mirror of
https://github.com/git/git
synced 2024-10-02 14:45:21 +00:00
Merge branch 'gm/signature-format-doc'
Doc update. * gm/signature-format-doc: signature-format.txt: note SSH and X.509 signature delimiters
This commit is contained in:
commit
9a4e18b701
|
@ -12,6 +12,9 @@ gpg.program::
|
||||||
gpg.format::
|
gpg.format::
|
||||||
Specifies which key format to use when signing with `--gpg-sign`.
|
Specifies which key format to use when signing with `--gpg-sign`.
|
||||||
Default is "openpgp". Other possible values are "x509", "ssh".
|
Default is "openpgp". Other possible values are "x509", "ssh".
|
||||||
|
+
|
||||||
|
See linkgit:gitformat-signature[5] for the signature format, which differs
|
||||||
|
based on the selected `gpg.format`.
|
||||||
|
|
||||||
gpg.<format>.program::
|
gpg.<format>.program::
|
||||||
Use this to customize the program used for the signing format you
|
Use this to customize the program used for the signing format you
|
||||||
|
|
|
@ -17,12 +17,24 @@ DESCRIPTION
|
||||||
Git uses cryptographic signatures in various places, currently objects (tags,
|
Git uses cryptographic signatures in various places, currently objects (tags,
|
||||||
commits, mergetags) and transactions (pushes). In every case, the command which
|
commits, mergetags) and transactions (pushes). In every case, the command which
|
||||||
is about to create an object or transaction determines a payload from that,
|
is about to create an object or transaction determines a payload from that,
|
||||||
calls gpg to obtain a detached signature for the payload (`gpg -bsa`) and
|
calls an external program to obtain a detached signature for the payload
|
||||||
embeds the signature into the object or transaction.
|
(`gpg -bsa` in the case of PGP signatures), and embeds the signature into the
|
||||||
|
object or transaction.
|
||||||
|
|
||||||
Signatures always begin with `-----BEGIN PGP SIGNATURE-----`
|
Signatures begin with an "ASCII Armor" header line and end with a tail line,
|
||||||
and end with `-----END PGP SIGNATURE-----`, unless gpg is told to
|
which differ depending on signature type (as selected by `gpg.format`, see
|
||||||
produce RFC1991 signatures which use `MESSAGE` instead of `SIGNATURE`.
|
linkgit:git-config[1]). These are, for `gpg.format` values:
|
||||||
|
|
||||||
|
`gpg` (PGP)::
|
||||||
|
`-----BEGIN PGP SIGNATURE-----` and `-----END PGP SIGNATURE-----`.
|
||||||
|
Or, if gpg is told to produce RFC1991 signatures,
|
||||||
|
`-----BEGIN PGP MESSAGE-----` and `-----END PGP MESSAGE-----`
|
||||||
|
|
||||||
|
`ssh` (SSH)::
|
||||||
|
`-----BEGIN SSH SIGNATURE-----` and `-----END SSH SIGNATURE-----`
|
||||||
|
|
||||||
|
`x509` (X.509)::
|
||||||
|
`-----BEGIN SIGNED MESSAGE-----` and `-----END SIGNED MESSAGE-----`
|
||||||
|
|
||||||
Signatures sometimes appear as a part of the normal payload
|
Signatures sometimes appear as a part of the normal payload
|
||||||
(e.g. a signed tag has the signature block appended after the payload
|
(e.g. a signed tag has the signature block appended after the payload
|
||||||
|
|
Loading…
Reference in a new issue