English ▾
gitformat-signature 手册的本地化版本
主题 ▾
最新版本 ▾ gitformat-signature 上次更新于 2.40.0
gitformat-signature 手册中的更改
设置和配置
获取和创建项目
基本快照
分支和合并
共享和更新项目
检查和比较
补丁
调试
电子邮件
外部系统
服务器管理
指南
管理
底层命令
- 2.40.1 → 2.49.0 没有变化
-
2.40.0
2023-03-12
- 2.38.1 → 2.39.5 没有变化
-
2.38.0
2022-10-02
描述
Git 在多个地方使用加密签名,目前包括对象(标签、提交、合并标签)和事务(推送)。在每种情况下,即将创建对象或事务的命令都会从中确定有效负载,调用外部程序以获取有效负载的独立签名(PGP 签名的情况下为 gpg -bsa),并将签名嵌入到对象或事务中。
签名以“ASCII 盔甲”标头行开头,以尾行结尾,尾行根据签名类型而有所不同(由 gpg.format 选择,请参阅 git-config[1])。 这些是,对于 gpg.format 值
签名有时会作为正常有效负载的一部分出现(例如,签名标签在签名适用的有效负载之后附加签名块),有时会出现在对象标头的值中(例如,合并提交合并了签名标签,其“mergetag”标头上将包含整个标签内容)。对于后者,对象标头的常用多行格式规则适用。即,第二行及后续行以 SP 开头,以表示该行从上一行继续。
即使对于最初的空行也是如此。在以下示例中,以空白字母结尾的行尾用 $ 符号突出显示;如果您尝试手动重新创建这些示例,请不要剪切和粘贴它们 - 它们主要用于突出显示某些行末尾的额外空格。
签名有效负载以及嵌入签名的方式取决于对象或事务的类型。
标签签名
-
创建方式:
git tag -s -
有效负载:带注释的标签对象
-
嵌入:将签名附加到未签名的标签对象
-
示例:标签
signedtag,主题为signed tag
object 04b871796dc0420f8e7561a895b52484b701d51a type commit tag signedtag tagger C O Mitter <committer@example.com> 1465981006 +0000 signed tag signed tag message body -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAABAgAGBQJXYRhOAAoJEGEJLoW3InGJklkIAIcnhL7RwEb/+QeX9enkXhxn rxfdqrvWd1K80sl2TOt8Bg/NYwrUBw/RWJ+sg/hhHp4WtvE1HDGHlkEz3y11Lkuh 8tSxS3qKTxXUGozyPGuE90sJfExhZlW4knIQ1wt/yWqM+33E9pN4hzPqLwyrdods q8FWEqPPUbSJXoMbRPw04S5jrLtZSsUWbRYjmJCHzlhSfFWW4eFd37uquIaLUBS0 rkC3Jrx7420jkIpgFcTI2s60uhSQLzgcCwdA2ukSYIRnjg/zDkj8+3h/GaROJ72x lZyI6HWixKJkWw8lE9aAOD9TmTW9sFJwcVAzmAuFX2kUreDUKMZduGcoRYGpD7E= =jpXa -----END PGP SIGNATURE-----
-
验证方式:
git verify-tag [-v]或git tag -v
gpg: Signature made Wed Jun 15 10:56:46 2016 CEST using RSA key ID B7227189 gpg: Good signature from "Eris Discordia <discord@example.net>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: D4BE 2231 1AD3 131E 5EDA 29A4 6109 2E85 B722 7189 object 04b871796dc0420f8e7561a895b52484b701d51a type commit tag signedtag tagger C O Mitter <committer@example.com> 1465981006 +0000 signed tag signed tag message body
提交签名
-
创建方式:
git commit -S -
有效负载:提交对象
-
嵌入:标头条目
gpgsig(内容前面有一个空格) -
示例:提交,主题为
signed commit
tree eebfed94e75e7760540d1485c740902590a00332 parent 04b871796dc0420f8e7561a895b52484b701d51a author A U Thor <author@example.com> 1465981137 +0000 committer C O Mitter <committer@example.com> 1465981137 +0000 gpgsig -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 $ iQEcBAABAgAGBQJXYRjRAAoJEGEJLoW3InGJ3IwIAIY4SA6GxY3BjL60YyvsJPh/ HRCJwH+w7wt3Yc/9/bW2F+gF72kdHOOs2jfv+OZhq0q4OAN6fvVSczISY/82LpS7 DVdMQj2/YcHDT4xrDNBnXnviDO9G7am/9OE77kEbXrp7QPxvhjkicHNwy2rEflAA zn075rtEERDHr8nRYiDh8eVrefSO7D+bdQ7gv+7GsYMsd2auJWi1dHOSfTr9HIF4 HJhWXT9d2f8W+diRYXGh4X0wYiGg6na/soXc+vdtDYBzIxanRqjg8jCAeo1eOTk1 EdTwhcTZlI0x5pvJ3H0+4hA2jtldVtmPM4OTB0cTrEWBad7XV6YgiyuII73Ve3I= =jKHM -----END PGP SIGNATURE----- signed commit signed commit message body
