2 * \file lib/signature.c
9 #include <rpm/rpmtag.h>
10 #include <rpm/rpmlib.h> /* XXX RPMSIGTAG* & related */
11 #include <rpm/rpmmacro.h> /* XXX for rpmGetPath() */
12 #include <rpm/rpmdb.h>
13 #include <rpm/rpmstring.h>
14 #include <rpm/rpmfileutil.h>
15 #include <rpm/rpmlog.h>
16 #include <rpm/rpmts.h>
18 #include "rpmio/digest.h"
19 #include "lib/misc.h" /* XXX for dosetenv() */
20 #include "lib/rpmlead.h"
21 #include "lib/signature.h"
22 #include "rpmdb/header_internal.h"
26 #if !defined(__GLIBC__) && !defined(__APPLE__)
27 char ** environ = NULL;
30 int rpmLookupSignatureType(int action)
32 static int disabled = 0;
36 case RPMLOOKUPSIG_DISABLE:
39 case RPMLOOKUPSIG_ENABLE:
41 case RPMLOOKUPSIG_QUERY:
44 { char *name = rpmExpand("%{?_signature}", NULL);
45 if (!(name && *name != '\0'))
47 else if (!xstrcasecmp(name, "none"))
49 else if (!xstrcasecmp(name, "pgp"))
51 else if (!xstrcasecmp(name, "pgp5")) /* XXX legacy */
53 else if (!xstrcasecmp(name, "gpg"))
56 rc = -1; /* Invalid %_signature spec in macro file */
63 /* rpmDetectPGPVersion() returns the absolute path to the "pgp" */
64 /* executable of the requested version, or NULL when none found. */
66 const char * rpmDetectPGPVersion(pgpVersion * pgpVer)
68 /* Actually this should support having more then one pgp version. */
69 /* At the moment only one version is possible since we only */
70 /* have one %_pgpbin and one %_pgp_path. */
72 static pgpVersion saved_pgp_version = PGP_UNKNOWN;
73 char *pgpbin = rpmGetPath("%{?_pgpbin}", NULL);
75 if (saved_pgp_version == PGP_UNKNOWN) {
79 if (!(pgpbin && pgpbin[0] != '\0')) {
80 pgpbin = _free(pgpbin);
81 saved_pgp_version = -1;
84 pgpvbin = (char *)alloca(strlen(pgpbin) + sizeof("v"));
85 (void)stpcpy(stpcpy(pgpvbin, pgpbin), "v");
87 if (stat(pgpvbin, &st) == 0)
88 saved_pgp_version = PGP_5;
89 else if (stat(pgpbin, &st) == 0)
90 saved_pgp_version = PGP_2;
92 saved_pgp_version = PGP_NOTDETECTED;
96 *pgpVer = saved_pgp_version;
101 * Print package size.
102 * @todo rpmio: use fdSize rather than fstat(2) to get file size.
103 * @param fd package file handle
104 * @param siglen signature header size
105 * @param pad signature padding
106 * @param datalen length of header+payload
107 * @return rpmRC return code
109 static inline rpmRC printSize(FD_t fd, size_t siglen, size_t pad, rpm_off_t datalen)
112 int fdno = Fileno(fd);
114 if (fstat(fdno, &st) < 0)
118 _("Expected size: %12zd = lead(%d)+sigs(%zd)+pad(%zd)+data(%d)\n"),
119 RPMLEAD_SIZE+siglen+pad+datalen,
120 RPMLEAD_SIZE, siglen, pad, datalen);
122 _(" Actual size: %12d\n"), (int)st.st_size);
127 /* XXX sigh yet another duplicate.. */
128 static unsigned char const header_magic[8] = {
129 0x8e, 0xad, 0xe8, 0x01, 0x00, 0x00, 0x00, 0x00
132 rpmRC rpmReadSignature(FD_t fd, Header * sighp, sigType sig_type, char ** msg)
142 indexEntry entry = memset(alloca(sizeof(*entry)), 0, sizeof(*entry));
143 entryInfo info = memset(alloca(sizeof(*info)), 0, sizeof(*info));
144 unsigned char * dataStart;
145 unsigned char * dataEnd = NULL;
147 rpmRC rc = RPMRC_FAIL; /* assume failure */
156 if (sig_type != RPMSIGTYPE_HEADERSIG)
159 memset(block, 0, sizeof(block));
160 if ((xx = timedRead(fd, (void *)block, sizeof(block))) != sizeof(block)) {
161 (void) snprintf(buf, sizeof(buf),
162 _("sigh size(%d): BAD, read returned %d\n"), (int)sizeof(block), xx);
165 if (memcmp(block, header_magic, sizeof(header_magic))) {
166 (void) snprintf(buf, sizeof(buf),
167 _("sigh magic: BAD\n"));
170 il = ntohl(block[2]);
171 if (il < 0 || il > 32) {
172 (void) snprintf(buf, sizeof(buf),
173 _("sigh tags: BAD, no. of tags(%d) out of range\n"), il);
176 dl = ntohl(block[3]);
177 if (dl < 0 || dl > 8192) {
178 (void) snprintf(buf, sizeof(buf),
179 _("sigh data: BAD, no. of bytes(%d) out of range\n"), dl);
183 nb = (il * sizeof(struct entryInfo_s)) + dl;
184 ei = xmalloc(sizeof(il) + sizeof(dl) + nb);
187 pe = (entryInfo) &ei[2];
