[prev in list] [next in list] [prev in thread] [next in thread]
List: rpm-cvs
Subject: [CVS] RPM: rpm-5_4: rpm/ CHANGES rpm/build/ pack.c rpm/rpmio/ librpmio...
From: "Jeff Johnson" <jbj () rpm5 ! org>
Date: 2014-04-11 16:34:40
Message-ID: 20140411163440.9465449F46 () rpm5 ! org
[Download RAW message or body]
RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 11-Apr-2014 18:34:40
Branch: rpm-5_4 Handle: 2014041116343702
Modified files: (Branch: rpm-5_4)
rpm CHANGES
rpm/build pack.c
rpm/rpmio librpmio.vers rpmbc.c rpmbc.h rpmgc.c rpmgc.h
rpmltc.c rpmltc.h rpmnss.c rpmnss.h rpmpgp.c
rpmpgp.h rpmssl.c rpmssl.h
Log:
- pgp: permit non-repudiable signature on all crypto stacks.
Summary:
Revision Changes Path
1.3501.2.360+1 -0 rpm/CHANGES
2.324.2.10 +1 -1 rpm/build/pack.c
2.199.2.30 +3 -2 rpm/rpmio/librpmio.vers
2.35.2.3 +1 -0 rpm/rpmio/rpmbc.c
2.14.2.1 +5 -0 rpm/rpmio/rpmbc.h
2.34.2.4 +206 -1 rpm/rpmio/rpmgc.c
2.10.2.3 +5 -0 rpm/rpmio/rpmgc.h
1.2.4.4 +196 -1 rpm/rpmio/rpmltc.c
1.2.4.4 +5 -0 rpm/rpmio/rpmltc.h
1.40.2.8 +202 -1 rpm/rpmio/rpmnss.c
1.12.2.2 +5 -0 rpm/rpmio/rpmnss.h
2.127.2.5 +47 -3 rpm/rpmio/rpmpgp.c
2.108.2.6 +5 -4 rpm/rpmio/rpmpgp.h
2.42.2.3 +192 -2 rpm/rpmio/rpmssl.c
2.14.2.1 +5 -0 rpm/rpmio/rpmssl.h
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/CHANGES
============================================================================
$ cvs diff -u -r1.3501.2.359 -r1.3501.2.360 CHANGES
--- rpm/CHANGES 15 Jan 2014 13:37:31 -0000 1.3501.2.359
+++ rpm/CHANGES 11 Apr 2014 16:34:37 -0000 1.3501.2.360
@@ -1,4 +1,5 @@
5.4.14 -> 5.4.15:
+ - jbj: pgp: permit non-repudiable signature on all crypto stacks.
- devzero2000: add cppcheck target
- jbj: cipher: stub-in cipher methods and object.
- jbj: add radiogatun-{32,64} hashes.
@@ .
patch -p0 <<'@@ .'
Index: rpm/build/pack.c
============================================================================
$ cvs diff -u -r2.324.2.9 -r2.324.2.10 pack.c
--- rpm/build/pack.c 26 Jul 2013 08:19:37 -0000 2.324.2.9
+++ rpm/build/pack.c 11 Apr 2014 16:34:38 -0000 2.324.2.10
@@ -837,7 +837,7 @@
/* Sign the header SHA1. */
if (ctx)
- rpmbcExportSignature(dig, ctx);
+ xx = pgpExportSignature(dig, ctx);
}
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/librpmio.vers
============================================================================
$ cvs diff -u -r2.199.2.29 -r2.199.2.30 librpmio.vers
--- rpm/rpmio/librpmio.vers 16 Nov 2013 18:45:55 -0000 2.199.2.29
+++ rpm/rpmio/librpmio.vers 11 Apr 2014 16:34:39 -0000 2.199.2.30
@@ -271,6 +271,8 @@
_pgp_debug;
_pgp_error_count;
_pgp_print;
+ pgpExportPubkey;
+ pgpExportSignature;
pgpFindPubkey;
pgpGetPubkey;
pgpGetSignature;
@@ -354,8 +356,6 @@
rpmbagAdd;
rpmbagDel;
rpmbagNew;
- rpmbcExportPubkey;
- rpmbcExportSignature;
rpmbcImplVecs;
_rpmbf_debug;
rpmbfFree;
@@ -369,6 +369,7 @@
rpmbfUnion;
rpmcdsaImplVecs;
_cph_debug;
+ _cphParam;
rpmCipherInit;
rpmCipherNext;
rpmCipherFinal;
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmbc.c
============================================================================
$ cvs diff -u -r2.35.2.2 -r2.35.2.3 rpmbc.c
--- rpm/rpmio/rpmbc.c 16 Apr 2012 03:21:22 -0000 2.35.2.2
+++ rpm/rpmio/rpmbc.c 11 Apr 2014 16:34:39 -0000 2.35.2.3
@@ -1001,6 +1001,7 @@
sigp->signhash16[0] = h[0];
sigp->signhash16[1] = h[1];
+ /* XXX pgpImplVec forces "--usecrypto foo" to also be used */
xx = pgpImplSign(dig);
assert(xx == 1);
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmbc.h
============================================================================
$ cvs diff -u -r2.14 -r2.14.2.1 rpmbc.h
--- rpm/rpmio/rpmbc.h 18 Oct 2010 05:17:55 -0000 2.14
+++ rpm/rpmio/rpmbc.h 11 Apr 2014 16:34:39 -0000 2.14.2.1
@@ -74,4 +74,9 @@
/*@unchecked@*/
extern pgpImplVecs_t rpmbcImplVecs;
+int rpmbcExportPubkey(pgpDig dig)
+ /*@*/;
+int rpmbcExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+ /*@*/;
+
#endif /* H_RPMBC */
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmgc.c
