Projects
Mega:24.03:SP1:Everything
rpm
_service:tar_scm:backport-Support-ECDSA-in-key-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-Support-ECDSA-in-key-parsing.patch of Package rpm
From 8bc74f9ec48386beadf396ba5830aacf6672df4c Mon Sep 17 00:00:00 2001 From: Michael Schroeder <mls@suse.de> Date: Thu, 11 Apr 2024 14:13:22 +0200 Subject: [PATCH] Support ECDSA in key parsing Conflict:modify rpmpgp_internal.c in rpmio; adapt context because 296f2256b90 and b5b9600834 is not mearged Reference:https://github.com/rpm-software-management/rpmpgp_legacy/commit/ca6c204cfa95f016ba03a73d5e6e4451cf8d4d6d --- rpmio/rpmpgp_internal.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/rpmio/rpmpgp_internal.c b/rpmio/rpmpgp_internal.c index 0fcd220..610a9b2 100644 --- a/rpmio/rpmpgp_internal.c +++ b/rpmio/rpmpgp_internal.c @@ -576,11 +576,6 @@ static int pgpCurveByOid(const uint8_t *p, int l) return 0; } -static int isKey(pgpDigParams keyp) -{ - return keyp->tag == PGPTAG_PUBLIC_KEY || keyp->tag == PGPTAG_PUBLIC_SUBKEY; -} - static int pgpPrtPubkeyParams(uint8_t pubkey_algo, const uint8_t *p, const uint8_t *h, size_t hlen, pgpDigParams keyp) @@ -588,12 +583,12 @@ static int pgpPrtPubkeyParams(uint8_t pubkey_algo, int rc = 1; /* assume failure */ const uint8_t *pend = h + hlen; int curve = 0; - if (!isKey(keyp)) + if (keyp->tag != PGPTAG_PUBLIC_KEY && keyp->tag != PGPTAG_PUBLIC_SUBKEY) return rc; /* We can't handle more than one key at a time */ if (keyp->alg) return rc; - if (pubkey_algo == PGPPUBKEYALGO_EDDSA) { + if (pubkey_algo == PGPPUBKEYALGO_EDDSA || pubkey_algo == PGPPUBKEYALGO_ECDSA) { int len = (hlen > 1) ? p[0] : 0; if (len == 0 || len == 0xff || len >= hlen) return rc; @@ -686,8 +681,9 @@ static int getPubkeyFingerprint(const uint8_t *h, size_t hlen, return rc; se = (uint8_t *)(v + 1); switch (v->pubkey_algo) { + case PGPPUBKEYALGO_ECDSA: case PGPPUBKEYALGO_EDDSA: - /* EdDSA has a curve id before the MPIs */ + /* ECC has a curve id before the MPIs */ if (se[0] == 0x00 || se[0] == 0xff || pend - se < 1 + se[0]) return rc; se += 1 + se[0]; @@ -1206,8 +1202,11 @@ rpmRC pgpVerifySignature(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx) if (sig == NULL || ctx == NULL) goto exit; + /* make sure the dig param types are correct */ if (sig->tag != PGPTAG_SIGNATURE) goto exit; + if (key && key->tag != PGPTAG_PUBLIC_KEY && key->tag != PGPTAG_PUBLIC_SUBKEY) + goto exit; if (sig->hash != NULL) rpmDigestUpdate(ctx, sig->hash, sig->hashlen); @@ -1235,8 +1234,6 @@ rpmRC pgpVerifySignature(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx) * done all we can, return NOKEY to indicate "looks okay but dunno." */ if (key && key->alg) { - if (!isKey(key)) - goto exit; pgpDigAlg sa = sig->alg; pgpDigAlg ka = key->alg; if (sa && sa->verify && sig->pubkey_algo == key->pubkey_algo) { -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2