RPM Community Forums

Mailing List Message of <rpm-devel>

Re: [CVS] RPM: rpm/rpmio/ rpmgc.c

From: Jeff Johnson <n3npq@mac.com>
Date: Mon 15 Dec 2008 - 02:09:12 CET
Message-id: <F26F7BA9-1197-44B6-94D4-1F1F4036E497@mac.com>
Ironically, libgcrypt DSA is the last impediment to 4 complete
crypto implementations.

Certain keys/data are broken somehow, signature verification
doesn't fail sometimes unless its data dependent somehow.

Here's the last failures I'm seeing with one specific key if
anyone is interested in fixing:

[jbj@wellfleet lib]$ ./tpgp --usecrypto gc
==> check(DSA.pem, (null), DSA.pub,  
28CCA3D845C00B5556E1B0EAE995C33C3AF6DC13)
============================ verify: OK
==> check(plaintext, DSA.sig, DSA.pub,  
28CCA3D845C00B5556E1B0EAE995C33C3AF6DC13)
rpmgc: DSA verify: User defined source 1/Invalid object
============================ verify: FAIL
==> check(plaintext, DSA.sig, DSA.pubpem,  
28CCA3D845C00B5556E1B0EAE995C33C3AF6DC13)
rpmgc: DSA verify: User defined source 1/Invalid object
============================ verify: FAIL
==> check(plaintext, DSA.sigpem, DSA.pub,  
28CCA3D845C00B5556E1B0EAE995C33C3AF6DC13)
rpmgc: DSA verify: User defined source 1/Invalid object
============================ verify: FAIL
==> check(plaintext, DSA.sigpem, DSA.pubpem,  
28CCA3D845C00B5556E1B0EAE995C33C3AF6DC13)
rpmgc: DSA verify: User defined source 1/Invalid object
============================ verify: FAIL
==> check(plaintext, DSA.sig, (null),  
28CCA3D845C00B5556E1B0EAE995C33C3AF6DC13)
rpmgc: DSA verify: User defined source 1/Invalid object
============================ verify: FAIL
==> check(plaintext, DSA.sigpem, (null),  
28CCA3D845C00B5556E1B0EAE995C33C3AF6DC13)
rpmgc: DSA verify: User defined source 1/Invalid object
============================ verify: FAIL
==> check(RSA.pem, (null), RSA.pub,  
6025EE4B9CB31433F1024BB423B1288FF106277C)
============================ verify: OK
==> check(plaintext, RSA.sig, RSA.pub,  
6025EE4B9CB31433F1024BB423B1288FF106277C)
rpmgc: RSA verify: User defined source 1/Conflicting use
============================ verify: FAIL
==> check(plaintext, RSA.sigpem, RSA.pubpem,  
6025EE4B9CB31433F1024BB423B1288FF106277C)
============================ verify: OK
==> check(plaintext, RSA.sigpem, RSA.pub,  
6025EE4B9CB31433F1024BB423B1288FF106277C)
============================ verify: OK
==> check(plaintext, RSA.sigpem, RSA.pubpem,  
6025EE4B9CB31433F1024BB423B1288FF106277C)
============================ verify: OK
==> check(plaintext, RSA.sig, (null),  
6025EE4B9CB31433F1024BB423B1288FF106277C)
rpmgc: RSA verify: User defined source 1/Conflicting use
============================ verify: FAIL
==> check(plaintext, RSA.sigpem, (null),  
6025EE4B9CB31433F1024BB423B1288FF106277C)
============================ verify: OK

Oh well, I can easily live with only beecrypt/NSS/ssl crypto support  
in RPM.

Off to figger what's wrong with RSA *.rpm signatures instead. The  
algorithms
and fingerprints and the plaintext hash all verify, so there's something
silly/stoopid going on with RSA *.rpm verification.

73 de Jeff

On Dec 14, 2008, at 7:50 PM, Jeff Johnson wrote:

