lib/signature.c File Reference

#include "system.h"
#include "rpmio_internal.h"
#include <rpmlib.h>
#include <rpmmacro.h>
#include "rpmdb.h"
#include "rpmts.h"
#include "misc.h"
#include "legacy.h"
#include "rpmlead.h"
#include "signature.h"
#include "header_internal.h"
#include "debug.h"

Go to the source code of this file.

Functions

int rpmLookupSignatureType (int action)

Return type of signature needed for signing/building.

const char * rpmDetectPGPVersion (pgpVersion *pgpVer)

Return path to pgp executable of given type, or NULL when not found.

static rpmRC printSize (FD_t fd, int siglen, int pad, int datalen)

Print package size.

rpmRC rpmReadSignature (FD_t fd, Header *sighp, sigType sig_type, const char **msg)

Read (and verify header+payload size) signature header.

int rpmWriteSignature (FD_t fd, Header sigh)

Write signature header.

Header rpmNewSignature (void)

Return new, empty (signature) header instance.

Header rpmFreeSignature (Header sigh)

Destroy signature header from package.

static int makePGPSignature (const char *file, int_32 *sigTagp, byte **pktp, int_32 *pktlenp, const char *passPhrase)

Generate PGP signature(s) for a header+payload file.

static int makeGPGSignature (const char *file, int_32 *sigTagp, byte **pktp, int_32 *pktlenp, const char *passPhrase)

Generate GPG signature(s) for a header+payload file.

static int makeHDRSignature (Header sigh, const char *file, int_32 sigTag, const char *passPhrase)

Generate header only signature(s) from a header+payload file.

int rpmAddSignature (Header sigh, const char *file, int_32 sigTag, const char *passPhrase)

Generate signature(s) from a header+payload file, save in signature header.

static int checkPassPhrase (const char *passPhrase, const int sigTag)

char * rpmGetPassPhrase (const char *prompt, const int sigTag)

Read a pass phrase using getpass(3), confirm with gpg/pgp helper binaries.

static const char * rpmSigString (rpmRC res)

static rpmRC verifySizeSignature (const rpmts ts, char *t)

static rpmRC verifyMD5Signature (const rpmts ts, char *t, DIGEST_CTX md5ctx)

static rpmRC verifySHA1Signature (const rpmts ts, char *t, DIGEST_CTX sha1ctx)

Verify header immutable region SHA1 digest.

static unsigned char nibble (char c)

Convert hex to binary nibble.

static rpmRC verifyRSASignature (rpmts ts, char *t, DIGEST_CTX md5ctx)

Verify RSA signature.

static rpmRC verifyDSASignature (rpmts ts, char *t, DIGEST_CTX sha1ctx)

Verify DSA signature.

rpmRC rpmVerifySignature (const rpmts ts, char *result)

Verify a signature from a package.

Variables

char ** environ = NULL

static unsigned char header_magic [8]

Detailed Description

Definition in file signature.c.

Function Documentation

static int checkPassPhrase	(	const char *	passPhrase,
		const int	sigTag
	)			`[static]`

Definition at line 854 of file signature.c.

References _, dosetenv(), environ, errno, PGP_2, PGP_5, PGP_NOTDETECTED, PGP_UNKNOWN, rpmDetectPGPVersion(), RPMERR_EXEC, RPMERR_SIGGEN, rpmError, rpmExpand(), rpmIsVerbose, RPMSIGTAG_DSA, RPMSIGTAG_GPG, RPMSIGTAG_PGP, RPMSIGTAG_PGP5, RPMSIGTAG_RSA, strerror, and unsetenv().

Referenced by rpmGetPassPhrase().

static int makeGPGSignature	(	const char *	file,
		int_32 *	sigTagp,
		byte **	pktp,
		int_32 *	pktlenp,
		const char *	passPhrase
	)			`[static]`

Generate GPG signature(s) for a header+payload file.

Parameters:

file

header+payload file name

Return values:

	*sigTagp	signature tag
	*pktp	signature packet(s)
	*pktlenp	signature packet(s) length

Parameters:

passPhrase

private key pass phrase

Returns:: 0 on success, 1 on failure

Definition at line 544 of file signature.c.

References _, _free(), addMacro(), alloca(), delMacro(), dosetenv(), environ, errno, Fclose(), Ferror(), Fopen(), pgpFreeDig(), pgpNewDig(), pgpPrtPkts(), PGPPUBKEYALGO_DSA, PGPPUBKEYALGO_RSA, pgpDigParams_s::pubkey_algo, RPMERR_EXEC, RPMERR_SIGGEN, rpmError, rpmExpand(), RPMMESS_DEBUG, rpmMessage, RPMSIGTAG_DSA, RPMSIGTAG_GPG, RPMSIGTAG_MD5, RPMSIGTAG_PGP, RPMSIGTAG_PGP5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, pgpDig_s::signature, stpcpy(), strerror, timedRead, unsetenv(), and xmalloc().

Referenced by makeHDRSignature(), and rpmAddSignature().

static int makeHDRSignature	(	Header	sigh,
		const char *	file,
		int_32	sigTag,
		const char *	passPhrase
	)			`[static]`

Generate header only signature(s) from a header+payload file.

Parameters:

	sigh	signature header
	file	header+payload file name
	sigTag	type of signature(s) to add
	passPhrase	private key pass phrase

Returns:: 0 on success, -1 on failure

Definition at line 697 of file signature.c.

References _free(), Fclose(), Ferror(), Fopen(), header_magic, HEADER_MAGIC_YES, headerAddEntry(), headerFree(), headerFreeData(), headerGetEntry(), headerIsEntry(), headerRead(), headerWrite(), makeGPGSignature(), makePGPSignature(), makeTempFile(), PGPHASHALGO_SHA1, RPM_BIN_TYPE, RPM_STRING_TYPE, RPMDIGEST_NONE, rpmDigestFinal(), rpmDigestInit(), rpmDigestUpdate(), RPMSIGTAG_DSA, RPMSIGTAG_GPG, RPMSIGTAG_MD5, RPMSIGTAG_PGP, RPMSIGTAG_PGP5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, and RPMTAG_HEADERIMMUTABLE.

Referenced by rpmAddSignature().

static int makePGPSignature	(	const char *	file,
		int_32 *	sigTagp,
		byte **	pktp,
		int_32 *	pktlenp,
		const char *	passPhrase
	)			`[static]`

Generate PGP signature(s) for a header+payload file.

Parameters:

file

header+payload file name

Return values:

	*sigTagp	signature tag
	*pktp	signature packet(s)
	*pktlenp	signature packet(s) length

Parameters:

passPhrase

private key pass phrase

Returns:: 0 on success, 1 on failure

Definition at line 395 of file signature.c.

References _, _free(), addMacro(), alloca(), delMacro(), dosetenv(), environ, errno, Fclose(), Ferror(), Fopen(), PGP_2, PGP_5, PGP_NOTDETECTED, PGP_UNKNOWN, pgpFreeDig(), pgpNewDig(), pgpPrtPkts(), rpmDetectPGPVersion(), RPMERR_EXEC, RPMERR_SIGGEN, rpmError, rpmExpand(), RPMMESS_DEBUG, rpmMessage, pgpDig_s::signature, stpcpy(), strerror, timedRead, unsetenv(), and xmalloc().

Referenced by makeHDRSignature(), and rpmAddSignature().

static unsigned char nibble ( char c ) [inline, static]

Convert hex to binary nibble.

Parameters:

hex character

Returns:: binary nibble

Definition at line 1185 of file signature.c.

static rpmRC printSize	(	FD_t	fd,
		int	siglen,
		int	pad,
		int	datalen
	)			`[inline, static]`

Print package size.

Todo:: rpmio: use fdSize rather than fstat(2) to get file size.

Parameters:

	fd	package file handle
	siglen	signature header size
	pad	signature padding
	datalen	length of header+payload

Returns:: rpmRC return code

Definition at line 122 of file signature.c.

References _, Fileno(), RPMMESS_DEBUG, rpmMessage, RPMRC_FAIL, and RPMRC_OK.

Referenced by rpmReadSignature().

static const char* rpmSigString ( rpmRC res ) [static]

Definition at line 1018 of file signature.c.

References RPMRC_FAIL, RPMRC_NOKEY, RPMRC_NOTFOUND, RPMRC_NOTTRUSTED, and RPMRC_OK.

