RPM Community Forums

Mailing List Message of <rpm-devel>

Re: gnupg(...) without external gpg(1)

From: Ralf S. Engelschall <rse+rpm-devel@rpm5.org>
Date: Sat 29 Dec 2007 - 17:09:28 CET
Message-ID: <20071229160928.GA80080@engelschall.com> 
On Sat, Dec 29, 2007, Jeff Johnson wrote:

> [...]
> 1) The rpmCheckPgpSignature() routine exists.

Great!

> 2) detached signatures, PEM encoded, for both DSA/RSA using NSS, are
> functional.

Fine. Is this NSS-only now? What about BeeCrypt? In OpenPKG we cannot
use NSS (because it is not as easily portable and stand-alone as
BeeCrypt) and hence for RPM have just BeeCrypt (or even OpenSSL)
available.

> 3) binary, instead of PEM, encoding needs an appropriate pgpArmor return
> [...]
> With the return code, binary encoding is likely functional.

Doesn't matter for me. I can easily enforce the use of PEM only in my
all of my use cases.

> 4) the plaintext needs to be split out for clear signed documents,
> pgpReadPkts likely
> extracts the armored signature already.

Yes, would be nice to have, too. But for plain checking
the signature this is still not required, of course.

> 5) implicit lookup in rpmdb keyring is implemented, but there's something
> funky going on with RSA key id's, so RSA lookup's are failing because the
> primary key id is incorrect, not for any implementation reason.

Ok, this is no problem as our OpenPKG keys are both in the RPMDB and
on the filesystem. So we can easily stick to the functionality which
directly loads the key from the filesystem.

> [...]
> Do you really need key fingerprint checking?

Yes, indeed. Sorry, but this is really essential and also the reason
why I added fingerprint checking for gnupg() yesterday. One could
"rpm --import" arbitrary pubkeys or even overwrite the pubkey on the
filesystem, so it is actually *essential* to not just check whether
a pubkey matched, but also to check the fingerprint of this signing
pubkey to make sure something was signed by the *right* key.

> [...]
> If you really need, the key fingerprint is calculated in (the misnamed)
> pgpPubkeyFingerprint() routine, but the 160bit SHA1 fingerprint is
> not returned. There's a butt load of other todo item's, like creating
> a header extension and tag for indexing key's by fingerprint as
> well as key id that need doing if you want key fingerprints.

Well, _here_ we minimally just need the possibility to check the
fingerprint of the matched pubkey. No tag fiddling or whatever else
currently needed. But the raw fingerprint check is really essential
IMHO.

> Personally, I don't see much added value in explicitly handling
> fingerprint's other than completely pedantically correct implementation.

It prevents one to accept _any_ matching pubkey while one often really
wants to accept just a _particular_ matching pubkey. Think about for
instance our OpenPKG security advisories: they are PGP signed by
a particular OpenPKG GmbH key, not just by any key from a OpenPKG
developer. If one wants to check the integrity one has to not just check
whether it was signed by _someone_ but signed by the particular OpenPKG
GmbH key.

> I'll also wire up the pgp(...) name space this morning, that's really
> really easy.

I just cannot wait to testdrive this. I'm partly excited to have
this functionalities in place. Especially the rpmCheckPgpSignature()
function. Hopefully you get it working with BeeCrypt or OpenSSL instead
of NSS, too...
                                       Ralf S. Engelschall
                                       rse@engelschall.com
                                       www.engelschall.com
Received on Sat Dec 29 17:10:19 2007
Driven by Jeff Johnson and the RPM project team.
Hosted by OpenPKG and Ralf S. Engelschall.
Powered by FreeBSD and OpenPKG.