1996-02-19 10:32:11 +08:00
|
|
|
/* signature.c - RPM signature functions */
|
|
|
|
|
|
|
|
|
|
/* NOTES
|
|
|
|
|
*
|
1996-06-20 11:10:44 +08:00
|
|
|
* Things have been cleaned up wrt PGP. We can now handle
|
|
|
|
|
* signatures of any length (which means you can use any
|
|
|
|
|
* size key you like). We also honor PGPPATH finally.
|
1996-02-19 10:32:11 +08:00
|
|
|
*/
|
|
|
|
|
|
1998-07-26 05:00:26 +08:00
|
|
|
#include "system.h"
|
1997-01-18 00:22:08 +08:00
|
|
|
|
|
|
|
|
#if HAVE_ASM_BYTEORDER_H
|
1996-09-26 03:16:34 +08:00
|
|
|
#include <asm/byteorder.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
1998-07-31 06:09:42 +08:00
|
|
|
#include "rpmlib.h"
|
1996-02-19 10:32:11 +08:00
|
|
|
|
1996-06-20 11:10:44 +08:00
|
|
|
#include "md5.h"
|
1997-01-18 00:22:08 +08:00
|
|
|
#include "misc.h"
|
1996-06-29 02:48:34 +08:00
|
|
|
#include "rpmlead.h"
|
1996-10-15 11:15:30 +08:00
|
|
|
#include "signature.h"
|
1996-02-19 10:32:11 +08:00
|
|
|
|
1998-11-25 03:30:38 +08:00
|
|
|
typedef int (*md5func)(const char * fn, unsigned char * digest);
|
1996-09-01 02:36:53 +08:00
|
|
|
|
1999-01-07 01:33:50 +08:00
|
|
|
static int makePGPSignature(const char *file, void **sig, int_32 *size,
|
|
|
|
|
const char *passPhrase);
|
1999-01-09 08:24:02 +08:00
|
|
|
static int makeGPGSignature(const char *file, void **sig, int_32 *size,
|
|
|
|
|
const char *passPhrase);
|
1998-11-19 05:41:05 +08:00
|
|
|
static int checkSize(FD_t fd, int size, int sigsize);
|
1999-01-07 01:33:50 +08:00
|
|
|
static int verifySizeSignature(const char *datafile, int_32 size, char *result);
|
|
|
|
|
static int verifyMD5Signature(const char *datafile, unsigned char *sig,
|
1996-09-01 02:36:53 +08:00
|
|
|
char *result, md5func fn);
|
1999-01-07 01:33:50 +08:00
|
|
|
static int verifyPGPSignature(const char *datafile, void *sig,
|
1996-07-08 11:27:05 +08:00
|
|
|
int count, char *result);
|
1999-01-09 08:24:02 +08:00
|
|
|
static int verifyGPGSignature(const char *datafile, void *sig,
|
|
|
|
|
int count, char *result);
|
|
|
|
|
static int checkPassPhrase(const char *passPhrase, const int sigType);
|
1996-02-19 10:32:11 +08:00
|
|
|
|
1996-11-19 02:02:36 +08:00
|
|
|
int rpmLookupSignatureType(void)
|
1996-06-20 11:10:44 +08:00
|
|
|
{
|
|
|
|
|
char *name;
|
|
|
|
|
|
1996-11-19 02:02:36 +08:00
|
|
|
if (! (name = rpmGetVar(RPMVAR_SIGTYPE))) {
|
1996-07-08 06:19:32 +08:00
|
|
|
return 0;
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
|
|
|
|
|
1999-01-09 08:24:02 +08:00
|
|
|
if (!strcasecmp(name, "none"))
|
1996-07-08 06:19:32 +08:00
|
|
|
return 0;
|
1999-01-09 08:24:02 +08:00
|
|
|
else if (!strcasecmp(name, "pgp"))
|
1996-11-19 02:02:36 +08:00
|
|
|
return RPMSIGTAG_PGP;
|
1999-01-09 08:24:02 +08:00
|
|
|
else if (!strcasecmp(name, "gpg"))
|
|
|
|
|
return RPMSIGTAG_GPG;
|
|
|
|
|
else
|
1996-07-08 06:19:32 +08:00
|
|
|
return -1;
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
|
|
|
|
|
1996-11-19 02:02:36 +08:00
|
|
|
/* rpmReadSignature() emulates the new style signatures if it finds an */
|
1996-07-08 06:19:32 +08:00
|
|
|
/* old-style one. It also immediately verifies the header+archive */
|
|
|
|
|
/* size and returns an error if it doesn't match. */
|
1996-06-20 11:10:44 +08:00
|
|
|
|
1998-11-19 05:41:05 +08:00
|
|
|
int rpmReadSignature(FD_t fd, Header *header, short sig_type)
|
1996-02-19 10:32:11 +08:00
|
|
|
{
|
1996-06-20 11:10:44 +08:00
|
|
|
unsigned char buf[2048];
|
1996-07-08 06:26:31 +08:00
|
|
|
int sigSize, pad;
|
|
|
|
|
int_32 type, count;
|
1996-07-08 06:19:32 +08:00
|
|
|
int_32 *archSize;
|
|
|
|
|
Header h;
|
|
|
|
|
|
|
|
|
|
if (header) {
|
|
|
|
|
*header = NULL;
|
|
|
|
|
}
|
1996-02-19 10:32:11 +08:00
