2 * \file lib/signature.c
7 #include "rpmio_internal.h"
9 #include <rpmmacro.h> /* XXX for rpmGetPath() */
14 #include "misc.h" /* XXX for dosetenv() and makeTempFile() */
15 #include "legacy.h" /* XXX for mdbinfile() */
17 #include "signature.h"
18 #include "header_internal.h"
21 /*@access Header@*/ /* XXX compared with NULL */
22 /*@access FD_t@*/ /* XXX compared with NULL */
23 /*@access DIGEST_CTX@*/ /* XXX compared with NULL */
25 /*@access pgpDigParams@*/
27 #if !defined(__GLIBC__)
28 char ** environ = NULL;
31 int rpmLookupSignatureType(int action)
34 static int disabled = 0;
38 case RPMLOOKUPSIG_DISABLE:
41 case RPMLOOKUPSIG_ENABLE:
44 case RPMLOOKUPSIG_QUERY:
48 { const char *name = rpmExpand("%{?_signature}", NULL);
49 if (!(name && *name != '\0'))
51 else if (!xstrcasecmp(name, "none"))
53 else if (!xstrcasecmp(name, "pgp"))
55 else if (!xstrcasecmp(name, "pgp5")) /* XXX legacy */
57 else if (!xstrcasecmp(name, "gpg"))
60 rc = -1; /* Invalid %_signature spec in macro file */
68 /* rpmDetectPGPVersion() returns the absolute path to the "pgp" */
69 /* executable of the requested version, or NULL when none found. */
71 const char * rpmDetectPGPVersion(pgpVersion * pgpVer)
73 /* Actually this should support having more then one pgp version. */
74 /* At the moment only one version is possible since we only */
75 /* have one %_pgpbin and one %_pgp_path. */
77 static pgpVersion saved_pgp_version = PGP_UNKNOWN;
78 const char *pgpbin = rpmGetPath("%{?_pgpbin}", NULL);
80 if (saved_pgp_version == PGP_UNKNOWN) {
85 if (!(pgpbin && pgpbin[0] != '\0')) {
86 pgpbin = _free(pgpbin);
87 saved_pgp_version = -1;
92 pgpvbin = (char *)alloca(strlen(pgpbin) + sizeof("v"));
93 (void)stpcpy(stpcpy(pgpvbin, pgpbin), "v");
96 if (stat(pgpvbin, &st) == 0)
97 saved_pgp_version = PGP_5;
98 else if (stat(pgpbin, &st) == 0)
99 saved_pgp_version = PGP_2;
101 saved_pgp_version = PGP_NOTDETECTED;
105 if (pgpVer && pgpbin)
106 *pgpVer = saved_pgp_version;
112 * Print package size.
113 * @todo rpmio: use fdSize rather than fstat(2) to get file size.
114 * @param fd package file handle
115 * @param siglen signature header size
116 * @param pad signature padding
117 * @param datalen length of header+payload
118 * @return rpmRC return code
120 static inline rpmRC printSize(FD_t fd, int siglen, int pad, int datalen)
121 /*@globals fileSystem @*/
122 /*@modifies fileSystem @*/
126 if (fstat(Fileno(fd), &st) < 0)
130 rpmMessage(RPMMESS_DEBUG,
131 _("Expected size: %12d = lead(%d)+sigs(%d)+pad(%d)+data(%d)\n"),
132 (int)sizeof(struct rpmlead)+siglen+pad+datalen,
133 (int)sizeof(struct rpmlead), siglen, pad, datalen);
135 rpmMessage(RPMMESS_DEBUG,
136 _(" Actual size: %12d\n"), (int)st.st_size);
142 static unsigned char header_magic[8] = {
143 0x8e, 0xad, 0xe8, 0x01, 0x00, 0x00, 0x00, 0x00
146 rpmRC rpmReadSignature(FD_t fd, Header * sighp, sigType sig_type)
154 indexEntry entry = memset(alloca(sizeof(*entry)), 0, sizeof(*entry));
155 entryInfo info = memset(alloca(sizeof(*info)), 0, sizeof(*info));
157 rpmRC rc = RPMRC_FAIL; /* assume failure */
164 if (sig_type != RPMSIGTYPE_HEADERSIG)
167 if (timedRead(fd, (char *)block, sizeof(block)) != sizeof(block))
169 if (memcmp(block, header_magic, sizeof(header_magic)))
171 il = ntohl(block[2]);
172 if (il < 0 || il > 32)
174 dl = ntohl(block[3]);
175 if (dl < 0 || dl > 8192)
178 nb = (il * sizeof(struct entryInfo_s)) + dl;
179 ei = xmalloc(sizeof(il) + sizeof(dl) + nb);
182 pe = (entryInfo) &ei[2];
183 if (timedRead(fd, (char *)pe, nb) != nb)
186 /* Sanity check signature tags */
187 memset(info, 0, sizeof(*info));
188 for (i = 0; i < il; i++) {
189 xx = headerVerifyInfo(1, dl, pe+i, &entry->info, 0);
194 /* OK, blob looks sane, load the header. */
195 sigh = headerLoad(ei);
198 sigh->flags |= HEADERFLAG_ALLOCATED;
200 { int sigSize = headerSizeof(sigh, HEADER_MAGIC_YES);
201 int pad = (8 - (sigSize % 8)) % 8; /* 8-byte pad */
202 int_32 * archSize = NULL;
204 /* Position at beginning of header. */
205 if (pad && timedRead(fd, (char *)block, pad) != pad)
208 /* Print package component sizes. */
209 if (headerGetEntry(sigh, RPMSIGTAG_SIZE, NULL,(void **)&archSize, NULL))
210 rc = printSize(fd, sigSize, pad, *archSize);
214 if (rc == RPMRC_OK && sighp && sigh)
215 *sighp = headerLink(sigh);
216 sigh = headerFree(sigh);
220 int rpmWriteSignature(FD_t fd, Header h)
222 static byte buf[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
226 rc = headerWrite(fd, h, HEADER_MAGIC_YES);
230 sigSize = headerSizeof(h, HEADER_MAGIC_YES);
231 pad = (8 - (sigSize % 8)) % 8;
234 if (Fwrite(buf, sizeof(buf[0]), pad, fd) != pad)
238 rpmMessage(RPMMESS_DEBUG, _("Signature: size(%d)+pad(%d)\n"), sigSize, pad);
242 Header rpmNewSignature(void)
244 Header h = headerNew();
248 Header rpmFreeSignature(Header h)
250 return headerFree(h);
254 * Generate PGP (aka RSA/MD5) signature(s) for a header+payload file.
255 * @param file header+payload file name
256 * @retval pkt signature packet(s)
257 * @retval pktlen signature packet(s) length
258 * @param passPhrase private key pass phrase
259 * @return 0 on success, 1 on failure
261 static int makePGPSignature(const char * file, /*@out@*/ byte ** pkt,
262 /*@out@*/ int_32 * pktlen, /*@null@*/ const char * passPhrase)
263 /*@globals errno, rpmGlobalMacroContext,
264 fileSystem, internalState @*/
265 /*@modifies errno, *pkt, *pktlen, rpmGlobalMacroContext,
266 fileSystem, internalState @*/
268 char * sigfile = alloca(1024);
277 (void) stpcpy( stpcpy(sigfile, file), ".sig");
280 addMacro(NULL, "__plaintext_filename", NULL, file, -1);
281 addMacro(NULL, "__signature_filename", NULL, sigfile, -1);
283 inpipe[0] = inpipe[1] = 0;
288 if (!(pid = fork())) {
289 const char *pgp_path = rpmExpand("%{?_pgp_path}", NULL);
293 (void) close(STDIN_FILENO);
294 (void) dup2(inpipe[0], 3);
295 (void) close(inpipe[1]);
297 (void) dosetenv("PGPPASSFD", "3", 1);
299 if (pgp_path && *pgp_path != '\0')
300 (void) dosetenv("PGPPATH", pgp_path, 1);
303 /* dosetenv("PGPPASS", passPhrase, 1); */
305 unsetenv("MALLOC_CHECK_");
306 if ((path = rpmDetectPGPVersion(&pgpVer)) != NULL) {
309 cmd = rpmExpand("%{?__pgp_sign_cmd}", NULL);
310 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
313 rc = execve(av[0], av+1, environ);
317 cmd = rpmExpand("%{?__pgp5_sign_cmd}", NULL);
318 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
321 rc = execve(av[0], av+1, environ);
325 case PGP_NOTDETECTED:
330 rpmError(RPMERR_EXEC, _("Could not exec %s: %s\n"), "pgp",
335 delMacro(NULL, "__plaintext_filename");
336 delMacro(NULL, "__signature_filename");
