Create & verify PAYLOADDIGEST, PAYLOADDIGESTALT #124
Conversation
dralley
force-pushed
the
payloaddigest
branch
3 times, most recently
from
4a98ae5 to
8ffcdfe
Compare
|
@DemiMarie (edit: see |
dralley
force-pushed
the
payloaddigest
branch
2 times, most recently
from
5a05a88 to
0652df2
Compare
dralley
force-pushed
the
payloaddigest
branch
2 times, most recently
from
a378e8a to
ff1c21a
Compare
dralley
force-pushed
the
payloaddigest
branch
4 times, most recently
from
8867997 to
b5d8408
Compare
These are checksums of the compressed payload, uncompressed payload, and the algorithm used respectively.
| @@ -216,31 +208,59 @@ impl RPMPackage { | |||
| ); | |||
|
|
|||
| verifier.verify(header_bytes.as_slice(), signature_header_only)?; | |||
| self.verify_digests()?; | |||
There was a problem hiding this comment.
Is this intended to always verify digests? If they're missing, the verification would fail and the signatures themselves would already contain the content.
I'd be in favor of providing a on-stop-shop fn verify that verifies whatever is in the package.
There was a problem hiding this comment.
The idea is that if you just verify the signature without verifying the digests you're not actually asserting that the payload is intact (at least not in all cases, if you have only modern signatures and not the legacy ones)
We'll probably need to rework these APIs in the future, in order to support EdDSA signatures in addition to RSA. Currently RSA is baked into the signature of this function.
There was a problem hiding this comment.
I see, but we do verify both, at least that's what I remember.
There was a problem hiding this comment.
I don't think so, we verify old signatures and new signatures, but that's on a different dimension from the actual type of signatures. There's RSAHEADER and DSAHEADER, but we don't have any code that reads DSAHEADER. DSAHEADER is where EdDSA signatures are stored (it was repurposed as original DSA support has been dead for a while)
There was a problem hiding this comment.
I've change the implementation to only verify digests that actually exist.
dralley
force-pushed
the
payloaddigest
branch
3 times, most recently
from
630c1bc to
840b09f
Compare
| @@ -675,7 +682,7 @@ impl RPMBuilder { | |||
| "4.0-1".to_string(), | |||
| )); | |||
|
|
|||
| if matches!(self.compressor, Compressor::Zstd(_)) { | |||
There was a problem hiding this comment.
If we impl fn as_dependency(&self) -> Option<Dependency> for the compressor we can simply call self.requires.extend(compressor.as_dependency()) which is much cleaner.
There was a problem hiding this comment.
I'm not sure that pattern would generalize well enough to be worthwhile. In fact this might be the only case where that is possible. With FileDigests or RichDeps or any other feature requires there isn't a particular object you could attach it to.
|
@drahnr Completely unrelated question. I have an implementation of RPM version comparison which I would like to upload. I could add it to this project, or we could make a new crate for it. I kind of prefer he latter.
|
|
If possible, make it a separate crate, add it to this repository, add a |
📜 Checklist
--all-featuresenabled