PKI.sign.tar appends a signature to a tar file

PKI.verify.tar verifies the signature in a tar file

PKI.sign.tar(tarfile, key, certificate, output = tarfile)
PKI.verify.tar(tarfile, key, silent = FALSE, enforce.cert = FALSE)

Arguments

tarfile

string, file name of the file to sign

key

PKI.sign.tar: private key to use for signing; PKI.verify.tar: optional, public key to use for verification

certificate

optional, certificate to embed in the signature with the public key matching key. If not present the signature will only contain the public key.

output

file name, connection or raw vector determining how to store the signed tar file

silent

if TRUE then no warning are generatod, otherwise a warning is issues for failed verification describing the reason for failure

enforce.cert

if TRUE then a certificate is required in the signature. It can be also set to a valid certificate in which case the public key of the certificate in the signature must also match the public key in the supplied certificate.

Details

PKI.tar.sign adds extra entry .signature with the signature based on the contents of the tarfile. Note that any existing signatures are retained. key is a mandatory private key used to sign the content. certificate is optional but if present, it will be embedded in the signature.

The tarfile can be in compressed form (gzip, bzip2 or xz) in which case it is decompressed internally before the signature is applied. If output is a file name then the same compression is applied to the output, otherwise the output is uncompressed.

PKI.verify.tar retrieves the last .signature entry from the tar file (if tarfile is a file name then the same compression auto-detection is applied as above) and verifies the signature against either the supplied (public) key or against the key or certificate stored in the signature. The result is TRUE or FALSE except when enforce.cert is set. In that case the result is the certificate contained in the signature if the validation succeeded (and thus it can be further verified against a chain of trust), otherwise FALSE.

Author

Simon Urbanek

Note

The signature format is ASN.1 DER encoded as follows:

SEQ(signature BITSTRING, subjectPublicKeyInfo, Certificate[opt])

The subjectPublicKeyInfo can be NULL in which case the certificate must be present (in X.509 DER format).

The signature is appended as tar entry named .signature. However, terminating blocks are not removed from the file, so the signature is placed after the EOF blocks and thus doesn't affect extraction.