338 (void) close(inpipe[0]);
340 (void) write(inpipe[1], passPhrase, strlen(passPhrase));
341 (void) write(inpipe[1], "\n", 1);
342 (void) close(inpipe[1]);
344 (void)waitpid(pid, &status, 0);
345 if (!WIFEXITED(status) || WEXITSTATUS(status)) {
346 rpmError(RPMERR_SIGGEN, _("pgp failed\n"));
350 if (stat(sigfile, &st)) {
351 /* PGP failed to write signature */
352 if (sigfile) (void) unlink(sigfile); /* Just in case */
353 rpmError(RPMERR_SIGGEN, _("pgp failed to write signature\n"));
358 *pktlen = st.st_size;
359 rpmMessage(RPMMESS_DEBUG, _("PGP sig size: %d\n"), *pktlen);
360 *pkt = xmalloc(*pktlen);
367 fd = Fopen(sigfile, "r.fdio");
368 if (fd != NULL && !Ferror(fd)) {
369 rc = timedRead(fd, *pkt, *pktlen);
370 if (sigfile) (void) unlink(sigfile);
377 rpmError(RPMERR_SIGGEN, _("unable to read the signature\n"));
382 rpmMessage(RPMMESS_DEBUG, _("Got %d bytes of PGP sig\n"), *pktlen);
389 * Generate GPG (aka DSA) signature(s) for a header+payload file.
390 * @param file header+payload file name
391 * @retval pkt signature packet(s)
392 * @retval pktlen signature packet(s) length
393 * @param passPhrase private key pass phrase
394 * @return 0 on success, 1 on failure
396 static int makeGPGSignature(const char * file, /*@out@*/ byte ** pkt,
397 /*@out@*/ int_32 * pktlen, /*@null@*/ const char * passPhrase)
398 /*@globals rpmGlobalMacroContext,
399 fileSystem, internalState @*/
400 /*@modifies *pkt, *pktlen, rpmGlobalMacroContext,
401 fileSystem, internalState @*/
403 char * sigfile = alloca(1024);
413 (void) stpcpy( stpcpy(sigfile, file), ".sig");
416 addMacro(NULL, "__plaintext_filename", NULL, file, -1);
417 addMacro(NULL, "__signature_filename", NULL, sigfile, -1);
419 inpipe[0] = inpipe[1] = 0;
424 if (!(pid = fork())) {
425 const char *gpg_path = rpmExpand("%{?_gpg_path}", NULL);
427 (void) close(STDIN_FILENO);
428 (void) dup2(inpipe[0], 3);
429 (void) close(inpipe[1]);
432 if (gpg_path && *gpg_path != '\0')
433 (void) dosetenv("GNUPGHOME", gpg_path, 1);
436 unsetenv("MALLOC_CHECK_");
437 cmd = rpmExpand("%{?__gpg_sign_cmd}", NULL);
438 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
441 rc = execve(av[0], av+1, environ);
444 rpmError(RPMERR_EXEC, _("Could not exec %s: %s\n"), "gpg",
449 delMacro(NULL, "__plaintext_filename");
450 delMacro(NULL, "__signature_filename");
452 fpipe = fdopen(inpipe[1], "w");
453 (void) close(inpipe[0]);
455 fprintf(fpipe, "%s\n", (passPhrase ? passPhrase : ""));
456 (void) fclose(fpipe);
459 (void) waitpid(pid, &status, 0);
460 if (!WIFEXITED(status) || WEXITSTATUS(status)) {
461 rpmError(RPMERR_SIGGEN, _("gpg failed\n"));
465 if (stat(sigfile, &st)) {
466 /* GPG failed to write signature */
467 if (sigfile) (void) unlink(sigfile); /* Just in case */
468 rpmError(RPMERR_SIGGEN, _("gpg failed to write signature\n"));
473 *pktlen = st.st_size;
474 rpmMessage(RPMMESS_DEBUG, _("GPG sig size: %d\n"), *pktlen);
475 *pkt = xmalloc(*pktlen);
482 fd = Fopen(sigfile, "r.fdio");
483 if (fd != NULL && !Ferror(fd)) {
484 rc = timedRead(fd, *pkt, *pktlen);
485 if (sigfile) (void) unlink(sigfile);
492 rpmError(RPMERR_SIGGEN, _("unable to read the signature\n"));
497 rpmMessage(RPMMESS_DEBUG, _("Got %d bytes of GPG sig\n"), *pktlen);
504 * Generate header only signature(s) from a header+payload file.
