On Thu, Mar 11, 2004 at 05:49:05PM -0500, Erik LaBianca wrote: > > rpm uses beecrypt, not gpg, and supports only a subset of RFC-2440 > > (aka OpenPGP). > > > > Specific limitations of note include: > > a) V3 signatures. > > b) few, possibly none, additional signings. > > c) DSA/SHA1 and RSA/MD5 only. > > d) no concept of "trust" bit. > > > > There may well be other limits, like 2048-bit RSA keys. > > > > Is there a way to find out more concretely what these limitations are? > I've written a script to automate installing gpg keys into rpm via a > keyserver, and have run into the multiple signatures problem in several > instances. > Describing the limitations imposed by, say, a changing feature set of algorithms implemented in gpg, ain't never gonna be accurate. Rather, I can tell you what *is* (or was) implemented, and let you assume (or investigate) for yourself what is not currently implemented. What is implemented is support for the 2 Red Hat signing keys: RPM-PGP-KEY # RSA/MD5 used up to RHL 6.2 RPM-GPG-KEY # DSA/SHA1 used since RHL 6.2 The algorithm verification was tested by checking every package signature for all final releases from RHL 5.2 up to (iirc) RHL 8.0. Since RHL 8.0, of course, signature verification is on by default almost everywhere, that is a pretty strong test of the accuracy of the algorithms. So any signing scheme that closely resembles the OpenPGP packets within the 2 pubkeys above is likely to "work". Note that the problem(s) are not in beecrypt per-se, which is where the signature verification used by rpm resides. Rather, the problems are in the parsing of OpenPGP packets in rpmio/rpmpgp.c and in mapping the parsed data onto, say, algorithm implementations within beecrypt. I'm quite happy with beecrypt, nice clean fast KISS crypto library. I'm also confident that the parser in rpmio/rpmpgp.c is reasonably complete and sufficiently bug free to be savable. Only time and security audits will determine this. > My script uses GPG to strip off all non-self signatures, which seems to > work in some cases, but in others it doesn't. If I could figure out > exactly what needs to be stripped, it would help a whole lot. > > If anyone is interested, the current script is available at > http://www.ilsw.com/~erik/fedora-installkey > There is also no reason why you have to use rpm's crypto. See /usr/lib/rpm/tpgp for a script that verifies the signature in a package using gpg, rather than rpm+beecrypt, if that fits your "trust" definition better. 73 de Jeff -- Jeff Johnson ARS N3NPQ jbj@xxxxxxxxxx (jbj@xxxxxxx) Chapel Hill, NC _______________________________________________ Rpm-list mailing list Rpm-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/rpm-list
