From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 02D2BC433ED for ; Wed, 21 Apr 2021 22:07:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id CC1BD6144A for ; Wed, 21 Apr 2021 22:07:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343540AbhDUWHw (ORCPT ); Wed, 21 Apr 2021 18:07:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46140 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343543AbhDUWHn (ORCPT ); Wed, 21 Apr 2021 18:07:43 -0400 Received: from mav.lukeshu.com (mav.lukeshu.com [IPv6:2001:19f0:5c00:8069:5400:ff:fe26:6a86]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BA581C06138C for ; Wed, 21 Apr 2021 15:05:33 -0700 (PDT) Received: from lukeshu-dw-thinkpad (c-73-229-136-185.hsd1.co.comcast.net [73.229.136.185]) by mav.lukeshu.com (Postfix) with ESMTPSA id 0299880590; Wed, 21 Apr 2021 18:05:31 -0400 (EDT) Date: Wed, 21 Apr 2021 16:03:21 -0600 Message-ID: <87eef32t3q.wl-lukeshu@lukeshu.com> From: Luke Shumaker To: "brian m. carlson" , Luke Shumaker , git@vger.kernel.org, Luke Shumaker , Junio C Hamano , Elijah Newren , Jeff King , Johannes Schindelin , =?UTF-8?B?Tmd1eeG7hW4g?= =?ISO-8859-1?Q?Th?= =?ISO-8859-1?Q?=E1i_?= =?UTF-8?B?Tmfhu41j?= Duy Subject: Re: [PATCH 3/3] fast-export, fast-import: implement signed-commits In-Reply-To: References: <20210419225441.3139048-1-lukeshu@lukeshu.com> <20210419225441.3139048-4-lukeshu@lukeshu.com> <87tuo0q3ma.wl-lukeshu@lukeshu.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.2 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org On Tue, 20 Apr 2021 17:07:09 -0600, brian m. carlson wrote: > On 2021-04-20 at 17:15:25, Luke Shumaker wrote: > > I don't believe that's true? With SHA-1-signed tags, the signature > > gets included in the fast-import stream as part of the tag message > > (the `data` line in the BNF). Since SHA-256-signed tags have their > > signature as a header (rather than just appending it to the message), > > we'd have to add a 'gpgsig' sub-command to the 'tag' top-level-command > > (like I've done to the 'commit' top-level-command). > > If you're using a repository that's SHA-1, then the tag signature that's > part of the message is a signature over the SHA-1 contents of the > object, and the gpgsig-sha256 header is a signature over the SHA-256 > contents of the object. If you're using a repository that's SHA-256, > it's reversed: the signature at the end of the message covers the > SHA-256 contents of the object and the gpgsig header covers the SHA-1 > contents. Good to know! It seems I've been mislead by Documentation/technical/hash-function-transition.txt > Not implementing this means the CI will fail when the testsuite is run > in SHA-256 mode, so your patch probably won't be accepted. Gotcha. I guess I will be implementing it then. I'll let you know if I have any further questions, the information you've given already has been very helpful! -- Happy hacking, ~ Luke Shumaker