188 dataStart = (unsigned char *) (pe + il);
189 if ((xx = timedRead(fd, (void *)pe, nb)) != nb) {
190 (void) snprintf(buf, sizeof(buf),
191 _("sigh blob(%d): BAD, read returned %d\n"), (int)nb, xx);
195 /* Check (and convert) the 1st tag element. */
196 xx = headerVerifyInfo(1, dl, pe, &entry->info, 0);
198 (void) snprintf(buf, sizeof(buf),
199 _("tag[%d]: BAD, tag %d type %d offset %d count %d\n"),
200 0, entry->info.tag, entry->info.type,
201 entry->info.offset, entry->info.count);
205 /* Is there an immutable header region tag? */
206 if (entry->info.tag == RPMTAG_HEADERSIGNATURES
207 && entry->info.type == RPM_BIN_TYPE
208 && entry->info.count == REGION_TAG_COUNT)
211 if (entry->info.offset >= dl) {
212 (void) snprintf(buf, sizeof(buf),
213 _("region offset: BAD, tag %d type %d offset %d count %d\n"),
214 entry->info.tag, entry->info.type,
215 entry->info.offset, entry->info.count);
219 /* Is there an immutable header region tag trailer? */
220 dataEnd = dataStart + entry->info.offset;
221 (void) memcpy(info, dataEnd, REGION_TAG_COUNT);
222 /* XXX Really old packages have HEADER_IMAGE, not HEADER_SIGNATURES. */
223 if (info->tag == htonl(RPMTAG_HEADERIMAGE)) {
224 rpmSigTag stag = htonl(RPMTAG_HEADERSIGNATURES);
226 memcpy(dataEnd, &stag, sizeof(stag));
228 dataEnd += REGION_TAG_COUNT;
230 xx = headerVerifyInfo(1, dl, info, &entry->info, 1);
232 !((entry->info.tag == RPMTAG_HEADERSIGNATURES || entry->info.tag == RPMTAG_HEADERIMAGE)
233 && entry->info.type == RPM_BIN_TYPE
234 && entry->info.count == REGION_TAG_COUNT))
236 (void) snprintf(buf, sizeof(buf),
237 _("region trailer: BAD, tag %d type %d offset %d count %d\n"),
238 entry->info.tag, entry->info.type,
239 entry->info.offset, entry->info.count);
242 memset(info, 0, sizeof(*info));
244 /* Is the no. of tags in the region less than the total no. of tags? */
245 ril = entry->info.offset/sizeof(*pe);
246 if ((entry->info.offset % sizeof(*pe)) || ril > il) {
247 (void) snprintf(buf, sizeof(buf),
248 _("region size: BAD, ril(%d) > il(%d)\n"), ril, il);
253 /* Sanity check signature tags */
254 memset(info, 0, sizeof(*info));
255 for (i = 1; i < il; i++) {
256 xx = headerVerifyInfo(1, dl, pe+i, &entry->info, 0);
258 (void) snprintf(buf, sizeof(buf),
259 _("sigh tag[%d]: BAD, tag %d type %d offset %d count %d\n"),
260 i, entry->info.tag, entry->info.type,
261 entry->info.offset, entry->info.count);
266 /* OK, blob looks sane, load the header. */
267 sigh = headerLoad(ei);
269 (void) snprintf(buf, sizeof(buf), _("sigh load: BAD\n"));
272 sigh->flags |= HEADERFLAG_ALLOCATED;
274 { size_t sigSize = headerSizeof(sigh, HEADER_MAGIC_YES);
275 size_t pad = (8 - (sigSize % 8)) % 8; /* 8-byte pad */
277 rpm_off_t * archSize = NULL;
279 /* Position at beginning of header. */
280 if (pad && (trc = timedRead(fd, (void *)block, pad)) != pad) {
281 (void) snprintf(buf, sizeof(buf),
282 _("sigh pad(%zd): BAD, read %zd bytes\n"), pad, trc);
286 /* Print package component sizes. */
287 if (headerGetEntry(sigh, RPMSIGTAG_SIZE, NULL,(rpm_data_t *)&archSize, NULL)) {
288 rc = printSize(fd, sigSize, pad, *archSize);
290 (void) snprintf(buf, sizeof(buf),
291 _("sigh sigSize(%zd): BAD, fstat(2) failed\n"), sigSize);
296 if (sighp && sigh && rc == RPMRC_OK)
297 *sighp = headerLink(sigh);
298 sigh = headerFree(sigh);
301 buf[sizeof(buf)-1] = '\0';
308 int rpmWriteSignature(FD_t fd, Header sigh)
310 static uint8_t buf[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
314 rc = headerWrite(fd, sigh, HEADER_MAGIC_YES);
318 sigSize = headerSizeof(sigh, HEADER_MAGIC_YES);
319 pad = (8 - (sigSize % 8)) % 8;
321 if (Fwrite(buf, sizeof(buf[0]), pad, fd) != pad)
324 rpmlog(RPMLOG_DEBUG, _("Signature: size(%d)+pad(%d)\n"), sigSize, pad);
328 Header rpmNewSignature(void)
330 Header sigh = headerNew();
334 Header rpmFreeSignature(Header sigh)
336 return headerFree(sigh);
340 * Generate PGP signature(s) for a header+payload file.
