Does pkg check signatures?
yuri at rawbw.com
Wed Jan 15 02:44:43 UTC 2014
On 01/14/2014 05:48, Baptiste Daroussin wrote:
> secteam doesn't seem to agree with you, talk to them.
Since I didn't find any documentation on how security of package
transfer works, I did some debugging and learned from there.
The files downloaded from repository are gzipped tar archive with .txz
extension, and contain 3 files inside. For example, if the file is
mydist.txz, it would be contain these files:
* mydist.pub -- RSA public key, always the same in all archives
* mydist.sig -- 256 byte binary RSA signature of mydist file
* mydist -- the payload file
The fingerprint file
/usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 contains the
SHA256 hash of the .pub file from all .txz archives. So that all those
.pub files are the same, and the secret key is merely its verification
fingerprint. .sig file is the RSA signature of the payload file.
Verification of mydist payload is done using .pub certificate.
So this whole process appears to be secure. What confused me is the term
The only question that I still have is this: Why this "fingerprint" is
introduced here? Why not just store the corresponding .pub file over
there as a trusted key? Since this public key is what is used for
verification, and there is 1-1 relationship, unless sha256 gets broken.
Eliminating one concept would have made this system simpler, and
wouldn't have required to have "fingerprint" term there.
More information about the freebsd-pkg