From: Michael J Gruber <git@drmicha.warpmail.net>
To: Stephan Hugel <urschrei@gmail.com>
Cc: Junio C Hamano <gitster@pobox.com>, git@vger.kernel.org
Subject: Re: [PATCH] tag,verify-tag: do not trip over rfc1991 signatures
Date: Tue, 05 Oct 2010 22:56:12 +0200 [thread overview]
Message-ID: <4CAB90EC.1080302@drmicha.warpmail.net> (raw)
In-Reply-To: <AANLkTimg+=WW-mcB6RzORjDCV9rpLbc0NJhhg7Wd=0vp@mail.gmail.com>
Stephan Hugel venit, vidit, dixit 05.10.2010 22:51:
> On 5 October 2010 21:42, Michael J Gruber <git@drmicha.warpmail.net> wrote:
>> Junio C Hamano venit, vidit, dixit 05.10.2010 22:28:
>>> Michael J Gruber <git@drmicha.warpmail.net> writes:
>>>
>>>> Currently, git expects "-----BEGIN PGP SIGNATURE-----" at the beginning of a
>>>> signature. But gpg uses "MESSAGE" instead of "SIGNATURE" when used with
>>>> the "rfc1991" option. This leads to git's faling to verify it's own
>>>> signed tags.
>>>>
>>>> Be more lenient and take "-----BEGIN PGP " as the indicator.
>>>
>>> Thanks, but it bothers me that the patch is a bit inconsistently lenient.
>>>
>>> How many variants of PGP implementations are there? For example, I'd ask
>>> these without doing my own research because I am lazy:
>>>
>>> 1. Does everybody place five dashes at the beginning (IOW, is there an
>>> odd variant that puts four or six)?
>>>
>>> 2. Does everybody follow the dashes immediately with "BEGIN" (IOW, is
>>> there an odd variant that puts a SP between them)?
>>>
>>> 3. Does everybody spell "BEGIN PGP " the same way, in all uppercase?
>>>
>>> 4. Does everybody place five dashes at the end (IOW, is there an odd
>>> variant that puts four or six)?
>>>
>>> 5. Does everybody follow the "BEGIN PGP SOMETHING" immediately with
>>> dashes without SP?
>>>
>>> Your patch seem to answer <yes, yes, yes, no, no> to the above question.
>>
>> On 4,5, my patch only implies that I (suggest we) don't care.
>>
>>> I'd find it saner if the patched code at least checked that the line ends
>>> with 5 dashes.
>>
>> Alternatively, we can just say we support gnupg/openpg but not pgp 2.0,
>> and running gpg with pgp 2.0 options is discouraged even by gpg's man page.
>>
>> The main issue here is that we create a detached signature (rather than
>> a clear text signature) but then lump it together with the content (the
>> tag object sans sig). The boundary mark between the two is not
>> controlled by us but by gpg (and its options).
>>
>> In order to verify the sig, *we* have to split the lump again but we
>> don't really know the boundary mark. It's insane by design. We should
>> have used a non-volatile boundary mark.
>>
>> I'll check whether we can somehow feed the whole lump to gpg and make it
>> recognize the attached-detached signature. That way we'd be as
>> compatible as gpg.
>>
>> Michael
>>
> 5 dashes + BEGIN [other stuff] and
> 5 dashes + END
> was part of RFC1991:
> http://tools.ietf.org/html/rfc1991#section-2.4.1
>
> Which was obsoleted by RFC4880 :
> http://tools.ietf.org/html/rfc4880#section-6.2
> 5 dashes + BEGIN [some different stuff]
> 5 dashes + END
>
> Aside from the above considerations, 5 dashes + BEGIN
> would appear to conform to both the old and the current spec. Since
> the current implementation of GnuPG only offers the rfc1991
> compatibility options, complying with both covers all (i.e. both)
> possibilties, no?
So, we (c|sh)ould really check for the two variants rather than being
lenient, right? I'll bite the v2 apple.
Michael
next prev parent reply other threads:[~2010-10-05 20:56 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-04 22:13 Error when verifying tags signed using 1.7.3.1 Stephan Hugel
2010-10-04 22:51 ` Daniel Johnson
2010-10-04 23:04 ` Stephan Hugel
2010-10-04 23:59 ` Daniel Johnson
2010-10-05 0:17 ` Stephan Hugel
2010-10-05 8:00 ` Michael J Gruber
2010-10-05 13:28 ` Stephan Hugel
2010-10-05 15:07 ` Michael J Gruber
2010-10-05 15:19 ` Stephan Hugel
2010-10-05 15:39 ` Michael J Gruber
2010-10-05 15:40 ` [PATCH] tag,verify-tag: do not trip over rfc1991 signatures Michael J Gruber
2010-10-05 20:28 ` Junio C Hamano
2010-10-05 20:42 ` Michael J Gruber
2010-10-05 20:51 ` Stephan Hugel
2010-10-05 20:56 ` Michael J Gruber [this message]
2010-11-06 11:04 ` [PATCH 0/5] Handling of " Michael J Gruber
2010-11-06 11:04 ` [PATCH 1/5] t/t7004-tag: test handling " Michael J Gruber
2010-11-09 17:17 ` Junio C Hamano
2010-11-09 17:23 ` Michael J Gruber
2010-11-10 0:19 ` Junio C Hamano
2010-11-10 8:23 ` Michael J Gruber
2010-11-06 11:04 ` [PATCH 2/5] verify-tag: factor out signature detection Michael J Gruber
2010-11-06 17:40 ` Thiago Farina
2010-11-06 11:04 ` [PATCH 3/5] tag: factor out sig detection for body edits Michael J Gruber
2010-11-06 11:04 ` [PATCH 4/5] tag: factor out sig detection for tag display Michael J Gruber
2010-11-06 11:04 ` [PATCH 5/5] tag: recognize rfc1991 signatures Michael J Gruber
2010-11-06 17:46 ` Thiago Farina
2010-11-08 19:27 ` Junio C Hamano
2010-11-10 11:17 ` [PATCHv2 0/5] Handling of " Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 1/5] t/t7004-tag: test handling " Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 2/5] verify-tag: factor out signature detection Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 3/5] tag: factor out sig detection for body edits Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 4/5] tag: factor out sig detection for tag display Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 5/5] tag: recognize rfc1991 signatures Michael J Gruber
2010-11-10 17:41 ` [PATCHv2 0/5] Handling of " Junio C Hamano
2010-10-05 20:42 ` [PATCH] tag,verify-tag: do not trip over " Todd Zullinger
2010-10-05 20:47 ` Michael J Gruber
2010-10-05 15:45 ` Error when verifying tags signed using 1.7.3.1 Stephan Hugel
2010-10-05 9:41 ` Pat Thoyts
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CAB90EC.1080302@drmicha.warpmail.net \
--to=git@drmicha.warpmail.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=urschrei@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).