Around one month ago, I sent a patch that tried to improve on how `git fast-export` handled SSH and X.509 commit signatures: https://lore.kernel.org/git/20250424203904.909777-1-christian.couder@xxxxxxxxx/ This patch was showing a single string for the hash algorithm with the following possible values: * "openpgp" for SHA-1 OpenPGP signatures, * "sha256" for SHA-256 OpenPGP signatures, * "x509" for X.509 (GPGSM) signatures, * "ssh", for SSH signatures, * "unknown" for signatures that can't be identified (a warning is emitted). brian m. carlson however replied that it would be better to show two pieces of information instead of one: one for the hash algorithm and one for the protocol. I have tried to do that but there were a number of issues. First it seems to be easier to extract information from signatures when checking them. And if you check them, then it might be interesting to show the result of the check. Also for SSH signatures, it's difficult and not so informative to get the hash algorithm. That's because the hash algorithm is often specified by the key type (like "RSA", "ECDSA", "Ed25519", ...). For example "Ed25519" has SHA-512 integrated into its design, and "ECDSA" and "RSA" are typically used with SHA-256. So for SSH signatures it seems better to just show the key type and not the hash algorithm. In general I am not sure what users might want regarding commit signatures when using fast-export. Some might not need much signature information at all, and for them checking signatures might just slow the export process for no benefit, while others might want more signature information even at the expense of a slower export. To address this, I decided to focus first on extracting the hash algorithm from OpenPGP/X.509 signatures and the key type from SSH signature when checking signatures. To test that, I thought that it could be interesting to add a `--summary` option to `verify-commit` that shows a concise, one-line summary of the signature verification to standard output in the `STATUS FORMAT ALGORITHM` format, where: * STATUS is the result character (e.g., G, B, E, U, N, ...), similar as what the "%G?" pretty format specifier shows, * FORMAT is the signature format (`openpgp`, `x509`, or `ssh`), * ALGORITHM is the hash algorithm used for GPG/GPGSM signatures (e.g. `sha1`, `sha256`, ...), or the key type for SSH signatures (`RSA`, `ECDSA`, `ED25519`, ...). If we can agree on a concise format output for signature checks, then maybe this format will be a good format to be used in the `git fast-export` output for users who are fine with signatures being checked. What do you think? CI tests -------- They have all passed: https://github.com/chriscool/git/actions/runs/15248563563 Range diff compared to v1 ------------------------- No range diff as this series is a completely different approach to the problem, and running range-diff shows completely different patches. Christian Couder (6): gpg-interface: simplify ssh fingerprint parsing gpg-interface: use left shift to define GPG_VERIFY_* doc/verify-commit: update and improve the whole doc gpg-interface: extract hash algorithm from signature status output gpg-interface: extract SSH key type from signature status output verify-commit: add a --summary flag Documentation/git-verify-commit.adoc | 53 +++++++++++-- builtin/verify-commit.c | 4 +- gpg-interface.c | 111 ++++++++++++++++++++++++++- gpg-interface.h | 16 +++- t/t7510-signed-commit.sh | 24 ++++++ t/t7528-signed-commit-ssh.sh | 28 +++++++ 6 files changed, 224 insertions(+), 12 deletions(-) -- 2.49.0.609.g63c55177e5
