Describe the bug
rpm 6.0 breaks using https://github.com/rpm-software-management/rpmpgp_legacy because rpm 6.0 requires a pgpDigParamsSalt implementation, which has never been added to rpmpgp_legacy
To Reproduce
Build rpm 6.0 with rpmpgp_legacy, then try to do anything with the resulting rpm
Expected behavior
works
Output
Unresolved symbol: pgpDigParamsSalt
Environment
Additional context
rpm-software-management/rpm#3975 fixes an identical problem for building without pgp (rpmpgp_dummy.cc).
It is clear that the fix is to implement pgpDigParamsSalt in rpmpgp_legacy; unfortunately the workings of the rpmpgp API aren't documented very well.
I added an int pgpDigParamsSalt(pgpDigParams digp, const uint8_t **datap, size_t *lenp) function to rpmpgp_legacy that just dumps information and returns -1 for now (this at least gets to a point where rpm 6 works if --nosignature is given), but I'm not sure where to go from there:
digp->tag is 2 (PGPTAG_SIGNATURE, as expected), digp->sigtype is 0 (PGPSIGTYPE_BINARY, as expected), digp->hash_algo is 8 (RPM_HASH_SHA256, as expected), digp->hashlen is 35.
Since a SHA256 hash is 32 bytes, I assumed digp->hash would contain either a 3 byte salt followed by the sha256 hash, or the sha256 hash followed by a 3 byte salt -- but that doesn't seem to be the case, if I copy the first or last 3 bytes (tried both variants) from digp->hash to datap and return 3 in lenp, it results in an error thrown for everything being verified:
error: rpmdbNextIterator: skipping h# 318357
Header OpenPGP V4 RSA/SHA256 signature, key fingerprint: 88d19fb468ba8f3fda4f5e8c180922d8bf81de15: BAD
Header SHA256 digest: OK
Header SHA1 digest: OK
Any hints on what I'm doing wrong here? How is the hash field in pgpDigParams actually encoded?
Describe the bug
rpm 6.0 breaks using https://github.com/rpm-software-management/rpmpgp_legacy because rpm 6.0 requires a pgpDigParamsSalt implementation, which has never been added to rpmpgp_legacy
To Reproduce
Build rpm 6.0 with rpmpgp_legacy, then try to do anything with the resulting rpm
Expected behavior
works
Output
Unresolved symbol: pgpDigParamsSalt
Environment
Additional context
rpm-software-management/rpm#3975 fixes an identical problem for building without pgp (rpmpgp_dummy.cc).
It is clear that the fix is to implement
pgpDigParamsSaltin rpmpgp_legacy; unfortunately the workings of the rpmpgp API aren't documented very well.I added an
int pgpDigParamsSalt(pgpDigParams digp, const uint8_t **datap, size_t *lenp)function to rpmpgp_legacy that just dumps information and returns -1 for now (this at least gets to a point where rpm 6 works if--nosignatureis given), but I'm not sure where to go from there:digp->tagis 2 (PGPTAG_SIGNATURE, as expected),digp->sigtypeis 0 (PGPSIGTYPE_BINARY, as expected),digp->hash_algois 8 (RPM_HASH_SHA256, as expected),digp->hashlenis 35.Since a SHA256 hash is 32 bytes, I assumed
digp->hashwould contain either a 3 byte salt followed by the sha256 hash, or the sha256 hash followed by a 3 byte salt -- but that doesn't seem to be the case, if I copy the first or last 3 bytes (tried both variants) fromdigp->hashtodatapand return3inlenp, it results in an error thrown for everything being verified:Any hints on what I'm doing wrong here? How is the hash field in pgpDigParams actually encoded?