Re: cvssync (was Re: [Monotone-devel] Re: big repositories inconveniences (partial pull?))

[Thomas Moschny]

On Friday 08 September 2006 13:12 Daniel Carosone wrote:
> On Fri, Sep 08, 2006 at 11:25:38AM +0200, Markus Schiltknecht wrote:
> > To understand how certs are stored, I took a look at schema.sql and
> > found:
> >
> > CREATE TABLE revision_certs
> > (
> >   hash not null unique,   -- hash of remaining fields separated by ":"
> >   id not null,            -- joins with revisions.id
> >   name not null,          -- opaque string chosen by user
> >   value not null,         -- opaque blob
> >   keypair not null,       -- joins with public_keys.id
> >   signature not null,     -- RSA/SHA1 signature of "address@hidden:val]"
> >   unique(name, id, value, keypair, signature)
> > );
> >
> > Now, I understand most of it, only what are 'remaining fields'?
>
> Literally, the rest of the fields: id, name, etc.  They're
> concatenated together as address@hidden:val] (they *should* be basic_io, and
> will be after the next iteration, see the CertCleanup wiki page), and
> the hash of this string is what gets stored as hash, and then signed
> and stored as signature.

Almost:

- "address@hidden:val]" is hashed with sha1 and signed with rsa to 
  form the 'signature' value.
- "id:name:remove_ws(value):keypair:remove_ws(signature)" is hashed with 
  sha1 to form the 'hash' value, with remove_ws() removing whitespace,
  obviously.

Thomas M.

-- 
fortune: not found