|
|
|
|
|
|
|
|
switch (sig_type) {
|
1996-07-08 06:19:32 +08:00
|
|
|
case RPMSIG_NONE:
|
1998-09-28 06:03:52 +08:00
|
|
|
rpmMessage(RPMMESS_DEBUG, _("No signature\n"));
|
1996-02-19 10:32:11 +08:00
|
|
|
break;
|
1996-07-08 06:19:32 +08:00
|
|
|
case RPMSIG_PGP262_1024:
|
1998-09-28 06:03:52 +08:00
|
|
|
rpmMessage(RPMMESS_DEBUG, _("Old PGP signature\n"));
|
1996-06-20 11:10:44 +08:00
|
|
|
/* These are always 256 bytes */
|
1996-10-15 11:15:30 +08:00
|
|
|
if (timedRead(fd, buf, 256) != 256) {
|
1996-07-08 06:19:32 +08:00
|
|
|
return 1;
|
1996-02-22 06:20:37 +08:00
|
|
|
}
|
1996-07-08 06:19:32 +08:00
|
|
|
if (header) {
|
1996-11-19 02:02:36 +08:00
|
|
|
*header = headerNew();
|
|
|
|
|
headerAddEntry(*header, RPMSIGTAG_PGP, RPM_BIN_TYPE, buf, 152);
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
break;
|
1996-07-08 06:19:32 +08:00
|
|
|
case RPMSIG_MD5:
|
|
|
|
|
case RPMSIG_MD5_PGP:
|
1996-11-19 02:02:36 +08:00
|
|
|
rpmError(RPMERR_BADSIGTYPE,
|
1997-05-01 23:15:11 +08:00
|
|
|
_("Old (internal-only) signature! How did you get that!?"));
|
1996-07-08 06:26:31 +08:00
|
|
|
return 1;
|
1996-06-20 11:10:44 +08:00
|
|
|
break;
|
1996-07-08 06:19:32 +08:00
|
|
|
case RPMSIG_HEADERSIG:
|
1998-09-28 06:03:52 +08:00
|
|
|
rpmMessage(RPMMESS_DEBUG, _("New Header signature\n"));
|
1996-07-08 06:19:32 +08:00
|
|
|
/* This is a new style signature */
|
1996-11-19 02:02:36 +08:00
|
|
|
h = headerRead(fd, HEADER_MAGIC_YES);
|
1998-11-17 05:40:28 +08:00
|
|
|
if (h == NULL) {
|
1996-07-08 06:19:32 +08:00
|
|
|
return 1;
|
1996-02-25 13:05:52 +08:00
|
|
|
}
|
1996-11-19 02:02:36 +08:00
|
|
|
sigSize = headerSizeof(h, HEADER_MAGIC_YES);
|
1996-07-08 06:19:32 +08:00
|
|
|
pad = (8 - (sigSize % 8)) % 8; /* 8-byte pad */
|
1998-09-28 06:03:52 +08:00
|
|
|
rpmMessage(RPMMESS_DEBUG, _("Signature size: %d\n"), sigSize);
|
|
|
|
|
rpmMessage(RPMMESS_DEBUG, _("Signature pad : %d\n"), pad);
|
1996-11-19 02:02:36 +08:00
|
|
|
if (! headerGetEntry(h, RPMSIGTAG_SIZE, &type, (void **)&archSize, &count)) {
|
|
|
|
|
headerFree(h);
|
1996-07-08 06:19:32 +08:00
|
|
|
return 1;
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
1996-07-08 06:19:32 +08:00
|
|
|
if (checkSize(fd, *archSize, sigSize + pad)) {
|
1996-11-19 02:02:36 +08:00
|
|
|
headerFree(h);
|
1996-07-08 06:19:32 +08:00
|
|
|
return 1;
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
1996-07-08 06:19:32 +08:00
|
|
|
if (pad) {
|
1996-10-15 11:15:30 +08:00
|
|
|
if (timedRead(fd, buf, pad) != pad) {
|
1996-11-19 02:02:36 +08:00
|
|
|
headerFree(h);
|
1996-07-08 06:19:32 +08:00
|
|
|
return 1;
|
|
|
|
|
}
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
1996-07-08 06:19:32 +08:00
|
|
|
if (header) {
|
|
|
|
|
*header = h;
|
|
|
|
|
} else {
|
1996-11-19 02:02:36 +08:00
|
|
|
headerFree(h);
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
1996-02-19 10:32:11 +08:00
|
|
|
break;
|
1996-07-08 06:19:32 +08:00
|
|
|
default:
|
|
|
|
|
return 1;
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
|
1996-02-22 09:59:29 +08:00
|
|
|
return 0;
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
|
1998-11-19 05:41:05 +08:00
|
|
|
int rpmWriteSignature(FD_t fd, Header header)
|
1996-02-20 14:02:32 +08:00
|
|
|
{
|
1996-07-08 06:19:32 +08:00
|
|
|
int sigSize, pad;
|
|
|
|
|
unsigned char buf[8];
|
|
|
|
|
|
1996-11-19 02:02:36 +08:00
|
|
|
headerWrite(fd, header, HEADER_MAGIC_YES);
|
|
|
|
|
sigSize = headerSizeof(header, HEADER_MAGIC_YES);
|
1996-07-08 06:19:32 +08:00
|
|
|
pad = (8 - (sigSize % 8)) % 8;
|
|
|
|
|
if (pad) {
|
1998-09-28 06:03:52 +08:00
|
|
|
rpmMessage(RPMMESS_DEBUG, _("Signature size: %d\n"), sigSize);
|
|
|
|
|
rpmMessage(RPMMESS_DEBUG, _("Signature pad : %d\n"), pad);
|
1996-07-08 06:19:32 +08:00
|
|
|
memset(buf, 0, pad);
|
1998-11-19 05:41:05 +08:00
|
|
|
(void)fdWrite(fd, buf, pad);
|
1996-06-29 02:48:34 +08:00
|
|
|
}
|
1996-07-08 06:19:32 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
1996-06-29 02:48:34 +08:00
|
|
|
|
1996-11-19 02:02:36 +08:00
|
|
|
Header rpmNewSignature(void)
|
1996-07-08 06:19:32 +08:00
|
|
|
{
|
1996-11-19 02:02:36 +08:00
|
|
|
return headerNew();
|
1996-07-08 06:19:32 +08:00
|
|
|
}
|
|
|
|
|
|
1996-11-19 02:02:36 +08:00
|
|
|
void rpmFreeSignature(Header h)
|
1996-07-08 06:19:32 +08:00
|
|
|
{
|
1996-11-19 02:02:36 +08:00
|
|
|
headerFree(h);
|
1996-07-08 06:19:32 +08:00
|
|
|
}
|
|
|
|
|
|
1999-01-07 01:33:50 +08:00
|
|
|
int rpmAddSignature(Header header, const char *file, int_32 sigTag, const char *passPhrase)
|
1996-07-08 06:19:32 +08:00
|
|
|
{
|
|
|
|
|
struct stat statbuf;
|
|
|
|
|
int_32 size;
|
|
|
|
|
unsigned char buf[16];
|
|
|
|
|
void *sig;
|
1996-06-20 11:10:44 +08:00
|
|
|
|
1996-07-08 06:19:32 +08:00
|
|
|
switch (sigTag) {
|
1996-11-19 02:02:36 +08:00
|
|
|
case RPMSIGTAG_SIZE:
|
1996-07-08 06:19:32 +08:00
|
|
|
stat(file, &statbuf);
|
|
|
|
|
size = statbuf.st_size;
|
1996-11-19 02:02:36 +08:00
|
|
|
headerAddEntry(header, RPMSIGTAG_SIZE, RPM_INT32_TYPE, &size, 1);
|
1996-07-08 06:19:32 +08:00
|
|
|
break;
|
1996-11-19 02:02:36 +08:00
|
|
|
case RPMSIGTAG_MD5:
|
1996-07-08 06:19:32 +08:00
|
|
|
mdbinfile(file, buf);
|
1996-11-19 02:02:36 +08:00
|
|
|
headerAddEntry(header, sigTag, RPM_BIN_TYPE, buf, 16);
|
1996-07-08 06:19:32 +08:00
|
|
|
break;
|
1996-11-19 02:02:36 +08:00
|
|
|
case RPMSIGTAG_PGP:
|
1996-07-08 06:19:32 +08:00
|
|
|
makePGPSignature(file, &sig, &size, passPhrase);
|
1996-11-19 02:02:36 +08:00
|
|
|
headerAddEntry(header, sigTag, RPM_BIN_TYPE, sig, size);
|
1996-07-08 06:19:32 +08:00
|
|
|
break;
|
1999-01-09 08:24:02 +08:00
|
|
|
case RPMSIGTAG_GPG:
|
|
|
|
|
makeGPGSignature(file, &sig, &size, passPhrase);
|
|
|
|
|
headerAddEntry(header, sigTag, RPM_BIN_TYPE, sig, size);
|
|
|
|
|
break;
|
1996-07-08 06:19:32 +08:00
|
|
|
}
|
|
|
|
|
|
1996-02-22 09:35:00 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
1999-01-07 01:33:50 +08:00
|
|
|
static int makePGPSignature(const char *file, void **sig, int_32 *size,
|
|
|
|
|
const char *passPhrase)
|
1996-02-19 10:32:11 +08:00
|
|
|
{
|
|
|
|
|
char name[1024];
|
|
|
|
|
char sigfile[1024];
|
1996-07-08 06:19:32 +08:00
|
|
|
int pid, status;
|
1998-11-19 05:41:05 +08:00
|
|
|
int inpipe[2];
|
1996-02-19 10:32:11 +08:00
|
|
|
FILE *fpipe;
|
1996-02-25 13:05:52 +08:00
|
|
|
struct stat statbuf;
|
1996-02-19 10:32:11 +08:00
|
|
|
|
1996-11-19 02:02:36 +08:00
|
|
|
sprintf(name, "+myname=\"%s\"", rpmGetVar(RPMVAR_PGP_NAME));
|
1996-02-19 10:32:11 +08:00
|
|
|
|
|
|
|
|
sprintf(sigfile, "%s.sig", file);
|
|
|
|
|
|
|
|
|
|
pipe(inpipe);
|
|
|
|
|
|
|
|
|
|
if (!(pid = fork())) {
|
1998-11-20 02:10:28 +08:00
|
|
|
close(STDIN_FILENO);
|
1996-02-19 10:32:11 +08:00
|
|
|
dup2(inpipe[0], 3);
|
|
|
|
|
close(inpipe[1]);
|
1996-12-24 22:02:21 +08:00
|
|
|
dosetenv("PGPPASSFD", "3", 1);
|
1996-11-19 02:02:36 +08:00
|
|
|
if (rpmGetVar(RPMVAR_PGP_PATH)) {
|
1996-12-24 22:02:21 +08:00
|
|
|
dosetenv("PGPPATH", rpmGetVar(RPMVAR_PGP_PATH), 1);
|
1996-06-19 22:29:48 +08:00
|
|
|
}
|
1996-12-24 22:02:21 +08:00
|
|
|
/* dosetenv("PGPPASS", passPhrase, 1); */
|
1996-02-19 10:32:11 +08:00
|
|
|
execlp("pgp", "pgp",
|
1996-04-29 22:26:01 +08:00
|
|
|
"+batchmode=on", "+verbose=0", "+armor=off",
|
1996-06-19 22:29:48 +08:00
|
|
|
name, "-sb", file, sigfile,
|
1996-02-19 10:32:11 +08:00
|
|
|
NULL);
|
1997-05-01 23:15:11 +08:00
|
|
|
