From af9c96c643b856dac03d6f145bc29a56bd62ee5f Mon Sep 17 00:00:00 2001 From: Florian Festi Date: Mon, 7 Oct 2024 12:25:17 +0200 Subject: [PATCH] Use keyring to implement rpmkeys --list This changes the output of keys --list to show the full fingerprint. It also requires the use of the fingerprint or full key ID for querying specific keys. Still needs updating the rpmkeys man page. Not quite resolves: #3332 --- tests/rpmdb.at | 19 +++++++++---- tools/rpmkeys.cc | 70 +++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 74 insertions(+), 15 deletions(-) diff --git a/tests/rpmdb.at b/tests/rpmdb.at index 5f1d5b8575..545c6d6e7b 100644 --- a/tests/rpmdb.at +++ b/tests/rpmdb.at @@ -110,23 +110,32 @@ RPMTEST_CHECK([ runroot rpmkeys --list ], [0], -[1964c5fc-58e63918: rpm.org RSA testkey public key +[771b18d3d7baa28734333c424344591e1964c5fc rpm.org RSA testkey public key ], []) RPMTEST_CHECK([ -runroot rpmkeys --list 1964c5fc +runroot rpmkeys --list 771b18d3d7baa28734333c424344591e1964c5fc ], [0], -[1964c5fc-58e63918: rpm.org RSA testkey public key +[771b18d3d7baa28734333c424344591e1964c5fc rpm.org RSA testkey public key ], []) +RPMTEST_CHECK([ +runroot rpmkeys --list 4344591e1964c5fc +], +[0], +[771b18d3d7baa28734333c424344591e1964c5fc rpm.org RSA testkey public key +], +[]) + + RPMTEST_CHECK([ runroot rpmkeys --list XXX ], [1], -[package gpg-pubkey-XXX is not installed +[Key XXX not found ], []) @@ -135,7 +144,7 @@ runroot rpmkeys --delete 1964c5fc runroot rpmkeys --list ], [1], -[package gpg-pubkey is not installed +[No keys installed ], []) RPMTEST_CLEANUP diff --git a/tools/rpmkeys.cc b/tools/rpmkeys.cc index 0210523f5c..9463791fb6 100644 --- a/tools/rpmkeys.cc +++ b/tools/rpmkeys.cc @@ -3,6 +3,8 @@ #include #include #include +#include +#include #include "cliutils.hh" #include "debug.h" @@ -56,12 +58,68 @@ static ARGV_t gpgkeyargs(ARGV_const_t args) { return gpgargs; } +static int matchingKeys(rpmKeyring keyring, ARGV_const_t args, void * userdata, int callback(rpmPubkey, void*)) +{ + int ec = EXIT_SUCCESS; + if (args) { + for (char * const * arg = args; *arg; arg++) { + int found = false; + auto iter = rpmKeyringGetIterator(keyring); + rpmPubkey key = rpmKeyringIteratorNext(iter); + while (key) { + char * fp = rpmPubkeyFingerprintAsHex(key); + char * keyid = rpmPubkeyKeyIDAsHex(key); + if (!strcmp(*arg, fp) || !strcmp(*arg, keyid)) { + found = true; + } + free(fp); + free(keyid); + if (found) + break; + key = rpmKeyringIteratorNext(iter); + } + rpmKeyringIteratorFree(iter); + if (found) + callback(key, userdata); + else { + rpmlog(RPMLOG_NOTICE, "Key %s not found\n", *arg); + ec = EXIT_FAILURE; + } + } + } else { + int found = false; + auto iter = rpmKeyringGetIterator(keyring); + rpmPubkey key = rpmKeyringIteratorNext(iter); + while (key) { + found = true; + callback(key, userdata); + key = rpmKeyringIteratorNext(iter); + } + rpmKeyringIteratorFree(iter); + if (!found) { + rpmlog(RPMLOG_NOTICE, "No keys installed\n"); + ec = EXIT_FAILURE; + } + } + return ec; +} + +static int printKey(rpmPubkey key, void * data) +{ + char * fp = rpmPubkeyFingerprintAsHex(key); + pgpDigParams params = rpmPubkeyPgpDigParams(key); + rpmlog(RPMLOG_NOTICE, "%s %s public key\n", fp, pgpDigParamsUserID(params)); + free(fp); + return 0; +} + int main(int argc, char *argv[]) { int ec = EXIT_FAILURE; poptContext optCon = NULL; rpmts ts = NULL; ARGV_const_t args = NULL; + rpmKeyring keyring = NULL; optCon = rpmcliInit(argc, argv, optionsTable); @@ -77,6 +135,7 @@ int main(int argc, char *argv[]) ts = rpmtsCreate(); rpmtsSetRootDir(ts, rpmcliRootDir); + keyring = rpmtsGetKeyring(ts, 1); switch (mode) { case MODE_CHECKSIG: @@ -97,16 +156,7 @@ int main(int argc, char *argv[]) } case MODE_LISTKEY: { - ARGV_t query = NULL; - if (args != NULL) { - query = gpgkeyargs(args); - } else { - argvAdd(&query, "gpg-pubkey"); - } - QVA_t qva = &rpmQVKArgs; - rstrcat(&qva->qva_queryFormat, "%{version}-%{release}: %{summary}\n"); - ec = rpmcliQuery(ts, &rpmQVKArgs, (ARGV_const_t) query); - query = argvFree(query); + ec = matchingKeys(keyring, args, NULL, printKey); break; } default: