diff options
| -rw-r--r-- | src/add.c | 4 | ||||
| -rw-r--r-- | src/apk_package.h | 1 | ||||
| -rw-r--r-- | src/package.c | 6 |
3 files changed, 9 insertions, 2 deletions
@@ -128,8 +128,8 @@ static int add_main(void *ctx, int argc, char **argv) goto err; } - /* FIXME: should verify the package too */ - apk_sign_ctx_init(&sctx, APK_SIGN_GENERATE, NULL); + apk_sign_ctx_init(&sctx, APK_SIGN_VERIFY_AND_GENERATE, + NULL); r = apk_pkg_read(&db, argv[i], &sctx, &pkg); apk_sign_ctx_free(&sctx); if (r != 0) { diff --git a/src/apk_package.h b/src/apk_package.h index be7395f..96d7840 100644 --- a/src/apk_package.h +++ b/src/apk_package.h @@ -35,6 +35,7 @@ struct apk_name; #define APK_SIGN_VERIFY_IDENTITY 2 #define APK_SIGN_GENERATE_V1 3 #define APK_SIGN_GENERATE 4 +#define APK_SIGN_VERIFY_AND_GENERATE 5 struct apk_sign_ctx { int action; diff --git a/src/package.c b/src/package.c index 0ef1d59..1c9ff3d 100644 --- a/src/package.c +++ b/src/package.c @@ -311,6 +311,7 @@ void apk_sign_ctx_init(struct apk_sign_ctx *ctx, int action, ctx->data_started = 1; break; case APK_SIGN_GENERATE: + case APK_SIGN_VERIFY_AND_GENERATE: default: action = APK_SIGN_GENERATE; ctx->md = EVP_sha1(); @@ -466,6 +467,7 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) switch (sctx->action) { case APK_SIGN_VERIFY: + case APK_SIGN_VERIFY_AND_GENERATE: if (sctx->signature.pkey == NULL) { if (apk_flags & APK_ALLOW_UNTRUSTED) break; @@ -502,6 +504,10 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) return -ECANCELED; break; } + if (sctx->action == APK_SIGN_VERIFY_AND_GENERATE) { + sctx->identity.type = EVP_MD_CTX_size(&sctx->mdctx); + EVP_DigestFinal_ex(&sctx->mdctx, sctx->identity.data, NULL); + } reset_digest: EVP_DigestInit_ex(&sctx->mdctx, sctx->md, NULL); |