341 * @param file header+payload file name
342 * @retval *sigTagp signature tag
343 * @retval *pktp signature packet(s)
344 * @retval *pktlenp signature packet(s) length
345 * @param passPhrase private key pass phrase
346 * @return 0 on success, 1 on failure
348 static int makePGPSignature(const char * file, rpmSigTag * sigTagp,
349 uint8_t ** pktp, size_t * pktlenp,
350 const char * passPhrase)
352 char * sigfile = alloca(1024);
360 pgpDigParams sigp = NULL;
364 (void) stpcpy( stpcpy(sigfile, file), ".sig");
366 addMacro(NULL, "__plaintext_filename", NULL, file, -1);
367 addMacro(NULL, "__signature_filename", NULL, sigfile, -1);
369 inpipe[0] = inpipe[1] = 0;
372 if (!(pid = fork())) {
373 const char *pgp_path = rpmExpand("%{?_pgp_path}", NULL);
377 (void) dup2(inpipe[0], 3);
378 (void) close(inpipe[1]);
380 (void) dosetenv("PGPPASSFD", "3", 1);
381 if (pgp_path && *pgp_path != '\0')
382 (void) dosetenv("PGPPATH", pgp_path, 1);
384 /* dosetenv("PGPPASS", passPhrase, 1); */
386 unsetenv("MALLOC_CHECK_");
387 if ((path = rpmDetectPGPVersion(&pgpVer)) != NULL) {
390 cmd = rpmExpand("%{?__pgp_sign_cmd}", NULL);
391 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
393 rc = execve(av[0], av+1, environ);
396 cmd = rpmExpand("%{?__pgp5_sign_cmd}", NULL);
397 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
399 rc = execve(av[0], av+1, environ);
402 case PGP_NOTDETECTED:
407 rpmlog(RPMLOG_ERR, _("Could not exec %s: %s\n"), "pgp",
412 delMacro(NULL, "__plaintext_filename");
413 delMacro(NULL, "__signature_filename");
415 (void) close(inpipe[0]);
417 (void) write(inpipe[1], passPhrase, strlen(passPhrase));
418 (void) write(inpipe[1], "\n", 1);
419 (void) close(inpipe[1]);
421 (void)waitpid(pid, &status, 0);
422 if (!WIFEXITED(status) || WEXITSTATUS(status)) {
423 rpmlog(RPMLOG_ERR, _("pgp failed\n"));
427 if (stat(sigfile, &st)) {
428 /* PGP failed to write signature */
429 if (sigfile) (void) unlink(sigfile); /* Just in case */
430 rpmlog(RPMLOG_ERR, _("pgp failed to write signature\n"));
434 *pktlenp = st.st_size;
435 rpmlog(RPMLOG_DEBUG, _("PGP sig size: %zd\n"), *pktlenp);
436 *pktp = xmalloc(*pktlenp);
441 fd = Fopen(sigfile, "r.fdio");
442 if (fd != NULL && !Ferror(fd)) {
443 rc = timedRead(fd, (void *)*pktp, *pktlenp);
444 if (sigfile) (void) unlink(sigfile);
447 if (rc != *pktlenp) {
448 *pktp = _free(*pktp);
449 rpmlog(RPMLOG_ERR, _("unable to read the signature\n"));
454 rpmlog(RPMLOG_DEBUG, _("Got %zd bytes of PGP sig\n"), *pktlenp);
457 /* Parse the signature, change signature tag as appropriate. */
460 (void) pgpPrtPkts(*pktp, *pktlenp, dig, 0);
461 sigp = &dig->signature;
463 dig = pgpFreeDig(dig);
470 * Generate GPG signature(s) for a header+payload file.
