Bug 10344

Summary: rpm: added GOST checksumming
Product: [ROSA-based products] ROSA Fresh Reporter: Mikhail Novosyolov <m.novosyolov>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: normal    
Priority: Normal CC: andrey.bondrov, pastordidi, v.potapov
Version: AllFlags: v.potapov: qa_verified+
andrey.bondrov: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Mikhail Novosyolov 2019-12-03 13:53:42 MSK 
******* QA ADVISORY *******

Calculating file hashes by new algorithms was implemented in RPM 5:
- GOST R 34.11-94 (CryptoPro-A S-Box) - 98
- GOST R 34.11-12 256 bit (Streebog 256) - 99
- GOST R 34.11-12 512 bit (Streebog 512) - 100

To test set in /etc/rpm/macros or in a specific RPM spec:
%_build_file_digest_algo 99
%_build_source_file_digest_algo 99

98 is GOST R 34.11-94, 99 is Streebog 256, 100 is Streebog 512.

Example with %_build_file_digest_algo 99 :

[user@rosa-2019 worker-info]$ cat /etc/rpm/macros
# Put your own system macros here
# usually contains 

# Set this one according your locales
# %_install_langs

# GOST R 34.11-2012, 256 bit
%_build_file_digest_algo 99

[user@rosa-2019 worker-info]$ rpm -qp --dump worker-info-0.3-2-rosa2019.1.noarch.rpm
/worker-info.log 3063 1575370219 80734976ae580576aed7c72e3e26ae6e8ece37049d099a2921285c14b11944e3 0100664 root root 0 0 0 X
[user@rosa-2019 worker-info]$ libressl dgst -streebog256 worker-info.log
streebog256(worker-info.log)= 80734976ae580576aed7c72e3e26ae6e8ece37049d099a2921285c14b11944e3
[user@rosa-2019 worker-info]$ gost12sum worker-info.log
80734976ae580576aed7c72e3e26ae6e8ece37049d099a2921285c14b11944e3 worker-info.log
[user@rosa-2019 worker-info]$ 

Hashes do match.

gost12sum is from package "gostsum" (urpmi gostsum), libressl package will be made available via another bug.

***************************************
rpm 5.4.10-105.gite64c for rosa-2016.1:
+ https://abf.io/build_lists/3108173
+ https://abf.io/build_lists/3108174
***************************************
Comment 1 Dmitry Postnikov 2019-12-11 00:17:46 MSK 
The update is sent to expanded testing
****************************************
Comment 2 Vladimir Potapov 2019-12-17 13:17:35 MSK 
rpm-5.4.10-105.gite64c
https://abf.io/build_lists/3108173
https://abf.io/build_lists/3108174
******************************* Advisory *****************************
Calculating file hashes by new algorithms was implemented in RPM 5:
- GOST R 34.11-94 (CryptoPro-A S-Box) - 98
- GOST R 34.11-12 256 bit (Streebog 256) - 99
- GOST R 34.11-12 512 bit (Streebog 512) - 100
************************************************************************
QA Verified