[darcs-users] Re: signing of patches

Anthony Towns aj at azure.humbug.org.au
Tue Dec 7 05:25:12 UTC 2004


David Roundy wrote:
> The problem is that patch contents are changed even in the absence of
> conflicts.  The line numbers a patch applies to depend on what patches have
> been previously applied--that is, the context.
>
> The corresponding "patch bundle" would be
> 
> BEGIN
> New patches:
> (cut about four hundred lines...)
> [remove unnecesary fixregex function from RepoPrefs.
> David Roundy <droundy at abridgegame.org>**20040221172930] 
> [TAG 0.9.17
> David Roundy <droundy at abridgegame.org>**20040221160549] 
> Patch bundle hash:
> 97cec2581274e10980cd6c484d132d6e7f51e7a1
> END
> 
> Probably I'd just sign the patch bundle hash.

The other option would seem to be to include some md5sums of the patches 
themselves in the inventory, then sign that. That'd let "darcs pull/get" 
validate signatures too then. It'd also make it theoretically possible 
to have "darcs send" from a signed repository automatically generate a 
signed patch bundle without needing to access any secret keys. For 
example, if you then generated something like:

	New patches:
	...
	Context:
	...
	[TAG ...
	...]
	Patch checksums: [for new _and_ context patches]
	1293412903412341aabceaba 123412
	....
	Inventory signature:
	----- BEGIN PGP SIGNATURE -----
	...
	Patch bundle hash:
	...

you could recreate the original inventory file with checksums and verify 
the signature, then verify the new patches against the checksums, then 
commute and apply as usual.

Cheers,
aj




More information about the darcs-users mailing list