Crate rpm_sequoia

Expand description

An implementation of RPM’s OpenPGP interface.

This library provides an implementation of RPM’s OpenPGP interface.

You should not link to this library directly.

If you are looking for an OpenPGP interface, consider using Sequoia, which this library is based on. If you want to use RPM’s OpenPGP interface, which you should only do if you are interacting with RPM, then you should link against RPM, which reexports this interface.

If you are investigating a bug in this library, set the RPM_TRACE environment variable to 1 to get a verbose trace of the library’s execution:

$ LD_LIBRARY_PATH=/tmp/rpm-sequoia/release RPM_TRACE=1 ./rpmkeys \
  --import ../tests/data/keys/CVE-2021-3521-badbind.asc
_rpmInitCrypto: entered
_rpmInitCrypto: -> success
_pgpParsePkts: entered
...

§Policy

When Sequoia evaluates the validity of an object (e.g., a cryptographic signature) it consults a policy. The policy is user defined. This library uses Sequoia’s standard policy.

Sequoia’s standard policy allows self-signatures (i.e., the signatures that bind a User ID or subkey to a certificate) made with SHA-1 until February 2023. It completely disallows data signatures made with SHA-1. The reason for this is that SHA-1 collision resistance is broken, but its second pre-image resistance is still okay.

As an added protection, Sequoia uses SHA-1 collision detection, which is a variant of SHA-1, which mitigates known attacks against SHA-1. SHA-1 CD has a very low false positive rate (2^-90) so it can be treated as a drop-in, fully compatible replacement for SHA-1.

§Configuration File

This library reads the crypto policy configuration in /etc/crypto-policies/back-ends/sequoia.config. If that file doesn’t exist, it tries /usr/share/crypto-policies/back-ends/rpm-sequoia.config. This can be overridden using the SEQUOIA_CRYPTO_POLICY environment variable. If set to the empty string, then no crypto policy will be read and instead Sequoia’s default policy will be used.

Refer to the Fedora Crypto Policy project for information about the crypto policy.

Modules§

digest
rpm

Structs§

PgpDig: An optional OpenPGP certificate and an optional signature.
PgpDigParams

Functions§

_pgpArmorWrap: Wraps the data in ASCII armor.
_pgpCleanDig: Release (malloc’d) data from container.
_pgpDigGetParams: Retrieve parameters for parsed OpenPGP packet(s).
_pgpDigParamsAlgo: Returns the object’s public key or algorithm algorithm.
_pgpDigParamsCmp: “Compares” the two parameters and returns 1 if they differ and 0 if they match.
_pgpDigParamsCreationTime: Returns the object’s time.
_pgpDigParamsFree: Frees the parameters.
_pgpDigParamsSalt: Returns a signature’s salt.
_pgpDigParamsSignID: Returns the issuer or the Key ID.
_pgpDigParamsUserID: Returns the primary User ID, if any.
_pgpDigParamsVersion: Returns the object’s version.
_pgpFreeDig: Destroy a container for parsed OpenPGP packet(s).
_pgpNewDig: Create a container for parsed OpenPGP packet(s).
_pgpParsePkts: Strips the ASCII armor and returns the decoded data in pkt.
_pgpPrtParams: Parses OpenPGP data.
_pgpPrtParams2: Like _pgpPrtParams, but returns error messages and lints in lint_str.
_pgpPrtParamsSubkeys: Returns a PgpDigParams data structure for each subkey.
_pgpPrtPkts: Parses and optionally prints to stdout a OpenPGP packet(s).
_pgpPubKeyCertLen: Returns the length of the certificate in bytes.
_pgpPubKeyLint: Lints the first certificate in pkts.
_pgpPubkeyFingerprint: Calculate OpenPGP public key fingerprint.
_pgpPubkeyKeyID: Returns the Key ID of the public key or the secret key stored in pkt.
_pgpPubkeyMerge: Merge the PGP packets of two certificates
_pgpSignatureType: Returns the signature’s type.
_pgpVerifySig: Verify a PGP signature.
_pgpVerifySignature: Verifies the signature.
_pgpVerifySignature2: Like _pgpVerifySignature, but returns error messages and lints in lint_str.
_rpmFreeCrypto: int rpmFreeCrypto(void)
_rpmInitCrypto: int rpmInitCrypto(void)
print_error_chain: Prints the error and causes, if any.