Issue with -s | --sign param

[daygr]

I have been using repose as part of the aurutils package, and have a local repository which is signed with my private key, said key is also the default key for pacman and has been locally signed. I had to manually sign the db for the repository with gpg, as repose -s repo_name causes a segfault.

/path/to/repo % repose -s repo 
[1]    13349 segmentation fault (core dumped)  repose -s repo

gdb output is vague, I am not sure where else to look.

(gdb) r
Starting program: /usr/bin/repose
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
repose: incorrect number of arguments provided

[vodik]

Indeed something is screwed up here. Seems like repose is also generating invalid signatures too. It doesn't crash on me, but when i try to do another operation on the signed database I get "unexpected validity 0x0" (probably something wrong with my key)...

I'll have a quick look.

[vodik]

Can you give me any details on how you generated the particular key that's crashing on you? If not, might not see a resolution until #45 lands and signing gets replaced (making good progress - shouldn't be more than a week or two).

The existing gpgme code is nasty...

[daygr]

This is the top of my pgpdump;

Old: Secret Key Packet(tag 5)(1862 bytes)
        Ver 4 - new
        Public key creation time - Wed Nov 12 17:43:28 EST 2014
        Pub alg - RSA Encrypt or Sign(pub 1)
        RSA n(4096 bits) - ...
        RSA e(17 bits) - ...
        Sym alg - AES with 128-bit key(sym 7)
        Iterated and salted string-to-key(s2k 3):
                Hash alg - SHA1(hash 2)
                Salt - b1 cd 9d 38 57 4f 9a 1f
                Count - 24117248(coded count 231)
        IV - 3b 3f 9f b2 6f 94 d3 68 83 02 47 1c 4e e0 c8 4c
        Encrypted RSA d
        Encrypted RSA p
        Encrypted RSA q
        Encrypted RSA u
        Encrypted SHA1 hash
Old: User ID Packet(tag 13)(26 bytes)
        User ID - Greg Day <gday@cryptic.li>
... etc signatures ...

That was back in 2014 before I started obsessively saving my zsh history, so I don't have more details than that.

[AladW]

Considering a rewrite is being done, this might be an opportune moment to ask something I've been wondering about for a while: what are the reasons for keeping signing in repose to begin with, rather than use gpg manually? e.g. if you wanted to use a different key for signing packages than your default key (see aurutils/aurutils#198) or other edge cases, you'd have to move back to gpg anyway or implement these features in the project. If the correct path of the database regarding signing is an issue, you could instead have repose print the absolute path on stdout after the database was updated.

Perhaps I'm missing some finer issues here, and apologies if this strays too far from the topic at hand.

[daygr]

@AladW Glad you commented. I was considering opening an issue for aurutils about this as well. I had to remove the repose -s flag in the aurbuild script (line 61) to use my signed database. Packages are added and signed, still, though I had to manually sign the repository, as mentioned.

[vodik]

Yeah, its certainly something worth discussing. Seriously, the only reason it was added in the first place was because repo-add does it, at once upon a time I aimed to support being a repo-add drop in replacement as well as my own standalone tool.

Backwards compatibility was dropped because of the nightmare of maintaining the vodik.db to vodik.db.tar.gz symlinks, and it was probably for the better (I don't think anyone used it either).