<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><head><meta http-equiv="Content-Type" content="text/html;charset=iso-8859-1"> <title>rpm: lib/signature.c Source File</title> <link href="doxygen.css" rel="stylesheet" type="text/css"> <link href="tabs.css" rel="stylesheet" type="text/css"> </head><body> <!-- Generated by Doxygen 1.4.7 --> <div class="tabs"> <ul> <li><a href="index.html"><span>Main Page</span></a></li> <li><a href="modules.html"><span>Modules</span></a></li> <li><a href="annotated.html"><span>Data Structures</span></a></li> <li id="current"><a href="files.html"><span>Files</span></a></li> <li><a href="pages.html"><span>Related Pages</span></a></li> </ul></div> <div class="tabs"> <ul> <li><a href="files.html"><span>File List</span></a></li> <li><a href="globals.html"><span>Globals</span></a></li> </ul></div> <h1>lib/signature.c</h1><a href="signature_8c.html">Go to the documentation of this file.</a><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <a name="l00005"></a>00005 <span class="preprocessor">#include "<a class="code" href="system_8h.html">system.h</a>"</span> <a name="l00006"></a>00006 <a name="l00007"></a>00007 <span class="preprocessor">#include "<a class="code" href="rpmio__internal_8h.html">rpmio_internal.h</a>"</span> <a name="l00008"></a>00008 <span class="preprocessor">#include <<a class="code" href="rpmlib_8h.html">rpmlib.h</a>></span> <a name="l00009"></a>00009 <span class="preprocessor">#include <<a class="code" href="rpmmacro_8h.html">rpmmacro.h</a>></span> <span class="comment">/* XXX for rpmGetPath() */</span> <a name="l00010"></a>00010 <span class="preprocessor">#include "<a class="code" href="rpmdb_8h.html">rpmdb.h</a>"</span> <a name="l00011"></a>00011 <a name="l00012"></a>00012 <span class="preprocessor">#include "<a class="code" href="rpmts_8h.html">rpmts.h</a>"</span> <a name="l00013"></a>00013 <a name="l00014"></a>00014 <span class="preprocessor">#include "<a class="code" href="misc_8h.html">misc.h</a>"</span> <span class="comment">/* XXX for dosetenv() and makeTempFile() */</span> <a name="l00015"></a>00015 <span class="preprocessor">#include "<a class="code" href="legacy_8h.html">legacy.h</a>"</span> <span class="comment">/* XXX for mdbinfile() */</span> <a name="l00016"></a>00016 <span class="preprocessor">#include "<a class="code" href="rpmlead_8h.html">rpmlead.h</a>"</span> <a name="l00017"></a>00017 <span class="preprocessor">#include "<a class="code" href="signature_8h.html">signature.h</a>"</span> <a name="l00018"></a>00018 <span class="preprocessor">#include "<a class="code" href="header__internal_8h.html">header_internal.h</a>"</span> <a name="l00019"></a>00019 <span class="preprocessor">#include "<a class="code" href="debug_8h.html">debug.h</a>"</span> <a name="l00020"></a>00020 <a name="l00021"></a>00021 <span class="comment">/*@access FD_t@*/</span> <span class="comment">/* XXX ufdio->read arg1 is void ptr */</span> <a name="l00022"></a>00022 <span class="comment">/*@access Header@*/</span> <span class="comment">/* XXX compared with NULL */</span> <a name="l00023"></a>00023 <span class="comment">/*@access entryInfo @*/</span> <span class="comment">/* XXX rpmReadSignature */</span> <a name="l00024"></a>00024 <span class="comment">/*@access indexEntry @*/</span> <span class="comment">/* XXX rpmReadSignature */</span> <a name="l00025"></a>00025 <span class="comment">/*@access DIGEST_CTX@*/</span> <span class="comment">/* XXX compared with NULL */</span> <a name="l00026"></a>00026 <span class="comment">/*@access pgpDig@*/</span> <a name="l00027"></a>00027 <span class="comment">/*@access pgpDigParams@*/</span> <a name="l00028"></a>00028 <a name="l00029"></a>00029 <span class="preprocessor">#if !defined(__GLIBC__) && !defined(__APPLE__)</span> <a name="l00030"></a><a class="code" href="signature_8c.html#a006daaf11f1e2e45a6ababaf463212b">00030</a> <span class="preprocessor"></span><span class="keywordtype">char</span> ** <a class="code" href="signature_8c.html#a006daaf11f1e2e45a6ababaf463212b">environ</a> = NULL; <a name="l00031"></a>00031 <span class="preprocessor">#endif</span> <a name="l00032"></a>00032 <span class="preprocessor"></span> <a name="l00033"></a><a class="code" href="group__signature.html#ga229e3e1d9c9d9846be8f72792e6d33e">00033</a> <span class="keywordtype">int</span> <a class="code" href="group__signature.html#ga229e3e1d9c9d9846be8f72792e6d33e">rpmLookupSignatureType</a>(<span class="keywordtype">int</span> action) <a name="l00034"></a>00034 { <a name="l00035"></a>00035 <span class="comment">/*@unchecked@*/</span> <a name="l00036"></a>00036 <span class="keyword">static</span> <span class="keywordtype">int</span> disabled = 0; <a name="l00037"></a>00037 <span class="keywordtype">int</span> rc = 0; <a name="l00038"></a>00038 <a name="l00039"></a>00039 <span class="keywordflow">switch</span> (action) { <a name="l00040"></a>00040 <span class="keywordflow">case</span> <a class="code" href="signature_8h.html#b2629634cf73902bec41330d7e3a3787">RPMLOOKUPSIG_DISABLE</a>: <a name="l00041"></a>00041 disabled = -2; <a name="l00042"></a>00042 <span class="keywordflow">break</span>; <a name="l00043"></a>00043 <span class="keywordflow">case</span> <a class="code" href="signature_8h.html#0a37c7ae3b61f655f84b3eeba98ad74a">RPMLOOKUPSIG_ENABLE</a>: <a name="l00044"></a>00044 disabled = 0; <a name="l00045"></a>00045 <span class="comment">/*@fallthrough@*/</span> <a name="l00046"></a>00046 <span class="keywordflow">case</span> <a class="code" href="signature_8h.html#464e8c2d7f4e7824e7d0b6b32cabe0d1">RPMLOOKUPSIG_QUERY</a>: <a name="l00047"></a>00047 <span class="keywordflow">if</span> (disabled) <a name="l00048"></a>00048 <span class="keywordflow">break</span>; <span class="comment">/* Disabled */</span> <a name="l00049"></a>00049 <span class="comment">/*@-boundsread@*/</span> <a name="l00050"></a>00050 { <span class="keyword">const</span> <span class="keywordtype">char</span> *<a class="code" href="structname.html">name</a> = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?_signature}"</span>, NULL); <a name="l00051"></a>00051 <span class="keywordflow">if</span> (!(name && *name != <span class="charliteral">'\0'</span>)) <a name="l00052"></a>00052 rc = 0; <a name="l00053"></a>00053 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (!<a class="code" href="group__rpmio.html#g4fea5364a1f4e49bc7f023a708f22c19">xstrcasecmp</a>(name, <span class="stringliteral">"none"</span>)) <a name="l00054"></a>00054 rc = 0; <a name="l00055"></a>00055 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (!<a class="code" href="group__rpmio.html#g4fea5364a1f4e49bc7f023a708f22c19">xstrcasecmp</a>(name, <span class="stringliteral">"pgp"</span>)) <a name="l00056"></a>00056 rc = <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a>; <a name="l00057"></a>00057 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (!<a class="code" href="group__rpmio.html#g4fea5364a1f4e49bc7f023a708f22c19">xstrcasecmp</a>(name, <span class="stringliteral">"pgp5"</span>)) <span class="comment">/* XXX legacy */</span> <a name="l00058"></a>00058 rc = <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a>; <a name="l00059"></a>00059 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (!<a class="code" href="group__rpmio.html#g4fea5364a1f4e49bc7f023a708f22c19">xstrcasecmp</a>(name, <span class="stringliteral">"gpg"</span>)) <a name="l00060"></a>00060 rc = <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590ed5d0c19de281d46d38e0210dc9faa7">RPMSIGTAG_GPG</a>; <a name="l00061"></a>00061 <span class="keywordflow">else</span> <a name="l00062"></a>00062 rc = -1; <span class="comment">/* Invalid %_signature spec in macro file */</span> <a name="l00063"></a>00063 name = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(name); <a name="l00064"></a>00064 } <span class="keywordflow">break</span>; <a name="l00065"></a>00065 <span class="comment">/*@=boundsread@*/</span> <a name="l00066"></a>00066 } <a name="l00067"></a>00067 <span class="keywordflow">return</span> rc; <a name="l00068"></a>00068 } <a name="l00069"></a>00069 <a name="l00070"></a>00070 <span class="comment">/* rpmDetectPGPVersion() returns the absolute path to the "pgp" */</span> <a name="l00071"></a>00071 <span class="comment">/* executable of the requested version, or NULL when none found. */</span> <a name="l00072"></a>00072 <a name="l00073"></a><a class="code" href="group__signature.html#gfb3f904eeef3bf7f947114df3dfda939">00073</a> <span class="keyword">const</span> <span class="keywordtype">char</span> * <a class="code" href="group__signature.html#gfb3f904eeef3bf7f947114df3dfda939">rpmDetectPGPVersion</a>(<a class="code" href="group__signature.html#ge1789e90ac0546a99a17e2c63567798c">pgpVersion</a> * pgpVer) <a name="l00074"></a>00074 { <a name="l00075"></a>00075 <span class="comment">/* Actually this should support having more then one pgp version. */</span> <a name="l00076"></a>00076 <span class="comment">/* At the moment only one version is possible since we only */</span> <a name="l00077"></a>00077 <span class="comment">/* have one %_pgpbin and one %_pgp_path. */</span> <a name="l00078"></a>00078 <a name="l00079"></a>00079 <span class="keyword">static</span> <a class="code" href="group__signature.html#ge1789e90ac0546a99a17e2c63567798c">pgpVersion</a> saved_pgp_version = <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf95ab5d2b5e12a46791008961354900524d">PGP_UNKNOWN</a>; <a name="l00080"></a>00080 <span class="keyword">const</span> <span class="keywordtype">char</span> *pgpbin = <a class="code" href="macro_8c.html#5167ad7785835f120734aad8ea938cd9">rpmGetPath</a>(<span class="stringliteral">"%{?_pgpbin}"</span>, NULL); <a name="l00081"></a>00081 <a name="l00082"></a>00082 <span class="keywordflow">if</span> (saved_pgp_version == <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf95ab5d2b5e12a46791008961354900524d">PGP_UNKNOWN</a>) { <a name="l00083"></a>00083 <span class="keywordtype">char</span> *pgpvbin; <a name="l00084"></a>00084 <span class="keyword">struct </span>stat st; <a name="l00085"></a>00085 <a name="l00086"></a>00086 <span class="comment">/*@-boundsread@*/</span> <a name="l00087"></a>00087 <span class="keywordflow">if</span> (!(pgpbin && pgpbin[0] != <span class="charliteral">'\0'</span>)) { <a name="l00088"></a>00088 pgpbin = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(pgpbin); <a name="l00089"></a>00089 saved_pgp_version = -1; <a name="l00090"></a>00090 <span class="keywordflow">return</span> NULL; <a name="l00091"></a>00091 } <a name="l00092"></a>00092 <span class="comment">/*@=boundsread@*/</span> <a name="l00093"></a>00093 <span class="comment">/*@-boundswrite@*/</span> <a name="l00094"></a>00094 pgpvbin = (<span class="keywordtype">char</span> *)<a class="code" href="system_8h.html#eb1df3e83fb069eaa2eb66ace3a0ea52">alloca</a>(strlen(pgpbin) + <span class="keyword">sizeof</span>(<span class="stringliteral">"v"</span>)); <a name="l00095"></a>00095 (void)<a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(<a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(pgpvbin, pgpbin), <span class="stringliteral">"v"</span>); <a name="l00096"></a>00096 <span class="comment">/*@=boundswrite@*/</span> <a name="l00097"></a>00097 <a name="l00098"></a>00098 <span class="keywordflow">if</span> (stat(pgpvbin, &st) == 0) <a name="l00099"></a>00099 saved_pgp_version = <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf95fd31bb850e17d4ea70203167a75ac5b4">PGP_5</a>; <a name="l00100"></a>00100 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (stat(pgpbin, &st) == 0) <a name="l00101"></a>00101 saved_pgp_version = <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf9541f784d0a4dd74e20fa71788f20a0638">PGP_2</a>; <a name="l00102"></a>00102 <span class="keywordflow">else</span> <a name="l00103"></a>00103 saved_pgp_version = <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf952606afd97b623ff43251e020fedd0ed2">PGP_NOTDETECTED</a>; <a name="l00104"></a>00104 } <a name="l00105"></a>00105 <a name="l00106"></a>00106 <span class="comment">/*@-boundswrite@*/</span> <a name="l00107"></a>00107 <span class="keywordflow">if</span> (pgpVer && pgpbin) <a name="l00108"></a>00108 *pgpVer = saved_pgp_version; <a name="l00109"></a>00109 <span class="comment">/*@=boundswrite@*/</span> <a name="l00110"></a>00110 <span class="keywordflow">return</span> pgpbin; <a name="l00111"></a>00111 } <a name="l00112"></a>00112 <a name="l00122"></a><a class="code" href="signature_8c.html#388ccc323ec5bc5ced2f60a1faa4d9b3">00122</a> <span class="keyword">static</span> <span class="keyword">inline</span> <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> <a class="code" href="signature_8c.html#388ccc323ec5bc5ced2f60a1faa4d9b3">printSize</a>(<a class="code" href="struct__FD__s.html">FD_t</a> fd, <span class="keywordtype">int</span> siglen, <span class="keywordtype">int</span> pad, <span class="keywordtype">int</span> datalen) <a name="l00123"></a>00123 <span class="comment">/*@globals fileSystem @*/</span> <a name="l00124"></a>00124 <span class="comment">/*@modifies fileSystem @*/</span> <a name="l00125"></a>00125 { <a name="l00126"></a>00126 <span class="keyword">struct </span>stat st; <a name="l00127"></a>00127 <span class="keywordtype">int</span> fdno = <a class="code" href="rpmio_8c.html#ca02cbbacaad7e321e419900030f4fbf">Fileno</a>(fd); <a name="l00128"></a>00128 <a name="l00129"></a>00129 <span class="comment">/* HACK: workaround for davRead wiring. */</span> <a name="l00130"></a>00130 <span class="keywordflow">if</span> (fdno == 123456789) { <a name="l00131"></a>00131 st.st_size = 0; <a name="l00132"></a>00132 <span class="comment">/*@-sizeoftype@*/</span> <a name="l00133"></a>00133 st.st_size -= <span class="keyword">sizeof</span>(<span class="keyword">struct </span><a class="code" href="structrpmlead.html">rpmlead</a>)+siglen+pad+datalen; <a name="l00134"></a>00134 <span class="comment">/*@=sizeoftype@*/</span> <a name="l00135"></a>00135 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (fstat(fdno, &st) < 0) <a name="l00136"></a>00136 <span class="keywordflow">return</span> <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <a name="l00137"></a>00137 <a name="l00138"></a>00138 <span class="comment">/*@-sizeoftype@*/</span> <a name="l00139"></a>00139 <a class="code" href="rpmmessages_8h.html#19d1274092486c2d1397c86f23283e32">rpmMessage</a>(<a class="code" href="rpmmessages_8h.html#3f97e894ffb886d576fbf4cec2f41298">RPMMESS_DEBUG</a>, <a name="l00140"></a>00140 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Expected size: %12d = lead(%d)+sigs(%d)+pad(%d)+data(%d)\n"</span>), <a name="l00141"></a>00141 (<span class="keywordtype">int</span>)<span class="keyword">sizeof</span>(<span class="keyword">struct</span> <a class="code" href="structrpmlead.html">rpmlead</a>)+siglen+pad+datalen, <a name="l00142"></a>00142 (<span class="keywordtype">int</span>)<span class="keyword">sizeof</span>(<span class="keyword">struct</span> rpmlead), siglen, pad, datalen); <a name="l00143"></a>00143 <span class="comment">/*@=sizeoftype@*/</span> <a name="l00144"></a>00144 <a class="code" href="rpmmessages_8h.html#19d1274092486c2d1397c86f23283e32">rpmMessage</a>(<a