Add gpg support

[gitblit]

Originally reported on Google Code with ID 338

What steps will reproduce the problem?
1. Sign a commit using SourceTree
2. Verify the pretty output of: git log --show-signature
3. Browse gitblit and nothing regarding the signature is shown.

What is the expected output? What do you see instead?
Feature request that I would like to see some display and/or validation of the signature.

What version of the product are you using? On what operating system?
SourceTree 1.7.4.1. GitBlit 1.3.0.

Reported by nasrollah.kavian on 2013-11-17 20:53:11

[gitblit]

Point me to an example repository with signed commits.

Reported by James.Moger on 2013-11-17 20:57:19

[gitblit]

git clone https://git.konverge.io/git/modules/konverge-core.git
cd konverge-core
git log --show-signature

commit 6605a6785691b39db6d90bb3386342dc6d3f7ab4
gpg: Signature made Sun Nov 17 12:11:22 2013 PST using RSA key ID 5EC7B4E0
gpg: Good signature from "Nas Kavian <nas@konverge.io>"
gpg:                 aka "Nasrollah Kavian <nasrollah.kavian@gmail.com>"
Author: Nas Kavian <nas@konverge.io>
Date:   Sun Nov 17 12:11:17 2013 -0800

    Added missing license header.

Reported by nasrollah.kavian on 2013-11-18 03:53:21

[gitblit]

I've briefly looked into this.  JGit does not currently support signed commits so this
issue will be left open, but will be a much lower priority until JGit supports signature
parsing.

The second half of your request is for verification of the signature which I presume
will require having access to each developer's public key.  Because I don't have a
mechanism/infrastructure to deal with keys yet that makes this request larger in scope.

I don't expect to be working on this proposal anytime soon, however, in time, the necessary
backend changes for Gitblit may be fulfilled by other planned improvements and JGit
may implement signature parsing.

Reported by James.Moger on 2013-11-25 18:50:22

[gitblit]

Reported by James.Moger on 2014-09-04 20:15:48

• Labels added: Milestone-2.0.0