On Nov 4, 2014, at 11:50 AM, Elan Ruusamäe wrote: > On 04.11.2014 09:31, Jan Rękorajski wrote: >>>> The RSA v4 keyid is not correctly implementedin rpm-4.5. Use DSA or go fix >>>> rpm-4.5. >>> >baggins: we probably should revert it then. >> I'd leave it in test for now, but I'm ok with the downgrade you did on >> builders. > i failed to downgrade actually... still trying >>>> > >All packages produced by rpmbuild-5.4.15 are signed automatically. Been >>>> > >that way >>>> > >for several years. >>> >yep. that's what i recalled problem being familiar. >> If it's been there for years, then why the problems started on 5.4.15? > as i understand, then it's because it started to create RSAv4 not RSAv3 > headers. >
Yes. But there multiple obscure issues that were fixed, not just generating a V4 keyid correctly. E.g. rpm-4.5 did not get bit counts correct and assumed 8 * byte count was "gud enuf". The assumption is true for DSA but not RSA. So 1 out of 256 RSA parameters will have 8 bits of leading zeroes and the byte count will be wrong. Adjust your testing accoringly: 255 out of 256 RSA signatures will Just Work. > > i'm still looking for code diffs, so it's either one of these rpm defines: > > # > +# Choose the non-repudiable signature algorithm: > +# DSA (default) > +# RSA (implies SHA1) > +# ECDSA (implies SHA256) > +# DSA/SHA1 > +# DSA/SHA224 > +# DSA/SHA256 > +# DSA/SHA384 > +# DSA/SHA512 > +# RSA/SHA1 > +# RSA/SHA224 > +# RSA/SHA256 > +# RSA/SHA384 > +# RSA/SHA512 > +# ECDSA/SHA224 (using NIST P-224) > +# ECDSA/SHA256 (using NIST P-256) > +# ECDSA/SHA384 (using NIST P-384) > +# ECDSA/SHA512 (using NIST P-521) > +# > +%_build_sign RSA/SHA1 > Change to "DSA" for maximum compatibility with rpm-4.5. Note that rpm-5.4.15 was deliberately released with "RSA/SHA1" default to flush out problems as you have reported as early as possible. FYI: rpm-5.4.16 switches from BeeCrypt to LibTomCrypt and uses ECDSA in RPMTAG_ECDSAHEADER = RPMTAG_SIG_BASE+16, /* x */ which avoids (because that tag isn't known) in all legacy and competing versions of RPM. > > @@ -281,9 +303,13 @@ > # 109 Jenkins lookup3.c hashlittle() > # 111 RIPEMD-256 > # 112 RIPEMD-320 > +# 188 BLAKE2B > +# 189 BLAKE2BP > +# 190 BLAKE2S > +# 191 BLAKE2SP > # > -# Note: choosing anything but MD5 introduces instant legacy incompatibility. > -%_build_file_digest_algo 1 > +#%_build_file_digest_algo 1 > And BLAKE2BP (with 256bit protection and faster than MD5) is the preferred default in RPM5 releases. 73 de Jeff > > > -- > glen > > _______________________________________________ > pld-devel-en mailing list > pld-devel-en@lists.pld-linux.org > http://lists.pld-linux.org/mailman/listinfo/pld-devel-en _______________________________________________ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en