============================================================================
$ cvs diff -u -r2.34.2.3 -r2.34.2.4 rpmgc.c
--- rpm/rpmio/rpmgc.c 29 Jul 2013 05:14:55 -0000 2.34.2.3
+++ rpm/rpmio/rpmgc.c 11 Apr 2014 16:34:39 -0000 2.34.2.4
@@ -369,6 +369,11 @@
/* Compare leading 16 bits of digest for quick check. */
rc = memcmp(gc->digest, sigp->signhash16, sizeof(sigp->signhash16));
+
+ /* XXX FIXME: avoid spurious "BAD" error msg while signing. */
+ if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0)
+ rc = 0;
+
SPEW(0, !rc, dig);
return rc;
}
@@ -995,5 +1000,205 @@
rpmgcFree, rpmgcInit
};
-#endif
+int rpmgcExportPubkey(pgpDig dig)
+{
+ uint8_t pkt[8192];
+ uint8_t * be = pkt;
+ size_t pktlen;
+ time_t now = time(NULL);
+ uint32_t bt = now;
+ uint16_t bn;
+ pgpDigParams pubp = pgpGetPubkey(dig);
+ rpmgc gc = (rpmgc) dig->impl;
+ int xx;
+
+ *be++ = 0x80 | (PGPTAG_PUBLIC_KEY << 2) | 0x01;
+ be += 2;
+
+ *be++ = 0x04;
+ *be++ = (bt >> 24);
+ *be++ = (bt >> 16);
+ *be++ = (bt >> 8);
+ *be++ = (bt );
+ *be++ = pubp->pubkey_algo;
+
+assert(gc->pub_key);
+xx = gcry_sexp_extract_param (gc->pub_key, NULL, "p q g y", &gc->p, &gc->q, &gc->g, &gc->y, NULL);
+assert(gc->p);
+assert(gc->q);
+assert(gc->g);
+assert(gc->y);
+ bn = gcry_mpi_get_nbits(gc->p);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = gcry_mpi_print(GCRYMPI_FMT_USG, be, bn/8, NULL, gc->p);
+ be += bn/8;
+
+ bn = gcry_mpi_get_nbits(gc->q);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = gcry_mpi_print(GCRYMPI_FMT_USG, be, bn/8, NULL, gc->q);
+ be += bn/8;
+
+ bn = gcry_mpi_get_nbits(gc->g);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = gcry_mpi_print(GCRYMPI_FMT_USG, be, bn/8, NULL, gc->g);
+ be += bn/8;
+
+ bn = gcry_mpi_get_nbits(gc->y);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = gcry_mpi_print(GCRYMPI_FMT_USG, be, bn/8, NULL, gc->y);
+ be += bn/8;
+
+ pktlen = (be - pkt);
+ bn = pktlen - 3;
+ pkt[1] = (bn >> 8);
+ pkt[2] = (bn );
+
+ xx = pgpPubkeyFingerprint(pkt, pktlen, pubp->signid);
+
+ dig->pub = memcpy(xmalloc(pktlen), pkt, pktlen);
+ dig->publen = pktlen;
+
+ return 0;
+}
+
+int rpmgcExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+{
+ uint8_t pkt[8192];
+ uint8_t * be = pkt;
+ uint8_t * h;
+ size_t pktlen;
+ time_t now = time(NULL);
+ uint32_t bt;
+ uint16_t bn;
+ pgpDigParams pubp = pgpGetPubkey(dig);
+ pgpDigParams sigp = pgpGetSignature(dig);
+ rpmgc gc = (rpmgc) dig->impl;
+ int xx;
+
+ sigp->tag = PGPTAG_SIGNATURE;
+ *be++ = 0x80 | (sigp->tag << 2) | 0x01;
+ be += 2; /* pktlen */
+
+ sigp->hash = be;
+ *be++ = sigp->version = 0x04; /* version */
+ *be++ = sigp->sigtype = PGPSIGTYPE_BINARY; /* sigtype */
+ *be++ = sigp->pubkey_algo = pubp->pubkey_algo; /* pubkey_algo */
+ *be++ = sigp->hash_algo; /* hash_algo */
+
+ be += 2; /* skip hashd length */
+ h = (uint8_t *) be;
+
+ *be++ = 1 + 4; /* signature creation time */
+ *be++ = PGPSUBTYPE_SIG_CREATE_TIME;
+ bt = now;
+ *be++ = sigp->time[0] = (bt >> 24);
+ *be++ = sigp->time[1] = (bt >> 16);
+ *be++ = sigp->time[2] = (bt >> 8);
+ *be++ = sigp->time[3] = (bt );
+
+ *be++ = 1 + 4; /* signature expiration time */
+ *be++ = PGPSUBTYPE_SIG_EXPIRE_TIME;
+ bt = 30 * 24 * 60 * 60; /* XXX 30 days from creation */
+ *be++ = sigp->expire[0] = (bt >> 24);
+ *be++ = sigp->expire[1] = (bt >> 16);
+ *be++ = sigp->expire[2] = (bt >> 8);
+ *be++ = sigp->expire[3] = (bt );
+
+/* key expiration time (only on a self-signature) */
+
+ *be++ = 1 + 1; /* exportable certification */
+ *be++ = PGPSUBTYPE_EXPORTABLE_CERT;
+ *be++ = 0;
+
+ *be++ = 1 + 1; /* revocable */
+ *be++ = PGPSUBTYPE_REVOCABLE;
+ *be++ = 0;
+
+/* notation data */
+
+ sigp->hashlen = (be - h); /* set hashed length */
+ h[-2] = (sigp->hashlen >> 8);
+ h[-1] = (sigp->hashlen );
+ sigp->hashlen += sizeof(struct pgpPktSigV4_s);
+
+ if (sigp->hash != NULL)
+ xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
+
+ if (sigp->version == (rpmuint8_t) 4) {
+ uint8_t trailer[6];
+ trailer[0] = sigp->version;
+ trailer[1] = (rpmuint8_t)0xff;
+ trailer[2] = (sigp->hashlen >> 24);
+ trailer[3] = (sigp->hashlen >> 16);
+ trailer[4] = (sigp->hashlen >> 8);
+ trailer[5] = (sigp->hashlen );
+ xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
+ }
+
+ sigp->signhash16[0] = 0x00;
+ sigp->signhash16[1] = 0x00;
+ xx = pgpImplSetDSA(ctx, dig, sigp); /* XXX signhash16 check always fails */
+ h = (uint8_t *) gc->digest;
+ sigp->signhash16[0] = h[0];
+ sigp->signhash16[1] = h[1];
+
+ /* XXX pgpImplVec forces "--usecrypto foo" to also be used */
+ xx = pgpImplSign(dig);
+assert(xx == 1);
+
+ be += 2; /* skip unhashed length. */
+ h = be;
+
+ *be++ = 1 + 8; /* issuer key ID */
+ *be++ = PGPSUBTYPE_ISSUER_KEYID;
+ *be++ = pubp->signid[0];
+ *be++ = pubp->signid[1];
+ *be++ = pubp->signid[2];
+ *be++ = pubp->signid[3];
+ *be++ = pubp->signid[4];
+ *be++ = pubp->signid[5];
+ *be++ = pubp->signid[6];
+ *be++ = pubp->signid[7];
+
+ bt = (be - h); /* set unhashed length */
+ h[-2] = (bt >> 8);
+ h[-1] = (bt );
+
+ *be++ = sigp->signhash16[0]; /* signhash16 */
+ *be++ = sigp->signhash16[1];
+
+assert(gc->sig);
+xx = gcry_sexp_extract_param (gc->sig, NULL, "r s", &gc->r, &gc->s, NULL);
+assert(gc->r);
+assert(gc->s);
+ bn = gcry_mpi_get_nbits(gc->r);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8);
+ *be++ = (bn );
+ xx = gcry_mpi_print(GCRYMPI_FMT_USG, be, bn/8, NULL, gc->r);
+ be += bn/8;
+
+ bn = gcry_mpi_get_nbits(gc->s);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8);
+ *be++ = (bn );
+ xx = gcry_mpi_print(GCRYMPI_FMT_USG, be, bn/8, NULL, gc->s);
+ be += bn/8;
+
+ pktlen = (be - pkt); /* packet length */
+ bn = pktlen - 3;
+ pkt[1] = (bn >> 8);
+ pkt[2] = (bn );
+
+ dig->sig = memcpy(xmalloc(pktlen), pkt, pktlen);
+ dig->siglen = pktlen;
+
+ return 0;
+
+}
+#endif /* WITH_GCRYPT */
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmgc.h
============================================================================
$ cvs diff -u -r2.10.2.2 -r2.10.2.3 rpmgc.h
--- rpm/rpmio/rpmgc.h 29 Jul 2013 05:14:55 -0000 2.10.2.2
+++ rpm/rpmio/rpmgc.h 11 Apr 2014 16:34:39 -0000 2.10.2.3
@@ -72,4 +72,9 @@
/*@unchecked@*/
extern pgpImplVecs_t rpmgcImplVecs;
+int rpmgcExportPubkey(pgpDig dig)
+ /*@*/;
+int rpmgcExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+ /*@*/;
+
#endif /* H_RPMGC */
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmltc.c
============================================================================
$ cvs diff -u -r1.2.4.3 -r1.2.4.4 rpmltc.c
--- rpm/rpmio/rpmltc.c 6 Aug 2013 05:22:26 -0000 1.2.4.3
+++ rpm/rpmio/rpmltc.c 11 Apr 2014 16:34:39 -0000 1.2.4.4
@@ -310,6 +310,9 @@
if (ltc->hashIdx >= 0) {
/* Compare leading 16 bits of digest for quick check. */
rc = memcmp(ltc->digest, sigp->signhash16, sizeof(sigp->signhash16));
+ /* XXX FIXME: avoid spurious "BAD" error msg while signing. */
+ if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0)
+ rc = 0;
}
SPEW(rc, !rc, dig);
@@ -710,6 +713,7 @@
ltc->digest = _free(ltc->digest);
ltc->digestlen = 0;
+ /* XXX rsa_free(<c->dsa); */
_freeBN(ltc->rsa.N);
_freeBN(ltc->rsa.e);
_freeBN(ltc->rsa.d);
@@ -722,6 +726,7 @@
_freeBN(ltc->c);
+ /* XXX dsa_free(<c->dsa); */
_freeBN(ltc->dsa.p);
_freeBN(ltc->dsa.q);
_freeBN(ltc->dsa.g);
@@ -914,5 +919,195 @@
rpmltcFree, rpmltcInit
};
-#endif /* WITH_TOMCRYPT */
+int rpmltcExportPubkey(pgpDig dig)
+{
+ uint8_t pkt[8192];
+ uint8_t * be = pkt;
+ size_t pktlen;
+ time_t now = time(NULL);
+ uint32_t bt = now;
+ uint16_t bn;
+ pgpDigParams pubp = pgpGetPubkey(dig);
+ rpmltc ltc = (rpmltc) dig->impl;
+ int xx;
+
+ *be++ = 0x80 | (PGPTAG_PUBLIC_KEY << 2) | 0x01;
+ be += 2;
+
+ *be++ = 0x04;
+ *be++ = (bt >> 24);
+ *be++ = (bt >> 16);
+ *be++ = (bt >> 8);
+ *be++ = (bt );
+ *be++ = pubp->pubkey_algo;
+
+ bn = mp_count_bits(ltc->dsa.p);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = mp_to_unsigned_bin(ltc->dsa.p, be);
+ be += bn/8;
+
+ bn = mp_count_bits(ltc->dsa.q);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = mp_to_unsigned_bin(ltc->dsa.q, be);