Referenced by verifyDSASignature(), verifyMD5Signature(), verifyRSASignature(), verifySHA1Signature(), and verifySizeSignature().

static rpmRC verifyDSASignature	(	rpmts	ts,
		char *	t,
		DIGEST_CTX	sha1ctx
	)			`[static]`

Verify DSA signature.

Parameters:

transaction set

Return values:

verbose success/failure text

Parameters:

sha1ctx

Returns:: RPMRC_OK on success

Definition at line 1390 of file signature.c.

References _, rpmop_s::count, pgpDig_s::g, pgpDigParams_s::hash, pgpDigParams_s::hash_algo, pgpDigParams_s::hashlen, pgpDig_s::hdrsha1ctx, pgpDig_s::hm, pgpDig_s::p, PGPHASHALGO_SHA1, pgpHexCvt(), PGPPUBKEYALGO_DSA, pgpDigParams_s::pubkey_algo, pgpDig_s::q, pgpDig_s::r, rpmDigestDup(), rpmDigestFinal(), rpmDigestUpdate(), RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), RPMSIGTAG_DSA, RPMSIGTAG_GPG, rpmswEnter(), rpmswExit(), RPMTS_OP_DIGEST, RPMTS_OP_SIGNATURE, rpmtsDig(), rpmtsFindPubkey(), rpmtsOp(), rpmtsSig(), rpmtsSiglen(), rpmtsSignature(), rpmtsSigtag(), pgpDig_s::s, pgpDig_s::sha1, pgpDig_s::sha1len, pgpDigParams_s::signhash16, pgpDigParams_s::signid, stpcpy(), pgpDigParams_s::version, and pgpDig_s::y.

Referenced by rpmVerifySignature().

static rpmRC verifyMD5Signature	(	const rpmts	ts,
		char *	t,
		DIGEST_CTX	md5ctx
	)			`[static]`

Definition at line 1072 of file signature.c.

References _, _free(), rpmop_s::count, pgpHexCvt(), rpmDigestDup(), rpmDigestFinal(), RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), rpmswEnter(), rpmswExit(), RPMTS_OP_DIGEST, rpmtsDig(), rpmtsOp(), rpmtsSig(), rpmtsSiglen(), and stpcpy().

Referenced by rpmVerifySignature().

static rpmRC verifyRSASignature	(	rpmts	ts,
		char *	t,
		DIGEST_CTX	md5ctx
	)			`[static]`

Verify RSA signature.

Parameters:

transaction set

Return values:

verbose success/failure text

Parameters:

md5ctx

Returns:: RPMRC_OK on success

Definition at line 1206 of file signature.c.

References _, _free(), pgpDig_s::c, rpmop_s::count, pgpDigParams_s::hash, pgpDigParams_s::hash_algo, pgpDigParams_s::hashlen, pgpDig_s::hdrmd5ctx, pgpDig_s::md5, pgpDig_s::md5len, pgpDig_s::nbytes, nibble(), PGPHASHALGO_HAVAL_5_160, PGPHASHALGO_MD2, PGPHASHALGO_MD5, PGPHASHALGO_RIPEMD160, PGPHASHALGO_SHA1, PGPHASHALGO_SHA256, PGPHASHALGO_SHA384, PGPHASHALGO_SHA512, PGPHASHALGO_TIGER192, pgpHexCvt(), PGPPUBKEYALGO_RSA, PGPSIGTYPE_BINARY, pgpDigParams_s::pubkey_algo, rpmDigestDup(), rpmDigestFinal(), rpmDigestUpdate(), RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), RPMSIGTAG_PGP, RPMSIGTAG_PGP5, RPMSIGTAG_RSA, rpmswEnter(), rpmswExit(), RPMTS_OP_DIGEST, RPMTS_OP_SIGNATURE, rpmtsDig(), rpmtsFindPubkey(), rpmtsOp(), rpmtsSig(), rpmtsSiglen(), rpmtsSignature(), rpmtsSigtag(), pgpDig_s::rsa_pk, pgpDig_s::rsahm, pgpDigParams_s::signhash16, pgpDigParams_s::signid, pgpDigParams_s::sigtype, stpcpy(), pgpDigParams_s::version, and xmalloc().