class="code" href="rpmmessages_8h.html#3f97e894ffb886d576fbf4cec2f41298">RPMMESS_DEBUG</a>, <a name="l00145"></a>00145 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">" Actual size: %12d\n"</span>), (<span class="keywordtype">int</span>)st.st_size); <a name="l00146"></a>00146 <a name="l00147"></a>00147 <span class="keywordflow">return</span> <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>; <a name="l00148"></a>00148 } <a name="l00149"></a>00149 <a name="l00150"></a>00150 <span class="comment">/*@unchecked@*/</span> <a name="l00151"></a><a class="code" href="signature_8c.html#68915b3bb540c3571a315f399cf2d981">00151</a> <span class="keyword">static</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> <a class="code" href="package_8c.html#68915b3bb540c3571a315f399cf2d981">header_magic</a>[8] = { <a name="l00152"></a>00152 0x8e, 0xad, 0xe8, 0x01, 0x00, 0x00, 0x00, 0x00 <a name="l00153"></a>00153 }; <a name="l00154"></a>00154 <a name="l00155"></a><a class="code" href="group__signature.html#ga624a140cf244d9c933a15690c192ae6">00155</a> <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> <a class="code" href="group__signature.html#ga624a140cf244d9c933a15690c192ae6">rpmReadSignature</a>(<a class="code" href="struct__FD__s.html">FD_t</a> fd, <a class="code" href="structheaderToken__s.html">Header</a> * sighp, <a class="code" href="group__signature.html#g76f741a06ca02aa698c8d84c2f5ceec0">sigType</a> sig_type, <a name="l00156"></a>00156 <span class="keyword">const</span> <span class="keywordtype">char</span> ** msg) <a name="l00157"></a>00157 { <a name="l00158"></a>00158 <span class="keywordtype">char</span> buf[BUFSIZ]; <a name="l00159"></a>00159 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> <a class="code" href="lparser_8c.html#235428bed4c6be6cb6d2760cd0fa9d34">block</a>[4]; <a name="l00160"></a>00160 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> il; <a name="l00161"></a>00161 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> dl; <a name="l00162"></a>00162 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> * ei = NULL; <a name="l00163"></a>00163 <a class="code" href="structentryInfo__s.html">entryInfo</a> pe; <a name="l00164"></a>00164 size_t nb; <a name="l00165"></a>00165 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> ril = 0; <a name="l00166"></a>00166 <a class="code" href="structindexEntry__s.html">indexEntry</a> entry = memset(<a class="code" href="system_8h.html#eb1df3e83fb069eaa2eb66ace3a0ea52">alloca</a>(<span class="keyword">sizeof</span>(*entry)), 0, <span class="keyword">sizeof</span>(*entry)); <a name="l00167"></a>00167 <a class="code" href="structentryInfo__s.html">entryInfo</a> info = memset(<a class="code" href="system_8h.html#eb1df3e83fb069eaa2eb66ace3a0ea52">alloca</a>(<span class="keyword">sizeof</span>(*info)), 0, <span class="keyword">sizeof</span>(*info)); <a name="l00168"></a>00168 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> * dataStart; <a name="l00169"></a>00169 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> * dataEnd = NULL; <a name="l00170"></a>00170 <a class="code" href="structheaderToken__s.html">Header</a> sigh = NULL; <a name="l00171"></a>00171 <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> rc = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <span class="comment">/* assume failure */</span> <a name="l00172"></a>00172 <span class="keywordtype">int</span> xx; <a name="l00173"></a>00173 <span class="keywordtype">int</span> i; <a name="l00174"></a>00174 <a name="l00175"></a>00175 <span class="comment">/*@-boundswrite@*/</span> <a name="l00176"></a>00176 <span class="keywordflow">if</span> (sighp) <a name="l00177"></a>00177 *sighp = NULL; <a name="l00178"></a>00178 <a name="l00179"></a>00179 buf[0] = <span class="charliteral">'\0'</span>; <a name="l00180"></a>00180 <span class="comment">/*@=boundswrite@*/</span> <a name="l00181"></a>00181 <a name="l00182"></a>00182 <span class="keywordflow">if</span> (sig_type != <a class="code" href="group__signature.html#gg79af55ea6949058cea8ac4e967a4eb4318db96ffe5c787a97b239ca7dfc66ba8">RPMSIGTYPE_HEADERSIG</a>) <a name="l00183"></a>00183 <span class="keywordflow">goto</span> exit; <a name="l00184"></a>00184 <a name="l00185"></a>00185 memset(block, 0, <span class="keyword">sizeof</span>(block)); <a name="l00186"></a>00186 <span class="keywordflow">if</span> ((xx = <a class="code" href="rpmio_8h.html#d16ce8d9b736be2ff4242f9af09ce5e1">timedRead</a>(fd, (<span class="keywordtype">char</span> *)block, <span class="keyword">sizeof</span>(block))) != <span class="keyword">sizeof</span>(block)) { <a name="l00187"></a>00187 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00188"></a>00188 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"sigh size(%d): BAD, read returned %d\n"</span>), (<span class="keywordtype">int</span>)<span class="keyword">sizeof</span>(block), xx); <a name="l00189"></a>00189 <span class="keywordflow">goto</span> exit; <a name="l00190"></a>00190 } <a name="l00191"></a>00191 <span class="keywordflow">if</span> (memcmp(block, <a class="code" href="package_8c.html#68915b3bb540c3571a315f399cf2d981">header_magic</a>, <span class="keyword">sizeof</span>(<a class="code" href="package_8c.html#68915b3bb540c3571a315f399cf2d981">header_magic</a>))) { <a name="l00192"></a>00192 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00193"></a>00193 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"sigh magic: BAD\n"</span>)); <a name="l00194"></a>00194 <span class="keywordflow">goto</span> exit; <a name="l00195"></a>00195 } <a name="l00196"></a>00196 <span class="comment">/*@-boundsread@*/</span> <a name="l00197"></a>00197 il = ntohl(block[2]); <a name="l00198"></a>00198 <span class="comment">/*@=boundsread@*/</span> <a name="l00199"></a>00199 <span class="keywordflow">if</span> (il < 0 || il > 32) { <a name="l00200"></a>00200 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00201"></a>00201 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"sigh tags: BAD, no. of tags(%d) out of range\n"</span>), il); <a name="l00202"></a>00202 <span class="keywordflow">goto</span> exit; <a name="l00203"></a>00203 } <a name="l00204"></a>00204 <span class="comment">/*@-boundsread@*/</span> <a name="l00205"></a>00205 dl = ntohl(block[3]); <a name="l00206"></a>00206 <span class="comment">/*@=boundsread@*/</span> <a name="l00207"></a>00207 <span class="keywordflow">if</span> (dl < 0 || dl > 8192) { <a name="l00208"></a>00208 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00209"></a>00209 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"sigh data: BAD, no. of bytes(%d) out of range\n"</span>), dl); <a name="l00210"></a>00210 <span class="keywordflow">goto</span> exit; <a name="l00211"></a>00211 } <a name="l00212"></a>00212 <a name="l00213"></a>00213 <span class="comment">/*@-sizeoftype@*/</span> <a name="l00214"></a>00214 nb = (il * <span class="keyword">sizeof</span>(<span class="keyword">struct </span><a class="code" href="structentryInfo__s.html">entryInfo_s</a>)) + dl; <a name="l00215"></a>00215 <span class="comment">/*@=sizeoftype@*/</span> <a name="l00216"></a>00216 ei = <a class="code" href="system_8h.html#42ccfa6fc49cc4ce90cc44cd05052490">xmalloc</a>(<span class="keyword">sizeof</span>(il) + <span class="keyword">sizeof</span>(dl) + nb); <a name="l00217"></a>00217 <span class="comment">/*@-bounds@*/</span> <a name="l00218"></a>00218 ei[0] = block[2]; <a name="l00219"></a>00219 ei[1] = block[3]; <a name="l00220"></a>00220 pe = (<a class="code" href="structentryInfo__s.html">entryInfo</a>) &ei[2]; <a name="l00221"></a>00221 <span class="comment">/*@=bounds@*/</span> <a name="l00222"></a>00222 dataStart = (<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *) (pe + il); <a name="l00223"></a>00223 <span class="keywordflow">if</span> ((xx = <a class="code" href="rpmio_8h.html#d16ce8d9b736be2ff4242f9af09ce5e1">timedRead</a>(fd, (<span class="keywordtype">char</span> *)pe, nb)) != nb) { <a name="l00224"></a>00224 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00225"></a>00225 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"sigh blob(%d): BAD, read returned %d\n"</span>), (<span class="keywordtype">int</span>)nb, xx); <a name="l00226"></a>00226 <span class="keywordflow">goto</span> exit; <a name="l00227"></a>00227 } <a name="l00228"></a>00228 <a name="l00229"></a>00229 <span class="comment">/* Check (and convert) the 1st tag element. */</span> <a name="l00230"></a>00230 xx = <a class="code" href="package_8c.html#f77927dd7aafa1bb3d1d878890387f0f">headerVerifyInfo</a>(1, dl, pe, &entry->info, 0); <a name="l00231"></a>00231 <span class="keywordflow">if</span> (xx != -1) { <a name="l00232"></a>00232 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00233"></a>00233 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"tag[%d]: BAD, tag %d type %d offset %d count %d\n"</span>), <a name="l00234"></a>00234 0, entry->info.tag, entry->info.type, <a name="l00235"></a>00235 entry->info.offset, entry->info.count); <a name="l00236"></a>00236 <span class="keywordflow">goto</span> exit; <a name="l00237"></a>00237 } <a name="l00238"></a>00238 <a name="l00239"></a>00239 <span class="comment">/* Is there an immutable header region tag? */</span> <a name="l00240"></a>00240 <span class="keywordflow">if</span> (entry->info.tag == <a class="code" href="rpmlib_8h.html#342756dddb61d125ae851a8b1ab0507b74c03e02289fb0348a35ff24e333e331">RPMTAG_HEADERSIGNATURES</a>) { <a name="l00241"></a>00241 <span class="comment">/* Is the region tag sane? */</span> <a name="l00242"></a>00242 <span class="keywordflow">if</span> (!(entry->info.type == <a class="code" href="header__internal_8h.html#2f29c73f51bcd80237c25ed546ce04d7">REGION_TAG_TYPE</a> && <a name="l00243"></a>00243 entry->info.count == <a class="code" href="header__internal_8h.html#2e4ed59c8b0861acf95fc4ccc353b6ea">REGION_TAG_COUNT</a>)) { <a name="l00244"></a>00244 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00245"></a>00245 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"region tag: BAD, tag %d type %d offset %d count %d\n"</span>), <a name="l00246"></a>00246 entry->info.tag, entry->info.type, <a name="l00247"></a>00247 entry->info.offset, entry->info.count); <a name="l00248"></a>00248 <span class="keywordflow">goto</span> exit; <a name="l00249"></a>00249 } <a name="l00250"></a>00250 <a name="l00251"></a>00251 <span class="keywordflow">if</span> (entry->info.offset + <a class="code" href="header__internal_8h.html#2e4ed59c8b0861acf95fc4ccc353b6ea">REGION_TAG_COUNT</a> > dl) { <a name="l00252"></a>00252 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00253"></a>00253 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"region offset: BAD, tag %d type %d offset %d count %d\n"</span>), <a name="l00254"></a>00254 entry->info.tag, entry->info.type, <a name="l00255"></a>00255 entry->info.offset, entry->info.count); <a name="l00256"></a>00256 <span class="keywordflow">goto</span> exit; <a name="l00257"></a>00257 } <a name="l00258"></a>00258 <a name="l00259"></a>00259 <span class="comment">/* Is there an immutable header region tag trailer? */</span> <a name="l00260"></a>00260 dataEnd = dataStart + entry->info.offset; <a name="l00261"></a>00261 <span class="comment">/*@-sizeoftype@*/</span> <a name="l00262"></a>00262 <span class="comment">/*@-bounds@*/</span> <a name="l00263"></a>00263 (void) memcpy(info, dataEnd, <a class="code" href="header__internal_8h.html#2e4ed59c8b0861acf95fc4ccc353b6ea">REGION_TAG_COUNT</a>); <a name="l00264"></a>00264 <span class="comment">/* XXX Really old packages have HEADER_IMAGE, not HEADER_SIGNATURES. */</span> <a name="l00265"></a>00265 <span class="keywordflow">if</span> (info->tag == htonl(<a class="code" href="rpmlib_8h.html#342756dddb61d125ae851a8b1ab0507b6357cd75999a2729d1dbfec1798d4645">RPMTAG_HEADERIMAGE</a>)) { <a name="l00266"></a>00266 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> stag = htonl(<a class="code" href="rpmlib_8h.html#342756dddb61d125ae851a8b1ab0507b74c03e02289fb0348a35ff24e333e331">RPMTAG_HEADERSIGNATURES</a>); <a name="l00267"></a>00267 info->tag = stag; <a name="l00268"></a>00268 memcpy(dataEnd, &stag, <span class="keyword">sizeof</span>(stag)); <a name="l00269"></a>00269 } <a name="l00270"></a>00270 <span class="comment">/*@=bounds@*/</span> <a name="l00271"></a>00271 dataEnd += <a class="code" href="header__internal_8h.html#2e4ed59c8b0861acf95fc4ccc353b6ea">REGION_TAG_COUNT</a>; <a name="l00272"></a>00272 <a name="l00273"></a>00273 xx = <a class="code" href="package_8c.html#f77927dd7aafa1bb3d1d878890387f0f">headerVerifyInfo</a>(1, il * <span class="keyword">sizeof</span>(*pe), info, &entry->info, 1); <a name="l00274"></a>00274 <span class="keywordflow">if</span> (xx != -1 || <a name="l00275"></a>00275 !((entry->info.tag == <a class="code" href="rpmlib_8h.html#342756dddb61d125ae851a8b1ab0507b74c03e02289fb0348a35ff24e333e331">RPMTAG_HEADERSIGNATURES</a> || entry->info.tag == <a class="code" href="rpmlib_8h.html#342756dddb61d125ae851a8b1ab0507b6357cd75999a2729d1dbfec1798d4645">RPMTAG_HEADERIMAGE</a>) <a name="l00276"></a>00276 && entry->info.type == <a class="code" href="header__internal_8h.html#2f29c73f51bcd80237c25ed546ce04d7">REGION_TAG_TYPE</a> <a name="l00277"></a>00277 && entry->info.count == <a class="code" href="header__internal_8h.html#2e4ed59c8b0861acf95fc4ccc353b6ea">REGION_TAG_COUNT</a>)) <a name="l00278"></a>00278 { <a name="l00279"></a>00279 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00280"></a>00280 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"region trailer: BAD, tag %d type %d offset %d count %d\n"</span>), <a name="l00281"></a>00281 entry->info.tag, entry->info.type, <a name="l00282"></a>00282 entry->info.offset, entry->info.count); <a name="l00283"></a>00283 <span class="keywordflow">goto</span> exit; <a name="l00284"></a>00284 } <a name="l00285"></a>00285 <span class="comment">/*@=sizeoftype@*/</span> <a name="l00286"></a>00286 <span class="comment">/*@-boundswrite@*/</span> <a name="l00287"></a>00287 memset(info, 0, <span class="keyword">sizeof</span>(*info)); <a name="l00288"></a>00288 <span class="comment">/*@=boundswrite@*/</span> <a name="l00289"></a>00289 <a name="l00290"></a>00290 <span class="comment">/* Is the no. of tags in the region less than the total no. of tags? */</span> <a name="l00291"></a>00291 ril = entry->info.offset/<span class="keyword">sizeof</span>(*pe); <a name="l00292"></a>00292 <span class="keywordflow">if</span> ((entry->info.offset % <span class="keyword">sizeof</span>(*pe)) || ril > il) { <a name="l00293"></a>00293 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00294"></a>00294 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"region size: BAD, ril(%d) > il(%d)\n"</span>), ril, il); <a name="l00295"></a>00295 <span class="keywordflow">goto</span> exit; <a name="l00296"></a>00296 } <a name="l00297"></a>00297 } <a name="l00298"></a>00298 <a name="l00299"></a>00299 <span class="comment">/* Sanity check signature tags */</span> <a name="l00300"></a>00300 <span class="comment">/*@-boundswrite@*/</span> <a name="l00301"></a>00301 memset(info, 0, <span class="keyword">sizeof</span>(*info)); <a