505 * @param sig signature header
506 * @param file header+payload file name
507 * @param sigTag type of signature(s) to add
508 * @param passPhrase private key pass phrase
509 * @return 0 on success, -1 on failure
511 static int makeHDRSignature(Header sig, const char * file, int_32 sigTag,
512 /*@null@*/ const char * passPhrase)
513 /*@globals rpmGlobalMacroContext, fileSystem, internalState @*/
514 /*@modifies sig, rpmGlobalMacroContext, fileSystem, internalState @*/
520 const char * fn = NULL;
521 const char * SHA1 = NULL;
522 int ret = -1; /* assume failure. */
527 case RPMSIGTAG_PGP5: /* XXX legacy */
531 /*@notreached@*/ break;
533 fd = Fopen(file, "r.fdio");
534 if (fd == NULL || Ferror(fd))
536 h = headerRead(fd, HEADER_MAGIC_YES);
539 (void) Fclose(fd); fd = NULL;
541 if (headerIsEntry(h, RPMTAG_HEADERIMMUTABLE)) {
546 if (!headerGetEntry(h, RPMTAG_HEADERIMMUTABLE, &uht, &uh, &uhc)
552 ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
553 (void) rpmDigestUpdate(ctx, header_magic, sizeof(header_magic));
554 (void) rpmDigestUpdate(ctx, uh, uhc);
555 (void) rpmDigestFinal(ctx, (void **)&SHA1, NULL, 1);
556 uh = headerFreeData(uh, uht);
562 if (!headerAddEntry(sig, RPMSIGTAG_SHA1, RPM_STRING_TYPE, SHA1, 1))
567 fd = Fopen(file, "r.fdio");
568 if (fd == NULL || Ferror(fd))
570 h = headerRead(fd, HEADER_MAGIC_YES);
573 (void) Fclose(fd); fd = NULL;
574 if (makeTempFile(NULL, &fn, &fd))
576 if (headerWrite(fd, h, HEADER_MAGIC_YES))
578 (void) Fclose(fd); fd = NULL;
579 if (makeGPGSignature(fn, &pkt, &pktlen, passPhrase)
580 || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen))
585 fd = Fopen(file, "r.fdio");
586 if (fd == NULL || Ferror(fd))
588 h = headerRead(fd, HEADER_MAGIC_YES);
591 (void) Fclose(fd); fd = NULL;
592 if (makeTempFile(NULL, &fn, &fd))
594 if (headerWrite(fd, h, HEADER_MAGIC_YES))
596 (void) Fclose(fd); fd = NULL;
597 if (makePGPSignature(fn, &pkt, &pktlen, passPhrase)
598 || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen))
611 if (fd) (void) Fclose(fd);
615 int rpmAddSignature(Header sig, const char * file, int_32 sigTag,
616 const char * passPhrase)
621 int ret = -1; /* assume failure. */
625 if (stat(file, &st) != 0)
628 if (!headerAddEntry(sig, sigTag, RPM_INT32_TYPE, &pktlen, 1))
634 pkt = xcalloc(1, pktlen);
635 if (domd5(file, pkt, 0, NULL)
636 || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen))
640 case RPMSIGTAG_PGP5: /* XXX legacy */
642 if (makePGPSignature(file, &pkt, &pktlen, passPhrase)
643 || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen))
645 #ifdef NOTYET /* XXX needs hdrmd5ctx, like hdrsha1ctx. */
646 /* XXX Piggyback a header-only RSA signature as well. */
647 ret = makeHDRSignature(sig, file, RPMSIGTAG_RSA, passPhrase);
652 if (makeGPGSignature(file, &pkt, &pktlen, passPhrase)
653 || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen))
655 /* XXX Piggyback a header-only DSA signature as well. */
656 ret = makeHDRSignature(sig, file, RPMSIGTAG_DSA, passPhrase);
661 ret = makeHDRSignature(sig, file, sigTag, passPhrase);
