> This can be avoided by not actually signing the main header. Instead, hash
> the main header, hash the data from the signature header, and concatenate the
> hashes. Then sign the concatenated hashes.
Signing just the hash(es) kinda seems like an attractive proposal at first, but
... AFAICS this means the hash becomes a single point of failure: if the hash
is broken then *all* the signatures on it are broken at once, no matter what
*their* algorithm.
> New-style signatures are required in v6 packages.
> If a new-style signature is present, the signature header must be a single
> contiguous region and its entries must be sorted.
That's an interesting point of view, something I've been kinda approaching with
the automatic signing on build (with a relatively low-value key) + enforced
checking by default: the idea that there are no unsigned packages circulating
around. But if the signature is simply a mandatory part of the format, and
rpmsign refuses to delete the last signature (ie you can only replace it with
another)... :thinking: There might be something there. It's not quite that
simple though, we're expecting to backport the multisignature support to 4.x so
v6 packages wouldn't be the only ones carrying those, so the presence of such a
signature cannot be the only indication of the format and v4 packages may have
all these wrinkles (see eg #3469)...
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2224#issuecomment-2519719069
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/2224/2519719...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
https://lists.rpm.org/mailman/listinfo/rpm-maint
