Crate rpm_sequoia

An implementation of RPM’s OpenPGP interface.

This library provides an implementation of RPM’s OpenPGP interface.

You should not link to this library directly.

If you are looking for an OpenPGP interface, consider using Sequoia, which this library is based on. If you want to use RPM’s OpenPGP interface, which you should only do if you are interacting with RPM, then you should link against RPM, which reexports this interface.

If you are investigating a bug in this library, set the RPM_TRACE environment variable to 1 to get a verbose trace of the library’s execution:

$ LD_LIBRARY_PATH=/tmp/rpm-sequoia/release RPM_TRACE=1 ./rpmkeys \
  --import ../tests/data/keys/CVE-2021-3521-badbind.asc
_rpmInitCrypto: entered
_rpmInitCrypto: -> success
_pgpParsePkts: entered
...

Policy

When Sequoia evaluates the validity of an object (e.g., a cryptographic signature) it consults a policy. The policy is user defined. This library uses Sequoia’s standard policy.

Sequoia’s standard policy allows self-signatures (i.e., the signatures that bind a User ID or subkey to a certificate) made with SHA-1 until February 2023. It completely disallows data signatures made with SHA-1. The reason for this is that SHA-1 collision resistance is broken, but its second pre-image resistance is still okay.

As an added protection, Sequoia uses SHA-1 collision detection, which is a variant of SHA-1, which mitigates known attacks against SHA-1. SHA-1 CD has a very low false positive rate (2^-90) so it can be treated as a drop-in, fully compatible replacement for SHA-1.

Configuration File

This library reads the crypto policy configuration in /etc/crypto-policies/back-ends/sequoia.config. If that file doesn’t exist, it tries /usr/share/crypto-policies/back-ends/rpm-sequoia.config. This can be overridden using the SEQUOIA_CRYPTO_POLICY environment variable. If set to the empty string, then no crypto policy will be read and instead Sequoia’s default policy will be used.

Refer to the Fedora Crypto Policy project for information about the crypto policy.

Modules

• digest
• rpm

Structs

• PgpDig
  An optional OpenPGP certificate and an optional signature.
• PgpDigParams

Functions

• _pgpArmorWrap
  Wraps the data in ASCII armor.
• _pgpCleanDig
  Release (malloc’d) data from container.
• _pgpDigGetParams
  Retrieve parameters for parsed OpenPGP packet(s).
• _pgpDigParamsAlgo
  Returns the object’s public key or algorithm algorithm.
• _pgpDigParamsCmp
  “Compares” the two parameters and returns 1 if they differ and 0 if they match.
• _pgpDigParamsCreationTime
  Returns the object’s time.
• _pgpDigParamsFree
  Frees the parameters.
• _pgpDigParamsSignID
  Returns the issuer or the Key ID.
• _pgpDigParamsUserID
  Returns the primary User ID, if any.
• _pgpDigParamsVersion
  Returns the object’s version.
• _pgpFreeDig
  Destroy a container for parsed OpenPGP packet(s).
• _pgpNewDig
  Create a container for parsed OpenPGP packet(s).
• _pgpParsePkts
  Strips the ASCII armor and returns the decoded data in pkt.
• _pgpPrtParams
  Parses OpenPGP data.
• _pgpPrtParams2
  Like _pgpPrtParams, but returns error messages and lints in lint_str.
• _pgpPrtParamsSubkeys
  Returns a PgpDigParams data structure for each subkey.
• _pgpPrtPkts
  Parses and optionally prints to stdout a OpenPGP packet(s).
• _pgpPubKeyCertLen
  Returns the length of the certificate in bytes.
• _pgpPubKeyLint
  Lints the first certificate in pkts.
• _pgpPubkeyFingerprint
  Calculate OpenPGP public key fingerprint.
• _pgpPubkeyKeyID
  Returns the Key ID of the public key or the secret key stored in pkt.
• _pgpPubkeyMerge
  Merge the PGP packets of two certificates
• _pgpSignatureType
  Returns the signature’s type.
• _pgpVerifySig
  Verify a PGP signature.
• _pgpVerifySignature
  Verifies the signature.
• _pgpVerifySignature2
  Like _pgpVerifySignature, but returns error messages and lints in lint_str.
• _rpmFreeCrypto
  int rpmFreeCrypto(void)
• _rpmInitCrypto
  int rpmInitCrypto(void)
• print_error_chain
  Prints the error and causes, if any.