+ be += bn/8;
+
+ bn = mp_count_bits(ltc->dsa.g);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = mp_to_unsigned_bin(ltc->dsa.g, be);
+ be += bn/8;
+
+ bn = mp_count_bits(ltc->dsa.y);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = mp_to_unsigned_bin(ltc->dsa.y, be);
+ be += bn/8;
+
+ pktlen = (be - pkt);
+ bn = pktlen - 3;
+ pkt[1] = (bn >> 8);
+ pkt[2] = (bn );
+
+ xx = pgpPubkeyFingerprint(pkt, pktlen, pubp->signid);
+
+ dig->pub = memcpy(xmalloc(pktlen), pkt, pktlen);
+ dig->publen = pktlen;
+
+ return 0;
+}
+
+int rpmltcExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+{
+ uint8_t pkt[8192];
+ uint8_t * be = pkt;
+ uint8_t * h;
+ size_t pktlen;
+ time_t now = time(NULL);
+ uint32_t bt;
+ uint16_t bn;
+ pgpDigParams pubp = pgpGetPubkey(dig);
+ pgpDigParams sigp = pgpGetSignature(dig);
+ rpmltc ltc = (rpmltc) dig->impl;
+ int xx;
+ sigp->tag = PGPTAG_SIGNATURE;
+ *be++ = 0x80 | (sigp->tag << 2) | 0x01;
+ be += 2; /* pktlen */
+
+ sigp->hash = be;
+ *be++ = sigp->version = 0x04; /* version */
+ *be++ = sigp->sigtype = PGPSIGTYPE_BINARY; /* sigtype */
+ *be++ = sigp->pubkey_algo = pubp->pubkey_algo; /* pubkey_algo */
+ *be++ = sigp->hash_algo; /* hash_algo */
+
+ be += 2; /* skip hashd length */
+ h = (uint8_t *) be;
+
+ *be++ = 1 + 4; /* signature creation time */
+ *be++ = PGPSUBTYPE_SIG_CREATE_TIME;
+ bt = now;
+ *be++ = sigp->time[0] = (bt >> 24);
+ *be++ = sigp->time[1] = (bt >> 16);
+ *be++ = sigp->time[2] = (bt >> 8);
+ *be++ = sigp->time[3] = (bt );
+
+ *be++ = 1 + 4; /* signature expiration time */
+ *be++ = PGPSUBTYPE_SIG_EXPIRE_TIME;
+ bt = 30 * 24 * 60 * 60; /* XXX 30 days from creation */
+ *be++ = sigp->expire[0] = (bt >> 24);
+ *be++ = sigp->expire[1] = (bt >> 16);
+ *be++ = sigp->expire[2] = (bt >> 8);
+ *be++ = sigp->expire[3] = (bt );
+
+/* key expiration time (only on a self-signature) */
+
+ *be++ = 1 + 1; /* exportable certification */
+ *be++ = PGPSUBTYPE_EXPORTABLE_CERT;
+ *be++ = 0;
+
+ *be++ = 1 + 1; /* revocable */
+ *be++ = PGPSUBTYPE_REVOCABLE;
+ *be++ = 0;
+
+/* notation data */
+
+ sigp->hashlen = (be - h); /* set hashed length */
+ h[-2] = (sigp->hashlen >> 8);
+ h[-1] = (sigp->hashlen );
+ sigp->hashlen += sizeof(struct pgpPktSigV4_s);
+
+ if (sigp->hash != NULL)
+ xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
+
+ if (sigp->version == (rpmuint8_t) 4) {
+ uint8_t trailer[6];
+ trailer[0] = sigp->version;
+ trailer[1] = (rpmuint8_t)0xff;
+ trailer[2] = (sigp->hashlen >> 24);
+ trailer[3] = (sigp->hashlen >> 16);
+ trailer[4] = (sigp->hashlen >> 8);
+ trailer[5] = (sigp->hashlen );
+ xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
+ }
+
+ sigp->signhash16[0] = 0x00;
+ sigp->signhash16[1] = 0x00;
+ xx = pgpImplSetDSA(ctx, dig, sigp); /* XXX signhash16 check always fails */
+ h = (uint8_t *) ltc->digest;
+ sigp->signhash16[0] = h[0];
+ sigp->signhash16[1] = h[1];
+
+ /* XXX pgpImplVec forces "--usecrypto foo" to also be used */
+ xx = pgpImplSign(dig);
+assert(xx == 1);
+
+ be += 2; /* skip unhashed length. */
+ h = be;
+
+ *be++ = 1 + 8; /* issuer key ID */
+ *be++ = PGPSUBTYPE_ISSUER_KEYID;
+ *be++ = pubp->signid[0];
+ *be++ = pubp->signid[1];
+ *be++ = pubp->signid[2];
+ *be++ = pubp->signid[3];
+ *be++ = pubp->signid[4];
+ *be++ = pubp->signid[5];
+ *be++ = pubp->signid[6];
+ *be++ = pubp->signid[7];
+
+ bt = (be - h); /* set unhashed length */
+ h[-2] = (bt >> 8);
+ h[-1] = (bt );
+
+ *be++ = sigp->signhash16[0]; /* signhash16 */
+ *be++ = sigp->signhash16[1];
+
+ bn = mp_count_bits(ltc->r);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8);
+ *be++ = (bn );
+ xx = mp_to_unsigned_bin(ltc->r, be);
+ be += bn/8;
+
+ bn = mp_count_bits(ltc->s);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8);
+ *be++ = (bn );
+ xx = mp_to_unsigned_bin(ltc->s, be);
+ be += bn/8;
+
+ pktlen = (be - pkt); /* packet length */
+ bn = pktlen - 3;
+ pkt[1] = (bn >> 8);
+ pkt[2] = (bn );
