rpm  5.4.10
Macros | Functions
signature.c File Reference
#include "system.h"
#include <rpmio.h>
#include <rpmurl.h>
#include <rpmcb.h>
#include <rpmpgp.h>
#include <rpmmacro.h>
#include <rpmhkp.h>
#include <rpmku.h>
#include <rpmtag.h>
#include "rpmdb.h"
#include <pkgio.h>
#include "legacy.h"
#include "signature.h"
#include "debug.h"
Include dependency graph for signature.c:

Go to the source code of this file.

Macros

#define _RPMPGP_INTERNAL
 

Functions

int rpmTempFile (const char *prefix, const char **fnptr, void *fdptr)
 Return file handle for a temporaray file. More...
 
static int makeGPGSignature (const char *file, rpmSigTag *sigTagp, rpmuint8_t **pktp, rpmuint32_t *pktlenp, const char *passPhrase)
 Generate GPG signature(s) for a header+payload file. More...
 
static int makeHDRSignature (Header sigh, const char *file, rpmSigTag sigTag, const char *passPhrase)
 Generate header only signature(s) from a header+payload file. More...
 
int rpmAddSignature (Header sigh, const char *file, rpmSigTag sigTag, const char *passPhrase)
 Generate signature(s) from a header+payload file, save in signature header. More...
 
int rpmCheckPassPhrase (const char *passPhrase)
 Check for valid pass phrase by invoking a helper. More...
 
static const char * rpmSigString (rpmRC res)
 
static rpmRC verifySize (const pgpDig dig, char *t)
 
static rpmRC verifyMD5 (pgpDig dig, char *t, DIGEST_CTX md5ctx)
 
static rpmRC verifySHA1 (pgpDig dig, char *t, DIGEST_CTX shactx)
 Verify header immutable region SHA-1 digest. More...
 
static rpmRC verifyRSA (pgpDig dig, char *t, DIGEST_CTX rsactx)
 Verify RSA signature. More...
 
static rpmRC verifyDSA (pgpDig dig, char *t, DIGEST_CTX dsactx)
 Verify DSA signature. More...
 
rpmRC rpmVerifySignature (void *_dig, char *result)
 Verify a signature from a package. More...
 

Macro Definition Documentation

§ _RPMPGP_INTERNAL

#define _RPMPGP_INTERNAL

Definition at line 10 of file signature.c.

Function Documentation

§ makeGPGSignature()

static int makeGPGSignature ( const char *  file,
rpmSigTag sigTagp,
rpmuint8_t **  pktp,
rpmuint32_t pktlenp,
const char *  passPhrase 
)
static

Generate GPG signature(s) for a header+payload file.

Parameters
fileheader+payload file name
Return values
*sigTagpsignature tag
*pktpsignature packet(s)
*pktlenpsignature packet(s) length
Parameters
passPhraseprivate key pass phrase
Returns
0 on success, 1 on failure

Definition at line 148 of file signature.c.

References _, _free(), addMacro(), alloca(), D_, delMacro(), environ, errno, EXIT_FAILURE, Fclose(), Ferror(), Fopen(), Fread(), pgpDigFree(), pgpDigNew(), pgpGetSignature(), pgpPrtPkts(), PGPPUBKEYALGO_DSA, PGPPUBKEYALGO_RSA, rpmExpand(), rpmkuPassPhrase(), rpmlog(), RPMLOG_DEBUG, RPMLOG_ERR, RPMSIGTAG_DSA, RPMSIGTAG_MD5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, RPMVSF_DEFAULT, setenv(), Stat(), stpcpy(), Unlink(), unsetenv(), and xmalloc.

Referenced by makeHDRSignature().

§ makeHDRSignature()

static int makeHDRSignature ( Header  sigh,
const char *  file,
rpmSigTag  sigTag,
const char *  passPhrase 
)
static

Generate header only signature(s) from a header+payload file.

Parameters
sighsignature header
fileheader+payload file name
sigTagtype of signature(s) to add
passPhraseprivate key pass phrase
Returns
0 on success, -1 on failure

Definition at line 299 of file signature.c.

References _free(), alloca(), _HE_s::c, Fclose(), Ferror(), Fopen(), headerFree(), headerGet(), headerGetMagic(), headerIsEntry(), headerPut(), makeGPGSignature(), _HE_s::p, PGPHASHALGO_SHA1, rpmDataType_u::ptr, RPM_BIN_TYPE, RPM_STRING_TYPE, RPMDIGEST_NONE, rpmDigestFinal(), rpmDigestInit(), rpmDigestUpdate(), rpmlog(), RPMLOG_ERR, rpmpkgRead(), rpmpkgWrite(), RPMRC_OK, RPMSIGTAG_DSA, RPMSIGTAG_GPG, RPMSIGTAG_MD5, RPMSIGTAG_PGP, RPMSIGTAG_PGP5, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, RPMTAG_HEADERIMMUTABLE, rpmTempFile(), rpmDataType_u::str, _HE_s::t, _HE_s::tag, and Unlink().

Referenced by rpmAddSignature().

§ rpmAddSignature()

int rpmAddSignature ( Header  sigh,
const char *  file,
rpmSigTag  sigTag,
const char *  passPhrase 
)

Generate signature(s) from a header+payload file, save in signature header.

Parameters
sighsignature header
fileheader+payload file name
sigTagtype of signature(s) to add
passPhraseprivate key pass phrase
Returns
0 on success, -1 on failure

Definition at line 433 of file signature.c.

References alloca(), _HE_s::c, dodigest(), headerPut(), makeHDRSignature(), _HE_s::p, PGPHASHALGO_MD5, rpmDataType_u::ptr, RPM_BIN_TYPE, RPM_UINT32_TYPE, RPMSIGTAG_DSA, RPMSIGTAG_GPG, RPMSIGTAG_MD5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, Stat(), _HE_s::t, _HE_s::tag, and rpmDataType_u::ui32p.

