226 lines
9.3 KiB
Diff
226 lines
9.3 KiB
Diff
diff -up rpm-4.18.2/configure.ac.orig rpm-4.18.2/configure.ac
|
|
--- rpm-4.18.2/configure.ac.orig 2023-11-13 13:18:27.694107699 +0100
|
|
+++ rpm-4.18.2/configure.ac 2023-11-13 16:18:59.917784964 +0100
|
|
@@ -384,7 +384,7 @@ AC_SUBST(WITH_LIBGCRYPT_LIB)
|
|
WITH_RPM_SEQUOIA_INCLUDE=
|
|
WITH_RPM_SEQUOIA_LIB=
|
|
if test "$with_crypto" = sequoia ; then
|
|
- PKG_CHECK_MODULES([RPM_SEQUOIA], [rpm-sequoia], [have_rpm_sequoia=yes], [have_rpm_sequoia=no])
|
|
+ PKG_CHECK_MODULES([RPM_SEQUOIA], [rpm-sequoia >= 1.4.0], [have_rpm_sequoia=yes], [have_rpm_sequoia=no])
|
|
if test "$have_rpm_sequoia" = "yes"; then
|
|
WITH_RPM_SEQUOIA_INCLUDE="$RPM_SEQUOIA_CFLAGS"
|
|
WITH_RPM_SEQUOIA_LIB="$RPM_SEQUOIA_LIBS"
|
|
diff -up rpm-4.18.2/include/rpm/rpmpgp.h.orig rpm-4.18.2/include/rpm/rpmpgp.h
|
|
--- rpm-4.18.2/include/rpm/rpmpgp.h.orig 2023-11-13 13:18:27.697107681 +0100
|
|
+++ rpm-4.18.2/include/rpm/rpmpgp.h 2023-11-13 16:18:59.918784958 +0100
|
|
@@ -1014,6 +1014,18 @@ int pgpPrtParams(const uint8_t *pkts, si
|
|
pgpDigParams * ret);
|
|
|
|
/** \ingroup rpmpgp
|
|
+ * Parse a OpenPGP packet(s).
|
|
+ * @param pkts OpenPGP packet(s)
|
|
+ * @param pktlen OpenPGP packet(s) length (no. of bytes)
|
|
+ * @param pkttype Expected packet type (signature/key) or 0 for any
|
|
+ * @param[out] ret signature/pubkey packet parameters on success (alloced)
|
|
+ * @param[out] lints error messages and lints
|
|
+ * @return -1 on error, 0 on success
|
|
+ */
|
|
+int pgpPrtParams2(const uint8_t *pkts, size_t pktlen, unsigned int pkttype,
|
|
+ pgpDigParams * ret, char **lints);
|
|
+
|
|
+/** \ingroup rpmpgp
|
|
* Parse subkey parameters from OpenPGP packet(s).
|
|
* @param pkts OpenPGP packet(s)
|
|
* @param pktlen OpenPGP packet(s) length (no. of bytes)
|
|
@@ -1192,6 +1204,17 @@ const uint8_t *pgpDigParamsSignID(pgpDig
|
|
const char *pgpDigParamsUserID(pgpDigParams digp);
|
|
|
|
/** \ingroup rpmpgp
|
|
+ * Verify a PGP signature and return a error message or lint.
|
|
+ * @param key public key
|
|
+ * @param sig signature
|
|
+ * @param hashctx digest context
|
|
+ * @param lints error messages and lints
|
|
+ * @return RPMRC_OK on success
|
|
+ */
|
|
+rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx,
|
|
+ char **lints);
|
|
+
|
|
+/** \ingroup rpmpgp
|
|
* Retrieve the object's version.
|
|
*
|
|
* Returns the object's version.
