From 0a7318ab4467d3156723c7a265dbd3456b8d1e20 Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Tue, 10 Oct 2017 14:44:18 +0300 Subject: [PATCH 07/33] Use rpm file info sets instead of header for retrieving file data Simplifies the code a little, but more imporantly it avoids duplicating code and special knowledge like the default digest algo and converting hex to binary. As a side-effect, this fixes RPMTAG_FILESIGNATURELENGTH inadvertly getting added into packages that have no files at all. --- sign/rpmsignfiles.c | 36 +++++++++++++++++------------------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/sign/rpmsignfiles.c b/sign/rpmsignfiles.c index c1d227a07..de7a73cfd 100644 --- a/sign/rpmsignfiles.c +++ b/sign/rpmsignfiles.c @@ -8,7 +8,7 @@ #include "imaevm.h" #include /* rpmlog */ -#include /* rnibble */ +#include #include /* rpmDigestLength */ #include "lib/header.h" /* HEADERGET_MINMEM */ #include "lib/rpmtypes.h" /* rpmRC */ @@ -32,7 +32,7 @@ static const char *hash_algo_name[] = { #define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) -static char *signFile(const char *algo, const char *fdigest, int diglen, +static char *signFile(const char *algo, const uint8_t *fdigest, int diglen, const char *key, char *keypass) { char *fsignature; @@ -40,15 +40,11 @@ const char *key, char *keypass) unsigned char signature[MAX_SIGNATURE_LENGTH]; int siglen; - /* convert file digest hex to binary */ - memset(digest, 0, diglen); /* some entries don't have a digest - we return an empty signature */ - if (strlen(fdigest) != diglen * 2) + memset(digest, 0, diglen); + if (memcmp(digest, fdigest, diglen) == 0) return strdup(""); - for (int i = 0; i < diglen; ++i, fdigest += 2) - digest[i] = (rnibble(fdigest[0]) << 4) | rnibble(fdigest[1]); - /* prepare file signature */ memset(signature, 0, MAX_SIGNATURE_LENGTH); signature[0] = '\x03'; @@ -82,21 +78,23 @@ char *keypass) rpmRC rpmSignFiles(Header sigh, Header h, const char *key, char *keypass) { - struct rpmtd_s digests, td; + struct rpmtd_s td; int algo; int diglen; uint32_t siglen; const char *algoname; - const char *digest; + const uint8_t *digest; char *signature = NULL; rpmRC rc = RPMRC_FAIL; + rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, RPMFI_FLAGS_QUERY); + + if (rpmfiFC(fi) == 0) { + rc = RPMRC_OK; + goto exit; + } - rpmtdReset(&digests); - algo = headerGetNumber(h, RPMTAG_FILEDIGESTALGO); - if (!algo) { - /* use default algorithm */ - algo = PGPHASHALGO_MD5; - } else if (algo < 0 || algo >= ARRAY_SIZE(hash_algo_name)) { + algo = rpmfiDigestAlgo(fi); + if (algo >= ARRAY_SIZE(hash_algo_name)) { rpmlog(RPMLOG_ERR, _("File digest algorithm id is invalid")); goto exit; } @@ -125,8 +123,8 @@ rpmRC rpmSignFiles(Header sigh, Header h, const char *key, char *keypass) td.data = NULL; /* set in the loop below */ td.count = 1; - headerGet(h, RPMTAG_FILEDIGESTS, &digests, HEADERGET_MINMEM); - while ((digest = rpmtdNextString(&digests))) { + while (rpmfiNext(fi) >= 0) { + digest = rpmfiFDigest(fi, NULL, NULL); signature = signFile(algoname, digest, diglen, key, keypass); if (!signature) { rpmlog(RPMLOG_ERR, _("signFile failed\n")); @@ -143,6 +141,6 @@ rpmRC rpmSignFiles(Header sigh, Header h, const char *key, char *keypass) exit: free(signature); - rpmtdFreeData(&digests); + rpmfiFree(fi); return rc; } -- 2.27.0