JankariTechUG/GitTrustedTimestamps
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Added verification script to verify all timestamps in the repository.

Browse Source 
Updated Documentation.
This commit is contained in:
Matthias Bühlmann
2021-02-16 10:05:26 +01:00
parent caf6ee8cff
commit d6ef1a5b02
4 changed files with 338 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@@ -11,7 +11,7 @@ By using this post-commit hook in a repository and thereby adding secure timesta
# How to use this software
0. (optional, but recommended) If you're ceating a new repository, it is strongly recommended to use SHA256 hashes (git uses SHA1 by default at the time of writing) by initializing the reopository using `git init --object-format=sha256` (Note: If you want to use a public hosting server such as github for your repository, you should check whether they already support SHA256 repositories). For more information, see https://git-scm.com/docs/hash-function-transition/
1. Copy the three bash scripts in the [hooks](hooks/) folder of this project into the .git/hooks folder of the project you want to timestamp.
1. Copy the four bash scripts in the [hooks](hooks/) folder of this project into the .git/hooks folder of the project you want to timestamp.
2. Configure the TSA url you want to use (in this example https://freetsa.org/tsr) using
`git config --local timestamping.tsa0.url https://freetsa.org/tsr`
3. You must declare that you trust this TSA by copying the root certificate of that TSA's trust chain into the .git/hooks/trustanchors folder (create it if it doesn't exist yet). The certificate MUST be in PEM format and the filename MUST be "subject_hash.0" where`subject_hash` is what openssl returns for the `--subject_hash` argument for x509 cetificates (https://www.openssl.org/docs/man1.1.1/man1/x509.html).
@@ -83,6 +83,16 @@ Additionally to the bare timestamp tokens stored in the commit message as traile
The `issuer_hash` for both files corresponds to the ESSCertID or ESSCertIDv2 hash with which the token identifies its issuer certificate. In general this is the SHA1 hash of the DER encoded issuer certificate for RFC3161 tokens, and some other hash of the DER encoded issuer certificate for RFC5816 tokens (the ESSCertIDv2 of the token specifies the used hashing algorithm).
# How to validate timestamps:
Ultimately the responsibility of validating the timestamps lies with the party who wishes to proof/disprove that they are valid.
This repository does come however with an implementation to do so. To use it, simply run `.git/hooks/validate.sh`
`validate.sh` will iterate over the entire commit history of the current branch and for each *timestamp commit* will:
- Check that the digest contained in the token matches the commit hash of the timestamped commit
- Checks that the TSA certificate was valid at the time of timestamping, by using historic CRL data
- Checks whether the TSA certificate or any intermediate certificate in the chain has been revoked and if so, whether the revocationCode matches the acceptable revocation reasons discussed in chapter 4 of the RFC3161 specification (https://tools.ietf.org/html/rfc3161)
# Author
- Matthias Bühlmann

2
hooks/post-commit
View File

@@ -114,7 +114,7 @@ while : ; do
TRAILER_VALUE="$TSA_URL"$'\n'"$INFO"$'\n\n'"$TOKENTEXT"$'\n\n'"$TOKEN_HEADER"$'\n'"$TOKENBASE64"$'\n'"$TOKEN_FOOTER"
#fold
TRAILER_VALUE=$(echo -n "$TRAILER_VALUE" | sed -e 's/^/ /')
git interpret-trailers --where end --if-exists addIfDifferent --no-divider --trailer "Timestamp:$TRAILER_VALUE" --in-place "$COMMIT_MSG_FILE"
git interpret-trailers --where end --if-exists addIfDifferent --no-divider --trailer "$TRAILER_TOKEN$TRAILER_VALUE" --in-place "$COMMIT_MSG_FILE"
done
#add all ltv files

56
hooks/timestamping
View File

@@ -84,10 +84,12 @@ log() {
TOKEN_HEADER="-----BEGIN RFC3161 TOKEN-----"
TOKEN_FOOTER="-----END RFC3161 TOKEN-----"
SUBJECT_LINE="-----TIMESTAMP COMMIT-----"
TRAILER_TOKEN="Timestamp:"
#get hashing algorithm used by repo
ALGO=$(git rev-parse --show-object-format)
#get directory to store validation data
LTV_DIR=$(git rev-parse --git-dir)/../.timestampltv
ROOT_DIR=$(git rev-parse --git-dir)/..
