diff --git a/docs/man/rpmkeys.8.md b/docs/man/rpmkeys.8.md index 79b0f9b029..cb00fa1c15 100644 --- a/docs/man/rpmkeys.8.md +++ b/docs/man/rpmkeys.8.md @@ -19,7 +19,7 @@ DESCRIPTION The general forms of rpm digital signature commands are -**rpmkeys** **\--list** \[*KEYHASH \...*\] +**rpmkeys** **\--list** \[*KEYFINGERPRINT \...*\] **rpmkeys** **\--import** *PUBKEY \...* diff --git a/tests/rpmdb.at b/tests/rpmdb.at index 5f1d5b8575..a7f4448496 100644 --- a/tests/rpmdb.at +++ b/tests/rpmdb.at @@ -97,11 +97,15 @@ hello-2.0-1.x86_64 RPMTEST_CHECK([ runroot rpmkeys --import /data/keys/rpm.org-rsa-2048-test.pub +runroot rpmkeys --import /data/keys/alice.asc +runroot rpmkeys --import /data/keys/rpm.org-ed25519-test.pub runroot rpm -qa | sort ], [0], [foo-1.0-1.noarch gpg-pubkey-1964c5fc-58e63918 +gpg-pubkey-757bf69e-661d22a8 +gpg-pubkey-eb04e625-62521e00 hello-2.0-1.x86_64 ], []) @@ -110,32 +114,45 @@ RPMTEST_CHECK([ runroot rpmkeys --list ], [0], -[1964c5fc-58e63918: rpm.org RSA testkey public key +[771b18d3d7baa28734333c424344591e1964c5fc rpm.org RSA testkey public key +152bb32fd9ca982797e835cfb0645aec757bf69e rpm.org ed25519 testkey public key +b6542f92f30650c36b6f41bcb3a771bfeb04e625 Alice public key ], []) RPMTEST_CHECK([ -runroot rpmkeys --list 1964c5fc +runroot rpmkeys --list 771b18d3d7baa28734333c424344591e1964c5fc ], [0], -[1964c5fc-58e63918: rpm.org RSA testkey public key +[771b18d3d7baa28734333c424344591e1964c5fc rpm.org RSA testkey public key ], []) +RPMTEST_CHECK([ +runroot rpmkeys --list 4344591e1964c5fc +], +[0], +[771b18d3d7baa28734333c424344591e1964c5fc rpm.org RSA testkey public key +], +[]) + + RPMTEST_CHECK([ runroot rpmkeys --list XXX ], [1], -[package gpg-pubkey-XXX is not installed +[Key XXX not found ], []) RPMTEST_CHECK([ runroot rpmkeys --delete 1964c5fc +runroot rpmkeys --delete 757bf69e +runroot rpmkeys --delete eb04e625 runroot rpmkeys --list ], [1], -[package gpg-pubkey is not installed +[No keys installed ], []) RPMTEST_CLEANUP diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at index c60daee249..e3209a36d0 100644 --- a/tests/rpmsigdig.at +++ b/tests/rpmsigdig.at @@ -95,7 +95,7 @@ runroot rpmkeys --delete 1964c5fc RPMTEST_CHECK([ # XXX rpmkeys on rpmdb returns "package gpg-pubkey is not installed" with # and error code when no keys are present, paper over -runroot rpmkeys --list | grep -v "not installed" | wc -l +runroot rpmkeys --list | grep -v "No keys installed" | wc -l exit 0 ], [0], diff --git a/tools/rpmkeys.cc b/tools/rpmkeys.cc index 4058fe169c..7aeb4da6e5 100644 --- a/tools/rpmkeys.cc +++ b/tools/rpmkeys.cc @@ -3,7 +3,9 @@ #include #include #include +#include #include + #include "cliutils.hh" #include "debug.h" @@ -42,19 +44,57 @@ static struct poptOption optionsTable[] = { POPT_TABLEEND }; -static ARGV_t gpgkeyargs(ARGV_const_t args) { - ARGV_t gpgargs = NULL; - for (char * const * arg = args; *arg; arg++) { - if (strncmp(*arg, "gpg-pubkey-", 11)) { - char * gpgarg = NULL; - rstrscat(&gpgarg, "gpg-pubkey-", *arg, NULL); - argvAdd(&gpgargs, gpgarg); - free(gpgarg); - } else { - argvAdd(&gpgargs, *arg); +static int matchingKeys(rpmKeyring keyring, ARGV_const_t args, void * userdata, int callback(rpmPubkey, void*)) +{ + int ec = EXIT_SUCCESS; + if (args) { + for (char * const * arg = args; *arg; arg++) { + int found = false; + auto iter = rpmKeyringInitIterator(keyring, 0); + rpmPubkey key = NULL; + while ((key = rpmKeyringIteratorNext(iter))) { + char * fp = rpmPubkeyFingerprintAsHex(key); + char * keyid = rpmPubkeyKeyIDAsHex(key); + if (!strcmp(*arg, fp) || !strcmp(*arg, keyid)) { + found = true; + } + free(fp); + free(keyid); + if (found) + break; + } + rpmKeyringIteratorFree(iter); + if (found) { + callback(key, userdata); + } else { + rpmlog(RPMLOG_NOTICE, "Key %s not found\n", *arg); + ec = EXIT_FAILURE; + } + } + } else { + int found = false; + auto iter = rpmKeyringInitIterator(keyring, 0); + rpmPubkey key = NULL; + while ((key = rpmKeyringIteratorNext(iter))) { + found = true; + callback(key, userdata); + } + rpmKeyringIteratorFree(iter); + if (!found) { + rpmlog(RPMLOG_NOTICE, "No keys installed\n"); + ec = EXIT_FAILURE; } } - return gpgargs; + return ec; +} + +static int printKey(rpmPubkey key, void * data) +{ + char * fp = rpmPubkeyFingerprintAsHex(key); + pgpDigParams params = rpmPubkeyPgpDigParams(key); + rpmlog(RPMLOG_NOTICE, "%s %s public key\n", fp, pgpDigParamsUserID(params)); + free(fp); + return 0; } int main(int argc, char *argv[]) @@ -63,6 +103,7 @@ int main(int argc, char *argv[]) poptContext optCon = NULL; rpmts ts = NULL; ARGV_const_t args = NULL; + rpmKeyring keyring = NULL; optCon = rpmcliInit(argc, argv, optionsTable); @@ -78,6 +119,7 @@ int main(int argc, char *argv[]) ts = rpmtsCreate(); rpmtsSetRootDir(ts, rpmcliRootDir); + keyring = rpmtsGetKeyring(ts, 1); switch (mode) { case MODE_CHECKSIG: @@ -112,16 +154,7 @@ int main(int argc, char *argv[]) } case MODE_LISTKEY: { - ARGV_t query = NULL; - if (args != NULL) { - query = gpgkeyargs(args); - } else { - argvAdd(&query, "gpg-pubkey"); - } - QVA_t qva = &rpmQVKArgs; - rstrcat(&qva->qva_queryFormat, "%{version}-%{release}: %{summary}\n"); - ec = rpmcliQuery(ts, &rpmQVKArgs, (ARGV_const_t) query); - query = argvFree(query); + ec = matchingKeys(keyring, args, NULL, printKey); break; } default: @@ -129,6 +162,7 @@ int main(int argc, char *argv[]) } exit: + rpmKeyringFree(keyring); rpmtsFree(ts); rpmcliFini(optCon); fflush(stderr);