471 * @param file header+payload file name
472 * @retval *sigTagp signature tag
473 * @retval *pktp signature packet(s)
474 * @retval *pktlenp signature packet(s) length
475 * @param passPhrase private key pass phrase
476 * @return 0 on success, 1 on failure
478 static int makeGPGSignature(const char * file, rpmSigTag * sigTagp,
479 uint8_t ** pktp, size_t * pktlenp,
480 const char * passPhrase)
482 char * sigfile = alloca(strlen(file)+sizeof(".sig"));
490 pgpDigParams sigp = NULL;
493 (void) stpcpy( stpcpy(sigfile, file), ".sig");
495 addMacro(NULL, "__plaintext_filename", NULL, file, -1);
496 addMacro(NULL, "__signature_filename", NULL, sigfile, -1);
498 inpipe[0] = inpipe[1] = 0;
501 if (!(pid = fork())) {
502 const char *gpg_path = rpmExpand("%{?_gpg_path}", NULL);
504 (void) dup2(inpipe[0], 3);
505 (void) close(inpipe[1]);
507 if (gpg_path && *gpg_path != '\0')
508 (void) dosetenv("GNUPGHOME", gpg_path, 1);
509 (void) dosetenv("LC_ALL", "C", 1);
511 unsetenv("MALLOC_CHECK_");
512 cmd = rpmExpand("%{?__gpg_sign_cmd}", NULL);
513 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
515 rc = execve(av[0], av+1, environ);
517 rpmlog(RPMLOG_ERR, _("Could not exec %s: %s\n"), "gpg",
522 delMacro(NULL, "__plaintext_filename");
523 delMacro(NULL, "__signature_filename");
525 fpipe = fdopen(inpipe[1], "w");
526 (void) close(inpipe[0]);
528 fprintf(fpipe, "%s\n", (passPhrase ? passPhrase : ""));
529 (void) fclose(fpipe);
532 (void) waitpid(pid, &status, 0);
533 if (!WIFEXITED(status) || WEXITSTATUS(status)) {
534 rpmlog(RPMLOG_ERR, _("gpg exec failed (%d)\n"), WEXITSTATUS(status));
538 if (stat(sigfile, &st)) {
539 /* GPG failed to write signature */
540 if (sigfile) (void) unlink(sigfile); /* Just in case */
541 rpmlog(RPMLOG_ERR, _("gpg failed to write signature\n"));
545 *pktlenp = st.st_size;
546 rpmlog(RPMLOG_DEBUG, _("GPG sig size: %zd\n"), *pktlenp);
547 *pktp = xmalloc(*pktlenp);
552 fd = Fopen(sigfile, "r.fdio");
553 if (fd != NULL && !Ferror(fd)) {
554 rc = timedRead(fd, (void *)*pktp, *pktlenp);
555 if (sigfile) (void) unlink(sigfile);
558 if (rc != *pktlenp) {
559 *pktp = _free(*pktp);
560 rpmlog(RPMLOG_ERR, _("unable to read the signature\n"));
565 rpmlog(RPMLOG_DEBUG, _("Got %zd bytes of GPG sig\n"), *pktlenp);
567 /* Parse the signature, change signature tag as appropriate. */
570 (void) pgpPrtPkts(*pktp, *pktlenp, dig, 0);
571 sigp = &dig->signature;
579 /* XXX check MD5 hash too? */
580 if (sigp->pubkey_algo == PGPPUBKEYALGO_RSA)
581 *sigTagp = RPMSIGTAG_PGP;
583 case RPMSIGTAG_PGP5: /* XXX legacy */
585 if (sigp->pubkey_algo == PGPPUBKEYALGO_DSA)
586 *sigTagp = RPMSIGTAG_GPG;
589 /* XXX check MD5 hash too? */
590 if (sigp->pubkey_algo == PGPPUBKEYALGO_RSA)
591 *sigTagp = RPMSIGTAG_RSA;
594 if (sigp->pubkey_algo == PGPPUBKEYALGO_DSA)
595 *sigTagp = RPMSIGTAG_DSA;
598 case RPMSIGTAG_LEMD5_1:
599 case RPMSIGTAG_LEMD5_2:
600 case RPMSIGTAG_BADSHA1_1:
601 case RPMSIGTAG_BADSHA1_2:
602 case RPMSIGTAG_PAYLOADSIZE:
606 dig = pgpFreeDig(dig);
612 * Generate header only signature(s) from a header+payload file.
613 * @param sigh signature header
614 * @param file header+payload file name
615 * @param sigTag type of signature(s) to add
616 * @param passPhrase private key pass phrase
617 * @return 0 on success, -1 on failure
619 static int makeHDRSignature(Header sigh, const char * file, rpmSigTag sigTag,
620 const char * passPhrase)
628 int ret = -1; /* assume failure. */
633 case RPMSIGTAG_PGP5: /* XXX legacy */
639 fd = Fopen(file, "r.fdio");
640 if (fd == NULL || Ferror(fd))
642 h = headerRead(fd, HEADER_MAGIC_YES);
645 (void) Fclose(fd); fd = NULL;
647 if (headerIsEntry(h, RPMTAG_HEADERIMMUTABLE)) {
653 if (!headerGetEntry(h, RPMTAG_HEADERIMMUTABLE, &uht, &uh, &uhc)
659 ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
660 (void) rpmDigestUpdate(ctx, header_magic, sizeof(header_magic));
661 (void) rpmDigestUpdate(ctx, uh, uhc);
662 (void) rpmDigestFinal(ctx, (void **)&SHA1, NULL, 1);
663 uh = headerFreeData(uh, uht);
669 if (!headerAddEntry(sigh, RPMSIGTAG_SHA1, RPM_STRING_TYPE, SHA1, 1))
674 fd = Fopen(file, "r.fdio");
675 if (fd == NULL || Ferror(fd))
677 h = headerRead(fd, HEADER_MAGIC_YES);
680 (void) Fclose(fd); fd = NULL;
681 if (rpmMkTempFile(NULL, &fn, &fd))
683 if (headerWrite(fd, h, HEADER_MAGIC_YES))
685 (void) Fclose(fd); fd = NULL;
686 if (makeGPGSignature(fn, &sigTag, &pkt, &pktlen, passPhrase)
687 || !headerAddEntry(sigh, sigTag, RPM_BIN_TYPE, pkt, pktlen))
692 fd = Fopen(file, "r.fdio");
693 if (fd == NULL || Ferror(fd))
695 h = headerRead(fd, HEADER_MAGIC_YES);
698 (void) Fclose(fd); fd = NULL;
699 if (rpmMkTempFile(NULL, &fn, &fd))
701 if (headerWrite(fd, h, HEADER_MAGIC_YES))
703 (void) Fclose(fd); fd = NULL;
704 if (makePGPSignature(fn, &sigTag, &pkt, &pktlen, passPhrase)
705 || !headerAddEntry(sigh, sigTag, RPM_BIN_TYPE, pkt, pktlen))
710 case RPMSIGTAG_LEMD5_1:
711 case RPMSIGTAG_LEMD5_2:
712 case RPMSIGTAG_BADSHA1_1:
713 case RPMSIGTAG_BADSHA1_2:
714 case RPMSIGTAG_PAYLOADSIZE:
725 if (fd != NULL) (void) Fclose(fd);
729 int rpmAddSignature(Header sigh, const char * file, rpmSigTag sigTag,
730 const char * passPhrase)
735 int ret = -1; /* assume failure. */
739 if (stat(file, &st) != 0)
742 if (!headerAddEntry(sigh, sigTag, RPM_INT32_TYPE, &pktlen, 1))
748 pkt = memset(alloca(pktlen), 0, pktlen);
749 if (rpmDoDigest(PGPHASHALGO_MD5, file, 0, pkt, NULL)
750 || !headerAddEntry(sigh, sigTag, RPM_BIN_TYPE, pkt, pktlen))
754 case RPMSIGTAG_PGP5: /* XXX legacy */
756 if (makePGPSignature(file, &sigTag, &pkt, &pktlen, passPhrase)
757 || !headerAddEntry(sigh, sigTag, RPM_BIN_TYPE, pkt, pktlen))
759 #ifdef NOTYET /* XXX needs hdrmd5ctx, like hdrsha1ctx. */
760 /* XXX Piggyback a header-only RSA signature as well. */
761 ret = makeHDRSignature(sigh, file, RPMSIGTAG_RSA, passPhrase);
766 if (makeGPGSignature(file, &sigTag, &pkt, &pktlen, passPhrase)
767 || !headerAddEntry(sigh, sigTag, RPM_BIN_TYPE, pkt, pktlen))
769 /* XXX Piggyback a header-only DSA signature as well. */
770 ret = makeHDRSignature(sigh, file, RPMSIGTAG_DSA, passPhrase);
775 ret = makeHDRSignature(sigh, file, sigTag, passPhrase);
778 case RPMSIGTAG_LEMD5_1:
779 case RPMSIGTAG_LEMD5_2:
780 case RPMSIGTAG_BADSHA1_1:
781 case RPMSIGTAG_BADSHA1_2:
782 case RPMSIGTAG_PAYLOADSIZE:
789 static int checkPassPhrase(const char * passPhrase, const rpmSigTag sigTag)
791 int passPhrasePipe[2];
796 passPhrasePipe[0] = passPhrasePipe[1] = 0;
797 xx = pipe(passPhrasePipe);
798 if (!(pid = fork())) {
803 xx = close(STDIN_FILENO);
804 xx = close(STDOUT_FILENO);
805 xx = close(passPhrasePipe[1]);
806 if (! rpmIsVerbose())
807 xx = close(STDERR_FILENO);
808 if ((fdno = open("/dev/null", O_RDONLY)) != STDIN_FILENO) {
809 xx = dup2(fdno, STDIN_FILENO);
812 if ((fdno = open("/dev/null", O_WRONLY)) != STDOUT_FILENO) {
813 xx = dup2(fdno, STDOUT_FILENO);
816 xx = dup2(passPhrasePipe[0], 3);
818 unsetenv("MALLOC_CHECK_");
822 { const char *gpg_path = rpmExpand("%{?_gpg_path}", NULL);
824 if (gpg_path && *gpg_path != '\0')
