Support OpenPGP v6 signature pre-salting

pmatilai · pmatilai · commit 7e51b5066af6 · 2025-07-04T14:26:39.000+03:00
OpenPGP v6 signature salt is a random per-signature thing that we need to feed into the digest before the actual data. For that we need rpm-sequoia support, the first version to have it is 1.9.0. The tests for this are in #3844 Fixes: #3846
diff --git a/INSTALL b/INSTALL
@@ -42,7 +42,7 @@ The scdoc manual page generator, available from
     https://git.sr.ht/~sircmpwn/scdoc
 
 You will need a cryptographic library to support digests and an OpenPGP
-implementation to support signatures. rpm-sequoia (>= 1.3.0 required) is
+implementation to support signatures. rpm-sequoia (>= 1.9.0 required) is
 the most complete option, covering both, and also the default:
     https://github.com/rpm-software-management/rpm-sequoia
 
diff --git a/include/rpm/rpmpgp.h b/include/rpm/rpmpgp.h
@@ -489,6 +489,8 @@ int pgpDigParamsVersion(pgpDigParams digp);
  */
 uint32_t pgpDigParamsCreationTime(pgpDigParams digp);
 
+int pgpDigParamsSalt(pgpDigParams digp, const uint8_t **datap, size_t *lenp);
+
 /** \ingroup rpmpgp
  * Destroy parsed OpenPGP packet parameter(s).
  * @param digp		parameter container
diff --git a/lib/rpmvs.cc b/lib/rpmvs.cc
@@ -457,8 +457,18 @@ void rpmvsInitRange(struct rpmvs_s *sis, int range)
     for (int i = 0; i < sis->nsigs; i++) {
 	struct rpmsinfo_s *sinfo = &sis->sigs[i];
 	if (sinfo->range & range) {
-	    if (sinfo->rc == RPMRC_OK)
-		rpmDigestBundleAddID(sis->bundle, sinfo->hashalgo, sinfo->id, 0);
+	    if (sinfo->rc != RPMRC_OK)
+		continue;
+
+	    rpmDigestBundleAddID(sis->bundle, sinfo->hashalgo, sinfo->id, 0);
+	    /* OpenPGP v6 signatures need a grain of salt to go */
+	    if (sinfo->sig) {
+		const uint8_t *salt = NULL;
+		size_t slen = 0;
+		if (pgpDigParamsSalt(sinfo->sig, &salt, &slen) == 0 && salt) {
+		    rpmDigestBundleUpdateID(sis->bundle, sinfo->id, salt, slen);
+		}
+	    }
 	}
     }
 }
diff --git a/rpmio/CMakeLists.txt b/rpmio/CMakeLists.txt
@@ -22,7 +22,7 @@ if (EXISTS ${CMAKE_SOURCE_DIR}/rpmio/rpmpgp_legacy/CMakeLists.txt)
 endif()
 
 if (WITH_SEQUOIA)
-	pkg_check_modules(RPMSEQUOIA REQUIRED IMPORTED_TARGET rpm-sequoia>=1.8.0)
+	pkg_check_modules(RPMSEQUOIA REQUIRED IMPORTED_TARGET rpm-sequoia>=1.9.0)
 	target_sources(librpmio PRIVATE rpmpgp_sequoia.cc)
 	target_link_libraries(librpmio PRIVATE PkgConfig::RPMSEQUOIA)
 else()
diff --git a/rpmio/rpmpgp_sequoia.cc b/rpmio/rpmpgp_sequoia.cc
@@ -37,6 +37,9 @@ W(const uint8_t *, pgpDigParamsSignID, (pgpDigParams digp), (digp))
 W(const char *, pgpDigParamsUserID, (pgpDigParams digp), (digp))
 W(int, pgpDigParamsVersion, (pgpDigParams digp), (digp))
 W(uint32_t, pgpDigParamsCreationTime, (pgpDigParams digp), (digp))
+W(int, pgpDigParamsSalt,
+  (pgpDigParams digp, const uint8_t **datap, size_t *lenp),
+  (digp, datap, lenp))
 W(rpmRC, pgpVerifySignature,
   (pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx),
   (key, sig, hashctx))