name="l00302"></a>00302 <span class="comment">/*@=boundswrite@*/</span> <a name="l00303"></a>00303 <span class="keywordflow">for</span> (i = 1; i < il; i++) { <a name="l00304"></a>00304 xx = <a class="code" href="package_8c.html#f77927dd7aafa1bb3d1d878890387f0f">headerVerifyInfo</a>(1, dl, pe+i, &entry->info, 0); <a name="l00305"></a>00305 if (xx != -1) { <a name="l00306"></a>00306 (<span class="keywordtype">void</span>) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00307"></a>00307 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"sigh tag[%d]: BAD, tag %d type %d offset %d count %d\n"</span>), <a name="l00308"></a>00308 i, entry->info.tag, entry->info.type, <a name="l00309"></a>00309 entry->info.offset, entry->info.count); <a name="l00310"></a>00310 <span class="keywordflow">goto</span> exit; <a name="l00311"></a>00311 } <a name="l00312"></a>00312 } <a name="l00313"></a>00313 <a name="l00314"></a>00314 <span class="comment">/* OK, blob looks sane, load the header. */</span> <a name="l00315"></a>00315 sigh = <a class="code" href="group__header.html#gaf0461058a81883b67c5e075ebbdc77a">headerLoad</a>(ei); <a name="l00316"></a>00316 <span class="keywordflow">if</span> (sigh == NULL) { <a name="l00317"></a>00317 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"sigh load: BAD\n"</span>)); <a name="l00318"></a>00318 <span class="keywordflow">goto</span> exit; <a name="l00319"></a>00319 } <a name="l00320"></a>00320 sigh-><a class="code" href="structheaderToken__s.html#a2468b6a6bf1c610d2363b919fd346bb">flags</a> |= <a class="code" href="header__internal_8h.html#e1df6afa643d76a8deaa26787a644d34">HEADERFLAG_ALLOCATED</a>; <a name="l00321"></a>00321 <a name="l00322"></a>00322 { <span class="keywordtype">int</span> sigSize = <a class="code" href="group__header.html#g578c7a5c57e16cc55451cb11960abd68">headerSizeof</a>(sigh, <a class="code" href="group__header.html#gg2572591faf5430cdf28aaf9f70d74fa4ebb6d0af72ae9d4c607e81796dafa472">HEADER_MAGIC_YES</a>); <a name="l00323"></a>00323 <span class="keywordtype">int</span> pad = (8 - (sigSize % 8)) % 8; <span class="comment">/* 8-byte pad */</span> <a name="l00324"></a>00324 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> * archSize = NULL; <a name="l00325"></a>00325 <a name="l00326"></a>00326 <span class="comment">/* Position at beginning of header. */</span> <a name="l00327"></a>00327 <span class="keywordflow">if</span> (pad && (xx = <a class="code" href="rpmio_8h.html#d16ce8d9b736be2ff4242f9af09ce5e1">timedRead</a>(fd, (<span class="keywordtype">char</span> *)block, pad)) != pad) { <a name="l00328"></a>00328 (<span class="keywordtype">void</span>) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00329"></a>00329 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"sigh pad(%d): BAD, read %d bytes\n"</span>), pad, xx); <a name="l00330"></a>00330 <span class="keywordflow">goto</span> exit; <a name="l00331"></a>00331 } <a name="l00332"></a>00332 <a name="l00333"></a>00333 <span class="comment">/* Print package component sizes. */</span> <a name="l00334"></a>00334 <span class="keywordflow">if</span> (<a class="code" href="group__header.html#g0b59789e021aa6ecab28e72a1f39d0a4">headerGetEntry</a>(sigh, <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade599ce79a6dc5f08f628da38c4f0ed8461f">RPMSIGTAG_SIZE</a>, NULL,(<span class="keywordtype">void</span> **)&archSize, NULL)) { <a name="l00335"></a>00335 rc = <a class="code" href="signature_8c.html#388ccc323ec5bc5ced2f60a1faa4d9b3">printSize</a>(fd, sigSize, pad, *archSize); <a name="l00336"></a>00336 <span class="keywordflow">if</span> (rc != <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>) <a name="l00337"></a>00337 (void) <a class="code" href="rpmps_8c.html#8eff177ddf89d8d85ac7c6b90a011480">snprintf</a>(buf, <span class="keyword">sizeof</span>(buf), <a name="l00338"></a>00338 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"sigh sigSize(%d): BAD, fstat(2) failed\n"</span>), sigSize); <a name="l00339"></a>00339 } <a name="l00340"></a>00340 } <a name="l00341"></a>00341 <a name="l00342"></a>00342 exit: <a name="l00343"></a>00343 <span class="comment">/*@-boundswrite@*/</span> <a name="l00344"></a>00344 <span class="keywordflow">if</span> (sighp && sigh && rc == <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>) <a name="l00345"></a>00345 *sighp = <a class="code" href="group__header.html#g4f07e8040ed3195e374a44919ffe97c2">headerLink</a>(sigh); <a name="l00346"></a>00346 sigh = <a class="code" href="group__header.html#g09a8fc9b59462af8d6fb08636feff7f9">headerFree</a>(sigh); <a name="l00347"></a>00347 <a name="l00348"></a>00348 <span class="keywordflow">if</span> (msg != NULL) { <a name="l00349"></a>00349 buf[<span class="keyword">sizeof</span>(buf)-1] = <span class="charliteral">'\0'</span>; <a name="l00350"></a>00350 *msg = <a class="code" href="system_8h.html#d6142d091f00b2d4543ce7a43e5d0eba">xstrdup</a>(buf); <a name="l00351"></a>00351 } <a name="l00352"></a>00352 <span class="comment">/*@=boundswrite@*/</span> <a name="l00353"></a>00353 <a name="l00354"></a>00354 <span class="keywordflow">return</span> rc; <a name="l00355"></a>00355 } <a name="l00356"></a>00356 <a name="l00357"></a><a class="code" href="group__signature.html#g29c4083297ecdc3ffc62fa25a84ed084">00357</a> <span class="keywordtype">int</span> <a class="code" href="group__signature.html#g29c4083297ecdc3ffc62fa25a84ed084">rpmWriteSignature</a>(<a class="code" href="struct__FD__s.html">FD_t</a> fd, <a class="code" href="structheaderToken__s.html">Header</a> sigh) <a name="l00358"></a>00358 { <a name="l00359"></a>00359 <span class="keyword">static</span> <a class="code" href="rpmpgp_8h.html#0c8186d9b9b7880309c27230bbb5e69d">byte</a> buf[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; <a name="l00360"></a>00360 <span class="keywordtype">int</span> sigSize, pad; <a name="l00361"></a>00361 <span class="keywordtype">int</span> rc; <a name="l00362"></a>00362 <a name="l00363"></a>00363 rc = <a class="code" href="group__header.html#gcaf6c39a6b399ce1586f8dce2012c9f6">headerWrite</a>(fd, sigh, <a class="code" href="group__header.html#gg2572591faf5430cdf28aaf9f70d74fa4ebb6d0af72ae9d4c607e81796dafa472">HEADER_MAGIC_YES</a>); <a name="l00364"></a>00364 <span class="keywordflow">if</span> (rc) <a name="l00365"></a>00365 <span class="keywordflow">return</span> rc; <a name="l00366"></a>00366 <a name="l00367"></a>00367 sigSize = <a class="code" href="group__header.html#g578c7a5c57e16cc55451cb11960abd68">headerSizeof</a>(sigh, <a class="code" href="group__header.html#gg2572591faf5430cdf28aaf9f70d74fa4ebb6d0af72ae9d4c607e81796dafa472">HEADER_MAGIC_YES</a>); <a name="l00368"></a>00368 pad = (8 - (sigSize % 8)) % 8; <a name="l00369"></a>00369 <span class="keywordflow">if</span> (pad) { <a name="l00370"></a>00370 <span class="comment">/*@-boundswrite@*/</span> <a name="l00371"></a>00371 <span class="keywordflow">if</span> (<a class="code" href="rpmio_8c.html#ce5d48cc70864787df48c3d233edb997">Fwrite</a>(buf, <span class="keyword">sizeof</span>(buf[0]), pad, fd) != pad) <a name="l00372"></a>00372 rc = 1; <a name="l00373"></a>00373 <span class="comment">/*@=boundswrite@*/</span> <a name="l00374"></a>00374 } <a name="l00375"></a>00375 <a class="code" href="rpmmessages_8h.html#19d1274092486c2d1397c86f23283e32">rpmMessage</a>(<a class="code" href="rpmmessages_8h.html#3f97e894ffb886d576fbf4cec2f41298">RPMMESS_DEBUG</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Signature: size(%d)+pad(%d)\n"</span>), sigSize, pad); <a name="l00376"></a>00376 <span class="keywordflow">return</span> rc; <a name="l00377"></a>00377 } <a name="l00378"></a>00378 <a name="l00379"></a><a class="code" href="group__signature.html#ged413fb092ff3a54957df00c4298f550">00379</a> <a class="code" href="structheaderToken__s.html">Header</a> <a class="code" href="group__signature.html#ged413fb092ff3a54957df00c4298f550">rpmNewSignature</a>(<span class="keywordtype">void</span>) <a name="l00380"></a>00380 { <a name="l00381"></a>00381 <a class="code" href="structheaderToken__s.html">Header</a> sigh = <a class="code" href="group__header.html#gfd961198e411c9c7bc60c86ac30344cf">headerNew</a>(); <a name="l00382"></a>00382 <span class="keywordflow">return</span> sigh; <a name="l00383"></a>00383 } <a name="l00384"></a>00384 <a name="l00385"></a><a class="code" href="group__signature.html#gfe211addadae046d1ae9b66fe80d6aa9">00385</a> <a class="code" href="structheaderToken__s.html">Header</a> <a class="code" href="group__signature.html#gfe211addadae046d1ae9b66fe80d6aa9">rpmFreeSignature</a>(<a class="code" href="structheaderToken__s.html">Header</a> sigh) <a name="l00386"></a>00386 { <a name="l00387"></a>00387 <span class="keywordflow">return</span> <a class="code" href="group__header.html#g09a8fc9b59462af8d6fb08636feff7f9">headerFree</a>(sigh); <a name="l00388"></a>00388 } <a name="l00389"></a>00389 <a name="l00399"></a><a class="code" href="signature_8c.html#dfd0eb7c70e478dea185d46427998caa">00399</a> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="signature_8c.html#dfd0eb7c70e478dea185d46427998caa">makePGPSignature</a>(<span class="keyword">const</span> <span class="keywordtype">char</span> * <a class="code" href="parseFiles_8c.html#f0baa3ccdd9d2a6adf03b72e2bea5789">file</a>, <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> * sigTagp, <a name="l00400"></a>00400 <span class="comment">/*@out@*/</span> <a class="code" href="rpmpgp_8h.html#0c8186d9b9b7880309c27230bbb5e69d">byte</a> ** pktp, <span class="comment">/*@out@*/</span> <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> * pktlenp, <a name="l00401"></a>00401 <span class="comment">/*@null@*/</span> <span class="keyword">const</span> <span class="keywordtype">char</span> * passPhrase) <a name="l00402"></a>00402 <span class="comment">/*@globals errno, rpmGlobalMacroContext, h_errno,</span> <a name="l00403"></a>00403 <span class="comment"> fileSystem, internalState @*/</span> <a name="l00404"></a>00404 <span class="comment">/*@modifies errno, *pktp, *pktlenp, rpmGlobalMacroContext,</span> <a name="l00405"></a>00405 <span class="comment"> fileSystem, internalState @*/</span> <a name="l00406"></a>00406 { <a name="l00407"></a>00407 <span class="keywordtype">char</span> * sigfile = <a class="code" href="system_8h.html#eb1df3e83fb069eaa2eb66ace3a0ea52">alloca</a>(1024); <a name="l00408"></a>00408 <span class="keywordtype">int</span> pid, status; <a name="l00409"></a>00409 <span class="keywordtype">int</span> inpipe[2]; <a name="l00410"></a>00410 <span class="keyword">struct </span>stat st; <a name="l00411"></a>00411 <span class="keyword">const</span> <span class="keywordtype">char</span> * cmd; <a name="l00412"></a>00412 <span class="keywordtype">char</span> *<span class="keyword">const</span> *av; <a name="l00413"></a>00413 <a class="code" href="structpgpDig__s.html">pgpDig</a> dig = NULL; <a name="l00414"></a>00414 <a class="code" href="structpgpDigParams__s.html">pgpDigParams</a> sigp = NULL; <a name="l00415"></a>00415 <span class="keywordtype">int</span> rc; <a name="l00416"></a>00416 <a name="l00417"></a>00417 <span class="comment">/*@-boundswrite@*/</span> <a name="l00418"></a>00418 (void) <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>( <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(sigfile, file), <span class="stringliteral">".sig"</span>); <a name="l00419"></a>00419 <span class="comment">/*@=boundswrite@*/</span> <a name="l00420"></a>00420 <a name="l00421"></a>00421 <a class="code" href="macro_8c.html#f38cc0557a9d3def58f6d31db62c4859">addMacro</a>(NULL, <span class="stringliteral">"__plaintext_filename"</span>, NULL, file, -1); <a name="l00422"></a>00422 <a class="code" href="macro_8c.html#f38cc0557a9d3def58f6d31db62c4859">addMacro</a>(NULL, <span class="stringliteral">"__signature_filename"</span>, NULL, sigfile, -1); <a name="l00423"></a>00423 <a name="l00424"></a>00424 inpipe[0] = inpipe[1] = 0; <a name="l00425"></a>00425 <span class="comment">/*@-boundsread@*/</span> <a name="l00426"></a>00426 (void) pipe(inpipe); <a name="l00427"></a>00427 <span class="comment">/*@=boundsread@*/</span> <a name="l00428"></a>00428 <a name="l00429"></a>00429 <span class="keywordflow">if</span> (!(pid = fork())) { <a name="l00430"></a>00430 <span class="keyword">const</span> <span class="keywordtype">char</span> *pgp_path = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?_pgp_path}"</span>, NULL); <a name="l00431"></a>00431 <span class="keyword">const</span> <span class="keywordtype">char</span> *path; <a name="l00432"></a>00432 <a class="code" href="group__signature.html#ge1789e90ac0546a99a17e2c63567798c">pgpVersion</a> pgpVer; <a name="l00433"></a>00433 <a name="l00434"></a>00434 (void) close(STDIN_FILENO); <a name="l00435"></a>00435 (void) dup2(inpipe[0], 3); <a name="l00436"></a>00436 (void) close(inpipe[1]); <a name="l00437"></a>00437 <a name="l00438"></a>00438 (void) <a class="code" href="lib_2misc_8c.html#c785dc44bfdfa399cb5e75beaffa7220">dosetenv</a>(<span class="stringliteral">"PGPPASSFD"</span>, <span class="stringliteral">"3"</span>, 1); <a name="l00439"></a>00439 <span class="comment">/*@-boundsread@*/</span> <a name="l00440"></a>00440 <span class="keywordflow">if</span> (pgp_path && *pgp_path != <span class="charliteral">'\0'</span>) <a name="l00441"></a>00441 (void) <a class="code" href="lib_2misc_8c.html#c785dc44bfdfa399cb5e75beaffa7220">dosetenv</a>(<span class="stringliteral">"PGPPATH"</span>, pgp_path, 1); <a name="l00442"></a>00442 <span class="comment">/*@=boundsread@*/</span> <a name="l00443"></a>00443 <a name="l00444"></a>00444 <span class="comment">/* dosetenv("PGPPASS", passPhrase, 1); */</span> <a name="l00445"></a>00445 <a name="l00446"></a>00446 <a class="code" href="system_8h.html#8c996258959222a38a0d4c35d8e22105">unsetenv</a>(<span class="stringliteral">"MALLOC_CHECK_"</span>); <a name="l00447"></a>00447 <span class="keywordflow">if</span> ((path = <a class="code" href="group__signature.html#gfb3f904eeef3bf7f947114df3dfda939">rpmDetectPGPVersion</a>(&pgpVer)) != NULL) { <a name="l00448"></a>00448 <span class="keywordflow">switch</span>(pgpVer) { <a name="l00449"></a>00449 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf9541f784d0a4dd74e20fa71788f20a0638">PGP_2</a>: <a name="l00450"></a>00450 cmd = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?__pgp_sign_cmd}"</span>, NULL); <a name="l00451"></a>00451 rc = <a class="code" href="group__popt.html#gabb6e8c769648273171f3f3ec9c0e471">poptParseArgvString</a>(cmd, NULL, (<span class="keyword">const</span> <span class="keywordtype">char</span> ***)&av); <a name="l00452"></a>00452 <span class="comment">/*@-boundsread@*/</span> <a name="l00453"></a>00453 <span class="keywordflow">if</span> (!rc) <a name="l00454"></a>00454 rc = execve(av[0], av+1, <a class="code" href="signature_8c.html#a006daaf11f1e2e45a6ababaf463212b">environ</a>); <a name="l00455"></a>00455 <span class="comment">/*@=boundsread@*/</span> <a name="l00456"></a>00456 <span class="keywordflow">break</span>; <a name="l00457"></a>00457 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf95fd31bb850e17d4ea70203167a75ac5b4">PGP_5</a>: <a name="l00458"></a>00458 cmd = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?