X-Original-To: alpine-devel@lists.alpinelinux.org Received: from mail-lf0-f48.google.com (mail-lf0-f48.google.com [209.85.215.48]) by lists.alpinelinux.org (Postfix) with ESMTP id 45F9A5C4EBC for ; Tue, 20 Mar 2018 13:06:55 +0000 (GMT) Received: by mail-lf0-f48.google.com with SMTP id y19-v6so2426624lfd.4 for ; Tue, 20 Mar 2018 06:06:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EoKHRGKjdblWU4pwetn+s7nYPem8Wq30n1hLqabCBx8=; b=nRiep49k+CdoX3Q5fxm084u6Q9FeYcoG9iJheqScPuu6XdxReDJzGlc5yh149kADWL td+oSgJcO+EROXaNjI8dYCJ+YzcaLosfLLMmh6CDpSzmK1E+r6alySMIAIZwY0kGuvD/ f7aWON3I+j3YqEK/fdA6F0TgOC8juq8Y9EhSm6VlvlmM9RkhDwIkTcBfTSOH5vLnv1q/ TZuU/prUr2uX6AdT8EYFnswmygbbr/uaJYuawejaL4IQi0UrNOfTNQsqqRrztrEFq57l t1+/QFwX9fTNxUsP0QufpOvC7GC5w+yyJ2RLILvtOhI35WKFOiYAu4FBIKuxuUctEGlW DZwQ== X-Gm-Message-State: AElRT7EL0AF8hPK/mzpznb2Hgm/rNTY5Qly2Ixvyj+Vs4qLQOimEsju9 BbZHmttM2JeOuOd/fJrWGiELKDXp X-Google-Smtp-Source: AG47ELvHyxtGQS4yWgRlkv+ieB5jDXKXNKaJGVPdaj4ue6l+cCS+cJnpLZXVUktW73DIe6ZeTd7wog== X-Received: by 2002:a19:14d1:: with SMTP id 78-v6mr11326104lfu.37.1521551214485; Tue, 20 Mar 2018 06:06:54 -0700 (PDT) Received: from vostro ([2001:1bc8:101:f402:e66f:13ff:fef3:8cd0]) by smtp.gmail.com with ESMTPSA id 63-v6sm432709lfq.31.2018.03.20.06.06.54 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 20 Mar 2018 06:06:54 -0700 (PDT) Date: Tue, 20 Mar 2018 15:06:51 +0200 From: Timo Teras To: Ferris Ellis Cc: alpine-devel@lists.alpinelinux.org Subject: Re: [alpine-devel] Upgrading package signatures from SHA1 to SHA2 digest. Message-ID: <20180320150651.49fbcbae@vostro> In-Reply-To: References: <257B6969-21FD-4D51-A8EC-95CB95CEF365@ferrisellis.com> <20180308145356.6355eafe@vostro.util.wtbts.net> X-Mailer: Claws Mail 3.15.1-dirty (GTK+ 2.24.31; x86_64-alpine-linux-musl) X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Fri, 9 Mar 2018 08:02:50 -0500 Ferris Ellis wrote: > Also, as I mentioned in my last reply to A. Wilcox, I think since the > RSA signature is ASN1 encoded. If so you shouldn=E2=80=99t need a new pre= fix > type, as the ASN1 blob states the hash that it contains. But please > correct me if I=E2=80=99m wrong on this! Just trying to be of help :) I was just looking at the code again, and we did add support for sha256 and sha512 + rsa signatures earlier. It detects the signature type from the filename (RSA, RSA256, RSA512). The signature it self is raw output of "openssl dgst -sha -sign pkey.pem" output, and IIRC it is not asn1 but the raw signature for the mechanism selected. Cheers, Timo --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---