LTV_DIR="$ROOT_DIR"/.timestampltv
#get directory for trusted RootCA certificates
CA_PATH=$(git rev-parse --git-path hooks/trustanchors)
if [ ! -d "$CA_PATH" ]; then
@@ -99,14 +101,14 @@ fi
# param2: OUT variable, the ID
get_tsa_cert_id() {
local TOKEN_FILE="$1"
local -n CERT_ID="$2"
local -n CERT_ID_OUT="$2"
log "get_tsa_cert_id for $TOKEN_FILE"
#this works for both ESSCertID as well as ESSCerrtIDv2 since the version2 identifier is id-smime-aa-signingCertificateV2
CERT_ID=$(openssl asn1parse -inform DER -in "$TOKEN_FILE" \
CERT_ID_OUT=$(openssl asn1parse -inform DER -in "$TOKEN_FILE" \
| awk '/:id-smime-aa-signingCertificate/{f=1} f && /\[HEX DUMP\]:/ {print; exit}' \
| sed 's/^.*\[HEX DUMP\]://1')
if [ -z "$CERT_ID" ]; then
if [ -z "$CERT_ID_OUT" ]; then
echo "Token $TOKEN_FILE does not contain ESSCertID or ESSCertIDv2 of issuer."
return 1
fi
@@ -118,22 +120,54 @@ get_tsa_cert_id() {
# param2: OUT variable, the hashing algorithm string
get_cert_id_hash_agorithm() {
local TOKEN_FILE="$1"
local -n ALGO_NAME="$2"
local -n ALGO_NAME_OUT="$2"
log "get_cert_id_hash_agorithm for $TOKEN_FILE"
local PARSED=$(openssl asn1parse -inform DER -in "$TOKEN_FILE")
if [[ "$PARSED" == *":id-smime-aa-signingCertificateV2"* ]]; then
#TODO: extract non-default hashing algorithms
ALGO_NAME="sha256"
ALGO_NAME_OUT="sha256"
elif [[ "$PARSED" == *":id-smime-aa-signingCertificate"* ]]; then
ALGO_NAME="sha1"
ALGO_NAME_OUT="sha1"
else
ALGO_NAME="unknown"
ALGO_NAME_OUT="unknown"
fi
return 0
}
# function to extract digest from token file
# param1: path to token in DER encoding
# param2: OUT variable, the digest
get_token_digest() {
local TOKEN_FILE="$1"
local -n DIGEST_OUT="$2"
log "get_token_digest for $TOKEN_FILE"
local OFFSET=$(openssl asn1parse -inform DER -in "$TOKEN_FILE" \
| awk '/:id-smime-ct-TSTInfo/{f=1} f && /\[HEX DUMP\]:/ {print; exit}' \
| sed 's/:.*//' | sed 's/^[ \t]*//')
DIGEST_OUT=$(openssl asn1parse -inform DER -in "$TOKEN_FILE" -strparse "$OFFSET" \
| awk '/\[HEX DUMP\]:/ {print; exit}' \
| sed 's/^.*\[HEX DUMP\]://1')
return 0
}
# function to extract unix time of timestamp from token file
# param1: path to token in DER encoding
# param2: OUT variable, the unix time
get_token_unix_time() {
local TOKEN_FILE="$1"
local -n UNIXTIME="$2"
log "get_token_unix_time for $TOKEN_FILE"
local TOKEN_TIMESTAMP=$(openssl ts -reply -in "$TOKEN_FILE" -token_in -token_out -text 2> "$OUT_STREAM" \
| awk '/Time stamp:/{f=1} f {print; exit}' \
| sed 's/^.*Time stamp: //1')
UNIXTIME=$(date "+%s" -d "$TOKEN_TIMESTAMP")
return 0
}
#function to request a timestamp for a specified digest
# param1: tsa url
# param2: digest
@@ -362,10 +396,8 @@ verify_token_and_add_ltv_data() {
local CRL_CHAIN_FILE="$TMP_LTV_DIR"/crls/"$SIGNING_CERT_ID.crl"
download_crls_for_chain "$CERT_CHAIN_FILE" "$CRL_CHAIN_FILE"
#verify signing certificate
local TOKEN_TIMESTAMP=$(openssl ts -reply -in "$TOKEN_FILE" -token_in -token_out -text 2> "$OUT_STREAM" \
| awk '/Time stamp:/{f=1} f {print; exit}' \
| sed 's/^.*Time stamp: //1')
local TOKEN_UNIXTIME=$(date "+%s" -d "$TOKEN_TIMESTAMP")
local TOKEN_UNIXTIME=''
get_token_unix_time "$TOKEN_FILE" TOKEN_UNIXTIME
#validate signing certificate
if ! openssl verify -attime "$TOKEN_UNIXTIME" -CApath "$CA_PATH" -CRLfile "$CRL_CHAIN_FILE" \
-crl_check_all -untrusted "$CERT_CHAIN_FILE" "$CERT_CHAIN_FILE" &> "$OUT_STREAM"; then

282
hooks/validate.sh Normal file
View File

@@ -0,0 +1,282 @@
#!/bin/bash
#
# RFC3161 and RFC5816 Timestamping for git repositories.
#
# Copyright (c) 2021 Mabulous GmbH
# Authors: Matthias Bühlmann
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
# The interactive user interfaces in modified source and object code versions
# of this program must display Appropriate Legal Notices, as required under
# Section 5 of the GNU Affero General Public License version 3. In accordance
# with Section 7(b) of the GNU Affero General Public License, you must retain
# the Info line in every timestamp that is created or manipulated using a
# covered work.
#
# You can be released from the requirements of the license by purchasing
# a commercial license. Buying such a license is mandatory as soon as you
# develop commercial activities involving this software without
# disclosing the source code of your own applications.
# These activities include: offering paid services to customers as an ASP,
# providing data storage and archival services, shipping this software with a
# closed source product.
#
# For more information, please contact Mabulous GmbH at this
# address: info@mabulous.com
#
DIR="${BASH_SOURCE%/*}"
if [[ ! -d "$DIR" ]]; then DIR="$PWD"; fi
. "$DIR/timestamping"
# If commit contains timestamp tokens, validates them.
# param1: commit hash
# returns: 0 if the commit contains no timestamp tokens or contains at least one
# valid timestamp token. If there are invalid timestamp tokens and no valid
# timestamp token, returns 1. If there are both valid and invalid timestamp
# tokens, the function will return 0 but echo a warning about the invalid token.
validate_commit() {
local COMMIT_HASH="$1"
log "validate_commit for $COMMIT_HASH"
local COMMIT_CONTENT=$(git cat-file -p "$COMMIT_HASH")
if [ -z "$COMMIT_CONTENT" ]; then
echo_error "Invalid commit hash $COMMIT_HASH"
return 1
fi
#remove files from possible previous runs
rm -f "$TMP_DIR"/*.extracted_token.pem
rm -f "$TMP_DIR"/*.extracted_token.url
#extract timestamp tokens
local URL_START=${#TRAILER_TOKEN}
URL_START=$(( $URL_START + 2))
local NUM_EXTRACTED=$(echo -n "$COMMIT_CONTENT" | awk '$0~trailertoken{ i++; print substr($0,"$URL_START") > tmpdir i ".extracted_token.url" } /-----END/{show=0} show{print substr($0,2) > tmpdir i ".extracted_token.pem"} /-----BEGIN/{show=1} END {print i}' tmpdir="$TMP_DIR/" trailertoken="$TRAILER_TOKEN")
if [ -z "$NUM_EXTRACTED" ]; then
NUM_EXTRACTED=0
fi
#iterate over extracted base64 encodings, convert to DER, if it is a timestamp token, evaluate it.