__pgp5_sign_cmd}"</span>, NULL); <a name="l00459"></a>00459 rc = <a class="code" href="group__popt.html#gabb6e8c769648273171f3f3ec9c0e471">poptParseArgvString</a>(cmd, NULL, (<span class="keyword">const</span> <span class="keywordtype">char</span> ***)&av); <a name="l00460"></a>00460 <span class="comment">/*@-boundsread@*/</span> <a name="l00461"></a>00461 <span class="keywordflow">if</span> (!rc) <a name="l00462"></a>00462 rc = execve(av[0], av+1, <a class="code" href="signature_8c.html#a006daaf11f1e2e45a6ababaf463212b">environ</a>); <a name="l00463"></a>00463 <span class="comment">/*@=boundsread@*/</span> <a name="l00464"></a>00464 <span class="keywordflow">break</span>; <a name="l00465"></a>00465 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf95ab5d2b5e12a46791008961354900524d">PGP_UNKNOWN</a>: <a name="l00466"></a>00466 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf952606afd97b623ff43251e020fedd0ed2">PGP_NOTDETECTED</a>: <a name="l00467"></a>00467 <a class="code" href="system_8h.html#d65a8842cc674e3ddf69355898c0ecbf">errno</a> = ENOENT; <a name="l00468"></a>00468 <span class="keywordflow">break</span>; <a name="l00469"></a>00469 } <a name="l00470"></a>00470 } <a name="l00471"></a>00471 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b0482feba1e22d097402ab9f8bafa5e8e">RPMERR_EXEC</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Could not exec %s: %s\n"</span>), <span class="stringliteral">"pgp"</span>, <a name="l00472"></a>00472 <a class="code" href="file_8h.html#b6b553574f85ce7727cf5b9a1b638293">strerror</a>(<a class="code" href="system_8h.html#d65a8842cc674e3ddf69355898c0ecbf">errno</a>)); <a name="l00473"></a>00473 _exit(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b0482feba1e22d097402ab9f8bafa5e8e">RPMERR_EXEC</a>); <a name="l00474"></a>00474 } <a name="l00475"></a>00475 <a name="l00476"></a>00476 <a class="code" href="macro_8c.html#47408de31de2e2539c1eff75fd98cac6">delMacro</a>(NULL, <span class="stringliteral">"__plaintext_filename"</span>); <a name="l00477"></a>00477 <a class="code" href="macro_8c.html#47408de31de2e2539c1eff75fd98cac6">delMacro</a>(NULL, <span class="stringliteral">"__signature_filename"</span>); <a name="l00478"></a>00478 <a name="l00479"></a>00479 (void) close(inpipe[0]); <a name="l00480"></a>00480 <span class="keywordflow">if</span> (passPhrase) <a name="l00481"></a>00481 (void) write(inpipe[1], passPhrase, strlen(passPhrase)); <a name="l00482"></a>00482 (void) write(inpipe[1], <span class="stringliteral">"\n"</span>, 1); <a name="l00483"></a>00483 (void) close(inpipe[1]); <a name="l00484"></a>00484 <a name="l00485"></a>00485 (void)waitpid(pid, &status, 0); <a name="l00486"></a>00486 <span class="keywordflow">if</span> (!WIFEXITED(status) || WEXITSTATUS(status)) { <a name="l00487"></a>00487 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"pgp failed\n"</span>)); <a name="l00488"></a>00488 <span class="keywordflow">return</span> 1; <a name="l00489"></a>00489 } <a name="l00490"></a>00490 <a name="l00491"></a>00491 <span class="keywordflow">if</span> (stat(sigfile, &st)) { <a name="l00492"></a>00492 <span class="comment">/* PGP failed to write signature */</span> <a name="l00493"></a>00493 <span class="keywordflow">if</span> (sigfile) (void) unlink(sigfile); <span class="comment">/* Just in case */</span> <a name="l00494"></a>00494 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"pgp failed to write signature\n"</span>)); <a name="l00495"></a>00495 <span class="keywordflow">return</span> 1; <a name="l00496"></a>00496 } <a name="l00497"></a>00497 <a name="l00498"></a>00498 <span class="comment">/*@-boundswrite@*/</span> <a name="l00499"></a>00499 *pktlenp = st.st_size; <a name="l00500"></a>00500 <a class="code" href="rpmmessages_8h.html#19d1274092486c2d1397c86f23283e32">rpmMessage</a>(<a class="code" href="rpmmessages_8h.html#3f97e894ffb886d576fbf4cec2f41298">RPMMESS_DEBUG</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"PGP sig size: %d\n"</span>), *pktlenp); <a name="l00501"></a>00501 *pktp = <a class="code" href="system_8h.html#42ccfa6fc49cc4ce90cc44cd05052490">xmalloc</a>(*pktlenp); <a name="l00502"></a>00502 <span class="comment">/*@=boundswrite@*/</span> <a name="l00503"></a>00503 <a name="l00504"></a>00504 <span class="comment">/*@-boundsread@*/</span> <a name="l00505"></a>00505 { <a class="code" href="struct__FD__s.html">FD_t</a> fd; <a name="l00506"></a>00506 <a name="l00507"></a>00507 rc = 0; <a name="l00508"></a>00508 fd = <a class="code" href="rpmio_8c.html#2eb611bd97d6d937d2296bcecd83ee31">Fopen</a>(sigfile, <span class="stringliteral">"r.fdio"</span>); <a name="l00509"></a>00509 <span class="keywordflow">if</span> (fd != NULL && !<a class="code" href="rpmio_8c.html#0f608c106ddef6245f5e9773a8e56b73">Ferror</a>(fd)) { <a name="l00510"></a>00510 rc = <a class="code" href="rpmio_8h.html#d16ce8d9b736be2ff4242f9af09ce5e1">timedRead</a>(fd, *pktp, *pktlenp); <a name="l00511"></a>00511 <span class="keywordflow">if</span> (sigfile) (void) unlink(sigfile); <a name="l00512"></a>00512 (void) <a class="code" href="rpmio_8c.html#7e40bd43f40fcfce2773851b922c7774">Fclose</a>(fd); <a name="l00513"></a>00513 } <a name="l00514"></a>00514 <span class="keywordflow">if</span> (rc != *pktlenp) { <a name="l00515"></a>00515 <span class="comment">/*@-boundswrite@*/</span> <a name="l00516"></a>00516 *pktp = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(*pktp); <a name="l00517"></a>00517 <span class="comment">/*@=boundswrite@*/</span> <a name="l00518"></a>00518 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"unable to read the signature\n"</span>)); <a name="l00519"></a>00519 <span class="keywordflow">return</span> 1; <a name="l00520"></a>00520 } <a name="l00521"></a>00521 } <a name="l00522"></a>00522 <a name="l00523"></a>00523 <a class="code" href="rpmmessages_8h.html#19d1274092486c2d1397c86f23283e32">rpmMessage</a>(<a class="code" href="rpmmessages_8h.html#3f97e894ffb886d576fbf4cec2f41298">RPMMESS_DEBUG</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Got %d bytes of PGP sig\n"</span>), *pktlenp); <a name="l00524"></a>00524 <span class="comment">/*@=boundsread@*/</span> <a name="l00525"></a>00525 <a name="l00526"></a>00526 <span class="preprocessor">#ifdef NOTYET</span> <a name="l00527"></a>00527 <span class="preprocessor"></span> <span class="comment">/* Parse the signature, change signature tag as appropriate. */</span> <a name="l00528"></a>00528 dig = <a class="code" href="rpmpgp_8c.html#20c953f5a51841d3037a5854dda041f4">pgpNewDig</a>(); <a name="l00529"></a>00529 <a name="l00530"></a>00530 (void) <a class="code" href="rpmpgp_8c.html#63d241f02fc3514a2a0897b533082742">pgpPrtPkts</a>(*pktp, *pktlenp, dig, 0); <a name="l00531"></a>00531 sigp = &dig-><a class="code" href="structpgpDig__s.html#28ff551e61329f6f14d87bbabd44d716">signature</a>; <a name="l00532"></a>00532 <a name="l00533"></a>00533 dig = <a class="code" href="rpmpgp_8c.html#2d22fdaa237903f43d5eaddb426bb13f">pgpFreeDig</a>(dig); <a name="l00534"></a>00534 <span class="preprocessor">#endif</span> <a name="l00535"></a>00535 <span class="preprocessor"></span> <a name="l00536"></a>00536 <span class="keywordflow">return</span> 0; <a name="l00537"></a>00537 } <a name="l00538"></a>00538 <a name="l00548"></a><a class="code" href="signature_8c.html#7451f59ca3dc18595360aceda48001e6">00548</a> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="signature_8c.html#7451f59ca3dc18595360aceda48001e6">makeGPGSignature</a>(<span class="keyword">const</span> <span class="keywordtype">char</span> * <a class="code" href="parseFiles_8c.html#f0baa3ccdd9d2a6adf03b72e2bea5789">file</a>, <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> * sigTagp, <a name="l00549"></a>00549 <span class="comment">/*@out@*/</span> <a class="code" href="rpmpgp_8h.html#0c8186d9b9b7880309c27230bbb5e69d">byte</a> ** pktp, <span class="comment">/*@out@*/</span> <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> * pktlenp, <a name="l00550"></a>00550 <span class="comment">/*@null@*/</span> <span class="keyword">const</span> <span class="keywordtype">char</span> * passPhrase) <a name="l00551"></a>00551 <span class="comment">/*@globals rpmGlobalMacroContext, h_errno,</span> <a name="l00552"></a>00552 <span class="comment"> fileSystem, internalState @*/</span> <a name="l00553"></a>00553 <span class="comment">/*@modifies *pktp, *pktlenp, rpmGlobalMacroContext,</span> <a name="l00554"></a>00554 <span class="comment"> fileSystem, internalState @*/</span> <a name="l00555"></a>00555 { <a name="l00556"></a>00556 <span class="keywordtype">char</span> * sigfile = <a class="code" href="system_8h.html#eb1df3e83fb069eaa2eb66ace3a0ea52">alloca</a>(strlen(file)+<span class="keyword">sizeof</span>(<span class="stringliteral">".sig"</span>)); <a name="l00557"></a>00557 <span class="keywordtype">int</span> pid, status; <a name="l00558"></a>00558 <span class="keywordtype">int</span> inpipe[2]; <a name="l00559"></a>00559 FILE * fpipe; <a name="l00560"></a>00560 <span class="keyword">struct </span>stat st; <a name="l00561"></a>00561 <span class="keyword">const</span> <span class="keywordtype">char</span> * cmd; <a name="l00562"></a>00562 <span class="keywordtype">char</span> *<span class="keyword">const</span> *av; <a name="l00563"></a>00563 <a class="code" href="structpgpDig__s.html">pgpDig</a> dig = NULL; <a name="l00564"></a>00564 <a class="code" href="structpgpDigParams__s.html">pgpDigParams</a> sigp = NULL; <a name="l00565"></a>00565 <span class="keywordtype">int</span> rc; <a name="l00566"></a>00566 <a name="l00567"></a>00567 <span class="comment">/*@-boundswrite@*/</span> <a name="l00568"></a>00568 (void) <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>( <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(sigfile, file), <span class="stringliteral">".sig"</span>); <a name="l00569"></a>00569 <span class="comment">/*@=boundswrite@*/</span> <a name="l00570"></a>00570 <a name="l00571"></a>00571 <a class="code" href="macro_8c.html#f38cc0557a9d3def58f6d31db62c4859">addMacro</a>(NULL, <span class="stringliteral">"__plaintext_filename"</span>, NULL, file, -1); <a name="l00572"></a>00572 <a class="code" href="macro_8c.html#f38cc0557a9d3def58f6d31db62c4859">addMacro</a>(NULL, <span class="stringliteral">"__signature_filename"</span>, NULL, sigfile, -1); <a name="l00573"></a>00573 <a name="l00574"></a>00574 inpipe[0] = inpipe[1] = 0; <a name="l00575"></a>00575 <span class="comment">/*@-boundsread@*/</span> <a name="l00576"></a>00576 (void) pipe(inpipe); <a name="l00577"></a>00577 <span class="comment">/*@=boundsread@*/</span> <a name="l00578"></a>00578 <a name="l00579"></a>00579 <span class="keywordflow">if</span> (!(pid = fork())) { <a name="l00580"></a>00580 <span class="keyword">const</span> <span class="keywordtype">char</span> *gpg_path = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?_gpg_path}"</span>, NULL); <a name="l00581"></a>00581 <a name="l00582"></a>00582 (void) close(STDIN_FILENO); <a name="l00583"></a>00583 (void) dup2(inpipe[0], 3); <a name="l00584"></a>00584 (void) close(inpipe[1]); <a name="l00585"></a>00585 <a name="l00586"></a>00586 <span class="comment">/*@-boundsread@*/</span> <a name="l00587"></a>00587 <span class="keywordflow">if</span> (gpg_path && *gpg_path != <span class="charliteral">'\0'</span>) <a name="l00588"></a>00588 (void) <a class="code" href="lib_2misc_8c.html#c785dc44bfdfa399cb5e75beaffa7220">dosetenv</a>(<span class="stringliteral">"GNUPGHOME"</span>, gpg_path, 1); <a name="l00589"></a>00589 <span class="comment">/*@=boundsread@*/</span> <a name="l00590"></a>00590 (void) <a class="code" href="lib_2misc_8c.html#c785dc44bfdfa399cb5e75beaffa7220">dosetenv</a>(<span class="stringliteral">"LC_ALL"</span>, <span class="stringliteral">"C"</span>, 1); <a name="l00591"></a>00591 <a name="l00592"></a>00592 <a class="code" href="system_8h.html#8c996258959222a38a0d4c35d8e22105">unsetenv</a>(<span class="stringliteral">"MALLOC_CHECK_"</span>); <a name="l00593"></a>00593 cmd = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?__gpg_sign_cmd}"</span>, NULL); <a name="l00594"></a>00594 rc = <a class="code" href="group__popt.html#gabb6e8c769648273171f3f3ec9c0e471">poptParseArgvString</a>(cmd, NULL, (<span class="keyword">const</span> <span class="keywordtype">char</span> ***)&av); <a name="l00595"></a>00595 <span class="comment">/*@-boundsread@*/</span> <a name="l00596"></a>00596 <span class="keywordflow">if</span> (!rc) <a name="l00597"></a>00597 rc = execve(av[0], av+1, <a class="code" href="signature_8c.html#a006daaf11f1e2e45a6ababaf463212b">environ</a>); <a name="l00598"></a>00598 <span class="comment">/*@=boundsread@*/</span> <a name="l00599"></a>00599 <a name="l00600"></a>00600 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b0482feba1e22d097402ab9f8bafa5e8e">RPMERR_EXEC</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Could not exec %s: %s\n"</span>), <span class="stringliteral">"gpg"</span>, <a name="l00601"></a>00601 <a class="code" href="file_8h.html#b6b553574f85ce7727cf5b9a1b638293">strerror</a>(<a class="code" href="system_8h.html#d65a8842cc674e3ddf69355898c0ecbf">errno</a>)); <a name="l00602"></a>00602 _exit(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b0482feba1e22d097402ab9f8bafa5e8e">RPMERR_EXEC</a>); <a name="l00603"></a>00603 } <a name="l00604"></a>00604 <a name="l00605"></a>00605 <a class="code" href="macro_8c.html#47408de31de2e2539c1eff75fd98cac6">delMacro</a>(NULL, <span class="stringliteral">"__plaintext_filename"</span>); <a name="l00606"></a>00606 <a class="code" href="macro_8c.html#47408de31de2e2539c1eff75fd98cac6">delMacro</a>(NULL, <span class="stringliteral">"__signature_filename"</span>); <a name="l00607"></a>00607 <a name="l00608"></a>00608 fpipe = fdopen(inpipe[1], <span class="stringliteral">"w"</span>); <a name="l00609"></a>00609 (void) close(inpipe[0]); <a name="l00610"></a>00610 <span class="keywordflow">if</span> (fpipe) { <a name="l00611"></a>00611 fprintf(fpipe, <span class="stringliteral">"%s\n"</span>, (passPhrase ? passPhrase : <span class="stringliteral">""</span>)); <a name="l00612"></a>00612 (void) fclose(fpipe); <a name="l00613"></a>00613 } <a name="l00614"></a>00614 <a name="l00615"></a>00615 (void) waitpid(pid, &status, 0); <a name="l00616"></a>00616 <span class="keywordflow">if</span> (!WIFEXITED(status) || WEXITSTATUS(status)) { <a name="l00617"></a>00617 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"gpg exec failed (%d)\n"</span>), WEXITSTATUS(status)); <a name="l00618"></a>00618 <span class="keywordflow">return</span> 1; <a name="l00619"></a>00619 } <a name="l00620"></a>00620 <a name="l00621"></a>00621 <span class="keywordflow">if</span> (stat(sigfile, &st)) { <a name="l00622"></a>00622 <span class="comment">/* GPG failed to write signature */</span> <a name="l00623"></a>00623 <span class="keywordflow">if</span> (sigfile) (void) unlink(sigfile); <span class="comment">/* Just in case */</span> <a name="l00624"></a>00624 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"gpg failed to write signature\n"</span>)); <a name="l00625"></a>00625 <span class="keywordflow">return</span> 1; <a name="l00626"></a>00626 } <a name="l00627"></a>00627 <a name="l00628"></a>00628 <span class="comment">/*@-boundswrite@*/</span> <a name="l00629"></a>00629 *pktlenp = st.st_size; <a name="l00630"></a>00630 <a class="code" href="rpmmessages_8h.html#19d1274092486c2d1397c86f23283e32">rpmMessage</a>(<a class="code" href="rpmmessages_8h.html#3f97e894ffb886d576fbf4cec2f41298">RPMMESS_DEBUG</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"GPG sig size: %d\n"</span>), *pktlenp); <a name="l00631"></a>00631 *pktp = <a class="code" href="system_8h.html#42ccfa6fc49cc4ce90cc44cd05052490">xmalloc</a>(*pktlenp); <a name="l00632"></a>00632 <span class="comment">/*@=boundswrite@*/</span> <a name="l00633"></a>00633 <a name="l00634"></a>00634 <span class="comment">/*@-boundsread@*/</span> <a name="l00635"></a>00635 { <a class="code" href="struct__FD__s.html">FD_t</a> fd; <a name="l00636"></a>00636 <a name="l00637"></a>00637 rc = 0; <a name="l00638"></a>00638 fd = <a class="code" href="rpmio_8c.html#2eb611bd97d6d937d2296bcecd83ee31">Fopen</a>(sigfile, <span class="stringliteral">"r.fdio"</span>); <a name="l00639"></a>00639 <span class="keywordflow">if</span> (fd != NULL && !<a class="code" href="rpmio_8c.html#0f608c106ddef6245f5e9773a8e56b73">Ferror</a>(fd)) { <a name="l00640"></a>00640 rc = <a class="code" href="rpmio_8h.html#d16ce8d9b736be2ff4242f9af09ce5e1">timedRead</a>(fd, *pktp, *pktlenp); <a name="l00641"></a>00641 <span class="keywordflow">if</span> (sigfile) (void) unlink(sigfile); <a name="l00642"></a>00642 (void) <a class="code" href="rpmio_8c.html#7e40bd43f40fcfce2773851b922c7774">Fclose</a>(fd); <a name="l00643"></a>00643 } <a name="l00644"></a>00644 <span class="keywordflow">if</span> (rc != *pktlenp) { <a name="l00645"></a>00645 <span class="comment">/*@-boundswrite@*/</span> <a name="l00646"></a>00646 *pktp = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(*pktp); <a name="l00647"></a>00647 <span class="comment">/*@=boundswrite@*/</span> <a name="l00648"></a>00648 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"unable to read the signature\n"</span>)); <a name="l00649"></a>00649 <span class="keywordflow">return</span> 1; <a name="l00650"></a>00650 } <a name="l00651"></a>00651 } <a name="l00652"></a>00652 <a name="l00653"></a>00653 <a class="code" href="rpmmessages_8h.html#19d1274092486c2d1397c86f23283e32">rpmMessage</a>(<a class="code" href="rpmmessages_8h.html#3f97e894ffb886d576fbf4cec2f41298">RPMMESS_DEBUG</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Got %d bytes of GPG sig\n"</span>), *pktlenp); <a name="l00654"></a>00654 <span class="comment">/*@=boundsread@*/</span> <a name="l00655"></a>00655 <a name="l00656"></a>00656 <span class="comment">/* Parse the signature, change signature tag as appropriate. */</span> <a name="l00657"></a>00657 dig = <a class="code" href="rpmpgp_8c.html#20c953f5a51841d3037a5854dda041f4">pgpNewDig</a>(); <a name="l00658"></a>00658 <a name="l00659"></a>00659 (void) <a class="code" href="rpmpgp_8c.html#63d241f02fc3514a2a0897b533082742">pgpPrtPkts</a>(*pktp, *pktlenp, dig, 0); <a name="l00660"></a>00660 sigp = &dig-><a class="code" href="structpgpDig__s.html#28ff551e61329f6f14d87bbabd44d716">signature</a>; <a name="l00661"></a>00661 <a name="l00662"></a>00662 <span class="keywordflow">switch</span> (*sigTagp) { <a name="l00663"></a>00663 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade599ce79a6dc5f08f628da38c4f0ed8461f">RPMSIGTAG_SIZE</a>: <a name="l00664"></a>00664 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade5998404587b2537b1a0913f4bf84857b66">RPMSIGTAG_MD5</a>: <a name="l00665"></a>00665 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade591f0885c883cbf3c6a56b43378b2abb44">RPMSIGTAG_SHA1</a>: <a name="l00666"></a>00666 <span class="keywordflow">break</span>; <a name="l00667"></a>00667 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590ed5d0c19de281d46d38e0210dc9faa7">RPMSIGTAG_GPG</a>: <a name="l00668"></a>00668 <span class="comment">/* XXX check MD5 hash too? */</span> <a name="l00669"></a>00669 <span class="keywordflow">if</span> (sigp-><a class="code" href="structpgpDigParams__s.html#91db52d3177e0980b2feb221f8437cae">pubkey_algo</a> == <a class="code" href="rpmpgp_8h.html#40b051ecf9ec18b011f737b2244cd03891f7b078af891e97ae8616c86bddedce">PGPPUBKEYALGO_RSA</a>) <a name="l00670"></a>00670 *sigTagp = <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a>; <a name="l00671"></a>00671 <span class="keywordflow">break</span>; <a name="l00672"></a>00672 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59bf5438c2d5c3e85d660be9588869ad7d">RPMSIGTAG_PGP5</a>: <span class="comment">/* XXX legacy */</span> <a name="l00673"></a>00673 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a>: <a name="l00674"></a>00674 <span class="keywordflow">if</span> (sigp-><a class="code" href="structpgpDigParams__s.html#91db52d3177e0980b2feb221f8437cae">pubkey_algo</a> == <a class="code" href="rpmpgp_8h.html#40b051ecf9ec18b011f737b2244cd038ed719534d762654b5d2eb00b93c4bab1">PGPPUBKEYALGO_DSA</a>) <a name="l00675"></a>00675 *sigTagp = <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590ed5d0c19de281d46d38e0210dc9faa7">RPMSIGTAG_GPG</a>; <a name="l00676"></a>00676 <span class="keywordflow">break</span>; <a name="l00677"></a>00677 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59b52ed4e5aa7d330de398f3e92334d828">RPMSIGTAG_DSA</a>: <a name="l00678"></a>00678 <span class="comment">/* XXX check MD5 hash too? */</span> <a name="l00679"></a>00679 <span class="keywordflow">if</span> (sigp-><a class="code" href="structpgpDigParams__s.html#91db52d3177e0980b2feb221f8437cae">pubkey_algo</a> == <a class="code" href="rpmpgp_8h.html#40b051ecf9ec18b011f737b2244cd03891f7b078af891e97ae8616c86bddedce">PGPPUBKEYALGO_RSA</a>) <a name="l00680"></a>00680 *sigTagp = <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59d5ce205120582b92319e8e686b7e5886">RPMSIGTAG_RSA</a>; <a name="l00681"></a>00681 <span class="keywordflow">break</span>; <a name="l00682"></a>00682 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59d5ce205120582b92319e8e686b7e5886">RPMSIGTAG_RSA</a>: <a name="l00683"></a>00683 <span class="keywordflow">if</span> (sigp-><a class="code" href="structpgpDigParams__s.html#91db52d3177e0980b2feb221f8437cae">pubkey_algo</a> == <a class="code" href="rpmpgp_8h.html#40b051ecf9ec18b011f737b2244cd038ed719534d762654b5d2eb00b93c4bab1">PGPPUBKEYALGO_DSA</a>) <a name="l00684"></a>00684 *sigTagp = <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59b52ed4e5aa7d330de398f3e92334d828">RPMSIGTAG_DSA</a>; <a name="l00685"></a>00685 <span class="keywordflow">break</span>; <a name="l00686"></a>00686 } <a name="l00687"></a>00687 <a name="l00688"></a>00688 dig = <a class="code" href="rpmpgp_8c.html#2d22fdaa237903f43d5eaddb426bb13f">pgpFreeDig</a>(dig); <a name="l00689"></a>00689 <a name="l00690"></a>00690 <span class="keywordflow">return</span> 0; <a name="l00691"></a>00691 } <a name="l00692"></a>00692 <a name="l00701"></a><a class="code" href="signature_8c.html#16a02a82d6d5f5352ac14ce0179020c9">00701</a> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="signature_8c.html#16a02a82d6d5f5352ac14ce0179020c9">makeHDRSignature</a>(<a class="code" href="structheaderToken__s.html">Header</a> sigh, <span class="keyword">const</span> <span class="keywordtype">char</span> * <a class="code" href="parseFiles_8c.html#f0baa3ccdd9d2a6adf03b72e2bea5789">file</a>, <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> sigTag, <a name="l00702"></a>00702 <span class="comment">/*@null@*/</span> <span class="keyword">const</span> <span class="keywordtype">char</span> * passPhrase) <a name="l00703"></a>00703 <span class="comment">/*@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @*/</span> <a name="l00704"></a>00704 <span class="comment">/*@modifies sigh, rpmGlobalMacroContext, fileSystem, internalState @*/</span> <a name="l00705"></a>00705 { <a name="l00706"></a>00706 <a class="code" href="structheaderToken__s.html">Header</a> h = NULL; <a name="l00707"></a>00707 <a class="code" href="struct__FD__s.html">FD_t</a> fd = NULL; <a name="l00708"></a>00708 <a class="code" href="rpmpgp_8h.html#0c8186d9b9b7880309c27230bbb5e69d">byte</a> * pkt; <a name="l00709"></a>00709 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> pktlen; <a name="l00710"></a>00710 <span class="keyword">const</span> <span class="keywordtype">char</span> * fn = NULL; <a name="l00711"></a>00711 <span class="keyword">const</span> <span class="keywordtype">char</span> * SHA1 = NULL; <a name="l00712"></a>00712 <span class="keywordtype">int</span> ret = -1; <span class="comment">/* assume failure. */</span> <a name="l00713"></a>00713 <a name="l00714"></a>00714 <span class="keywordflow">switch</span> (sigTag) { <a name="l00715"></a>00715 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade599ce79a6dc5f08f628da38c4f0ed8461f">RPMSIGTAG_SIZE</a>: <a name="l00716"></a>00716 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade5998404587b2537b1a0913f4bf84857b66">RPMSIGTAG_MD5</a>: <a name="l00717"></a>00717 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59bf5438c2d5c3e85d660be9588869ad7d">RPMSIGTAG_PGP5</a>: <span class="comment">/* XXX legacy */</span> <a name="l00718"></a>00718 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a>: <a name="l00719"></a>00719 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590ed5d0c19de281d46d38e0210dc9faa7">RPMSIGTAG_GPG</a>: <a name="l00720"></a>00720 <span class="keywordflow">goto</span> exit; <a name="l00721"></a>00721 <span class="comment">/*@notreached@*/</span> <span class="keywordflow">break</span>; <a name="l00722"></a>00722 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade591f0885c883cbf3c6a56b43378b2abb44">RPMSIGTAG_SHA1</a>: <a name="l00723"></a>00723 fd = <a class="code" href="rpmio_8c.html#2eb611bd97d6d937d2296bcecd83ee31">Fopen</a>(file, <span class="stringliteral">"r.fdio"</span>); <a name="l00724"></a>00724 <span class="keywordflow">if</span> (fd == NULL || <a class="code" href="rpmio_8c.html#0f608c106ddef6245f5e9773a8e56b73">Ferror</a>(fd)) <a name="l00725"></a>00725 <span class="keywordflow">goto</span> exit; <a name="l00726"></a>00726 h = <a class="code" href="group__header.html#gfea9b3dd88d74fbe5049d307f0b81249">headerRead</a>(fd, <a class="code" href="group__header.html#gg2572591faf5430cdf28aaf9f70d74fa4ebb6d0af72ae9d4c607e81796dafa472">HEADER_MAGIC_YES</a>); <a name="l00727"></a>00727 <span class="keywordflow">if</span> (h == NULL) <a name="l00728"></a>00728 <span class="keywordflow">goto</span> exit; <a name="l00729"></a>00729 (void) <a class="code" href="rpmio_8c.html#7e40bd43f40fcfce2773851b922c7774">Fclose</a>(fd); fd = NULL; <a name="l00730"></a>00730 <a name="l00731"></a>00731 <span class="keywordflow">if</span> (<a class="code" href="group__header.html#g0f25e23afbd3fb4799d579080fbb0942">headerIsEntry</a>(h, <a class="code" href="rpmlib_8h.html#342756dddb61d125ae851a8b1ab0507bbf199b0f74f4a4704e89b424c76ac4db">RPMTAG_HEADERIMMUTABLE</a>)) { <a name="l00732"></a>00732 <a class="code" href="structDIGEST__CTX__s.html">DIGEST_CTX</a> ctx; <a name="l00733"></a>00733 <span class="keywordtype">void</span> * uh; <a name="l00734"></a>00734 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> uht, uhc; <a name="l00735"></a>00735 <a name="l00736"></a>00736 <span class="keywordflow">if</span> (!<a class="code" href="group__header.html#g0b59789e021aa6ecab28e72a1f39d0a4">headerGetEntry</a>(h, <a class="code" href="rpmlib_8h.html#342756dddb61d125ae851a8b1ab0507bbf199b0f74f4a4704e89b424c76ac4db">RPMTAG_HEADERIMMUTABLE</a>, &uht, &uh, &uhc) <a name="l00737"></a>00737 || uh == NULL) <a name="l00738"></a>00738 { <a name="l00739"></a>00739 h = <a class="code" href="group__header.html#g09a8fc9b59462af8d6fb08636feff7f9">headerFree</a>(h); <a name="l00740"></a>00740 <span class="keywordflow">goto</span> exit; <a name="l00741"></a>00741 } <a name="l00742"></a>00742 ctx = <a class="code" href="group__rpmio.html#g38d1f7f076276f053da5f5b8e3c16b8e">rpmDigestInit</a>(<a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54efadb8ed49f2346f83847d7ef8e0efe24">PGPHASHALGO_SHA1</a>, <a class="code" href="group__rpmio.html#gg42072ff4775f09dc80e11764dc0274695e623dd642f5283da2d878cd4cd1bd4e">RPMDIGEST_NONE</a>); <a name="l00743"></a>00743 (void) <a class="code" href="group__rpmio.html#gc9ca49fa22e116d5b481c666c82c579e">rpmDigestUpdate</a>(ctx, <a class="code" href="package_8c.html#68915b3bb540c3571a315f399cf2d981">header_magic</a>, <span class="keyword">sizeof</span>(<a class="code" href="package_8c.html#68915b3bb540c3571a315f399cf2d981">header_magic</a>)); <a name="l00744"></a>00744 (void) <a class="code" href="group__rpmio.html#gc9ca49fa22e116d5b481c666c82c579e">rpmDigestUpdate</a>(ctx, uh, uhc); <a name="l00745"></a>00745 (void) <a class="code" href="group__rpmio.html#g54e20bdf025588cd2f2bb640b7978de9">rpmDigestFinal</a>(ctx, (<span class="keywordtype">void</span> **)&SHA1, NULL, 1); <a name="l00746"></a>00746 uh = <a class="code" href="group__header.html#ge7835c5c4504bf89e169fb7d34c6b521">headerFreeData</a>(uh, uht); <a name="l00747"></a>00747 } <a name="l00748"></a>00748 h = <a class="code" href="group__header.html#g09a8fc9b59462af8d6fb08636feff7f9">headerFree</a>(h); <a name="l00749"></a>00749 <a name="l00750"></a>00750 <span class="keywordflow">if</span> (SHA1 == NULL) <a name="l00751"></a>00751 <span class="keywordflow">goto</span> exit; <a name="l00752"></a>00752 <span class="keywordflow">if</span> (!<a class="code" href="group__header.html#ged20ae7d7819321a4fde398cc57f7a20">headerAddEntry</a>(sigh, <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade591f0885c883cbf3c6a56b43378b2abb44">RPMSIGTAG_SHA1</a>, <a class="code" href="group__header.html#gg24690e18a34d56e178edf27b5cc97fed34cdc667815b86f8741fbf06ce4725eb">RPM_STRING_TYPE</a>, SHA1, 1)) <a name="l00753"></a>00753 <span class="keywordflow">goto</span> exit; <a name="l00754"></a>00754 ret = 0; <a name="l00755"></a>00755 <span class="keywordflow">break</span>; <a name="l00756"></a>00756 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59b52ed4e5aa7d330de398f3e92334d828">RPMSIGTAG_DSA</a>: <a name="l00757"></a>00757 fd = <a class="code" href="rpmio_8c.html#2eb611bd97d6d937d2296bcecd83ee31">Fopen</a>(file, <span class="stringliteral">"r.fdio"</span>); <a name="l00758"></a>00758 <span class="keywordflow">if</span> (fd == NULL || <a class="code" href="rpmio_8c.html#0f608c106ddef6245f5e9773a8e56b73">Ferror</a>(fd)) <a name="l00759"></a>00759 <span class="keywordflow">goto</span> exit; <a name="l00760"></a>00760 h = <a class="code" href="group__header.html#gfea9b3dd88d74fbe5049d307f0b81249">headerRead</a>(fd, <a class="code" href="group__header.html#gg2572591faf5430cdf28aaf9f70d74fa4ebb6d0af72ae9d4c607e81796dafa472">HEADER_MAGIC_YES</a>); <a name="l00761"></a>00761 <span class="keywordflow">if</span> (h == NULL) <a name="l00762"></a>00762 <span class="keywordflow">goto</span> exit; <a name="l00763"></a>00763 (void) <a class="code" href="rpmio_8c.html#7e40bd43f40fcfce2773851b922c7774">Fclose</a>(fd); fd = NULL; <a name="l00764"></a>00764 <span class="keywordflow">if</span> (<a class="code" href="lib_2misc_8c.html#a6bd8504c68cc7ffebecef2a094dcf7e">makeTempFile</a>(NULL, &fn, &fd)) <a name="l00765"></a>00765 <span class="keywordflow">goto</span> exit; <a name="l00766"></a>00766 <span class="keywordflow">if</span> (<a class="code" href="group__header.html#gcaf6c39a6b399ce1586f8dce2012c9f6">headerWrite</a>(fd, h, <a class="code" href="group__header.html#gg2572591faf5430cdf28aaf9f70d74fa4ebb6d0af72ae9d4c607e81796dafa472">HEADER_MAGIC_YES</a>)) <a name="l00767"></a>00767 <span class="keywordflow">goto</span> exit; <a name="l00768"></a>00768 (void) <a class="code" href="rpmio_8c.html#7e40bd43f40fcfce2773851b922c7774">Fclose</a>(fd); fd = NULL; <a name="l00769"></a>00769 <span class="keywordflow">if</span> (<a class="code" href="signature_8c.html#7451f59ca3dc18595360aceda48001e6">makeGPGSignature</a>(fn, &sigTag, &pkt, &pktlen, passPhrase) <a name="l00770"></a>00770 || !