From 662c231e0fcaa5e238b8dde18903c1416964d3dc Mon Sep 17 00:00:00 2001 From: Florian Festi Date: Mon, 14 Oct 2024 12:25:24 +0200 Subject: [PATCH] Pass rpmPubkey instance to rpmtxnDeletePubkey Use the matchingKeys() in rpmkeys to acquire those rpmPubkey instances. Use EXIT_FAILURE as exit code for rpmkeys --delete instead of the count of errors. --- include/rpm/rpmts.h | 6 +++--- lib/rpmts.cc | 16 +++++----------- tests/rpmsigdig.at | 4 ++-- tools/rpmkeys.cc | 22 ++++++++-------------- 4 files changed, 18 insertions(+), 30 deletions(-) diff --git a/include/rpm/rpmts.h b/include/rpm/rpmts.h index 7c92a605b3..dc5b31c55c 100644 --- a/include/rpm/rpmts.h +++ b/include/rpm/rpmts.h @@ -14,6 +14,7 @@ #include #include #include +#include #ifdef __cplusplus extern "C" { @@ -353,13 +354,12 @@ rpmRC rpmtxnImportPubkey(rpmtxn txn, const unsigned char * pkt, size_t pktlen); /** \ingroup rpmts * Delete public key from transaction keystore. * @param txn transaction handle - * @param keyid key fingerprint or keyid (in hex) + * @param key public key * @return RPMRC_OK on success * RPMRC_NOTFOUND if key not found - * RPMRC_NOKEY on invalid keyid * RPMRC_FAIL on other failure */ -rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid); +rpmRC rpmtxnDeletePubkey(rpmtxn txn, rpmPubkey key); /** \ingroup rpmts * Retrieve handle for keyring used for this transaction set diff --git a/lib/rpmts.cc b/lib/rpmts.cc index f218363e9e..2cd567642b 100644 --- a/lib/rpmts.cc +++ b/lib/rpmts.cc @@ -774,17 +774,10 @@ rpmRC rpmtxnImportPubkey(rpmtxn txn, const unsigned char * pkt, size_t pktlen) return rc; } -rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid) +rpmRC rpmtxnDeletePubkey(rpmtxn txn, rpmPubkey key) { rpmRC rc = RPMRC_FAIL; - size_t klen = strlen(keyid); - - /* Allow short keyid while we're transitioning */ - if (klen != 40 && klen != 16 && klen != 8) - return RPMRC_NOKEY; - - if (!rpmIsValidHex(keyid, klen)) - return RPMRC_NOKEY; + char * keyid = rpmPubkeyKeyIDAsHex(key); if (txn) { /* force keyring load */ @@ -797,12 +790,13 @@ rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid) rc = RPMRC_OK; if (!(rpmtsFlags(txn->ts) & RPMTRANS_FLAG_TEST)) { if (txn->ts->keyringtype == KEYRING_FS) - rc = rpmtsDeleteFSKey(txn, keyid); + rc = rpmtsDeleteFSKey(txn, keyid+8); else - rc = rpmtsDeleteDBKey(txn, keyid); + rc = rpmtsDeleteDBKey(txn, keyid+8); } rpmKeyringFree(keyring); } + free(keyid); return rc; } diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at index e3209a36d0..2d75b83959 100644 --- a/tests/rpmsigdig.at +++ b/tests/rpmsigdig.at @@ -78,7 +78,7 @@ runroot rpmkeys -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-new-subkey.rpm RPMTEST_CHECK([ runroot rpmkeys --delete abcd gimmekey 1111aaaa2222bbbb ], -[3], +[1], [], [error: invalid key id: abcd error: invalid key id: gimmekey @@ -147,7 +147,7 @@ runroot rpmkeys -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-new-subkey.rpm RPMTEST_CHECK([ runroot rpmkeys --delete abcd gimmekey 1111aaaa2222bbbb ], -[3], +[1], [], [error: invalid key id: abcd error: invalid key id: gimmekey diff --git a/tools/rpmkeys.cc b/tools/rpmkeys.cc index 9f59b465a7..dcbffcd79b 100644 --- a/tools/rpmkeys.cc +++ b/tools/rpmkeys.cc @@ -122,6 +122,13 @@ static int printKey(rpmPubkey key, void * data) return 0; } +static int deleteKey(rpmPubkey key, void * data) +{ + rpmtxn txn = (rpmtxn) data; + rpmtxnDeletePubkey(txn, key); + return 0; +} + int main(int argc, char *argv[]) { int ec = EXIT_FAILURE; @@ -157,20 +164,7 @@ int main(int argc, char *argv[]) { rpmtxn txn = rpmtxnBegin(ts, RPMTXN_WRITE); if (txn) { - int nfail = 0; - for (char const * const *arg = args; *arg && **arg; arg++) { - rpmRC delrc = rpmtxnDeletePubkey(txn, *arg); - if (delrc) { - if (delrc == RPMRC_NOTFOUND) - rpmlog(RPMLOG_ERR, ("key not found: %s\n"), *arg); - else if (delrc == RPMRC_NOKEY) - rpmlog(RPMLOG_ERR, ("invalid key id: %s\n"), *arg); - else if (delrc == RPMRC_FAIL) - rpmlog(RPMLOG_ERR, ("failed to delete key: %s\n"), *arg); - nfail++; - } - } - ec = nfail; + ec = matchingKeys(ts, args, deleteKey, txn); rpmtxnEnd(txn); } break;