[Rpm-maint] [rpm-software-management/rpm] RPM fsverity support (#1203)
Panu Matilainen
notifications at github.com
Tue May 26 13:26:31 UTC 2020
@pmatilai commented on this pull request.
> + digest_hex = pgpHexStr(digest->digest, digest->digest_size);
+ rpmlog(RPMLOG_DEBUG, _("file(size %li): %s: digest(%i): %s, idx %i\n"),
+ file_size, rpmfiFN(fi), digest->digest_size, digest_hex,
+ rpmfiFX(fi));
+
+ free(digest_hex);
+
+ memset(&sig_params, 0, sizeof(struct libfsverity_signature_params));
+ sig_params.keyfile = key;
+ sig_params.certfile = cert;
+ if (libfsverity_sign_digest(digest, &sig_params, &sig, sig_size)) {
+ rpmlog(RPMLOG_DEBUG, _("failed to sign digest\n"));
+ goto out;
+ }
+
+ sig_hex = pgpHexStr(sig, *sig_size);
Here too, IMA file signatures set a bad example. Use base64 encoded strings instead of hex, it's much more space efficient (and IMA should be changed to that as well)
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1203#pullrequestreview-418294777
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20200526/a8d41571/attachment.html>
More information about the Rpm-maint
mailing list