<a class="code" href="group__header.html#ged20ae7d7819321a4fde398cc57f7a20">headerAddEntry</a>(sigh, sigTag, <a class="code" href="group__header.html#gg24690e18a34d56e178edf27b5cc97fed96437c1222f63450e6ab8d693447d1bd">RPM_BIN_TYPE</a>, pkt, pktlen)) <a name="l00771"></a>00771 <span class="keywordflow">goto</span> exit; <a name="l00772"></a>00772 ret = 0; <a name="l00773"></a>00773 <span class="keywordflow">break</span>; <a name="l00774"></a>00774 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59d5ce205120582b92319e8e686b7e5886">RPMSIGTAG_RSA</a>: <a name="l00775"></a>00775 fd = <a class="code" href="rpmio_8c.html#2eb611bd97d6d937d2296bcecd83ee31">Fopen</a>(file, <span class="stringliteral">"r.fdio"</span>); <a name="l00776"></a>00776 <span class="keywordflow">if</span> (fd == NULL || <a class="code" href="rpmio_8c.html#0f608c106ddef6245f5e9773a8e56b73">Ferror</a>(fd)) <a name="l00777"></a>00777 <span class="keywordflow">goto</span> exit; <a name="l00778"></a>00778 h = <a class="code" href="group__header.html#gfea9b3dd88d74fbe5049d307f0b81249">headerRead</a>(fd, <a class="code" href="group__header.html#gg2572591faf5430cdf28aaf9f70d74fa4ebb6d0af72ae9d4c607e81796dafa472">HEADER_MAGIC_YES</a>); <a name="l00779"></a>00779 <span class="keywordflow">if</span> (h == NULL) <a name="l00780"></a>00780 <span class="keywordflow">goto</span> exit; <a name="l00781"></a>00781 (void) <a class="code" href="rpmio_8c.html#7e40bd43f40fcfce2773851b922c7774">Fclose</a>(fd); fd = NULL; <a name="l00782"></a>00782 <span class="keywordflow">if</span> (<a class="code" href="lib_2misc_8c.html#a6bd8504c68cc7ffebecef2a094dcf7e">makeTempFile</a>(NULL, &fn, &fd)) <a name="l00783"></a>00783 <span class="keywordflow">goto</span> exit; <a name="l00784"></a>00784 <span class="keywordflow">if</span> (<a class="code" href="group__header.html#gcaf6c39a6b399ce1586f8dce2012c9f6">headerWrite</a>(fd, h, <a class="code" href="group__header.html#gg2572591faf5430cdf28aaf9f70d74fa4ebb6d0af72ae9d4c607e81796dafa472">HEADER_MAGIC_YES</a>)) <a name="l00785"></a>00785 <span class="keywordflow">goto</span> exit; <a name="l00786"></a>00786 (void) <a class="code" href="rpmio_8c.html#7e40bd43f40fcfce2773851b922c7774">Fclose</a>(fd); fd = NULL; <a name="l00787"></a>00787 <span class="keywordflow">if</span> (<a class="code" href="signature_8c.html#dfd0eb7c70e478dea185d46427998caa">makePGPSignature</a>(fn, &sigTag, &pkt, &pktlen, passPhrase) <a name="l00788"></a>00788 || !<a class="code" href="group__header.html#ged20ae7d7819321a4fde398cc57f7a20">headerAddEntry</a>(sigh, sigTag, <a class="code" href="group__header.html#gg24690e18a34d56e178edf27b5cc97fed96437c1222f63450e6ab8d693447d1bd">RPM_BIN_TYPE</a>, pkt, pktlen)) <a name="l00789"></a>00789 <span class="keywordflow">goto</span> exit; <a name="l00790"></a>00790 ret = 0; <a name="l00791"></a>00791 <span class="keywordflow">break</span>; <a name="l00792"></a>00792 } <a name="l00793"></a>00793 <a name="l00794"></a>00794 exit: <a name="l00795"></a>00795 <span class="keywordflow">if</span> (fn) { <a name="l00796"></a>00796 (void) unlink(fn); <a name="l00797"></a>00797 fn = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(fn); <a name="l00798"></a>00798 } <a name="l00799"></a>00799 SHA1 = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(SHA1); <a name="l00800"></a>00800 h = <a class="code" href="group__header.html#g09a8fc9b59462af8d6fb08636feff7f9">headerFree</a>(h); <a name="l00801"></a>00801 <span class="keywordflow">if</span> (fd != NULL) (void) <a class="code" href="rpmio_8c.html#7e40bd43f40fcfce2773851b922c7774">Fclose</a>(fd); <a name="l00802"></a>00802 <span class="keywordflow">return</span> ret; <a name="l00803"></a>00803 } <a name="l00804"></a>00804 <a name="l00805"></a><a class="code" href="group__signature.html#gc5ed7e34b9ab5dfa371d69d136b8cfa4">00805</a> <span class="keywordtype">int</span> <a class="code" href="group__signature.html#gc5ed7e34b9ab5dfa371d69d136b8cfa4">rpmAddSignature</a>(<a class="code" href="structheaderToken__s.html">Header</a> sigh, <span class="keyword">const</span> <span class="keywordtype">char</span> * <a class="code" href="parseFiles_8c.html#f0baa3ccdd9d2a6adf03b72e2bea5789">file</a>, <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> sigTag, <a name="l00806"></a>00806 <span class="keyword">const</span> <span class="keywordtype">char</span> * passPhrase) <a name="l00807"></a>00807 { <a name="l00808"></a>00808 <span class="keyword">struct </span>stat st; <a name="l00809"></a>00809 <a class="code" href="rpmpgp_8h.html#0c8186d9b9b7880309c27230bbb5e69d">byte</a> * pkt; <a name="l00810"></a>00810 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> pktlen; <a name="l00811"></a>00811 <span class="keywordtype">int</span> ret = -1; <span class="comment">/* assume failure. */</span> <a name="l00812"></a>00812 <a name="l00813"></a>00813 <span class="keywordflow">switch</span> (sigTag) { <a name="l00814"></a>00814 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade599ce79a6dc5f08f628da38c4f0ed8461f">RPMSIGTAG_SIZE</a>: <a name="l00815"></a>00815 <span class="keywordflow">if</span> (stat(file, &st) != 0) <a name="l00816"></a>00816 <span class="keywordflow">break</span>; <a name="l00817"></a>00817 pktlen = st.st_size; <a name="l00818"></a>00818 <span class="keywordflow">if</span> (!<a class="code" href="group__header.html#ged20ae7d7819321a4fde398cc57f7a20">headerAddEntry</a>(sigh, sigTag, <a class="code" href="group__header.html#gg24690e18a34d56e178edf27b5cc97fed033cf2f10106384143d802ede9274dcc">RPM_INT32_TYPE</a>, &pktlen, 1)) <a name="l00819"></a>00819 <span class="keywordflow">break</span>; <a name="l00820"></a>00820 ret = 0; <a name="l00821"></a>00821 <span class="keywordflow">break</span>; <a name="l00822"></a>00822 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade5998404587b2537b1a0913f4bf84857b66">RPMSIGTAG_MD5</a>: <a name="l00823"></a>00823 pktlen = 16; <a name="l00824"></a>00824 pkt = memset(<a class="code" href="system_8h.html#eb1df3e83fb069eaa2eb66ace3a0ea52">alloca</a>(pktlen), 0, pktlen); <a name="l00825"></a>00825 <span class="keywordflow">if</span> (<a class="code" href="legacy_8c.html#246a45153dfed9684d8dfad88efca367">domd5</a>(file, pkt, 0, NULL) <a name="l00826"></a>00826 || !<a class="code" href="group__header.html#ged20ae7d7819321a4fde398cc57f7a20">headerAddEntry</a>(sigh, sigTag, <a class="code" href="group__header.html#gg24690e18a34d56e178edf27b5cc97fed96437c1222f63450e6ab8d693447d1bd">RPM_BIN_TYPE</a>, pkt, pktlen)) <a name="l00827"></a>00827 <span class="keywordflow">break</span>; <a name="l00828"></a>00828 ret = 0; <a name="l00829"></a>00829 <span class="keywordflow">break</span>; <a name="l00830"></a>00830 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59bf5438c2d5c3e85d660be9588869ad7d">RPMSIGTAG_PGP5</a>: <span class="comment">/* XXX legacy */</span> <a name="l00831"></a>00831 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a>: <a name="l00832"></a>00832 <span class="keywordflow">if</span> (<a class="code" href="signature_8c.html#dfd0eb7c70e478dea185d46427998caa">makePGPSignature</a>(file, &sigTag, &pkt, &pktlen, passPhrase) <a name="l00833"></a>00833 || !<a class="code" href="group__header.html#ged20ae7d7819321a4fde398cc57f7a20">headerAddEntry</a>(sigh, sigTag, <a class="code" href="group__header.html#gg24690e18a34d56e178edf27b5cc97fed96437c1222f63450e6ab8d693447d1bd">RPM_BIN_TYPE</a>, pkt, pktlen)) <a name="l00834"></a>00834 <span class="keywordflow">break</span>; <a name="l00835"></a>00835 <span class="preprocessor">#ifdef NOTYET </span><span class="comment">/* XXX needs hdrmd5ctx, like hdrsha1ctx. */</span> <a name="l00836"></a>00836 <span class="comment">/* XXX Piggyback a header-only RSA signature as well. */</span> <a name="l00837"></a>00837 ret = <a class="code" href="signature_8c.html#16a02a82d6d5f5352ac14ce0179020c9">makeHDRSignature</a>(sigh, file, <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59d5ce205120582b92319e8e686b7e5886">RPMSIGTAG_RSA</a>, passPhrase); <a name="l00838"></a>00838 <span class="preprocessor">#endif</span> <a name="l00839"></a>00839 <span class="preprocessor"></span> ret = 0; <a name="l00840"></a>00840 <span class="keywordflow">break</span>; <a name="l00841"></a>00841 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590ed5d0c19de281d46d38e0210dc9faa7">RPMSIGTAG_GPG</a>: <a name="l00842"></a>00842 <span class="keywordflow">if</span> (<a class="code" href="signature_8c.html#7451f59ca3dc18595360aceda48001e6">makeGPGSignature</a>(file, &sigTag, &pkt, &pktlen, passPhrase) <a name="l00843"></a>00843 || !<a class="code" href="group__header.html#ged20ae7d7819321a4fde398cc57f7a20">headerAddEntry</a>(sigh, sigTag, <a class="code" href="group__header.html#gg24690e18a34d56e178edf27b5cc97fed96437c1222f63450e6ab8d693447d1bd">RPM_BIN_TYPE</a>, pkt, pktlen)) <a name="l00844"></a>00844 <span class="keywordflow">break</span>; <a name="l00845"></a>00845 <span class="comment">/* XXX Piggyback a header-only DSA signature as well. */</span> <a name="l00846"></a>00846 ret = <a class="code" href="signature_8c.html#16a02a82d6d5f5352ac14ce0179020c9">makeHDRSignature</a>(sigh, file, <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59b52ed4e5aa7d330de398f3e92334d828">RPMSIGTAG_DSA</a>, passPhrase); <a name="l00847"></a>00847 <span class="keywordflow">break</span>; <a name="l00848"></a>00848 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59d5ce205120582b92319e8e686b7e5886">RPMSIGTAG_RSA</a>: <a name="l00849"></a>00849 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59b52ed4e5aa7d330de398f3e92334d828">RPMSIGTAG_DSA</a>: <a name="l00850"></a>00850 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade591f0885c883cbf3c6a56b43378b2abb44">RPMSIGTAG_SHA1</a>: <a name="l00851"></a>00851 ret = <a class="code" href="signature_8c.html#16a02a82d6d5f5352ac14ce0179020c9">makeHDRSignature</a>(sigh, file, sigTag, passPhrase); <a name="l00852"></a>00852 <span class="keywordflow">break</span>; <a name="l00853"></a>00853 } <a name="l00854"></a>00854 <a name="l00855"></a>00855 <span class="keywordflow">return</span> ret; <a name="l00856"></a>00856 } <a name="l00857"></a>00857 <a name="l00858"></a><a class="code" href="signature_8c.html#51268aa2ff45e9fc02b740225e507230">00858</a> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="signature_8c.html#51268aa2ff45e9fc02b740225e507230">checkPassPhrase</a>(<span class="keyword">const</span> <span class="keywordtype">char</span> * passPhrase, <span class="keyword">const</span> <span class="keywordtype">int</span> sigTag) <a name="l00859"></a>00859 <span class="comment">/*@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @*/</span> <a name="l00860"></a>00860 <span class="comment">/*@modifies rpmGlobalMacroContext, fileSystem, internalState @*/</span> <a name="l00861"></a>00861 { <a name="l00862"></a>00862 <span class="keywordtype">int</span> passPhrasePipe[2]; <a name="l00863"></a>00863 <span class="keywordtype">int</span> pid, status; <a name="l00864"></a>00864 <span class="keywordtype">int</span> rc; <a name="l00865"></a>00865 <span class="keywordtype">int</span> xx; <a name="l00866"></a>00866 <a name="l00867"></a>00867 passPhrasePipe[0] = passPhrasePipe[1] = 0; <a name="l00868"></a>00868 <span class="comment">/*@-boundsread@*/</span> <a name="l00869"></a>00869 xx = pipe(passPhrasePipe); <a name="l00870"></a>00870 <span class="comment">/*@=boundsread@*/</span> <a name="l00871"></a>00871 <span class="keywordflow">if</span> (!(pid = fork())) { <a name="l00872"></a>00872 <span class="keyword">const</span> <span class="keywordtype">char</span> * cmd; <a name="l00873"></a>00873 <span class="keywordtype">char</span> *<span class="keyword">const</span> *av; <a name="l00874"></a>00874 <span class="keywordtype">int</span> fdno; <a name="l00875"></a>00875 <a name="l00876"></a>00876 xx = close(STDIN_FILENO); <a name="l00877"></a>00877 xx = close(STDOUT_FILENO); <a name="l00878"></a>00878 xx = close(passPhrasePipe[1]); <a name="l00879"></a>00879 <span class="keywordflow">if</span> (! <a class="code" href="rpmmessages_8h.html#16d38257a060a06fe95122f8fa5bf4e8">rpmIsVerbose</a>()) <a name="l00880"></a>00880 xx = close(STDERR_FILENO); <a name="l00881"></a>00881 <span class="keywordflow">if</span> ((fdno = open(<span class="stringliteral">"/dev/null"</span>, O_RDONLY)) != STDIN_FILENO) { <a name="l00882"></a>00882 xx = dup2(fdno, STDIN_FILENO); <a name="l00883"></a>00883 xx = close(fdno); <a name="l00884"></a>00884 } <a name="l00885"></a>00885 <span class="keywordflow">if</span> ((fdno = open(<span class="stringliteral">"/dev/null"</span>, O_WRONLY)) != STDOUT_FILENO) { <a name="l00886"></a>00886 xx = dup2(fdno, STDOUT_FILENO); <a name="l00887"></a>00887 xx = close(fdno); <a name="l00888"></a>00888 } <a name="l00889"></a>00889 xx = dup2(passPhrasePipe[0], 3); <a name="l00890"></a>00890 <a name="l00891"></a>00891 <a class="code" href="system_8h.html#8c996258959222a38a0d4c35d8e22105">unsetenv</a>(<span class="stringliteral">"MALLOC_CHECK_"</span>); <a name="l00892"></a>00892 <span class="keywordflow">switch</span> (sigTag) { <a name="l00893"></a>00893 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59b52ed4e5aa7d330de398f3e92334d828">RPMSIGTAG_DSA</a>: <a name="l00894"></a>00894 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590ed5d0c19de281d46d38e0210dc9faa7">RPMSIGTAG_GPG</a>: <a name="l00895"></a>00895 { <span class="keyword">const</span> <span class="keywordtype">char</span> *gpg_path = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?_gpg_path}"</span>, NULL); <a name="l00896"></a>00896 <a name="l00897"></a>00897 <span class="comment">/*@-boundsread@*/</span> <a name="l00898"></a>00898 <span class="keywordflow">if</span> (gpg_path && *gpg_path != <span class="charliteral">'\0'</span>) <a name="l00899"></a>00899 (void) <a class="code" href="lib_2misc_8c.html#c785dc44bfdfa399cb5e75beaffa7220">dosetenv</a>(<span class="stringliteral">"GNUPGHOME"</span>, gpg_path, 1); <a name="l00900"></a>00900 <span class="comment">/*@=boundsread@*/</span> <a name="l00901"></a>00901 <a name="l00902"></a>00902 cmd = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?