+
+ dig->sig = memcpy(xmalloc(pktlen), pkt, pktlen);
+ dig->siglen = pktlen;
+
+ return 0;
+
+}
+
+#endif /* WITH_TOMCRYPT */
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmltc.h
============================================================================
$ cvs diff -u -r1.2.4.3 -r1.2.4.4 rpmltc.h
--- rpm/rpmio/rpmltc.h 6 Aug 2013 05:22:26 -0000 1.2.4.3
+++ rpm/rpmio/rpmltc.h 11 Apr 2014 16:34:39 -0000 1.2.4.4
@@ -56,4 +56,9 @@
/*@unchecked@*/
extern pgpImplVecs_t rpmltcImplVecs;
+int rpmltcExportPubkey(pgpDig dig)
+ /*@*/;
+int rpmltcExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+ /*@*/;
+
#endif /* H_RPMLTC */
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmnss.c
============================================================================
$ cvs diff -u -r1.40.2.7 -r1.40.2.8 rpmnss.c
--- rpm/rpmio/rpmnss.c 16 Aug 2013 19:32:42 -0000 1.40.2.7
+++ rpm/rpmio/rpmnss.c 11 Apr 2014 16:34:39 -0000 1.40.2.8
@@ -626,6 +626,10 @@
/* Compare leading 16 bits of digest for quick check. */
rc = memcmp(nss->digest, sigp->signhash16, sizeof(sigp->signhash16));
+ /* XXX FIXME: avoid spurious "BAD" error msg while signing. */
+ if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0)
+ rc = 0;
+
exit:
SPEW(rc, !rc, dig);
return rc;
@@ -1466,5 +1470,202 @@
rpmnssFree, rpmnssInit
};
-#endif /* WITH_NSS */
+int rpmnssExportPubkey(pgpDig dig)
+{
+ uint8_t pkt[8192];
+ uint8_t * be = pkt;
+ size_t pktlen;
+ time_t now = time(NULL);
+ uint32_t bt = now;
+ uint16_t bn;
+ pgpDigParams pubp = pgpGetPubkey(dig);
+ rpmnss nss = (rpmnss) dig->impl;
+ int xx;
+
+ *be++ = 0x80 | (PGPTAG_PUBLIC_KEY << 2) | 0x01;
+ be += 2;
+
+ *be++ = 0x04;
+ *be++ = (bt >> 24);
+ *be++ = (bt >> 16);
+ *be++ = (bt >> 8);
+ *be++ = (bt );
+ *be++ = pubp->pubkey_algo;
+
+ /* DSA p */
+ bn = 8 * nss->pub_key->u.dsa.params.prime.len;
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ memcpy(be, nss->pub_key->u.dsa.params.prime.data, bn/8);
+ be += bn/8;
+
+ /* DSA q */
+ bn = 8 * nss->pub_key->u.dsa.params.subPrime.len;
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ memcpy(be, nss->pub_key->u.dsa.params.subPrime.data, bn/8);
+ be += bn/8;
+
+ /* DSA g */
+ bn = 8 * nss->pub_key->u.dsa.params.base.len;
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ memcpy(be, nss->pub_key->u.dsa.params.base.data, bn/8);
+ be += bn/8;
+
+ bn = 8 * nss->pub_key->u.dsa.publicValue.len;
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ memcpy(be, nss->pub_key->u.dsa.publicValue.data, bn/8);
+ be += bn/8;
+
+ pktlen = (be - pkt);
+ bn = pktlen - 3;
+ pkt[1] = (bn >> 8);
+ pkt[2] = (bn );
+ xx = pgpPubkeyFingerprint(pkt, pktlen, pubp->signid);
+
+ dig->pub = memcpy(xmalloc(pktlen), pkt, pktlen);
+ dig->publen = pktlen;
+
+ return 0;
+}
+
+int rpmnssExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+{
+ uint8_t pkt[8192];
+ uint8_t * be = pkt;
+ uint8_t * h;
+ size_t pktlen;
+ time_t now = time(NULL);
+ uint32_t bt;
+ uint16_t bn;
+ pgpDigParams pubp = pgpGetPubkey(dig);
+ pgpDigParams sigp = pgpGetSignature(dig);
+ rpmnss nss = (rpmnss) dig->impl;
+ int xx;
+
+ sigp->tag = PGPTAG_SIGNATURE;
+ *be++ = 0x80 | (sigp->tag << 2) | 0x01;
+ be += 2; /* pktlen */
+
+ sigp->hash = be;
+ *be++ = sigp->version = 0x04; /* version */
+ *be++ = sigp->sigtype = PGPSIGTYPE_BINARY; /* sigtype */
+ *be++ = sigp->pubkey_algo = pubp->pubkey_algo; /* pubkey_algo */
+ *be++ = sigp->hash_algo; /* hash_algo */
+
+ be += 2; /* skip hashd length */
+ h = (uint8_t *) be;
+
+ *be++ = 1 + 4; /* signature creation time */
+ *be++ = PGPSUBTYPE_SIG_CREATE_TIME;
+ bt = now;
+ *be++ = sigp->time[0] = (bt >> 24);
+ *be++ = sigp->time[1] = (bt >> 16);
+ *be++ = sigp->time[2] = (bt >> 8);
+ *be++ = sigp->time[3] = (bt );
+
+ *be++ = 1 + 4; /* signature expiration time */
+ *be++ = PGPSUBTYPE_SIG_EXPIRE_TIME;
+ bt = 30 * 24 * 60 * 60; /* XXX 30 days from creation */
+ *be++ = sigp->expire[0] = (bt >> 24);
+ *be++ = sigp->expire[1] = (bt >> 16);
