@pmatilai commented on this pull request.


> @@ -430,6 +438,10 @@ typedef enum rpmSigTag_e {
     RPMSIGTAG_SHA256   = RPMTAG_SHA256HEADER,
     RPMSIGTAG_FILESIGNATURES           = RPMTAG_SIG_BASE + 18,
     RPMSIGTAG_FILESIGNATURELENGTH      = RPMTAG_SIG_BASE + 19,
+    RPMSIGTAG_VERITYSIGNATURES         = RPMTAG_SIG_BASE + 20,
+    RPMSIGTAG_VERITYSIGNATURELENGTH    = RPMTAG_SIG_BASE + 21,
+    RPMSIGTAG_VERITYSIGNATUREALGO      = RPMTAG_SIG_BASE + 22,
+    RPMSIGTAG_VERITYSIGNATUREBLKSZ     = RPMTAG_SIG_BASE + 23,

> So first question, you are suggesting I move the tags to the range of 
> RPMTAG_SIG_BASE like this - just want to make sure I got it right:
RPMTAG_SHA256HEADER = RPMTAG_SIG_BASE+17, /* s */

Yes. So you'd have:
```
RPMTAG_VERITYSIGNATURES = RPMTAG_SIG_BASE+24, /* s */
[...]
RPMSIGTAG_VERITYSIGNATURES = RPMTAG_VERITYSIGNATURES,
```
...and the similarly for the other tags.

> With regard to the different tags, then for the signature length, it depends 
> on the key used and the algorithm. Are you suggesting we calculate the length 
> of the signature from the length of the signature array and divide it by the 
> number of entries?

I'm not sure what I'm suggesting :smile: Storage size as such is not an issue, 
it's just that I find the length tag looking superfluous. Isn't it just 
"strlen() / 2" of the hex data - and once using base64, something you'll get 
from rpmBase64Decode(). It's not a value you need upfront, is it?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1203#discussion_r431669436
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint

Reply via email to