X-Original-To: alpine-devel@lists.alpinelinux.org Received: from mail-yb0-f170.google.com (mail-yb0-f170.google.com [209.85.213.170]) by lists.alpinelinux.org (Postfix) with ESMTP id BD7A55C4E81 for ; Fri, 9 Mar 2018 13:03:02 +0000 (GMT) Received: by mail-yb0-f170.google.com with SMTP id h19-v6so3091000ybj.11 for ; Fri, 09 Mar 2018 05:03:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ferrisellis-com.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:from:mime-version:date:message-id:subject :references:in-reply-to:to; bh=zY35XNQhtlgpKRc7L61mn32/QfM12CJNZcoxM/E0Ea0=; b=PC95I9jHhPDPdDFtr/5k+TGtcDJC1axw08/QGWd4nWEFkpAZxx5l0BQA+86F1td/+g Fc0ANrWLGBVoxg+/Xeo0qWf6Y9/BAgZaMp+UI/gYHJz3R6akr1RbHRoxTG/tQnA3qm9C hilH3bv3BjbTCPLpF02dTRvBI8fOB3GD+jtJ6Tk9UXvAd0pXRO+6jsh1HaCYMItZTqQ1 V8MeTzfieR0cxfGIOcYACyh1x7phhRGYGlhCFHjAUZVumAliXFjK9Gc//V+jiD70gTkx N4DkI0uXU0MDxNUuMpf6Ln0F4ULummPncnQC0RIpNlAfl2ngVwsI2hEURCrowsNO9q32 awEQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version:date :message-id:subject:references:in-reply-to:to; bh=zY35XNQhtlgpKRc7L61mn32/QfM12CJNZcoxM/E0Ea0=; b=Q7VJrow14xfnSzpGTsiCP4T2/DMWkbCfEPXhfTwKAVesrvevtLJMO3QvoruhwnD26c zFgMlEFEcBhgFRLSmwjhkkGZsDhcvwxU/68RjZoeyzlE2ZY48hI4C9F2HPcdcirSIrlJ wa6lBeVXhbUPmyl+Obks5ksyo+mtOb32HoSbzCt/ifl4UT6USLGl5y57ulxe0VvzINRu 48xF+jkrkQvv7LXTrsEH1mwM9dTAuOr/Vf2exjodTx39IMpT53/jT/OEYc9RZnzPganA C9BZ4SCR91Qb+2dS8a2IOoHCFv3AK2myt9/CqN14C42wuxnCHfpeFo1Qb77N48lx/8bd w6eg== X-Gm-Message-State: APf1xPDZxkDvL7OM5BbsVS2ZgLAfeLVa8xCRGHNGjxpi2mwnGkbvZcOq 7JK3eG3l+oh66cMNCaNCNMn+dHn1jiU= X-Google-Smtp-Source: AG47ELsCtiZtBtIpSrz+AtnXbDwwpfiGbkeYmZDh4pc6gtfCKN8CK1bFEQq3R4eLCGyqjJf8p5NA1w== X-Received: by 2002:a25:7ec3:: with SMTP id z186-v6mr18957380ybc.55.1520600581598; Fri, 09 Mar 2018 05:03:01 -0800 (PST) Received: from [192.168.2.246] (c-73-120-111-204.hsd1.tn.comcast.net. [73.120.111.204]) by smtp.gmail.com with ESMTPSA id m84sm309498ywm.5.2018.03.09.05.02.53 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Mar 2018 05:02:53 -0800 (PST) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 From: Ferris Ellis X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: Mime-Version: 1.0 (1.0) Date: Fri, 9 Mar 2018 08:02:50 -0500 Message-Id: Subject: Re: [alpine-devel] Upgrading package signatures from SHA1 to SHA2 digest. References: <257B6969-21FD-4D51-A8EC-95CB95CEF365@ferrisellis.com> <20180308145356.6355eafe@vostro.util.wtbts.net> In-Reply-To: <20180308145356.6355eafe@vostro.util.wtbts.net> To: alpine-devel@lists.alpinelinux.org X-Mailer: iPad Mail (15C202) > On Mar 8, 2018, at 7:53 AM, Timo Teras wrote: >=20 > On Wed, 7 Mar 2018 18:28:49 -0500 > Ferris Ellis wrote: >=20 >> ... >>=20 >> I wanted to start a dialog about the possibility of moving to using >> SHA2 digests (I would presume SHA256 would be the preferred option) >> for signatures as SHA1 is deemed insecure by many and is being phased >> out for most usage of PKI. This includes my use case, where the >> crypto-service I have deliberately no longer offers signatures with >> SHA1 digests and instead offers standard SHA2 digests. >>=20 >> ... >=20 > I have been working to update .apk and index formats to binary. I was > hoping to do the hash algorithm change there. While I do have the > design ready, and some code too, it's taking a bit more than expected. >=20 > I am willing to accept backwards compatible patches at this point even > for the current formats. The signatures could be pretty easily updated. > Just add a new prefix type to identify the signatures as rsa-sha256 or > similar. >=20 > However, sign only the control.tar.gz part of apk. That in turn > contains hash for the control.tar.gz part containing the package > metadata. Changing this 'identity hash' from sha1 to sha256 would be > more intrusive. Same applies to the individual file checksums kept in > the file database for audit purposes. However, control.tar.gz does have > stronger hash (sha256) for data.tar.gz which contains the actual file > data content. >=20 > Timo Timo, thanks for sharing! I=E2=80=99m a little confused by your message. Can= you clarify what each of the hashes are? Including the =E2=80=98identity ha= sh=E2=80=99 and =E2=80=98individual file checksums=E2=80=99? I=E2=80=99m sti= ll new to the internals of apk packaging and am only aware of two hashes: 1. The RSA signature hash uses SHA1 as the hash for control.tar.gz. 2. Inside control.tar.gz is the .PKGINFO file which contains a SHA2-256 hash= of data.tar.gz Also, as I mentioned in my last reply to A. Wilcox, I think since the RSA si= gnature is ASN1 encoded. If so you shouldn=E2=80=99t need a new prefix type,= as the ASN1 blob states the hash that it contains. But please correct me if= I=E2=80=99m wrong on this! Just trying to be of help :) Cheers, Ferris= --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---