From f6ee88bd49d3fdf9ed09375b8cd2e620cfd3d2d2 Mon Sep 17 00:00:00 2001 From: Nicklaus McClendon Date: Tue, 24 May 2016 16:39:48 -0500 Subject: [PATCH 1/3] Added Split-GPG for Git documentation Fixes QubesOS/qubes-issues#1964. Updated the documentation with the information from the issue and included information on signing and verifying tags. --- security/split-gpg.md | 41 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/security/split-gpg.md b/security/split-gpg.md index 32a9e16b..9f412545 100644 --- a/security/split-gpg.md +++ b/security/split-gpg.md @@ -171,7 +171,46 @@ passphrase from your (sub)key(s) in order to get Split-GPG working correctly. As mentioned above, we do not believe PGP key passphrases to be significant from a security perspective. -### Importing public keys ### +### Configuring Git for use with Split GPG ### + +Git can be configured to used with Split-GPG, something useful if you would +like to contribute to the Qubes OS Project as every commit is required to be +signed. The most basic ~/.gitconfig file to with working Split-GPG looks +something like this. + + [user] + name = YOUR NAME + email = YOUR EMAIL ADDRESS + signingkey = YOUR KEY ID + + [gpg] + program = qubes-gpg-client-wrapper + +Your key id is the public id of your signing key, which can be found by running +"qubes-gpg-client -k". In this instance, the key id is DD160C74. + + [user@work ~]$ qubes-gpg-client -k + /home/user/.gnupg/pubring.kbx + ----------------------------- + pub rsa4096/DD160C74 2016-04-26 + uid Qubes User + +To sign commits, you now add the "-S" flag to your commit command, which should +prompt for Split-GPG usage. If you would like automatically sign all commits, +you can add the following snippet to ~/.gitconfig. + + [commit] + gpgsign = true + +Lastly, if you would like to add aliases to sign and verify tags using the +conventions the Qubes OS Project recommends, you can add the following snippet +to ~/.gitconfig. + + [alias] + stag = "!id=`git rev-parse --verify HEAD`; git tag -s adw_${id:0:8} -m \"Tag for commit $id\"" + vtag = !git tag -v `git describe` + +## Importing public keys ### Use `qubes-gpg-import-key` in the client AppVM to import the key into the GPG backend VM. Of course a (safe, unspoofable) user consent dialog box is From 3d9c2d177b6704eb475272d7254e77e384d67c12 Mon Sep 17 00:00:00 2001 From: Andrew David Wong Date: Tue, 24 May 2016 17:30:26 -0700 Subject: [PATCH 2/3] Don't hardcode my initials into your git tag alias :) --- security/split-gpg.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/split-gpg.md b/security/split-gpg.md index 9f412545..4d7560f8 100644 --- a/security/split-gpg.md +++ b/security/split-gpg.md @@ -207,7 +207,7 @@ conventions the Qubes OS Project recommends, you can add the following snippet to ~/.gitconfig. [alias] - stag = "!id=`git rev-parse --verify HEAD`; git tag -s adw_${id:0:8} -m \"Tag for commit $id\"" + stag = "!id=`git rev-parse --verify HEAD`; git tag -s user_${id:0:8} -m \"Tag for commit $id\"" vtag = !git tag -v `git describe` ## Importing public keys ### From 5aa7b555d5bf753cca287aa75fd16ed60d9f5b7d Mon Sep 17 00:00:00 2001 From: Andrew David Wong Date: Tue, 24 May 2016 17:37:44 -0700 Subject: [PATCH 3/3] Explain usage of git tag aliases --- security/split-gpg.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/security/split-gpg.md b/security/split-gpg.md index 4d7560f8..84f17bce 100644 --- a/security/split-gpg.md +++ b/security/split-gpg.md @@ -210,6 +210,10 @@ to ~/.gitconfig. stag = "!id=`git rev-parse --verify HEAD`; git tag -s user_${id:0:8} -m \"Tag for commit $id\"" vtag = !git tag -v `git describe` +Replace `user` with your short, unique nickname. Now you can use `git stag` to +add a signed tag to a commit and `git vtag` to verify the most recent tag that +is reachable from a commit. + ## Importing public keys ### Use `qubes-gpg-import-key` in the client AppVM to import the key into the