You need to sign in or sign up before continuing.
This MR provides basic support for x509 signed commits as proposed within #24512 (closed) and #29782 (closed).
Main difference in comparision to gpg:
Approach:
Gitlab::SignedCommit
class containing has_signature?, signature_type and signature_data extract functionGitlab::X509::Commit
class similar to Gitlab::Gpg::Commit
ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_FILE'
Further reading:
The MR we made to introduce GPG signed commits within GitLab:
Samples of SMIME signed commits:
openssl x509 -inform DER -outform PEM -in ZZZZZZA1.crt -out ZZZZZZA1.pem
) within cert file located at ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_FILE'
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
@gitlab-com/gl-security/appsec