global/git
1
0
Fork 0
mirror of https://github.com/git/git.git synced 2026-03-01 02:58:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

gpg-interface: signatures by expired keys are fine

Browse Source 
If a signature is made with a valid key and that key later expires, the
signature should still be considered good.

GnuPG emits in this case something like:

	[GNUPG:] NEWSIG
	gpg: Signature made Wed 26 Nov 2014 05:56:50 AM CET
	gpg:                using RSA key FE3958F9067BC667
	[GNUPG:] KEYEXPIRED 1478449622
	[GNUPG:] KEY_CONSIDERED D783920D6D4F0C06AA4C25F3FE3958F9067BC667 0
	[GNUPG:] KEYEXPIRED 1478449622
	[GNUPG:] SIG_ID 8tAN3Fx6XB2NAoH5U8neoguQ9MI 2014-11-26 1416977810
	[GNUPG:] EXPKEYSIG FE3958F9067BC667 Jason Cooper <jason@lakedaemon.net>
	gpg: Good signature from "Jason Cooper <jason@lakedaemon.net>" [expired]
	[GNUPG:] VALIDSIG D783920D6D4F0C06AA4C25F3FE3958F9067BC667 2014-11-26 1416977810 0 4 0 1 2 00 D783920D6D4F0C06AA4C25F3FE3958F9067BC667
	gpg: Note: This key has expired!
	      D783920D6D4F0C06AA4C25F3FE3958F9067BC667

(signature and signed data in this example is taken from Linux commit
756f80cee766574ae282baa97fdcf9cc). So GnuPG is relaxed and the fact that
the key is expired is only worth a "Note" which is weaker than e.g.

	gpg: WARNING: The key's User ID is not certified with a trusted signature!
	gpg:          There is no indication that the signature belongs to the owner.

which git still considers ok.

So stop coloring the signature by an expired key red and handle it like
any other good signature.

Signed-off-by: Uwe Kleine-König <ukleinek@kernel.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Uwe Kleine-König
2026-02-04 16:23:06 +01:00
committed by Junio C Hamano
parent b2826b52eb
commit 90695bbdae
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
gpg-interface.c
View File

@@ -382,7 +382,8 @@ static int verify_gpg_signed_buffer(struct signature_check *sigc,
delete_tempfile(&temp);
ret |= !strstr(gpg_stdout.buf, "\n[GNUPG:] GOODSIG ");
ret |= !strstr(gpg_stdout.buf, "\n[GNUPG:] GOODSIG ") &&
!strstr(gpg_stdout.buf, "\n[GNUPG:] EXPKEYSIG ");
sigc->output = strbuf_detach(&gpg_stderr, NULL);
sigc->gpg_status = strbuf_detach(&gpg_stdout, NULL);
@@ -680,7 +681,7 @@ int check_signature(struct signature_check *sigc,
if (status && !sigc->output)
return !!status;
status |= sigc->result != 'G';
status |= sigc->result != 'G' && sigc->result != 'Y';
status |= sigc->trust_level < configured_min_trust_level;
return !!status;