From 6721c185060181d0af37e9f9472d58ceed91e704 Mon Sep 17 00:00:00 2001 From: Florian Festi Date: Tue, 24 Sep 2024 10:59:29 +0200 Subject: [PATCH] Don't print key ID if we have the key fingerprint The Key IDs may only be confusing when subkeys are used and the key ID won't match up with the finger print of the main key. --- lib/rpmvs.c | 16 +++++++++++----- tests/rpmsigdig.at | 38 +++++++++++++++++++------------------- tests/rpmvfylevel.at | 6 +++--- 3 files changed, 33 insertions(+), 27 deletions(-) diff --git a/lib/rpmvs.c b/lib/rpmvs.c index 5be2590a67..f39bf34ff6 100644 --- a/lib/rpmvs.c +++ b/lib/rpmvs.c @@ -308,6 +308,7 @@ char *rpmsinfoMsg(struct rpmsinfo_s *sinfo) char *msg = NULL; char *fphex = NULL; char *fpmsg = NULL; + char * descr = xstrdup(rpmsinfoDescr(sinfo)); if (sinfo->rc == RPMRC_OK && sinfo->key) { uint8_t *fp = NULL; size_t fplen = 0; @@ -316,18 +317,23 @@ char *rpmsinfoMsg(struct rpmsinfo_s *sinfo) free(fp); } } - if (fphex) - rasprintf(&fpmsg, _(", key fingerprint: %s"), fphex); - else + if (fphex) { + rasprintf(&fpmsg, _(", Key Fingerprint: %s"), fphex); + char * pos = strstr(descr, ", key ID"); + if (pos) + *pos = '\0'; + } else { rstrcat(&fpmsg, ""); + } if (sinfo->msg) { rasprintf(&msg, "%s%s: %s (%s)", - rpmsinfoDescr(sinfo), fpmsg, rpmSigString(sinfo->rc), sinfo->msg); + descr, fpmsg, rpmSigString(sinfo->rc), sinfo->msg); } else { rasprintf(&msg, "%s%s: %s", - rpmsinfoDescr(sinfo), fpmsg, rpmSigString(sinfo->rc)); + descr, fpmsg, rpmSigString(sinfo->rc)); } + free(descr); free(fphex); free(fpmsg); return msg; diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at index 2dc66d87b2..79cf41d0d1 100644 --- a/tests/rpmsigdig.at +++ b/tests/rpmsigdig.at @@ -353,13 +353,13 @@ Checking for key: Version : eb04e625 Checking package after importing key: /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm: - Header V4 RSA/SHA512 Signature, key ID 1f71177215217ee0, key fingerprint: b6542f92f30650c36b6f41bcb3a771bfeb04e625: OK + Header V4 RSA/SHA512 Signature, Key Fingerprint: b6542f92f30650c36b6f41bcb3a771bfeb04e625: OK Header SHA256 digest: OK Payload SHA256 digest: OK 0 Checking package after importing key, no digest: /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm: - Header V4 RSA/SHA512 Signature, key ID 1f71177215217ee0, key fingerprint: b6542f92f30650c36b6f41bcb3a771bfeb04e625: OK + Header V4 RSA/SHA512 Signature, Key Fingerprint: b6542f92f30650c36b6f41bcb3a771bfeb04e625: OK Payload SHA256 digest: NOTFOUND Payload SHA256 ALT digest: NOTFOUND RSA signature: NOTFOUND @@ -688,24 +688,24 @@ runroot rpmkeys -Kv --nosignature /data/RPMS/hello-2.0-1.x86_64-signed.rpm; echo 1 0 /data/RPMS/hello-2.0-1.x86_64-v3-signed.rpm: - Header V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V3 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK Header SHA256 digest: OK Payload SHA256 digest: OK - V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + V3 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK 0 /data/RPMS/hello-2.0-1.x86_64-signed.rpm: - Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK Header SHA256 digest: OK Payload SHA256 digest: OK - V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK 0 /data/RPMS/hello-2.0-1.x86_64-v3-signed.rpm: - Header V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK - V3 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V3 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + V3 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK 0 /data/RPMS/hello-2.0-1.x86_64-signed.rpm: - Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK - V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK 0 /data/RPMS/hello-2.0-1.x86_64-v3-signed.rpm: Header SHA256 digest: OK @@ -754,7 +754,7 @@ RPMOUTPUT_SEQUOIA([ because: Signature appears to be created by a non-confo RPMOUTPUT_SEQUOIA([ because: Malformed MPI: leading bit is not set: expected bit 1 to be set in 0 (0))])dnl Header SHA256 digest: OK Payload SHA256 digest: OK - V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK ], []) RPMTEST_CLEANUP @@ -856,7 +856,7 @@ runroot rpmkeys -Kv /tmp/${pkg} V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: BAD MD5 digest: NOTFOUND /tmp/hello-2.0-1.x86_64-signed.rpm: - Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK Header SHA256 digest: OK Payload SHA256 digest: BAD (Expected 84a7338287bf19715c4eed0243f5cdb447eeb0ade37b2af718d4060aefca2f7c != bea903609dceac36e1f26a983c493c98064d320fdfeb423034ed63d649b2c8dc) Payload SHA256 ALT digest: NOTFOUND @@ -896,7 +896,7 @@ dorpm -Kv MD5 digest: OK /data/RPMS/hello-2.0-1.x86_64-corrupted.rpm: DIGESTS SIGNATURES NOT OK /data/RPMS/hello-2.0-1.x86_64-corrupted.rpm: - Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK Header SHA256 digest: OK Payload SHA256 digest: NOTFOUND Payload SHA256 ALT digest: NOTFOUND @@ -939,8 +939,8 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: NOKEY POST-IMPORT /tmp/hello-2.0-1.x86_64.rpm: - Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK - V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK POST-DELSIGN /tmp/hello-2.0-1.x86_64.rpm: ], @@ -967,7 +967,7 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc: NOKEY POST-IMPORT /tmp/hello-2.0-1.x86_64.rpm: - Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK POST-DELSIGN /tmp/hello-2.0-1.x86_64.rpm: ], @@ -1118,7 +1118,7 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest Header V4 RSA/SHA512 Signature, key ID 4344591e1964c5fc: NOKEY POST-IMPORT /tmp/hello-2.0-1.x86_64.rpm: - Header V4 RSA/SHA512 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V4 RSA/SHA512 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK POST-DELSIGN /tmp/hello-2.0-1.x86_64.rpm: ], @@ -1199,7 +1199,7 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest Header V4 EdDSA/SHA512 Signature, key ID b0645aec757bf69e: NOKEY POST-IMPORT /tmp/hello-2.0-1.x86_64.rpm: - Header V4 EdDSA/SHA512 Signature, key ID b0645aec757bf69e, key fingerprint: 152bb32fd9ca982797e835cfb0645aec757bf69e: OK + Header V4 EdDSA/SHA512 Signature, Key Fingerprint: 152bb32fd9ca982797e835cfb0645aec757bf69e: OK ], []) gpgconf --kill gpg-agent @@ -1232,7 +1232,7 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest Header V4 ECDSA/SHA256 Signature, key ID 7f1c21f95f65bbe8: NOKEY POST-IMPORT /tmp/hello-2.0-1.x86_64.rpm: - Header V4 ECDSA/SHA256 Signature, key ID 7f1c21f95f65bbe8, key fingerprint: e8a62c0512b06b5d2183ba207f1c21f95f65bbe8: OK + Header V4 ECDSA/SHA256 Signature, Key Fingerprint: e8a62c0512b06b5d2183ba207f1c21f95f65bbe8: OK ], []) diff --git a/tests/rpmvfylevel.at b/tests/rpmvfylevel.at index 66412e320f..b40bcb9b15 100644 --- a/tests/rpmvfylevel.at +++ b/tests/rpmvfylevel.at @@ -319,7 +319,7 @@ done [0], [nopls /data/RPMS/hello-2.0-1.x86_64-signed.rpm: - Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK Header SHA256 digest: OK Header SHA1 digest: OK Payload SHA256 digest: OK @@ -327,7 +327,7 @@ done 0 noplds /data/RPMS/hello-2.0-1.x86_64-signed.rpm: - Header V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + Header V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK Header SHA256 digest: OK Header SHA1 digest: OK Payload SHA256 digest: NOTFOUND @@ -341,7 +341,7 @@ nohdrs Header SHA256 digest: OK Header SHA1 digest: OK Payload SHA256 digest: OK - V4 RSA/SHA256 Signature, key ID 4344591e1964c5fc, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK + V4 RSA/SHA256 Signature, Key Fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK MD5 digest: OK 0 nosig