rpms / rpm

Clone
Source Code
GIT

Files

  1.   f42b1720336d891c006a67b006e98b277f1cff2d
  2.   rpm-4.18.x-add-pgpVerifySignature2-and-pgpPrtParams2.patch
Blob Blame History Raw 
diff -up rpm-4.18.2/configure.ac.orig rpm-4.18.2/configure.ac
--- rpm-4.18.2/configure.ac.orig	2023-11-13 13:18:27.694107699 +0100
+++ rpm-4.18.2/configure.ac	2023-11-13 16:18:59.917784964 +0100
@@ -384,7 +384,7 @@ AC_SUBST(WITH_LIBGCRYPT_LIB)
 WITH_RPM_SEQUOIA_INCLUDE=
 WITH_RPM_SEQUOIA_LIB=
 if test "$with_crypto" = sequoia ; then
-  PKG_CHECK_MODULES([RPM_SEQUOIA], [rpm-sequoia], [have_rpm_sequoia=yes], [have_rpm_sequoia=no])
+  PKG_CHECK_MODULES([RPM_SEQUOIA], [rpm-sequoia >= 1.4.0], [have_rpm_sequoia=yes], [have_rpm_sequoia=no])
   if test "$have_rpm_sequoia" = "yes"; then
      WITH_RPM_SEQUOIA_INCLUDE="$RPM_SEQUOIA_CFLAGS"
      WITH_RPM_SEQUOIA_LIB="$RPM_SEQUOIA_LIBS"
diff -up rpm-4.18.2/include/rpm/rpmpgp.h.orig rpm-4.18.2/include/rpm/rpmpgp.h
--- rpm-4.18.2/include/rpm/rpmpgp.h.orig	2023-11-13 13:18:27.697107681 +0100
+++ rpm-4.18.2/include/rpm/rpmpgp.h	2023-11-13 16:18:59.918784958 +0100
@@ -1014,6 +1014,18 @@ int pgpPrtParams(const uint8_t *pkts, si
 		 pgpDigParams * ret);
 
 /** \ingroup rpmpgp
+ * Parse a OpenPGP packet(s).
+ * @param pkts		OpenPGP packet(s)
+ * @param pktlen	OpenPGP packet(s) length (no. of bytes)
+ * @param pkttype	Expected packet type (signature/key) or 0 for any
+ * @param[out] ret	signature/pubkey packet parameters on success (alloced)
+ * @param[out] lints	error messages and lints
+ * @return		-1 on error, 0 on success
+ */
+int pgpPrtParams2(const uint8_t *pkts, size_t pktlen, unsigned int pkttype,
+		 pgpDigParams * ret, char **lints);
+
+/** \ingroup rpmpgp
  * Parse subkey parameters from OpenPGP packet(s).
  * @param pkts		OpenPGP packet(s)
  * @param pktlen	OpenPGP packet(s) length (no. of bytes)
@@ -1192,6 +1204,17 @@ const uint8_t *pgpDigParamsSignID(pgpDig
 const char *pgpDigParamsUserID(pgpDigParams digp);
 
 /** \ingroup rpmpgp
+ * Verify a PGP signature and return a error message or lint.
+ * @param key		public key
+ * @param sig		signature
+ * @param hashctx	digest context
+ * @param lints	error messages and lints
+ * @return 		RPMRC_OK on success
+ */
+rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx,
+                          char **lints);
+
+/** \ingroup rpmpgp
  * Retrieve the object's version.
  *
  * Returns the object's version.
diff -up rpm-4.18.2/lib/rpmvs.c.orig rpm-4.18.2/lib/rpmvs.c
--- rpm-4.18.2/lib/rpmvs.c.orig	2023-11-13 13:18:27.703107645 +0100
+++ rpm-4.18.2/lib/rpmvs.c	2023-11-13 16:18:59.918784958 +0100
@@ -193,10 +193,23 @@ static void rpmsinfoInit(const struct vf
     }
 
