rpm  4.5
Files | Typedefs | Enumerations | Functions
SIGNATURE.
Collaboration diagram for SIGNATURE.:

Files

file  rpmlib.h
 In Memoriam: Steve Taylor stayl.nosp@m.or@r.nosp@m.edhat.nosp@m..com was here, now he's not.
 
file  signature.c
 
file  signature.h
 Generate and verify signatures.
 
file  digest.c
 
file  rpmpgp.c
 Routines to handle RFC-2440 detached signatures.
 

Typedefs

typedef enum sigType_e sigType
 Signature types stored in rpm lead.
 
typedef enum pgpVersion_e pgpVersion
 Identify PGP versions.
 

Enumerations

enum  sigType_e { RPMSIGTYPE_HEADERSIG = 5 }
 Signature types stored in rpm lead. More...
 
enum  pgpVersion_e { PGP_NOTDETECTED = -1, PGP_UNKNOWN = 0, PGP_2 = 2, PGP_5 = 5 }
 Identify PGP versions. More...
 

Functions

Header rpmNewSignature (void)
 Return new, empty (signature) header instance.
 
rpmRC rpmReadSignature (FD_t fd, Header *sighp, sigType sig_type, const char **msg)
 Read (and verify header+payload size) signature header.
 
int rpmWriteSignature (FD_t fd, Header sigh)
 Write signature header.
 
int rpmAddSignature (Header sigh, const char *file, int_32 sigTag, const char *passPhrase)
 Generate signature(s) from a header+payload file, save in signature header.
 
int rpmLookupSignatureType (int action)
 Return type of signature needed for signing/building.
 
char * rpmGetPassPhrase (const char *prompt, const int sigTag)
 Read a pass phrase using getpass(3), confirm with gpg/pgp helper binaries.
 
const char * rpmDetectPGPVersion (pgpVersion *pgpVer)
 Return path to pgp executable of given type, or NULL when not found.
 

RPMK

enum  rpmtagSignature {
  RPMSIGTAG_SIZE = 1000, RPMSIGTAG_LEMD5_1 = 1001, RPMSIGTAG_PGP = 1002, RPMSIGTAG_LEMD5_2 = 1003,
  RPMSIGTAG_MD5 = 1004, RPMSIGTAG_GPG = 1005, RPMSIGTAG_PGP5 = 1006, RPMSIGTAG_PAYLOADSIZE = 1007,
  RPMSIGTAG_BADSHA1_1 = RPMTAG_BADSHA1_1, RPMSIGTAG_BADSHA1_2 = RPMTAG_BADSHA1_2, RPMSIGTAG_SHA1 = RPMTAG_SHA1HEADER, RPMSIGTAG_DSA = RPMTAG_DSAHEADER,
  RPMSIGTAG_RSA = RPMTAG_RSAHEADER, RPMSIGTAG_PADDING = 0x3fffffff
}
 Tags found in signature header from package. More...
 
rpmRC rpmVerifySignature (const rpmts ts, char *result)
 Verify a signature from a package.
 
Header rpmFreeSignature (Header sigh)
 Destroy signature header from package.
 

Detailed Description

Typedef Documentation

typedef enum pgpVersion_e pgpVersion

Identify PGP versions.

Note
Greater than 0 is a valid PGP version.
typedef enum sigType_e sigType

Signature types stored in rpm lead.

Enumeration Type Documentation

Identify PGP versions.

Note
Greater than 0 is a valid PGP version.
Enumerator:
PGP_NOTDETECTED 
PGP_UNKNOWN 
PGP_2 
PGP_5 

Definition at line 22 of file signature.h.

Tags found in signature header from package.

Enumerator:
RPMSIGTAG_SIZE 

internal Header+Payload size in bytes.

RPMSIGTAG_LEMD5_1 

internal Broken MD5, take 1

Deprecated:
legacy.
RPMSIGTAG_PGP 

internal PGP 2.6.3 signature.

RPMSIGTAG_LEMD5_2 

internal Broken MD5, take 2

Deprecated:
legacy.
RPMSIGTAG_MD5 

internal MD5 signature.

RPMSIGTAG_GPG 

internal GnuPG signature.

RPMSIGTAG_PGP5 

internal PGP5 signature

Deprecated:
legacy.
RPMSIGTAG_PAYLOADSIZE 

internal uncompressed payload size in bytes.

RPMSIGTAG_BADSHA1_1 

internal Broken SHA1, take 1.

RPMSIGTAG_BADSHA1_2 

internal Broken SHA1, take 2.

RPMSIGTAG_SHA1 

internal sha1 header digest.

RPMSIGTAG_DSA 

internal DSA header signature.

RPMSIGTAG_RSA 

internal RSA header signature.

RPMSIGTAG_PADDING 

signature header padding

Definition at line 1048 of file rpmlib.h.

enum sigType_e

Signature types stored in rpm lead.

Enumerator:
RPMSIGTYPE_HEADERSIG 

Header style signature

Definition at line 14 of file signature.h.

Function Documentation

int rpmAddSignature ( Header  sigh,
const char *  file,
int_32  sigTag,
const char *  passPhrase 
)

Generate signature(s) from a header+payload file, save in signature header.

Parameters
sighsignature header
fileheader+payload file name
sigTagtype of signature(s) to add
passPhraseprivate key pass phrase
Returns
0 on success, -1 on failure

Definition at line 800 of file signature.c.

References alloca(), dodigest(), headerAddEntry(), makeGPGSignature(), makeHDRSignature(), makePGPSignature(), PGPHASHALGO_MD5, RPM_BIN_TYPE, RPM_INT32_TYPE, RPMSIGTAG_DSA, RPMSIGTAG_GPG, RPMSIGTAG_MD5, RPMSIGTAG_PGP, RPMSIGTAG_PGP5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, and RPMSIGTAG_SIZE.

