rpm
5.4.15
|
#include "system.h"
#include <rpmio.h>
#include <rpmurl.h>
#include <rpmcb.h>
#include <rpmpgp.h>
#include <rpmmacro.h>
#include <rpmhkp.h>
#include <rpmku.h>
#include <rpmtag.h>
#include "rpmdb.h"
#include <pkgio.h>
#include "legacy.h"
#include "signature.h"
#include "debug.h"
Go to the source code of this file.
Macros | |
#define | _RPMPGP_INTERNAL |
Functions | |
int | rpmTempFile (const char *prefix, const char **fnptr, void *fdptr) |
Return file handle for a temporaray file. More... | |
static int | makeGPGSignature (const char *file, rpmSigTag *sigTagp, rpmuint8_t **pktp, rpmuint32_t *pktlenp, const char *passPhrase) |
Generate GPG signature(s) for a header+payload file. More... | |
static int | makeHDRSignature (Header sigh, const char *file, rpmSigTag sigTag, const char *passPhrase) |
Generate header only signature(s) from a header+payload file. More... | |
int | rpmAddSignature (Header sigh, const char *file, rpmSigTag sigTag, const char *passPhrase) |
Generate signature(s) from a header+payload file, save in signature header. More... | |
int | rpmCheckPassPhrase (const char *passPhrase) |
Check for valid pass phrase by invoking a helper. More... | |
static const char * | rpmSigString (rpmRC res) |
static rpmRC | verifySize (const pgpDig dig, char *t) |
static rpmRC | verifyMD5 (pgpDig dig, char *t, DIGEST_CTX md5ctx) |
static rpmRC | verifySHA1 (pgpDig dig, char *t, DIGEST_CTX shactx) |
Verify header immutable region SHA-1 digest. More... | |
static rpmRC | verifyRSA (pgpDig dig, char *t, DIGEST_CTX hrsa) |
Verify RSA signature. More... | |
static rpmRC | verifyDSA (pgpDig dig, char *t, DIGEST_CTX hdsa) |
Verify DSA signature. More... | |
static rpmRC | verifyECDSA (pgpDig dig, char *t, DIGEST_CTX hecdsa) |
Verify ECDSA signature. More... | |
rpmRC | rpmVerifySignature (void *_dig, char *result) |
Verify a signature from a package. More... | |
#define _RPMPGP_INTERNAL |
Definition at line 10 of file signature.c.
|
static |
Generate GPG signature(s) for a header+payload file.
file | header+payload file name |
*sigTagp | signature tag |
*pktp | signature packet(s) |
*pktlenp | signature packet(s) length |
passPhrase | private key pass phrase |
Definition at line 148 of file signature.c.
References _, _free(), addMacro(), alloca(), cmd, D_, delMacro(), environ, errno, EXIT_FAILURE, Fclose(), Ferror(), Fopen(), Fread(), pgpDigFree(), pgpDigNew(), pgpGetSignature(), pgpPrtPkts(), PGPPUBKEYALGO_DSA, PGPPUBKEYALGO_RSA, rpmExpand(), rpmkuPassPhrase(), rpmlog(), RPMLOG_DEBUG, RPMLOG_ERR, RPMSIGTAG_DSA, RPMSIGTAG_ECDSA, RPMSIGTAG_MD5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, RPMVSF_DEFAULT, setenv(), Stat(), stpcpy(), Unlink(), unsetenv(), and xmalloc.
Referenced by makeHDRSignature().
|
static |
Generate header only signature(s) from a header+payload file.
sigh | signature header |
file | header+payload file name |
sigTag | type of signature(s) to add |
passPhrase | private key pass phrase |
Definition at line 302 of file signature.c.
