I had this question a while back, and this is what I was able to track down:
The files are not signed via any PKI trusted by your system, but rather by a specific RSA key that is trusted by the code itself. If you look in libclamav/dsig.c, there is an implementation of RSA inspired by http://www.erikyyy.de/yyyRSA/, and the public parameters of an RSA key are hard-coded in that file. - Luke On Mar 15, 2019, at 11:04 AM, instaham--- via clamav-users <clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>> wrote: Leonardo Rodrigues wrote: the databases are digitally signed, and any modification, such in a man-in-the-middle attack, would break the signature and freshclam would refuse to run the files. Sounds good. Can you please explain how this works in detail? Apt places GPG keys in the system and uses them to verify downloaded data. It doesn't seem that ClamAV placed any GPG keys in my system. So how is the verification happening? Thanks _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.clamav.net_mailman_listinfo_clamav-2Dusers&d=DwIGaQ&c=9Hv6XPedRSA-5PSECC38X80c1h60_XWA4z1k_R1pROA&r=kBR20qCRpw_COsjokFR0DeDlBjL9wibcGzBBJtTubwc&m=Am934oxvGJUzY7zjAMr7LsAoh1QKFMW_pCV9H3D-XAY&s=32-aBf3kPc7KjmlElZ_x56PEUwoQoMgpezWIVZtdnHc&e= Help us build a comprehensive ClamAV guide: https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwIGaQ&c=9Hv6XPedRSA-5PSECC38X80c1h60_XWA4z1k_R1pROA&r=kBR20qCRpw_COsjokFR0DeDlBjL9wibcGzBBJtTubwc&m=Am934oxvGJUzY7zjAMr7LsAoh1QKFMW_pCV9H3D-XAY&s=iFxlVSJ2ckNdLBVhTcgERy1eec3jp4yRZnbzcDlxDrE&e= https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwIGaQ&c=9Hv6XPedRSA-5PSECC38X80c1h60_XWA4z1k_R1pROA&r=kBR20qCRpw_COsjokFR0DeDlBjL9wibcGzBBJtTubwc&m=Am934oxvGJUzY7zjAMr7LsAoh1QKFMW_pCV9H3D-XAY&s=ncrTAyYChjf7wK4-1nqUY9gKjgolYUlQpjB0FKybCqw&e=
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
