[Rpm-maint] [RFC PATCH v3 2/4] Sign package files and include signatures in package header
Fionnuala Gunter
fin at linux.vnet.ibm.com
Wed Oct 22 18:37:07 UTC 2014
>> diff --git a/lib/rpmsignfiles.c b/lib/rpmsignfiles.c
>> new file mode 100644
>> index 0000000..9c33103
>> --- /dev/null
>> +++ b/lib/rpmsignfiles.c
>> @@ -0,0 +1,130 @@
>> +/**
>> + * Copyright (C) 2014 IBM Corporation
>> + *
>> + * Author: Fionnuala Gunter <fin at linux.vnet.ibm.com>
>> + */
>> +
>> +#include "system.h"
>> +#include "imaevm.h"
>> +
>> +#include <rpm/rpmlog.h> /* rpmlog */
>> +#include <rpm/rpmstring.h> /* rnibble */
>> +#include <rpm/rpmpgp.h> /* rpmDigestLength */
>> +#include "lib/header.h" /* HEADERGET_MINMEM */
>> +#include "lib/rpmtypes.h" /* rpmRC */
>> +
>> +#include "lib/rpmsignfiles.h"
>> +
>> +static char *rpmDigestAlgo(uint32_t dalgo)
>> +{
>> + switch (dalgo) {
>> + case 0:
>> + case 1: return "md5";
>> + case 2: return "sha1";
>> + case 8: return "sha256";
>> + case 9: return "sha384";
>> + case 10: return "sha512";
>> + default: return NULL;
>> + }
>> +}
>
> This does not match kernel digest algo enumeration...
>
I found the rpm digest algo enumeration in rpmio/rpmpgp.h
typedef enum pgpHashAlgo_e {
PGPHASHALGO_MD5 = 1, /*!< MD5 */
PGPHASHALGO_SHA1 = 2, /*!< SHA1 */
PGPHASHALGO_RIPEMD160 = 3, /*!< RIPEMD160 */
PGPHASHALGO_MD2 = 5, /*!< MD2 */
PGPHASHALGO_TIGER192 = 6, /*!< TIGER192 */
PGPHASHALGO_HAVAL_5_160 = 7, /*!< HAVAL-5-160 */
PGPHASHALGO_SHA256 = 8, /*!< SHA256 */
PGPHASHALGO_SHA384 = 9, /*!< SHA384 */
PGPHASHALGO_SHA512 = 10, /*!< SHA512 */
PGPHASHALGO_SHA224 = 11, /*!< SHA224 */
} pgpHashAlgo;
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/uapi/linux/hash_info.h
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/crypto/hash_info.c
>
> I think you could define hash_algo_name structure as well instead of
> using "switch"...
>
Yes, I will get rid of the switch.
> Actually hash_info.h is since 3.13 and Ubuntu has 3.13 now but there is
> no /usr/include/linux/hash_info.h
> Anyone has any ideas why is that?
>
> - Dmitry
Thanks,
Fin
More information about the Rpm-maint
mailing list