Documentation/technical: describe signature formats

We use different types of signature formats in different places.
Set up the infrastructure and overview to describe them systematically
in our technical documentation.

Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Michael J Gruber 2016-06-17 09:46:08 +02:00 committed by Junio C Hamano
parent 05219a1276
commit 76f9d8bac8
2 changed files with 18 additions and 0 deletions

View File

@ -76,6 +76,7 @@ TECH_DOCS += technical/protocol-common
TECH_DOCS += technical/racy-git TECH_DOCS += technical/racy-git
TECH_DOCS += technical/send-pack-pipeline TECH_DOCS += technical/send-pack-pipeline
TECH_DOCS += technical/shallow TECH_DOCS += technical/shallow
TECH_DOCS += technical/signature-format
TECH_DOCS += technical/trivial-merge TECH_DOCS += technical/trivial-merge
SP_ARTICLES += $(TECH_DOCS) SP_ARTICLES += $(TECH_DOCS)
SP_ARTICLES += technical/api-index SP_ARTICLES += technical/api-index

View File

@ -0,0 +1,17 @@
Git signature format
====================
== Overview
Git uses cryptographic signatures in various places, currently objects (tags,
commits, mergetags) and transactions (pushes). In every case, the command which
is about to create an object or transaction determines a payload from that,
calls gpg to obtain a detached signature for the payload (`gpg -bsa`) and
embeds the signature into the object or transaction.
Signatures always begin with `-----BEGIN PGP SIGNATURE-----`
and end with `-----END PGP SIGNATURE-----`, unless gpg is told to
produce RFC1991 signatures which use `MESSAGE` instead of `SIGNATURE`.
The signed payload and the way the signature is embedded depends
on the type of the object resp. transaction.