diff options
| author | Panu Matilainen <pmatilai@redhat.com> | 2011-11-09 12:47:02 +0200 |
|---|---|---|
| committer | Panu Matilainen <pmatilai@redhat.com> | 2011-11-09 13:09:37 +0200 |
| commit | 9e58316b0fd69da9e57cdbaee0aeeab8c47b033a (patch) | |
| tree | 7ffd2e47b4266125fd15d560e834cccd518c6eef /rpmio | |
| parent | 6f7700dbed99068449717f384e2683c4b2f5fe67 (diff) | |
| download | librpm-tizen-9e58316b0fd69da9e57cdbaee0aeeab8c47b033a.tar.gz librpm-tizen-9e58316b0fd69da9e57cdbaee0aeeab8c47b033a.tar.bz2 librpm-tizen-9e58316b0fd69da9e57cdbaee0aeeab8c47b033a.zip | |
Add a signature verification method to keyring
- At least within rpm itself, callers aren't particularly interested
in the actual key that matches a given signature, they just want
simple good/bad/nokey answers. This makes life simple for them
and avoids exposing further rpmPubkey internals through APIs.
Diffstat (limited to 'rpmio')
| -rw-r--r-- | rpmio/rpmkeyring.c | 18 | ||||
| -rw-r--r-- | rpmio/rpmkeyring.h | 9 |
2 files changed, 27 insertions, 0 deletions
diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c index 74b152aba..6ebaab89e 100644 --- a/rpmio/rpmkeyring.c +++ b/rpmio/rpmkeyring.c @@ -255,3 +255,21 @@ rpmRC rpmKeyringLookup(rpmKeyring keyring, pgpDig sig) return res; } + +rpmRC rpmKeyringVerifySig(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX ctx) +{ + rpmRC rc = RPMRC_FAIL; + + if (sig && ctx) { + pgpDigParams pgpkey = NULL; + rpmPubkey key = findbySig(keyring, sig); + + if (key) + pgpkey = key->pgpkey; + + /* We call verify even if key not found for a signature sanity check */ + rc = pgpVerifySignature(pgpkey, sig, ctx); + } + + return rc; +} diff --git a/rpmio/rpmkeyring.h b/rpmio/rpmkeyring.h index 8b4378baa..9fcab5feb 100644 --- a/rpmio/rpmkeyring.h +++ b/rpmio/rpmkeyring.h @@ -41,6 +41,15 @@ int rpmKeyringAddKey(rpmKeyring keyring, rpmPubkey key); rpmRC rpmKeyringLookup(rpmKeyring keyring, pgpDig sig); /** \ingroup rpmkeyring + * Perform combined keyring lookup and signature verification + * @param keyring keyring handle + * @param sig OpenPGP signature parameters + * @param ctx signature hash context + * @return RPMRC_OK / RPMRC_FAIL / RPMRC_NOKEY + */ +rpmRC rpmKeyringVerifySig(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX ctx); + +/** \ingroup rpmkeyring * Reference a keyring. * @param keyring keyring handle * @return new keyring reference |