Referenced by rpmReSign(), and writeRPM().

§ rpmCheckPassPhrase()

int rpmCheckPassPhrase ( const char *  passPhrase)

Check for valid pass phrase by invoking a helper.

Parameters
passPhrasepass phrase
Returns
0 on valid, 1 on invalid

Definition at line 489 of file signature.c.

References _, _free(), environ, errno, rpmExpand(), rpmIsVerbose, rpmkuPassPhrase(), rpmlog(), RPMLOG_ERR, setenv(), and unsetenv().

Referenced by main().

§ rpmSigString()

static const char* rpmSigString ( rpmRC  res)
static

§ rpmTempFile()

int rpmTempFile ( const char *  prefix,
const char **  fnptr,
void *  fdptr 
)

Return file handle for a temporaray file.

A unique temporaray file path will be generated using rpmGenPath(prefix, "%{_tmppath}/", "rpm-tmp.XXXXX") where "XXXXXX" is filled in using rand(3). The file is opened, and the link count and (dev,ino) location are verified after opening. The file name and the open file handle are returned.

Parameters
prefixleading part of temp file path
Return values
*fnptrtemp file name (or NULL)
*fdptrtemp file handle
Returns
0 on success

Definition at line 30 of file signature.c.

References _, _free(), errno, Fclose(), Ferror(), Fileno(), Fopen(), rpmGenPath(), rpmioMkpath(), rpmlog(), RPMLOG_ERR, S_ISLNK, URL_IS_DASH, URL_IS_FTP, URL_IS_HKP, URL_IS_HTTP, URL_IS_HTTPS, URL_IS_MONGO, URL_IS_PATH, URL_IS_UNKNOWN, and urlPath().

Referenced by makeHDRSignature(), manageFile(), runScript(), and writeRPM().

§ rpmVerifySignature()

rpmRC rpmVerifySignature ( void *  _dig,
char *  result 
)

Verify a signature from a package.

Parameters
_digcontainer
Return values
resultdetailed text result of signature verification
Returns
result of signature verification

Definition at line 941 of file signature.c.

References _, pgpGetSig(), pgpGetSiglen(), pgpGetSigtag(), RPMRC_NOTFOUND, RPMSIGTAG_DSA, RPMSIGTAG_MD5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, verifyDSA(), verifyMD5(), verifyRSA(), verifySHA1(), and verifySize().

Referenced by headerCheck(), rpmReadPackageFile(), and rpmVerifySignatures().

§ verifyDSA()

static rpmRC verifyDSA ( pgpDig  dig,
char *  t,
DIGEST_CTX  dsactx 
)
static

Verify DSA signature.

Parameters
digcontainer
Return values
tverbose success/failure text
Parameters
dsactxDSA digest context
Returns
RPMRC_OK on success

Definition at line 842 of file signature.c.

References _, rpmop_s::count, pgpFindPubkey(), pgpGetSig(), pgpGetSiglen(), pgpGetSignature(), pgpGetSigtag(), pgpHexCvt(), pgpImplSetDSA(), pgpImplVerify(), PGPPUBKEYALGO_DSA, pgpStatsAccumulator(), rpmDigestAlgo(), rpmDigestDup(), rpmDigestName(), rpmDigestUpdate(), RPMRC_FAIL, RPMRC_OK, rpmSigString(), RPMSIGTAG_DSA, rpmswEnter(), rpmswExit(), and stpcpy().

Referenced by rpmVerifySignature().

§ verifyMD5()

static rpmRC verifyMD5 ( pgpDig  dig,
char *  t,
DIGEST_CTX  md5ctx 
)
static

§ verifyRSA()

static rpmRC verifyRSA ( pgpDig  dig,
char *  t,
DIGEST_CTX  rsactx 
)
static

Verify RSA signature.

Parameters
digcontainer
Return values
tverbose success/failure text
Parameters
rsactxRSA digest context
Returns
RPMRC_OK on success

Definition at line 740 of file signature.c.

References _, rpmop_s::count, pgpFindPubkey(), pgpGetSig(), pgpGetSiglen(), pgpGetSignature(), pgpGetSigtag(), pgpHexCvt(), pgpImplSetRSA(), pgpImplVerify(), PGPPUBKEYALGO_RSA, pgpStatsAccumulator(), rpmDigestAlgo(), rpmDigestDup(), rpmDigestName(), rpmDigestUpdate(), RPMRC_FAIL, RPMRC_OK, rpmSigString(), RPMSIGTAG_RSA, rpmswEnter(), rpmswExit(), and stpcpy().

Referenced by rpmVerifySignature().

§ verifySHA1()

static rpmRC verifySHA1 ( pgpDig  dig,
char *  t,
DIGEST_CTX  shactx 
)
static

Verify header immutable region SHA-1 digest.

Parameters
digcontainer
Return values
tverbose success/failure text
Parameters
shactxSHA-1 digest context
Returns
RPMRC_OK on success

Definition at line 675 of file signature.c.

References _, _free(), pgpGetSig(), pgpGetSiglen(), pgpStatsAccumulator(), rpmDigestDup(), rpmDigestFinal(), rpmDigestName(), RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), rpmswEnter(), rpmswExit(), and stpcpy().

Referenced by rpmVerifySignature().

§ verifySize()

static rpmRC verifySize ( const pgpDig  dig,
char *  t 
)
static

Definition at line 580 of file signature.c.

References _, pgpGetSig(), RPMRC_FAIL, RPMRC_NOKEY, RPMRC_OK, rpmSigString(), and stpcpy().

Referenced by rpmVerifySignature().