 +0200 |
| commit | b82293270c7d2d36d79cb9c5731d07c3f5b33f6b (patch) | |
| tree | a79131e08ecf19cc8e642fcc032bfee0e30959c0 /options/locale/locale_en-US.ini | |
| parent | 67f135ca5ddfcab4391a00af4936d0260079cd97 (diff) | |
| download | gitea-b82293270c7d2d36d79cb9c5731d07c3f5b33f6b.tar.gz gitea-b82293270c7d2d36d79cb9c5731d07c3f5b33f6b.zip | |
Add option to provide signature for a token to verify key ownership (#14054)
* Add option to provide signed token to verify key ownership
Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.
* Ensure verified keys can act for all active emails for the user
* Add code to mark keys as verified
* Slight UI adjustments
* Slight UI adjustments 2
* Simplify signature verification slightly
* fix postgres test
* add api routes
* handle swapped primary-keys
* Verify the no-reply address for verified keys
* Only add email addresses that are activated to keys
* Fix committer shortcut properly
* Restructure gpg_keys.go
* Use common Verification Token code
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'options/locale/locale_en-US.ini')
| -rw-r--r-- | options/locale/locale_en-US.ini | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index c0ea28172b..c94977ede9 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -595,7 +595,20 @@ ssh_key_been_used = This SSH key has already been added to the server. ssh_key_name_used = An SSH key with same name already exists on your account. ssh_principal_been_used = This principal has already been added to the server. gpg_key_id_used = A public GPG key with same ID already exists. -gpg_no_key_email_found = This GPG key is not usable with any email address associated with your account. +gpg_no_key_email_found = This GPG key does not match any activated email address associated with your account. It may still be added if you sign the provided token. +gpg_key_matched_identities = Matched Identities: +gpg_key_matched_identities_long=The embedded identities in this key match the following activated email addresses for this user and commits matching these email addresses can be verified with this key. +gpg_key_verified=Verified Key +gpg_key_verified_long=Key has been verified with a token and can be used to verify commits matching any activated email addresses for this user in addition to any matched identities for this key. +gpg_key_verify=Verify +gpg_invalid_token_signature = The provided GPG key, signature and token do not match or token is out-of-date. +gpg_token_required = You must provide a signature for the below token +gpg_token = Token +gpg_token_help = You can generate a signature using: +gpg_token_code = echo "%s" | gpg -a --default-key %s --detach-sig +gpg_token_signature = Armored GPG signature +key_signature_gpg_placeholder = Begins with '-----BEGIN PGP SIGNATURE-----' +verify_gpg_key_success = The GPG key '%s' has been verified. subkeys = Subkeys key_id = Key ID key_name = Key Name |