References _free(), alloca(), _HE_s::c, Fclose(), Ferror(), Fopen(), headerFree(), headerGet(), headerGetMagic(), headerIsEntry(), headerPut(), makeGPGSignature(), _HE_s::p, PGPHASHALGO_SHA1, rpmDataType_u::ptr, RPM_BIN_TYPE, RPM_STRING_TYPE, RPMDIGEST_NONE, rpmDigestFinal(), rpmDigestInit(), rpmDigestUpdate(), rpmlog(), RPMLOG_ERR, rpmpkgRead(), rpmpkgWrite(), RPMRC_OK, RPMSIGTAG_DSA, RPMSIGTAG_ECDSA, RPMSIGTAG_GPG, RPMSIGTAG_MD5, RPMSIGTAG_PGP, RPMSIGTAG_PGP5, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, RPMTAG_HEADERIMMUTABLE, rpmTempFile(), rpmDataType_u::str, _HE_s::t, _HE_s::tag, and Unlink().
Referenced by rpmAddSignature().
Generate signature(s) from a header+payload file, save in signature header.
sigh | signature header |
file | header+payload file name |
sigTag | type of signature(s) to add |
passPhrase | private key pass phrase |
Definition at line 477 of file signature.c.
References alloca(), _HE_s::c, dodigest(), headerPut(), makeHDRSignature(), _HE_s::p, PGPHASHALGO_MD5, rpmDataType_u::ptr, RPM_BIN_TYPE, RPM_UINT32_TYPE, RPMSIGTAG_DSA, RPMSIGTAG_ECDSA, RPMSIGTAG_GPG, RPMSIGTAG_MD5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, Stat(), _HE_s::t, _HE_s::tag, and rpmDataType_u::ui32p.
Referenced by rpmReSign(), and writeRPM().
int rpmCheckPassPhrase | ( | const char * | passPhrase | ) |
Check for valid pass phrase by invoking a helper.
passPhrase | pass phrase |
Definition at line 534 of file signature.c.
References _, _free(), cmd, environ, errno, rpmExpand(), rpmIsVerbose, rpmkuPassPhrase(), rpmlog(), RPMLOG_ERR, setenv(), and unsetenv().
Referenced by main().
|
static |
Definition at line 609 of file signature.c.
References RPMRC_FAIL, RPMRC_NOKEY, RPMRC_NOSIG, RPMRC_NOTFOUND, RPMRC_NOTTRUSTED, RPMRC_OK, and str.
Referenced by verifyDSA(), verifyECDSA(), verifyMD5(), verifyRSA(), verifySHA1(), and verifySize().
int rpmTempFile | ( | const char * | prefix, |
const char ** | fnptr, | ||
void * | fdptr | ||
) |
Return file handle for a temporaray file.
A unique temporaray file path will be generated using rpmGenPath(prefix, "%{_tmppath}/", "rpm-tmp.XXXXX") where "XXXXXX" is filled in using rand(3). The file is opened, and the link count and (dev,ino) location are verified after opening. The file name and the open file handle are returned.
prefix | leading part of temp file path |
*fnptr | temp file name (or NULL) |
*fdptr | temp file handle |
Definition at line 30 of file signature.c.
References _, _free(), errno, Fclose(), Ferror(), Fileno(), Fopen(), rpmGenPath(), rpmioMkpath(), rpmlog(), RPMLOG_ERR, S_ISLNK, time, URL_IS_DASH, URL_IS_FTP, URL_IS_HKP, URL_IS_HTTP, URL_IS_HTTPS, URL_IS_MONGO, URL_IS_PATH, URL_IS_UNKNOWN, and urlPath().
Referenced by makeHDRSignature(), manageFile(), runScript(), and writeRPM().
rpmRC rpmVerifySignature | ( | void * | _dig, |
char * | result | ||
) |
Verify a signature from a package.
_dig | container |
result | detailed text result of signature verification |
Definition at line 1094 of file signature.c.
