summaryrefslogtreecommitdiff
path: root/rpmio
diff options
context:
space:
mode:
Diffstat (limited to 'rpmio')
-rw-r--r--rpmio/rpmkeyring.c47
1 files changed, 31 insertions, 16 deletions
diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c
index 3be7bd1c0..74b152aba 100644
--- a/rpmio/rpmkeyring.c
+++ b/rpmio/rpmkeyring.c
@@ -215,28 +215,43 @@ char * rpmPubkeyBase64(rpmPubkey key)
return enc;
}
-rpmRC rpmKeyringLookup(rpmKeyring keyring, pgpDig sig)
+static rpmPubkey findbySig(rpmKeyring keyring, pgpDigParams sig)
{
- rpmRC res = RPMRC_NOKEY;
- pgpDigParams sigp = pgpDigGetParams(sig, PGPTAG_SIGNATURE);
-
- if (keyring && sigp) {
- struct rpmPubkey_s needle, *key;
- needle.pkt = NULL;
- needle.pktlen = 0;
- memcpy(needle.keyid, sigp->signid, sizeof(needle.keyid));
+ rpmPubkey key = NULL;
- if ((key = rpmKeyringFindKeyid(keyring, &needle))) {
- /* Retrieve parameters from pubkey packet(s) */
- int pktrc = pgpPrtPkts(key->pkt, key->pktlen, sig, 0);
- pgpDigParams pubp = pgpDigGetParams(sig, PGPTAG_PUBLIC_KEY);
+ if (keyring && sig) {
+ struct rpmPubkey_s needle;
+ memset(&needle, 0, sizeof(needle));
+ memcpy(needle.keyid, sig->signid, sizeof(needle.keyid));
+
+ key = rpmKeyringFindKeyid(keyring, &needle);
+ if (key) {
+ pgpDigParams pub = key->pgpkey;
/* Do the parameters match the signature? */
- if (pubp && pktrc == 0 && sigp->pubkey_algo == pubp->pubkey_algo &&
- memcmp(sigp->signid, pubp->signid, sizeof(sigp->signid)) == 0) {
- res = RPMRC_OK;
+ if ((sig->pubkey_algo != pub->pubkey_algo) ||
+ memcmp(sig->signid, pub->signid, sizeof(sig->signid))) {
+ key = NULL;
}
}
}
+ return key;
+}
+
+rpmRC rpmKeyringLookup(rpmKeyring keyring, pgpDig sig)
+{
+ rpmRC res = RPMRC_NOKEY;
+ pgpDigParams sigp = pgpDigGetParams(sig, PGPTAG_SIGNATURE);
+ rpmPubkey key = findbySig(keyring, sigp);
+
+ if (key) {
+ /*
+ * Callers expect sig to have the key data parsed into pgpDig
+ * on (successful) return, sigh. No need to check for return
+ * here as this is validated at rpmPubkeyNew() already.
+ */
+ pgpPrtPkts(key->pkt, key->pktlen, sig, 0);
+ res = RPMRC_OK;
+ }
return res;
}