diff --git a/plugin/objectsigner/auto/auto.go b/plugin/objectsigner/auto/auto.go index 810e7b9..cd0d1f5 100644 --- a/plugin/objectsigner/auto/auto.go +++ b/plugin/objectsigner/auto/auto.go @@ -18,6 +18,7 @@ package auto import ( "bytes" + "context" "errors" "fmt" "io" @@ -97,9 +98,10 @@ type Config struct { } // Signer signs a message read from an io.Reader and returns the raw signature -// bytes. +// bytes. The context cancels signers that perform external or remote work +// (e.g. an external program); purely local signers ignore it. type Signer interface { - Sign(message io.Reader) ([]byte, error) + Sign(ctx context.Context, message io.Reader) ([]byte, error) } // FromConfig returns a [Signer] configured according to the provided Config. diff --git a/plugin/objectsigner/auto/auto_test.go b/plugin/objectsigner/auto/auto_test.go index ad5b0c8..934a316 100644 --- a/plugin/objectsigner/auto/auto_test.go +++ b/plugin/objectsigner/auto/auto_test.go @@ -38,7 +38,7 @@ func TestFromConfigSSH(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN SSH SIGNATURE-----") assert.Contains(t, string(sig), "-----END SSH SIGNATURE-----") @@ -62,7 +62,7 @@ func TestFromConfigSSHPubSuffixNoAgent(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN SSH SIGNATURE-----") } @@ -114,7 +114,7 @@ func TestFromConfigSSHKeyLiteralAgent(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN SSH SIGNATURE-----") } @@ -149,7 +149,7 @@ func TestFromConfigSSHAgentPubKeyPath(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN SSH SIGNATURE-----") } @@ -180,7 +180,7 @@ func TestFromConfigSSHAgentMultipleKeys(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN SSH SIGNATURE-----") @@ -260,7 +260,7 @@ func TestFromConfigSSHAgentPrivateKeyPath(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN SSH SIGNATURE-----") } @@ -303,7 +303,7 @@ func TestFromConfigSSHAgentFirstKey(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN SSH SIGNATURE-----") } @@ -352,7 +352,7 @@ func TestFromConfigGPG(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN PGP SIGNATURE-----") assert.Contains(t, string(sig), "-----END PGP SIGNATURE-----") @@ -373,7 +373,7 @@ func TestFromConfigGPGDefaultFormat(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN PGP SIGNATURE-----") } @@ -442,7 +442,7 @@ func TestFromConfigGPGEncryptedThenUnencrypted(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN PGP SIGNATURE-----") } @@ -462,7 +462,7 @@ func TestFromConfigGPGMultipleKeys(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN PGP SIGNATURE-----") } @@ -517,7 +517,7 @@ func TestFromConfigSSHHomeTilde(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN SSH SIGNATURE-----") } @@ -553,7 +553,7 @@ func TestFromConfigSSHAgentHomeTildePubKey(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN SSH SIGNATURE-----") } @@ -587,7 +587,7 @@ func TestFromConfigGPGHomeTilde(t *testing.T) { }) require.NoError(t, err) - sig, err := signer.Sign(strings.NewReader("hello\n")) + sig, err := signer.Sign(t.Context(), strings.NewReader("hello\n")) require.NoError(t, err) assert.Contains(t, string(sig), "-----BEGIN PGP SIGNATURE-----") } diff --git a/plugin/objectsigner/auto/go.mod b/plugin/objectsigner/auto/go.mod index 36611e0..71fbfec 100644 --- a/plugin/objectsigner/auto/go.mod +++ b/plugin/objectsigner/auto/go.mod @@ -5,8 +5,8 @@ go 1.25.0 require ( github.com/ProtonMail/go-crypto v1.3.0 github.com/go-git/go-billy/v6 v6.0.0-20260328065524-593ae452e14d - github.com/go-git/x/plugin/objectsigner/gpg v0.1.0 - github.com/go-git/x/plugin/objectsigner/ssh v0.1.0 + github.com/go-git/x/plugin/objectsigner/gpg v0.2.0 + github.com/go-git/x/plugin/objectsigner/ssh v0.2.0 github.com/hiddeco/sshsig v0.2.0 github.com/stretchr/testify v1.11.1 golang.org/x/crypto v0.48.0 diff --git a/plugin/objectsigner/auto/go.sum b/plugin/objectsigner/auto/go.sum index cf41441..64bb305 100644 --- a/plugin/objectsigner/auto/go.sum +++ b/plugin/objectsigner/auto/go.sum @@ -10,8 +10,12 @@ github.com/go-git/go-billy/v6 v6.0.0-20260328065524-593ae452e14d h1:bLMI9z4mKkfQ github.com/go-git/go-billy/v6 v6.0.0-20260328065524-593ae452e14d/go.mod h1:LLeMBFApkgIKwMzirxpU9XB7NvO2HdTw5FXmeP1M6c8= github.com/go-git/x/plugin/objectsigner/gpg v0.1.0 h1:NEGVSOD+LPnus6j4iNkAZaHVTc4DNY223y1/I2Jq2yI= github.com/go-git/x/plugin/objectsigner/gpg v0.1.0/go.mod h1:1iosWq3OOqZxtNrwDHtcjicswuaOT45J5GMFyCk80wc= +github.com/go-git/x/plugin/objectsigner/gpg v0.2.0 h1:3EGE1apJAh2Z9qUxBUCPSdQMbasQi1WFA9VJfgtkMa8= +github.com/go-git/x/plugin/objectsigner/gpg v0.2.0/go.mod h1:1iosWq3OOqZxtNrwDHtcjicswuaOT45J5GMFyCk80wc= github.com/go-git/x/plugin/objectsigner/ssh v0.1.0 h1:lAeeDgc1oxsMMvVUed6ssrqJnD97UR1K/dXIDdeg1Yc= github.com/go-git/x/plugin/objectsigner/ssh v0.1.0/go.mod h1:6BvpZj9Yry1ZFNw4N5OZDc+7M1T8oyrZilLNFg2aTsM= +github.com/go-git/x/plugin/objectsigner/ssh v0.2.0 h1:TkAMmGl8SgI3CL6BZv5Pv1cLxBAfmjkyE6jObUm/+zc= +github.com/go-git/x/plugin/objectsigner/ssh v0.2.0/go.mod h1:6BvpZj9Yry1ZFNw4N5OZDc+7M1T8oyrZilLNFg2aTsM= github.com/hiddeco/sshsig v0.2.0 h1:gMWllgKCITXdydVkDL+Zro0PU96QI55LwUwebSwNTSw= github.com/hiddeco/sshsig v0.2.0/go.mod h1:nJc98aGgiH6Yql2doqH4CTBVHexQA40Q+hMMLHP4EqE= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=