From: Fabian Stelzer <fs@gigacodes.de>
To: git@vger.kernel.org
Cc: Fabian Stelzer <fs@gigacodes.de>
Subject: [RFC PATCH 0/6] ssh signing: verify key lifetime
Date: Fri, 15 Oct 2021 15:15:01 +0200 [thread overview]
Message-ID: <20211015131507.1773153-1-fs@gigacodes.de> (raw)
This series adds key lifetime validity checks by passing commit/tag
dates to the check operaion. The whole series is functional and has
tests. I'm sending this as an RFC since i'm unsure about the way i'm
parsing payload info via parse_signed_buffer_metadata().
payload was just an opaque buffer before. Now gpg-interface actually
looks at it (thats wy i used a seperate api function for it and did not
hide it in check_signature).
A cleaner approach would maybe be introducing a check_object_signature
which takes a struct object instead of the payload directly to avoid the
parse function altogether. However only some call sites already have
this struct. Tags & fmt-merge-msg use different ways to produce the
payload and i'm not sure how involved its creation would be or what
side-effects this could have(performance?). Since the push-certs use case
will never produce a object struct we would still have to keep the
existing check_signature function anyway.
The now used parse function also opens the usage up to sites already having
both infos (date & ident), although there is currently none.
Fabian Stelzer (6):
ssh signing: extend check_signature to accept payload metadata
ssh signing: add key lifetime test prereqs
ssh signing: verify-commit/check_signature with commit date
ssh signing: git log/check_signature with commit date
ssh signing: verify-tag/check_signature with tag date
ssh signing: fmt-merge-msg/check_signature with tag date
Documentation/config/gpg.txt | 5 ++
builtin/receive-pack.c | 5 +-
commit.c | 12 ++++-
fmt-merge-msg.c | 16 +++++--
gpg-interface.c | 80 ++++++++++++++++++++++++++------
gpg-interface.h | 9 ++++
log-tree.c | 23 +++++++--
t/lib-gpg.sh | 19 +++++++-
t/t4202-log.sh | 43 +++++++++++++++++
t/t6200-fmt-merge-msg.sh | 54 +++++++++++++++++++++
t/t7031-verify-tag-signed-ssh.sh | 42 +++++++++++++++++
t/t7528-signed-commit-ssh.sh | 42 +++++++++++++++++
tag.c | 12 ++++-
13 files changed, 334 insertions(+), 28 deletions(-)
base-commit: 33379063c9546476a80d42c704efc4ea5d0d95e5
--
2.31.1
next reply other threads:[~2021-10-15 13:15 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-15 13:15 Fabian Stelzer [this message]
2021-10-15 13:15 ` [RFC PATCH 1/6] ssh signing: extend check_signature to accept payload metadata Fabian Stelzer
2021-10-15 13:15 ` [RFC PATCH 2/6] ssh signing: add key lifetime test prereqs Fabian Stelzer
2021-10-15 13:15 ` [RFC PATCH 3/6] ssh signing: verify-commit/check_signature with commit date Fabian Stelzer
2021-10-15 13:15 ` [RFC PATCH 4/6] ssh signing: git log/check_signature " Fabian Stelzer
2021-10-15 13:15 ` [RFC PATCH 5/6] ssh signing: verify-tag/check_signature with tag date Fabian Stelzer
2021-10-15 13:15 ` [RFC PATCH 6/6] ssh signing: fmt-merge-msg/check_signature " Fabian Stelzer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211015131507.1773153-1-fs@gigacodes.de \
--to=fs@gigacodes.de \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).