+ *be++ = sigp->expire[2] = (bt >> 8);
+ *be++ = sigp->expire[3] = (bt );
+
+/* key expiration time (only on a self-signature) */
+
+ *be++ = 1 + 1; /* exportable certification */
+ *be++ = PGPSUBTYPE_EXPORTABLE_CERT;
+ *be++ = 0;
+
+ *be++ = 1 + 1; /* revocable */
+ *be++ = PGPSUBTYPE_REVOCABLE;
+ *be++ = 0;
+
+/* notation data */
+
+ sigp->hashlen = (be - h); /* set hashed length */
+ h[-2] = (sigp->hashlen >> 8);
+ h[-1] = (sigp->hashlen );
+ sigp->hashlen += sizeof(struct pgpPktSigV4_s);
+
+ if (sigp->hash != NULL)
+ xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
+
+ if (sigp->version == (rpmuint8_t) 4) {
+ uint8_t trailer[6];
+ trailer[0] = sigp->version;
+ trailer[1] = (rpmuint8_t)0xff;
+ trailer[2] = (sigp->hashlen >> 24);
+ trailer[3] = (sigp->hashlen >> 16);
+ trailer[4] = (sigp->hashlen >> 8);
+ trailer[5] = (sigp->hashlen );
+ xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
+ }
+
+ sigp->signhash16[0] = 0x00;
+ sigp->signhash16[1] = 0x00;
+ xx = pgpImplSetDSA(ctx, dig, sigp); /* XXX signhash16 check always fails */
+ h = (uint8_t *) nss->digest;
+ sigp->signhash16[0] = h[0];
+ sigp->signhash16[1] = h[1];
+
+ /* XXX pgpImplVec forces "--usecrypto foo" to also be used */
+ xx = pgpImplSign(dig);
+assert(xx == 1);
+
+ be += 2; /* skip unhashed length. */
+ h = be;
+
+ *be++ = 1 + 8; /* issuer key ID */
+ *be++ = PGPSUBTYPE_ISSUER_KEYID;
+ *be++ = pubp->signid[0];
+ *be++ = pubp->signid[1];
+ *be++ = pubp->signid[2];
+ *be++ = pubp->signid[3];
+ *be++ = pubp->signid[4];
+ *be++ = pubp->signid[5];
+ *be++ = pubp->signid[6];
+ *be++ = pubp->signid[7];
+
+ bt = (be - h); /* set unhashed length */
+ h[-2] = (bt >> 8);
+ h[-1] = (bt );
+
+ *be++ = sigp->signhash16[0]; /* signhash16 */
+ *be++ = sigp->signhash16[1];
+
+ { SECItem * dsasig = DSAU_DecodeDerSig(nss->sig);
+assert(dsasig != NULL);
+ bn = 8 * (dsasig->len/2);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8);
+ *be++ = (bn );
+ memcpy(be, dsasig->data, bn/8);
+ be += bn/8;
+
+ bn = 8 * (dsasig->len/2);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8);
+ *be++ = (bn );
+ memcpy(be, dsasig->data + (bn/8), bn/8);
+ be += bn/8;
+ SECITEM_ZfreeItem(dsasig, PR_TRUE);
+ }
+
+ pktlen = (be - pkt); /* packet length */
+ bn = pktlen - 3;
+ pkt[1] = (bn >> 8);
+ pkt[2] = (bn );
+
+ dig->sig = memcpy(xmalloc(pktlen), pkt, pktlen);
+ dig->siglen = pktlen;
+
+ return 0;
+
+}
+
+#endif /* WITH_NSS */
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmnss.h
============================================================================
$ cvs diff -u -r1.12.2.1 -r1.12.2.2 rpmnss.h
--- rpm/rpmio/rpmnss.h 4 Aug 2013 03:11:56 -0000 1.12.2.1
+++ rpm/rpmio/rpmnss.h 11 Apr 2014 16:34:39 -0000 1.12.2.2
@@ -69,4 +69,9 @@
/*@unchecked@*/
extern pgpImplVecs_t rpmnssImplVecs;
+int rpmnssExportPubkey(pgpDig dig)
+ /*@*/;
+int rpmnssExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+ /*@*/;
+
#endif /* H_RPMNSS */
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmpgp.c
============================================================================
$ cvs diff -u -r2.127.2.4 -r2.127.2.5 rpmpgp.c
--- rpm/rpmio/rpmpgp.c 29 Jul 2013 05:18:51 -0000 2.127.2.4
+++ rpm/rpmio/rpmpgp.c 11 Apr 2014 16:34:39 -0000 2.127.2.5
@@ -12,9 +12,21 @@
#define _RPMPGP_INTERNAL
#include <rpmbc.h> /* XXX still needs base64 goop */
+#if defined(WITH_GCRYPT)
+#include <rpmgc.h>
+#endif
#if defined(WITH_NSS)
#include <rpmnss.h>
#endif
+#if defined(WITH_OPENSSL)
+#include <rpmssl.h>
+#endif
+#if defined(WITH_CDSA)
+#include <rpmcdsa.h>
+#endif
+#if defined(WITH_TOMCRYPT)
+#include <rpmltc.h>
+#endif
#include "debug.h"
/*@access pgpDig @*/
@@ -1216,13 +1228,45 @@
if (pubp->pubkey_algo) {
int xx = pgpImplGenerate(dig);
assert(xx == 1);
- /* XXX FIXME: limited to DSA from BeeCrypt for now. */
- if (pgpImplVecs == &rpmbcImplVecs)
- xx = rpmbcExportPubkey(dig);
+ xx = pgpExportPubkey(dig);
}
return dig;
}
+int pgpExportPubkey(pgpDig dig)
+{
+ int xx = 0; /* XXX FIXME */
