2 * \file lib/signature.c
8 #include <netinet/in.h>
10 #include <rpm/rpmtypes.h>
11 #include <rpm/rpmstring.h>
12 #include <rpm/rpmfileutil.h>
13 #include <rpm/rpmlog.h>
14 #include <rpm/rpmkeyring.h>
16 #include "lib/rpmlead.h"
17 #include "lib/signature.h"
18 #include "lib/header_internal.h"
22 /* Dumb wrapper around headerPut() for signature header */
23 static int sighdrPut(Header h, rpmTagVal tag, rpmTagType type,
24 rpm_data_t p, rpm_count_t c)
32 return headerPut(h, &sigtd, HEADERPUT_DEFAULT);
37 * @todo rpmio: use fdSize rather than fstat(2) to get file size.
38 * @param fd package file handle
39 * @param siglen signature header size
40 * @param pad signature padding
41 * @param datalen length of header+payload
42 * @return rpmRC return code
44 static inline rpmRC printSize(FD_t fd, size_t siglen, size_t pad, rpm_loff_t datalen)
47 int fdno = Fileno(fd);
49 if (fstat(fdno, &st) < 0)
53 "Expected size: %12" PRIu64 \
54 " = lead(%d)+sigs(%zd)+pad(%zd)+data(%" PRIu64 ")\n",
55 RPMLEAD_SIZE+siglen+pad+datalen,
56 RPMLEAD_SIZE, siglen, pad, datalen);
58 " Actual size: %12" PRIu64 "\n", (rpm_loff_t) st.st_size);
63 rpmRC rpmReadSignature(FD_t fd, Header * sighp, sigType sig_type, char ** msg)
73 struct indexEntry_s entry;
74 struct entryInfo_s info;
75 unsigned char * dataStart;
76 unsigned char * dataEnd = NULL;
78 rpmRC rc = RPMRC_FAIL; /* assume failure */
85 if (sig_type != RPMSIGTYPE_HEADERSIG)
88 memset(block, 0, sizeof(block));
89 if ((xx = Freadall(fd, block, sizeof(block))) != sizeof(block)) {
90 rasprintf(&buf, _("sigh size(%d): BAD, read returned %d\n"),
91 (int)sizeof(block), xx);
94 if (memcmp(block, rpm_header_magic, sizeof(rpm_header_magic))) {
95 rasprintf(&buf, _("sigh magic: BAD\n"));
99 if (il < 0 || il > 32) {
101 _("sigh tags: BAD, no. of tags(%d) out of range\n"), il);
104 dl = ntohl(block[3]);
105 if (dl < 0 || dl > 8192) {
107 _("sigh data: BAD, no. of bytes(%d) out of range\n"), dl);
111 memset(&entry, 0, sizeof(entry));
112 memset(&info, 0, sizeof(info));
114 nb = (il * sizeof(struct entryInfo_s)) + dl;
115 uc = sizeof(il) + sizeof(dl) + nb;
119 pe = (entryInfo) &ei[2];
120 dataStart = (unsigned char *) (pe + il);
121 if ((xx = Freadall(fd, pe, nb)) != nb) {
123 _("sigh blob(%d): BAD, read returned %d\n"), (int)nb, xx);
127 /* Check (and convert) the 1st tag element. */
128 xx = headerVerifyInfo(1, dl, pe, &entry.info, 0);
130 rasprintf(&buf, _("tag[%d]: BAD, tag %d type %d offset %d count %d\n"),
131 0, entry.info.tag, entry.info.type,
132 entry.info.offset, entry.info.count);
136 /* Is there an immutable header region tag? */
137 if (entry.info.tag == RPMTAG_HEADERSIGNATURES) {
138 /* Is the region tag sane? */
139 if (!(entry.info.type == REGION_TAG_TYPE &&
140 entry.info.count == REGION_TAG_COUNT)) {
142 _("region tag: BAD, tag %d type %d offset %d count %d\n"),
143 entry.info.tag, entry.info.type,
144 entry.info.offset, entry.info.count);
148 /* Is the trailer within the data area? */
149 if (entry.info.offset + REGION_TAG_COUNT > dl) {
151 _("region offset: BAD, tag %d type %d offset %d count %d\n"),
152 entry.info.tag, entry.info.type,
153 entry.info.offset, entry.info.count);
157 /* Is there an immutable header region tag trailer? */
158 dataEnd = dataStart + entry.info.offset;
159 (void) memcpy(&info, dataEnd, REGION_TAG_COUNT);
160 /* XXX Really old packages have HEADER_IMAGE, not HEADER_SIGNATURES. */
161 if (info.tag == htonl(RPMTAG_HEADERIMAGE)) {
162 rpmTagVal stag = htonl(RPMTAG_HEADERSIGNATURES);
164 memcpy(dataEnd, &stag, sizeof(stag));
166 dataEnd += REGION_TAG_COUNT;
168 xx = headerVerifyInfo(1, il * sizeof(*pe), &info, &entry.info, 1);
170 !((entry.info.tag == RPMTAG_HEADERSIGNATURES || entry.info.tag == RPMTAG_HEADERIMAGE)
171 && entry.info.type == REGION_TAG_TYPE
172 && entry.info.count == REGION_TAG_COUNT))
175 _("region trailer: BAD, tag %d type %d offset %d count %d\n"),
176 entry.info.tag, entry.info.type,
177 entry.info.offset, entry.info.count);
180 memset(&info, 0, sizeof(info));
182 /* Is the no. of tags in the region less than the total no. of tags? */
183 ril = entry.info.offset/sizeof(*pe);
184 if ((entry.info.offset % sizeof(*pe)) || ril > il) {
185 rasprintf(&buf, _("region size: BAD, ril(%d) > il(%d)\n"), ril, il);
190 /* Sanity check signature tags */
191 memset(&info, 0, sizeof(info));
192 for (i = 1; i < il; i++) {
193 xx = headerVerifyInfo(1, dl, pe+i, &entry.info, 0);
196 _("sigh tag[%d]: BAD, tag %d type %d offset %d count %d\n"),
197 i, entry.info.tag, entry.info.type,
198 entry.info.offset, entry.info.count);
203 /* OK, blob looks sane, load the header. */
204 sigh = headerImport(ei, uc, 0);
206 rasprintf(&buf, _("sigh load: BAD\n"));
210 { size_t sigSize = headerSizeof(sigh, HEADER_MAGIC_YES);
211 size_t pad = (8 - (sigSize % 8)) % 8; /* 8-byte pad */
213 struct rpmtd_s sizetag;
214 rpm_loff_t archSize = 0;
216 /* Position at beginning of header. */
217 if (pad && (trc = Freadall(fd, block, pad)) != pad) {
219 _("sigh pad(%zd): BAD, read %zd bytes\n"), pad, trc);
223 /* Print package component sizes. */
224 if (headerGet(sigh, RPMSIGTAG_LONGSIZE, &sizetag, HEADERGET_DEFAULT)) {
225 rpm_loff_t *tsize = rpmtdGetUint64(&sizetag);
226 archSize = (tsize) ? *tsize : 0;
227 } else if (headerGet(sigh, RPMSIGTAG_SIZE, &sizetag, HEADERGET_DEFAULT)) {
228 rpm_off_t *tsize = rpmtdGetUint32(&sizetag);
229 archSize = (tsize) ? *tsize : 0;
231 rpmtdFreeData(&sizetag);
232 rc = printSize(fd, sigSize, pad, archSize);
233 if (rc != RPMRC_OK) {
235 _("sigh sigSize(%zd): BAD, fstat(2) failed\n"), sigSize);
239 ei = NULL; /* XXX will be freed with header */
242 if (sighp && sigh && rc == RPMRC_OK)
243 *sighp = headerLink(sigh);
256 int rpmWriteSignature(FD_t fd, Header sigh)
258 static uint8_t buf[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
262 rc = headerWrite(fd, sigh, HEADER_MAGIC_YES);
266 sigSize = headerSizeof(sigh, HEADER_MAGIC_YES);
267 pad = (8 - (sigSize % 8)) % 8;
269 if (Fwrite(buf, sizeof(buf[0]), pad, fd) != pad)
272 rpmlog(RPMLOG_DEBUG, "Signature: size(%d)+pad(%d)\n", sigSize, pad);
276 Header rpmNewSignature(void)
278 Header sigh = headerNew();
282 Header rpmFreeSignature(Header sigh)
284 return headerFree(sigh);
287 static int makeHDRDigest(Header sigh, const char * file, rpmTagVal sigTag)
292 int ret = -1; /* assume failure. */
296 fd = Fopen(file, "r.fdio");
297 if (fd == NULL || Ferror(fd))
299 h = headerRead(fd, HEADER_MAGIC_YES);
303 if (headerIsEntry(h, RPMTAG_HEADERIMMUTABLE)) {
307 if (!headerGet(h, RPMTAG_HEADERIMMUTABLE, &utd, HEADERGET_DEFAULT)
311 _("Immutable header region could not be read. "
312 "Corrupted package?\n"));
315 ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
316 (void) rpmDigestUpdate(ctx, rpm_header_magic, sizeof(rpm_header_magic));
317 (void) rpmDigestUpdate(ctx, utd.data, utd.count);
318 (void) rpmDigestFinal(ctx, (void **)&SHA1, NULL, 1);
321 rpmlog(RPMLOG_ERR, _("Cannot sign RPM v3 packages\n"));
