Merge branch 'gm/signature-format-doc'
Doc update. * gm/signature-format-doc: signature-format.txt: note SSH and X.509 signature delimiters
This commit is contained in:
commit
9a4e18b701
@ -12,6 +12,9 @@ gpg.program::
|
||||
gpg.format::
|
||||
Specifies which key format to use when signing with `--gpg-sign`.
|
||||
Default is "openpgp". Other possible values are "x509", "ssh".
|
||||
+
|
||||
See linkgit:gitformat-signature[5] for the signature format, which differs
|
||||
based on the selected `gpg.format`.
|
||||
|
||||
gpg.<format>.program::
|
||||
Use this to customize the program used for the signing format you
|
||||
|
@ -17,12 +17,24 @@ DESCRIPTION
|
||||
Git uses cryptographic signatures in various places, currently objects (tags,
|
||||
commits, mergetags) and transactions (pushes). In every case, the command which
|
||||
is about to create an object or transaction determines a payload from that,
|
||||
calls gpg to obtain a detached signature for the payload (`gpg -bsa`) and
|
||||
embeds the signature into the object or transaction.
|
||||
calls an external program to obtain a detached signature for the payload
|
||||
(`gpg -bsa` in the case of PGP signatures), and embeds the signature into the
|
||||
object or transaction.
|
||||
|
||||
Signatures always begin with `-----BEGIN PGP SIGNATURE-----`
|
||||
and end with `-----END PGP SIGNATURE-----`, unless gpg is told to
|
||||
produce RFC1991 signatures which use `MESSAGE` instead of `SIGNATURE`.
|
||||
Signatures begin with an "ASCII Armor" header line and end with a tail line,
|
||||
which differ depending on signature type (as selected by `gpg.format`, see
|
||||
linkgit:git-config[1]). These are, for `gpg.format` values:
|
||||
|
||||
`gpg` (PGP)::
|
||||
`-----BEGIN PGP SIGNATURE-----` and `-----END PGP SIGNATURE-----`.
|
||||
Or, if gpg is told to produce RFC1991 signatures,
|
||||
`-----BEGIN PGP MESSAGE-----` and `-----END PGP MESSAGE-----`
|
||||
|
||||
`ssh` (SSH)::
|
||||
`-----BEGIN SSH SIGNATURE-----` and `-----END SSH SIGNATURE-----`
|
||||
|
||||
`x509` (X.509)::
|
||||
`-----BEGIN SIGNED MESSAGE-----` and `-----END SIGNED MESSAGE-----`
|
||||
|
||||
Signatures sometimes appear as a part of the normal payload
|
||||
(e.g. a signed tag has the signature block appended after the payload
|
||||
|
Loading…
Reference in New Issue
Block a user