rpmError(RPMERR_EXEC, _("Couldn't exec pgp"));
|
1996-12-12 11:35:01 +08:00
|
|
|
_exit(RPMERR_EXEC);
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fpipe = fdopen(inpipe[1], "w");
|
|
|
|
|
close(inpipe[0]);
|
|
|
|
|
fprintf(fpipe, "%s\n", passPhrase);
|
|
|
|
|
fclose(fpipe);
|
|
|
|
|
|
1998-11-17 05:40:28 +08:00
|
|
|
(void)waitpid(pid, &status, 0);
|
1996-02-19 10:32:11 +08:00
|
|
|
if (!WIFEXITED(status) || WEXITSTATUS(status)) {
|
1997-05-01 23:15:11 +08:00
|
|
|
rpmError(RPMERR_SIGGEN, _("pgp failed"));
|
1996-02-19 10:32:11 +08:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
1996-02-25 13:05:52 +08:00
|
|
|
if (stat(sigfile, &statbuf)) {
|
|
|
|
|
/* PGP failed to write signature */
|
|
|
|
|
unlink(sigfile); /* Just in case */
|
1997-05-01 23:15:11 +08:00
|
|
|
rpmError(RPMERR_SIGGEN, _("pgp failed to write signature"));
|
1996-02-25 13:05:52 +08:00
|
|
|
return 1;
|
|
|
|
|
}
|
1996-06-20 11:10:44 +08:00
|
|
|
|
1996-07-08 06:19:32 +08:00
|
|
|
*size = statbuf.st_size;
|
1998-09-28 06:03:52 +08:00
|
|
|
rpmMessage(RPMMESS_DEBUG, _("PGP sig size: %d\n"), *size);
|
1996-07-08 06:19:32 +08:00
|
|
|
*sig = malloc(*size);
|
1996-02-25 13:05:52 +08:00
|
|
|
|
1999-01-11 01:10:17 +08:00
|
|
|
{ FD_t fd;
|
|
|
|
|
int rc;
|
|
|
|
|
fd = fdOpen(sigfile, O_RDONLY, 0);
|
|
|
|
|
rc = timedRead(fd, *sig, *size);
|
1996-06-20 11:10:44 +08:00
|
|
|
unlink(sigfile);
|
1998-11-19 05:41:05 +08:00
|
|
|
fdClose(fd);
|
1999-01-11 01:10:17 +08:00
|
|
|
if (rc != *size) {
|
|
|
|
|
free(*sig);
|
|
|
|
|
rpmError(RPMERR_SIGGEN, _("unable to read the signature"));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
1996-02-19 10:32:11 +08:00
|
|
|
|
1998-09-28 06:03:52 +08:00
|
|
|
rpmMessage(RPMMESS_DEBUG, _("Got %d bytes of PGP sig\n"), *size);
|
1996-02-19 10:32:11 +08:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
1999-01-09 08:24:02 +08:00
|
|
|
/* This is an adaptation of the makePGPSignature function to use GPG instead
|
|
|
|
|
* of PGP to create signatures. I think I've made all the changes necessary,
|
|
|
|
|
* but this could be a good place to start looking if errors in GPG signature
|
|
|
|
|
* creation crop up.
|
|
|
|
|
*/
|
|
|
|
|
static int makeGPGSignature(const char *file, void **sig, int_32 *size,
|
|
|
|
|
const char *passPhrase)
|
|
|
|
|
{
|
|
|
|
|
char name[1024];
|
|
|
|
|
char sigfile[1024];
|
|
|
|
|
int pid, status;
|
|
|
|
|
int inpipe[2];
|
|
|
|
|
FILE *fpipe;
|
|
|
|
|
struct stat statbuf;
|
|
|
|
|
|
|
|
|
|
sprintf(name, "%s", rpmGetVar(RPMVAR_GPG_NAME));
|
|
|
|
|
|
|
|
|
|
sprintf(sigfile, "%s.sig", file);
|
|
|
|
|
|
|
|
|
|
pipe(inpipe);
|
|
|
|
|
|
|
|
|
|
if (!(pid = fork())) {
|
|
|
|
|
close(STDIN_FILENO);
|
|
|
|
|
dup2(inpipe[0], 3);
|
|
|
|
|
close(inpipe[1]);
|
|
|
|
|
if (rpmGetVar(RPMVAR_GPG_PATH)) {
|
|
|
|
|
dosetenv("GNUPGHOME", rpmGetVar(RPMVAR_GPG_PATH), 1);
|
|
|
|
|
}
|
|
|
|
|
execlp("gpg", "gpg",
|
|
|
|
|
"--batch", "--no-verbose", "--no-armor", "--passphrase-fd", "3",
|
|
|
|
|
"-u", name, "-sbo", sigfile, file,
|
|
|
|
|
NULL);
|
|
|
|
|
rpmError(RPMERR_EXEC, _("Couldn't exec gpg"));
|
|
|
|
|
_exit(RPMERR_EXEC);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fpipe = fdopen(inpipe[1], "w");
|
|
|
|
|
close(inpipe[0]);
|
|
|
|
|
fprintf(fpipe, "%s\n", passPhrase);
|
|
|
|
|
fclose(fpipe);
|
|
|
|
|
|
|
|
|
|
(void)waitpid(pid, &status, 0);
|
|
|
|
|
if (!WIFEXITED(status) || WEXITSTATUS(status)) {
|
|
|
|
|
rpmError(RPMERR_SIGGEN, _("gpg failed"));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (stat(sigfile, &statbuf)) {
|
|
|
|
|
/* GPG failed to write signature */
|
|
|
|
|
unlink(sigfile); /* Just in case */
|
|
|
|
|
