10 #define _RPMPGP_INTERNAL
32 const char * tpmacro =
"%{?_tmppath}%{!?_tmppath:/var/tmp/}";
33 const char * tempfn = NULL;
34 const char * tfn = NULL;
35 static int _initialized = 0;
40 if (!prefix) prefix =
"";
46 if (
rpmioMkpath(tempfn, 0755, (uid_t) -1, (gid_t) -1))
51 ran = (unsigned) time(NULL);
53 ran = rand() % 100000;
60 sprintf(tfnbuf,
"rpm-tmp.%u", ran++);
61 tempfn =
_free(tempfn);
64 strcpy(tfnbuf,
"rpm-tmp.XXXXXX");
65 tempfn =
_free(tempfn);
66 tempfn =
rpmGenPath(prefix, tpmacro, mktemp(tfnbuf));
70 if (*tfn ==
'\0')
goto errxit;
85 fd =
Fopen(tempfn,
"w+x.fdio");
87 }
while ((fd == NULL ||
Ferror(fd)) &&
errno == EEXIST);
89 if (fd == NULL ||
Ferror(fd)) {
97 {
struct stat sb, sb2;
98 if (!stat(tfn, &sb) &&
S_ISLNK(sb.st_mode)) {
103 if (sb.st_nlink != 1) {
108 if (fstat(
Fileno(fd), &sb2) == 0) {
109 if (sb2.st_ino != sb.st_ino || sb2.st_dev != sb.st_dev) {
122 tempfn =
_free(tempfn);
129 tempfn =
_free(tempfn);
133 if (fd != NULL) (void)
Fclose(fd);
150 const char * passPhrase)
156 char * sigfile = (
char *)
alloca(strlen(file)+
sizeof(
".sig"));
166 const char * pw = NULL;
171 addMacro(NULL,
"__plaintext_filename", NULL, file, -1);
172 addMacro(NULL,
"__signature_filename", NULL, sigfile, -1);
174 inpipe[0] = inpipe[1] = 0;
175 if (pipe(inpipe) < 0) {
180 if (!(pid = fork())) {
181 const char *gpg_path =
rpmExpand(
"%{?_gpg_path}", NULL);
183 (void) dup2(inpipe[0], 3);
184 (void) close(inpipe[1]);
186 if (gpg_path && *gpg_path !=
'\0')
187 (void)
setenv(
"GNUPGHOME", gpg_path, 1);
190 cmd =
rpmExpand(
"%{?__gpg_sign_cmd}", NULL);
191 rc = poptParseArgvString(cmd, NULL, (
const char ***)&av);
193 rc = execve(av[0], av+1,
environ);
200 delMacro(NULL,
"__plaintext_filename");
201 delMacro(NULL,
"__signature_filename");
210 fpipe = fdopen(inpipe[1],
"w");
211 (void) close(inpipe[0]);
213 fprintf(fpipe,
"%s\n", (pw ? pw :
""));
214 (void) fclose(fpipe);
218 (void) memset((
void *)pw, 0, strlen(pw));
223 (void) waitpid(pid, &status, 0);
225 if (!WIFEXITED(status) || WEXITSTATUS(status)) {
230 if (
Stat(sigfile, &st)) {
232 if (sigfile) (void)
Unlink(sigfile);
244 fd =
Fopen(sigfile,
"r.ufdio");
245 if (fd != NULL && !
Ferror(fd)) {
246 rc = (int)
Fread(*pktp,
sizeof((*pktp)[0]), *pktlenp, fd);
247 if (sigfile) (void)
Unlink(sigfile);
251 *pktp =
_free(*pktp);
300 const char * passPhrase)
309 const char * fn = NULL;
327 {
const char * SHA1 = NULL;
328 fd =
Fopen(file,
"r.fdio");
329 if (fd == NULL ||
Ferror(fd))
331 {
const char item[] =
"Header";
341 (void)
Fclose(fd); fd = NULL;
344 unsigned char * hmagic = NULL;
357 if (hmagic && nmagic > 0)
379 fd =
Fopen(file,
"r.fdio");
380 if (fd == NULL ||
Ferror(fd))
382 {
const char item[] =
"Header";
392 (void)
Fclose(fd); fd = NULL;
396 {
const char item[] =
"Header";
406 (void)
Fclose(fd); fd = NULL;
428 if (fd != NULL) (void)
Fclose(fd);
434 const char * passPhrase)
448 if (
Stat(file, &st) != 0)
498 if (!(passPhrase && passPhrase[0]))
504 if (!(pid = fork())) {
509 xx = close(STDIN_FILENO);
510 xx = close(STDOUT_FILENO);
513 xx = close(STDERR_FILENO);
514 if ((fdno = open(
"/dev/null", O_RDONLY)) != STDIN_FILENO) {
515 xx = dup2(fdno, STDIN_FILENO);
518 if ((fdno = open(
"/dev/null", O_WRONLY)) != STDOUT_FILENO) {
519 xx = dup2(fdno, STDOUT_FILENO);
525 {
