feat: use git config to read tsa server and include-certs

github · Apr 21, 2020 · 2c7e910 · 2c7e910
1 parent 7e96b8b
commit 2c7e910
Show file tree

Hide file tree

Showing 5 changed files with 35 additions and 1 deletion.
diff --git a/.travis.yml b/.travis.yml
@@ -10,7 +10,8 @@ go:
 git:
   depth: false
 
-install: ''
+install:
+  - brew install libgit2
 
 script:
   - GIT_VERSION=$(git describe --tags)

diff --git a/README.md b/README.md
@@ -96,6 +96,15 @@ $ git config --get user.email
 $ smimesign --list-keys
 ```
 
+**Add smimesign options**
+
+Currently only `tsa` and `include-certs` options are supported.
+
+```bash
+$ git config --global gpg.x509.smimesign.tsa http://timestamp.digicert.com
+$ git config --global gpg.x509.smimesign.include-certs -1
+```
+
 ## Smart cards (PIV/CAC/Yubikey)
 
 Many large organizations and government agencies distribute certificates and keys to end users via smart cards. These cards allow applications on the user's computer to use private keys for signing or encryption without giving them the ability to export those keys. The native certificate stores on both Windows and macOS can talk to smart cards, though special drivers or middleware may be required.

diff --git a/go.mod b/go.mod
@@ -5,6 +5,7 @@ go 1.12
 require (
 	github.com/certifi/gocertifi v0.0.0-20180118203423-deb3ae2ef261
 	github.com/davecgh/go-spew v1.1.1
+	github.com/libgit2/git2go/v29 v29.0.2
 	github.com/mastahyeti/certstore v0.0.5
 	github.com/mastahyeti/cms v0.0.6
 	github.com/mastahyeti/fakeca v0.0.1

diff --git a/go.sum b/go.sum
@@ -3,6 +3,8 @@ github.com/certifi/gocertifi v0.0.0-20180118203423-deb3ae2ef261/go.mod h1:GJKEex
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/libgit2/git2go/v29 v29.0.2 h1:tejTEV+B3n48nx027dDUFMLQPSvKo+E1Y6WUZVlJvRo=
+github.com/libgit2/git2go/v29 v29.0.2/go.mod h1:GnXk1stNspaGKX8uisx1aGefUwLxzc6Ad+PfdVpEKhQ=
 github.com/mastahyeti/certstore v0.0.4 h1:lIS0StbHgmgUIpen7aayW+BGBFs7g141fOcjuobrFj8=
 github.com/mastahyeti/certstore v0.0.4/go.mod h1:G29tHH2jDKK45cvISMzk8ZRf3KrhRS7ptoteyYzztsk=
 github.com/mastahyeti/certstore v0.0.5 h1:8JV/YC8jN6SD+ocJi46PSdxXfPxwgilJJEA8HnG49ls=

diff --git a/main.go b/main.go
@@ -7,6 +7,7 @@ import (
 	"io"
 	"os"
 
+	git "github.com/libgit2/git2go/v29"
 	"github.com/mastahyeti/certstore"
 	"github.com/pborman/getopt/v2"
 	"github.com/pkg/errors"
@@ -72,6 +73,26 @@ func runCommand() error {
 		return nil
 	}
 
+	// read tsa and include-certs from gitconfig
+	path, err := os.Getwd()
+	if err == nil {
+		repo, err := git.OpenRepository(path)
+		if err == nil {
+			config, err := repo.Config()
+
+			tsa, err := config.LookupString("gpg.x509.smimesign.tsa")
+			if err == nil {
+				tsaOpt = &tsa
+			}
+
+			includeCerts32, err := config.LookupInt32("gpg.x509.smimesign.include-certs")
+			if err == nil {
+				var includeCerts int = int(includeCerts32)
+				includeCertsOpt = &includeCerts
+			}
+		}
+	}
+
 	// Open certificate store
 	store, err := certstore.Open()
 	if err != nil {