[Rpm-maint] [rpm-software-management/rpm] RPM with Copy on Write (#1470)

Demi Marie Obenour notifications at github.com
Wed Feb 9 21:38:53 UTC 2022


@malmond77 would you be willing to work on improving signature validation?  Since the header is signed it is possible to include a list of digests there.  RPM would need to check to check the header’s signature before it begins reading in the payload; I am not sure if it does this already.  With each digest being of a 128KiB chunk, and the list of digests being in an binary entry, packages up to 2GiB are supported before running into RPM array size limits.  If these limits are loosened for binary data, or if base64-encoded string arrays are used, much larger packages can be supported.  Maximum amount of data that needs to be buffered is 128KiB and overhead is limited to 64 bytes (for SHA-512) in the header for each 128KiB chunk of payload.  Stock RPM will simply ignore this entry.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1470#issuecomment-1034216346
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/pull/1470/c1034216346 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220209/85b6fbcf/attachment.html>


More information about the Rpm-maint mailing list