folkslinux
/
rpm
mirror of https://github.com/rpm-software-management/rpm.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rpm/rpmio/rpmpgp_dummy.c

124 lines
2.5 KiB
C
Raw Normal View History

Allow building rpm without OpenPGP support For bootstrapping purposes, having rpm depend on Rust is painful, but directing people to unmaintained crypto code as an alternative is hair-raising. As a middle ground, let rpm be built without OpenPGP support at all, which at least gives you a functional rpm and rpm-build even if you can't sign or verify signatures. Achieving this is a moderately complex dance which can't meaningfully be split into multiple commits because everything is interconnected: Add a new WITH_SEQUOIA option to control use of Sequoia, on by default. When Sequoia is disabled, default to a newly added dummy PGP implementation instead which just returns error on everything. And finally, if the older WITH_INTERNAL_OPENPGP is enabled, use the old PGP implementation. As the intent is to cut out rpmpgp_legacy to a separate repository, sanity requires that we also split the openssl/libgcrypt code at the digest/signature fault line. It's not ideal, but the alternative of having unused crypto code on which an external component depends on is just not sustainable. This way, the signature side of things is quite neatly cut off with the PGP stuff. The diff looks big but there are no code/functional changes in the libgcrypt/openssl split.
2024-03-19 17:08:08 +08:00
/* Dummy OpenPGP interface for compiling with minimal dependencies */
#include "system.h"
#include <rpm/rpmpgp.h>
#include "rpmpgpval.h"
#include "debug.h"
typedef struct pgpDigAlg_s * pgpDigAlg;
int pgpSignatureType(pgpDigParams _digp)
{
return -1;
}
int pgpPubkeyFingerprint(const uint8_t * pkt, size_t pktlen,
uint8_t **fp, size_t *fplen)
{
return -1;
}
int pgpPubkeyKeyID(const uint8_t * pkt, size_t pktlen, pgpKeyID_t keyid)
{
return -1;
}
pgpDigParams pgpDigParamsFree(pgpDigParams digp)
{
return NULL;
}
int pgpDigParamsCmp(pgpDigParams p1, pgpDigParams p2)
{
return -1;
}
unsigned int pgpDigParamsAlgo(pgpDigParams digp, unsigned int algotype)
{
return 0;
}
const uint8_t *pgpDigParamsSignID(pgpDigParams digp)
{
return NULL;
}
const char *pgpDigParamsUserID(pgpDigParams digp)
{
return NULL;
}
int pgpDigParamsVersion(pgpDigParams digp)
{
return 0;
}
uint32_t pgpDigParamsCreationTime(pgpDigParams digp)
{
return -1;
}
int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
pgpDigParams * ret)
{
return -1;
}
static char *not_supported(void)
{
return xstrdup("RPM was compiled without OpenPGP support");
}
int pgpPrtParams2(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
pgpDigParams * ret, char **lints)
{
if (lints)
*lints = not_supported();
return pgpPrtParams(pkts, pktlen, pkttype, ret);
}
int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
pgpDigParams mainkey, pgpDigParams **subkeys,
int *subkeysCount)
{
return -1;
}
rpmRC pgpVerifySignature(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx)
{
return RPMRC_NOTFOUND;
}
rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx, char **lints)
{
if (lints)
*lints = not_supported();
return pgpVerifySignature(key, sig, hashctx);
}
pgpArmor pgpParsePkts(const char *armor, uint8_t ** pkt, size_t * pktlen)
{
return PGPARMOR_NONE;
}
int pgpPubKeyCertLen(const uint8_t *pkts, size_t pktslen, size_t *certlen)
{
return -1;
}
char * pgpArmorWrap(int atype, const unsigned char * s, size_t ns)
{
return NULL;
}
rpmRC pgpPubKeyLint(const uint8_t *pkts, size_t pktslen, char **explanation)
{
*explanation = not_supported();
return RPMRC_FAIL;
}
Support pubkey merging in the keyring code The new rpmPubkeyMerge function will merge the certificate material of two pubkeys describing the same key. This is currently only implemented in the "legcay" backend.
2024-05-07 20:42:21 +08:00
rpmRC pgpPubkeyMerge(const uint8_t *pkts1, size_t pkts1len, const uint8_t *pkts2, size_t pkts2len, uint8_t **pktsm, size_t *pktsmlen, int flags)
{
return RPMRC_FAIL;
}