rpm5 package verification and md5sum of config files

Jeffrey Johnson n3npq at me.com
Tue Oct 16 08:55:07 CEST 2012 

On Oct 16, 2012, at 2:37 AM, Jan Rękorajski <baggins at pld-linux.org> wrote:
> 
> Adam, which bug is fixed by your 1-liner?
> 

Eeek! I missed the patch. Apologies for being obnoxious:
I haven't heard a bug report on this code in years (but PLD is always first to find my RPM flaws ;-).


Hmmmm … here is cvs annotate:

1.71         (jbj      25-Nov-98):      {   VFA_t *vfa;
1.71         (jbj      25-Nov-98):          for (vfa = verifyAttrs; vfa->attribute != NULL; vfa++) {
1.71         (jbj      25-Nov-98):              if (strcmp(p, vfa->attribute))
1.174        (jbj      13-Oct-01):                  /*@innercontinue@*/ continue;
1.71         (jbj      25-Nov-98):              verifyFlags |= vfa->flag;
1.361        (jbj      29-Aug-09):                  verifyFlags &= ~RPMVERIFY_FDIGEST;
1.164        (jbj      05-Jun-01):              /*@innerbreak@*/ break;
1.71         (jbj      25-Nov-98):          }
1.71         (jbj      25-Nov-98):          if (vfa->attribute)
1.71         (jbj      25-Nov-98):              continue;
1.71         (jbj      25-Nov-98):      }

I now understand how HMAC entered this discussion
(the 1.361 29-Aug-09 check-in was adding support for HMAC).

I screwed the check-in: the patch is definitely in the right
direction (and the flawed indentation indicates my mistake.
I'm usually anal about indentation).

There _MAY_ be a reason to disab;e FDIGEST checking
automagically when an HMAC is in use: its plausible
(from the indentation) that a specific if test may have
been dropped. So perhaps the code should be
	if (verifyFlags & RPMVERIFY_HMAC)
	    verifyFlags &= ~RPMVERIFY_FDIGEST;
(but unnoticed because noon but me has ever used HMAC digests).

Checking (but not testing) … my guess is yes, there's an if dropped
by looking at other code in the same check-in.

(aside)
HMAC-MD5 has different (and fewer afaik) exploits than MD5
itself because of the recursion/padding involved generating
an HMAC. You might consider using HMAC-MD5 instead of plain MD5
to increase security w/o using SHA256 etc (which are *MUCH* slower
than MD5 (or afaik w/o measuring) HMAC-MD5).

Note that the HMAC hasn't been used by anyone except me
since being implemented. The HMAC code was passing test
vectors when implemented: other breakage may exist.

Again: apologies for not paying sufficient attention to the bug report
and missing the patch.

73 de Jeffe
> -- 
> Jan Rękorajski                                 | PLD/Linux
> SysAdm                                         | http://www.pld-linux.org/
> baggins<at>mimuw.edu.pl
> baggins<at>pld-linux.org
> _______________________________________________
> pld-devel-en mailing list
> pld-devel-en at lists.pld-linux.org
> http://lists.pld-linux.org/mailman/listinfo/pld-devel-en

More information about the pld-devel-en mailing list