Update rpmVerifySignature() internals to get by with just struct rpmsinfo

4 files changed, 25 insertions, 32 deletions

diff --git a/lib/package.c b/lib/package.c
index fcc908059..78f380f25 100644
--- a/lib/package.c
+++ b/lib/package.c
@@ -216,7 +216,7 @@ static rpmRC headerSigVerify(rpmKeyring keyring, rpmVSFlags vsflags,
 	rpmDigestUpdate(ctx, dstblob->pe, (dstblob->ril * sizeof(*dstblob->pe)));
 	rpmDigestUpdate(ctx, dstblob->dataStart, dstblob->rdl);
 
-	rc = rpmVerifySignature(keyring, &sigtd, sinfo.sig, ctx, buf);
+	rc = rpmVerifySignature(keyring, &sinfo, ctx, buf);
 
 	if (keyidp && sinfo.type == RPMSIG_SIGNATURE_TYPE)
 	    *keyidp = sinfo.keyid;
diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c
index fb1d08e61..737b3246b 100644
--- a/lib/rpmchecksig.c
+++ b/lib/rpmchecksig.c
@@ -268,13 +268,13 @@ static int verifyItems(FD_t fd, Header sigh, int range, rpmQueryFlags flags,
 
 	if (sinfo.hashalgo && sinfo.range == range && rc ==  RPMRC_OK) {
 	    DIGEST_CTX ctx = fdDupDigest(fd, sinfo.id);
-	    rc = rpmVerifySignature(keyring, &sigtd, sinfo.sig, ctx, &result);
+	    rc = rpmVerifySignature(keyring, &sinfo, ctx, &result);
 	    rpmDigestFinal(ctx, NULL, NULL, 0);
 	    fdFiniDigest(fd, sinfo.id, NULL, NULL, 0);
 	}
 
 	if (result) {
-	    formatResult(sigtd.tag, rc, result,
+	    formatResult(sinfo.tag, rc, result,
 		     (rc == RPMRC_NOKEY ? missingKeys : untrustedKeys), buf);
 	}
 
diff --git a/lib/signature.c b/lib/signature.c
index 2ba6d1d3b..7660f0a2a 100644
--- a/lib/signature.c
+++ b/lib/signature.c
@@ -377,13 +377,12 @@ static const char * rpmSigString(rpmRC res)
     return str;
 }
 
-static rpmRC verifyDigest(rpmtd sigtd, DIGEST_CTX digctx, const char *title,
-			  char **msg)
+static rpmRC verifyDigest(struct rpmsinfo_s *sinfo, DIGEST_CTX digctx,
+			  const char *title, char **msg)
 {
     rpmRC res = RPMRC_FAIL; /* assume failure */
     char * dig = NULL;
     size_t diglen = 0;
-    char *pkgdig = rpmtdFormat(sigtd, RPMTD_FORMAT_STRING, NULL);
     DIGEST_CTX ctx = rpmDigestDup(digctx);
 
     if (rpmDigestFinal(ctx, (void **)&dig, &diglen, 1) || diglen == 0) {
@@ -391,37 +390,35 @@ static rpmRC verifyDigest(rpmtd sigtd, DIGEST_CTX digctx, const char *title,
 	goto exit;
     }
 
-    if (strcasecmp(pkgdig, dig) == 0) {
+    if (strcasecmp(sinfo->dig, dig) == 0) {
 	res = RPMRC_OK;
-	rasprintf(msg, "%s %s (%s)", title, rpmSigString(res), pkgdig);
+	rasprintf(msg, "%s %s (%s)", title, rpmSigString(res), sinfo->dig);
     } else {
 	rasprintf(msg, "%s: %s Expected(%s) != (%s)",
-		  title, rpmSigString(res), pkgdig, dig);
+		  title, rpmSigString(res), sinfo->dig, dig);
     }
 
 exit:
     free(dig);
-    free(pkgdig);
     return res;
 }
 
 /**
  * Verify DSA/RSA signature.
  * @param keyring	pubkey keyring
- * @param sig		OpenPGP signature parameters
+ * @param sinfo		OpenPGP signature parameters
  * @param hashctx	digest context
- * @param isHdr		header-only signature?
  * @retval msg		verbose success/failure text
  * @return 		RPMRC_OK on success
  */
 static rpmRC
-verifySignature(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX hashctx,
-		int isHdr, char **msg)
+verifySignature(rpmKeyring keyring, struct rpmsinfo_s *sinfo,
+		DIGEST_CTX hashctx, char **msg)
 {
+    int isHdr = (sinfo->range == RPMSIG_HEADER);
+    rpmRC res = rpmKeyringVerifySig(keyring, sinfo->sig, hashctx);
 
