Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

signature fixups #306

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

signature fixups #306

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
ea0eb17
lib/repo.c: add xbps_repo_pubkey to read and cache repo pubkeys
Duncaen Jul 11, 2020
59cc5b4
lib/repo.c: close the repository if there is an error
Duncaen Jul 11, 2020
1388de5
lib/verifysig.c: use new xbps_repo_pubkey
Duncaen Jul 11, 2020
9f32c18
lib/transaction_fetch.c: try to load repo public keys before starting…
Duncaen Jul 11, 2020
dda1c5d
lib/verifysig.c: use read instead of mmap to read signature files
Duncaen Jul 11, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 24 additions & 15 deletions lib/verifysig.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,26 +82,35 @@ bool
xbps_verify_signature(struct xbps_repo *repo, const char *sigfile,
unsigned char *digest)
{
unsigned char *sig_buf = NULL;
size_t sigbuflen, sigfilelen;
bool val = false;
unsigned char buf[512];
struct stat st;
ssize_t rd = 0;
int fd = -1;

if (!xbps_mmap_file(sigfile, (void *)&sig_buf, &sigbuflen, &sigfilelen)) {
xbps_dbg_printf(repo->xhp, "can't open signature file %s: %s\n",
if ((fd = open(sigfile, O_RDONLY|O_CLOEXEC)) == -1 || fstat(fd, &st) == -1) {
xbps_error_printf("can't open signature file %s: %s\n",
sigfile, strerror(errno));
goto out;
close(fd);
return false;
}
/*
* Verify fname RSA signature.
*/
if (rsa_verify_hash(repo, sig_buf, sigfilelen, digest))
val = true;

out:
if (sig_buf)
(void)munmap(sig_buf, sigbuflen);
if (st.st_size != sizeof buf) {
xbps_error_printf("invalid signature file %s: size mismatch\n",
sigfile);
(void)close(fd);
return false;
}

return val;
rd = read(fd, buf, sizeof buf);
if (rd == -1) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rd != sizeof buf, and errno ? errno : EIO ?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess sigfile is required to have a size of 512 bytes, right?

It would be good if this could be a #define somewhere, and documented in comments. And I would just use rd != SIGFILE_SIZE, then.

xbps_error_printf("can't read signature file %s: %s\n",
sigfile, strerror(errno));
close(fd);
return false;
}
close(fd);

return rsa_verify_hash(repo, buf, sizeof buf, digest);
}

bool
Expand Down