|
|
diff -up rpm-4.18.2/lib/rpmvs.c.orig rpm-4.18.2/lib/rpmvs.c
|
|
--- rpm-4.18.2/lib/rpmvs.c.orig 2023-11-13 13:18:27.703107645 +0100
|
|
+++ rpm-4.18.2/lib/rpmvs.c 2023-11-13 16:18:59.918784958 +0100
|
|
@@ -193,10 +193,23 @@ static void rpmsinfoInit(const struct vf
|
|
}
|
|
|
|
if (sinfo->type == RPMSIG_SIGNATURE_TYPE) {
|
|
- if (pgpPrtParams(data, dlen, PGPTAG_SIGNATURE, &sinfo->sig)) {
|
|
- rasprintf(&sinfo->msg, _("%s tag %u: invalid OpenPGP signature"),
|
|
- origin, td->tag);
|
|
+ char *lints = NULL;
|
|
+ int ec = pgpPrtParams2(data, dlen, PGPTAG_SIGNATURE, &sinfo->sig, &lints);
|
|
+ if (ec) {
|
|
+ if (lints) {
|
|
+ rasprintf(&sinfo->msg,
|
|
+ ("%s tag %u: invalid OpenPGP signature: %s"),
|
|
+ origin, td->tag, lints);
|
|
+ free(lints);
|
|
+ } else {
|
|
+ rasprintf(&sinfo->msg,
|
|
+ _("%s tag %u: invalid OpenPGP signature"),
|
|
+ origin, td->tag);
|
|
+ }
|
|
goto exit;
|
|
+ } else if (lints) {
|
|
+ rpmlog(RPMLOG_WARNING, "%s\n", lints);
|
|
+ free(lints);
|
|
}
|
|
sinfo->hashalgo = pgpDigParamsAlgo(sinfo->sig, PGPVAL_HASHALGO);
|
|
sinfo->keyid = pgpGrab(pgpDigParamsSignID(sinfo->sig)+4, 4);
|
|
diff -up rpm-4.18.2/rpmio/rpmkeyring.c.orig rpm-4.18.2/rpmio/rpmkeyring.c
|
|
--- rpm-4.18.2/rpmio/rpmkeyring.c.orig 2023-11-13 13:18:27.719107550 +0100
|
|
+++ rpm-4.18.2/rpmio/rpmkeyring.c 2023-11-13 16:18:59.919784952 +0100
|
|
@@ -328,7 +328,12 @@ rpmRC rpmKeyringVerifySig(rpmKeyring key
|
|
pgpkey = key->pgpkey;
|
|
|
|
/* We call verify even if key not found for a signature sanity check */
|
|
- rc = pgpVerifySignature(pgpkey, sig, ctx);
|
|
+ char *lints = NULL;
|
|
+ rc = pgpVerifySignature2(pgpkey, sig, ctx, &lints);
|
|
+ if (lints) {
|
|
+ rpmlog(rc ? RPMLOG_ERR : RPMLOG_WARNING, "%s\n", lints);
|
|
+ free(lints);
|
|
+ }
|
|
}
|
|
|
|
if (keyring)
|
|
diff -up rpm-4.18.2/rpmio/rpmpgp_internal.c.orig rpm-4.18.2/rpmio/rpmpgp_internal.c
|
|
--- rpm-4.18.2/rpmio/rpmpgp_internal.c.orig 2023-11-13 13:18:27.719107550 +0100
|
|
+++ rpm-4.18.2/rpmio/rpmpgp_internal.c 2023-11-13 16:18:59.919784952 +0100
|
|
@@ -1095,6 +1095,14 @@ int pgpPrtParams(const uint8_t * pkts, s
|
|
return rc;
|
|
}
|
|
|
|
+int pgpPrtParams2(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
|
|
+ pgpDigParams * ret, char **lints)
|
|
+{
|
|
+ if (lints)
|
|
+ *lints = NULL;
|
|
+ return pgpPrtParams(pkts, pktlen, pkttype, ret);
|
|
+}
|
|
+
|
|
int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
|
|
pgpDigParams mainkey, pgpDigParams **subkeys,
|
|
int *subkeysCount)
|
|
@@ -1264,6 +1272,13 @@ rpmRC pgpVerifySig(pgpDig dig, DIGEST_CT
|
|
pgpDigGetParams(dig, PGPTAG_SIGNATURE), hashctx);
|
|
}
|
|
|
|
+rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx, char **lints)
|
|
+{
|
|
+ if (lints)
|
|
+ *lints = NULL;
|
|
+ return pgpVerifySignature(key, sig, hashctx);
|
|
+}
|
|
+
|
|
static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen)
|
|
{
|
|
const char * enc = NULL;
|
|
diff -up rpm-4.18.2/rpmio/rpmpgp_sequoia.c.orig rpm-4.18.2/rpmio/rpmpgp_sequoia.c
|
|
--- rpm-4.18.2/rpmio/rpmpgp_sequoia.c.orig 2023-11-13 13:18:27.719107550 +0100
|
|
+++ rpm-4.18.2/rpmio/rpmpgp_sequoia.c 2023-11-13 16:18:59.919784952 +0100
|
|
@@ -36,6 +36,9 @@ W(uint32_t, pgpDigParamsCreationTime, (p
|
|
W(rpmRC, pgpVerifySignature,
|
|
(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx),
|
|
(key, sig, hashctx))
|
|
+W(rpmRC, pgpVerifySignature2,
|
|
+ (pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx, char **lints),
|
|
+ (key, sig, hashctx, lints))
|
|
W(int, pgpPubkeyKeyID,
|
|
(const uint8_t * pkt, size_t pktlen, pgpKeyID_t keyid),
|
|
(pkt, pktlen, keyid))
|
|
@@ -51,6 +54,10 @@ W(int, pgpPubKeyCertLen,