     if (sinfo->type == RPMSIG_SIGNATURE_TYPE) {
-	if (pgpPrtParams(data, dlen, PGPTAG_SIGNATURE, &sinfo->sig)) {
-	    rasprintf(&sinfo->msg, _("%s tag %u: invalid OpenPGP signature"),
-		    origin, td->tag);
+	char *lints = NULL;
+        int ec = pgpPrtParams2(data, dlen, PGPTAG_SIGNATURE, &sinfo->sig, &lints);
+	if (ec) {
+	    if (lints) {
+		rasprintf(&sinfo->msg,
+			("%s tag %u: invalid OpenPGP signature: %s"),
+			origin, td->tag, lints);
+		free(lints);
+	    } else {
+		rasprintf(&sinfo->msg,
+			_("%s tag %u: invalid OpenPGP signature"),
+			origin, td->tag);
+	    }
 	    goto exit;
+	} else if (lints) {
+	    rpmlog(RPMLOG_WARNING, "%s\n", lints);
+	    free(lints);
 	}
 	sinfo->hashalgo = pgpDigParamsAlgo(sinfo->sig, PGPVAL_HASHALGO);
 	sinfo->keyid = pgpGrab(pgpDigParamsSignID(sinfo->sig)+4, 4);
diff -up rpm-4.18.2/rpmio/rpmkeyring.c.orig rpm-4.18.2/rpmio/rpmkeyring.c
--- rpm-4.18.2/rpmio/rpmkeyring.c.orig	2023-11-13 13:18:27.719107550 +0100
+++ rpm-4.18.2/rpmio/rpmkeyring.c	2023-11-13 16:18:59.919784952 +0100
@@ -328,7 +328,12 @@ rpmRC rpmKeyringVerifySig(rpmKeyring key
 	    pgpkey = key->pgpkey;
 
 	/* We call verify even if key not found for a signature sanity check */
-	rc = pgpVerifySignature(pgpkey, sig, ctx);
+	char *lints = NULL;
+	rc = pgpVerifySignature2(pgpkey, sig, ctx, &lints);
+	if (lints) {
+	    rpmlog(rc ? RPMLOG_ERR : RPMLOG_WARNING, "%s\n", lints);
+	    free(lints);
+	}
     }
 
     if (keyring)
diff -up rpm-4.18.2/rpmio/rpmpgp_internal.c.orig rpm-4.18.2/rpmio/rpmpgp_internal.c
--- rpm-4.18.2/rpmio/rpmpgp_internal.c.orig	2023-11-13 13:18:27.719107550 +0100
+++ rpm-4.18.2/rpmio/rpmpgp_internal.c	2023-11-13 16:18:59.919784952 +0100
@@ -1095,6 +1095,14 @@ int pgpPrtParams(const uint8_t * pkts, s
     return rc;
 }
 
+int pgpPrtParams2(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
+                  pgpDigParams * ret, char **lints)
+{
+    if (lints)
+        *lints = NULL;
+    return pgpPrtParams(pkts, pktlen, pkttype, ret);
+}
+
 int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
 			pgpDigParams mainkey, pgpDigParams **subkeys,
 			int *subkeysCount)
@@ -1264,6 +1272,13 @@ rpmRC pgpVerifySig(pgpDig dig, DIGEST_CT
 			      pgpDigGetParams(dig, PGPTAG_SIGNATURE), hashctx);
 }
 
+rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx, char **lints)
+{
+    if (lints)
+        *lints = NULL;
+    return pgpVerifySignature(key, sig, hashctx);
+}
+
 static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen)
 {
     const char * enc = NULL;
diff -up rpm-4.18.2/rpmio/rpmpgp_sequoia.c.orig rpm-4.18.2/rpmio/rpmpgp_sequoia.c
--- rpm-4.18.2/rpmio/rpmpgp_sequoia.c.orig	2023-11-13 13:18:27.719107550 +0100
+++ rpm-4.18.2/rpmio/rpmpgp_sequoia.c	2023-11-13 16:18:59.919784952 +0100
@@ -36,6 +36,9 @@ W(uint32_t, pgpDigParamsCreationTime, (p
 W(rpmRC, pgpVerifySignature,
   (pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx),
   (key, sig, hashctx))
+W(rpmRC, pgpVerifySignature2,
+  (pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx, char **lints),
+  (key, sig, hashctx, lints))
 W(int, pgpPubkeyKeyID,
   (const uint8_t * pkt, size_t pktlen, pgpKeyID_t keyid),
   (pkt, pktlen, keyid))
@@ -51,6 +54,10 @@ W(int, pgpPubKeyCertLen,
 W(int, pgpPrtParams,
   (const uint8_t *pkts, size_t pktlen, unsigned int pkttype, pgpDigParams *ret),
   (pkts, pktlen, pkttype, ret))
+W(int, pgpPrtParams2,
+  (const uint8_t *pkts, size_t pktlen, unsigned int pkttype, pgpDigParams *ret,
+   char **lints),
+  (pkts, pktlen, pkttype, ret, lints))
 W(int, pgpPrtParamsSubkeys,
   (const uint8_t *pkts, size_t pktlen,
    pgpDigParams mainkey, pgpDigParams **subkeys,
diff -up rpm-4.18.2/tests/rpmi.at.orig rpm-4.18.2/tests/rpmi.at
--- rpm-4.18.2/tests/rpmi.at.orig	2023-11-13 13:18:27.721107538 +0100
+++ rpm-4.18.2/tests/rpmi.at	2023-11-13 16:21:40.657790792 +0100
@@ -254,7 +254,7 @@ RPMTEST_CLEANUP
 
