* Signed git-tag doesn't find default key
@ 2006-10-20 9:04 Andy Parkins
2006-10-20 16:32 ` Linus Torvalds
0 siblings, 1 reply; 5+ messages in thread
From: Andy Parkins @ 2006-10-20 9:04 UTC (permalink / raw)
To: git
[-- Attachment #1: Type: text/plain, Size: 913 bytes --]
Hello,
I did this:
$ git tag -s adp-sign-tag
gpg: skipped "Andy Parkins <andyparkins@gmail.com>": secret key not available
gpg: signing failed: secret key not available
failed to sign the tag with GPG.
I believe the problem is that I have used the comment field in my key's UID
definition.
$ gpg --list-keys andy
pub 1024D/4F712F6D 2003-08-14
uid Andy Parkins (Google) <andyparkins@gmail.com>
So when git-tag looks for "Andy Parkins <andyparkins@gmail.com>"; it's not
found. The answer is (I think) to search only on the email address when
looking for a key. I've simply changed git-tag to have
username=$(git-repo-config user.email)
However, this is clearly wrong as what it actually wants is the committer
email. Am I safe to simply process the $tagger variable to extract it?
Andy
--
Dr Andy Parkins, M Eng (hons), MIEE
andyparkins@gmail.com
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Signed git-tag doesn't find default key
2006-10-20 9:04 Signed git-tag doesn't find default key Andy Parkins
@ 2006-10-20 16:32 ` Linus Torvalds
2006-10-20 19:21 ` Andy Parkins
0 siblings, 1 reply; 5+ messages in thread
From: Linus Torvalds @ 2006-10-20 16:32 UTC (permalink / raw)
To: Andy Parkins; +Cc: git
On Fri, 20 Oct 2006, Andy Parkins wrote:
>
> I did this:
>
> $ git tag -s adp-sign-tag
> gpg: skipped "Andy Parkins <andyparkins@gmail.com>": secret key not available
> gpg: signing failed: secret key not available
> failed to sign the tag with GPG.
I would suggest one of two things:
- specify the signing entity explicitly:
git tag -u "andyparkins@gmail.com" adp-sign-tag
- or just add a new alternate user ID to match the full git user ID.
Currently, your pgp key has the full ID "Andy Parkins (Google)
<andyparkins@gmail.com>", and the way gpg matches ID's, that will _not_
match an ID of "Andy Parkins <andyparkins@gmail.com>"
But you can just do something like
gpg --edit-key andyparkins@gmail.com
and then do an "adduid", and then add your UID _without_ the "(Google)" in
there, and that should solve all your problems.
> So when git-tag looks for "Andy Parkins <andyparkins@gmail.com>"; it's not
> found. The answer is (I think) to search only on the email address when
> looking for a key. I've simply changed git-tag to have
>
> username=$(git-repo-config user.email)
>
> However, this is clearly wrong as what it actually wants is the committer
> email. Am I safe to simply process the $tagger variable to extract it?
You're probably better off with something like
git var GIT_COMMITTER_IDENT | sed 's/\(.*\)<\(.*\)>\(.*\)/\2/'
which should work, but see above: I think you literally are better off
just adding an alias to your PGP key that doesn't have the comment field.
That said, I've never understood why gpg matches on the comment field.
Dammit, it _should_ find the key anyway. Stupid program.
Linus
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Signed git-tag doesn't find default key
2006-10-20 16:32 ` Linus Torvalds
@ 2006-10-20 19:21 ` Andy Parkins
2006-10-21 0:52 ` Horst H. von Brand
0 siblings, 1 reply; 5+ messages in thread
From: Andy Parkins @ 2006-10-20 19:21 UTC (permalink / raw)
To: Linus Torvalds; +Cc: git
[-- Attachment #1: Type: text/plain, Size: 1833 bytes --]
On Friday 2006, October 20 17:32, Linus Torvalds wrote:
> and then do an "adduid", and then add your UID _without_ the "(Google)" in
> there, and that should solve all your problems.