+ /* XXX FIXME: limited to DSA for now. */
+ if (pgpImplVecs == &rpmbcImplVecs)
+ xx = rpmbcExportPubkey(dig);
+ if (pgpImplVecs == &rpmsslImplVecs)
+ xx = rpmsslExportPubkey(dig);
+ if (pgpImplVecs == &rpmnssImplVecs)
+ xx = rpmnssExportPubkey(dig);
+ if (pgpImplVecs == &rpmgcImplVecs)
+ xx = rpmgcExportPubkey(dig);
+ if (pgpImplVecs == &rpmltcImplVecs)
+ xx = rpmltcExportPubkey(dig);
+ return xx;
+}
+
+int pgpExportSignature(pgpDig dig, DIGEST_CTX ctx)
+{
+ int xx = 0; /* XXX FIXME */
+ /* XXX FIXME: limited to DSA for now. */
+ if (pgpImplVecs == &rpmbcImplVecs)
+ xx = rpmbcExportSignature(dig, ctx);
+ if (pgpImplVecs == &rpmsslImplVecs)
+ xx = rpmsslExportSignature(dig, ctx);
+ if (pgpImplVecs == &rpmnssImplVecs)
+ xx = rpmnssExportSignature(dig, ctx);
+ if (pgpImplVecs == &rpmgcImplVecs)
+ xx = rpmgcExportSignature(dig, ctx);
+ if (pgpImplVecs == &rpmltcImplVecs)
+ xx = rpmltcExportSignature(dig, ctx);
+ return xx;
+}
+
pgpDigParams pgpGetSignature(pgpDig dig)
{
return (dig ? &dig->signature : NULL);
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmpgp.h
============================================================================
$ cvs diff -u -r2.108.2.5 -r2.108.2.6 rpmpgp.h
--- rpm/rpmio/rpmpgp.h 16 Nov 2013 18:45:55 -0000 2.108.2.5
+++ rpm/rpmio/rpmpgp.h 11 Apr 2014 16:34:39 -0000 2.108.2.6
@@ -1434,10 +1434,6 @@
pgpDig pgpDigNew(pgpVSFlags vsflags, pgpPubkeyAlgo pubkey_algo)
/*@globals fileSystem @*/
/*@modifies fileSystem @*/;
-int rpmbcExportPubkey(pgpDig dig)
- /*@*/;
-int rpmbcExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
- /*@*/;
/** \ingroup rpmpgp
* Release (malloc'd) data from container.
@@ -1446,6 +1442,11 @@
void pgpDigClean(/*@null@*/ pgpDig dig)
/*@modifies dig @*/;
+int pgpExportPubkey(pgpDig dig)
+ /*@*/;
+int pgpExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+ /*@*/;
+
/** \ingroup rpmpgp
* Return OpenPGP pubkey parameters.
* @param dig signature parameters container
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmssl.c
============================================================================
$ cvs diff -u -r2.42.2.2 -r2.42.2.3 rpmssl.c
--- rpm/rpmio/rpmssl.c 15 Apr 2012 21:20:53 -0000 2.42.2.2
+++ rpm/rpmio/rpmssl.c 11 Apr 2014 16:34:39 -0000 2.42.2.3
@@ -33,7 +33,7 @@
/*@=redecl@*/
/*@unchecked@*/
-static int _rpmssl_debug;
+static int _rpmssl_debug = -1;
#define SPEW(_t, _rc, _dig) \
{ if ((_t) || _rpmssl_debug || _pgp_debug < 0) \
@@ -735,5 +735,195 @@
rpmsslFree, rpmsslInit
};
-#endif
+int rpmsslExportPubkey(pgpDig dig)
+{
+ uint8_t pkt[8192];
+ uint8_t * be = pkt;
+ size_t pktlen;
+ time_t now = time(NULL);
+ uint32_t bt = now;
+ uint16_t bn;
+ pgpDigParams pubp = pgpGetPubkey(dig);
+ rpmssl ssl = (rpmssl) dig->impl;
+ int xx;
+
+ *be++ = 0x80 | (PGPTAG_PUBLIC_KEY << 2) | 0x01;
+ be += 2;
+
+ *be++ = 0x04;
+ *be++ = (bt >> 24);
+ *be++ = (bt >> 16);
+ *be++ = (bt >> 8);
+ *be++ = (bt );
+ *be++ = pubp->pubkey_algo;
+
+ bn = BN_num_bits(ssl->dsa->p);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = BN_bn2bin(ssl->dsa->p, be);
+ be += bn/8;
+
+ bn = BN_num_bits(ssl->dsa->q);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = BN_bn2bin(ssl->dsa->q, be);
+ be += bn/8;
+
+ bn = BN_num_bits(ssl->dsa->g);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = BN_bn2bin(ssl->dsa->g, be);
+ be += bn/8;
+
+ bn = BN_num_bits(ssl->dsa->pub_key);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8); *be++ = (bn );
+ xx = BN_bn2bin(ssl->dsa->pub_key, be);
+ be += bn/8;
+
+ pktlen = (be - pkt);
+ bn = pktlen - 3;
+ pkt[1] = (bn >> 8);
+ pkt[2] = (bn );
+
+ xx = pgpPubkeyFingerprint(pkt, pktlen, pubp->signid);
+
+ dig->pub = memcpy(xmalloc(pktlen), pkt, pktlen);
+ dig->publen = pktlen;
+
+ return 0;
+}
+
+int rpmsslExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+{
+ uint8_t pkt[8192];
+ uint8_t * be = pkt;
+ uint8_t * h;
+ size_t pktlen;
+ time_t now = time(NULL);
+ uint32_t bt;
+ uint16_t bn;
+ pgpDigParams pubp = pgpGetPubkey(dig);