668 static int checkPassPhrase(const char * passPhrase, const int sigTag)
669 /*@globals rpmGlobalMacroContext, fileSystem, internalState @*/
670 /*@modifies rpmGlobalMacroContext, fileSystem, internalState @*/
672 int passPhrasePipe[2];
677 passPhrasePipe[0] = passPhrasePipe[1] = 0;
679 xx = pipe(passPhrasePipe);
681 if (!(pid = fork())) {
686 xx = close(STDIN_FILENO);
687 xx = close(STDOUT_FILENO);
688 xx = close(passPhrasePipe[1]);
689 if (! rpmIsVerbose())
690 xx = close(STDERR_FILENO);
691 if ((fdno = open("/dev/null", O_RDONLY)) != STDIN_FILENO) {
692 xx = dup2(fdno, STDIN_FILENO);
695 if ((fdno = open("/dev/null", O_WRONLY)) != STDOUT_FILENO) {
696 xx = dup2(fdno, STDOUT_FILENO);
699 xx = dup2(passPhrasePipe[0], 3);
701 unsetenv("MALLOC_CHECK_");
705 { const char *gpg_path = rpmExpand("%{?_gpg_path}", NULL);
708 if (gpg_path && *gpg_path != '\0')
709 (void) dosetenv("GNUPGHOME", gpg_path, 1);
712 cmd = rpmExpand("%{?__gpg_check_password_cmd}", NULL);
713 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
716 rc = execve(av[0], av+1, environ);
719 rpmError(RPMERR_EXEC, _("Could not exec %s: %s\n"), "gpg",
721 } /*@notreached@*/ break;
723 case RPMSIGTAG_PGP5: /* XXX legacy */
725 { const char *pgp_path = rpmExpand("%{?_pgp_path}", NULL);
729 (void) dosetenv("PGPPASSFD", "3", 1);
731 if (pgp_path && *pgp_path != '\0')
732 xx = dosetenv("PGPPATH", pgp_path, 1);
735 if ((path = rpmDetectPGPVersion(&pgpVer)) != NULL) {
738 cmd = rpmExpand("%{?__pgp_check_password_cmd}", NULL);
739 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
742 rc = execve(av[0], av+1, environ);
744 /*@innerbreak@*/ break;
745 case PGP_5: /* XXX legacy */
746 cmd = rpmExpand("%{?__pgp5_check_password_cmd}", NULL);
747 rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
750 rc = execve(av[0], av+1, environ);
752 /*@innerbreak@*/ break;
754 case PGP_NOTDETECTED:
755 /*@innerbreak@*/ break;
758 rpmError(RPMERR_EXEC, _("Could not exec %s: %s\n"), "pgp",
761 } /*@notreached@*/ break;
762 default: /* This case should have been screened out long ago. */
763 rpmError(RPMERR_SIGGEN, _("Invalid %%_signature spec in macro file\n"));
764 _exit(RPMERR_SIGGEN);
765 /*@notreached@*/ break;
769 xx = close(passPhrasePipe[0]);
770 xx = write(passPhrasePipe[1], passPhrase, strlen(passPhrase));
771 xx = write(passPhrasePipe[1], "\n", 1);
772 xx = close(passPhrasePipe[1]);
774 (void) waitpid(pid, &status, 0);
776 return ((!WIFEXITED(status) || WEXITSTATUS(status)) ? 1 : 0);
779 char * rpmGetPassPhrase(const char * prompt, const int sigTag)
788 { const char *name = rpmExpand("%{?_gpg_name}", NULL);
789 aok = (name && *name != '\0');
794 rpmError(RPMERR_SIGGEN,
795 _("You must set \"%%_gpg_name\" in your macro file\n"));
800 case RPMSIGTAG_PGP5: /* XXX legacy */
803 { const char *name = rpmExpand("%{?_pgp_name}", NULL);
804 aok = (name && *name != '\0');
809 rpmError(RPMERR_SIGGEN,
810 _("You must set \"%%_pgp_name\" in your macro file\n"));
815 /* Currently the calling function (rpm.c:main) is checking this and
816 * doing a better job. This section should never be accessed.
