Process all keys and signatures we find

- We still can't store more than one signature / key at a time, but
  since we can easily *process* them without trashing already stored
  values, lets do so to avoid returning errors from legal packets.
  Also pay attention to only store data matching our expected type,
  ie dont store signature data into pubkey parameters and vice versa.
- This mostly affects pubkey packets which can have more than one
  key present and which (can) also carry certification signature
  which we currently do not handle properly at all.

diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
index 81f0522..467c45c 100644 (file)
--- a/rpmio/rpmpgp.c
+++ b/rpmio/rpmpgp.c
@@ -486,29 +486,27 @@ static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype,
                pgpDigParams sigp)
 {
     int rc = 1; /* assume failure */
+    const uint8_t * pend = h + hlen;
+    int i;
+    pgpDigAlg sigalg = pgpSignatureNew(pubkey_algo);
 
-    /* can't handle more than one sig at a time */
-    if (sigp->alg == NULL) {
-       const uint8_t * pend = h + hlen;
-       int i;
-       pgpDigAlg sigalg = pgpSignatureNew(pubkey_algo);
-
-       for (i = 0; p < pend && i < sigalg->mpis; i++, p += pgpMpiLen(p)) {
-           if (sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT) {
-               if (sigalg->setmpi(sigalg, i, p, pend))
-                   break;
-           }
-       }
-
-       /* Does the size and number of MPI's match our expectations? */
-       if (p == pend && i == sigalg->mpis) {
-           sigp->alg = sigalg;
-           rc = 0;
-       } else {
-           pgpDigAlgFree(sigalg);
+    for (i = 0; p < pend && i < sigalg->mpis; i++, p += pgpMpiLen(p)) {
+       if (sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT) {
+           if (sigalg->setmpi(sigalg, i, p, pend))
+               break;
        }
     }
 
+    /* Does the size and number of MPI's match our expectations? */
+    if (p == pend && i == sigalg->mpis)
+       rc = 0;
+    
+    /* We can't handle more than one sig at a time */
+    if (rc == 0 && sigp->alg == NULL && sigp->tag == PGPTAG_SIGNATURE)
+       sigp->alg = sigalg;
+    else
+       pgpDigAlgFree(sigalg);
+
     return rc;
 }
 
@@ -639,27 +637,24 @@ static int pgpPrtPubkeyParams(uint8_t pubkey_algo,
                pgpDigParams keyp)
 {
     int rc = 1;
+    const uint8_t *pend = h + hlen;
+    int i;
+    pgpDigAlg keyalg = pgpPubkeyNew(pubkey_algo);
 
-    /* we can't handle more than one key at a time */
-    if (keyp->alg == NULL) {
-       const uint8_t *pend = h + hlen;
-       int i;
-       pgpDigAlg keyalg = pgpPubkeyNew(pubkey_algo);
+    for (i = 0; p < pend && i < keyalg->mpis; i++, p += pgpMpiLen(p)) {
+       if (keyalg->setmpi(keyalg, i, p, pend))
+           break;
+    }
 
-       for (i = 0; p < pend && i < keyalg->mpis; i++, p += pgpMpiLen(p)) {
-           if (keyalg->setmpi(keyalg, i, p, pend)) {
-               break;
-           }
-       }
+    /* Does the size and number of MPI's match our expectations? */
+    if (p == pend && i == keyalg->mpis)
+       rc = 0;
 
-       /* Does the size and number of MPI's match our expectations? */
-       if (p == pend && i == keyalg->mpis) {
-           rc = 0;
-           keyp->alg = keyalg;
-       } else {
-           pgpDigAlgFree(keyalg);
-       }
-    }
+    /* We can't handle more than one key at a time */
+    if (rc == 0 && keyp->alg == NULL && keyp->tag == PGPTAG_PUBLIC_KEY)
+       keyp->alg = keyalg;
+    else
+       pgpDigAlgFree(keyalg);
 
     return rc;
 }