local ERROR_INFO_FILE="$TMP_DIR"/error_info.txt
local ERROR_INFO=""
local TMP_DER="$TMP_DIR"/extracted_token.der
local TMP_TOKEN="$TMP_DIR"/extracted_token.tst
local NUM_VALID=0
local NUM_INVALID=0
local NUM_SKIPPED=0
local PARENT_HASH=$(git cat-file -p "$COMMIT_HASH" | awk '/^$/{exit} /parent/ {print}' | sed 's/parent //')
while ls "$TMP_DIR"/*.extracted_token.pem &> "$OUT_STREAM" && read EXTRACTED_TOKEN_PEM; do
openssl base64 -d -in "$EXTRACTED_TOKEN_PEM" -out "$TMP_DER"
#since a commit might contain some unrelated trailer with the name "Timestamp:" that also contains PEM header and footer, non-timestamp-tokens should be skipped
if ! openssl ts -reply -token_in -token_out -in "$TMP_DER" -out "$TMP_TOKEN" &> "$OUT_STREAM"; then
echo_warning "A PEM encoded trailer labeled $TRAILER_TOKEN has been found in commit $COMMIT_HASH which does not seem to be a timestamp token. Skipping."
((NUM_SKIPPED++))
continue
else
#this is a token, validate it!
local DIGEST=''
get_token_digest "$TMP_TOKEN" DIGEST
if [ "${DIGEST,,}" != "${PARENT_HASH,,}" ]; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH is invalid because the contained digest $DIGEST does not match the timestamped hash $PARENT_HASH"
((NUM_INVALID++))
continue
fi
local SIGNING_CERT_ID=''
get_tsa_cert_id "$TMP_TOKEN" SIGNING_CERT_ID
local TOKEN_UNIXTIME=''
get_token_unix_time "$TMP_TOKEN" TOKEN_UNIXTIME
local TSA_URL_FILE="${EXTRACTED_TOKEN_PEM/.pem/.url}"
local TSA_URL=$(cat "$TSA_URL_FILE")
local CERT_CHAIN_FILE="$LTV_DIR"/certs/"$SIGNING_CERT_ID".cer
if [ ! -f "$CERT_CHAIN_FILE" ]; then
#If LTV data is not in the working directory, try to check it out from the corresponding commit
local TMP_CERT_CHAIN_FILE="$TMP_DIR"/"$SIGNING_CERT_ID".cer
local PATH_SPEC=$(realpath --relative-to="$ROOT_DIR" "$CERT_CHAIN_FILE")
local CERT_CHAIN_CONTENT=$(git show "$COMMIT_HASH":"$PATH_SPEC") && echo -n "$CERT_CHAIN_CONTENT" > "$TMP_CERT_CHAIN_FILE"
CERT_CHAIN_FILE="$TMP_CERT_CHAIN_FILE"
fi
if [ ! -f "$CERT_CHAIN_FILE" ]; then
#if ltv data has not been stored for this commit, try to contact TSA to recreate it
if ! build_certificate_chain_for_token "$TMP_TOKEN" "$DIGEST" "$TSA_URL" "$CERT_CHAIN_FILE"; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since neither LTV data of certificate chain could be found nor could the certificate chain be recreated from the TSA url."
((NUM_INVALID++))
continue
fi
fi
#$CERT_CHAIN_FILE at this point contains certificate chain of token's signing certificate.
#first validate the token itself at the time of timestamping
if ! openssl ts -verify -digest "$DIGEST" -in "$TMP_TOKEN" -token_in -attime "$TOKEN_UNIXTIME" \
-CApath "$CA_PATH" -untrusted "$CERT_CHAIN_FILE" 1> "$OUT_STREAM" 2> "$ERROR_INFO_FILE"; then
ERROR_INFO=$(cat "$ERROR_INFO_FILE")
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since it is invalid or its rootCA isn't trusted: $ERROR_INFO"
((NUM_INVALID++))
continue
fi
#now validate the issuing certificate at the time of timestamping, using historical CRLs
local CRL_CHAIN_FILE="$LTV_DIR"/crls/"$SIGNING_CERT_ID".crl
local HISTORIC_CRL_CHAIN_FILE="$TMP_DIR"/"$SIGNING_CERT_ID".crl
local PATH_SPEC=$(realpath --relative-to="$ROOT_DIR" "$CRL_CHAIN_FILE")
local CRL_CHAIN_CONTENT=$(git show "$COMMIT_HASH":"$PATH_SPEC") && echo "$CRL_CHAIN_CONTENT" > "$HISTORIC_CRL_CHAIN_FILE"
if [ ! -f "$HISTORIC_CRL_CHAIN_FILE" ]; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since no CRL data valid at the time of timestamping could be found."