Referenced by rpmVerifySignature().

static rpmRC verifySHA1Signature	(	const rpmts	ts,
		char *	t,
		DIGEST_CTX	sha1ctx
	)			`[static]`

Verify header immutable region SHA1 digest.

Parameters:

transaction set

Return values:

verbose success/failure text

Parameters:

sha1ctx

Returns:: RPMRC_OK on success

Definition at line 1131 of file signature.c.

References _, _free(), rpmDigestDup(), rpmDigestFinal(), RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), rpmswEnter(), rpmswExit(), RPMTS_OP_DIGEST, rpmtsDig(), rpmtsOp(), rpmtsSig(), rpmtsSiglen(), and stpcpy().

Referenced by rpmVerifySignature().

static rpmRC verifySizeSignature	(	const rpmts	ts,
		char *	t
	)			`[static]`

Definition at line 1035 of file signature.c.

References _, pgpDig_s::nbytes, RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), rpmtsDig(), rpmtsSig(), and stpcpy().

Referenced by rpmVerifySignature().

Variable Documentation

char** environ = NULL

Definition at line 30 of file signature.c.

Referenced by checkPassPhrase(), main(), makeGPGSignature(), makePGPSignature(), open_dso(), rpmsqExecve(), and runScript().

unsigned char header_magic[8] [static]

Initial value:

 {
    0x8e, 0xad, 0xe8, 0x01, 0x00, 0x00, 0x00, 0x00
}

Definition at line 151 of file signature.c.

Generated on Fri Oct 12 08:44:55 2007 for rpm by

1.5.2


Functions
int	rpmLookupSignatureType (int action)
	Return type of signature needed for signing/building.
const char *	rpmDetectPGPVersion (pgpVersion *pgpVer)
	Return path to pgp executable of given type, or NULL when not found.
static rpmRC	printSize (FD_t fd, int siglen, int pad, int datalen)
	Print package size.
rpmRC	rpmReadSignature (FD_t fd, Header sighp, sigType sig_type, const char *msg)
	Read (and verify header+payload size) signature header.
int	rpmWriteSignature (FD_t fd, Header sigh)
	Write signature header.
Header	rpmNewSignature (void)
	Return new, empty (signature) header instance.
Header	rpmFreeSignature (Header sigh)
	Destroy signature header from package.
static int	makePGPSignature (const char file, int_32 sigTagp, byte *pktp, int_32 pktlenp, const char *passPhrase)
	Generate PGP signature(s) for a header+payload file.
static int	makeGPGSignature (const char file, int_32 sigTagp, byte *pktp, int_32 pktlenp, const char *passPhrase)
	Generate GPG signature(s) for a header+payload file.
static int	makeHDRSignature (Header sigh, const char file, int_32 sigTag, const char passPhrase)
	Generate header only signature(s) from a header+payload file.
int	rpmAddSignature (Header sigh, const char file, int_32 sigTag, const char passPhrase)
	Generate signature(s) from a header+payload file, save in signature header.
static int	checkPassPhrase (const char *passPhrase, const int sigTag)
char *	rpmGetPassPhrase (const char *prompt, const int sigTag)
	Read a pass phrase using getpass(3), confirm with gpg/pgp helper binaries.
static const char *	rpmSigString (rpmRC res)
static rpmRC	verifySizeSignature (const rpmts ts, char *t)
static rpmRC	verifyMD5Signature (const rpmts ts, char *t, DIGEST_CTX md5ctx)
static rpmRC	verifySHA1Signature (const rpmts ts, char *t, DIGEST_CTX sha1ctx)
	Verify header immutable region SHA1 digest.
static unsigned char	nibble (char c)
	Convert hex to binary nibble.
static rpmRC	verifyRSASignature (rpmts ts, char *t, DIGEST_CTX md5ctx)
	Verify RSA signature.
static rpmRC	verifyDSASignature (rpmts ts, char *t, DIGEST_CTX sha1ctx)
	Verify DSA signature.
rpmRC	rpmVerifySignature (const rpmts ts, char *result)
	Verify a signature from a package.
Variables
char **	environ = NULL
static unsigned char	header_magic [8]