This series adds key lifetime validity checks by passing commit/tag dates to the check operaion. The whole series is functional and has tests. I'm sending this as an RFC since i'm unsure about the way i'm parsing payload info via parse_signed_buffer_metadata(). payload was just an opaque buffer before. Now gpg-interface actually looks at it (thats wy i used a seperate api function for it and did not hide it in check_signature). A cleaner approach would maybe be introducing a check_object_signature which takes a struct object instead of the payload directly to avoid the parse function altogether. However only some call sites already have this struct. Tags & fmt-merge-msg use different ways to produce the payload and i'm not sure how involved its creation would be or what side-effects this could have(performance?). Since the push-certs use case will never produce a object struct we would still have to keep the existing check_signature function anyway. The now used parse function also opens the usage up to sites already having both infos (date & ident), although there is currently none. Fabian Stelzer (6): ssh signing: extend check_signature to accept payload metadata ssh signing: add key lifetime test prereqs ssh signing: verify-commit/check_signature with commit date ssh signing: git log/check_signature with commit date ssh signing: verify-tag/check_signature with tag date ssh signing: fmt-merge-msg/check_signature with tag date Documentation/config/gpg.txt | 5 ++ builtin/receive-pack.c | 5 +- commit.c | 12 ++++- fmt-merge-msg.c | 16 +++++-- gpg-interface.c | 80 ++++++++++++++++++++++++++------ gpg-interface.h | 9 ++++ log-tree.c | 23 +++++++-- t/lib-gpg.sh | 19 +++++++- t/t4202-log.sh | 43 +++++++++++++++++ t/t6200-fmt-merge-msg.sh | 54 +++++++++++++++++++++ t/t7031-verify-tag-signed-ssh.sh | 42 +++++++++++++++++ t/t7528-signed-commit-ssh.sh | 42 +++++++++++++++++ tag.c | 12 ++++- 13 files changed, 334 insertions(+), 28 deletions(-) base-commit: 33379063c9546476a80d42c704efc4ea5d0d95e5 -- 2.31.1
