Show git signatures

- Add /git/signature page to verify signatures using gpg
- Show link to signature pages for tag and commit objects

2 files changed, 136 insertions, 0 deletions

diff --git a/lib/app.js b/lib/app.js
index b4da954..6689a0e 100644
--- a/lib/app.js
+++ b/lib/app.js
@@ -19,6 +19,9 @@ var toPull = require('stream-to-pull-stream')
 var BoxStream = require('pull-box-stream')
 var crypto = require('crypto')
 var SsbNpmRegistry = require('ssb-npm-registry')
+var os = require('os')
+var path = require('path')
+var fs = require('fs')
 
 var zeros = new Buffer(24); zeros.fill(0)
 
@@ -1141,3 +1144,62 @@ App.prototype.sbotStatus = function (cb) {
   }
   if (typeof status === 'object' && status !== null) return cb(null, status)
 }
+
+function writeAll(fd, buf, cb) {
+  var offset = 0
+  var remaining = buf.length
+  fs.write(fd, buf, function onWrite(err, bytesWritten) {
+    if (err) return cb(err)
+    offset += bytesWritten
+    remaining -= bytesWritten
+    if (remaining > 0) fs.write(fd, buf, offset, remaining, null, onWrite)
+    else cb()
+  })
+}
+
+App.prototype.verifyGitObjectSignature = function (obj, cb) {
+  var self = this
+  var tmpPath = path.join(os.tmpdir(), '.git_vtag_tmp' + Math.random().toString('36'))
+  // use a temp file to work around https://github.com/nodejs/node/issues/13542
+  function closeEnd(err) {
+    fs.close(fd, function (err1) {
+      fs.unlink(tmpPath, function (err2) {
+        cb(err2 || err1 || err)
+      })
+    })
+  }
+  fs.open(tmpPath, 'w+', function (err, fd) {
+    if (err) return cb(err)
+    self.git.extractSignature(obj, function (err, parts) {
+      if (err) return closeEnd(err)
+      writeAll(fd, parts.signature, function (err) {
+        if (err) return closeEnd(err)
+        try { next(fd, parts) }
+        catch(e) { closeEnd(e) }
+      })
+    })
+  })
+  function next(fd, parts) {
+    var readSig = fs.createReadStream(null, {fd: fd, start: 0})
+    var done = multicb({pluck: 1, spread: true})
+    var gpg = proc.spawn('gpg', ['--status-fd=1', '--keyid-format=long',
+      '--verify', '/dev/fd/3', '-'], {
+      stdio: ['pipe', 'pipe', 'pipe', readSig]
+    }).on('close', done().bind(null, null))
+    .on('error', console.error.bind(console, 'gpg'))
+    gpg.stdin.end(parts.payload)
+    pull(toPull.source(gpg.stdout), u.pullConcat(done()))
+    pull(toPull.source(gpg.stderr), u.pullConcat(done()))
+    done(function (err, code, status, output) {
+      if (err) return closeEnd(err)
+      fs.unlink(tmpPath, function (err) {
+        if (err) return cb(err)
+        cb(null, {
+          goodsig: status.includes('\n[GNUPG:] GOODSIG '),
+          status: status.toString(),
+          output: output.toString()
+        })
+      })
+    })
+  }
+}
diff --git a/lib/serve.js b/lib/serve.js
index a28f758..fc8aa7b 100644
--- a/lib/serve.js
+++ b/lib/serve.js
@@ -1870,6 +1870,7 @@ Serve.prototype.git = function (url) {
     case 'blob': return this.gitBlob(m[2])
     case 'raw': return this.gitRaw(m[2])
     case 'diff': return this.gitDiff(m[2])
+    case 'signature': return this.gitSignature(m[2])
     case 'line-comment': return this.gitLineComment(m[2])
     default: return this.respond(404, 'Not found')
   }
@@ -1985,6 +1986,67 @@ Serve.prototype.gitObject = function (rev) {
   })
 }
 
+Serve.prototype.gitSignature = function (id) {
+  var self = this
+  if (!/[0-9a-f]{24}/.test(id)) {
+    return pull(
+      ph('div.error', 'not a git object id'),
+      self.wrapPage('git'),
+      self.respondSink(400)
+    )
+  }
+  if (!u.isRef(self.query.msg)) return pull(
+    ph('div.error', 'missing message id'),
+    self.wrapPage('git signature for ' + id),
+    self.respondSink(400)
+  )
+
+  self.app.git.openObject({
+    obj: id,
+    msg: self.query.msg,
+    type: self.query.type,
+  }, function (err, obj) {
+    if (err) return handleError(err)
+    var msgDate = new Date(obj.msg.value.timestamp)
+    self.app.verifyGitObjectSignature(obj, function (err, verification) {
+      if (err) return handleError(err)
+      var objPath = '/git/object/' + id + '?msg=' + encodeURIComponent(obj.msg.key)
+      pull(
+        ph('section', [
+          ph('h3', [
+            ph('a', {href: self.app.render.toUrl(objPath)}, id), ': ',
+            ph('a', {href: ''}, 'signature')
+          ]),
+          ph('div', [
+            self.phIdLink(obj.msg.value.author), ' pushed ',
+            ph('a', {
+              href: self.app.render.toUrl(obj.msg.key),
+              title: msgDate.toLocaleString(),
+            }, htime(msgDate))
+          ]),
+          ph('pre', u.escapeHTML(verification.output))
+          /*
+          verification.goodsig ? 'good' : 'bad',
+          ph('pre', u.escapeHTML(verification.status))
+          */
+        ]),
+        self.wrapPage('git signature for ' + id),
+        self.respondSink(200)
+      )
+    })
+  })
+
+  function handleError(err) {
+    if (err && err.name === 'BlobNotFoundError')
+      return self.askWantBlobs(err.links)
+    if (err) return pull(
+      pull.once(u.renderError(err).outerHTML),
+      self.wrapPage('git signature for ' + id),
+      self.respondSink(400)
+    )
+  }
+}
+
 Serve.prototype.gitCommit = function (rev) {
   var self = this
   if (!/[0-9a-f]{24}/.test(rev)) {
@@ -2073,6 +2135,12 @@ Serve.prototype.gitCommit = function (rev) {
               pull.once(commit.tree),
               self.gitObjectLinks(obj.msg.key, 'tree')
             )]) : '',
+            commit.gpgsig ? ph('div', [
+              ph('a', {href: self.app.render.toUrl(
+                '/git/signature/' + rev + '?msg=' + encodeURIComponent(self.query.msg)
+              )}, 'signature'),
+              commit.signatureVersion ? [' from ', ph('code', u.escapeHTML(commit.signatureVersion))] : ''
+            ]) : '',
             h('blockquote',
                self.app.render.gitCommitBody(commit.body)).outerHTML,
             ph('h4', 'files'),
@@ -2203,6 +2271,12 @@ Serve.prototype.gitTag = function (rev) {
               self.gitObjectLinks(obj.msg.key, tag.type)
             ), ' ',
             ph('code', u.escapeHTML(tag.tag)),
+            tag.gpgsig ? ph('div', [
+              ph('a', {href: self.app.render.toUrl(
+                '/git/signature/' + rev + '?msg=' + encodeURIComponent(self.query.msg)
+              )}, 'signature'),
+              tag.signatureVersion ? [' from ', ph('code', u.escapeHTML(tag.signatureVersion))] : ''
+            ]) : '',
             h('pre', self.app.render.linkify(tag.body)).outerHTML,
           ]
         ]),