Referenced by rpmReSign(), and writeRPM().

const char* rpmDetectPGPVersion ( pgpVersion pgpVer)

Return path to pgp executable of given type, or NULL when not found.

Return values
pgpVerpgp version
Returns
path to pgp executable

Definition at line 69 of file signature.c.

References _free(), alloca(), PGP_2, PGP_5, PGP_NOTDETECTED, PGP_UNKNOWN, rpmGetPath(), and stpcpy().

Referenced by checkPassPhrase(), main(), and makePGPSignature().

Header rpmFreeSignature ( Header  sigh)

Destroy signature header from package.

Parameters
sighsignature header
Returns
NULL always

Definition at line 381 of file signature.c.

References headerFree().

Referenced by rpmpsmStage(), rpmReadPackageFile(), rpmReSign(), rpmVerifySignatures(), and writeRPM().

char* rpmGetPassPhrase ( const char *  prompt,
const int  sigTag 
)

Read a pass phrase using getpass(3), confirm with gpg/pgp helper binaries.

Parameters
promptuser prompt
sigTagsignature type/tag
Returns
pass phrase

Definition at line 964 of file signature.c.

References _, _free(), checkPassPhrase(), Getpass, name, RPMERR_SIGGEN, rpmError, rpmExpand(), RPMSIGTAG_DSA, RPMSIGTAG_GPG, RPMSIGTAG_PGP, RPMSIGTAG_PGP5, and RPMSIGTAG_RSA.

Referenced by main().

int rpmLookupSignatureType ( int  action)

Return type of signature needed for signing/building.

Parameters
actionenable/disable/query action
Returns
sigTag to use, 0 if none, -1 on error

Definition at line 29 of file signature.c.

References _free(), name, rpmExpand(), RPMLOOKUPSIG_DISABLE, RPMLOOKUPSIG_ENABLE, RPMLOOKUPSIG_QUERY, RPMSIGTAG_GPG, RPMSIGTAG_PGP, and xstrcasecmp().

Referenced by main(), rpmReSign(), and writeRPM().

Header rpmNewSignature ( void  )

Return new, empty (signature) header instance.

Returns
signature header

Definition at line 375 of file signature.c.

References headerNew().

Referenced by headerRegenSigHeader(), and writeRPM().

rpmRC rpmReadSignature ( FD_t  fd,
Header sighp,
sigType  sig_type,
const char **  msg 
)

Read (and verify header+payload size) signature header.

If an old-style signature is found, we emulate a new style one.

Parameters
fdfile handle
Return values
sighpaddress of (signature) header (or NULL)
Parameters
sig_typetype of signature header to read (from lead)
Return values
msgfailure msg
Returns
rpmRC return code

Definition at line 154 of file signature.c.

References _, alloca(), block(), entryInfo_s::count, headerToken_s::flags, header_magic, HEADER_MAGIC_YES, HEADERFLAG_ALLOCATED, headerFree(), headerGetEntry(), headerLink(), headerLoad(), headerSizeof(), headerVerifyInfo(), indexEntry_s::info, entryInfo_s::offset, printSize(), REGION_TAG_COUNT, RPM_BIN_TYPE, RPMRC_FAIL, RPMRC_OK, RPMSIGTAG_SIZE, RPMSIGTYPE_HEADERSIG, RPMTAG_HEADERIMAGE, RPMTAG_HEADERSIGNATURES, snprintf(), entryInfo_s::tag, timedRead(), entryInfo_s::type, xmalloc(), and xstrdup().

Referenced by rpmReadPackageFile(), rpmReSign(), and rpmVerifySignatures().

rpmRC rpmVerifySignature ( const rpmts  ts,
char *  result 
)

Verify a signature from a package.

This needs the following variables from the transaction set:

  • ts->sigtag type of signature
  • ts->sig signature itself (from signature header)
  • ts->siglen no. of bytes in signature
  • ts->dig signature/pubkey parameters (malloc'd workspace)
Parameters
tstransaction set
Return values
resultdetailed text result of signature verification
Returns
result of signature verification

Definition at line 1490 of file signature.c.

References _, pgpDigParams_s::hash_algo, pgpDig_s::hdrmd5ctx, pgpDig_s::hdrsha1ctx, pgpDig_s::md5ctx, PGPHASHALGO_MD5, RPMRC_NOTFOUND, RPMSIGTAG_DSA, RPMSIGTAG_GPG, RPMSIGTAG_LEMD5_1, RPMSIGTAG_LEMD5_2, RPMSIGTAG_MD5, RPMSIGTAG_PGP, RPMSIGTAG_PGP5, RPMSIGTAG_RSA, RPMSIGTAG_SHA1, RPMSIGTAG_SIZE, rpmtsDig(), rpmtsSig(), rpmtsSiglen(), rpmtsSigtag(), pgpDig_s::sha1ctx, pgpDig_s::signature, verifyDSASignature(), verifyMD5Signature(), verifyRSASignature(), verifySHA1Signature(), and verifySizeSignature().

Referenced by headerCheck(), rpmReadPackageFile(), and rpmVerifySignatures().

int rpmWriteSignature ( FD_t  fd,
Header  sigh 
)

Write signature header.

Parameters
fdfile handle
sigh(signature) header
Returns
0 on success, 1 on error

Definition at line 353 of file signature.c.

References D_, Fwrite(), HEADER_MAGIC_YES, headerSizeof(), headerWrite(), RPMMESS_DEBUG, and rpmMessage.

Referenced by rpmpsmStage(), rpmReSign(), and writeRPM().