Improving support for signed revisions
Peter Arrenbrecht
peter.arrenbrecht at gmail.com
Mon May 11 00:59:15 CDT 2009
On Sun, May 10, 2009 at 8:58 PM, Arne Babenhauserheide <arne_bab at web.de> wrote:
> On Wednesday 06 May 2009 22:52:28 Lasse Kliemann wrote:
>> > * On verify (and wherever else you want it), check the sig against
>> > the text minus the sig.
>>
>> That sounds right like it, yes.
>
> It wouldn't ensure the data, though.
>
> I could just grab the signed text and use it to do another commit which will
> then appear to have been done by the original committer.
>
> To ensure that the commit is really from the committer (and unchanged), you
> need to include the committer and a hash of the data into the signature.
>
> More exactly: You need to include all data which you want to verify (or a hash
> of it) into the signature.
Remember that the changelog "text" contains all of:
- manifest hash
- changelog message
- committer name
- commit date
So what this approach does not sign is the ancestry of the changeset
(its parent ids in the changelog), but it _does_ hash the manifest
hash (and thus, I believe, a non-forgeable version of all the files).
So all you could do is commit another identical version of all the
files, with identical commit message, but with a different reported
ancestry in the changelog (but not in the manifest or file logs).
To plug this last hole, you would simply sign both the changelog text
(as opposed to changelog message) plus the two changelog parent ids
(much like the final hash does, although the latter will then include
the signature in the text it hashes).
-parren
More information about the Mercurial
mailing list