-
验证方式:
git verify-commit [-v](或git show --show-signature)
gpg: Signature made Wed Jun 15 10:58:57 2016 CEST using RSA key ID B7227189 gpg: Good signature from "Eris Discordia <discord@example.net>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: D4BE 2231 1AD3 131E 5EDA 29A4 6109 2E85 B722 7189 tree eebfed94e75e7760540d1485c740902590a00332 parent 04b871796dc0420f8e7561a895b52484b701d51a author A U Thor <author@example.com> 1465981137 +0000 committer C O Mitter <committer@example.com> 1465981137 +0000 signed commit signed commit message body
合并标签签名
-
创建方式:
git merge在签名标签上 -
有效负载/嵌入:整个签名标签对象作为标头条目
mergetag嵌入到(合并)提交对象中 -
示例:合并上述签名标签
signedtag
tree c7b1cff039a93f3600a1d18b82d26688668c7dea parent c33429be94b5f2d3ee9b0adad223f877f174b05d parent 04b871796dc0420f8e7561a895b52484b701d51a author A U Thor <author@example.com> 1465982009 +0000 committer C O Mitter <committer@example.com> 1465982009 +0000 mergetag object 04b871796dc0420f8e7561a895b52484b701d51a type commit tag signedtag tagger C O Mitter <committer@example.com> 1465981006 +0000 $ signed tag $ signed tag message body -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 $ iQEcBAABAgAGBQJXYRhOAAoJEGEJLoW3InGJklkIAIcnhL7RwEb/+QeX9enkXhxn rxfdqrvWd1K80sl2TOt8Bg/NYwrUBw/RWJ+sg/hhHp4WtvE1HDGHlkEz3y11Lkuh 8tSxS3qKTxXUGozyPGuE90sJfExhZlW4knIQ1wt/yWqM+33E9pN4hzPqLwyrdods q8FWEqPPUbSJXoMbRPw04S5jrLtZSsUWbRYjmJCHzlhSfFWW4eFd37uquIaLUBS0 rkC3Jrx7420jkIpgFcTI2s60uhSQLzgcCwdA2ukSYIRnjg/zDkj8+3h/GaROJ72x lZyI6HWixKJkWw8lE9aAOD9TmTW9sFJwcVAzmAuFX2kUreDUKMZduGcoRYGpD7E= =jpXa -----END PGP SIGNATURE----- Merge tag 'signedtag' into downstream signed tag signed tag message body # gpg: Signature made Wed Jun 15 08:56:46 2016 UTC using RSA key ID B7227189 # gpg: Good signature from "Eris Discordia <discord@example.net>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: D4BE 2231 1AD3 131E 5EDA 29A4 6109 2E85 B722 7189
-
验证方式:默认情况下,验证嵌入在合并提交消息中,或者使用
git show --show-signature
commit 9863f0c76ff78712b6800e199a46aa56afbcbd49
merged tag 'signedtag'
gpg: Signature made Wed Jun 15 10:56:46 2016 CEST using RSA key ID B7227189
gpg: Good signature from "Eris Discordia <discord@example.net>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: D4BE 2231 1AD3 131E 5EDA 29A4 6109 2E85 B722 7189
Merge: c33429b 04b8717
Author: A U Thor <author@example.com>
Date: Wed Jun 15 09:13:29 2016 +0000
Merge tag 'signedtag' into downstream
signed tag
signed tag message body
# gpg: Signature made Wed Jun 15 08:56:46 2016 UTC using RSA key ID B7227189
# gpg: Good signature from "Eris Discordia <discord@example.net>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: D4BE 2231 1AD3 131E 5EDA 29A4 6109 2E85 B722 7189
GIT
属于 git[1] 套件的一部分