rpmError(RPMERR_SIGGEN, _("gpg failed to write signature"));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*size = statbuf.st_size;
|
|
|
|
|
rpmMessage(RPMMESS_DEBUG, _("GPG sig size: %d\n"), *size);
|
|
|
|
|
*sig = malloc(*size);
|
|
|
|
|
|
|
|
|
|
{ FD_t fd;
|
|
|
|
|
int rc;
|
|
|
|
|
fd = fdOpen(sigfile, O_RDONLY, 0);
|
|
|
|
|
rc = timedRead(fd, *sig, *size);
|
|
|
|
|
unlink(sigfile);
|
|
|
|
|
fdClose(fd);
|
|
|
|
|
if (rc != *size) {
|
|
|
|
|
free(*sig);
|
|
|
|
|
rpmError(RPMERR_SIGGEN, _("unable to read the signature"));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rpmMessage(RPMMESS_DEBUG, _("Got %d bytes of GPG sig\n"), *size);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
1998-11-19 05:41:05 +08:00
|
|
|
static int checkSize(FD_t fd, int size, int sigsize)
|
1996-06-29 02:48:34 +08:00
|
|
|
{
|
|
|
|
|
int headerArchiveSize;
|
|
|
|
|
struct stat statbuf;
|
|
|
|
|
|
1998-11-21 04:18:22 +08:00
|
|
|
fstat(fdFileno(fd), &statbuf);
|
1996-06-29 02:48:34 +08:00
|
|
|
|
1996-10-15 11:15:30 +08:00
|
|
|
if (S_ISREG(statbuf.st_mode)) {
|
|
|
|
|
headerArchiveSize = statbuf.st_size - sizeof(struct rpmlead) - sigsize;
|
|
|
|
|
|
1998-09-28 06:03:52 +08:00
|
|
|
rpmMessage(RPMMESS_DEBUG, _("sigsize : %d\n"), sigsize);
|
|
|
|
|
rpmMessage(RPMMESS_DEBUG, _("Header + Archive: %d\n"), headerArchiveSize);
|
|
|
|
|
rpmMessage(RPMMESS_DEBUG, _("expected size : %d\n"), size);
|
1996-06-29 02:48:34 +08:00
|
|
|
|
1996-10-15 11:15:30 +08:00
|
|
|
return size - headerArchiveSize;
|
|
|
|
|
} else {
|
1998-09-28 06:03:52 +08:00
|
|
|
rpmMessage(RPMMESS_DEBUG, _("file is not regular -- skipping size check\n"));
|
1996-10-15 11:15:30 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
1996-06-29 02:48:34 +08:00
|
|
|
}
|
|
|
|
|
|
1999-01-07 01:33:50 +08:00
|
|
|
int rpmVerifySignature(const char *file, int_32 sigTag, void *sig, int count,
|
1996-07-08 11:27:05 +08:00
|
|
|
char *result)
|
1996-07-08 06:19:32 +08:00
|
|
|
{
|
1996-07-08 11:27:05 +08:00
|
|
|
switch (sigTag) {
|
1996-11-19 02:02:36 +08:00
|
|
|
case RPMSIGTAG_SIZE:
|
1996-07-08 11:27:05 +08:00
|
|
|
if (verifySizeSignature(file, *(int_32 *)sig, result)) {
|
|
|
|
|
return RPMSIG_BAD;
|
1996-07-08 06:19:32 +08:00
|
|
|
}
|
|
|
|
|
break;
|
1996-11-19 02:02:36 +08:00
|
|
|
case RPMSIGTAG_MD5:
|
1996-09-01 02:36:53 +08:00
|
|
|
if (verifyMD5Signature(file, sig, result, mdbinfile)) {
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
1997-03-29 01:46:34 +08:00
|
|
|
case RPMSIGTAG_LEMD5_1:
|
|
|
|
|
case RPMSIGTAG_LEMD5_2:
|
1996-09-01 02:36:53 +08:00
|
|
|
if (verifyMD5Signature(file, sig, result, mdbinfileBroken)) {
|
1996-07-08 11:27:05 +08:00
|
|
|
return 1;
|
1996-07-08 06:19:32 +08:00
|
|
|
}
|
|
|
|
|
break;
|
1996-11-19 02:02:36 +08:00
|
|
|
case RPMSIGTAG_PGP:
|
1996-07-13 03:27:34 +08:00
|
|
|
return verifyPGPSignature(file, sig, count, result);
|
1996-07-08 06:19:32 +08:00
|
|
|
break;
|
1999-01-09 08:24:02 +08:00
|
|
|
case RPMSIGTAG_GPG:
|
|
|
|
|
return verifyGPGSignature(file, sig, count, result);
|
|
|
|
|
break;
|
1996-07-08 06:19:32 +08:00
|
|
|
default:
|
1996-07-08 11:27:05 +08:00
|
|
|
sprintf(result, "Do not know how to verify sig type %d\n", sigTag);
|
|
|
|
|
return RPMSIG_UNKNOWN;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return RPMSIG_OK;
|
|
|
|
|
}
|
|
|
|
|
|
1999-01-07 01:33:50 +08:00
|
|
|
static int verifySizeSignature(const char *datafile, int_32 size, char *result)
|
1996-07-08 11:27:05 +08:00
|
|
|
{
|
|
|
|
|
struct stat statbuf;
|
|
|
|
|
|
|
|
|
|
stat(datafile, &statbuf);
|
|
|
|
|
if (size != statbuf.st_size) {
|
|
|
|
|
sprintf(result, "Header+Archive size mismatch.\n"
|
|
|
|
|
"Expected %d, saw %d.\n",
|
|
|