((NUM_INVALID++))
continue
fi
#historic CRL data available, check if the signing certificate was valid at the time of timestamping
if ! openssl verify -attime "$TOKEN_UNIXTIME" -CApath "$CA_PATH" -CRLfile "$HISTORIC_CRL_CHAIN_FILE" \
-crl_check_all -untrusted "$CERT_CHAIN_FILE" "$CERT_CHAIN_FILE" 1> "$OUT_STREAM" 2> "$ERROR_INFO_FILE"; then
cat "$HISTORIC_CRL_CHAIN_FILE"
ERROR_INFO=$(cat "$ERROR_INFO_FILE")
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH is invalid since TSA certificate has not been valid at the time the timestamp was created: $ERROR_INFO"
((NUM_INVALID++))
continue
fi
#now check that for each certificate in the trust chain a currently valid CRL can be found AND that
#each of the certificates either hasn't been revoked OR it has been revoked and the revocation entry contains the reasonCode
#extension and the reason code is one of unspecified (0), affiliationChanged (3), superseded (4) or cessationOfOperation (5) (see chapter 4 of https://www.ietf.org/rfc/rfc3161.txt)
local MOST_CURRENT_CRL_CHAIN_FILE="$TMP_DIR"/"$SIGNING_CERT_ID".crl
if ! download_crls_for_chain "$CERT_CHAIN_FILE" "$MOST_CURRENT_CRL_CHAIN_FILE"; then
echo_warning "Current CRLs for token could not be downloaded. Will try to use most recent CRL in LTV store".
if ! git show HEAD:"$CRL_CHAIN_FILE" > "$MOST_CURRENT_CRL_CHAIN_FILE"; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since no currently valid CRL data could be found."
((NUM_INVALID++))
continue
fi
fi
#expand cert chain and crl chain into individual files
#remove files from previous runs
rm -f "$TMP_DIR"/*.extracted_cert.pem
rm -f "$TMP_DIR"/*.extracted_crl.pem
cat "$CERT_CHAIN_FILE" \
| awk '/-----BEGIN CERTIFICATE-----/ { i++; } /-----BEGIN CERTIFICATE-----/, /-----END CERTIFICATE-----/ \
{ print > tmpdir i ".extracted_cert.pem" }' tmpdir="$TMP_DIR/"
cat "$MOST_CURRENT_CRL_CHAIN_FILE" \
| awk '/-----BEGIN X509 CRL-----/ { i++; } /-----BEGIN X509 CRL-----/, /-----END X509 CRL-----/ \
{ print > tmpdir i ".extracted_crl.pem" }' tmpdir="$TMP_DIR/"
#iterate over extracted certificates (first is signing certificate, last is self-signed root)
while ls "$TMP_DIR"/*.extracted_cert.pem &> "$OUT_STREAM" && read EXTRACTED_CERT; do
if ! openssl verify -CApath "$CA_PATH" -CRLfile "$MOST_CURRENT_CRL_CHAIN_FILE" \
-crl_check -untrusted "$CERT_CHAIN_FILE" "$EXTRACTED_CERT" 1> "$OUT_STREAM" 2> "$ERROR_INFO_FILE"; then
ERROR_INFO=$(cat "$ERROR_INFO_FILE")
local ERROR_NUMBER=$(echo -n "$ERROR_INFO" | awk '/depth lookup/;' | sed 's/error //' | sed 's/ at.*//')
#local ERROR_DEPTH=$(cat error.txt | awk '/depth lookup/;' | sed 's/.*at //' | sed 's/ depth lookup.*//')
#error number must be
local X509_V_ERR_CERT_REVOKED=23
if [ "$ERROR_NUMBER" -ne "$X509_V_ERR_CERT_REVOKED" ]; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since certificate validity could not be verified. Error: $ERROR_INFO."
