Example partial emulation of git log -1 --show-signature with SSH signatures

[castedo]

A new Commit.raw_without_sig method is getting added and it enables the following interop between Dulwich and signature verification code. The following script behaves very similarly to git log -1 --show-signature. In this example the signature verification code is callingssh-keygen, the utility that git calls as a subprocess to print commit SSH signature information.

import dulwich.repo, subprocess, sys, tempfile

def check_ssh_signature(sshsig_message, sshsig_signature):
    with tempfile.NamedTemporaryFile() as sig_file:
        sig_file.write(sshsig_signature)
        sig_file.flush()
        cmdline = ["ssh-keygen", "-Y", "check-novalidate", "-n", "git", "-s", sig_file.name]
        subprocess.run(cmdline, input=sshsig_message)

repo = dulwich.repo.Repo('.')
ref = sys.argv[1].encode() if len(sys.argv) > 1 else b"HEAD"
commit = repo[ref]
print("commit", commit.id.decode())
check_ssh_signature(commit.raw_without_sig(), commit.gpgsig)
print("Author:",  commit.author.decode())
print("\n    ", commit.message.decode())

The output looks like this:

$ python3 demo.py 
commit 315adde078edc422483b8a01a4475161b22e104f
Good "git" signature with ED25519 key SHA256:Y+7Knz14csF0EXEmtJxn3lsz+J9RxAOEFyGE0Hgqapo
Author: Castedo Ellerman <[email protected]>

     add new Commit.raw_without_sig method and unittest

NOTE:
This example does not verify who made the signature. A "Good" signature as reported by ssh-keygen only means the commit was signed with the reported key. The signer might have nothing to do with the actual committer or author. In the above example, the ED25519 key might be of a hacker. Additional steps are required to determine if the SSH public key used to sign the commit is appropriate.

[castedo]

@jelmer Maybe this is worth putting in the docs?

Not sure if it should be a tutorial or how-to guide in the terminology of https://docs.divio.com/documentation-system/

In either case, there is a clear target for the tutorial/how-to guide which is print SSH signatures in a commit (using Dulwich and ssh-keygen).

Let me know if you want a PR or a tutorial or how-to guide adapted from the above example.

[jelmer]

I'm open to PRs to document this, especially in lieu of actual support for verifying SSH sigs. That said, I think it's a lot more useful to just add support for SSH sigs in .verify(). People who want to know how this works under the hood (rather than just verifying a signature) can look at the source code in that case.

[castedo]

I'll wait until we have more of a detailed idea of what Dulwich functions/methods/interfaces are available and which ones are useful for different objectives. I can predict that it's going to be complicated what "verification" actually is, what kind of "verification" and cryptographic tasks people are actually trying to achieve, whether it is best achieved via the ".verify()" function at all vs other interfaces. etc... I can definitely think of scenarios where the ".verify()" function interface is not useful (for those scenarios).

And then there is a huge thorny topic of the relative utility of high-quality documentation vs PyPI packaged code vs non-packaged example code. Anyway, not stuff that has to get hashed out now.

[castedo]

Here is the corresponding variation that does verification using a ssh-keygen allowed signers file.

import argparse, dulwich.repo, subprocess, tempfile

def verify(sshsig_message, sshsig_signature, allowed_signers_file):
    with tempfile.NamedTemporaryFile() as sig_file:
        sig_file.write(sshsig_signature)
        sig_file.flush()
        cmdline = [
            "ssh-keygen", "-Y", "find-principals",
            "-s", sig_file.name,
            "-f", allowed_signers_file,
        ]
        result = subprocess.run(cmdline, capture_output=True)
        for principal in result.stdout.splitlines():
            cmdline = [
                "ssh-keygen", "-Y", "verify",
                "-f", allowed_signers_file,
                "-I", principal,
                "-n", "git",
                "-s", sig_file.name,
            ]
            if 0 == subprocess.run(cmdline, input=sshsig_message).returncode:
                return True
    return False

if __name__ == "__main__":
    parser = argparse.ArgumentParser()
    parser.add_argument("allowed_signers_file")
    parser.add_argument("git_object", default="HEAD")
    args = parser.parse_args()

    repo = dulwich.repo.Repo(".")
    commit = repo[args.git_object.encode()]
    print("commit", commit.id.decode())
    verify(commit.raw_without_sig(), commit.gpgsig, args.allowed_signers_file)
    print("Author:", commit.author.decode())
    print("\n    ", commit.message.decode())

The core logic in git for calling ssh-keygen can be found at:
https://archive.softwareheritage.org/swh:1:cnt:07335987a6b9ceaf6edc2da71c2e636b0513372f;origin=https://github.com/git/git;visit=swh:1:snp:e72051ba1b2437b7bf3ed0346d04b289f1393982;anchor=swh:1:rev:6a11438f43469f3815f2f0fc997bd45792ff04c0;path=/gpg-interface.c;lines=450