Harness the power of signify(1) to sign arbitrary git objects
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

factor out verify fn

+21 -12
+21 -12
src/raw/verify.rs
··· 4 4 5 5 use anyhow::{Context, Result}; 6 6 use git2::{Oid, Repository}; 7 - use libsignify::{Codeable, Signature}; 7 + use libsignify::{Codeable, PublicKey, Signature}; 8 8 9 9 use crate::utils; 10 10 11 11 /// Execute the `verify` command. 12 12 pub fn command(key_path: PathBuf, recover: bool, tree_rev: String) -> Result<()> { 13 13 let repo = Repository::open(".").context("Failed to open git repository")?; 14 + let public_key = utils::get_public_key(key_path)?; 15 + let recovered_oid = verify(&repo, &public_key, &tree_rev, recover)?; 16 + if let Some(recovered_oid) = recovered_oid { 17 + println!("{recovered_oid}"); 18 + } 19 + Ok(()) 20 + } 14 21 22 + /// Verify the signature under `tree_rev` with the given public key. 23 + pub fn verify( 24 + repo: &Repository, 25 + public_key: &PublicKey, 26 + tree_rev: &str, 27 + recover: bool, 28 + ) -> Result<Option<Oid>> { 15 29 let oid = repo 16 - .revparse_single(&tree_rev) 30 + .revparse_single(tree_rev) 17 31 .context("Failed to look-up git tree oid")? 18 32 .id(); 19 33 let tree = repo ··· 23 37 let object = tree 24 38 .get_name("object") 25 39 .context("Failed to look-up signed object in the tree")? 26 - .to_object(&repo) 40 + .to_object(repo) 27 41 .context("The signed object could not be retrieved")?; 28 42 let object = object 29 43 .as_blob() ··· 34 48 let signature = tree 35 49 .get_name("signature") 36 50 .context("Failed to look-up signature in the tree")? 37 - .to_object(&repo) 51 + .to_object(repo) 38 52 .context("The signature object could not be retrieved")?; 39 53 let signature = signature 40 54 .as_blob() ··· 44 58 .context("Failed to parse signature")? 45 59 }; 46 60 47 - let public_key = utils::get_public_key(key_path)?; 48 - 49 61 public_key 50 62 .verify(dereferenced_obj, &signature) 51 63 .map_err(utils::Error::new) 52 64 .context("Failed to verify signature")?; 53 65 54 - if recover { 55 - let oid = Oid::from_bytes(dereferenced_obj).context("Failed to parse git object id")?; 56 - println!("{oid}"); 57 - } 58 - 59 - Ok(()) 66 + recover 67 + .then(|| Oid::from_bytes(dereferenced_obj).context("Failed to parse git object id")) 68 + .transpose() 60 69 }