Skip to content

Support key rotation for signing keys

Igor Drozdov requested to merge id-signing-key-rotation into master

Related issue: Support rotation of the signing keys used for c... (#5417 - closed)

This MR allows specifying multiple signing keys separated by comma to the config.

It is added to prevent the following race condition:

  1. An old signing key is used to create a signature
  2. GetCommitSignatures is not yet called to store the values in Rails DB
  3. An admin configures a new signing key
  4. GetCommitSignatures is called, tries to verify the signatures using the new signing key, fails, and returns SIGNER_USER instead of SIGNER_SYSTEM.

Now:

  1. An admin configures a new signing key and the old signing key(s) in the list (newest first)
  2. GetCommitSignatures is called and iterates over all configured signing keys, tries to verify the signature using each of them, returns SIGNER_SYSTEM if any of the verifications are successful
Edited by Igor Drozdov

Merge request reports