Bart Smaalders wrote: > Garrett D'Amore wrote: >>> Since each action can contain arbitrary attributes, the customer's >>> signature action can contain whatever data he wants; the packaging >>> system happily ignores that which it doesn't know about so he can >>> add new attributes to his signature ad nauseam. >>> >>> This would mean that any actions that are signatures are simply >>> ignored when computing the hash for signing purposes. Each signature >>> can carry whatever extra data (within reason, of course) is deemed >>> necessary by the signer. >>> >>> If the customer is worried about retrieving these packages from a repo >>> run by a hostile which is attempting to edit his meta data, we can >>> always include just the signature being generated (minus the hash value) >>> in the hash. >>> >>> Thus, each signature stands alone, but if present cannot be altered w/o >>> detection. >> I think you want the hash value in the signed portion. Otherwise, how >> do you keep someone from reattaching a different signed meta data from a >> "bad" package to a "good" package? >> >> Possibly all you need is just the hash signature. >> >> I still don't really understand whether meta data can alter the behavior >> of the software (either the installed software or the installation >> software itself) -- can it? >> >> - Garrett > > The signed portion of the manifest would consist of all the entries in > the manifest (actions) aside from signatures, _plus_ any metadata > included in the signature being generated. > > Thus signatures cannot be spoofed or exchanged, but they may generated > by anyone w/ a key and added to the manifest. They cannot be altered > w/o invalidating that signature. The rest of the manifest cannot be > altered either w/o invalidating all signatures. > > For example, suppose the manifest consists of: > > set name=fmri value=pkg:/cheeseshop at 1.0 > dir group=sys mode=0755 owner=root path=/scripts > file b0b7615454f3a3ec0d0d159677618bbb476052e0 group=bin mode=0444 > owner=root path=scripts/cheeseshop.txt > signature .... > > and you wish to sign it again with the additional meta data of > airspeed_of_unladen_swallow=20 > > then the complete hashed text would include the manifest text > minus the already present signature but including the > airspeed_of_unladen_swallow=20 in a canonical format.
This makes perfect sense to me. -- Darren J Moffat
