[Rpm-maint] rpm SHA1 signature composing

[Chen, Zhang Z]

Hi All,

I'm trying to compose an RPM using a Perl script. I always got the following error when trying to install the rpm created by my script:
header SHA1 digest: BAD

Following is the part of my script:

sub createsigheader($$$$)
    {
        # all hardcoded (use _append later, when proof-of-concept ready)
        my @hdr;

        #push @hdr, pack("CCCCNNN", 0x8e, 0xad, 0xe8, 0x01, 0, 2, 20);
        my $sha1 = $_[2]."\000\000\000\000";
        my $sha1_length = length($sha1);
        push @hdr, pack("CCCCNNN", 0x8e, 0xad, 0xe8, 0x01, 0, 5, 0x54);
        push @hdr, pack("NNNN", 62, 7, 0x44, 16); # HDRSIG
        push @hdr, pack("NNNN", 269, 6, 0x00, 1); # SHA1
        push @hdr, pack("NNNN", 1000, 4, 0x2c, 1); # SIZE
        push @hdr, pack("NNNN", 1004, 7, 0x30, 16); # MD5
        push @hdr, pack("NNNN", 1007, 4, 0x40, 1); # payload size

        #push @hdr, pack("N", $_[0]); # add SIZE;
        push @hdr, $sha1; # add sha1 digest
        push @hdr, pack("N", $_[0] - 32); # add SIZE; # XXX -32 !!!
        push @hdr, $_[1]; # add digest
        push @hdr, pack ("N", $_[3]); # add payload size
        push @hdr, pack("CCCCCCCCCCCCCCCC", 0x00, 0x00, 0x00, 0x3e, 0x00, 0x00,
                        0x00, 0x07, 0xff, 0xff, 0xff, 0xb0, 0x00, 0x00, 0x00, 0x10);
        return join('', @hdr) . "\0" x 4;

}

my $dhdr = createdataheader $npkg, $cpiofile;
    system 'gzip', '-n', $cpiofile;
    my $ctx = Digest::MD5->new();
    $ctx->add($dhdr);
    #system "md5sum $cpiofile.gz >/dev/tty";
    open J, "$cpiofile.gz" or die $!;
    $ctx->addfile(*J);
    close J;

    use Digest::SHA1;
    my $sha1 = Digest::SHA1->new;
    $sha1->add($dhdr);


my $shdr = createsigheader length($dhdr) + -s "$cpiofile.gz", $ctx->digest, $sha1->hexdigest, -s "$cpiofile.gz";

Any idea?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20101228/b656b3c8/attachment.html>