Add a Sequoia-based OpenPGP backend

This change adds support for using Sequoia as an alternative to the internal OpenPGP backend. To use this backend, it is necessary to have the rpm-sequoia library installed. https://gitlab.com/sequoia-pgp/rpm-sequoia Fixes #1978.
2022-03-27 00:53:39 +01:00 · 2022-03-27 00:53:39 +01:00 · db36ea85aa
parent c1121a5c69
commit db36ea85aa
5 changed files with 34 additions and 11 deletions
--- a/11
+++ b/11
@ -22,10 +22,13 @@ The libmagic (aka file) library for file type detection (used by rpmbuild).
 The source for the file utility + library is available from
    ftp://ftp.astron.com/pub/file/

-You will need a cryptographic library to support digests and signatures.
-This library may be libgcrypt or OpenSSL, and can be specified with the
--with-crypto=[libgcrypt|openssl] argument to configure.
-libgcrypt is the default.
+You will need a cryptographic library to support digests and
+signatures.  This library may be libgcrypt, OpenSSL, or Sequoia PGP,
+and can be specified with the --with-crypto=[libgcrypt|openssl|sequoia]
+argument to configure.  libgcrypt is the default.
+
+Sequoia is used via the rpm-sequoia library, which is available from
+https://gitlab.com/sequoia-pgp/rpm-sequoia

 libgcrypt library is available from https://www.gnupg.org/software/libgcrypt/

--- a/configure.ac
+++ b/configure.ac
@ -272,7 +272,7 @@ AM_CONDITIONAL(LIBELF,[test "$WITH_LIBELF" = yes])
 # Select crypto library
 AC_ARG_WITH(crypto,
            [AC_HELP_STRING([--with-crypto=CRYPTO_LIB],
-                            [The cryptographic library to use (openssl|libgcrypt). The default is libgcrypt.])
+                            [The cryptographic library to use (openssl|libgcrypt|sequoia). The default is libgcrypt.])
                            ],[],
                            [with_crypto=libgcrypt])

@ -382,6 +382,24 @@ AM_CONDITIONAL([WITH_LIBGCRYPT],[test "$with_crypto" = libgcrypt])
 AC_SUBST(WITH_LIBGCRYPT_INCLUDE)
 AC_SUBST(WITH_LIBGCRYPT_LIB)

+#=================
+# Check for the rpm-sequoia backend.
+WITH_RPM_SEQUOIA_INCLUDE=
+WITH_RPM_SEQUOIA_LIB=
+if test "$with_crypto" = sequoia ; then
+  PKG_CHECK_MODULES([RPM_SEQUOIA], [rpm-sequoia], [have_rpm_sequoia=yes], [have_rpm_sequoia=no])
+  if test "$have_rpm_sequoia" = "yes"; then
+     WITH_RPM_SEQUOIA_INCLUDE="$RPM_SEQUOIA_CFLAGS"
+     WITH_RPM_SEQUOIA_LIB="$RPM_SEQUOIA_LIBS"
+  else
+     AC_MSG_ERROR([librpm-sequoia not found])
+  fi
+fi
+
+AM_CONDITIONAL([WITH_RPM_SEQUOIA],[test "$with_crypto" = sequoia])
+AC_SUBST(WITH_RPM_SEQUOIA_INCLUDE)
+AC_SUBST(WITH_RPM_SEQUOIA_LIB)
+
 #=================
 # Check for magic library.
 WITH_MAGIC_INCLUDE=
--- a/rpm.pc.in
+++ b/rpm.pc.in
@ -12,5 +12,5 @@ Requires: popt
 Requires.private: @ZSTD_REQUIRES@
 # Conflicts:
 Cflags: -I${includedir}
-Libs: -L${libdir} -lrpm -lrpmio
+Libs: -L${libdir} -lrpm -lrpmio @WITH_RPM_SEQUOIA_LIB@
 Libs.private: -lpopt -lrt -lpthread @WITH_LZMA_LIB@ @WITH_BZ2_LIB@ @WITH_ZLIB_LIB@ @LUA_LIBS@
--- a/rpmio/Makefile.am
+++ b/rpmio/Makefile.am
@ -8,6 +8,7 @@ EXTRA_DIST = modemuncher.c
 AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/include/
 AM_CPPFLAGS += @WITH_OPENSSL_INCLUDE@
 AM_CPPFLAGS += @WITH_LIBGCRYPT_INCLUDE@
+AM_CPPFLAGS += @WITH_RPM_SEQUOIA_INCLUDE@
 AM_CPPFLAGS += @WITH_POPT_INCLUDE@
 AM_CPPFLAGS += $(ZSTD_CFLAGS)
 AM_CPPFLAGS += @LUA_CFLAGS@
@ -24,14 +25,13 @@ librpmio_la_SOURCES = \
 	rpmio_internal.h rpmhook.h rpmvercmp.c rpmver.c \
 	rpmstring.c rpmfileutil.c rpmglob.c \
 	rpmkeyring.c rpmstrpool.c rpmmacro_internal.h \
-	rpmlua.c rpmlua.h lposix.c lposix.h \
-	rpmpgp_internal.c rpmpgp_internal.h
+	rpmlua.c rpmlua.h lposix.c lposix.h

 if WITH_OPENSSL
-librpmio_la_SOURCES += digest_openssl.c
+librpmio_la_SOURCES += digest_openssl.c rpmpgp_internal.c rpmpgp_internal.h
 else
 if WITH_LIBGCRYPT
-librpmio_la_SOURCES += digest_libgcrypt.c
+librpmio_la_SOURCES += digest_libgcrypt.c rpmpgp_internal.c rpmpgp_internal.h
 endif
 endif

@ -40,6 +40,7 @@ librpmio_la_LIBADD = \
 	../misc/libmisc.la \
 	@WITH_OPENSSL_LIB@ \
 	@WITH_LIBGCRYPT_LIB@ \
+	@WITH_RPM_SEQUOIA_LIB@ \
 	@WITH_BZ2_LIB@ \
 	@WITH_ZLIB_LIB@ \
 	@WITH_POPT_LIB@ \
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@ -12,7 +12,8 @@ EXTRA_DIST += local.at $(TESTSUITE)

 AM_CPPFLAGS = -I$(top_srcdir)/include

-rpmpgpcheck_LDADD = ../rpmio/librpmio.la
+rpmpgpcheck_LDADD = ../rpmio/librpmio.la \
+	@WITH_RPM_SEQUOIA_LIB@

 ## testsuite components
 TESTSUITE_AT = rpmtests.at