From d6fa985d1eb88a61dd8a20096fe90108bd15fefa Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun, 2 Feb 2025 16:32:02 +0000
Subject: [PATCH] key: Parse signatures that don't have a comment

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/pakfire/key.c | 73 ++++++++++++++++++++++-------------------------
 1 file changed, 34 insertions(+), 39 deletions(-)

diff --git a/src/pakfire/key.c b/src/pakfire/key.c
index 18226b97..384321c3 100644
--- a/src/pakfire/key.c
+++ b/src/pakfire/key.c
@@ -901,7 +901,7 @@ static int pakfire_key_read_signature(struct pakfire_key* key,
 		struct pakfire_key_signature* signature, FILE* f) {
 	void* buffer = NULL;
 	size_t buffer_length = 0;
-	int r = -EINVAL;
+	int r;
 
 	char* line = NULL;
 	size_t length = 0;
@@ -915,53 +915,48 @@ static int pakfire_key_read_signature(struct pakfire_key* key,
 		// Increment the line counter
 		lineno++;
 
-		switch (lineno) {
-			// The first line must start with "untrusted comment:"
-			case 1:
-				if (!pakfire_string_startswith(line, "untrusted comment:")) {
-					ERROR(key->ctx, "The first line must start with 'untrusted comment:'\n");
-					r = -EINVAL;
-					goto ERROR;
-				}
-				break;
+		// Don't parse any comments
+		if (pakfire_string_startswith(line, "untrusted comment:"))
+			continue;
 
-			// The second line should hold the signature
-			case 2:
-				// Decode the key
-				r = pakfire_b64decode(key->ctx, &buffer, &buffer_length, line);
-				if (r) {
-					ERROR(key->ctx, "Could not decode the signature: %m\n");
-					r = -EINVAL;
-					goto ERROR;
-				}
+		// Decode the signature
+		r = pakfire_b64decode(key->ctx, &buffer, &buffer_length, line);
+		if (r) {
+			ERROR(key->ctx, "Could not decode the signature: %m\n");
+			r = -EINVAL;
+			goto ERROR;
+		}
 
-				// What kind of signature do we have?
-				switch (buffer_length) {
-					case sizeof(*signature):
-						// Copy the buffer to the signature
-						memcpy(signature, buffer, sizeof(*signature));
-
-						// Check if we support the signature type
-						if (signature->sig_algo[0] != 'E' || signature->sig_algo[1] != 'd') {
-							ERROR(key->ctx, "Unknown signature type\n");
-							r = -ENOTSUP;
-							goto ERROR;
-						}
-						break;
+		// What kind of signature do we have?
+		switch (buffer_length) {
+			case sizeof(*signature):
+				// Copy the buffer to the signature
+				memcpy(signature, buffer, sizeof(*signature));
 
-					default:
-						ERROR(key->ctx, "Unknown signature type\n");
-						r = -ENOTSUP;
-						goto ERROR;
+				// Check if we support the signature type
+				if (signature->sig_algo[0] != 'E' || signature->sig_algo[1] != 'd') {
+					ERROR(key->ctx, "Unknown signature type\n");
+					r = -ENOTSUP;
+					goto ERROR;
 				}
-				break;
 
-			// Ignore any further data
+				// Done
+				r = 0;
+				goto ERROR;
+
 			default:
-				break;
+				ERROR(key->ctx, "Unknown signature type\n");
+				r = -ENOTSUP;
+				goto ERROR;
 		}
+
+		// Only ever parse one signature
+		break;
 	}
 
+	// Fail if we had nothing to read
+	r = -ENODATA;
+
 ERROR:
 	if (buffer)
 		free(buffer);
-- 
2.39.5