From bd0158928c0a3f9a32e1892346da3857ff22edf8 Mon Sep 17 00:00:00 2001 From: Mike Gerwitz Date: Wed, 18 Apr 2012 23:06:46 -0400 Subject: [PATCH] Added signchk tool This tool can help to ensure that commits have not been falsely authored. For example, if you receive an ease.js repository from a friend, there is no way to verify that a commit from "Mike Gerwitz" is actually a commit from myself unless it has been signed using my private key. This additional check will help to ensure the integrity of the repository. Please note that automated systems should *not* invoke this utility directly from this repository, unless it is invoked using a previously trusted commit. Otherwise, an attacker need only alter the script to competely evade the check. --- tools/signchk | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100755 tools/signchk diff --git a/tools/signchk b/tools/signchk new file mode 100755 index 0000000..cc5fd8c --- /dev/null +++ b/tools/signchk @@ -0,0 +1,32 @@ +#!/bin/bash +# +# Lists all commits after a given commit that do not have a trusted signature +# +# Allows for automated detection of potential attacks or false authorship of +# commits by validating signatures against trusted public GPG keys. +# +# Copyright (C) 2012 Mike Gerwitz +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +## + +# default to last unsigned commit (specific to ease.js) +chkafter="${1:-1b1790029}" + +# Check every commit after chkcommit (or all commits if chkcommit was not +# provided) for a trusted signature, listing invalid commits. %G? will output +# "G" if the signature is trusted. +t=$'\t' +git log --pretty="format:%H %aN$t%s$t%G?" "$chkafter.." \ + | grep -v "${t}G$"