Skip to content

Commit

Permalink
Add Key Fingerprints to rpmsinfoMsg()
Browse files Browse the repository at this point in the history
  • Loading branch information
ffesti committed Sep 25, 2024
1 parent cc6bd70 commit 53f6b71
Show file tree
Hide file tree
Showing 3 changed files with 43 additions and 26 deletions.
25 changes: 21 additions & 4 deletions lib/rpmvs.c
Original file line number Diff line number Diff line change
Expand Up @@ -305,13 +305,30 @@ const char *rpmsinfoDescr(struct rpmsinfo_s *sinfo)
char *rpmsinfoMsg(struct rpmsinfo_s *sinfo)
{
char *msg = NULL;
char *fphex = NULL;
char *fpmsg = NULL;
if (sinfo->rc == RPMRC_OK && sinfo->key) {
uint8_t *fp = NULL;
size_t fplen = 0;
if (!rpmPubkeyFingerprint(sinfo->key, &fp, &fplen)) {
fphex = rpmhex(fp, fplen);
free(fp);
}
}
if (fphex)
rasprintf(&fpmsg, _(", key fingerprint: %s"), fphex);
else
rstrcat(&fpmsg, "");

if (sinfo->msg) {
rasprintf(&msg, "%s: %s (%s)",
rpmsinfoDescr(sinfo), rpmSigString(sinfo->rc), sinfo->msg);
rasprintf(&msg, "%s%s: %s (%s)",
rpmsinfoDescr(sinfo), fpmsg, rpmSigString(sinfo->rc), sinfo->msg);
} else {
rasprintf(&msg, "%s: %s",
rpmsinfoDescr(sinfo), rpmSigString(sinfo->rc));
rasprintf(&msg, "%s%s: %s",
rpmsinfoDescr(sinfo), fpmsg, rpmSigString(sinfo->rc));
}
free(fphex);
free(fpmsg);
return msg;
}

