From unknown Fri Jun 20 07:21:04 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#41787 <41787@debbugs.gnu.org> To: bug#41787 <41787@debbugs.gnu.org> Subject: Status: [PATCH] Disallow SHA1 signatures on commits Reply-To: bug#41787 <41787@debbugs.gnu.org> Date: Fri, 20 Jun 2025 14:21:04 +0000 retitle 41787 [PATCH] Disallow SHA1 signatures on commits reassign 41787 guix-patches submitter 41787 Ludovic Court=C3=A8s severity 41787 normal tag 41787 patch thanks From debbugs-submit-bounces@debbugs.gnu.org Wed Jun 10 09:16:49 2020 Received: (at submit) by debbugs.gnu.org; 10 Jun 2020 13:16:49 +0000 Received: from localhost ([127.0.0.1]:33550 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jj0b2-0005v3-Sr for submit@debbugs.gnu.org; Wed, 10 Jun 2020 09:16:49 -0400 Received: from lists.gnu.org ([209.51.188.17]:53744) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jj0b1-0005uv-Nm for submit@debbugs.gnu.org; Wed, 10 Jun 2020 09:16:48 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:49350) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jj0b1-0008Rd-AJ for guix-patches@gnu.org; Wed, 10 Jun 2020 09:16:47 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:40282) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jj0b0-0005OC-ST for guix-patches@gnu.org; Wed, 10 Jun 2020 09:16:46 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=36848 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jj0b0-0002lm-Bz for guix-patches@gnu.org; Wed, 10 Jun 2020 09:16:46 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: guix-patches@gnu.org Subject: [PATCH] Disallow SHA1 signatures on commits X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 23 Prairial an 228 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Wed, 10 Jun 2020 15:16:44 +0200 Message-ID: <877dwff4cj.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello Guix! The attached patch disallows SHA1 signatures on commits, as recommended in: https://sha-mbles.github.io/ As explained there, SHA1 is no longer the default for signatures since the release of GnuPG 2.0 in 2006, but there are still users of GnuPG 1.x. In our repository, there are 132 SHA1 signatures since =E2=80=98v1.0.0=E2= =80=99 (last one in April 2020) by three fellow hackers who have since updated their config along the lines of item #2 at: https://guix.gnu.org/manual/devel/en/html_node/Commit-Access.html With this patch, any commit with a SHA1 signature made after c91e27c60864faa229198f6f0caf620275c429a2 (May 1st), which introduces =E2=80=98.guix-authorizations=E2=80=99, is rejected (it is not a timestamp-= based check because timestamps can always be forged). If one of us makes a mistake, we=E2=80=99ll have to hard-reset prior to the faulty commit. For the record, this was previously discussed at: https://issues.guix.gnu.org/issue/22883#62 If you have any questions, please let me know. Feedback welcome! Ludo=E2=80=99. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-git-authenticate-Disallow-SHA1-and-MD5-signatures.patch Content-Description: the patch >From e902fdf083627d548541d6cc53643df4071616c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 10 Jun 2020 14:54:13 +0200 Subject: [PATCH] git-authenticate: Disallow SHA1 (and MD5) signatures. * guix/git-authenticate.scm (commit-signing-key): Add #:disallowed-hash-algorithms and honor it. (authenticate-commit)[recent-commit?]: New variable. Pass #:disallowed-hash-algorithms to 'commit-signing-key'. * tests/git-authenticate.scm ("signed commits, SHA1 signature"): New test. --- guix/git-authenticate.scm | 29 ++++++++++++++++++++++++++--- tests/git-authenticate.scm | 29 +++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+), 3 deletions(-) diff --git a/guix/git-authenticate.scm b/guix/git-authenticate.scm index c333717136..0d6f696a0b 100644 --- a/guix/git-authenticate.scm +++ b/guix/git-authenticate.scm @@ -85,9 +85,11 @@ (signature missing-key-error-signature)) -(define (commit-signing-key repo commit-id keyring) +(define* (commit-signing-key repo commit-id keyring + #:key (disallowed-hash-algorithms '(sha1))) "Return the OpenPGP key that signed COMMIT-ID (an OID). Raise an exception -if the commit is unsigned, has an invalid signature, or if its signing key is +if the commit is unsigned, has an invalid signature, has a signature using one +of the hash algorithms in DISALLOWED-HASH-ALGORITHMS, or if its signing key is not in KEYRING." (let-values (((signature signed-data) (catch 'git-error @@ -103,6 +105,17 @@ not in KEYRING." (oid->string commit-id))))))) (let ((signature (string->openpgp-packet signature))) + (when (memq (openpgp-signature-hash-algorithm signature) + `(,@disallowed-hash-algorithms md5)) + (raise (condition + (&unsigned-commit-error (commit commit-id)) + (&message + (message (format #f (G_ "commit ~a has a ~a signature, \ +which is not permitted") + (oid->string commit-id) + (openpgp-signature-hash-algorithm + signature))))))) + (with-fluids ((%default-port-encoding "UTF-8")) (let-values (((status data) (verify-openpgp-signature signature keyring @@ -198,8 +211,18 @@ not specify anything, fall back to DEFAULT-AUTHORIZATIONS." (define id (commit-id commit)) + (define recent-commit? + (false-if-git-not-found + (tree-entry-bypath (commit-tree commit) ".guix-authorizations"))) + (define signing-key - (commit-signing-key repository id keyring)) + (commit-signing-key repository id keyring + ;; Reject SHA1 signatures unconditionally as suggested + ;; by the authors of "SHA-1 is a Shambles" (2019). + ;; Accept it for "historical" commits (there are such + ;; signatures from April 2020 in the repository). + #:disallowed-hash-algorithms + (if recent-commit? '(sha1) '()))) (unless (member (openpgp-public-key-fingerprint signing-key) (commit-authorized-keys repository commit diff --git a/tests/git-authenticate.scm b/tests/git-authenticate.scm index 84689d628e..97990acaea 100644 --- a/tests/git-authenticate.scm +++ b/tests/git-authenticate.scm @@ -81,6 +81,35 @@ #:keyring-reference "master") 'failed))))) +(unless (which (git-command)) (test-skip 1)) +(test-assert "signed commits, SHA1 signature" + (with-fresh-gnupg-setup (list %ed25519-public-key-file + %ed25519-secret-key-file) + ;; Force use of SHA1 for signatures. + (call-with-output-file (string-append (getenv "GNUPGHOME") "/gpg.conf") + (lambda (port) + (display "digest-algo sha1" port))) + + (with-temporary-git-repository directory + `((add "a.txt" "A") + (add "signer.key" ,(call-with-input-file %ed25519-public-key-file + get-string-all)) + (add ".guix-authorizations" + ,(object->string + `(authorizations (version 0) + ((,(key-fingerprint %ed25519-public-key-file) + (name "Charlie")))))) + (commit "first commit" + (signer ,(key-fingerprint %ed25519-public-key-file)))) + (with-repository directory repository + (let ((commit (find-commit repository "first"))) + (guard (c ((unsigned-commit-error? c) + (oid=? (git-authentication-error-commit c) + (commit-id commit)))) + (authenticate-commits repository (list commit) + #:keyring-reference "master") + 'failed)))))) + (unless (gpg+git-available?) (test-skip 1)) (test-assert "signed commits, default authorizations" (with-fresh-gnupg-setup (list %ed25519-public-key-file -- 2.26.2 --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Fri Jun 12 12:57:54 2020 Received: (at 41787-done) by debbugs.gnu.org; 12 Jun 2020 16:57:54 +0000 Received: from localhost ([127.0.0.1]:40519 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jjn06-0002EV-67 for submit@debbugs.gnu.org; Fri, 12 Jun 2020 12:57:54 -0400 Received: from eggs.gnu.org ([209.51.188.92]:46510) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jjn04-0002EJ-Bl for 41787-done@debbugs.gnu.org; Fri, 12 Jun 2020 12:57:53 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:39877) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jjmzz-0002Rs-0R for 41787-done@debbugs.gnu.org; Fri, 12 Jun 2020 12:57:47 -0400 Received: from [2a01:e0a:1d:7270:6a6c:dc17:fc02:cfda] (port=55326 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jjmzy-0003P9-3B for 41787-done@debbugs.gnu.org; Fri, 12 Jun 2020 12:57:46 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: 41787-done@debbugs.gnu.org Subject: Re: [bug#41787] [PATCH] Disallow SHA1 signatures on commits References: <877dwff4cj.fsf@gnu.org> Date: Fri, 12 Jun 2020 18:57:44 +0200 In-Reply-To: <877dwff4cj.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Wed, 10 Jun 2020 15:16:44 +0200") Message-ID: <87mu5843xz.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 41787-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Ludovic Court=C3=A8s skribis: >>>From e902fdf083627d548541d6cc53643df4071616c7 Mon Sep 17 00:00:00 2001 > From: =3D?UTF-8?q?Ludovic=3D20Court=3DC3=3DA8s?=3D > Date: Wed, 10 Jun 2020 14:54:13 +0200 > Subject: [PATCH] git-authenticate: Disallow SHA1 (and MD5) signatures. > > * guix/git-authenticate.scm (commit-signing-key): Add > #:disallowed-hash-algorithms and honor it. > (authenticate-commit)[recent-commit?]: New variable. > Pass #:disallowed-hash-algorithms to 'commit-signing-key'. > * tests/git-authenticate.scm ("signed commits, SHA1 signature"): New test. Pushed as 52c529ff20b389eb64ac033586e6b1a5c5d82cb5. Ludo=E2=80=99. From unknown Fri Jun 20 07:21:04 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Sat, 11 Jul 2020 11:24:05 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator