Pass rpmPubkey instance to rpmtxnDeletePubkey

Rename old version to rpmtxnDeletePubkeyByID.

Use the matchingKeys() in rpmkeys to acquire those rpmPubkey instances.

Use EXIT_FAILURE as exit code for rpmkeys --delete instead of the
count of errors.

include/rpm/rpmts.h

@@ -14,6 +14,7 @@
 #include <rpm/rpmsw.h>
 #include <rpm/rpmfi.h>
 #include <rpm/rpmcallback.h>
+#include <rpm/rpmkeyring.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -359,7 +360,18 @@ rpmRC rpmtxnImportPubkey(rpmtxn txn, const unsigned char * pkt, size_t pktlen);
  * 			RPMRC_NOKEY on invalid keyid
  * 			RPMRC_FAIL on other failure
  */
-rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid);
+rpmRC rpmtxnDeletePubkeyByID(rpmtxn txn, const char *keyid);
+
+/** \ingroup rpmts
+ * Delete public key from transaction keystore.
+ * @param txn           transaction handle
+ * @param key           public key
+ * @return              RPMRC_OK on success
+ * 			RPMRC_NOTFOUND if key not found
+ * 			RPMRC_NOKEY on invalid keyid
+ * 			RPMRC_FAIL on other failure
+ */
+rpmRC rpmtxnDeletePubkey(rpmtxn txn, rpmPubkey key);
 
 /** \ingroup rpmts
  * Retrieve handle for keyring used for this transaction set

lib/rpmts.cc

@@ -781,10 +781,11 @@ rpmRC rpmtxnImportPubkey(rpmtxn txn, const unsigned char * pkt, size_t pktlen)
     return rc;
 }
 
-rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid)
+rpmRC rpmtxnDeletePubkeyByID(rpmtxn txn, const char *keyid)
 {
     rpmRC rc = RPMRC_FAIL;
     size_t klen = strlen(keyid);
+    const char * shortid = NULL;
 
     /* Allow short keyid while we're transitioning */
     if (klen != 40 && klen != 16 && klen != 8)
@@ -793,6 +794,8 @@ rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid)
     if (!rpmIsValidHex(keyid, klen))
 	return RPMRC_NOKEY;
 
+    shortid = keyid + klen - 8;
+
     if (txn) {
 	/* force keyring load */
 	rpmVSFlags oflags = rpmtsVSFlags(txn->ts);
@@ -804,12 +807,22 @@ rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid)
 	rc = RPMRC_OK;
 	if (!(rpmtsFlags(txn->ts) & RPMTRANS_FLAG_TEST)) {
 	    if (txn->ts->keyringtype == KEYRING_FS)
-		rc = rpmtsDeleteFSKey(txn, keyid);
+		rc = rpmtsDeleteFSKey(txn, shortid);
 	    else
-		rc = rpmtsDeleteDBKey(txn, keyid);
+		rc = rpmtsDeleteDBKey(txn, shortid);
 	}
 	rpmKeyringFree(keyring);
     }
+
+    return rc;
+}
+
+rpmRC rpmtxnDeletePubkey(rpmtxn txn, rpmPubkey key)
+{
+    char * keyid = rpmPubkeyKeyIDAsHex(key);
+    rpmRC rc = rpmtxnDeletePubkeyByID(txn, keyid);
+    free(keyid);
+
     return rc;
 }
 

tests/rpmsigdig.at

@@ -78,7 +78,7 @@ runroot rpmkeys -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-new-subkey.rpm
 RPMTEST_CHECK([
 runroot rpmkeys --delete abcd gimmekey 1111aaaa2222bbbb
 ],
-[3],
+[1],
 [],
 [error: invalid key id: abcd
 error: invalid key id: gimmekey
@@ -147,7 +147,7 @@ runroot rpmkeys -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-new-subkey.rpm
 RPMTEST_CHECK([
 runroot rpmkeys --delete abcd gimmekey 1111aaaa2222bbbb
 ],
-[3],
+[1],
 [],
 [error: invalid key id: abcd
 error: invalid key id: gimmekey

tools/rpmkeys.cc

@@ -122,6 +122,13 @@ static int printKey(rpmPubkey key, void * data)
     return 0;
 }
 
+static int deleteKey(rpmPubkey key, void * data)
+{
+    rpmtxn txn = (rpmtxn) data;
+    rpmtxnDeletePubkey(txn, key);
+    return 0;
+}
+
 int main(int argc, char *argv[])
 {
     int ec = EXIT_FAILURE;
@@ -157,20 +164,7 @@ int main(int argc, char *argv[])
     {
 	rpmtxn txn = rpmtxnBegin(ts, RPMTXN_WRITE);
 	if (txn) {
-	    int nfail = 0;
-	    for (char const * const *arg = args; *arg && **arg; arg++) {
-		rpmRC delrc = rpmtxnDeletePubkey(txn, *arg);
-		if (delrc) {
-		    if (delrc == RPMRC_NOTFOUND)
-			rpmlog(RPMLOG_ERR, ("key not found: %s\n"), *arg);
-		    else if (delrc == RPMRC_NOKEY)
-			rpmlog(RPMLOG_ERR, ("invalid key id: %s\n"), *arg);
-		    else if (delrc == RPMRC_FAIL)
-			rpmlog(RPMLOG_ERR, ("failed to delete key: %s\n"), *arg);
-		    nfail++;
-		}
-	    }
-	    ec = nfail;
+	    ec = matchingKeys(ts, args, deleteKey, txn);
 	    rpmtxnEnd(txn);
 	}
 	break;