Pass rpmPubkey instance to rpmtxnDeletePubkey

Use the matchingKeys() in rpmkeys to acquire those rpmPubkey instances.

Use EXIT_FAILURE as exit code for rpmkeys --delete instead of the
count of errors.

Author: ffesti

include/rpm/rpmts.h

@@ -14,6 +14,7 @@
 #include <rpm/rpmsw.h>
 #include <rpm/rpmfi.h>
 #include <rpm/rpmcallback.h>
+#include <rpm/rpmkeyring.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -353,13 +354,12 @@ rpmRC rpmtxnImportPubkey(rpmtxn txn, const unsigned char * pkt, size_t pktlen);
 /** \ingroup rpmts
  * Delete public key from transaction keystore.
  * @param txn           transaction handle
- * @param keyid         key fingerprint or keyid (in hex)
+ * @param key		public key
  * @return              RPMRC_OK on success
  * 			RPMRC_NOTFOUND if key not found
- * 			RPMRC_NOKEY on invalid keyid
  * 			RPMRC_FAIL on other failure
  */
-rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid);
+rpmRC rpmtxnDeletePubkey(rpmtxn txn, rpmPubkey key);
 
 /** \ingroup rpmts
  * Retrieve handle for keyring used for this transaction set

lib/rpmts.cc

@@ -774,17 +774,10 @@ rpmRC rpmtxnImportPubkey(rpmtxn txn, const unsigned char * pkt, size_t pktlen)
     return rc;
 }
 
-rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid)
+rpmRC rpmtxnDeletePubkey(rpmtxn txn, rpmPubkey key)
 {
     rpmRC rc = RPMRC_FAIL;
-    size_t klen = strlen(keyid);
-
-    /* Allow short keyid while we're transitioning */
-    if (klen != 40 && klen != 16 && klen != 8)
-	return RPMRC_NOKEY;
-
-    if (!rpmIsValidHex(keyid, klen))
-	return RPMRC_NOKEY;
+    char * keyid = rpmPubkeyKeyIDAsHex(key);
 
     if (txn) {
 	/* force keyring load */
@@ -797,12 +790,13 @@ rpmRC rpmtxnDeletePubkey(rpmtxn txn, const char *keyid)
 	rc = RPMRC_OK;
 	if (!(rpmtsFlags(txn->ts) & RPMTRANS_FLAG_TEST)) {
 	    if (txn->ts->keyringtype == KEYRING_FS)
-		rc = rpmtsDeleteFSKey(txn, keyid);
+		rc = rpmtsDeleteFSKey(txn, keyid+8);
 	    else
-		rc = rpmtsDeleteDBKey(txn, keyid);
+		rc = rpmtsDeleteDBKey(txn, keyid+8);
 	}
 	rpmKeyringFree(keyring);
     }
+    free(keyid);
     return rc;
 }
 

tests/rpmsigdig.at

@@ -78,7 +78,7 @@ runroot rpmkeys -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-new-subkey.rpm
 RPMTEST_CHECK([
 runroot rpmkeys --delete abcd gimmekey 1111aaaa2222bbbb
 ],
-[3],
+[1],
 [],
 [error: invalid key id: abcd
 error: invalid key id: gimmekey
@@ -147,7 +147,7 @@ runroot rpmkeys -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-new-subkey.rpm
 RPMTEST_CHECK([
 runroot rpmkeys --delete abcd gimmekey 1111aaaa2222bbbb
 ],
-[3],
+[1],
 [],
 [error: invalid key id: abcd
 error: invalid key id: gimmekey

tools/rpmkeys.cc

@@ -122,6 +122,13 @@ static int printKey(rpmPubkey key, void * data)
     return 0;
 }
 
+static int deleteKey(rpmPubkey key, void * data)
+{
+    rpmtxn txn = (rpmtxn) data;
+    rpmtxnDeletePubkey(txn, key);
+    return 0;
+}
+
 int main(int argc, char *argv[])
 {
     int ec = EXIT_FAILURE;
@@ -157,20 +164,7 @@ int main(int argc, char *argv[])
     {
 	rpmtxn txn = rpmtxnBegin(ts, RPMTXN_WRITE);
 	if (txn) {
-	    int nfail = 0;
-	    for (char const * const *arg = args; *arg && **arg; arg++) {
-		rpmRC delrc = rpmtxnDeletePubkey(txn, *arg);
-		if (delrc) {
-		    if (delrc == RPMRC_NOTFOUND)
-			rpmlog(RPMLOG_ERR, ("key not found: %s\n"), *arg);
-		    else if (delrc == RPMRC_NOKEY)
-			rpmlog(RPMLOG_ERR, ("invalid key id: %s\n"), *arg);
-		    else if (delrc == RPMRC_FAIL)
-			rpmlog(RPMLOG_ERR, ("failed to delete key: %s\n"), *arg);
-		    nfail++;
-		}
-	    }
-	    ec = nfail;
+	    ec = matchingKeys(ts, args, deleteKey, txn);
 	    rpmtxnEnd(txn);
 	}
 	break;