((NUM_INVALID++))
continue 2
else
#find revocation reason
local CERT_SERIAL=$(openssl x509 -inform PEM -in "$EXTRACTED_CERT" -noout -serial | sed 's/serial=//')
local REVOCATION_ACCEPTABLE=false
local REASON=''
while ls "$TMP_DIR"/*.extracted_crl.pem &> "$OUT_STREAM" && read EXTRACTED_CRL; do
REASON=$(openssl crl -inform PEM -in "$EXTRACTED_CRL" -noout -text | awk '/$"CERT_SERIAL"/{f=1; next} f && /Serial Number:/{f=0} f && /CRL Reason Code:/{g=1; next} g {print; exit}' | sed 's/ *//')
if [ -z "$REASON" ]; then
continue
fi
#acceptable reasons: see chapter 4 of RFC3161
if [[ "$REASON" == "Unspecified" || "$REASON" == "Affiliation Changed" || "$REASON" == "Superseded" || "$REASON" == "Cessation Of Operation" ]]; then
REVOCATION_ACCEPTABLE=true
break
fi
done <<< $(ls "$TMP_DIR"/*.extracted_crl.pem 2> "$OUT_STREAM")
if [ "$REVOCATION_ACCEPTABLE" != true ]; then
if [ -z "$REASON" ]; then
REASON="Certificate revoked without reasonCode extension."
fi
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH is invalid since certificate was revoked for the following reason: $REASON"
((NUM_INVALID++))
continue 2
fi
fi
fi
done <<< $(ls "$TMP_DIR"/*.extracted_cert.pem 2> "$OUT_STREAM")
#token is valid
((NUM_VALID++))
fi
done <<< $(ls "$TMP_DIR"/*.extracted_token.pem 2> "$OUT_STREAM")
local NUM_PROCESSED=$(( $NUM_VALID + $NUM_INVALID + $NUM_SKIPPED ))
#assert that all extracted timestamps have been processed
if [ "$NUM_PROCESSED" -ne "$NUM_EXTRACTED" ]; then
echo_error "Assetion failed NUM_PROCESSED==NUM_EXTRACTED"
return 1
fi
if [ "$NUM_VALID" -eq 0 ] && [ "$NUM_INVALID" -eq 0 ]; then
#this commit does not contain timestamp tokens.
return 0
elif [ "$NUM_VALID" -gt 0 ]; then
if [ "$NUM_INVALID" -gt 0 ]; then
echo_warning "Warning: While commit $COMMIT_HASH contains $NUM_VALID valid timestamp tokens and thus is considered proppely timestamped, it also contains $NUM_INVALID invalid timestamp tokens."
fi
echo_info "Commit $COMMIT_HASH contains $NUM_VALID valid timestamp tokens."
return 0
fi
echo_error "All $NUM_INVALID timestamp tokens in commit $COMMIT_HASH are invalid."
return 1
}
# Recursive function to validate all ancestors of commit
# param1: commit hash
# returns: 0 if the validation of the commit and all its ancestors succeeded
validate_commit_and_parents() {
local COMMIT_HASH="$1"
log "validate_commit_and_parents for $COMMIT_HASH"
local ALL_PASSED=true
if ! validate_commit "$COMMIT_HASH"; then
ALL_PASSED=false
fi
local PARENTS=$(git cat-file -p "$COMMIT_HASH" | awk '/^$/{exit} /parent/ {print}' | sed 's/parent //')
#iterate over all parents of commit
if [ ! -z "$PARENTS" ]; then
while read PARENT_HASH; do
if ! validate_commit_and_parents "$PARENT_HASH"; then
ALL_PASSED=false
fi
done <<< $(echo -n "$PARENTS")
fi
if [ "$ALL_PASSED"=true ]; then
return 0
fi
return 1
}
OBJECT="$1"
if [ -z "$OBJECT" ]; then
OBJECT="HEAD"
fi
COMMIT_HASH=$(git rev-parse "$OBJECT")
if [ -z "$COMMIT_HASH" ]; then
echo_error "Invalid rev $OBJECT"
return 1
fi
echo_info "Checking repository integrity..."
#check git repository integrity
if ! git fsck --full --strict --no-progress --no-dangling "$COMMIT_HASH"; then
echo_error "git fsck failed. This means the repository is in a corrupted state and cannot be validated. Restore corrupt files from a backup or remote repository."
exit 1
fi
echo_info "Validating timestamps. This may take a while..."
if validate_commit_and_parents "$COMMIT_HASH"; then
echo_info "Validation OK: All timestamped commits in the commit history of $COMMIT_HASH contain at least one valid timestamp."
exit 0
else
echo_error "Validation Failed: There are timestamped commits in the commit history of $COMMIT_HASH which do not contain any valid timestamps."
exit 1
fi