 AT_SETUP([rpm -U <corrupted signed 1>])
 AT_KEYWORDS([install])
-RPMTEST_CHECK([
+RPMTEST_CHECK_UNQUOTED([
 RPMDB_INIT
 
 pkg="hello-2.0-1.x86_64-signed.rpm"
@@ -267,7 +267,13 @@ runroot rpm -U --ignorearch --ignoreos -
 ],
 [1],
 [],
-[error: /tmp/hello-2.0-1.x86_64-signed.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)
+[`if test x$PGP = xinternal; then
+    echo 'error: /tmp/hello-2.0-1.x86_64-signed.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)'
+else
+    echo 'error: /tmp/hello-2.0-1.x86_64-signed.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:'
+    echo '  Failed to parse Signature Packet'
+    echo '      because: Malformed packet: Subpacket extends beyond the end of the subpacket area)'
+fi`
 error: /tmp/hello-2.0-1.x86_64-signed.rpm cannot be installed
 ])
 RPMTEST_CLEANUP
diff -up rpm-4.18.2/tests/rpmsigdig.at.orig rpm-4.18.2/tests/rpmsigdig.at
--- rpm-4.18.2/tests/rpmsigdig.at.orig	2023-11-13 13:18:27.722107532 +0100
+++ rpm-4.18.2/tests/rpmsigdig.at	2023-11-13 16:21:03.842018500 +0100
@@ -539,7 +539,7 @@ RPMTEST_CLEANUP
 # Test pre-built corrupted package verification (corrupted signature)
 AT_SETUP([rpmkeys -Kv <corrupted signed> 1])
 AT_KEYWORDS([rpmkeys digest signature])
-RPMTEST_CHECK([
+RPMTEST_CHECK_UNQUOTED([
 RPMDB_INIT
 
 pkg="hello-2.0-1.x86_64-signed.rpm"
@@ -553,14 +553,28 @@ runroot rpmkeys -Kv /tmp/${pkg}
 ],
 [1],
 [/tmp/hello-2.0-1.x86_64-signed.rpm:
-    Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)
+`if test x$PGP = xinternal; then
+    echo '    Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)'
+else
+    echo '    Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:'
+    echo '  Failed to parse Signature Packet'
+    echo '      because: Signature appears to be created by a non-conformant OpenPGP implementation, see <https://github.com/rpm-software-management/rpm/issues/2351>.'
+    echo '      because: Malformed MPI: leading bit is not set: expected bit 1 to be set in        0 (0))'
+fi`
     Header SHA256 digest: OK
     Header SHA1 digest: OK
     Payload SHA256 digest: OK
     V4 RSA/SHA256 Signature, key ID 1964c5fc: NOKEY
     MD5 digest: OK
 /tmp/hello-2.0-1.x86_64-signed.rpm:
-    Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)
+`if test x$PGP = xinternal; then
+    echo '    Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)'
+else
+    echo '    Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:'
+    echo '  Failed to parse Signature Packet'
+    echo '      because: Signature appears to be created by a non-conformant OpenPGP implementation, see <https://github.com/rpm-software-management/rpm/issues/2351>.'
+    echo '      because: Malformed MPI: leading bit is not set: expected bit 1 to be set in        0 (0))'
+fi`
     Header SHA256 digest: OK
     Header SHA1 digest: OK
     Payload SHA256 digest: OK
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.