|
|
size, (int)statbuf.st_size);
|
|
|
|
|
return 1;
|
1996-07-08 06:19:32 +08:00
|
|
|
}
|
|
|
|
|
|
1996-07-08 11:27:05 +08:00
|
|
|
sprintf(result, "Header+Archive size OK: %d bytes\n", size);
|
|
|
|
|
return 0;
|
1996-07-08 06:19:32 +08:00
|
|
|
}
|
|
|
|
|
|
1999-01-07 01:33:50 +08:00
|
|
|
static int verifyMD5Signature(const char *datafile, unsigned char *sig,
|
1996-09-01 02:36:53 +08:00
|
|
|
char *result, md5func fn)
|
1996-02-19 10:32:11 +08:00
|
|
|
{
|
1996-07-08 11:27:05 +08:00
|
|
|
unsigned char md5sum[16];
|
|
|
|
|
|
1996-09-01 02:36:53 +08:00
|
|
|
fn(datafile, md5sum);
|
1996-07-08 11:27:05 +08:00
|
|
|
if (memcmp(md5sum, sig, 16)) {
|
|
|
|
|
sprintf(result, "MD5 sum mismatch\n"
|
|
|
|
|
"Expected: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
|
|
|
|
|
"%02x%02x%02x%02x%02x\n"
|
|
|
|
|
"Saw : %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
|
|
|
|
|
"%02x%02x%02x%02x%02x\n",
|
|
|
|
|
sig[0], sig[1], sig[2], sig[3],
|
|
|
|
|
sig[4], sig[5], sig[6], sig[7],
|
|
|
|
|
sig[8], sig[9], sig[10], sig[11],
|
|
|
|
|
sig[12], sig[13], sig[14], sig[15],
|
|
|
|
|
md5sum[0], md5sum[1], md5sum[2], md5sum[3],
|
|
|
|
|
md5sum[4], md5sum[5], md5sum[6], md5sum[7],
|
|
|
|
|
md5sum[8], md5sum[9], md5sum[10], md5sum[11],
|
|
|
|
|
md5sum[12], md5sum[13], md5sum[14], md5sum[15]);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sprintf(result, "MD5 sum OK: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
|
|
|
|
|
"%02x%02x%02x%02x%02x\n",
|
|
|
|
|
md5sum[0], md5sum[1], md5sum[2], md5sum[3],
|
|
|
|
|
md5sum[4], md5sum[5], md5sum[6], md5sum[7],
|
|
|
|
|
md5sum[8], md5sum[9], md5sum[10], md5sum[11],
|
|
|
|
|
md5sum[12], md5sum[13], md5sum[14], md5sum[15]);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
1999-01-07 01:33:50 +08:00
|
|
|
static int verifyPGPSignature(const char *datafile, void *sig,
|
1996-07-08 11:27:05 +08:00
|
|
|
int count, char *result)
|
|
|
|
|
{
|
1998-11-19 05:41:05 +08:00
|
|
|
int pid, status, outpipe[2];
|
|
|
|
|
FD_t sfd;
|
1996-07-08 11:27:05 +08:00
|
|
|
char *sigfile;
|
1996-02-19 10:32:11 +08:00
|
|
|
unsigned char buf[8192];
|
|
|
|
|
FILE *file;
|
1996-07-13 03:27:34 +08:00
|
|
|
int res = RPMSIG_OK;
|
1996-02-19 10:32:11 +08:00
|
|
|
|
1996-07-08 11:27:05 +08:00
|
|
|
/* Write out the signature */
|
1996-11-19 02:02:36 +08:00
|
|
|
sigfile = tempnam(rpmGetVar(RPMVAR_TMPPATH), "rpmsig");
|
1998-11-19 05:41:05 +08:00
|
|
|
sfd = fdOpen(sigfile, O_WRONLY|O_CREAT|O_TRUNC, 0644);
|
|
|
|
|
(void)fdWrite(sfd, sig, count);
|
|
|
|
|
fdClose(sfd);
|
1996-07-08 11:27:05 +08:00
|
|
|
|
1996-02-19 10:32:11 +08:00
|
|
|
/* Now run PGP */
|
|
|
|
|
pipe(outpipe);
|
|
|
|
|
|
|
|
|
|
if (!(pid = fork())) {
|
|
|
|
|
close(outpipe[0]);
|
1999-01-11 01:10:17 +08:00
|
|
|
close(STDOUT_FILENO); /* XXX unnecessary */
|
1998-11-20 02:10:28 +08:00
|
|
|
dup2(outpipe[1], STDOUT_FILENO);
|
1996-11-19 02:02:36 +08:00
|
|
|
if (rpmGetVar(RPMVAR_PGP_PATH)) {
|
1996-12-24 22:02:21 +08:00
|
|
|
dosetenv("PGPPATH", rpmGetVar(RPMVAR_PGP_PATH), 1);
|
1996-06-19 22:29:48 +08:00
|
|
|
}
|
1996-02-19 10:32:11 +08:00
|
|
|
execlp("pgp", "pgp",
|
|
|
|
|
"+batchmode=on", "+verbose=0",
|
|
|
|
|
sigfile, datafile,
|
|
|
|
|
NULL);
|
1998-09-28 06:03:52 +08:00
|
|
|
fprintf(stderr, _("exec failed!\n"));
|
1997-05-01 23:15:11 +08:00
|
|
|
rpmError(RPMERR_EXEC,
|
|
|
|
|
_("Could not run pgp. Use --nopgp to skip PGP checks."));
|
1996-12-12 11:35:01 +08:00
|
|
|
_exit(RPMERR_EXEC);
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
close(outpipe[1]);
|
|
|
|
|
file = fdopen(outpipe[0], "r");
|
|
|
|
|
result[0] = '\0';
|
|
|
|
|
while (fgets(buf, 1024, file)) {
|
1996-07-08 11:27:05 +08:00