|
|
W(int, pgpPrtParams,
|
|
(const uint8_t *pkts, size_t pktlen, unsigned int pkttype, pgpDigParams *ret),
|
|
(pkts, pktlen, pkttype, ret))
|
|
+W(int, pgpPrtParams2,
|
|
+ (const uint8_t *pkts, size_t pktlen, unsigned int pkttype, pgpDigParams *ret,
|
|
+ char **lints),
|
|
+ (pkts, pktlen, pkttype, ret, lints))
|
|
W(int, pgpPrtParamsSubkeys,
|
|
(const uint8_t *pkts, size_t pktlen,
|
|
pgpDigParams mainkey, pgpDigParams **subkeys,
|
|
diff -up rpm-4.18.2/tests/rpmi.at.orig rpm-4.18.2/tests/rpmi.at
|
|
--- rpm-4.18.2/tests/rpmi.at.orig 2023-11-13 13:18:27.721107538 +0100
|
|
+++ rpm-4.18.2/tests/rpmi.at 2023-11-13 16:21:40.657790792 +0100
|
|
@@ -254,7 +254,7 @@ RPMTEST_CLEANUP
|
|
|
|
AT_SETUP([rpm -U <corrupted signed 1>])
|
|
AT_KEYWORDS([install])
|
|
-RPMTEST_CHECK([
|
|
+RPMTEST_CHECK_UNQUOTED([
|
|
RPMDB_INIT
|
|
|
|
pkg="hello-2.0-1.x86_64-signed.rpm"
|
|
@@ -267,7 +267,13 @@ runroot rpm -U --ignorearch --ignoreos -
|
|
],
|
|
[1],
|
|
[],
|
|
-[error: /tmp/hello-2.0-1.x86_64-signed.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)
|
|
+[`if test x$PGP = xinternal; then
|
|
+ echo 'error: /tmp/hello-2.0-1.x86_64-signed.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)'
|
|
+else
|
|
+ echo 'error: /tmp/hello-2.0-1.x86_64-signed.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:'
|
|
+ echo ' Failed to parse Signature Packet'
|
|
+ echo ' because: Malformed packet: Subpacket extends beyond the end of the subpacket area)'
|
|
+fi`
|
|
error: /tmp/hello-2.0-1.x86_64-signed.rpm cannot be installed
|
|
])
|
|
RPMTEST_CLEANUP
|
|
diff -up rpm-4.18.2/tests/rpmsigdig.at.orig rpm-4.18.2/tests/rpmsigdig.at
|
|
--- rpm-4.18.2/tests/rpmsigdig.at.orig 2023-11-13 13:18:27.722107532 +0100
|
|
+++ rpm-4.18.2/tests/rpmsigdig.at 2023-11-13 16:21:03.842018500 +0100
|
|
@@ -539,7 +539,7 @@ RPMTEST_CLEANUP
|
|
# Test pre-built corrupted package verification (corrupted signature)
|
|
AT_SETUP([rpmkeys -Kv <corrupted signed> 1])
|
|
AT_KEYWORDS([rpmkeys digest signature])
|
|
-RPMTEST_CHECK([
|
|
+RPMTEST_CHECK_UNQUOTED([
|
|
RPMDB_INIT
|
|
|
|
pkg="hello-2.0-1.x86_64-signed.rpm"
|
|
@@ -553,14 +553,28 @@ runroot rpmkeys -Kv /tmp/${pkg}
|
|
],
|
|
[1],
|
|
[/tmp/hello-2.0-1.x86_64-signed.rpm:
|
|
- Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)
|
|
+`if test x$PGP = xinternal; then
|
|
+ echo ' Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)'
|
|
+else
|
|
+ echo ' Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:'
|
|
+ echo ' Failed to parse Signature Packet'
|
|
+ echo ' because: Signature appears to be created by a non-conformant OpenPGP implementation, see <https://github.com/rpm-software-management/rpm/issues/2351>.'
|
|
+ echo ' because: Malformed MPI: leading bit is not set: expected bit 1 to be set in 0 (0))'
|
|
+fi`
|
|
Header SHA256 digest: OK
|
|
Header SHA1 digest: OK
|
|
Payload SHA256 digest: OK
|
|
V4 RSA/SHA256 Signature, key ID 1964c5fc: NOKEY
|
|
MD5 digest: OK
|
|
/tmp/hello-2.0-1.x86_64-signed.rpm:
|
|
- Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)
|
|
+`if test x$PGP = xinternal; then
|
|
+ echo ' Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)'
|
|
+else
|
|
+ echo ' Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:'
|
|
+ echo ' Failed to parse Signature Packet'
|
|
+ echo ' because: Signature appears to be created by a non-conformant OpenPGP implementation, see <https://github.com/rpm-software-management/rpm/issues/2351>.'
|
|
+ echo ' because: Malformed MPI: leading bit is not set: expected bit 1 to be set in 0 (0))'
|
|
+fi`
|
|
Header SHA256 digest: OK
|
|
Header SHA1 digest: OK
|
|
Payload SHA256 digest: OK
|