Mail archive

Re: [alpine-devel] Upgrading package signatures from SHA1 to SHA2 digest.

From: Timo Teras <>
Date: Fri, 9 Mar 2018 15:21:07 +0200

On Fri, 9 Mar 2018 08:02:50 -0500
Ferris Ellis <> wrote:

> Timo, thanks for sharing! I’m a little confused by your message. Can
> you clarify what each of the hashes are? Including the ‘identity
> hash’ and ‘individual file checksums’? I’m still new to the internals
> of apk packaging and am only aware of two hashes:
> 1. The RSA signature hash uses SHA1 as the hash for control.tar.gz.

Yes. The SHA1 hash for control.tar.gz is also the "identity hash" which
is stored in index files. If .apk installed from repository, the
signature itself is not currently verified, instead the following
 1. Index file's signature is verified
 2. .apk files 'identity hash' or control.tar.gz hash is verified to
 match against the index file's given SHA1 hash of the package

> 2. Inside control.tar.gz is the .PKGINFO file which contains a
> SHA2-256 hash of data.tar.gz


Additionally the PAX tar header contains SHA1 hash for each individual
file. It is not verified during extraction, but it is stored in the
installed database, and used for 'apk audit' which determines the
integrity of current system.

> Also, as I mentioned in my last reply to A. Wilcox, I think since the
> RSA signature is ASN1 encoded. If so you shouldn’t need a new prefix
> type, as the ASN1 blob states the hash that it contains. But please
> correct me if I’m wrong on this! Just trying to be of help :)

Yeah, that would probably work nicely.

So again, doing sha256 signatures is probably simple as the above. But
changing the index file's hash of package's control.tar.gz would be
non-trivial due to backwards compatibility issues. It will also
increase the index size considerably; this would increase apk runtime
memory requirements and have performance side-effects. This is one of
the main issues I want to resolve in the new file formats.


Received on Fri Mar 09 2018 - 15:21:07 UTC