const char *gpg_path =
rpmExpand(
"%{?_gpg_path}", NULL);
527 if (gpg_path && *gpg_path !=
'\0')
528 (void)
setenv(
"GNUPGHOME", gpg_path, 1);
530 cmd =
rpmExpand(
"%{?__gpg_check_password_cmd}", NULL);
531 rc = poptParseArgvString(cmd, NULL, (
const char ***)&av);
533 rc = execve(av[0], av+1,
environ);
548 xx = (int) write(p[1], pw, strlen(pw));
549 xx = (int) write(p[1],
"\n", 1);
553 (void) memset((
void *)pw, 0, strlen(pw));
558 (void) waitpid(pid, &status, 0);
561 return ((!WIFEXITED(status) || WEXITSTATUS(status)) ? 1 : 0);
588 t =
stpcpy(t,
_(
"Header+Payload size: "));
590 if (sig == NULL || dig == NULL || dig->nbytes == 0) {
596 memcpy(&size, sig,
sizeof(size));
601 sprintf(t,
" Expected(%u) != (%u)\n", (
unsigned)size, (
unsigned)dig->nbytes);
605 sprintf(t,
" (%u)", (
unsigned)dig->nbytes);
624 assert(md5ctx != NULL);
643 if (op != NULL) op->
count--;
646 if (md5len != siglen || memcmp(md5sum, sig, md5len)) {
649 t =
stpcpy(t,
" Expected(");
663 md5sum =
_free(md5sum);
684 const char * SHA1 = NULL;
687 assert(shactx != NULL);
710 || strlen(SHA1) != strlen((
char *)sig)
711 || strcmp(SHA1, (
char *)sig))
715 t =
stpcpy(t,
" Expected(");
716 t =
stpcpy(t, (
char *)sig);
753 fprintf(stderr,
"--> %s(%p,%p,%p) sig %p sigp %p\n", __FUNCTION__, dig, t, rsactx, sig, sigp);
756 assert(rsactx != NULL);
757 assert(sigp != NULL);
764 if (dig->hdrctx == rsactx)
769 switch (sigp->version) {
770 case 3: *t++ =
'3';
break;
771 case 4: *t++ =
'4';
break;
777 if (strcmp(hashname,
"UNKNOWN")) {
782 t =
stpcpy(t,
_(
" signature: "));
788 if (sigp->hash != NULL)
793 trailer[0] = sigp->version;
795 trailer[2] = (sigp->hashlen >> 24);
796 trailer[3] = (sigp->hashlen >> 16);
797 trailer[4] = (sigp->hashlen >> 8);
798 trailer[5] = (sigp->hashlen );
802 if (op != NULL) op->
count--;
827 t =
stpcpy(t,
", key ID ");
828 (void)
pgpHexCvt(t, sigp->signid+4,
sizeof(sigp->signid)-4);
855 fprintf(stderr,
"--> %s(%p,%p,%p) sig %p sigp %p\n", __FUNCTION__, dig, t, dsactx, sig, sigp);
858 assert(dsactx != NULL);
859 assert(sigp != NULL);
866 if (dig != NULL && dig->hdrsha1ctx == dsactx)
871 switch (sigp->version) {
872 case 3: *t++ =
'3';
break;
873 case 4: *t++ =
'4';
break;
879 if (strcmp(hashname,
"UNKNOWN") && strcmp(hashname,
"SHA1")) {
884 t =
stpcpy(t,
_(
" signature: "));
890 if (sigp->hash != NULL)
895 trailer[0] = sigp->version;
897 trailer[2] = (sigp->hashlen >> 24);
898 trailer[3] = (sigp->hashlen >> 16);
899 trailer[4] = (sigp->hashlen >> 8);
900 trailer[5] = (sigp->hashlen );
904 if (op != NULL) op->
count--;
929 t =
stpcpy(t,
", key ID ");
930 (void)
pgpHexCvt(t, sigp->signid+4,
sizeof(sigp->signid)-4);
935 fprintf(stderr,
"<-- %s(%p,%p,%p) res %d %s\n", __FUNCTION__, dig, t, dsactx, res, t);
950 fprintf(stderr,
"--> %s(%p,%p) sig %p[%u]\n", __FUNCTION__, _dig, result, sig, siglen);
952 if (dig == NULL || sig == NULL || siglen == 0) {
953 sprintf(result,
_(
"Verify signature: BAD PARAMETERS\n"));
963 res =
verifyMD5(dig, result, dig->md5ctx);
966 res =
verifySHA1(dig, result, dig->hdrsha1ctx);
969 res =
verifyRSA(dig, result, dig->hdrctx);
972 res =
verifyDSA(dig, result, dig->hdrsha1ctx);
975 sprintf(result,
_(
"Signature: UNKNOWN (%u)\n"), (
unsigned)sigtag);
982 fprintf(stderr,
"<-- %s(%p,%p) res %d %s\n", __FUNCTION__, _dig, result, res, result);