+ pgpDigParams sigp = pgpGetSignature(dig);
+ rpmssl ssl = (rpmssl) dig->impl;
+ int xx;
+
+ sigp->tag = PGPTAG_SIGNATURE;
+ *be++ = 0x80 | (sigp->tag << 2) | 0x01;
+ be += 2; /* pktlen */
+
+ sigp->hash = be;
+ *be++ = sigp->version = 0x04; /* version */
+ *be++ = sigp->sigtype = PGPSIGTYPE_BINARY; /* sigtype */
+ *be++ = sigp->pubkey_algo = pubp->pubkey_algo; /* pubkey_algo */
+ *be++ = sigp->hash_algo; /* hash_algo */
+
+ be += 2; /* skip hashd length */
+ h = (uint8_t *) be;
+
+ *be++ = 1 + 4; /* signature creation time */
+ *be++ = PGPSUBTYPE_SIG_CREATE_TIME;
+ bt = now;
+ *be++ = sigp->time[0] = (bt >> 24);
+ *be++ = sigp->time[1] = (bt >> 16);
+ *be++ = sigp->time[2] = (bt >> 8);
+ *be++ = sigp->time[3] = (bt );
+
+ *be++ = 1 + 4; /* signature expiration time */
+ *be++ = PGPSUBTYPE_SIG_EXPIRE_TIME;
+ bt = 30 * 24 * 60 * 60; /* XXX 30 days from creation */
+ *be++ = sigp->expire[0] = (bt >> 24);
+ *be++ = sigp->expire[1] = (bt >> 16);
+ *be++ = sigp->expire[2] = (bt >> 8);
+ *be++ = sigp->expire[3] = (bt );
+
+/* key expiration time (only on a self-signature) */
+
+ *be++ = 1 + 1; /* exportable certification */
+ *be++ = PGPSUBTYPE_EXPORTABLE_CERT;
+ *be++ = 0;
+
+ *be++ = 1 + 1; /* revocable */
+ *be++ = PGPSUBTYPE_REVOCABLE;
+ *be++ = 0;
+
+/* notation data */
+
+ sigp->hashlen = (be - h); /* set hashed length */
+ h[-2] = (sigp->hashlen >> 8);
+ h[-1] = (sigp->hashlen );
+ sigp->hashlen += sizeof(struct pgpPktSigV4_s);
+
+ if (sigp->hash != NULL)
+ xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
+
+ if (sigp->version == (rpmuint8_t) 4) {
+ uint8_t trailer[6];
+ trailer[0] = sigp->version;
+ trailer[1] = (rpmuint8_t)0xff;
+ trailer[2] = (sigp->hashlen >> 24);
+ trailer[3] = (sigp->hashlen >> 16);
+ trailer[4] = (sigp->hashlen >> 8);
+ trailer[5] = (sigp->hashlen );
+ xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
+ }
+
+ sigp->signhash16[0] = 0x00;
+ sigp->signhash16[1] = 0x00;
+ xx = pgpImplSetDSA(ctx, dig, sigp); /* XXX signhash16 check always fails */
+ h = (uint8_t *) ssl->digest;
+ sigp->signhash16[0] = h[0];
+ sigp->signhash16[1] = h[1];
+
+ /* XXX pgpImplVec forces "--usecrypto foo" to also be used */
+ xx = pgpImplSign(dig);
+assert(xx == 1);
+
+ be += 2; /* skip unhashed length. */
+ h = be;
+
+ *be++ = 1 + 8; /* issuer key ID */
+ *be++ = PGPSUBTYPE_ISSUER_KEYID;
+ *be++ = pubp->signid[0];
+ *be++ = pubp->signid[1];
+ *be++ = pubp->signid[2];
+ *be++ = pubp->signid[3];
+ *be++ = pubp->signid[4];
+ *be++ = pubp->signid[5];
+ *be++ = pubp->signid[6];
+ *be++ = pubp->signid[7];
+
+ bt = (be - h); /* set unhashed length */
+ h[-2] = (bt >> 8);
+ h[-1] = (bt );
+
+ *be++ = sigp->signhash16[0]; /* signhash16 */
+ *be++ = sigp->signhash16[1];
+
+ bn = BN_num_bits(ssl->dsasig->r);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8);
+ *be++ = (bn );
+ xx = BN_bn2bin(ssl->dsasig->r, be);
+ be += bn/8;
+
+ bn = BN_num_bits(ssl->dsasig->s);
+ bn += 7; bn &= ~7;
+ *be++ = (bn >> 8);
+ *be++ = (bn );
+ xx = BN_bn2bin(ssl->dsasig->s, be);
+ be += bn/8;
+
+ pktlen = (be - pkt); /* packet length */
+ bn = pktlen - 3;
+ pkt[1] = (bn >> 8);
+ pkt[2] = (bn );
+
+ dig->sig = memcpy(xmalloc(pktlen), pkt, pktlen);
+ dig->siglen = pktlen;
+
+ return 0;
+
+}
+#endif /* WITH_SSL */
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmssl.h
============================================================================
$ cvs diff -u -r2.14 -r2.14.2.1 rpmssl.h
--- rpm/rpmio/rpmssl.h 2 Dec 2010 14:35:29 -0000 2.14
+++ rpm/rpmio/rpmssl.h 11 Apr 2014 16:34:39 -0000 2.14.2.1
@@ -72,4 +72,9 @@
/*@unchecked@*/
extern pgpImplVecs_t rpmsslImplVecs;
+int rpmsslExportPubkey(pgpDig dig)
+ /*@*/;
+int rpmsslExportSignature(pgpDig dig, /*@only@*/ DIGEST_CTX ctx)
+ /*@*/;
+
#endif /* H_RPMSSL */
@@ .
______________________________________________________________________
RPM Package Manager http://rpm5.org
CVS Sources Repository rpm-cvs@rpm5.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic