Header signatures were the new hot almost exactly twenty years ago, we
haven't supported anything else in a very, very, very, very very long time.
Drop the useless argument to rpmReadSignature() and bury the last remaining
related constant into rpmlead.c which is the only place that "needs" it.
No functional changes.
This patch exports generateSignature under the new name rpmGenerateSignature
so that includeFileSignatures can call it.
[lkardos@redhat.com: fixed indentation]
Signed-off-by: Lubos Kardos <lkardos@redhat.com>
- New internal API to "parse" signature tags, performing various
sanity checks, classifying the type (digest, actual signature etc)
and gathering other relevant info.
- Unused as of this commit...
- Change rpmVerifySignature() to take just the signature parameters
instead of the whole dig (this is an internal API so we're free
to mess with it) from which it only needed the signature params.
- The internal low-level verifySignature() is thus reduced to
to a call to rpmKeyringVerifySig() and spitting some silly
strings to msg.
- With this, keyring can now use and reuse the its internally stored
pgp key parameters instead of having to parse the same PGP packets
over and over. As a result, signature checking is faster now. Not
dramatically so but measurably nevertheless.
- Hide allocation inside the helper, automatically free on failure
- Return pointer to the signature parameters on success to simplify
life for callers
- Don't bother checking or reporting the signature version: the
pgp parser errors out if it encounters unsupported version and
does not scrible anything to the version field in that case,
mumbling about "V0 signatures" is not particularly helpful.
- Log the bad package names from rpmpkgReadHeader() too
- Some of these might actually be "correct" but about one case from
librpmbuild cascades down here ... just not worth the trouble to
keep the as rpmSigTags.
- Having it in signature.h is just wrong as it lives in a different
library now, and nothing outside rpmgensig.c needs it anymore.
Should've really been in commit 23a9d64ea4.
- Similar in spirit to commit 825691afb2,
these have fairly little in common really.
- Change the function names to force breakage on users (these are exported
in ABI but not in public headers so "users" are internal uses in
practise): the automatically generated bits in signature header are
not signatures, but digests (even size is a checksum of sorts) ...
and fix the couple of internal uses.
- the last freeware PGP version (6.5.8) is from year 2000 and doesn't
come close to compiling on modern distros, commercial versions we're
not interested in
- "PGP" signatures in rpm mean RSA, gpg can handle that just fine since
forever
- the code's been unused for years, unlikely to be functional anyway...
- allocate+free digests locally where needed, pass around in separate argument
- use digest bundles to handle rpmVerifySignatures() needs
- kill-kill-kill fdStealDigest(), dup the contexts from bundles as needed
- use rpm_tag_t for signature tag types too
- size_t, not rpm_count_t in signature generation
- add couple of explicit casts to rpmpgp.h to avoid spurious noise from
inlined functions
Panu Matilainen