This series adds key lifetime validity checks by passing commit/tag dates to the check operaion. I'm not totally sure about the way i'm parsing payload info via parse_signed_buffer_metadata(). payload was just an opaque buffer before. Now gpg-interface actually looks at it (thats wy i used a seperate api function for it and did not hide it in check_signature). I chose this approach since it requires the least changes for the consumers of this functionality. A cleaner way would maybe be introducing a check_object_signature() which takes a struct object instead of the payload directly to avoid the parse function altogether. However only some call sites already have this struct. Tags & fmt-merge-msg use different ways to produce the payload and i'm not sure how involved the objects creation would be or what side-effects this could have(performance?). Since the push-certs use case will never produce a object struct we would still have to keep the existing check_signature function anyway (or encapsulate those in some pseudo-object :/). The now used parse function also opens the usage up to sites already having both infos (date & ident), although there is currently none. Fabian Stelzer (6): ssh signing: extend check_signature to accept payload metadata ssh signing: add key lifetime test prereqs ssh signing: verify-commit/check_signature with commit date ssh signing: git log/check_signature with commit date ssh signing: verify-tag/check_signature with tag date ssh signing: fmt-merge-msg/check_signature with tag date Documentation/config/gpg.txt | 5 ++ builtin/receive-pack.c | 5 +- commit.c | 12 ++++- fmt-merge-msg.c | 15 +++++- gpg-interface.c | 79 ++++++++++++++++++++++++++++---- gpg-interface.h | 13 +++++- log-tree.c | 22 ++++++++- t/lib-gpg.sh | 19 +++++++- t/t4202-log.sh | 43 +++++++++++++++++ t/t6200-fmt-merge-msg.sh | 54 ++++++++++++++++++++++ t/t7031-verify-tag-signed-ssh.sh | 42 +++++++++++++++++ t/t7528-signed-commit-ssh.sh | 42 +++++++++++++++++ tag.c | 12 ++++- 13 files changed, 341 insertions(+), 22 deletions(-) base-commit: d3b4e01def5a9517c919f0b815c1b12296dc3dc2 -- 2.31.1