327 if (!sighdrPut(sigh, RPMSIGTAG_SHA1, RPM_STRING_TYPE, SHA1, 1))
338 if (fd != NULL) (void) Fclose(fd);
342 int rpmGenDigest(Header sigh, const char * file, rpmTagVal sigTag)
345 uint8_t * pkt = NULL;
347 int ret = -1; /* assume failure. */
350 case RPMSIGTAG_SIZE: {
352 if (stat(file, &st) != 0)
355 if (!sighdrPut(sigh, sigTag, RPM_INT32_TYPE, &size, 1))
359 case RPMSIGTAG_LONGSIZE: {
361 if (stat(file, &st) != 0)
364 if (!sighdrPut(sigh, sigTag, RPM_INT64_TYPE, &size, 1))
370 pkt = xcalloc(pktlen, sizeof(*pkt));
371 if (rpmDoDigest(PGPHASHALGO_MD5, file, 0, pkt, NULL)
372 || !sighdrPut(sigh, sigTag, RPM_BIN_TYPE, pkt, pktlen))
377 ret = makeHDRDigest(sigh, file, sigTag);
387 static const char * rpmSigString(rpmRC res)
391 case RPMRC_OK: str = "OK"; break;
392 case RPMRC_FAIL: str = "BAD"; break;
393 case RPMRC_NOKEY: str = "NOKEY"; break;
394 case RPMRC_NOTTRUSTED: str = "NOTRUSTED"; break;
396 case RPMRC_NOTFOUND: str = "UNKNOWN"; break;
402 verifyMD5Digest(rpmtd sigtd, DIGEST_CTX md5ctx, char **msg)
404 rpmRC res = RPMRC_FAIL; /* assume failure */
405 uint8_t * md5sum = NULL;
408 const char *title = _("MD5 digest:");
410 DIGEST_CTX ctx = rpmDigestDup(md5ctx);
413 rasprintf(msg, "%s %s\n", title, rpmSigString(res));
417 (void) rpmDigestFinal(ctx, (void **)&md5sum, &md5len, 0);
419 md5 = pgpHexStr(md5sum, md5len);
420 if (md5len != sigtd->count || memcmp(md5sum, sigtd->data, md5len)) {
421 char *hex = rpmtdFormat(sigtd, RPMTD_FORMAT_STRING, NULL);
422 rasprintf(msg, "%s %s Expected(%s) != (%s)\n", title,
423 rpmSigString(res), hex, md5);
427 rasprintf(msg, "%s %s (%s)\n", title, rpmSigString(res), md5);
432 md5sum = _free(md5sum);
437 * Verify header immutable region SHA1 digest.
438 * @retval msg verbose success/failure text
440 * @return RPMRC_OK on success
443 verifySHA1Digest(rpmtd sigtd, DIGEST_CTX sha1ctx, char **msg)
445 rpmRC res = RPMRC_FAIL; /* assume failure */
447 const char *title = _("Header SHA1 digest:");
448 const char *sig = sigtd->data;
450 DIGEST_CTX ctx = rpmDigestDup(sha1ctx);
453 rasprintf(msg, "%s %s\n", title, rpmSigString(res));
457 (void) rpmDigestFinal(ctx, (void **)&SHA1, NULL, 1);
459 if (SHA1 == NULL || !rstreq(SHA1, sig)) {
460 rasprintf(msg, "%s %s Expected(%s) != (%s)\n", title,
461 rpmSigString(res), sig, SHA1 ? SHA1 : "(nil)");
464 rasprintf(msg, "%s %s (%s)\n", title, rpmSigString(res), SHA1);
473 * Verify DSA/RSA signature.
474 * @param keyring pubkey keyring
475 * @param sig OpenPGP signature parameters
476 * @param hashctx digest context
477 * @param isHdr header-only signature?
478 * @retval msg verbose success/failure text
479 * @return RPMRC_OK on success
482 verifySignature(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX hashctx,
483 int isHdr, char **msg)
486 rpmRC res = rpmKeyringVerifySig(keyring, sig, hashctx);
488 char *sigid = pgpIdentItem(sig);
489 rasprintf(msg, "%s%s: %s\n", isHdr ? _("Header ") : "", sigid,
496 rpmVerifySignature(rpmKeyring keyring, rpmtd sigtd, pgpDigParams sig,
497 DIGEST_CTX ctx, char ** result)
499 rpmRC res = RPMRC_NOTFOUND;
503 if (sigtd->data == NULL || sigtd->count <= 0 || ctx == NULL)
506 switch (sigtd->tag) {
508 res = verifyMD5Digest(sigtd, ctx, &msg);
511 res = verifySHA1Digest(sigtd, ctx, &msg);
517 case RPMSIGTAG_PGP5: /* XXX legacy */
521 res = verifySignature(keyring, sig, ctx, hdrsig, &msg);
528 if (res == RPMRC_NOTFOUND) {
530 _("Verify signature: BAD PARAMETERS (%d %p %d %p %p)\n"),
531 sigtd->tag, sigtd->data, sigtd->count, ctx, sig);