-    rpmRC res = rpmKeyringVerifySig(keyring, sig, hashctx);
-
-    char *sigid = pgpIdentItem(sig);
+    char *sigid = pgpIdentItem(sinfo->sig);
     rasprintf(msg, "%s%s: %s", isHdr ? _("Header ") : "", sigid, 
 		rpmSigString(res));
     free(sigid);
@@ -429,38 +426,34 @@ verifySignature(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX hashctx,
 }
 
 rpmRC
-rpmVerifySignature(rpmKeyring keyring, rpmtd sigtd, pgpDigParams sig,
+rpmVerifySignature(rpmKeyring keyring, struct rpmsinfo_s *sinfo,
 		   DIGEST_CTX ctx, char ** result)
 {
     rpmRC res = RPMRC_NOTFOUND;
     char *msg = NULL;
-    int hdrsig = 0;
 
-    if (sigtd->data == NULL || sigtd->count <= 0 || ctx == NULL)
+    if (sinfo->sig == NULL || ctx == NULL)
 	goto exit;
 
-    switch (sigtd->tag) {
+    switch (sinfo->tag) {
     case RPMSIGTAG_MD5:
-	res = verifyDigest(sigtd, ctx, _("MD5 digest:"), &msg);
+	res = verifyDigest(sinfo, ctx, _("MD5 digest:"), &msg);
 	break;
     case RPMSIGTAG_SHA1:
-	res = verifyDigest(sigtd, ctx,  _("Header SHA1 digest:"), &msg);
+	res = verifyDigest(sinfo, ctx,  _("Header SHA1 digest:"), &msg);
 	break;
     case RPMSIGTAG_SHA256:
-	res = verifyDigest(sigtd, ctx,  _("Header SHA256 digest:"), &msg);
+	res = verifyDigest(sinfo, ctx,  _("Header SHA256 digest:"), &msg);
 	break;
     case RPMTAG_PAYLOADDIGEST:
-	res = verifyDigest(sigtd, ctx,  _("Payload SHA256 digest:"), &msg);
+	res = verifyDigest(sinfo, ctx,  _("Payload SHA256 digest:"), &msg);
 	break;
     case RPMSIGTAG_RSA:
     case RPMSIGTAG_DSA:
-	hdrsig = 1;
-	/* fallthrough */
     case RPMSIGTAG_PGP5:	/* XXX legacy */
     case RPMSIGTAG_PGP:
     case RPMSIGTAG_GPG:
-	if (sig != NULL)
-	    res = verifySignature(keyring, sig, ctx, hdrsig, &msg);
+	res = verifySignature(keyring, sinfo, ctx, &msg);
 	break;
     default:
 	break;
@@ -469,8 +462,8 @@ rpmVerifySignature(rpmKeyring keyring, rpmtd sigtd, pgpDigParams sig,
 exit:
     if (res == RPMRC_NOTFOUND) {
 	rasprintf(&msg,
-		  _("Verify signature: BAD PARAMETERS (%d %p %d %p %p)"),
-		  sigtd->tag, sigtd->data, sigtd->count, ctx, sig);
+		  _("Verify signature: BAD PARAMETERS (%d %p %d %p)"),
+		  sinfo->tag, sinfo->sig, sinfo->hashalgo, ctx);
 	res = RPMRC_FAIL;
     }
 
diff --git a/lib/signature.h b/lib/signature.h
index 2242143ac..4a7bf7c61 100644
--- a/lib/signature.h
+++ b/lib/signature.h
@@ -67,7 +67,7 @@ int rpmWriteSignature(FD_t fd, Header h);
  * 			(malloc'd)
  * @return		result of signature verification
  */
-rpmRC rpmVerifySignature(rpmKeyring keyring, rpmtd sigtd, pgpDigParams sig,
+rpmRC rpmVerifySignature(rpmKeyring keyring, struct rpmsinfo_s *sinfo,
 			 DIGEST_CTX ctx, char ** result);
 
 /** \ingroup signature