Expand Down
38 changes: 19 additions & 19 deletions tests/rpmsigdig.at
Original file line number Diff line number Diff line change
Expand Up @@ -353,13 +353,13 @@ Checking for key:
Version : eb04e625
Checking package after importing key:
/data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm:
Header V4 RSA/SHA512 Signature, key ID 1f71177215217ee0: OK
Header V4 RSA/SHA512 Signature, key ID 1f71177215217ee0, key fingerprint: b6542f92f30650c36b6f41bcb3a771bfeb04e625: OK
Header SHA256 digest: OK
Payload SHA256 digest: OK
0
Checking package after importing key, no digest:
/data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm:
Header V4 RSA/SHA512 Signature, key ID 1f71177215217ee0: OK
Header V4 RSA/SHA512 Signature, key ID 1f71177215217ee0, key fingerprint: b6542f92f30650c36b6f41bcb3a771bfeb04e625: OK
Payload SHA256 digest: NOTFOUND
Payload SHA256 ALT digest: NOTFOUND
RSA signature: NOTFOUND
Expand Down Expand Up @@ -688,24 +688,24 @@ runroot rpmkeys -Kv --nosignature /data/RPMS/hello-2.0-1.x86_64-signed.rpm; echo
1
0
/data/RPMS/hello-2.0-1.x86_64-v3-signed.rpm:
Header V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
Header SHA256 digest: OK
Payload SHA256 digest: OK
V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
0
/data/RPMS/hello-2.0-1.x86_64-signed.rpm:
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
Header SHA256 digest: OK
Payload SHA256 digest: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
0
/data/RPMS/hello-2.0-1.x86_64-v3-signed.rpm:
Header V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
0
/data/RPMS/hello-2.0-1.x86_64-signed.rpm:
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
0
/data/RPMS/hello-2.0-1.x86_64-v3-signed.rpm:
Header SHA256 digest: OK
Expand Down Expand Up @@ -754,7 +754,7 @@ RPMOUTPUT_SEQUOIA([ because: Signature appears to be created by a non-confo
RPMOUTPUT_SEQUOIA([ because: Malformed MPI: leading bit is not set: expected bit 1 to be set in 0 (0))])dnl
Header SHA256 digest: OK
Payload SHA256 digest: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
],
[])
RPMTEST_CLEANUP
Expand Down Expand Up @@ -856,7 +856,7 @@ runroot rpmkeys -Kv /tmp/${pkg}
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: BAD
MD5 digest: NOTFOUND
/tmp/hello-2.0-1.x86_64-signed.rpm:
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
Header SHA256 digest: OK
Payload SHA256 digest: BAD (Expected 84a7338287bf19715c4eed0243f5cdb447eeb0ade37b2af718d4060aefca2f7c != bea903609dceac36e1f26a983c493c98064d320fdfeb423034ed63d649b2c8dc)
Payload SHA256 ALT digest: NOTFOUND
Expand Down Expand Up @@ -896,7 +896,7 @@ dorpm -Kv
MD5 digest: OK
/data/RPMS/hello-2.0-1.x86_64-corrupted.rpm: DIGESTS SIGNATURES NOT OK
/data/RPMS/hello-2.0-1.x86_64-corrupted.rpm:
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
Header SHA256 digest: OK
Payload SHA256 digest: NOTFOUND
Payload SHA256 ALT digest: NOTFOUND
Expand Down Expand Up @@ -939,8 +939,8 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: NOKEY
POST-IMPORT
/tmp/hello-2.0-1.x86_64.rpm:
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
POST-DELSIGN
/tmp/hello-2.0-1.x86_64.rpm:
],
Expand All @@ -967,7 +967,7 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: NOKEY
POST-IMPORT
/tmp/hello-2.0-1.x86_64.rpm:
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
POST-DELSIGN
/tmp/hello-2.0-1.x86_64.rpm:
],
Expand Down Expand Up @@ -1118,7 +1118,7 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
Header V4 RSA/SHA512 Signature, key ID 4344591e1964c5fc: NOKEY
POST-IMPORT
/tmp/hello-2.0-1.x86_64.rpm:
Header V4 RSA/SHA512 Signature, key ID 4344591e1964c5fc: OK
Header V4 RSA/SHA512 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
POST-DELSIGN
/tmp/hello-2.0-1.x86_64.rpm:
],
Expand Down Expand Up @@ -1199,7 +1199,7 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
Header V4 EdDSA/SHA512 Signature, key ID b0645aec757bf69e: NOKEY
POST-IMPORT
/tmp/hello-2.0-1.x86_64.rpm:
Header V4 EdDSA/SHA512 Signature, key ID b0645aec757bf69e: OK
Header V4 EdDSA/SHA512 Signature, key ID b0645aec757bf69e, key fingerprint: 152bb32fd9ca982797e835cfb0645aec757bf69e: OK
],
[])
gpgconf --kill gpg-agent
Expand Down Expand Up @@ -1232,7 +1232,7 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
Header V4 ECDSA/SHA256 Signature, key ID 7f1c21f95f65bbe8: NOKEY
POST-IMPORT
/tmp/hello-2.0-1.x86_64.rpm:
Header V4 ECDSA/SHA256 Signature, key ID 7f1c21f95f65bbe8: OK
Header V4 ECDSA/SHA256 Signature, key ID 7f1c21f95f65bbe8, key fingerprint: e8a62c0512b06b5d2183ba207f1c21f95f65bbe8: OK
],
[])

Expand Down
6 changes: 3 additions & 3 deletions tests/rpmvfylevel.at
Original file line number Diff line number Diff line change
Expand Up @@ -319,15 +319,15 @@ done
[0],
[nopls
/data/RPMS/hello-2.0-1.x86_64-signed.rpm:
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
Header SHA256 digest: OK
Header SHA1 digest: OK
Payload SHA256 digest: OK
MD5 digest: OK
0
noplds
/data/RPMS/hello-2.0-1.x86_64-signed.rpm:
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
Header SHA256 digest: OK
Header SHA1 digest: OK
Payload SHA256 digest: NOTFOUND
Expand All @@ -341,7 +341,7 @@ nohdrs
Header SHA256 digest: OK
Header SHA1 digest: OK
Payload SHA256 digest: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: OK
V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
MD5 digest: OK
0
nosig
Expand Down

0 comments on commit 53f6b71

Please sign in to comment.