On Jul 18, 2014, at 5:04 PM, Mark Hatle wrote:
> On 7/18/14, 3:08 PM, Jeffrey Johnson wrote:
>>
>> On Jul 1, 2014, at 10:12 AM, Mark Hatle wrote:
>>
>>> The recent changes to add variable encryption have left one compilation
>>> issue that I found. Attached is a patch that adds the missing ifdefs to
>>> resolve the issue.
>>>
>>> --Mark
>>> <rpm-rpmpgp-fix.patch>
>>
>> This patch finally checked in, thank you.
>>
>> There's _STILL_ some problem with RSA using openssl:
>
> :) At least you finally can reproduce it. We did get the Yocto Project up
> to rpm 5.4.14. (I also have a 'CVS' recipe for the newer stuff..) So we are
> testing much newer code at least now.
>
Gotcha.
Leading zeroes on the OpenPGP RSA signature need to
be resurrected into a fixed length octet string:
...
<-- rpmsslSetRSA(0x9cee4e0) OK RSA/SHA1
==10941== Invalid read of size 1
==10941== at 0x7F132FC: BN_bin2bn (bn_lib.c:607)
==10941== by 0x7F30662: RSA_eay_public_decrypt (rsa_eay.c:760)
==10941== by 0x7F36B6F: pkey_rsa_verify (rsa_pmeth.c:373)
==10941== by 0x546480B: rpmsslVerify (rpmssl.c:402)
==10941== by 0x50FAE33: rpmVerifySignature (rpmpgp.h:1860)
==10941== by 0x50E9FE5: rpmReadPackageFile (package.c:353)
==10941== by 0x4E883DC: rpmgiReadHeader (rpmgi.c:163)
==10941== by 0x4E88B9C: rpmgiNext (rpmgi.c:232)
==10941== by 0x4E722A7: rpmgiShowMatches (query.c:438)
==10941== by 0x4E7334A: rpmQueryVerify (query.c:556)
==10941== by 0x4E73DFE: rpmcliArgIter (query.c:852)
==10941== by 0x4E74164: rpmcliQuery (query.c:974)
==10941== Address 0x17e47d7f is 0 bytes after a block of size 255 alloc'd
==10941== at 0x4A069EE: malloc (vg_replace_malloc.c:270)
==10941== by 0x5461CBA: rpmsslMpiItem (rpmssl.c:700)
==10941== by 0x5458B00: pgpPrtSigParams (rpmpgp.h:1893)
==10941== by 0x544137F: rpmhkpLoadSignature (rpmhkp.c:553)
==10941== by 0x50E9F7D: rpmReadPackageFile (package.c:289)
==10941== by 0x4E883DC: rpmgiReadHeader (rpmgi.c:163)
==10941== by 0x4E88B9C: rpmgiNext (rpmgi.c:232)
==10941== by 0x4E722A7: rpmgiShowMatches (query.c:438)
==10941== by 0x4E7334A: rpmQueryVerify (query.c:556)
==10941== by 0x4E73DFE: rpmcliArgIter (query.c:852)
==10941== by 0x4E74164: rpmcliQuery (query.c:974)
==10941== by 0x404A30: main (rpmqv.cc:1041)
==10941==
========== RSA
n:
CB868DC4E01059B8C9203E14EDCA0EA2E659DA147C3C4B07B862CED80451932944A6B154C79B75BBB648D89F92016B0099679E3853478513E7D08D5A3DAF163DF11AB40B649C8ED0DAB38F01078C94B44D2F32EAD6044CDE6508C8E1965B057D9530DDE6EAF9BA34324CA77051FBCC9FBD09E0453B0DCC6B034738BD75E00729BF535EE985CD33B2EFE9E03637CA9D7FF61DB1474BEAF9505454A637C9174F9A921FB719058F8A74F6F802600A11CEC324F56CE91867DF199A268BDFD7DAF10EECD74F137A0022080DEA7739B82B8358DA1FC9AB47E1BF0714DD1B902752FC69C995E0FDD964BC1873C8848032BC220A01680FF53794433E5387D4A9E94A90D1
e: 010001
d:
p:
q:
dp:
dq:
qi:
hm:
01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A05000414A9948481517A601F7F2D80330F27DB3C8F1AF82D
<-- rpmsslVerify(0x9cee4e0) BAD RSA/SHA1
...
DSA/ECDSA unaffected fwiw.
Check-in fix tomorrow todo++.
73 de Jeff
______________________________________________________________________
RPM Package Manager http://rpm5.org
Developer Communication List rpm-devel@rpm5.org