825 (void) dosetenv("GNUPGHOME", gpg_path, 1);
827 cmd = rpmExpand("%{?__gpg_check_password_cmd}", NULL);
828 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
830 rc = execve(av[0], av+1, environ);
832 rpmlog(RPMLOG_ERR, _("Could not exec %s: %s\n"), "gpg",
836 case RPMSIGTAG_PGP5: /* XXX legacy */
838 { const char *pgp_path = rpmExpand("%{?_pgp_path}", NULL);
842 (void) dosetenv("PGPPASSFD", "3", 1);
843 if (pgp_path && *pgp_path != '\0')
844 xx = dosetenv("PGPPATH", pgp_path, 1);
846 if ((path = rpmDetectPGPVersion(&pgpVer)) != NULL) {
849 cmd = rpmExpand("%{?__pgp_check_password_cmd}", NULL);
850 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
852 rc = execve(av[0], av+1, environ);
854 case PGP_5: /* XXX legacy */
855 cmd = rpmExpand("%{?__pgp5_check_password_cmd}", NULL);
856 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
858 rc = execve(av[0], av+1, environ);
861 case PGP_NOTDETECTED:
865 rpmlog(RPMLOG_ERR, _("Could not exec %s: %s\n"), "pgp",
869 default: /* This case should have been screened out long ago. */
870 rpmlog(RPMLOG_ERR, _("Invalid %%_signature spec in macro file\n"));
876 xx = close(passPhrasePipe[0]);
877 xx = write(passPhrasePipe[1], passPhrase, strlen(passPhrase));
878 xx = write(passPhrasePipe[1], "\n", 1);
879 xx = close(passPhrasePipe[1]);
881 (void) waitpid(pid, &status, 0);
883 return ((!WIFEXITED(status) || WEXITSTATUS(status)) ? 1 : 0);
886 char * rpmGetPassPhrase(const char * prompt, const rpmSigTag sigTag)
894 { char *name = rpmExpand("%{?_gpg_name}", NULL);
895 aok = (name && *name != '\0');
901 _("You must set \"%%_gpg_name\" in your macro file\n"));
904 case RPMSIGTAG_PGP5: /* XXX legacy */
906 { char *name = rpmExpand("%{?_pgp_name}", NULL);
907 aok = (name && *name != '\0');
913 _("You must set \"%%_pgp_name\" in your macro file\n"));
916 /* Currently the calling function (rpm.c:main) is checking this and
917 * doing a better job. This section should never be accessed.
919 rpmlog(RPMLOG_ERR, _("Invalid %%_signature spec in macro file\n"));
924 pass = getpass( (prompt ? prompt : "") );
926 if (checkPassPhrase(pass, sigTag))
933 static const char * rpmSigString(rpmRC res)
937 case RPMRC_OK: str = "OK"; break;
938 case RPMRC_FAIL: str = "BAD"; break;
939 case RPMRC_NOKEY: str = "NOKEY"; break;
940 case RPMRC_NOTTRUSTED: str = "NOTRUSTED"; break;
942 case RPMRC_NOTFOUND: str = "UNKNOWN"; break;
948 verifySizeSignature(const rpmts ts, char * t)
950 rpm_constdata_t sig = rpmtsSig(ts);
951 pgpDig dig = rpmtsDig(ts);
953 size_t size = 0x7fffffff;
956 t = stpcpy(t, _("Header+Payload size: "));
958 if (sig == NULL || dig == NULL || dig->nbytes == 0) {
960 t = stpcpy(t, rpmSigString(res));
964 memcpy(&size, sig, sizeof(size));
966 if (size != dig->nbytes) {
968 t = stpcpy(t, rpmSigString(res));
969 sprintf(t, " Expected(%zd) != (%zd)\n", size, dig->nbytes);
972 t = stpcpy(t, rpmSigString(res));
973 sprintf(t, " (%d)", (int)dig->nbytes);
982 verifyMD5Signature(const rpmts ts, char * t,
985 rpm_constdata_t sig = rpmtsSig(ts);
986 size_t siglen = rpmtsSiglen(ts);
987 pgpDig dig = rpmtsDig(ts);
989 uint8_t * md5sum = NULL;
993 t = stpcpy(t, _("MD5 digest: "));
995 if (md5ctx == NULL || sig == NULL || dig == NULL) {
997 t = stpcpy(t, rpmSigString(res));
1001 (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
1002 (void) rpmDigestFinal(rpmDigestDup(md5ctx),
1003 (void **)&md5sum, &md5len, 0);
1004 (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
1005 rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
1007 if (md5len != siglen || memcmp(md5sum, sig, md5len)) {
1009 t = stpcpy(t, rpmSigString(res));
1010 t = stpcpy(t, " Expected(");
1011 (void) pgpHexCvt(t, sig, siglen);
1013 t = stpcpy(t, ") != (");
1016 t = stpcpy(t, rpmSigString(res));
1017 t = stpcpy(t, " (");
1019 (void) pgpHexCvt(t, md5sum, md5len);
1024 md5sum = _free(md5sum);
1025 t = stpcpy(t, "\n");
1030 * Verify header immutable region SHA1 digest.
1031 * @param ts transaction set
1032 * @retval t verbose success/failure text
1034 * @return RPMRC_OK on success
1037 verifySHA1Signature(const rpmts ts, char * t,
1040 rpm_constdata_t sig = rpmtsSig(ts);
1042 size_t siglen = rpmtsSiglen(ts);
1044 pgpDig dig = rpmtsDig(ts);
1049 t = stpcpy(t, _("Header SHA1 digest: "));
1051 if (sha1ctx == NULL || sig == NULL || dig == NULL) {
1053 t = stpcpy(t, rpmSigString(res));
1057 (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
1058 (void) rpmDigestFinal(rpmDigestDup(sha1ctx),
1059 (void **)&SHA1, NULL, 1);
1060 (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
1062 if (SHA1 == NULL || strlen(SHA1) != strlen(sig) || strcmp(SHA1, sig)) {
1064 t = stpcpy(t, rpmSigString(res));
1065 t = stpcpy(t, " Expected(");
1067 t = stpcpy(t, ") != (");
1070 t = stpcpy(t, rpmSigString(res));
1071 t = stpcpy(t, " (");
1074 t = stpcpy(t, SHA1);
1079 t = stpcpy(t, "\n");
1084 * Convert hex to binary nibble.
1085 * @param c hex character
1086 * @return binary nibble
1088 static inline unsigned char nibble(char c)
1090 if (c >= '0' && c <= '9')
1092 if (c >= 'A' && c <= 'F')
1093 return (c - 'A') + 10;
1094 if (c >= 'a' && c <= 'f')
1095 return (c - 'a') + 10;
1100 * Verify RSA signature.
1101 * @param ts transaction set
1102 * @retval t verbose success/failure text
1104 * @return RPMRC_OK on success
1107 verifyRSASignature(rpmts ts, char * t,
1110 rpm_constdata_t sig = rpmtsSig(ts);
1112 size_t siglen = rpmtsSiglen(ts);
1114 rpmSigTag sigtag = rpmtsSigtag(ts);
1115 pgpDig dig = rpmtsDig(ts);
1116 pgpDigParams sigp = rpmtsSignature(ts);
1118 rpmRC res = RPMRC_OK;
1123 if (dig != NULL && dig->hdrmd5ctx == md5ctx)
1124 t = stpcpy(t, _("Header "));
1126 switch (sigp->version) {
1127 case 3: *t++ = '3'; break;
1128 case 4: *t++ = '4'; break;
1131 if (md5ctx == NULL || sig == NULL || dig == NULL || sigp == NULL) {
1135 /* Verify the desired signature match. */
1136 switch (sigp->pubkey_algo) {
1137 case PGPPUBKEYALGO_RSA:
1138 if (sigtag == RPMSIGTAG_PGP || sigtag == RPMSIGTAG_PGP5 || sigtag == RPMSIGTAG_RSA)
1145 /* Verify the desired hash match. */
1146 /* XXX Values from PKCS#1 v2.1 (aka RFC-3447) */
1147 switch (sigp->hash_algo) {
1148 case PGPHASHALGO_MD5:
1149 t = stpcpy(t, " RSA/MD5");
1150 sigalg = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
1152 case PGPHASHALGO_SHA1:
1153 t = stpcpy(t, " RSA/SHA1");
1154 sigalg = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
1156 case PGPHASHALGO_RIPEMD160:
1159 case PGPHASHALGO_MD2:
1160 t = stpcpy(t, " RSA/MD2");
1161 sigalg = SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
1163 case PGPHASHALGO_TIGER192:
1166 case PGPHASHALGO_HAVAL_5_160:
1169 case PGPHASHALGO_SHA256:
1170 t = stpcpy(t, " RSA/SHA256");
1171 sigalg = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
1173 case PGPHASHALGO_SHA384:
1174 t = stpcpy(t, " RSA/SHA384");
1175 sigalg = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
1177 case PGPHASHALGO_SHA512:
1178 t = stpcpy(t, " RSA/SHA512");
1179 sigalg = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
1183 sigalg = SEC_OID_UNKNOWN;
1187 t = stpcpy(t, _(" signature: "));
1188 if (res != RPMRC_OK) {
1192 (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
1193 { DIGEST_CTX ctx = rpmDigestDup(md5ctx);
1195 if (sigp->hash != NULL)
1196 xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
1198 #ifdef NOTYET /* XXX not for binary/text signatures as in packages. */
1199 if (!(sigp->sigtype == PGPSIGTYPE_BINARY || sigp->sigtype == PGP_SIGTYPE_TEXT)) {
1200 size_t nb = dig->nbytes + sigp->hashlen;
1205 memcpy(trailer+2, &nb, sizeof(nb));
1206 xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
1210 xx = rpmDigestFinal(ctx, (void **)&dig->md5, &dig->md5len, 0);
1211 (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), sigp->hashlen);
1212 rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
1214 /* Compare leading 16 bits of digest for quick check. */
1215 if (memcmp(dig->md5, sigp->signhash16, 2)) {
1219 digest.type = siBuffer;
1220 digest.data = dig->md5;
1221 digest.len = dig->md5len;
1224 /* Retrieve the matching public key. */
1225 res = rpmtsFindPubkey(ts);
1226 if (res != RPMRC_OK)
1229 (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
1230 if (VFY_VerifyDigest(&digest, dig->rsa, dig->rsasig, sigalg, NULL) == SECSuccess)
1234 (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
1237 t = stpcpy(t, rpmSigString(res));
1239 t = stpcpy(t, ", key ID ");
1240 (void) pgpHexCvt(t, sigp->signid+4, sizeof(sigp->signid)-4);
1243 t = stpcpy(t, "\n");
1248 * Verify DSA signature.
