int xx;
int i;
struct rpmtd_s sigtd;
+ DIGEST_CTX ctx = NULL;
/* Is the blob the right size? */
if (uc > 0 && pvlen != uc) {
ildl[1] = htonl(ildl[1]);
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
- dig->hdrmd5ctx = rpmDigestInit(dig->signature.hash_algo, RPMDIGEST_NONE);
+ ctx = rpmDigestInit(dig->signature.hash_algo, RPMDIGEST_NONE);
b = (unsigned char *) rpm_header_magic;
nb = sizeof(rpm_header_magic);
- (void) rpmDigestUpdate(dig->hdrmd5ctx, b, nb);
+ (void) rpmDigestUpdate(ctx, b, nb);
dig->nbytes += nb;
b = (unsigned char *) ildl;
nb = sizeof(ildl);
- (void) rpmDigestUpdate(dig->hdrmd5ctx, b, nb);
+ (void) rpmDigestUpdate(ctx, b, nb);
dig->nbytes += nb;
b = (unsigned char *) pe;
nb = (htonl(ildl[0]) * sizeof(*pe));
- (void) rpmDigestUpdate(dig->hdrmd5ctx, b, nb);
+ (void) rpmDigestUpdate(ctx, b, nb);
dig->nbytes += nb;
b = (unsigned char *) dataStart;
nb = htonl(ildl[1]);
- (void) rpmDigestUpdate(dig->hdrmd5ctx, b, nb);
+ (void) rpmDigestUpdate(ctx, b, nb);
dig->nbytes += nb;
(void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), dig->nbytes);
ildl[1] = htonl(ildl[1]);
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
- dig->hdrsha1ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
+ ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
b = (unsigned char *) rpm_header_magic;
nb = sizeof(rpm_header_magic);
- (void) rpmDigestUpdate(dig->hdrsha1ctx, b, nb);
+ (void) rpmDigestUpdate(ctx, b, nb);
dig->nbytes += nb;
b = (unsigned char *) ildl;
nb = sizeof(ildl);
- (void) rpmDigestUpdate(dig->hdrsha1ctx, b, nb);
+ (void) rpmDigestUpdate(ctx, b, nb);
dig->nbytes += nb;
b = (unsigned char *) pe;
nb = (htonl(ildl[0]) * sizeof(*pe));
- (void) rpmDigestUpdate(dig->hdrsha1ctx, b, nb);
+ (void) rpmDigestUpdate(ctx, b, nb);
dig->nbytes += nb;
b = (unsigned char *) dataStart;
nb = htonl(ildl[1]);
- (void) rpmDigestUpdate(dig->hdrsha1ctx, b, nb);
+ (void) rpmDigestUpdate(ctx, b, nb);
dig->nbytes += nb;
(void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), dig->nbytes);
}
{ rpmKeyring keyring = rpmtsGetKeyring(ts, 1);
- rc = rpmVerifySignature(keyring, &sigtd, dig, &buf);
+ rc = rpmVerifySignature(keyring, &sigtd, dig, ctx, &buf);
rpmKeyringFree(keyring);
}
rpmtdFreeData(&sigtd);
pgpFreeDig(dig);
+ rpmDigestFinal(ctx, NULL, NULL, 0);
return rc;
}
rpmRC rc = RPMRC_FAIL; /* assume failure */
int leadtype = -1;
headerGetFlags hgeflags = HEADERGET_DEFAULT;
+ DIGEST_CTX ctx = NULL;
if (hdrp) *hdrp = NULL;
if (!headerGet(h, RPMTAG_HEADERIMMUTABLE, &utd, hgeflags))
break;
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
- dig->hdrmd5ctx = rpmDigestInit(dig->signature.hash_algo, RPMDIGEST_NONE);
- (void) rpmDigestUpdate(dig->hdrmd5ctx, rpm_header_magic, sizeof(rpm_header_magic));
+ ctx = rpmDigestInit(dig->signature.hash_algo, RPMDIGEST_NONE);
+ (void) rpmDigestUpdate(ctx, rpm_header_magic, sizeof(rpm_header_magic));
dig->nbytes += sizeof(rpm_header_magic);
- (void) rpmDigestUpdate(dig->hdrmd5ctx, utd.data, utd.count);
+ (void) rpmDigestUpdate(ctx, utd.data, utd.count);
dig->nbytes += utd.count;
(void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), dig->nbytes);
rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
if (!headerGet(h, RPMTAG_HEADERIMMUTABLE, &utd, hgeflags))
break;
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
- dig->hdrsha1ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
- (void) rpmDigestUpdate(dig->hdrsha1ctx, rpm_header_magic, sizeof(rpm_header_magic));
+ ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
+ (void) rpmDigestUpdate(ctx, rpm_header_magic, sizeof(rpm_header_magic));
dig->nbytes += sizeof(rpm_header_magic);
- (void) rpmDigestUpdate(dig->hdrsha1ctx, utd.data, utd.count);
+ (void) rpmDigestUpdate(ctx, utd.data, utd.count);
dig->nbytes += utd.count;
(void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), dig->nbytes);
if (sigtag == RPMSIGTAG_SHA1)
goto exit;
}
- fdStealDigest(fd, dig);
+ ctx = rpmDigestBundleDupCtx(fd->digests, (sigtag == RPMSIGTAG_MD5) ?
+ PGPHASHALGO_MD5 : dig->signature.hash_algo);
break;
default:
break;
/** @todo Implement disable/enable/warn/error/anal policy. */
{ rpmKeyring keyring = rpmtsGetKeyring(ts, 1);
- rc = rpmVerifySignature(keyring, &sigtd, dig, &msg);
+ rc = rpmVerifySignature(keyring, &sigtd, dig, ctx, &msg);
rpmKeyringFree(keyring);
}
*hdrp = headerLink(h);
}
rpmtdFreeData(&sigtd);
+ rpmDigestFinal(ctx, NULL, NULL, 0);
h = headerFree(h);
pgpFreeDig(dig);
sigh = rpmFreeSignature(sigh);
/**
* @todo If the GPG key was known available, the md5 digest could be skipped.
*/
-static int readFile(FD_t fd, const char * fn, pgpDig dig)
+static int readFile(FD_t fd, const char * fn, pgpDig dig,
+ rpmDigestBundle plbundle, rpmDigestBundle hdrbundle)
{
unsigned char buf[4*BUFSIZ];
ssize_t count;
"Corrupted package?\n"), fn);
goto exit;
}
- dig->hdrsha1ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
- (void) rpmDigestUpdate(dig->hdrsha1ctx, rpm_header_magic, sizeof(rpm_header_magic));
- (void) rpmDigestUpdate(dig->hdrsha1ctx, utd.data, utd.count);
- dig->hdrmd5ctx = rpmDigestInit(dig->signature.hash_algo, RPMDIGEST_NONE);
- (void) rpmDigestUpdate(dig->hdrmd5ctx, rpm_header_magic, sizeof(rpm_header_magic));
- (void) rpmDigestUpdate(dig->hdrmd5ctx, utd.data, utd.count);
+ rpmDigestBundleUpdate(hdrbundle, rpm_header_magic, sizeof(rpm_header_magic));
+ rpmDigestBundleUpdate(hdrbundle, utd.data, utd.count);
rpmtdFreeData(&utd);
}
h = headerFree(h);
rpmlog(RPMLOG_ERR, _("%s: Fread failed: %s\n"), fn, Fstrerror(fd));
goto exit;
}
- fdStealDigest(fd, dig);
rc = 0;
int nodigests = !(qva->qva_flags & VERIFY_DIGEST);
int nosignatures = !(qva->qva_flags & VERIFY_SIGNATURE);
rpmKeyring keyring = rpmtsGetKeyring(ts, 1);
+ rpmDigestBundle plbundle = rpmDigestBundleNew();
+ rpmDigestBundle hdrbundle = rpmDigestBundleNew();
rpmlead lead = rpmLeadNew();
if ((rc = rpmLeadRead(fd, lead)) == RPMRC_OK) {
sigp = &dig->signature;
/* XXX RSA needs the hash_algo, so decode early. */
- if (sigtag == RPMSIGTAG_RSA || sigtag == RPMSIGTAG_PGP) {
+ if (sigtag == RPMSIGTAG_RSA || sigtag == RPMSIGTAG_PGP ||
+ sigtag == RPMSIGTAG_DSA || sigtag == RPMSIGTAG_GPG) {
xx = headerGet(sigh, sigtag, &sigtd, HEADERGET_DEFAULT);
xx = pgpPrtPkts(sigtd.data, sigtd.count, dig, 0);
rpmtdFreeData(&sigtd);
/* XXX assume same hash_algo in header-only and header+payload */
- if ((headerIsEntry(sigh, RPMSIGTAG_PGP)
- || headerIsEntry(sigh, RPMSIGTAG_PGP5))
- && dig->signature.hash_algo != PGPHASHALGO_MD5)
- fdInitDigest(fd, dig->signature.hash_algo, 0);
+ rpmDigestBundleAdd(plbundle, sigp->hash_algo, RPMDIGEST_NONE);
+ rpmDigestBundleAdd(hdrbundle, sigp->hash_algo, RPMDIGEST_NONE);
}
- if (headerIsEntry(sigh, RPMSIGTAG_PGP)
- || headerIsEntry(sigh, RPMSIGTAG_PGP5)
- || headerIsEntry(sigh, RPMSIGTAG_MD5))
- fdInitDigest(fd, PGPHASHALGO_MD5, 0);
- if (headerIsEntry(sigh, RPMSIGTAG_GPG))
- fdInitDigest(fd, PGPHASHALGO_SHA1, 0);
+ if (headerIsEntry(sigh, RPMSIGTAG_PGP) ||
+ headerIsEntry(sigh, RPMSIGTAG_PGP5) ||
+ headerIsEntry(sigh, RPMSIGTAG_MD5)) {
+ rpmDigestBundleAdd(plbundle, PGPHASHALGO_MD5, RPMDIGEST_NONE);
+ }
+ if (headerIsEntry(sigh, RPMSIGTAG_GPG)) {
+ rpmDigestBundleAdd(plbundle, PGPHASHALGO_SHA1, RPMDIGEST_NONE);
+ }
+
+ /* always do sha1 hash of header */
+ rpmDigestBundleAdd(hdrbundle, PGPHASHALGO_SHA1, RPMDIGEST_NONE);
/* Read the file, generating digest(s) on the fly. */
- if (dig == NULL || sigp == NULL || readFile(fd, fn, dig)) {
+ fdSetBundle(fd, plbundle);
+ if (readFile(fd, fn, dig, plbundle, hdrbundle)) {
goto exit;
}
+ fdSetBundle(fd, NULL); /* XXX avoid double-free from fd close */
rasprintf(&buf, "%s:%c", fn, (rpmIsVerbose() ? '\n' : ' ') );
for (; headerNext(hi, &sigtd) != 0; rpmtdFreeData(&sigtd)) {
char *result = NULL;
int havekey = 0;
-
+ DIGEST_CTX ctx = NULL;
if (sigtd.data == NULL) /* XXX can't happen */
continue;
if (parsePGP(&sigtd, fn, dig) != RPMRC_OK) {
goto exit;
}
+ ctx = rpmDigestBundleDupCtx(havekey ? plbundle : hdrbundle,
+ dig->signature.hash_algo);
break;
case RPMSIGTAG_SHA1:
+ if (nodigests)
+ continue;
+ ctx = rpmDigestBundleDupCtx(hdrbundle, PGPHASHALGO_SHA1);
+ break;
case RPMSIGTAG_MD5:
if (nodigests)
continue;
+ ctx = rpmDigestBundleDupCtx(plbundle, PGPHASHALGO_MD5);
break;
default:
continue;
break;
}
- rc = rpmVerifySignature(keyring, &sigtd, dig, &result);
+ rc = rpmVerifySignature(keyring, &sigtd, dig, ctx, &result);
+ rpmDigestFinal(ctx, NULL, NULL, 0);
+
formatResult(sigtd.tag, rc, result, havekey,
(rc == RPMRC_NOKEY ? &missingKeys : &untrustedKeys),
&buf);
exit:
free(buf);
+ rpmDigestBundleFree(hdrbundle);
+ rpmDigestBundleFree(plbundle);
sigh = rpmFreeSignature(sigh);
hi = headerFreeIterator(hi);
rpmKeyringFree(keyring);
}
rpmRC
-rpmVerifySignature(rpmKeyring keyring, rpmtd sigtd, pgpDig dig, char ** result)
+rpmVerifySignature(rpmKeyring keyring, rpmtd sigtd, pgpDig dig, DIGEST_CTX ctx, char ** result)
{
rpmRC res = RPMRC_NOTFOUND;
char *msg = NULL;
res = verifySizeSignature(sigtd, dig->nbytes, &msg);
break;
case RPMSIGTAG_MD5:
- res = verifyMD5Signature(sigtd, &msg, dig->md5ctx);
+ res = verifyMD5Signature(sigtd, &msg, ctx);
break;
case RPMSIGTAG_SHA1:
- res = verifySHA1Signature(sigtd, &msg, dig->hdrsha1ctx);
+ res = verifySHA1Signature(sigtd, &msg, ctx);
break;
case RPMSIGTAG_RSA:
- res = verifyRSASignature(keyring, sigtd, dig, &msg, dig->hdrmd5ctx);
+ res = verifyRSASignature(keyring, sigtd, dig, &msg, ctx);
break;
case RPMSIGTAG_PGP5: /* XXX legacy */
case RPMSIGTAG_PGP:
- res = verifyRSASignature(keyring, sigtd, dig, &msg,
- ((dig->signature.hash_algo == PGPHASHALGO_MD5)
- ? dig->md5ctx : dig->sha1ctx));
+ res = verifyRSASignature(keyring, sigtd, dig, &msg, ctx);
break;
case RPMSIGTAG_DSA:
- res = verifyDSASignature(keyring, sigtd, dig, &msg, dig->hdrsha1ctx);
+ res = verifyDSASignature(keyring, sigtd, dig, &msg, ctx);
break;
case RPMSIGTAG_GPG:
- res = verifyDSASignature(keyring, sigtd, dig, &msg, dig->sha1ctx);
+ res = verifyDSASignature(keyring, sigtd, dig, &msg, ctx);
break;
default:
rasprintf(&msg, _("Signature: UNKNOWN (%d)\n"), sigtd->tag);
* (malloc'd)
* @return result of signature verification
*/
-rpmRC rpmVerifySignature(rpmKeyring keyring, rpmtd sigtd, pgpDig dig, char ** result);
+rpmRC rpmVerifySignature(rpmKeyring keyring, rpmtd sigtd, pgpDig dig, DIGEST_CTX ctx, char ** result);
/** \ingroup signature
* Destroy signature header from package.
fdstat_exit(fd, FDSTAT_DIGEST, (ssize_t) 0);
}
}
-
-void fdStealDigest(FD_t fd, pgpDig dig)
-{
- if (fd && fd->digests) {
- rpmDigestBundle bundle = fd->digests;
- for (int i = bundle->index_max; i >= bundle->index_min; i--) {
- DIGEST_CTX ctx = bundle->digests[i];
- if (ctx == NULL)
- continue;
- switch (ctx->algo) {
- case PGPHASHALGO_MD5:
- assert(dig->md5ctx == NULL);
- dig->md5ctx = ctx;
- bundle->digests[i] = NULL;
- break;
- case PGPHASHALGO_SHA1:
- case PGPHASHALGO_SHA256:
- case PGPHASHALGO_SHA384:
- case PGPHASHALGO_SHA512:
- assert(dig->sha1ctx == NULL);
- dig->sha1ctx = ctx;
- bundle->digests[i] = NULL;
- break;
- default:
- break;
- }
- }
- }
-}
size_t nbytes; /*!< No. bytes of plain text. */
- DIGEST_CTX sha1ctx; /*!< (dsa) sha1 hash context. */
- DIGEST_CTX hdrsha1ctx; /*!< (dsa) header sha1 hash context. */
-
- DIGEST_CTX md5ctx; /*!< (rsa) md5 hash context. */
- DIGEST_CTX hdrmd5ctx; /*!< (rsa) header md5 hash context. */
-
/* DSA/RSA parameters */
SECKEYPublicKey *keydata;
SECItem *sigdata;
fd->fd_cpioPos = cpioPos;
}
+static inline
+void fdSetBundle(FD_t fd, rpmDigestBundle bundle)
+{
+ FDSANE(fd);
+ fd->digests = bundle;
+}
+
/** \ingroup rpmio
*/
static inline
size_t * lenp,
int asAscii);
-
-/* XXX Steal the digest-in-progress from the file handle. */
-void fdStealDigest(FD_t fd, pgpDig dig);
-
/**
* Read an entire file into a buffer.
* @param fn file name to read
/* DUmp the signature/pubkey data. */
pgpCleanDig(dig);
-
- if (dig->hdrsha1ctx != NULL)
- (void) rpmDigestFinal(dig->hdrsha1ctx, NULL, NULL, 0);
- dig->hdrsha1ctx = NULL;
-
- if (dig->sha1ctx != NULL)
- (void) rpmDigestFinal(dig->sha1ctx, NULL, NULL, 0);
- dig->sha1ctx = NULL;
-
- if (dig->hdrmd5ctx != NULL)
- (void) rpmDigestFinal(dig->hdrmd5ctx, NULL, NULL, 0);
- dig->hdrmd5ctx = NULL;
-
- if (dig->md5ctx != NULL)
- (void) rpmDigestFinal(dig->md5ctx, NULL, NULL, 0);
- dig->md5ctx = NULL;
-
dig = _free(dig);
}
return dig;