>  RPM Package Manager, CVS Repository
>  http://rpm5.org/cvs/
>   
> ____________________________________________________________________________
>
>  Server: rpm5.org                         Name:   Jeff Johnson
>  Root:   /v/rpm/cvs                       Email:  jbj@rpm5.org
>  Module: rpm                              Date:   15-Dec-2008 01:50:46
>  Branch: HEAD                             Handle: 2008121500504600
>
>  Modified files:
>    rpm/rpmio               rpmgc.c
>
>  Log:
>    - jbj: rpmgc: yet more debugging code.
>
>  Summary:
>    Revision    Changes     Path
>    2.16        +58 -26     rpm/rpmio/rpmgc.c
>   
> ____________________________________________________________________________
>
>  patch -p0 <<'@@ .'
>  Index: rpm/rpmio/rpmgc.c
>   
> = 
> = 
> = 
> = 
> = 
> = 
> ======================================================================
>  $ cvs diff -u -r2.15 -r2.16 rpmgc.c
>  --- rpm/rpmio/rpmgc.c	14 Dec 2008 15:55:45 -0000	2.15
>  +++ rpm/rpmio/rpmgc.c	15 Dec 2008 00:50:46 -0000	2.16
>  @@ -30,12 +30,13 @@
>   void rpmgcDump(const char * msg, gcry_sexp_t sexp)
>   	/*@*/
>   {
>  -    char buf[BUFSIZ];
>  -    size_t nb;
>  +    size_t nb = gcry_sexp_sprint(sexp, GCRYSEXP_FMT_ADVANCED,  
> NULL, 0);
>  +    char * buf = alloca(nb+1);
>
>   /*@-modunconnomods @*/
>  -    nb = gcry_sexp_sprint(sexp, GCRYSEXP_FMT_ADVANCED, buf,  
> sizeof(buf));
>  +    nb = gcry_sexp_sprint(sexp, GCRYSEXP_FMT_ADVANCED, buf, nb);
>   /*@=modunconnomods @*/
>  +    buf[nb] = '\0';
>   /*@-modfilesys@*/
>   if (_pgp_debug)
>   fprintf(stderr, "========== %s:\n%s", msg, buf);
>  @@ -179,12 +180,10 @@
>   assert(sigp->hash_algo == rpmDigestAlgo(ctx));
>       xx = rpmDigestFinal(ctx, (void **)&dig->sha1, &dig->sha1len, 0);
>
>  -   /* Set DSA hash. */
>  -/*@-moduncon -noeffectuncon @*/
>  +    /* Set DSA hash. */
>       err = rpmgcErr(gc, "DSA gc->hash",
>   		gcry_sexp_build(&gc->hash, NULL,
>   			"(data (flags raw) (value %b))", dig->sha1len, dig->sha1) );
>  -/*@=moduncon =noeffectuncon @*/
>   if (_pgp_debug < 0)
>   rpmgcDump("gc->hash", gc->hash);
>
>  @@ -200,6 +199,7 @@
>       gcry_error_t err;
>
>   /*@-moduncon -noeffectuncon @*/
>  +
>       err = rpmgcErr(gc, "DSA gc->sig",
>   		gcry_sexp_build(&gc->sig, NULL,
>   			"(sig-val (DSA (r %m) (s %m)))", gc->r, gc->s) );
>  @@ -219,7 +219,9 @@
>       gcry_sexp_release(gc->pkey);	gc->pkey = NULL;
>       gcry_sexp_release(gc->hash);	gc->hash = NULL;
>       gcry_sexp_release(gc->sig);		gc->sig = NULL;
>  +
>   /*@=moduncon -noeffectuncon @*/
>  +
>       return (err ? 0 : 1);
>   }
>
>  @@ -257,54 +259,61 @@
>   	/*@modifies dig, fileSystem @*/
>   {
>       rpmgc gc = dig->impl;
>  -    size_t nb = ((pgpMpiBits(p) + 7) >> 3) + 2;
>  +    size_t nb = pgpMpiLen(p);
>  +    const char * mpiname = "";
>  +    gcry_mpi_t * mpip = NULL;
>       size_t nscan = 0;
>       gcry_error_t err;
>       int rc = 0;
>
>  -/*@-moduncon -noeffectuncon @*/
>       switch (itemno) {
>       default:
>   assert(0);
>   	break;
>       case 10:		/* RSA m**d */
>  -	err = rpmgcErr(gc, "RSA m**d",
>  -		gcry_mpi_scan(&gc->c, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>  +	mpiname ="RSA m**d";	mpip = &gc->c;
>   	break;
>       case 20:		/* DSA r */
>  -	err = rpmgcErr(gc, "DSA r",
>  -		gcry_mpi_scan(&gc->r, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>  +	mpiname = "DSA r";	mpip = &gc->r;