Yeah, obviously that's one way; and while it doesn't really matter to me, it
seems poor form that git doesn't work with gpg as it is. While one could of
course use the "-u" switch, if that is the answer, then why bother with
having the "-s" switch at all?
> You're probably better off with something like
>
> git var GIT_COMMITTER_IDENT | sed 's/\(.*\)<\(.*\)>\(.*\)/\2/'
I've actually settled on:
: ${username:=$(expr "z$tagger" : 'z.*<\(.*\)>')}
In git-tag.sh.
> That said, I've never understood why gpg matches on the comment field.
> Dammit, it _should_ find the key anyway. Stupid program.
I think it's doing the right thing unfortunately. If you search on any part
"Andy Parkins"
"<andyparkins@gmail.com>"
"andyparkins@gmail.com"
"andyparkins"
It finds it fine; the only thing it doesn't find is
"Andy Parkins <andyparkins@gmail.com>"
Which I suppose is fair enough, as it's a fairly specific format to be
searching for.
I'm going to advocate my change of only searching on the email address for
finding the key - there shouldn't be two keys with the same email address
anyway, so there shouldn't be a danger of ambiguity of key. Also, it deals
with the case when someone has entered a different name in git and in their
gpg UID. For example, I would think it shouldn't be a problem that I like to
be called "Andy" on the git list, and yet want my key to say "A. D.
Parkins", "Andrew Parkins" or "Sparky McFly".
Now, I think I've written my name far, far too many times in this email.
Sparky McFly
--
Dr Andrew Parkins, M Eng (Hons), AMIEE
andyparkins@gmail.com
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Signed git-tag doesn't find default key
2006-10-20 19:21 ` Andy Parkins
@ 2006-10-21 0:52 ` Horst H. von Brand
2006-10-21 7:44 ` Andy Parkins
0 siblings, 1 reply; 5+ messages in thread
From: Horst H. von Brand @ 2006-10-21 0:52 UTC (permalink / raw)
To: Andy Parkins; +Cc: Linus Torvalds, git
Andy Parkins <andyparkins@gmail.com> wrote:
[...]
> I'm going to advocate my change of only searching on the email address
> for finding the key - there shouldn't be two keys with the same email
> address anyway, so there shouldn't be a danger of ambiguity of key.
There very well might be... say you have a key for signing git stuff,
another one for emailing, another one for signing RPMs you create, ... I
believe that is the idea of the GPG comment field, precisely.
--
Dr. Horst H. von Brand User #22616 counter.li.org
Departamento de Informatica Fono: +56 32 2654431
Universidad Tecnica Federico Santa Maria +56 32 2654239
Casilla 110-V, Valparaiso, Chile Fax: +56 32 2797513
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Signed git-tag doesn't find default key
2006-10-21 0:52 ` Horst H. von Brand
@ 2006-10-21 7:44 ` Andy Parkins
0 siblings, 0 replies; 5+ messages in thread
From: Andy Parkins @ 2006-10-21 7:44 UTC (permalink / raw)
To: git
[-- Attachment #1: Type: text/plain, Size: 492 bytes --]
On Saturday 2006, October 21 01:52, Horst H. von Brand wrote:
> There very well might be... say you have a key for signing git stuff,
> another one for emailing, another one for signing RPMs you create, ... I
> believe that is the idea of the GPG comment field, precisely.
Either way, you're arguing for the fault being with Git - which has no notion
of comment fields and so won't find the key anyway.
Andy
--
Dr Andrew Parkins, M Eng (Hons), AMIEE
andyparkins@gmail.com
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2006-10-21 7:47 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-10-20 9:04 Signed git-tag doesn't find default key Andy Parkins
2006-10-20 16:32 ` Linus Torvalds
2006-10-20 19:21 ` Andy Parkins
2006-10-21 0:52 ` Horst H. von Brand
2006-10-21 7:44 ` Andy Parkins
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).