|
|
|
if (strncmp("File '", buf, 6) &&
|
|
|
|
|
strncmp("Text is assu", buf, 12) &&
|
|
|
|
|
buf[0] != '\n') {
|
1996-02-19 10:32:11 +08:00
|
|
|
strcat(result, buf);
|
|
|
|
|
}
|
1996-07-13 03:27:34 +08:00
|
|
|
if (!strncmp("WARNING: Can't find the right public key", buf, 40)) {
|
|
|
|
|
res = RPMSIG_NOKEY;
|
|
|
|
|
}
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
fclose(file);
|
|
|
|
|
|
1998-11-17 05:40:28 +08:00
|
|
|
(void)waitpid(pid, &status, 0);
|
1996-07-12 07:42:46 +08:00
|
|
|
unlink(sigfile);
|
1996-07-13 03:27:34 +08:00
|
|
|
if (!res && (!WIFEXITED(status) || WEXITSTATUS(status))) {
|
|
|
|
|
res = RPMSIG_BAD;
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
|
1996-07-13 03:27:34 +08:00
|
|
|
return res;
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
|
1999-01-09 08:24:02 +08:00
|
|
|
static int verifyGPGSignature(const char *datafile, void *sig,
|
|
|
|
|
int count, char *result)
|
|
|
|
|
{
|
|
|
|
|
int pid, status, outpipe[2];
|
1999-01-11 01:10:17 +08:00
|
|
|
FD_t sfd;
|
1999-01-09 08:24:02 +08:00
|
|
|
char *sigfile;
|
|
|
|
|
unsigned char buf[8192];
|
|
|
|
|
FILE *file;
|
|
|
|
|
int res = RPMSIG_OK;
|
|
|
|
|
|
|
|
|
|
/* Write out the signature */
|
|
|
|
|
sigfile = tempnam(rpmGetVar(RPMVAR_TMPPATH), "rpmsig");
|
1999-01-11 01:10:17 +08:00
|
|
|
sfd = fdOpen(sigfile, O_WRONLY|O_CREAT|O_TRUNC, 0644);
|
|
|
|
|
(void)fdWrite(sfd, sig, count);
|
|
|
|
|
fdClose(sfd);
|
1999-01-09 08:24:02 +08:00
|
|
|
|
|
|
|
|
/* Now run GPG */
|
|
|
|
|
pipe(outpipe);
|
|
|
|
|
|
|
|
|
|
if (!(pid = fork())) {
|
|
|
|
|
close(outpipe[0]);
|
1999-01-11 01:10:17 +08:00
|
|
|
/* gpg version 0.9 sends its output to stderr. */
|
|
|
|
|
close(STDERR_FILENO); /* XXX unnecessary */
|
|
|
|
|
dup2(outpipe[1], STDERR_FILENO);
|
1999-01-09 08:24:02 +08:00
|
|
|
if (rpmGetVar(RPMVAR_GPG_PATH)) {
|
|
|
|
|
dosetenv("GNUPGHOME", rpmGetVar(RPMVAR_GPG_PATH), 1);
|
|
|
|
|
}
|
|
|
|
|
execlp("gpg", "gpg",
|
|
|
|
|
"--batch", "--no-verbose",
|
|
|
|
|
"--verify", sigfile, datafile,
|
|
|
|
|
NULL);
|
|
|
|
|
fprintf(stderr, _("exec failed!\n"));
|
|
|
|
|
rpmError(RPMERR_EXEC,
|
|
|
|
|
_("Could not run gpg. Use --nogpg to skip GPG checks."));
|
|
|
|
|
_exit(RPMERR_EXEC);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
close(outpipe[1]);
|
|
|
|
|
file = fdopen(outpipe[0], "r");
|
|
|
|
|
result[0] = '\0';
|
|
|
|
|
while (fgets(buf, 1024, file)) {
|
|
|
|
|
strcat(result, buf);
|
1999-01-11 01:10:17 +08:00
|
|
|
if (!strncmp("gpg: Can't check signature: Public key not found", buf, 48)) {
|
|
|
|
|
res = RPMSIG_NOKEY;
|
|
|
|
|
}
|
1999-01-09 08:24:02 +08:00
|
|
|
}
|
|
|
|
|
fclose(file);
|
|
|
|
|
|
|
|
|
|
(void)waitpid(pid, &status, 0);
|
|
|
|
|
unlink(sigfile);
|
|
|
|
|
if (!res && (!WIFEXITED(status) || WEXITSTATUS(status))) {
|
|
|
|
|
res = RPMSIG_BAD;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *rpmGetPassPhrase(const char *prompt, const int sigTag)
|
1996-02-19 10:32:11 +08:00
|
|
|
{
|
1996-06-20 11:10:44 +08:00
|
|
|
char *pass;
|
|
|
|
|
|
1999-01-09 08:24:02 +08:00
|
|
|
switch (sigTag) {
|
|
|
|
|
case RPMSIGTAG_GPG:
|
|
|
|
|
if (! rpmGetVar(RPMVAR_GPG_NAME)) {
|
|
|
|
|
rpmError(RPMERR_SIGGEN,
|
|
|
|
|
_("You must set \"gpg_name:\" in your rpmrc file"));
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case RPMSIGTAG_PGP:
|
|
|
|
|
if (! rpmGetVar(RPMVAR_PGP_NAME)) {
|
|
|
|
|
rpmError(RPMERR_SIGGEN,
|
|
|
|
|
_("You must set \"pgp_name:\" in your rpmrc file"));
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
/* Currently the calling function (rpm.c:main) is checking this and
|
|
|
|
|
* doing a better job. This section should never be accessed.
