diff options
-rw-r--r-- | rpmio/rpmpgp.c | 23 | ||||
-rw-r--r-- | rpmio/rpmpgp.h | 8 | ||||
-rw-r--r-- | sign/rpmgensig.c | 26 |
3 files changed, 34 insertions, 23 deletions
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c index 045740e43..36ed66c01 100644 --- a/rpmio/rpmpgp.c +++ b/rpmio/rpmpgp.c @@ -897,6 +897,29 @@ pgpDigParams pgpDigGetParams(pgpDig dig, unsigned int pkttype) return params; } +int pgpDigParamsCmp(pgpDigParams p1, pgpDigParams p2) +{ + int rc = 1; /* assume different, eg if either is NULL */ + if (p1 && p2) { + /* XXX Should we compare something else too? */ + if (p1->hash_algo != p2->hash_algo) + goto exit; + if (p1->pubkey_algo != p2->pubkey_algo) + goto exit; + if (p1->version != p2->version) + goto exit; + if (p1->sigtype != p2->sigtype) + goto exit; + if (memcmp(p1->signid, p2->signid, sizeof(p1->signid)) != 0) + goto exit; + + /* Parameters match ... at least for our purposes */ + rc = 0; + } +exit: + return rc; +} + int pgpPrtPkts(const uint8_t * pkts, size_t pktlen, pgpDig dig, int printing) { const uint8_t *p = pkts; diff --git a/rpmio/rpmpgp.h b/rpmio/rpmpgp.h index e00b703e1..ef25388fb 100644 --- a/rpmio/rpmpgp.h +++ b/rpmio/rpmpgp.h @@ -1053,6 +1053,14 @@ pgpDig pgpFreeDig(pgpDig dig); pgpDigParams pgpDigGetParams(pgpDig dig, unsigned int pkttype); /** \ingroup rpmpgp + * Compare OpenPGP packet parameters + * param p1 1st parameter container + * param p2 2nd parameter container + * return 1 if the parameters differ, 0 otherwise + */ +int pgpDigParamsCmp(pgpDigParams p1, pgpDigParams p2); + +/** \ingroup rpmpgp * Verify a PGP signature. * @param key public key * @param sig signature diff --git a/sign/rpmgensig.c b/sign/rpmgensig.c index 202b4cb6f..368f2aa41 100644 --- a/sign/rpmgensig.c +++ b/sign/rpmgensig.c @@ -372,33 +372,13 @@ static int sameSignature(rpmTagVal sigtag, Header h1, Header h2) { pgpDig dig1 = NULL; pgpDig dig2 = NULL; - pgpDigParams sig1 = getSig(h1, sigtag, &dig1); - pgpDigParams sig2 = getSig(h2, sigtag, &dig2); - int rc = 0; /* assume different, eg if either signature doesn't exist */ - /* XXX This part really belongs to rpmpgp.[ch] */ - if (sig1 && sig2) { + int rc = pgpDigParamsCmp(getSig(h1, sigtag, &dig1), + getSig(h2, sigtag, &dig2)); - /* XXX Should we compare something else too? */ - if (sig1->hash_algo != sig2->hash_algo) - goto exit; - if (sig1->pubkey_algo != sig2->pubkey_algo) - goto exit; - if (sig1->version != sig2->version) - goto exit; - if (sig1->sigtype != sig2->sigtype) - goto exit; - if (memcmp(sig1->signid, sig2->signid, sizeof(sig1->signid)) != 0) - goto exit; - - /* Parameters match, assume same signature */ - rc = 1; - } - -exit: pgpFreeDig(dig1); pgpFreeDig(dig2); - return rc; + return (rc == 0); } static int replaceSignature(Header sigh, const char *sigtarget, |