Support ed25519 signatures

[mlschroe]

No description provided.

[mlschroe]

Note that this is incomplete: there needs to be another commit to define which tag to use for ed25519 signatures.

[mlschroe]

Things that need to be discussed:

• which signature header tags to (re-)use? (My preference is the gpg tags.)
• do we want to add RPMRC_UNSUPPORTED for unsupported algorithms/curves? Currently unsupported sigs are reported as bad, which is not nice.
• do we want to allow the import of unsupported pubkeys? We currently do not allow that, my preference is to keep it that way.

Bonus questions:

• what is RPMRC_NOTTRUSTED?
• what is sinfo->sigalgo? It does not seem to be set anywhere.

[pmatilai]

Things that need to be discussed:

* which signature header tags to (re-)use? (My preference is the gpg tags.)

The existing GPG/PGP tags are problematic as there are probably underlying assumptions about their contents. PR #1050 adds RPMTAG_OPENPGPHEADER which doesn't care about the underlying signature algorithm, these are all just OpenPGP signatures in the end.

* do we want to add `RPMRC_UNSUPPORTED` for unsupported algorithms/curves? Currently unsupported sigs are reported as bad, which is not nice.

For digests we treat any unknown algorithms as non-existent ie RPMRC_NOTFOUND (see 74766d3), seems to me we could/should do the same with signatures too.

* do we want to allow the import of unsupported pubkeys? We currently do not allow that, my preference is to keep it that way.

Yup, I'd say its the sane thing to do.

Bonus questions:

* what is RPMRC_NOTTRUSTED?

An unused blast from the past... I think the idea behind it has been to distinguish between a valid signature and one that you trust to allow package installation, only there never was any framework to hook that into. I haven't removed it as it seemed like something that may yet someday be useful (in rpm >= 4.14.2 we finally have some of the missing pieces)

* what is `sinfo->sigalgo`? It does not seem to be set anywhere.

It's the pubkey algorithm of the OpenPGP signature, ie currently PGPPUBKEYALGO_RSA or PGPPUBKEYALGO_DSA. It gets set as part of the struct assignment early in rpmsinfoInit() - had forgotten all about that and to scratch my head for a while though 😅

[mlschroe]

But when I asked you about that in #1050 you said: "It could be multiple groups or whatever, but certainly not about new algorithms"...

[pmatilai]

Oh, but that question was about the name part, or at least that's how I understood it. So the "name" in #1050 has nothing to do with new algorithms as such, but the tag name was specifically chosen to support any new signing algorithms that might get used in OpenPGP without having to add new specific tags like with DSA/RSA now (and then reflect those changes through all the scripts that query for those specific tags etc etc). Not sure if it gets communicated in #1050 but part of the idea is to unify all signatures under the same tag so when people want to do queries on signatures, there's just one place to look at.

[cgwalters]

Just to xref, in ostree we recently merged an ed25519 signing system too: see ostreedev/ostree#1233
and ostreedev/ostree#1878

The main motivation apparently is that GPG being lgplv3 and carrying the patent clauses is problematic for some people making embedded systems.

[mlschroe]

Thanks for the info. Note that this pull request does not make rpm use some different signature system: it still only supports pgp (RFC4880) signatures. Only very old rpm versions used gpg to verify the signatures, rpm has its own pgp functions since ages.
(See also issue #1193 for a discussion about different signature systems)

[pmatilai]

And thanks for the patches.