|
|
|
|
|
*/
|
|
|
|
|
rpmError(RPMERR_SIGGEN,
|
|
|
|
|
_("Invalid signature spec in rc file"));
|
|
|
|
|
return NULL;
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
|
1996-06-20 11:10:44 +08:00
|
|
|
if (prompt) {
|
|
|
|
|
pass = getpass(prompt);
|
|
|
|
|
} else {
|
|
|
|
|
pass = getpass("");
|
|
|
|
|
}
|
|
|
|
|
|
1999-01-09 08:24:02 +08:00
|
|
|
if (checkPassPhrase(pass, sigTag)) {
|
1996-06-20 11:10:44 +08:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return pass;
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
|
1999-01-09 08:24:02 +08:00
|
|
|
static int checkPassPhrase(const char *passPhrase, const int sigType)
|
1996-02-19 10:32:11 +08:00
|
|
|
{
|
1996-06-20 11:10:44 +08:00
|
|
|
char name[1024];
|
|
|
|
|
int passPhrasePipe[2];
|
|
|
|
|
FILE *fpipe;
|
|
|
|
|
int pid, status;
|
|
|
|
|
int fd;
|
1996-02-19 10:32:11 +08:00
|
|
|
|
1996-06-20 11:10:44 +08:00
|
|
|
pipe(passPhrasePipe);
|
|
|
|
|
if (!(pid = fork())) {
|
1998-11-20 02:10:28 +08:00
|
|
|
close(STDIN_FILENO);
|
|
|
|
|
close(STDOUT_FILENO);
|
1996-11-19 02:02:36 +08:00
|
|
|
if (! rpmIsVerbose()) {
|
1998-11-20 02:10:28 +08:00
|
|
|
close(STDERR_FILENO);
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
1998-11-20 02:10:28 +08:00
|
|
|
if ((fd = open("/dev/null", O_RDONLY)) != STDIN_FILENO) {
|
|
|
|
|
dup2(fd, STDIN_FILENO);
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
1998-11-20 02:10:28 +08:00
|
|
|
if ((fd = open("/dev/null", O_WRONLY)) != STDOUT_FILENO) {
|
|
|
|
|
dup2(fd, STDOUT_FILENO);
|
1996-06-20 11:10:44 +08:00
|
|
|
}
|
|
|
|
|
dup2(passPhrasePipe[0], 3);
|
1999-01-09 08:24:02 +08:00
|
|
|
|
|
|
|
|
switch (sigType) {
|
|
|
|
|
case RPMSIGTAG_GPG:
|
|
|
|
|
sprintf(name, "%s", rpmGetVar(RPMVAR_GPG_NAME));
|
|
|
|
|
if (rpmGetVar(RPMVAR_GPG_PATH)) {
|
|
|
|
|
dosetenv("GNUPGHOME", rpmGetVar(RPMVAR_GPG_PATH), 1);
|
|
|
|
|
}
|
|
|
|
|
execlp("gpg", "gpg",
|
|
|
|
|
"--batch", "--no-verbose", "--passphrase-fd", "3",
|
|
|
|
|
"-u", name, "-so", "-",
|
|
|
|
|
NULL);
|
|
|
|
|
rpmError(RPMERR_EXEC, _("Couldn't exec gpg"));
|
|
|
|
|
_exit(RPMERR_EXEC);
|
|
|
|
|
break;
|
|
|
|
|
case RPMSIGTAG_PGP:
|
|
|
|
|
sprintf(name, "+myname=\"%s\"", rpmGetVar(RPMVAR_PGP_NAME));
|
|
|
|
|
dosetenv("PGPPASSFD", "3", 1);
|
|
|
|
|
if (rpmGetVar(RPMVAR_PGP_PATH)) {
|
|
|
|
|
dosetenv("PGPPATH", rpmGetVar(RPMVAR_PGP_PATH), 1);
|
|
|
|
|
}
|
|
|
|
|
execlp("pgp", "pgp",
|
|
|
|
|
"+batchmode=on", "+verbose=0",
|
|
|
|
|
name, "-sf",
|
|
|
|
|
NULL);
|
|
|
|
|
rpmError(RPMERR_EXEC, _("Couldn't exec pgp"));
|
|
|
|
|
_exit(RPMERR_EXEC);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
/* This case should have been screened out long ago. */
|
|
|
|
|
rpmError(RPMERR_SIGGEN,
|
|
|
|
|
_("Invalid signature spec in rc file"));
|
|
|
|
|
_exit(RPMERR_SIGGEN);
|
|
|
|
|
}
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
|
|
|
|
|
1996-06-20 11:10:44 +08:00
|
|
|
fpipe = fdopen(passPhrasePipe[1], "w");
|
|
|
|
|
close(passPhrasePipe[0]);
|
|
|
|
|
fprintf(fpipe, "%s\n", passPhrase);
|
|
|
|
|
fclose(fpipe);
|
|
|
|
|
|
1998-11-17 05:40:28 +08:00
|
|
|
(void)waitpid(pid, &status, 0);
|
1996-06-20 11:10:44 +08:00
|
|
|
if (!WIFEXITED(status) || WEXITSTATUS(status)) {
|
|
|
|
|
return 1;
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
1996-06-20 11:10:44 +08:00
|
|
|
|
|
|
|
|
/* passPhrase is good */
|
|
|
|
|
return 0;
|
1996-02-19 10:32:11 +08:00
|
|
|
}
|
