remove verify of GetRepositoryDefaultPublicGPGKey for ssh and test for gpg

Author: ChristopherHX

services/asymkey/commit.go

@@ -445,36 +445,6 @@ func ParseCommitWithSSHSignature(ctx context.Context, c *git.Commit, committer *
 		}
 	}
 
-	// Covers ssh verification for the default SSH signing key specified in the .gitconfig file in Git.HomePath setting
-	defaultGPGSettings, err := c.GetRepositoryDefaultPublicGPGKey(false)
-	if defaultGPGSettings.Format == git.KeyTypeSSH {
-		if err != nil {
-			log.Error("Error getting default public ssh key: %v", err)
-		} else if defaultGPGSettings == nil {
-			log.Warn("Unable to get defaultGPGSettings for unattached commit: %s", c.ID.String())
-		} else if defaultGPGSettings.Sign {
-			if err := defaultGPGSettings.LoadPublicKeyContent(); err != nil {
-				log.Error("Error getting default signing key: %s %v", defaultGPGSettings.KeyID, err)
-			} else if fingerprint, err := asymkey_model.CalcFingerprint(defaultGPGSettings.PublicKeyContent); err != nil {
-				log.Error("Error calculating the fingerprint public key: %s %v", defaultGPGSettings.KeyID, err)
-			} else if commitVerification := verifySSHCommitVerification(c.Signature.Signature, c.Signature.Payload, &asymkey_model.PublicKey{
-				Verified:    true,
-				Content:     defaultGPGSettings.PublicKeyContent,
-				Fingerprint: fingerprint,
-				HasUsed:     true,
-			}, committer, &user_model.User{
-				Name:  defaultGPGSettings.Name,
-				Email: defaultGPGSettings.Email,
-			}, defaultGPGSettings.Email); commitVerification != nil {
-				if commitVerification.Reason == asymkey_model.BadSignature {
-					defaultReason = asymkey_model.BadSignature
-				} else {
-					return commitVerification
-				}
-			}
-		}
-	}
-
 	return &asymkey_model.CommitVerification{
 		CommittingUser: committer,
 		Verified:       false,

tests/integration/gpg_ssh_git_test.go

@@ -49,35 +49,6 @@ func TestGPGGit(t *testing.T) {
 	testGitSigning(t)
 }
 
-func TestGPGGitDefaults(t *testing.T) {
-	tmpDir := t.TempDir() // use a temp dir to avoid messing with the user's GPG keyring and git config
-	err := os.Chmod(tmpDir, 0o700)
-	assert.NoError(t, err)
-
-	t.Setenv("GNUPGHOME", tmpDir)
-
-	// Need to create a root key
-	rootKeyPair, err := importTestingKey()
-	require.NoError(t, err, "importTestingKey")
-
-	err = os.WriteFile(tmpDir+"/.gitconfig", []byte(`
-[user]
-	name = gitea
-	email = [email protected]
-	signingKey = `+rootKeyPair.PrimaryKey.KeyIdShortString()+`
-[commit]
-	gpgsign = true
-`), 0o600)
-	require.NoError(t, err, "os.WriteFile .gitconfig")
-
-	defer test.MockVariableValue(&setting.Repository.Signing.SigningKey, "")()
-	defer test.MockVariableValue(&setting.Repository.Signing.InitialCommit, []string{"never"})()
-	defer test.MockVariableValue(&setting.Repository.Signing.CRUDActions, []string{"never"})()
-	defer test.MockVariableValue(&setting.Git.HomePath, tmpDir)()
-
-	testGitSigning(t)
-}
-
 func TestSSHGit(t *testing.T) {
 	tmpDir := t.TempDir() // use a temp dir to store the SSH keys
 	err := os.Chmod(tmpDir, 0o700)
@@ -105,43 +76,6 @@ func TestSSHGit(t *testing.T) {
 	testGitSigning(t)
 }
 
-func TestSSHGitDefaults(t *testing.T) {
-	tmpDir := t.TempDir() // use a temp dir to store the SSH keys and git config
-	err := os.Chmod(tmpDir, 0o700)
-	assert.NoError(t, err)
-
-	pub, priv, err := ed25519.GenerateKey(rand.Reader)
-	require.NoError(t, err, "ed25519.GenerateKey")
-	sshPubKey, err := ssh.NewPublicKey(pub)
-	require.NoError(t, err, "ssh.NewPublicKey")
-
-	err = os.WriteFile(tmpDir+"/id_ed25519.pub", ssh.MarshalAuthorizedKey(sshPubKey), 0o600)
-	require.NoError(t, err, "os.WriteFile id_ed25519.pub")
-	block, err := ssh.MarshalPrivateKey(priv, "")
-	require.NoError(t, err, "ssh.MarshalPrivateKey")
-	err = os.WriteFile(tmpDir+"/id_ed25519", pem.EncodeToMemory(block), 0o600)
-	require.NoError(t, err, "os.WriteFile id_ed25519")
-	err = os.WriteFile(tmpDir+"/.gitconfig", []byte(`
-[user]
-	name = gitea
-	email = [email protected]
-	signingKey = `+tmpDir+`/id_ed25519.pub
-[gpg]
-	format = ssh
-[commit]
-	gpgsign = true
-`), 0o600)
-	require.NoError(t, err, "os.WriteFile .gitconfig")
-
-	defer test.MockVariableValue(&setting.Repository.Signing.SigningKey, "")()
-	defer test.MockVariableValue(&setting.Repository.Signing.SigningFormat, "ssh")()
-	defer test.MockVariableValue(&setting.Repository.Signing.InitialCommit, []string{"never"})()
-	defer test.MockVariableValue(&setting.Repository.Signing.CRUDActions, []string{"never"})()
-	defer test.MockVariableValue(&setting.Git.HomePath, tmpDir)()
-
-	testGitSigning(t)
-}
-
 func testGitSigning(t *testing.T) {
 	username := "user2"
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: username})