>   	break;
>       case 21:		/* DSA s */
>  -	err = rpmgcErr(gc, "DSA s",
>  -		gcry_mpi_scan(&gc->s, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>  +	mpiname = "DSA s";	mpip = &gc->s;
>   	break;
>       case 30:		/* RSA n */
>  -	err = rpmgcErr(gc, "RSA n",
>  -		gcry_mpi_scan(&gc->n, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>  +	mpiname = "RSA n";	mpip = &gc->n;
>   	break;
>       case 31:		/* RSA e */
>  -	err = rpmgcErr(gc, "RSA e",
>  -		gcry_mpi_scan(&gc->e, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>  +	mpiname = "RSA e";	mpip = &gc->e;
>   	break;
>       case 40:		/* DSA p */
>  -	err = rpmgcErr(gc, "DSA p",
>  -		gcry_mpi_scan(&gc->p, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>  +	mpiname = "DSA p";	mpip = &gc->p;
>   	break;
>       case 41:		/* DSA q */
>  -	err = rpmgcErr(gc, "DSA q",
>  -		gcry_mpi_scan(&gc->q, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>  +	mpiname = "DSA q";	mpip = &gc->q;
>   	break;
>       case 42:		/* DSA g */
>  -	err = rpmgcErr(gc, "DSA g",
>  -		gcry_mpi_scan(&gc->g, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>  +	mpiname = "DSA g";	mpip = &gc->g;
>   	break;
>       case 43:		/* DSA y */
>  -	err = rpmgcErr(gc, "DSA y",
>  -		gcry_mpi_scan(&gc->y, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>  +	mpiname = "DSA y";	mpip = &gc->y;
>   	break;
>       }
>  +
>  +/*@-moduncon -noeffectuncon @*/
>  +    err = rpmgcErr(gc, mpiname,
>  +		gcry_mpi_scan(mpip, GCRYMPI_FMT_PGP, p, nb, &nscan) );
>   /*@=moduncon =noeffectuncon @*/
>  +
>  +    if (_pgp_debug < 0)
>  +    {	size_t nbits = gcry_mpi_get_nbits(*mpip);
>  +	unsigned char * hex = NULL;
>  +	size_t nhex = 0;
>  +	err = rpmgcErr(gc, "MPI print",
>  +		gcry_mpi_aprint(GCRYMPI_FMT_HEX, &hex, &nhex, *mpip) );
>  +	fprintf(stderr, "*** %s\t%5d:%s\n", mpiname, nbits, hex);
>  +	hex = _free(hex);
>  +    }
>  +
>       return rc;
>   }
>   /*@=globuse =mustmod @*/
>  @@ -370,13 +379,27 @@
>   }
>   /*@=mustmod@*/
>
>  +/*@unchecked@*/
>  +static int rpmgc_initialized;
>  +
>   static /*@null@*/
>   void * rpmgcFree(/*@only@*/ void * impl)
>   	/*@modifies impl @*/
>   {
>       rpmgc gc = impl;
>  +
>       rpmgcClean(impl);
>  +
>  +    if (--rpmgc_initialized == 0 && _pgp_debug < 0) {
>  +	gcry_error_t err;
>  +	err = rpmgcErr(gc, "CLEAR_DEBUG_FLAGS",
>  +		gcry_control(GCRYCTL_CLEAR_DEBUG_FLAGS, 3));
>  +	err = rpmgcErr(gc, "SET_VERBOSITY",
>  +		gcry_control(GCRYCTL_SET_VERBOSITY, 0) );
>  +    }
>  +
>       gc = _free(gc);
>  +
>       return NULL;
>   }
>
>  @@ -385,6 +408,15 @@
>   	/*@*/
>   {
>       rpmgc gc = xcalloc(1, sizeof(*gc));
>  +
>  +    if (rpmgc_initialized++ == 0 && _pgp_debug < 0) {
>  +	gcry_error_t err;
>  +	err = rpmgcErr(gc, "SET_VERBOSITY",
>  +		gcry_control(GCRYCTL_SET_VERBOSITY, 3) );
>  +	err = rpmgcErr(gc, "SET_DEBUG_FLAGS",
>  +		gcry_control(GCRYCTL_SET_DEBUG_FLAGS, 3) );
>  +    }
>  +
>       return (void *) gc;
>   }
>
>  @@ .
> ______________________________________________________________________
> RPM Package Manager                                    http://rpm5.org
> CVS Sources Repository                                rpm-cvs@rpm5.org



  • application/pkcs7-signature attachment: smime.p7s
Received on Mon Dec 15 02:10:18 2008
Driven by Jeff Johnson and the RPM project team.
Hosted by OpenPKG and Ralf S. Engelschall.
Powered by FreeBSD and OpenPKG.