[Rpm-maint] [rpm-software-management/rpm] Include a hashed notation subpacket that contains the hash of all fields not otherwise signed (#1696)

Demi Marie Obenour notifications at github.com
Thu Jun 3 18:36:34 UTC 2021


Currently, the contents of the signature header and package lead are not themselves signed.  This causes a large number of problems:

- It is possible to tamper with a package without invalidating the signature.
- Tools such as Qubes OS’s rpmcanon, which canonicalize packages, must strip and/or recompute all signature header entries, other than signatures.  This prevents Qubes OS from using IMA or fsverity signatures.
- rpmcanon replaces all sizes with 0, as it cannot cryptographically verify them.

All of these problems can be fixed by hashing all of the aforementioned fields, with the exception of the header signature and padding.  The hash of these fields is placed in a `metasignature at rpm.org` hashed notation subpacket in a v4 signature.  Under this proposal, RPM would require all padding fields to be of minimum length and zeroed, so tampering with them would cause the package to be rejected.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1696
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210603/61d103c8/attachment.html>


More information about the Rpm-maint mailing list