@jessorensen commented on this pull request.
> + }
+ rpmlog(RPMLOG_DEBUG, _("key: %s\n"), key);
+ rpmlog(RPMLOG_DEBUG, _("cert: %s\n"), cert);
+ compr = headerGetString(h, RPMTAG_PAYLOADCOMPRESSOR);
+ rpmio_flags = rstrscat(NULL, "r.", compr ? compr : "gzip", NULL);
+ gzdi = Fdopen(fdDup(Fileno(fd)), rpmio_flags);
+ if (!gzdi)
+ rpmlog(RPMLOG_DEBUG, _("Fdopen() failed\n"));
+ files = rpmfilesNew(NULL, h, RPMTAG_BASENAMES, RPMFI_FLAGS_QUERY);
+ fi = rpmfiNewArchiveReader(gzdi, files,
I wish I could, but unfortunately I don't believe it is possible. fsverity
generates a Merkle tree (basically a tree of digests) and signs the root hash,
and we cannot derive the root sha from the file sha.
This is what I mentioned in here:
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Rpm-maint mailing list