818 rpmError(RPMERR_SIGGEN, _("Invalid %%_signature spec in macro file\n"));
820 /*@notreached@*/ break;
823 /*@-moduncon -nullpass @*/
824 pass = /*@-unrecog@*/ getpass( (prompt ? prompt : "") ) /*@=unrecog@*/ ;
825 /*@=moduncon -nullpass @*/
827 if (checkPassPhrase(pass, sigTag))
833 static /*@observer@*/ const char * rpmSigString(rpmRC res)
838 case RPMRC_OK: str = "OK"; break;
839 case RPMRC_FAIL: str = "BAD"; break;
840 case RPMRC_NOKEY: str = "NOKEY"; break;
841 case RPMRC_NOTTRUSTED: str = "NOTRUSTED"; break;
843 case RPMRC_NOTFOUND: str = "UNKNOWN"; break;
850 verifySizeSignature(const rpmts ts, /*@out@*/ char * t)
853 const void * sig = rpmtsSig(ts);
854 pgpDig dig = rpmtsDig(ts);
856 int_32 size = 0x7fffffff;
859 t = stpcpy(t, _("Header+Payload size: "));
861 if (sig == NULL || dig == NULL || dig->nbytes == 0) {
863 t = stpcpy(t, rpmSigString(res));
867 memcpy(&size, sig, sizeof(size));
869 if (size != dig->nbytes) {
871 t = stpcpy(t, rpmSigString(res));
872 sprintf(t, " Expected(%d) != (%d)\n", size, dig->nbytes);
875 t = stpcpy(t, rpmSigString(res));
876 sprintf(t, " (%d)", dig->nbytes);
887 verifyMD5Signature(const rpmts ts, /*@out@*/ char * t,
888 /*@null@*/ DIGEST_CTX md5ctx)
891 const void * sig = rpmtsSig(ts);
892 int_32 siglen = rpmtsSiglen(ts);
893 pgpDig dig = rpmtsDig(ts);
895 byte * md5sum = NULL;
899 t = stpcpy(t, _("MD5 digest: "));
901 if (md5ctx == NULL || sig == NULL || dig == NULL) {
903 t = stpcpy(t, rpmSigString(res));
907 (void) rpmDigestFinal(rpmDigestDup(md5ctx),
908 (void **)&md5sum, &md5len, 0);
910 if (md5len != siglen || memcmp(md5sum, sig, md5len)) {
912 t = stpcpy(t, rpmSigString(res));
913 t = stpcpy(t, " Expected(");
914 (void) pgpHexCvt(t, sig, siglen);
916 t = stpcpy(t, ") != (");
919 t = stpcpy(t, rpmSigString(res));
922 (void) pgpHexCvt(t, md5sum, md5len);
927 md5sum = _free(md5sum);
935 * Verify header immutable region SHA1 digest.
936 * @param ts transaction set
937 * @retval t verbose success/failure text
939 * @return RPMRC_OK on success
942 verifySHA1Signature(const rpmts ts, /*@out@*/ char * t,
943 /*@null@*/ DIGEST_CTX sha1ctx)
946 const void * sig = rpmtsSig(ts);
948 int_32 siglen = rpmtsSiglen(ts);
950 pgpDig dig = rpmtsDig(ts);
952 const char * SHA1 = NULL;
955 t = stpcpy(t, _("Header SHA1 digest: "));
957 if (sha1ctx == NULL || sig == NULL || dig == NULL) {
959 t = stpcpy(t, rpmSigString(res));
963 (void) rpmDigestFinal(rpmDigestDup(sha1ctx),
964 (void **)&SHA1, NULL, 1);
966 if (SHA1 == NULL || strlen(SHA1) != strlen(sig) || strcmp(SHA1, sig)) {
968 t = stpcpy(t, rpmSigString(res));
969 t = stpcpy(t, " Expected(");
971 t = stpcpy(t, ") != (");
974 t = stpcpy(t, rpmSigString(res));
989 * Convert hex to binary nibble.
990 * @param c hex character
991 * @return binary nibble
993 static inline unsigned char nibble(char c)
996 if (c >= '0' && c <= '9')
998 if (c >= 'A' && c <= 'F')
999 return (c - 'A') + 10;
1000 if (c >= 'a' && c <= 'f')
1001 return (c - 'a') + 10;
1007 * Verify PGP (aka RSA/MD5) signature.
1008 * @param ts transaction set
1009 * @retval t verbose success/failure text
1011 * @return RPMRC_OK on success
1014 verifyPGPSignature(rpmts ts, /*@out@*/ char * t,
1015 /*@null@*/ DIGEST_CTX md5ctx)
1016 /*@globals rpmGlobalMacroContext, fileSystem, internalState @*/
1017 /*@modifies ts, *t, rpmGlobalMacroContext, fileSystem, internalState */
1019 const void * sig = rpmtsSig(ts);
1021 int_32 siglen = rpmtsSiglen(ts);
1023 int_32 sigtag = rpmtsSigtag(ts);
1024 pgpDig dig = rpmtsDig(ts);
1025 pgpDigParams sigp = rpmtsSignature(ts);
1030 t = stpcpy(t, _("V3 RSA/MD5 signature: "));
1032 if (md5ctx == NULL || sig == NULL || dig == NULL || sigp == NULL) {
1037 /* XXX sanity check on sigtag and signature agreement. */
1038 if (!(sigtag == RPMSIGTAG_PGP
1039 && sigp->pubkey_algo == PGPPUBKEYALGO_RSA
1040 && sigp->hash_algo == PGPHASHALGO_MD5))
1046 { DIGEST_CTX ctx = rpmDigestDup(md5ctx);
1050 if (sigp->hash != NULL)
1051 xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
1053 #ifdef NOTYET /* XXX not for binary/text document signatures. */
1054 if (sigp->sigtype == 4) {
1055 int nb = dig->nbytes + sigp->hashlen;
1060 memcpy(trailer+2, &nb, sizeof(nb));
1061 xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
1065 xx = rpmDigestFinal(ctx, (void **)&dig->md5, &dig->md5len, 1);
1067 /* Compare leading 16 bits of digest for quick check. */
1069 signhash16[0] = (nibble(s[0]) << 4) | nibble(s[1]);
1070 signhash16[1] = (nibble(s[2]) << 4) | nibble(s[3]);
1071 if (memcmp(signhash16, sigp->signhash16, sizeof(signhash16))) {
1078 { const char * prefix = "3020300c06082a864886f70d020505000410";
1079 unsigned int nbits = 1024;
1080 unsigned int nb = (nbits + 7) >> 3;
1081 const char * hexstr;
1084 hexstr = tt = xmalloc(2 * nb + 1);
1085 memset(tt, 'f', (2 * nb));
1086 tt[0] = '0'; tt[1] = '0';
1087 tt[2] = '0'; tt[3] = '1';
1088 tt += (2 * nb) - strlen(prefix) - strlen(dig->md5) - 2;
1089 *tt++ = '0'; *tt++ = '0';
1090 tt = stpcpy(tt, prefix);
1091 tt = stpcpy(tt, dig->md5);
1093 mp32nzero(&dig->rsahm); mp32nsethex(&dig->rsahm, hexstr);
1095 hexstr = _free(hexstr);
1099 /* Retrieve the matching public key. */
1100 res = rpmtsFindPubkey(ts);
1101 if (res != RPMRC_OK)
1104 if (rsavrfy(&dig->rsa_pk, &dig->rsahm, &dig->c))
1110 t = stpcpy(t, rpmSigString(res));
1112 t = stpcpy(t, ", key ID ");
1113 (void) pgpHexCvt(t, sigp->signid+4, sizeof(sigp->signid)-4);
1116 t = stpcpy(t, "\n");
1122 * Verify GPG (aka DSA) signature.
1123 * @param ts transaction set
1124 * @retval t verbose success/failure text
1126 * @return RPMRC_OK on success
1130 verifyGPGSignature(rpmts ts, /*@out@*/ char * t,
1131 /*@null@*/ DIGEST_CTX sha1ctx)
1132 /*@globals rpmGlobalMacroContext, fileSystem, internalState @*/
1133 /*@modifies ts, *t, rpmGlobalMacroContext, fileSystem, internalState */
1135 const void * sig = rpmtsSig(ts);
1137 int_32 siglen = rpmtsSiglen(ts);
1139 int_32 sigtag = rpmtsSigtag(ts);
1140 pgpDig dig = rpmtsDig(ts);
1141 pgpDigParams sigp = rpmtsSignature(ts);
1146 if (dig != NULL && dig->hdrsha1ctx == sha1ctx)
1147 t = stpcpy(t, _("Header "));
1148 t = stpcpy(t, _("V3 DSA signature: "));
1150 if (sha1ctx == NULL || sig == NULL || dig == NULL || sigp == NULL) {
1155 /* XXX sanity check on sigtag and signature agreement. */
1156 if (!((sigtag == RPMSIGTAG_GPG || sigtag == RPMSIGTAG_DSA)
1157 && sigp->pubkey_algo == PGPPUBKEYALGO_DSA
1158 && sigp->hash_algo == PGPHASHALGO_SHA1))
1164 { DIGEST_CTX ctx = rpmDigestDup(sha1ctx);
1167 if (sigp->hash != NULL)
1168 xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
1170 #ifdef NOTYET /* XXX not for binary/text document signatures. */
1171 if (sigp->sigtype == 4) {
1172 int nb = dig->nbytes + sigp->hashlen;
1177 memcpy(trailer+2, &nb, sizeof(nb));
1178 xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
1181 xx = rpmDigestFinal(ctx, (void **)&dig->sha1, &dig->sha1len, 1);
1183 mp32nzero(&dig->hm); mp32nsethex(&dig->hm, dig->sha1);
1185 /* Compare leading 16 bits of digest for quick check. */
1186 signhash16[0] = (*dig->hm.data >> 24) & 0xff;
1187 signhash16[1] = (*dig->hm.data >> 16) & 0xff;
1188 if (memcmp(signhash16, sigp->signhash16, sizeof(signhash16))) {
1194 /* Retrieve the matching public key. */
1195 res = rpmtsFindPubkey(ts);
1196 if (res != RPMRC_OK)
1199 if (dsavrfy(&dig->p, &dig->q, &dig->g,
1200 &dig->hm, &dig->y, &dig->r, &dig->s))
1206 t = stpcpy(t, rpmSigString(res));
1208 t = stpcpy(t, ", key ID ");
1209 (void) pgpHexCvt(t, sigp->signid+4, sizeof(sigp->signid)-4);
1212 t = stpcpy(t, "\n");
1218 rpmVerifySignature(const rpmts ts, char * result)
1220 const void * sig = rpmtsSig(ts);
1221 int_32 siglen = rpmtsSiglen(ts);
1222 int_32 sigtag = rpmtsSigtag(ts);
1223 pgpDig dig = rpmtsDig(ts);
1226 if (sig == NULL || siglen <= 0 || dig == NULL) {
1227 sprintf(result, _("Verify signature: BAD PARAMETERS\n"));
1228 return RPMRC_NOTFOUND;
1232 case RPMSIGTAG_SIZE:
1233 res = verifySizeSignature(ts, result);
1236 res = verifyMD5Signature(ts, result, dig->md5ctx);
1238 case RPMSIGTAG_SHA1:
1239 res = verifySHA1Signature(ts, result, dig->hdrsha1ctx);
1242 case RPMSIGTAG_PGP5: /* XXX legacy */
1244 res = verifyPGPSignature(ts, result, dig->md5ctx);
1247 res = verifyGPGSignature(ts, result, dig->hdrsha1ctx);
1250 res = verifyGPGSignature(ts, result, dig->sha1ctx);
1252 case RPMSIGTAG_LEMD5_1:
1253 case RPMSIGTAG_LEMD5_2:
1254 sprintf(result, _("Broken MD5 digest: UNSUPPORTED\n"));
1255 res = RPMRC_NOTFOUND;
1258 sprintf(result, _("Signature: UNKNOWN (%d)\n"), sigtag);
1259 res = RPMRC_NOTFOUND;