Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace golang.org/x/crypto/openpgp by github.com/ProtonMail/go-crypto/openpgp #283

Merged
merged 1 commit into from Apr 6, 2021
Merged

Replace golang.org/x/crypto/openpgp by github.com/ProtonMail/go-crypto/openpgp #283

merged 1 commit into from Apr 6, 2021

Conversation

johanfleury
Copy link
Contributor

Fixes #282

@johanfleury johanfleury marked this pull request as draft April 2, 2021 21:32
@johanfleury johanfleury force-pushed the refactor/move-to-protonmail-openpgp branch from b4fa69c to f447e74 Compare April 2, 2021 21:49
@johanfleury
Copy link
Contributor Author

johanfleury commented Apr 2, 2021
edited

The key used for checking commit and tag signatures in the tests has expired since 2019 which now makes openpgp fail:

pgpdump << EOF | grep -i expir -A 1
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBFmtHgABCADnfThM7q8D4pgUub9jMppSpgFh3ev84g3Csc3yQUlszEOVgXmu
YiSWP1oAiWFQ8ahCydh3LT8TnEB2QvoRNiExUI5XlXFwVfKW3cpDu8gdhtufs90Q
NvpaHOgTqRf/texGEKwXi6fvS47fpyaQ9BKNdN52LeaaHzDDZkVsAFmroE+7MMvj
P4Mq8qDn2WcWnX9zheQKYrX6Cs48Tx80eehHor4f/XnuaP8DLmPQx7URdJ0Igckh
N+i91Qv2ujin8zxUwhkfus66EZS9lQ4qR9iVHs4WHOs3j7whsejd4VhajonilVHj
uqTtqHmpN/4njbIKb8q8uQkS26VQYoSYm2UvABEBAAG0GlN1bm55IDxtZUBkYXJr
b3dsenouc3BhY2U+iQFUBBMBCAA+FiEEoRt6IzxHaZkkUslhQyLeMqcmyU4FAlmt
HgACGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQQyLeMqcmyU7V
nAf+J5BYu26B2i+iwctOzDRFcPwCLka9cBwe5wcDvoF2qL8QRo8NPWBBH4zWHa/k
BthtGo1b89a53I2hnTwTQ0NOtAUNV+Vvu6nOHJd9Segsx3E1nM43bd2bUfGJ1eeO
jDOlOvtP4ozuV6Ej+0Ln2ouMOc87yAwbAzTfQ9axU6CKUbqy0/t2dW1jdKntGH+t
VPeFxJHL2gXjP89skCSPYA7yKqqyJRPFvC+7rde1OLdCmZi4VwghUiNbh3s1+xM3
gfr2ahsRDTN2SQzwuHu4y1EgZgPtuWfRxzHqduoRoSgfOfFr9H9Il3UMHf2Etleu
rif40YZJhge6STwsIycGh4wOiLkBDQRZrR4AAQgArpUvPdGC/W9X4AuZXrXEShvx
TqM4K2Jk9n0j+ABx87k9fm48qgtae7+TayMbb0i7kcbgnjltKbauTbyRbju/EJvN
CdIw76IPpjy6jUM37wG2QGLFo6Ku3x8/ZpNGGOZ8KMU258/EBqDlJQ/4g4kJ8D+m
9yOH0r6/Xpe/jOY2V8Jo9pdFTm+8eAsSyZF0Cl7drz603Pymq1IS2wrwQbdxQA/w
B75pQ5es7X34Ac7/9UZCwCPmZDAldnjHyw5dZgZe8XLrG84BIfbG0Hj8PjrFdF1D
Czt9bk+PbYAnLORW2oX1oedxVrNFo5UrbWgBSjA1ppbGFjwSDHFlyjuEuxqyFwAR
AQABiQE8BBgBCAAmFiEEoRt6IzxHaZkkUslhQyLeMqcmyU4FAlmtHgACGwwFCQPC
ZwAACgkQQyLeMqcmyU7ZBggArzc8UUVSjde987Vqnu/S5Cv8Qhz+UB7gAFyTW2iF
VYvB86r30H/NnfjvjCVkBE6FHCNHoxWVyDWmuxKviB7nkReHuwqniQHPgdJDcTKC
tBboeX2IYBLJbEvEJuz5NSvnvFuYkIpZHqySFaqdl/qu9XcmoPL5AmIzIFOeiNty
qT0ldkf3ru6yQQDDqBDpkfz4AzkpFnLYL59z6IbJDK2Hz7aKeSEeVOGiZLCjIZZV
uISZThYqh5zUkvF346OHLDqfDdgQ4RZriqd/DTtRJPlz2uL0QcEIjJuYCkG0UWgl
sYyf9RfOnw/KUFAQbdtvLx3ikODQC+D3KBtuKI9ISHQfgw==
=FPev
-----END PGP PUBLIC KEY BLOCK-----
EOF
        Hashed Sub: key expiration time(sub 9)(4 bytes)
                Time - Wed Sep  4 05:33:52 EDT 2019
--
        Hashed Sub: key expiration time(sub 9)(4 bytes)
                Time - Wed Sep  4 05:33:52 EDT 2019

Apart from that, all the unit tests seem to pass.

@johanfleury johanfleury force-pushed the refactor/move-to-protonmail-openpgp branch from f447e74 to b4af510 Compare April 2, 2021 22:39
@johanfleury
Copy link
Contributor Author

johanfleury commented Apr 2, 2021
edited

Just so you know, here is the commands used to create a new key and create a signed commit and a signed tag:

$ gpg --batch --full-generate-key <<EOF
%no-protection
Key-Type: eddsa
Key-Curve: Ed25519
Subkey-Type: ecdh
Subkey-Curve: Curve25519
Expire-Date: 0
Name-Real: go-git test key
EOF
$ mkdir test
$ cd test
$ git init
$ git config user.name go-git
$ git config user.email go-git@example.com
$ GIT_COMMITTER_DATE="$(date --utc +'%s %z')" GIT_AUTHOR_DATE=${GIT_COMMITTER_DATE} git commit --gpg-sign=CCA94D32710DDFEA0DCF32858C9A6985E0BB95F1 --allow-empty -m "test"
$ git show HEAD
$ git cat-file -p HEAD
$ GIT_COMMITTER_DATE="$(date --utc +'%s %z')" GIT_AUTHOR_DATE=${GIT_COMMITTER_DATE} git tag --sign -u CCA94D32710DDFEA0DCF32858C9A6985E0BB95F1 -m "This is a signed tag" v0.2
$ git show v0.2
$ git cat-file -p v0.2

@johanfleury johanfleury marked this pull request as ready for review April 2, 2021 22:45
This was referenced Apr 2, 2021
Closed
Closed
@mcuadros mcuadros merged commit bd662b0 into go-git:master Apr 6, 2021
@johanfleury johanfleury deleted the refactor/move-to-protonmail-openpgp branch April 6, 2021 14:23
@hiddeco hiddeco mentioned this pull request May 22, 2021
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

golang.org/x/crypto/openpgp is deprecated
2 participants
@johanfleury @mcuadros