[Rpm-maint] [rpm-software-management/rpm] Provide a decent API for verifying package signatures (Issue #2041)

[Demi Marie Obenour]

Currently, there is no decent API to verify package signatures.  There are various APIs that *can* be used, but they all are flawed in one way or another.

I propose an `rpmRC rpmVerifyPackageSignature(rpmContext *context, int fd, uint64_t flags);` API that just does the right thing for normal RPMs, together with an `rpmRC rpmVerifyDeltaPackageSignature(rpmContext *context, int fd, uint64_t flags);` that does the right thing for delta RPMs.  The difference is that in the second case, the header+payload signature is required, and the payload digest is ignored as it will always be wrong.

The context is meant to handle stuff like logging and other state that is currently global.

Some of the flags I can think of:

- `RPM_VERIFY_STRICT`: request strict checking of the various headers in the package, including checks which might be incompatible with ancient broken packages.
- `RPM_VERIFY_STRONG`: enforce the use of strong cryptography, even if not required by system-wide policies.
- `RPM_VERIFY_ALL`: enforce all possible checks.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2041
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/2041 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220428/742eb614/attachment.html>