@@ -16,9 +16,9 @@ import (
1616 "time"
1717
1818 "code.gitea.io/git"
19+ "code.gitea.io/gitea/modules/log"
1920
2021 "github.com/go-xorm/xorm"
21- "github.com/ngaut/log"
2222 "golang.org/x/crypto/openpgp"
2323 "golang.org/x/crypto/openpgp/armor"
2424 "golang.org/x/crypto/openpgp/packet"
@@ -380,15 +380,6 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification {
380380 Reason : "gpg.error.extract_sign" ,
381381 }
382382 }
383- //Generating hash of commit
384- hash , err := populateHash (sig .Hash , []byte (c .Signature .Payload ))
385- if err != nil { //Skipping ailed to generate hash
386- log .Error (3 , "PopulateHash: %v" , err )
387- return & CommitVerification {
388- Verified : false ,
389- Reason : "gpg.error.generate_hash" ,
390- }
391- }
392383
393384 //Find Committer account
394385 committer , err := GetUserByEmail (c .Committer .Email )
@@ -401,14 +392,24 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification {
401392 }
402393
403394 keys , err := ListGPGKeys (committer .ID )
404- if err != nil { //Skipping failed to get gpg keys of user
395+ if err != nil || len ( keys ) == 0 { //Skipping failed to get gpg keys of user
405396 log .Error (3 , "ListGPGKeys: %v" , err )
406397 return & CommitVerification {
407398 Verified : false ,
408399 Reason : "gpg.error.failed_retrieval_gpg_keys" ,
409400 }
410401 }
411402
403+ //Generating hash of commit
404+ hash , err := populateHash (sig .Hash , []byte (c .Signature .Payload ))
405+ if err != nil { //Skipping ailed to generate hash
406+ log .Error (3 , "PopulateHash: %v" , err )
407+ return & CommitVerification {
408+ Verified : false ,
409+ Reason : "gpg.error.generate_hash" ,
410+ }
411+ }
412+
412413 for _ , k := range keys {
413414 //We get PK
414415 if err := verifySign (sig , hash , k ); err == nil {
0 commit comments