1249 * @param ts transaction set
1250 * @retval t verbose success/failure text
1252 * @return RPMRC_OK on success
1255 verifyDSASignature(rpmts ts, char * t,
1258 rpm_constdata_t sig = rpmtsSig(ts);
1260 size_t siglen = rpmtsSiglen(ts);
1262 rpmSigTag sigtag = rpmtsSigtag(ts);
1263 pgpDig dig = rpmtsDig(ts);
1264 pgpDigParams sigp = rpmtsSignature(ts);
1270 if (dig != NULL && dig->hdrsha1ctx == sha1ctx)
1271 t = stpcpy(t, _("Header "));
1273 switch (sigp->version) {
1274 case 3: *t++ = '3'; break;
1275 case 4: *t++ = '4'; break;
1277 t = stpcpy(t, _(" DSA signature: "));
1279 if (sha1ctx == NULL || sig == NULL || dig == NULL || sigp == NULL) {
1284 /* XXX sanity check on sigtag and signature agreement. */
1285 if (!((sigtag == RPMSIGTAG_GPG || sigtag == RPMSIGTAG_DSA)
1286 && sigp->pubkey_algo == PGPPUBKEYALGO_DSA
1287 && sigp->hash_algo == PGPHASHALGO_SHA1))
1293 (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
1294 { DIGEST_CTX ctx = rpmDigestDup(sha1ctx);
1296 if (sigp->hash != NULL)
1297 xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
1299 if (sigp->version == 4) {
1300 size_t nb = sigp->hashlen;
1303 trailer[0] = sigp->version;
1305 memcpy(trailer+2, &nb, sizeof(nb));
1306 xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
1308 xx = rpmDigestFinal(ctx, (void **)&dig->sha1, &dig->sha1len, 0);
1309 (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), sigp->hashlen);
1310 rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
1312 /* Compare leading 16 bits of digest for quick check. */
1313 if (memcmp(dig->sha1, sigp->signhash16, 2)) {
1317 digest.type = siBuffer;
1318 digest.data = dig->sha1;
1319 digest.len = dig->sha1len;
1322 /* Retrieve the matching public key. */
1323 res = rpmtsFindPubkey(ts);
1324 if (res != RPMRC_OK)
1327 (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
1328 if (VFY_VerifyDigest(&digest, dig->dsa, dig->dsasig,
1329 SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST, NULL) == SECSuccess)
1333 (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
1336 t = stpcpy(t, rpmSigString(res));
1338 t = stpcpy(t, ", key ID ");
1339 (void) pgpHexCvt(t, sigp->signid+4, sizeof(sigp->signid)-4);
1342 t = stpcpy(t, "\n");
1347 rpmVerifySignature(const rpmts ts, char * result)
1349 rpm_constdata_t sig = rpmtsSig(ts);
1350 size_t siglen = rpmtsSiglen(ts);
1351 rpmSigTag sigtag = rpmtsSigtag(ts);
1352 pgpDig dig = rpmtsDig(ts);
1355 if (sig == NULL || siglen <= 0 || dig == NULL) {
1356 sprintf(result, _("Verify signature: BAD PARAMETERS\n"));
1357 return RPMRC_NOTFOUND;
1361 case RPMSIGTAG_SIZE:
1362 res = verifySizeSignature(ts, result);
1365 res = verifyMD5Signature(ts, result, dig->md5ctx);
1367 case RPMSIGTAG_SHA1:
1368 res = verifySHA1Signature(ts, result, dig->hdrsha1ctx);
1371 res = verifyRSASignature(ts, result, dig->hdrmd5ctx);
1373 case RPMSIGTAG_PGP5: /* XXX legacy */
1375 res = verifyRSASignature(ts, result,
1376 ((dig->signature.hash_algo == PGPHASHALGO_MD5)
1377 ? dig->md5ctx : dig->sha1ctx));
1380 res = verifyDSASignature(ts, result, dig->hdrsha1ctx);
1383 res = verifyDSASignature(ts, result, dig->sha1ctx);
1385 case RPMSIGTAG_LEMD5_1:
1386 case RPMSIGTAG_LEMD5_2:
1387 sprintf(result, _("Broken MD5 digest: UNSUPPORTED\n"));
1388 res = RPMRC_NOTFOUND;
1391 sprintf(result, _("Signature: UNKNOWN (%d)\n"), sigtag);
1392 res = RPMRC_NOTFOUND;