Date: Sat, 08 Feb 2014 20:23:38 -0500 From: "John W. O'Brien" <john@saltant.com> To: FreeBSD Ports <freebsd-ports@freebsd.org> Subject: Re: Trouble verifying a pkg-repo signature manually Message-ID: <52F6D89A.9020807@saltant.com> In-Reply-To: <52F6C2D4.9090009@saltant.com> References: <52F6C2D4.9090009@saltant.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--I6VpAHoTjtKhFwtuVLLuBxi4DTGIWxGEn
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On 2/8/14 6:50 PM, John W. O'Brien wrote:
> Hello freebsd-ports@,
>=20
> I'm trying to build and maintain my own package repository and
> understand how everything is put together in the process. Right now, I'=
m
> having trouble understanding how the signatures are made and verified.
> The following should illustrate both the problem I'm having and how I
> think things are supposed to work.
[...]
> Testing the signature
> ---------------------
>=20
> # cd /tmp/test
> # tar xf /tmp/packages/digests.txz
> # openssl dgst -verify /tmp/keys/repo.pub \
> -signature signature -sha256 digests
> Verification Failure
[...]
I think I found out why this doesn't work.
Inside pkg-repo(8), the code that actually generates the signature [0],
signs an ASCII-encoded, zero-terminated [1] representation of the SHA256
digest. I would guess that inside "openssl dgst ... -sha256 ..." the
signature generation and verification are operating on a SHA256 blob
(i.e. unterminated binary).
So, the next best way I've come up with to verify a repo by hand is this:=
# openssl rsautl -pubin -inkey /tmp/keys/repo.pub \
-verify -in test_sig -asn1parse
0:d=3D0 hl=3D2 l=3D 49 cons: SEQUENCE
2:d=3D1 hl=3D2 l=3D 13 cons: SEQUENCE
4:d=3D2 hl=3D2 l=3D 9 prim: OBJECT :sha256
15:d=3D2 hl=3D2 l=3D 0 prim: NULL
17:d=3D1 hl=3D2 l=3D 32 prim: OCTET STRING
0000 - 7d b0 d6 38 8c 0f 28 53-2a 76 40 4f d6 84 8f 24
}..8..(S*v@O...$
0010 - e5 0a a1 57 45 ec f1 31-14 aa d0 4c 9a d0 fc 17
=2E..WE..1...L....
# sha256 -q digests
7db0d6388c0f28532a76404fd6848f24e50aa15745ecf13114aad04c9ad0fc17
I just visually compare the OCTET STRING to the digest.
[0] rsa_sign()
https://github.com/freebsd/pkg/blob/master/libpkg/rsa.c#L175
[2] sha256_hash()
https://github.com/freebsd/pkg/blob/master/libpkg/utils.c#L343
--I6VpAHoTjtKhFwtuVLLuBxi4DTGIWxGEn
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQEcBAEBCgAGBQJS9tieAAoJEBRzAKlhyP/FteAH/j9A4jkIRGyVcA8zC1V6ShF5
CrxNIh6JG/HgAqe1S1u1Al62OO9l1SRGuyCZzeooXqmT+Yo/i0io8t7GQvzWxJon
78QhpKYC66rhbHjTN6bR+14Fc23ji4EtdMNu1oiVbAElvadesEdVPwYo3wpyIo0c
egghFhU9jO+8P26bbb1twQ5QlZgQoCiajCeU4Na9iI4Hzb9NUo5y6ZDS5HayflOx
xIVz77wpGqw6x3ukuZ7RLiMnijXp43ibIAT/SrieVXPeE4PQGYXHlZ4vzKRTcfgA
Pttj74JMye/Zi6Ct7tCpSR8cjixQDU6NZGEWPTn329sqQUNMfpMJmS+W82PdbCM=
=XT9o
-----END PGP SIGNATURE-----
--I6VpAHoTjtKhFwtuVLLuBxi4DTGIWxGEn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52F6D89A.9020807>