[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Hash algorithms used by APT to verify authenticity of installed files.

* [Fri, Apr 29, 2011 at 07:57:28PM +0200] Tomasz Wozowicz:
"ForceHash "sha256"; // hashmethod used for expected hash: sha256,
sha1 or md5sum"

It doesnt say what  will happen if the expected hash is unavaible-
maybe it will just use weaker hash as fallback?

No. After all, it's named "ForceHash" not "PreferHash". :)

I think that issues regarding security should be descriped clearly and exhaustively. Many people like me are not coders and dont understand source code :(

I'm neither a coder, anyway the source seems pretty clear so I think it's worth reading if you care enough.

In apt-pkg/acquire-item.cc:1683 you can find the following lines:

   if (ForceHash.empty() == false)
     if(stringcasecmp(ForceHash, "sha256") == 0)
       ExpectedHash = HashString("SHA256", Parse.SHA256Hash());
     else if (stringcasecmp(ForceHash, "sha1") == 0)
       ExpectedHash = HashString("SHA1", Parse.SHA1Hash());
       ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
     string Hash;
     if ((Hash = Parse.SHA256Hash()).empty() == false)
       ExpectedHash = HashString("SHA256", Hash);
     else if ((Hash = Parse.SHA1Hash()).empty() == false)
       ExpectedHash = HashString("SHA1", Hash);
       ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());

that - apart from bugs or further manipulations of the involved variables (to
be honest I haven't investigated further) - should answer your questions.

Gian Piero.

Reply to: