Check not configured keystore backends for keys

Give an warning if they contain public keys. This allows the user to detect misconfigurations or missing conversion from one backend to another.
ffesti · Jan 24, 2025 · d2212b7 · d2212b7
1 parent 191a498
commit d2212b7
Show file tree

Hide file tree

Showing 4 changed files with 50 additions and 0 deletions.
diff --git a/lib/keystore.cc b/lib/keystore.cc
@@ -96,6 +96,27 @@ static rpmRC write_key_to_disk(rpmPubkey key, string & dir, string & filename, i
     return rc;
 }
 
+rpmRC rpm::check_backends(rpmtxn txn, rpmts ts)
+{
+    rpmRC rc = RPMRC_OK;
+
+    keystore_fs ks_fs = {};
+    keystore_rpmdb ks_rpmdb = {};
+    keystore_openpgp_cert_d ks_opengpg = {};
+
+    for (keystore *ks : std::vector<keystore*> {&ks_fs, &ks_rpmdb, &ks_opengpg}) {
+	if (ks->name == ts->keystore->name)
+	    continue;
+	rpmKeyring keyring = rpmKeyringNew();
+	ks->load_keys(txn, keyring);
+	if (rpmKeyringSize(keyring, 0)) {
+	    rpmlog(RPMLOG_WARNING, _("there are public keys in the %s backend which is not the one configured (%s)\n"), ks->name.c_str(), ts->keystore->name.c_str());
+	    rc = RPMRC_FAIL;
+	}
+	rpmKeyringFree(keyring);
+    }
+    return rc;
+}
 
 /*****************************************************************************/
 

diff --git a/lib/keystore.hh b/lib/keystore.hh
@@ -8,6 +8,8 @@
 
 namespace rpm {
 
+rpmRC check_backends(rpmtxn txn, rpmts ts);
+
 class keystore {
 public:
     const std::string name;

diff --git a/lib/rpmts.cc b/lib/rpmts.cc
@@ -299,6 +299,7 @@ static void loadKeyring(rpmts ts)
 	rpmtxn txn = rpmtxnBegin(ts, RPMTXN_READ);
 	if (txn) {
 	    ts->keystore->load_keys(txn, ts->keyring);
+	    check_backends(txn, ts);
 	    rpmtxnEnd(txn);
 	}
     }

diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
@@ -1960,3 +1960,29 @@ rpm -qp --qf "[%{filenames}:%{filesignatures}\n]" hello-2.0-1.x86_64-badima.rpm
 ],
 [])
 RPMTEST_CLEANUP
+
+AT_SETUP([keyring check keystores])
+AT_KEYWORDS([rpmkeys signature])
+RPMDB_INIT
+
+runroot rpmkeys \
+        --define "_keyring rpmdb" \
+        --import /data/keys/rpm.org-rsa-2048-add-subkey.asc
+runroot rpmkeys \
+        --define "_keyring fs" \
+        --import /data/keys/alice.asc
+
+RPMTEST_CHECK([[
+runroot rpmkeys --define "_keyring rpmdb" --list
+echo "==============================================="
+runroot rpmkeys --define "_keyring rpmdb" -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-new-subkey.rpm | grep "Header OpenPGP"
+]],
+[0],
+[771b18d3d7baa28734333c424344591e1964c5fc rpm.org RSA testkey <[email protected]> public key
+===============================================
+    Header OpenPGP V4 EdDSA/SHA512 signature, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: OK
+],
+[warning: there are public keys in the fs backend which is not the one configured (rpmdb)
+warning: there are public keys in the fs backend which is not the one configured (rpmdb)
+])
+RPMTEST_CLEANUP