From d0e98332d4115aa087e1e1f8e39b80c02c406f10 Mon Sep 17 00:00:00 2001
From: jbj <devnull@localhost>
Date: Sat, 19 Aug 2000 13:10:34 +0000
Subject: [PATCH] - python bindings to query and verify signatures.

CVS patchset: 4085
CVS date: 2000/08/19 13:10:34
---
 CHANGES            |  1 +
 lib/misc.c         | 31 +++++++++++++++++++++++++++++++
 lib/rpmlib.h       | 18 ++++++++++++++++++
 python/rpmmodule.c | 39 ++++++++++++++++++++++++++++++++++++---
 4 files changed, 86 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index ec30dff..d463b7b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -92,6 +92,7 @@
 	- fix: -Va broken, make db cursors per-iterator, not per-dbi.
 	- fix: segfault when globbing on "" (#15593).
 	- fix: rebuild db1 -> db3 ate 1st header (#16263).
+	- python bindings to query and verify signatures.
 
 3.0.4 -> 3.0.5
 	- configure.in fiddles for BSD systems (Patrick Schoo).
diff --git a/lib/misc.c b/lib/misc.c
index 5d5b265..278ff01 100644
--- a/lib/misc.c
+++ b/lib/misc.c
@@ -673,6 +673,37 @@ int rpmHeaderGetEntry(Header h, int_32 tag, int_32 *type,
 }
 
 /*
+ * XXX Yet Another dressed entry to unify signature/header tag retrieval.
+ */
+int rpmPackageGetEntry(void *leadp, Header sigs, Header h,
+	int_32 tag, int_32 *type, void **p, int_32 *c)
+{
+    int_32 sigtag;
+
+    switch (tag) {
+    case RPMTAG_SIGSIZE:	sigtag = RPMSIGTAG_SIZE;	break;
+    case RPMTAG_SIGLEMD5_1:	sigtag = RPMSIGTAG_LEMD5_1;	break;
+    case RPMTAG_SIGPGP:		sigtag = RPMSIGTAG_PGP;		break;
+    case RPMTAG_SIGLEMD5_2:	sigtag = RPMSIGTAG_LEMD5_2;	break;
+    case RPMTAG_SIGMD5:		sigtag = RPMSIGTAG_MD5;		break;
+    case RPMTAG_SIGGPG:		sigtag = RPMSIGTAG_GPG;		break;
+    case RPMTAG_SIGPGP5:	sigtag = RPMSIGTAG_GPG;		break;
+	
+    default:
+	return rpmHeaderGetEntry(h, tag, type, p, c);
+	/*@notreached@*/ break;
+    }
+
+    if (sigs == NULL) {
+	if (c)	*c = 0;
+	return 0;
+    }
+
+    return headerGetEntry(sigs, sigtag, type, p, c);
+
+}
+
+/*
  * Up to rpm 3.0.4, packages implicitly provided their own name-version-release.
  * Retrofit an explicit "Provides: name = epoch:version-release.
  */
diff --git a/lib/rpmlib.h b/lib/rpmlib.h
index 8ead72a..d8af993 100644
--- a/lib/rpmlib.h
+++ b/lib/rpmlib.h
@@ -45,6 +45,12 @@ void	rpmBuildFileList(Header h, /*@out@*/ const char *** fileListPtr,
 int rpmHeaderGetEntry(Header h, int_32 tag, /*@out@*/ int_32 *type,
         /*@out@*/ void **p, /*@out@*/int_32 *c);
 
+/*
+ * XXX Yet Another dressed entry to unify signature/header tag retrieval.
+ */
+int rpmPackageGetEntry(void *leadp, Header sigs, Header h,
+        int_32 tag, int_32 *type, void **p, int_32 *c);
+
    /* 0 = success */
    /* 1 = bad magic */
    /* 2 = error */
@@ -63,6 +69,18 @@ extern const struct headerSprintfExtension rpmHeaderFormats[];
 #define	RPMDBI_REMOVED		4
 #define	RPMDBI_AVAILABLE	5
 
+/* Retrofit (and uniqify) signature tags for use by tagName() and rpmQuery. */
+
+/* XXX underscore prevents tagTable generation */
+#define	RPMTAG_SIG_BASE			256
+#define	RPMTAG_SIGSIZE         	        RPMTAG_SIG_BASE+1
+/* the md5 sum was broken *twice* on big endian machines */
+#define	RPMTAG_SIGLEMD5_1		RPMTAG_SIG_BASE+2
+#define	RPMTAG_SIGPGP          	        RPMTAG_SIG_BASE+3
+#define	RPMTAG_SIGLEMD5_2		RPMTAG_SIG_BASE+4
+#define	RPMTAG_SIGMD5		        RPMTAG_SIG_BASE+5
+#define	RPMTAG_SIGGPG		        RPMTAG_SIG_BASE+6
+#define	RPMTAG_SIGPGP5		        RPMTAG_SIG_BASE+7	/* internal */
 
