[darcs-users] Data Integrity

Daniel Carrera daniel.carrera at theingots.org
Thu Apr 9 14:36:14 UTC 2009


Nicolas Pouillard wrote:
> Although making a checksum when tagging is fairly easy and darcs should
> have an option to insert the hash in the tag description (or make it
> the default).
> 
> I would guess that using the pristine hash for this purpose would be fine,
> in this case this is as simple as :
> 
> darcs tag $(head -n 1 _darcs/hashed_inventory | cut -d: -f2)

That sounds good. And the 'tag' command could sign the hash. For 
signatures, Darcs could either use GPG or perhaps better, the Haskell 
Cryptographic Library: http://www.haskell.org/crypto/

You could store keys in ~/.darcs/keys so they are not attached to the 
repository.

In fact, Darcs could sign all patches, so that tags are not "special". I 
just took a look at the Darcs 2 format. It looks like it should be easy 
to add an RSA signature. This is what a patch looks like:


[Issue #011: Write hello-world.
daniel.carrera at theingots.org**20090331192735]
hunk ./hello.php 1
+ <? echo "hello world\n"; ?>


There's no context information that I can see. Hence, I imagine that the 
patch would look the same on someone else's computer. If that's correct, 
you can just sign it.


So now, every time you pull a patch, Darcs would check the signature. 
And for a tag, Darcs would also check that the hash in the tag matches 
the current pristine tree hash. With these features, I think Darcs would 
largely close the gap with the other more integrity-oriented SCMs.

Cheers,
Daniel.


More information about the darcs-users mailing list