Verify SSH signatures using gpg.ssh.allowedsignersfile

[Doodeletion]

SSH signed commits can be verified locally using gpg.ssh.allowedsignersfile. (https://git-scm.com/docs/git-config#Documentation/git-config.txt-gpgsshallowedSignersFile)

SourceGit appears to display all SSH signed commits as "Good signature with unknown validity". That message does not seem to make sense for SSH signing. As far as I know a SSH signature is either valid, invalid, or cannot be checked at all because the corresponding public key is unknown.

Git only assigns G and U to SSH signatures.

"To be able to differentiate between valid signatures and trusted signatures the trust level of a signature verification is set to fully when the public key is present in the allowedSignersFile. Otherwise the trust level is undefined and git verify-commit/tag will fail."
(https://git-scm.com/docs/git-config#Documentation/git-config.txt-gpgsshallowedSignersFile)

If GPG and SSH signatures can be differentiated, I think SSH signatures with U should be marked as "unverified" and SSH signatures with G should be marked as "verified".

Example current implementation

Here is an example. (I took that command from another issue where gpg signatures were discussed #614 (comment))

$ git log --decorate=full --pretty=format:"%H %G?"
638081867bda9fb1f95e39e51c49595453d8d718 G
456295604aaec346fc64cb6c871ed337584870fc U

Suggestion

[love-linger]

It's my mistake. I should use lower cased gpg.ssh.allowedsignersfile instead of gpg.ssh.allowedSignersFile since git config -l command outputs keys in lower case.

Please download the latest CI build from GitHub Action. If SourceGit finds the signer's public key, it will show the sign info as follow:

[Doodeletion]

Wow thanks for you lightning fast response!
I downloaded the CI build and can confirm it works 👍

I think it would be helpful to show a different symbol for unverified signatures. To me "green symbol = safe/verified".

[love-linger]

For U, it is still marked as good by git. See:

And brushes is defined in:

sourcegit/src/Models/CommitSignInfo.cs

Lines 11 to 25 in 080c446

	public IBrush Brush
	{
	get
	{
	return VerifyResult switch
	{
	'G' or 'U' => Brushes.Green,
	'X' or 'Y' or 'R' => Brushes.DarkOrange,
	'B' or 'E' => Brushes.Red,
	_ => Brushes.Transparent,
	};
	}
	}

[love-linger]

For example:

[Doodeletion]

Yes, you are following the Git documentation, but I think what Git does is wrong here. Signing was planned around GPG and SSH was only added much later.
For normal SSH keys (used for example to authenticate against Github), there is no such thing as a valid signature that cannot be verified. If you can verify a ssh signature it is valid - if you cannot verify a ssh signature it is invalid.

[Doodeletion]

I don't know why they chose to do it this way. From my understanding, it would be better if Git marked SSH signatures that cannot be verified as E.

[love-linger]

See code:

https://github.com/git/git/blob/b2826b52eb7caff9f4ed6e85ec45e338bf02ad09/gpg-interface.c#L397-L458

git use ssh to verify commit signing. When ssh returns Good "git" signature for ..., G? outputs G. And when ssh returns Good "git" signature with ..., G? outputs U