Re: Signinig a commit with multiple signatures

[Jeff King <peff@peff.net>]

On Sun, Aug 17, 2014 at 09:30:47AM -0400, Jason Pyeron wrote:

> I am working on an open source project right now where we are looking
> to enforce a N of M audit approval process. It turns out that git
> supports verifying multiple signatures because gpg supports signature
> merging.

In the scheme you propose, the commit object is actually rewritten. So
whoever made and signed it first will then need to rebase on top of the
rewritten multi-signed version.

Is there a reason not to use detached signatures, and let each person
add them after the fact? You can store them in git-notes and then push
them along with the other commits (you can even check in a pre-receive
hook that the commits meet your N of M criteria, as long as everybody
has pushed up their signature notes).

> $ cat write-commit.ruby
> #!/usr/bin/irb
> require 'fileutils'
> file = File.open(ARGV[0], "rb")
> content = file.read
> header = "commit #{content.length}\0"
> store = header + content
> require 'digest/sha1'
> sha1 = Digest::SHA1.hexdigest(store)
> require 'zlib'
> zlib_content = Zlib::Deflate.deflate(store)
> path = '.git/objects/' + sha1[0,2] + '/' + sha1[2,38]
> FileUtils.mkdir_p(File.dirname(path))
> File.open(path, 'w') { |f| f.write zlib_content }

I think this is just "git hash-object -w -t commit <file>", isn't it?

-Peff