Page 237
Page 238
In this chapter, we'll explore the steps required to add a digital signature to a package using the software known as Pretty Good Privacy, or PGP. If you've used PGP before, you probably know everything you'll need to start signing packages in short order.
On the other hand, if you feel you need a bit more information on PGP before starting, see Appendix G, "An Introduction to PGP," for a brief introduction. When you feel comfortable with PGP, come on back and learn how easy signing packages is.
The reason for signing a package is to provide authentication. With a signed package, it's possible for your user community to verify that the package they have was in your possession at some time and has not been changed since then. That "not changed" part is also a good reason to sign your packages, because digital signatures are a very robust way to guard against any modifications to the package.
Of course, as with anything else in life, adding a digital signature to a package isn't an ironclad guarantee that everything is right with the package, but it's about as sure a thing as humans can make it.
Okay, we've convinced you that signing packages is a good idea. Now we've got to make sure PGP and RPM are up to the task. As you might imagine, there are two parts to this process: one for PGP, and one for RPM. Let's get PGP ready first.
There is really very little to be done to PGP, assuming it's been installed properly. The only thing required is to generate a key pair. As mentioned in our mini-primer on PGP, the key pair consists of a secret key and a public key. In terms of signing packages, you will use your secret key to do the actual signing. Anyone interested in checking your signature will need your public key.
Creating a key pair is quite simple. All that's required is to issue a pgp -kg command, enter some information, and create some random bits. Here's a sample key-generating session:
# pgp -kg Pretty Good Privacy(tm) 2.6.3a - Public-key encryption for the masses. (c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04 Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc. Distributed by the Massachusetts Institute of Technology. Export of this software may be restricted by the U.S. government. Current time: 1996/10/31 00:42 GMT
Page 239
Pick your RSA key size: 1) 512 bits- Low commercial grade, fast but less secure 2) 768 bits- High commercial grade, medium speed, good security 3) 1024 bits- "Military" grade, slow, highest security Choose 1, 2, or 3, or enter desired number of bits: 3 Generating an RSA key with a 1024-bit modulus. You need a user ID for your public key. The desired form for this user ID is your name, followed by your E-mail address enclosed in <angle brackets>, if you have an E-mail address. For example: John Q. Smith <12345.6789@compuserve.com> Enter a user ID for your public key: Example Key for RPM Book You need a pass phrase to protect your RSA secret key. Your pass phrase can be any sentence or phrase and may have many words, spaces, punctuation, or any other printable characters. Enter pass phrase: <passphrase> (Not echoed) Enter same pass phrase again: <passphrase> (Still not echoed) Note that key generation is a lengthy process. We need to generate 952 random bits. This is done by measuring the time intervals between your keystrokes. Please enter some random text on your keyboard until you hear the beep: (Many random characters were entered) 0 * -Enough, thank you. ............................................ ................................**** ...**** Pass phrase is good. Just a moment.... Key signature certificate added. Key generation completed. #
Let's review each of the times PGP required information. The first thing PGP needed to know was the key size we wanted. Depending on your level of paranoia, simply choose an appropriate key size. In our example, we chose the "They're out to get me" key size of 1,024 bits.
Next, we needed to choose a user ID for the key. The user ID should be descriptive and should also include sufficient information for someone to contact you. We entered Example Key for RPM Book, which goes against this suggestion but is sufficient for the purposes of our example.
After entering a user ID, we needed to add a passphrase. The passphrase is used to protect your secret key, so it should be something difficult for someone else to guess. It should also be memorable for you, because if you forget your passphrase, you won't be able to use your secret key! I entered a couple words and numbers, put together in such a way that no one could ever guess I typed rpm2kool4words….Oops!
Page 240
The passphrase is entered twice to ensure that no typing mistakes were made. PGP also performs some cursory checks on the passphrase, ensuring that the phrase is at least somewhat secure.
Finally comes the strangest part of the key-generation process: creating random bits. This is done by measuring the time between keystrokes. The secret here is to not hold down a key so that it auto-repeats and to not wait several seconds between keystrokes. Simply start typing anything (even nonsense text) until PGP tells you you've typed enough.
After generating enough random bits, PGP takes a minute or so to create the key pair. Assuming that everything completed successfully, you'll see an ending message similar to the one shown in this example. You'll also find, in a subdirectory of your login directory called .pgp, the following files:
# ls -al ~ /.pgp total 6 drwxr-xr-x 2 root root 1024 Oct 30 19:44 . drwxr-xr-x 5 root root 1024 Oct 30 19:44 .. -rw------ 1 root root 176 Oct 30 19:44 pubring.bak -rw------ 1 root root 331 Oct 30 19:44 pubring.pgp -rw------ 1 root root 408 Oct 30 19:44 randseed.bin -rw------ 1 root root 509 Oct 30 19:44 secring.pgp #
Those of you interested in learning exactly what each file is can consult any of the fine books on PGP. For the purposes of signing packages, all you need to know is where these files are located.
That's it! Now it's time to configure RPM to use your newly generated key.
RPM's configuration process is quite straightforward. It simply consists of adding a few rpmrc entries in a file of your choice. For more information on rpmrc files in general, see Appendix B, "The rpmrc File."
The entries that need to be added to an rpmrc file are
Let's check out the entries:
signature: pgp