Add support for SHA256 header

craigwblake · Jul 21, 2021 · 45494bc · 45494bc
1 parent 47b2a5d
commit 45494bc
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 9 deletions.
diff --git a/src/main/java/org/redline_rpm/Builder.java b/src/main/java/org/redline_rpm/Builder.java
@@ -6,7 +6,6 @@
 import java.io.FileReader;
 import java.io.IOException;
 import java.io.RandomAccessFile;
-import java.lang.reflect.Array;
 import java.net.URL;
 import java.nio.ByteBuffer;
 import java.nio.channels.Channels;
@@ -57,6 +56,7 @@ public class Builder {
 	private static final int GPGSIZE = 65;
 	private static final int DSASIZE = 65;
 	private static final int SHASIZE = 41;
+	private static final int SHA256_SIZE = 65;
 	private static final int MD5SIZE = 32;
 
 	private static final String DEFAULTSCRIPTPROG = "/bin/sh";
@@ -1297,7 +1297,8 @@ public void build( final FileChannel original) throws NoSuchAlgorithmException,
 		}
 
 		if (0 < contents.size()) {
-			format.getHeader().createEntry(FILEMD5S, contents.getMD5s());
+			String[] checksums = contents.getMD5s();
+			format.getHeader().createEntry(FILEDIGESTS, checksums);
 			format.getHeader().createEntry(FILESIZES, contents.getSizes());
 			format.getHeader().createEntry(FILEMODES, contents.getModes());
 			format.getHeader().createEntry(FILERDEVS, contents.getRdevs());
@@ -1319,7 +1320,9 @@ public void build( final FileChannel original) throws NoSuchAlgorithmException,
 		final Entry< int[]> payload = ( Entry< int[]>) format.getSignature().addEntry( PAYLOADSIZE, 1);
 		final Entry< byte[]> md5 = ( Entry< byte[]>) format.getSignature().addEntry( LEGACY_MD5, 16);
 		final Entry< String[]> sha = ( Entry< String[]>) format.getSignature().addEntry( SHA1HEADER, 1);
+		final Entry<String[]> sha256 = ( Entry< String[]>) format.getSignature().addEntry( SHA256HEADER, 1);
 		sha.setSize( SHASIZE);
+		sha256.setSize(SHA256_SIZE);
 
         SignatureGenerator signatureGenerator = createSignatureGenerator();
         signatureGenerator.prepare( format.getSignature() );
@@ -1331,11 +1334,13 @@ public void build( final FileChannel original) throws NoSuchAlgorithmException,
 		final Key< Integer> sigsizekey = output.start();
 		final Key< byte[]> shakey = output.start( "SHA");
 		final Key< byte[]> md5key = output.start( "MD5");
+		final Key< byte[]> sha256key = output.start( "SHA-256");
         signatureGenerator.startBeforeHeader( output );
 
 		immutable.setValues( getImmutable( format.getHeader().count()));
 		format.getHeader().write( output);
 		sha.setValues( new String[] { Util.hex( output.finish( shakey))});
+		sha256.setValues( new String[] { Util.hex( output.finish( sha256key) ) });
         signatureGenerator.finishAfterHeader( output );
 
 		final GZIPOutputStream zip = new GZIPOutputStream( Channels.newOutputStream( output));

diff --git a/src/main/java/org/redline_rpm/SignatureGenerator.java b/src/main/java/org/redline_rpm/SignatureGenerator.java
@@ -105,16 +105,17 @@ protected PGPSecretKeyRingCollection readKeyRings( File privateKeyRingFile ) {
 
     protected PGPSecretKey findMatchingSecretKey( PGPSecretKeyRingCollection keyRings, String privateKeyId ) {
         privateKeyId = privateKeyId != null ? privateKeyId.toLowerCase() : null;
-
+        System.out.println("keyRings.size() = " + keyRings.size());
         @SuppressWarnings( "unchecked" )
         Iterator< PGPSecretKeyRing> iter = keyRings.getKeyRings();
         while ( iter.hasNext() ) {
             PGPSecretKeyRing keyRing = iter.next();
-
+            System.out.println("keyRing = " + keyRing);
             @SuppressWarnings( "unchecked" )
             Iterator< PGPSecretKey> keyIter = keyRing.getSecretKeys();
             while ( keyIter.hasNext() ) {
                 PGPSecretKey key = keyIter.next();
+                System.out.println("key = " + key + " -- " + key.isSigningKey());
                 if ( key.isSigningKey() && isMatchingKeyId( key, privateKeyId ) ) {
                     return key;
                 }
@@ -125,10 +126,11 @@ protected PGPSecretKey findMatchingSecretKey( PGPSecretKeyRingCollection keyRing
     }
 
     protected boolean isMatchingKeyId( PGPSecretKey key, String privateKeyId ) {
+        System.out.println("privateKeyId = " + privateKeyId);
         if (privateKeyId == null) {
             return true;
         }
-
+        System.out.println("Long.toHexString( key.getKeyID() ) = " + Long.toHexString(key.getKeyID()));
         return Long.toHexString( key.getKeyID() ).endsWith( privateKeyId );
     }
 

diff --git a/src/main/java/org/redline_rpm/header/Header.java b/src/main/java/org/redline_rpm/header/Header.java
@@ -79,7 +79,7 @@ public enum HeaderTag implements Tag {
 		FILEMODES( 1030, INT16_ENTRY, "filemodes"),
 		FILERDEVS( 1033, INT16_ENTRY, "filerdevs"),
 		FILEMTIMES( 1034, INT32_ENTRY, "filemtimes"),
-		FILEMD5S( 1035, STRING_ARRAY_ENTRY, "filemd5s"),
+		FILEDIGESTS( 1035, STRING_ARRAY_ENTRY, "filedigests"),
 		FILELINKTOS( 1036, STRING_ARRAY_ENTRY, "filelinktos"),
 		FILEFLAGS( 1037, INT32_ENTRY, "fileflags"),
 		FILEUSERNAME( 1039, STRING_ARRAY_ENTRY, "fileusername"),
@@ -103,7 +103,16 @@ public enum HeaderTag implements Tag {
 		PROVIDEFLAGS( 1112, INT32_ENTRY, "provideflags"),
 		PROVIDEVERSION( 1113, STRING_ARRAY_ENTRY, "provideversion"),
 		OBSOLETEFLAGS( 1114, INT32_ENTRY, "obsoleteflags"),
-		OBSOLETEVERSION( 1115, STRING_ARRAY_ENTRY, "obsoleteversion");
+		OBSOLETEVERSION( 1115, STRING_ARRAY_ENTRY, "obsoleteversion"),
+		DISTURL( 1123, STRING_ENTRY, "disturl"),
+		DISTTAG( 1155, STRING_ENTRY, "disttag"),
+
+		FILEDIGESTALGO( 5011, INT32_ENTRY, "filedigestalgo"),
+		BUGURL( 5012, STRING_ENTRY, "bugurl"),
+		ENCODING( 5062, STRING_ENTRY, "encoding"),
+		PAYLOADDIGEST( 5092, STRING_ARRAY_ENTRY, "payloaddigest"),
+		PAYLOADDIGESTALGO( 5093, INT32_ENTRY, "payloaddigestalgo"),
+		PAYLOADDIGESTALT( 5097, STRING_ARRAY_ENTRY, "payloaddigestalt");
 
 		private int code;
 		private int type;

diff --git a/src/main/java/org/redline_rpm/header/Signature.java b/src/main/java/org/redline_rpm/header/Signature.java
@@ -21,14 +21,16 @@ public enum SignatureTag implements Tag {
 		GPG( 262, 7, "gpg"),
 		LEGACY_GPG( 1005, 7, "gpg"),
 		PAYLOADSIZE( 1007, 4, "payloadsize"),
+		RESERVEDSPACE( 1008, 4, "reservedspace"),
 		// SHA digest of just the header section
-		SHA1HEADER( 269, 6, "sha1header"),
-		LEGACY_SHA1HEADER( 1010, 6, "sha1header"),
+		SHA1HEADER( 269, STRING_ENTRY, "sha1header"),
+		LEGACY_SHA1HEADER( 1010, STRING_ENTRY, "sha1header"),
 		// DSA signature of just the header section, depends on GPG
 		DSAHEADER( 267, 7, "dsaheader"),
 		LEGACY_DSAHEADER( 1011, 7, "dsaheader"),
 		// RSA signature of just the header section, depends on PGP
 		RSAHEADER( 268, 7, "rsaheader"),
+		SHA256HEADER( 273, STRING_ENTRY, "sha256header"),
 		LEGACY_RSAHEADER( 1012, 7, "rsaheader");
 
 		private int code;