[darcs-users] Re: signing of patches
Anthony Towns
aj at azure.humbug.org.au
Tue Dec 7 05:25:12 UTC 2004
David Roundy wrote:
> The problem is that patch contents are changed even in the absence of
> conflicts. The line numbers a patch applies to depend on what patches have
> been previously applied--that is, the context.
>
> The corresponding "patch bundle" would be
>
> BEGIN
> New patches:
> (cut about four hundred lines...)
> [remove unnecesary fixregex function from RepoPrefs.
> David Roundy <droundy at abridgegame.org>**20040221172930]
> [TAG 0.9.17
> David Roundy <droundy at abridgegame.org>**20040221160549]
> Patch bundle hash:
> 97cec2581274e10980cd6c484d132d6e7f51e7a1
> END
>
> Probably I'd just sign the patch bundle hash.
The other option would seem to be to include some md5sums of the patches
themselves in the inventory, then sign that. That'd let "darcs pull/get"
validate signatures too then. It'd also make it theoretically possible
to have "darcs send" from a signed repository automatically generate a
signed patch bundle without needing to access any secret keys. For
example, if you then generated something like:
New patches:
...
Context:
...
[TAG ...
...]
Patch checksums: [for new _and_ context patches]
1293412903412341aabceaba 123412
....
Inventory signature:
----- BEGIN PGP SIGNATURE -----
...
Patch bundle hash:
...
you could recreate the original inventory file with checksums and verify
the signature, then verify the new patches against the checksums, then
commute and apply as usual.
Cheers,
aj
More information about the darcs-users
mailing list