XBPS Library API 20250915
The X Binary Package System
verifysig.c
1/*-
2 * Copyright (c) 2013-2014 Juan Romero Pardines.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include <stdio.h>
27#include <stdlib.h>
28#include <string.h>
29#include <errno.h>
30#include <libgen.h>
31#include <fcntl.h>
32#include <sys/stat.h>
33#include <sys/mman.h>
34#include <limits.h>
35
36#include <openssl/err.h>
37#include <openssl/sha.h>
38#include <openssl/rsa.h>
39#include <openssl/ssl.h>
40#include <openssl/pem.h>
41
42#include "xbps_api_impl.h"
43
44static bool
45rsa_verify_hash(struct xbps_repo *repo, xbps_data_t pubkey,
46 unsigned char *sig, unsigned int siglen,
47 unsigned char *sha256)
48{
49 BIO *bio;
50 RSA *rsa;
51 int rv;
52
53 ERR_load_crypto_strings();
54 SSL_load_error_strings();
55
56 bio = BIO_new_mem_buf(xbps_data_data_nocopy(pubkey),
57 xbps_data_size(pubkey));
58 assert(bio);
59
60 rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
61 if (rsa == NULL) {
62 xbps_dbg_printf("`%s' error reading public key: %s\n",
63 repo->uri, ERR_error_string(ERR_get_error(), NULL));
64 return false;
65 }
66
67 rv = RSA_verify(NID_sha256, sha256, SHA256_DIGEST_LENGTH, sig, siglen, rsa);
68 RSA_free(rsa);
69 BIO_free(bio);
70 ERR_free_strings();
71
72 return rv ? true : false;
73}
74
75bool
76xbps_verify_signature(struct xbps_repo *repo, const char *sigfile,
77 unsigned char *digest)
78{
79 xbps_dictionary_t repokeyd = NULL;
80 xbps_data_t pubkey;
81 char *hexfp = NULL;
82 unsigned char *sig_buf = NULL;
83 size_t sigbuflen, sigfilelen;
84 char *rkeyfile = NULL;
85 bool val = false;
86
87 if (!xbps_dictionary_count(repo->idxmeta)) {
88 xbps_dbg_printf("%s: unsigned repository\n", repo->uri);
89 return false;
90 }
91 hexfp = xbps_pubkey2fp(xbps_dictionary_get(repo->idxmeta, "public-key"));
92 if (hexfp == NULL) {
93 xbps_dbg_printf("%s: incomplete signed repo, missing hexfp obj\n", repo->uri);
94 return false;
95 }
96
97 /*
98 * Prepare repository RSA public key to verify fname signature.
99 */
100 rkeyfile = xbps_xasprintf("%s/keys/%s.plist", repo->xhp->metadir, hexfp);
101 repokeyd = xbps_plist_dictionary_from_file(rkeyfile);
102 if (xbps_object_type(repokeyd) != XBPS_TYPE_DICTIONARY) {
103 xbps_dbg_printf("cannot read rkey data at %s: %s\n",
104 rkeyfile, strerror(errno));
105 goto out;
106 }
107
108 pubkey = xbps_dictionary_get(repokeyd, "public-key");
109 if (xbps_object_type(pubkey) != XBPS_TYPE_DATA)
110 goto out;
111
112 if (!xbps_mmap_file(sigfile, (void *)&sig_buf, &sigbuflen, &sigfilelen)) {
113 xbps_dbg_printf("can't open signature file %s: %s\n",
114 sigfile, strerror(errno));
115 goto out;
116 }
117 /*
118 * Verify fname RSA signature.
119 */
120 if (rsa_verify_hash(repo, pubkey, sig_buf, sigfilelen, digest))
121 val = true;
122
123out:
124 if (hexfp)
125 free(hexfp);
126 if (rkeyfile)
127 free(rkeyfile);
128 if (sig_buf)
129 (void)munmap(sig_buf, sigbuflen);
130 if (repokeyd)
131 xbps_object_release(repokeyd);
132
133 return val;
134}
135
136bool
137xbps_verify_file_signature(struct xbps_repo *repo, const char *fname)
138{
139 char sig[PATH_MAX];
140 unsigned char digest[XBPS_SHA256_DIGEST_SIZE];
141 bool val = false;
142
143 if (!xbps_file_sha256_raw(digest, sizeof digest, fname)) {
144 xbps_dbg_printf("can't open file %s: %s\n", fname, strerror(errno));
145 return false;
146 }
147
148 snprintf(sig, sizeof sig, "%s.sig2", fname);
149 val = xbps_verify_signature(repo, sig, digest);
150
151 return val;
152}
char metadir[XBPS_MAXPATH]
Definition xbps.h:678
void xbps_dbg_printf(const char *fmt,...)
Prints debug messages to stderr.
Definition log.c:67
xbps_dictionary_t idxmeta
Definition xbps.h:1521
struct xbps_handle * xhp
Definition xbps.h:1491
const char * uri
Definition xbps.h:1527
Repository structure.
Definition xbps.h:1479
xbps_dictionary_t xbps_plist_dictionary_from_file(const char *path)
char * xbps_pubkey2fp(xbps_data_t pubkey)
Definition pubkey2fp.c:66
char * xbps_xasprintf(const char *fmt,...) __attribute__((format(printf
bool xbps_verify_file_signature(struct xbps_repo *repo, const char *fname)
Definition verifysig.c:137
char bool xbps_mmap_file(const char *file, void **mmf, size_t *mmflen, size_t *filelen)
Definition util_hash.c:65
bool xbps_verify_signature(struct xbps_repo *repo, const char *sigfile, unsigned char *digest)
Definition verifysig.c:76
bool xbps_file_sha256_raw(unsigned char *dst, size_t len, const char *file)
Definition util_hash.c:116