References _, _rpmhkp_debug, pgpGetPubkey(), pgpGetSig(), pgpGetSiglen(), pgpGetSignature(), pgpGetSigtag(), PGPPUBKEYALGO_DSA, PGPPUBKEYALGO_ECDSA, PGPPUBKEYALGO_RSA, RPMRC_NOTFOUND, RPMSIGTAG_DSA, RPMSIGTAG_ECDSA, RPMSIGTAG_MD5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, verifyDSA(), verifyECDSA(), verifyMD5(), verifyRSA(), verifySHA1(), and verifySize().
Referenced by headerCheck(), rpmReadPackageFile(), and rpmVerifySignatures().
|
static |
Verify DSA signature.
dig | container |
t | verbose success/failure text |
hdsa | DSA digest context |
Definition at line 889 of file signature.c.
References _, _rpmhkp_debug, rpmop_s::count, op, pgpFindPubkey(), pgpGetSig(), pgpGetSiglen(), pgpGetSignature(), pgpGetSigtag(), pgpHexCvt(), pgpImplSetDSA(), pgpImplVerify(), PGPPUBKEYALGO_DSA, pgpStatsAccumulator(), rpmDigestAlgo(), rpmDigestDup(), rpmDigestName(), rpmDigestUpdate(), RPMRC_FAIL, RPMRC_OK, rpmSigString(), RPMSIGTAG_DSA, rpmswEnter(), rpmswExit(), and stpcpy().
Referenced by rpmVerifySignature().
|
static |
Verify ECDSA signature.
dig | container |
t | verbose success/failure text |
hecdsa | ECDSA digest context |
Definition at line 995 of file signature.c.
References _, _rpmhkp_debug, rpmop_s::count, op, pgpFindPubkey(), pgpGetSig(), pgpGetSiglen(), pgpGetSignature(), pgpGetSigtag(), pgpHexCvt(), pgpImplSetECDSA(), pgpImplVerify(), PGPPUBKEYALGO_ECDSA, pgpStatsAccumulator(), rpmDigestAlgo(), rpmDigestDup(), rpmDigestName(), rpmDigestUpdate(), RPMRC_FAIL, RPMRC_OK, rpmSigString(), RPMSIGTAG_ECDSA, rpmswEnter(), rpmswExit(), and stpcpy().
Referenced by rpmVerifySignature().
|
static |
Definition at line 659 of file signature.c.
References _, _free(), rpmop_s::count, op, pgpGetSig(), pgpGetSiglen(), pgpHexCvt(), pgpStatsAccumulator(), rpmDigestDup(), rpmDigestFinal(), rpmDigestName(), RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), rpmswEnter(), rpmswExit(), and stpcpy().
Referenced by rpmVerifySignature().
|
static |
Verify RSA signature.
dig | container |
t | verbose success/failure text |
hrsa | RSA digest context |
Definition at line 786 of file signature.c.
References _, _rpmhkp_debug, rpmop_s::count, op, pgpFindPubkey(), pgpGetSig(), pgpGetSiglen(), pgpGetSignature(), pgpGetSigtag(), pgpHexCvt(), pgpImplSetRSA(), pgpImplVerify(), PGPPUBKEYALGO_RSA, pgpStatsAccumulator(), rpmDigestAlgo(), rpmDigestDup(), rpmDigestName(), rpmDigestUpdate(), RPMRC_FAIL, RPMRC_OK, rpmSigString(), RPMSIGTAG_RSA, rpmswEnter(), rpmswExit(), and stpcpy().
Referenced by rpmVerifySignature().
|
static |
Verify header immutable region SHA-1 digest.
dig | container |
t | verbose success/failure text |
shactx | SHA-1 digest context |
Definition at line 721 of file signature.c.
References _, _free(), op, pgpGetSig(), pgpGetSiglen(), pgpStatsAccumulator(), rpmDigestDup(), rpmDigestFinal(), rpmDigestName(), RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), rpmswEnter(), rpmswExit(), and stpcpy().
Referenced by rpmVerifySignature().
Definition at line 626 of file signature.c.
References _, pgpGetSig(), RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), size, and stpcpy().
Referenced by rpmVerifySignature().