 /* these tags are found in package headers */
 /* none of these can be 0 !!                         */
diff --git a/python/rpmmodule.c b/python/rpmmodule.c
index e73e974..464680e 100644
--- a/python/rpmmodule.c
+++ b/python/rpmmodule.c
@@ -85,6 +85,8 @@ static PyObject * rpmtransGetAttr(rpmtransObject * o, char * name);
 static int rpmtransSetAttr(rpmtransObject * o, char * name,
 			   PyObject * val);
 
+/* signature verification */
+static PyObject * checkSig (PyObject * self, PyObject * args);
 
 /* internal functions */
 static long tagNumFromPyObject (PyObject *item);
@@ -116,6 +118,7 @@ struct rpmtransObject_s {
 struct hdrObject_s {
     PyObject_HEAD;
     Header h;
+    Header sigs;
     char ** md5list;
     char ** fileList;
     char ** linkList;
@@ -146,6 +149,7 @@ static PyMethodDef rpmModuleMethods[] = {
     { "errorString", (PyCFunction) errorString, METH_VARARGS, NULL },
     { "versionCompare", (PyCFunction) versionCompare, METH_VARARGS, NULL },
     { "labelCompare", (PyCFunction) labelCompare, METH_VARARGS, NULL },
+    { "checksig", (PyCFunction) checkSig, METH_VARARGS, NULL },
 /*      { "Fopen", (PyCFunction) doFopen, METH_VARARGS, NULL }, */
     { NULL }
 } ;
@@ -416,6 +420,13 @@ void initrpm(void) {
 			 PyInt_FromLong(RPMPROB_OLDPACKAGE));
     PyDict_SetItemString(d, "RPMPROB_DISKSPACE",
 			 PyInt_FromLong(RPMPROB_DISKSPACE));
+
+    PyDict_SetItemString(d, "CHECKSIG_PGP",
+			 PyInt_FromLong(CHECKSIG_PGP));
+    PyDict_SetItemString(d, "CHECKSIG_GPG",
+			 PyInt_FromLong(CHECKSIG_GPG));
+    PyDict_SetItemString(d, "CHECKSIG_MD5",
+			 PyInt_FromLong(CHECKSIG_MD5));
 }
 
 /* make a header with _all_ the tags we need */
@@ -787,24 +798,28 @@ static PyObject * labelCompare (PyObject * self, PyObject * args) {
 static PyObject * rpmHeaderFromPackage(PyObject * self, PyObject * args) {
     hdrObject * h;
     Header header;
+    Header sigs;
     int rc;
     FD_t fd;
     int rawFd;
-    int isSource;
+    int isSource = 0;
 
     if (!PyArg_ParseTuple(args, "i", &rawFd)) return NULL;
     fd = fdDup(rawFd);
 
-    rc = rpmReadPackageHeader(fd, &header, &isSource, NULL, NULL);
+    rc = rpmReadPackageInfo(fd, &sigs, &header);
     Fclose(fd);
 
     switch (rc) {
       case 0:
 	h = (hdrObject *) PyObject_NEW(PyObject, &hdrType);
 	h->h = header;
+	h->sigs = sigs;
 	h->fileList = h->linkList = h->md5list = NULL;
 	h->uids = h->gids = h->mtimes = h->fileSizes = NULL;
 	h->modes = h->rdevs = NULL;
+	if (headerIsEntry(header, RPMTAG_SOURCEPACKAGE))
+	    isSource = 1;
 	break;
 
       case 1:
@@ -1052,6 +1067,7 @@ static PyObject * rpmdbMIGetAttr (rpmdbObject *s, char *name) {
 
 static void hdrDealloc(hdrObject * s) {
     if (s->h) headerFree(s->h);
+    if (s->sigs) headerFree(s->sigs);
     if (s->md5list) free(s->md5list);
     if (s->fileList) free(s->fileList);
     if (s->linkList) free(s->linkList);
@@ -1113,7 +1129,8 @@ static PyObject * hdrSubscript(hdrObject * s, PyObject * item) {
             return NULL;
         }
         
-        if (!rpmHeaderGetEntry(s->h, tag, &type, &data, &count)) {
+        if (!rpmPackageGetEntry(NULL, s->sigs, s->h, tag, &type, &data, &count))
+	{
             Py_INCREF(Py_None);
             return Py_None;
         }
@@ -1789,6 +1806,22 @@ static int closeCallback(FILE * f) {
     }
     return 0; 
 }
+
+static PyObject * checkSig (PyObject * self, PyObject * args) {
+    char * filename;
+    int flags;
+    int rc = 255;
+
+    if (PyArg_ParseTuple(args, "si", &filename, &flags)) {
+	const char *av[2];
+	av[0] = filename;
+	av[1] = NULL;
+fprintf(stderr, "*** rpmCheckSig(%x,%p) %s\n", flags, av, av[0]);
+	rc = rpmCheckSig(flags, av);
+    }
+    return Py_BuildValue("i", rc);
+}
+
 /* disable 
 static PyObject * doFopen(PyObject * self, PyObject * args) {
     char * path, * mode;
-- 
2.7.4