__gpg_check_password_cmd}"</span>, NULL); <a name="l00903"></a>00903 rc = <a class="code" href="group__popt.html#gabb6e8c769648273171f3f3ec9c0e471">poptParseArgvString</a>(cmd, NULL, (<span class="keyword">const</span> <span class="keywordtype">char</span> ***)&av); <a name="l00904"></a>00904 <span class="comment">/*@-boundsread@*/</span> <a name="l00905"></a>00905 <span class="keywordflow">if</span> (!rc) <a name="l00906"></a>00906 rc = execve(av[0], av+1, <a class="code" href="signature_8c.html#a006daaf11f1e2e45a6ababaf463212b">environ</a>); <a name="l00907"></a>00907 <span class="comment">/*@=boundsread@*/</span> <a name="l00908"></a>00908 <a name="l00909"></a>00909 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b0482feba1e22d097402ab9f8bafa5e8e">RPMERR_EXEC</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Could not exec %s: %s\n"</span>), <span class="stringliteral">"gpg"</span>, <a name="l00910"></a>00910 <a class="code" href="file_8h.html#b6b553574f85ce7727cf5b9a1b638293">strerror</a>(<a class="code" href="system_8h.html#d65a8842cc674e3ddf69355898c0ecbf">errno</a>)); <a name="l00911"></a>00911 } <span class="comment">/*@notreached@*/</span> <span class="keywordflow">break</span>; <a name="l00912"></a>00912 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59d5ce205120582b92319e8e686b7e5886">RPMSIGTAG_RSA</a>: <a name="l00913"></a>00913 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59bf5438c2d5c3e85d660be9588869ad7d">RPMSIGTAG_PGP5</a>: <span class="comment">/* XXX legacy */</span> <a name="l00914"></a>00914 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a>: <a name="l00915"></a>00915 { <span class="keyword">const</span> <span class="keywordtype">char</span> *pgp_path = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?_pgp_path}"</span>, NULL); <a name="l00916"></a>00916 <span class="keyword">const</span> <span class="keywordtype">char</span> *path; <a name="l00917"></a>00917 <a class="code" href="group__signature.html#ge1789e90ac0546a99a17e2c63567798c">pgpVersion</a> pgpVer; <a name="l00918"></a>00918 <a name="l00919"></a>00919 (void) <a class="code" href="lib_2misc_8c.html#c785dc44bfdfa399cb5e75beaffa7220">dosetenv</a>(<span class="stringliteral">"PGPPASSFD"</span>, <span class="stringliteral">"3"</span>, 1); <a name="l00920"></a>00920 <span class="comment">/*@-boundsread@*/</span> <a name="l00921"></a>00921 <span class="keywordflow">if</span> (pgp_path && *pgp_path != <span class="charliteral">'\0'</span>) <a name="l00922"></a>00922 xx = <a class="code" href="lib_2misc_8c.html#c785dc44bfdfa399cb5e75beaffa7220">dosetenv</a>(<span class="stringliteral">"PGPPATH"</span>, pgp_path, 1); <a name="l00923"></a>00923 <span class="comment">/*@=boundsread@*/</span> <a name="l00924"></a>00924 <a name="l00925"></a>00925 <span class="keywordflow">if</span> ((path = <a class="code" href="group__signature.html#gfb3f904eeef3bf7f947114df3dfda939">rpmDetectPGPVersion</a>(&pgpVer)) != NULL) { <a name="l00926"></a>00926 <span class="keywordflow">switch</span>(pgpVer) { <a name="l00927"></a>00927 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf9541f784d0a4dd74e20fa71788f20a0638">PGP_2</a>: <a name="l00928"></a>00928 cmd = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?__pgp_check_password_cmd}"</span>, NULL); <a name="l00929"></a>00929 rc = <a class="code" href="group__popt.html#gabb6e8c769648273171f3f3ec9c0e471">poptParseArgvString</a>(cmd, NULL, (<span class="keyword">const</span> <span class="keywordtype">char</span> ***)&av); <a name="l00930"></a>00930 <span class="comment">/*@-boundsread@*/</span> <a name="l00931"></a>00931 <span class="keywordflow">if</span> (!rc) <a name="l00932"></a>00932 rc = execve(av[0], av+1, <a class="code" href="signature_8c.html#a006daaf11f1e2e45a6ababaf463212b">environ</a>); <a name="l00933"></a>00933 <span class="comment">/*@=boundsread@*/</span> <a name="l00934"></a>00934 <span class="comment">/*@innerbreak@*/</span> <span class="keywordflow">break</span>; <a name="l00935"></a>00935 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf95fd31bb850e17d4ea70203167a75ac5b4">PGP_5</a>: <span class="comment">/* XXX legacy */</span> <a name="l00936"></a>00936 cmd = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?__pgp5_check_password_cmd}"</span>, NULL); <a name="l00937"></a>00937 rc = <a class="code" href="group__popt.html#gabb6e8c769648273171f3f3ec9c0e471">poptParseArgvString</a>(cmd, NULL, (<span class="keyword">const</span> <span class="keywordtype">char</span> ***)&av); <a name="l00938"></a>00938 <span class="comment">/*@-boundsread@*/</span> <a name="l00939"></a>00939 <span class="keywordflow">if</span> (!rc) <a name="l00940"></a>00940 rc = execve(av[0], av+1, <a class="code" href="signature_8c.html#a006daaf11f1e2e45a6ababaf463212b">environ</a>); <a name="l00941"></a>00941 <span class="comment">/*@=boundsread@*/</span> <a name="l00942"></a>00942 <span class="comment">/*@innerbreak@*/</span> <span class="keywordflow">break</span>; <a name="l00943"></a>00943 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf95ab5d2b5e12a46791008961354900524d">PGP_UNKNOWN</a>: <a name="l00944"></a>00944 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg1d966dd5b3912fd9ad31dcbc2d18bf952606afd97b623ff43251e020fedd0ed2">PGP_NOTDETECTED</a>: <a name="l00945"></a>00945 <span class="comment">/*@innerbreak@*/</span> <span class="keywordflow">break</span>; <a name="l00946"></a>00946 } <a name="l00947"></a>00947 } <a name="l00948"></a>00948 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b0482feba1e22d097402ab9f8bafa5e8e">RPMERR_EXEC</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Could not exec %s: %s\n"</span>), <span class="stringliteral">"pgp"</span>, <a name="l00949"></a>00949 <a class="code" href="file_8h.html#b6b553574f85ce7727cf5b9a1b638293">strerror</a>(<a class="code" href="system_8h.html#d65a8842cc674e3ddf69355898c0ecbf">errno</a>)); <a name="l00950"></a>00950 _exit(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b0482feba1e22d097402ab9f8bafa5e8e">RPMERR_EXEC</a>); <a name="l00951"></a>00951 } <span class="comment">/*@notreached@*/</span> <span class="keywordflow">break</span>; <a name="l00952"></a>00952 <span class="keywordflow">default</span>: <span class="comment">/* This case should have been screened out long ago. */</span> <a name="l00953"></a>00953 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Invalid %%_signature spec in macro file\n"</span>)); <a name="l00954"></a>00954 _exit(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>); <a name="l00955"></a>00955 <span class="comment">/*@notreached@*/</span> <span class="keywordflow">break</span>; <a name="l00956"></a>00956 } <a name="l00957"></a>00957 } <a name="l00958"></a>00958 <a name="l00959"></a>00959 xx = close(passPhrasePipe[0]); <a name="l00960"></a>00960 xx = write(passPhrasePipe[1], passPhrase, strlen(passPhrase)); <a name="l00961"></a>00961 xx = write(passPhrasePipe[1], <span class="stringliteral">"\n"</span>, 1); <a name="l00962"></a>00962 xx = close(passPhrasePipe[1]); <a name="l00963"></a>00963 <a name="l00964"></a>00964 (void) waitpid(pid, &status, 0); <a name="l00965"></a>00965 <a name="l00966"></a>00966 <span class="keywordflow">return</span> ((!WIFEXITED(status) || WEXITSTATUS(status)) ? 1 : 0); <a name="l00967"></a>00967 } <a name="l00968"></a>00968 <a name="l00969"></a><a class="code" href="group__signature.html#g1c54fff472c95990f2d4038782c33621">00969</a> <span class="keywordtype">char</span> * <a class="code" href="group__signature.html#g1c54fff472c95990f2d4038782c33621">rpmGetPassPhrase</a>(<span class="keyword">const</span> <span class="keywordtype">char</span> * prompt, <span class="keyword">const</span> <span class="keywordtype">int</span> sigTag) <a name="l00970"></a>00970 { <a name="l00971"></a>00971 <span class="keywordtype">char</span> *pass = NULL; <a name="l00972"></a>00972 <span class="keywordtype">int</span> aok = 0; <a name="l00973"></a>00973 <a name="l00974"></a>00974 <span class="keywordflow">switch</span> (sigTag) { <a name="l00975"></a>00975 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59b52ed4e5aa7d330de398f3e92334d828">RPMSIGTAG_DSA</a>: <a name="l00976"></a>00976 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590ed5d0c19de281d46d38e0210dc9faa7">RPMSIGTAG_GPG</a>: <a name="l00977"></a>00977 <span class="comment">/*@-boundsread@*/</span> <a name="l00978"></a>00978 { <span class="keyword">const</span> <span class="keywordtype">char</span> *<a class="code" href="structname.html">name</a> = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?_gpg_name}"</span>, NULL); <a name="l00979"></a>00979 aok = (name && *name != <span class="charliteral">'\0'</span>); <a name="l00980"></a>00980 name = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(name); <a name="l00981"></a>00981 } <a name="l00982"></a>00982 <span class="comment">/*@=boundsread@*/</span> <a name="l00983"></a>00983 <span class="keywordflow">if</span> (aok) <a name="l00984"></a>00984 <span class="keywordflow">break</span>; <a name="l00985"></a>00985 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a name="l00986"></a>00986 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"You must set \"%%_gpg_name\" in your macro file\n"</span>)); <a name="l00987"></a>00987 <span class="keywordflow">break</span>; <a name="l00988"></a>00988 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59d5ce205120582b92319e8e686b7e5886">RPMSIGTAG_RSA</a>: <a name="l00989"></a>00989 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59bf5438c2d5c3e85d660be9588869ad7d">RPMSIGTAG_PGP5</a>: <span class="comment">/* XXX legacy */</span> <a name="l00990"></a>00990 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a>: <a name="l00991"></a>00991 <span class="comment">/*@-boundsread@*/</span> <a name="l00992"></a>00992 { <span class="keyword">const</span> <span class="keywordtype">char</span> *<a class="code" href="structname.html">name</a> = <a class="code" href="macro_8c.html#5d9a83318fc250d1fad8096c811754d4">rpmExpand</a>(<span class="stringliteral">"%{?_pgp_name}"</span>, NULL); <a name="l00993"></a>00993 aok = (name && *name != <span class="charliteral">'\0'</span>); <a name="l00994"></a>00994 name = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(name); <a name="l00995"></a>00995 } <a name="l00996"></a>00996 <span class="comment">/*@=boundsread@*/</span> <a name="l00997"></a>00997 <span class="keywordflow">if</span> (aok) <a name="l00998"></a>00998 <span class="keywordflow">break</span>; <a name="l00999"></a>00999 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a name="l01000"></a>01000 <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"You must set \"%%_pgp_name\" in your macro file\n"</span>)); <a name="l01001"></a>01001 <span class="keywordflow">break</span>; <a name="l01002"></a>01002 <span class="keywordflow">default</span>: <a name="l01003"></a>01003 <span class="comment">/* Currently the calling function (rpm.c:main) is checking this and</span> <a name="l01004"></a>01004 <span class="comment"> * doing a better job. This section should never be accessed.</span> <a name="l01005"></a>01005 <span class="comment"> */</span> <a name="l01006"></a>01006 <a class="code" href="rpmerr_8h.html#29f3f082b0cd6acdcc70a31cbd613e1a">rpmError</a>(<a class="code" href="rpmerr_8h.html#d00dd16161260fe872fdf140cd8af55b1938a5929132f68f71c7fd763290027d">RPMERR_SIGGEN</a>, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Invalid %%_signature spec in macro file\n"</span>)); <a name="l01007"></a>01007 <span class="keywordflow">break</span>; <a name="l01008"></a>01008 } <a name="l01009"></a>01009 <a name="l01010"></a>01010 <span class="keywordflow">if</span> (aok) { <a name="l01011"></a>01011 <span class="comment">/*@-moduncon -nullpass -unrecog @*/</span> <a name="l01012"></a>01012 pass = getpass( (prompt ? prompt : <span class="stringliteral">""</span>) ); <a name="l01013"></a>01013 <span class="comment">/*@=moduncon =nullpass =unrecog @*/</span> <a name="l01014"></a>01014 <a name="l01015"></a>01015 <span class="keywordflow">if</span> (<a class="code" href="signature_8c.html#51268aa2ff45e9fc02b740225e507230">checkPassPhrase</a>(pass, sigTag)) <a name="l01016"></a>01016 pass = NULL; <a name="l01017"></a>01017 } <a name="l01018"></a>01018 <a name="l01019"></a>01019 <span class="keywordflow">return</span> pass; <a name="l01020"></a>01020 } <a name="l01021"></a>01021 <a name="l01022"></a><a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">01022</a> <span class="keyword">static</span> <span class="comment">/*@observer@*/</span> <span class="keyword">const</span> <span class="keywordtype">char</span> * <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(<a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> res) <a name="l01023"></a>01023 <span class="comment">/*@*/</span> <a name="l01024"></a>01024 { <a name="l01025"></a>01025 <span class="keyword">const</span> <span class="keywordtype">char</span> * str; <a name="l01026"></a>01026 <span class="keywordflow">switch</span> (res) { <a name="l01027"></a>01027 <span class="keywordflow">case</span> <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>: str = <span class="stringliteral">"OK"</span>; <span class="keywordflow">break</span>; <a name="l01028"></a>01028 <span class="keywordflow">case</span> <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>: str = <span class="stringliteral">"BAD"</span>; <span class="keywordflow">break</span>; <a name="l01029"></a>01029 <span class="keywordflow">case</span> <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>: str = <span class="stringliteral">"NOKEY"</span>; <span class="keywordflow">break</span>; <a name="l01030"></a>01030 <span class="keywordflow">case</span> <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e80157ae69ad74eaa789264ec507d0f9e2c6">RPMRC_NOTTRUSTED</a>: str = <span class="stringliteral">"NOTRUSTED"</span>; <span class="keywordflow">break</span>; <a name="l01031"></a>01031 <span class="keywordflow">default</span>: <a name="l01032"></a>01032 <span class="keywordflow">case</span> <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e80163a651497a21974d2993a25d9b60208d">RPMRC_NOTFOUND</a>: str = <span class="stringliteral">"UNKNOWN"</span>; <span class="keywordflow">break</span>; <a name="l01033"></a>01033 } <a name="l01034"></a>01034 <span class="keywordflow">return</span> str; <a name="l01035"></a>01035 } <a name="l01036"></a>01036 <a name="l01037"></a>01037 <span class="comment">/*@-boundswrite@*/</span> <a name="l01038"></a>01038 <span class="keyword">static</span> <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> <a name="l01039"></a><a class="code" href="signature_8c.html#fd2b5b7efe970997aeb1a7a439c8f73f">01039</a> <a class="code" href="signature_8c.html#fd2b5b7efe970997aeb1a7a439c8f73f">verifySizeSignature</a>(<span class="keyword">const</span> <a class="code" href="rpmlib_8h.html#1a512138316a227059ca128597dbd464">rpmts</a> ts, <span class="comment">/*@out@*/</span> <span class="keywordtype">char</span> * t) <a name="l01040"></a>01040 <span class="comment">/*@modifies *t @*/</span> <a name="l01041"></a>01041 { <a name="l01042"></a>01042 <span class="keyword">const</span> <span class="keywordtype">void</span> * sig = <a class="code" href="group__rpmts.html#gcba74560f97f228aa1ccce1b9fbfb99c">rpmtsSig</a>(ts); <a name="l01043"></a>01043 <a class="code" href="structpgpDig__s.html">pgpDig</a> dig = <a class="code" href="group__rpmts.html#g2bbb2abf2e5879cc00dd60b106d38d4a">rpmtsDig</a>(ts); <a name="l01044"></a>01044 <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> res; <a name="l01045"></a>01045 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> size = 0x7fffffff; <a name="l01046"></a>01046 <a name="l01047"></a>01047 *t = <span class="charliteral">'\0'</span>; <a name="l01048"></a>01048 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Header+Payload size: "</span>)); <a name="l01049"></a>01049 <a name="l01050"></a>01050 <span class="keywordflow">if</span> (sig == NULL || dig == NULL || dig-><a class="code" href="structpgpDig__s.html#477c62388c8c4033391b464cce80e7ab">nbytes</a> == 0) { <a name="l01051"></a>01051 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01052"></a>01052 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01053"></a>01053 <span class="keywordflow">goto</span> exit; <a name="l01054"></a>01054 } <a name="l01055"></a>01055 <a name="l01056"></a>01056 memcpy(&size, sig, <span class="keyword">sizeof</span>(size)); <a name="l01057"></a>01057 <a name="l01058"></a>01058 <span class="keywordflow">if</span> (size != dig-><a class="code" href="structpgpDig__s.html#477c62388c8c4033391b464cce80e7ab">nbytes</a>) { <a name="l01059"></a>01059 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <a name="l01060"></a>01060 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01061"></a>01061 sprintf(t, <span class="stringliteral">" Expected(%d) != (%d)\n"</span>, (<span class="keywordtype">int</span>)size, (<span class="keywordtype">int</span>)dig-><a class="code" href="structpgpDig__s.html#477c62388c8c4033391b464cce80e7ab">nbytes</a>); <a name="l01062"></a>01062 } <span class="keywordflow">else</span> { <a name="l01063"></a>01063 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>; <a name="l01064"></a>01064 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01065"></a>01065 sprintf(t, <span class="stringliteral">" (%d)"</span>, (<span class="keywordtype">int</span>)dig-><a class="code" href="structpgpDig__s.html#477c62388c8c4033391b464cce80e7ab">nbytes</a>); <a name="l01066"></a>01066 } <a name="l01067"></a>01067 <a name="l01068"></a>01068 exit: <a name="l01069"></a>01069 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">"\n"</span>); <a name="l01070"></a>01070 <span class="keywordflow">return</span> res; <a name="l01071"></a>01071 } <a name="l01072"></a>01072 <span class="comment">/*@=boundswrite@*/</span> <a name="l01073"></a>01073 <a name="l01074"></a>01074 <span class="comment">/*@-boundswrite@*/</span> <a name="l01075"></a>01075 <span class="keyword">static</span> <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> <a name="l01076"></a><a class="code" href="signature_8c.html#a10497faa43c94377a14fe5a07622e38">01076</a> <a class="code" href="signature_8c.html#a10497faa43c94377a14fe5a07622e38">verifyMD5Signature</a>(<span class="keyword">const</span> <a class="code" href="rpmlib_8h.html#1a512138316a227059ca128597dbd464">rpmts</a> ts, <span class="comment">/*@out@*/</span> <span class="keywordtype">char</span> * t, <a name="l01077"></a>01077 <span class="comment">/*@null@*/</span> <a class="code" href="structDIGEST__CTX__s.html">DIGEST_CTX</a> md5ctx) <a name="l01078"></a>01078 <span class="comment">/*@globals internalState @*/</span> <a name="l01079"></a>01079 <span class="comment">/*@modifies *t, internalState @*/</span> <a name="l01080"></a>01080 { <a name="l01081"></a>01081 <span class="keyword">const</span> <span class="keywordtype">void</span> * sig = <a class="code" href="group__rpmts.html#gcba74560f97f228aa1ccce1b9fbfb99c">rpmtsSig</a>(ts); <a name="l01082"></a>01082 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> siglen = <a class="code" href="group__rpmts.html#gb50941e69189d188a9ba7055a1a5314a">rpmtsSiglen</a>(ts); <a name="l01083"></a>01083 <a class="code" href="structpgpDig__s.html">pgpDig</a> dig = <a class="code" href="group__rpmts.html#g2bbb2abf2e5879cc00dd60b106d38d4a">rpmtsDig</a>(ts); <a name="l01084"></a>01084 <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> res; <a name="l01085"></a>01085 <a class="code" href="rpmpgp_8h.html#0c8186d9b9b7880309c27230bbb5e69d">byte</a> * md5sum = NULL; <a name="l01086"></a>01086 size_t md5len = 0; <a name="l01087"></a>01087 <a name="l01088"></a>01088 *t = <span class="charliteral">'\0'</span>; <a name="l01089"></a>01089 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"MD5 digest: "</span>)); <a name="l01090"></a>01090 <a name="l01091"></a>01091 <span class="keywordflow">if</span> (md5ctx == NULL || sig == NULL || dig == NULL) { <a name="l01092"></a>01092 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01093"></a>01093 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01094"></a>01094 <span class="keywordflow">goto</span> exit; <a name="l01095"></a>01095 } <a name="l01096"></a>01096 <a name="l01097"></a>01097 (void) <a class="code" href="group__rpmio.html#g7f69caae88f9572093fc8b0adf8ecf65">rpmswEnter</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>), 0); <a name="l01098"></a>01098 (void) <a class="code" href="group__rpmio.html#g54e20bdf025588cd2f2bb640b7978de9">rpmDigestFinal</a>(<a class="code" href="group__rpmio.html#g85489559128fb8811f8d13177151d35c">rpmDigestDup</a>(md5ctx), <a name="l01099"></a>01099 (<span class="keywordtype">void</span> **)&md5sum, &md5len, 0); <a name="l01100"></a>01100 (void) <a class="code" href="group__rpmio.html#g59c7d4152875cee4e893b5a27ce6b02a">rpmswExit</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>), 0); <a name="l01101"></a>01101 <a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>)-><a class="code" href="structrpmop__s.html#9634b69532968bc33f29d42025fce0ea">count</a>--; <span class="comment">/* XXX one too many */</span> <a name="l01102"></a>01102 <a name="l01103"></a>01103 <span class="keywordflow">if</span> (md5len != siglen || memcmp(md5sum, sig, md5len)) { <a name="l01104"></a>01104 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <a name="l01105"></a>01105 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01106"></a>01106 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" Expected("</span>); <a name="l01107"></a>01107 (void) <a class="code" href="rpmpgp_8h.html#05e38dcc026946bdd09e9f8e114da62f">pgpHexCvt</a>(t, sig, siglen); <a name="l01108"></a>01108 t += strlen(t); <a name="l01109"></a>01109 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">") != ("</span>); <a name="l01110"></a>01110 } <span class="keywordflow">else</span> { <a name="l01111"></a>01111 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>; <a name="l01112"></a>01112 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01113"></a>01113 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" ("</span>); <a name="l01114"></a>01114 } <a name="l01115"></a>01115 (void) <a class="code" href="rpmpgp_8h.html#05e38dcc026946bdd09e9f8e114da62f">pgpHexCvt</a>(t, md5sum, md5len); <a name="l01116"></a>01116 t += strlen(t); <a name="l01117"></a>01117 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">")"</span>); <a name="l01118"></a>01118 <a name="l01119"></a>01119 exit: <a name="l01120"></a>01120 md5sum = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(md5sum); <a name="l01121"></a>01121 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">"\n"</span>); <a name="l01122"></a>01122 <span class="keywordflow">return</span> res; <a name="l01123"></a>01123 } <a name="l01124"></a>01124 <span class="comment">/*@=boundswrite@*/</span> <a name="l01125"></a>01125 <a name="l01126"></a>01126 <span class="comment">/*@-boundswrite@*/</span> <a name="l01134"></a>01134 <span class="keyword">static</span> <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> <a name="l01135"></a><a class="code" href="signature_8c.html#703e1c6b7fcdbcfaf8ddd44932725beb">01135</a> <a class="code" href="signature_8c.html#703e1c6b7fcdbcfaf8ddd44932725beb">verifySHA1Signature</a>(<span class="keyword">const</span> <a class="code" href="rpmlib_8h.html#1a512138316a227059ca128597dbd464">rpmts</a> ts, <span class="comment">/*@out@*/</span> <span class="keywordtype">char</span> * t, <a name="l01136"></a>01136 <span class="comment">/*@null@*/</span> <a class="code" href="structDIGEST__CTX__s.html">DIGEST_CTX</a> sha1ctx) <a name="l01137"></a>01137 <span class="comment">/*@globals internalState @*/</span> <a name="l01138"></a>01138 <span class="comment">/*@modifies *t, internalState @*/</span> <a name="l01139"></a>01139 { <a name="l01140"></a>01140 <span class="keyword">const</span> <span class="keywordtype">void</span> * sig = <a class="code" href="group__rpmts.html#gcba74560f97f228aa1ccce1b9fbfb99c">rpmtsSig</a>(ts); <a name="l01141"></a>01141 <span class="preprocessor">#ifdef NOTYET</span> <a name="l01142"></a>01142 <span class="preprocessor"></span> <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> siglen = <a class="code" href="group__rpmts.html#gb50941e69189d188a9ba7055a1a5314a">rpmtsSiglen</a>(ts); <a name="l01143"></a>01143 <span class="preprocessor">#endif</span> <a name="l01144"></a>01144 <span class="preprocessor"></span> <a class="code" href="structpgpDig__s.html">pgpDig</a> dig = <a class="code" href="group__rpmts.html#g2bbb2abf2e5879cc00dd60b106d38d4a">rpmtsDig</a>(ts); <a name="l01145"></a>01145 <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> res; <a name="l01146"></a>01146 <span class="keyword">const</span> <span class="keywordtype">char</span> * SHA1 = NULL; <a name="l01147"></a>01147 <a name="l01148"></a>01148 *t = <span class="charliteral">'\0'</span>; <a name="l01149"></a>01149 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Header SHA1 digest: "</span>)); <a name="l01150"></a>01150 <a name="l01151"></a>01151 <span class="keywordflow">if</span> (sha1ctx == NULL || sig == NULL || dig == NULL) { <a name="l01152"></a>01152 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01153"></a>01153 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01154"></a>01154 <span class="keywordflow">goto</span> exit; <a name="l01155"></a>01155 } <a name="l01156"></a>01156 <a name="l01157"></a>01157 (void) <a class="code" href="group__rpmio.html#g7f69caae88f9572093fc8b0adf8ecf65">rpmswEnter</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>), 0); <a name="l01158"></a>01158 (void) <a class="code" href="group__rpmio.html#g54e20bdf025588cd2f2bb640b7978de9">rpmDigestFinal</a>(<a class="code" href="group__rpmio.html#g85489559128fb8811f8d13177151d35c">rpmDigestDup</a>(sha1ctx), <a name="l01159"></a>01159 (<span class="keywordtype">void</span> **)&SHA1, NULL, 1); <a name="l01160"></a>01160 (void) <a class="code" href="group__rpmio.html#g59c7d4152875cee4e893b5a27ce6b02a">rpmswExit</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>), 0); <a name="l01161"></a>01161 <a name="l01162"></a>01162 <span class="keywordflow">if</span> (SHA1 == NULL || strlen(SHA1) != strlen(sig) || strcmp(SHA1, sig)) { <a name="l01163"></a>01163 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <a name="l01164"></a>01164 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01165"></a>01165 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" Expected("</span>); <a name="l01166"></a>01166 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, sig); <a name="l01167"></a>01167 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">") != ("</span>); <a name="l01168"></a>01168 } <span class="keywordflow">else</span> { <a name="l01169"></a>01169 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>; <a name="l01170"></a>01170 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01171"></a>01171 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" ("</span>); <a name="l01172"></a>01172 } <a name="l01173"></a>01173 <span class="keywordflow">if</span> (SHA1) <a name="l01174"></a>01174 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, SHA1); <a name="l01175"></a>01175 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">")"</span>); <a name="l01176"></a>01176 <a name="l01177"></a>01177 exit: <a name="l01178"></a>01178 SHA1 = <a class="code" href="rpmlib_8h.html#2574a8c557fe9a6754ff3b3656943f23">_free</a>(SHA1); <a name="l01179"></a>01179 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">"\n"</span>); <a name="l01180"></a>01180 <span class="keywordflow">return</span> res; <a name="l01181"></a>01181 } <a name="l01182"></a>01182 <span class="comment">/*@=boundswrite@*/</span> <a name="l01183"></a>01183 <a name="l01189"></a><a class="code" href="signature_8c.html#4372d5b963f64b00a84fb6f4be898dbd">01189</a> <span class="keyword">static</span> <span class="keyword">inline</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> <a class="code" href="query_8c.html#4372d5b963f64b00a84fb6f4be898dbd">nibble</a>(<span class="keywordtype">char</span> c) <a name="l01190"></a>01190 <span class="comment">/*@*/</span> <a name="l01191"></a>01191 { <a name="l01192"></a>01192 <span class="keywordflow">if</span> (c >= <span class="charliteral">'0'</span> && c <= <span class="charliteral">'9'</span>) <a name="l01193"></a>01193 <span class="keywordflow">return</span> (c - <span class="charliteral">'0'</span>); <a name="l01194"></a>01194 <span class="keywordflow">if</span> (c >= <span class="charliteral">'A'</span> && c <= <span class="charliteral">'F'</span>) <a name="l01195"></a>01195 <span class="keywordflow">return</span> (c - <span class="charliteral">'A'</span>) + 10; <a name="l01196"></a>01196 <span class="keywordflow">if</span> (c >= <span class="charliteral">'a'</span> && c <= <span class="charliteral">'f'</span>) <a name="l01197"></a>01197 <span class="keywordflow">return</span> (c - <span class="charliteral">'a'</span>) + 10; <a name="l01198"></a>01198 <span class="keywordflow">return</span> 0; <a name="l01199"></a>01199 } <a name="l01200"></a>01200 <a name="l01201"></a>01201 <span class="comment">/*@-boundswrite@*/</span> <a name="l01209"></a>01209 <span class="keyword">static</span> <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> <a name="l01210"></a><a class="code" href="signature_8c.html#e2acebafa2174d98238a46bf030fdb86">01210</a> <a class="code" href="signature_8c.html#e2acebafa2174d98238a46bf030fdb86">verifyRSASignature</a>(<a class="code" href="rpmlib_8h.html#1a512138316a227059ca128597dbd464">rpmts</a> ts, <span class="comment">/*@out@*/</span> <span class="keywordtype">char</span> * t, <a name="l01211"></a>01211 <span class="comment">/*@null@*/</span> <a class="code" href="structDIGEST__CTX__s.html">DIGEST_CTX</a> md5ctx) <a name="l01212"></a>01212 <span class="comment">/*@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @*/</span> <a name="l01213"></a>01213 <span class="comment">/*@modifies ts, *t, rpmGlobalMacroContext, fileSystem, internalState */</span> <a name="l01214"></a>01214 { <a name="l01215"></a>01215 <span class="keyword">const</span> <span class="keywordtype">void</span> * sig = <a class="code" href="group__rpmts.html#gcba74560f97f228aa1ccce1b9fbfb99c">rpmtsSig</a>(ts); <a name="l01216"></a>01216 <span class="preprocessor">#ifdef NOTYET</span> <a name="l01217"></a>01217 <span class="preprocessor"></span> <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> siglen = <a class="code" href="group__rpmts.html#gb50941e69189d188a9ba7055a1a5314a">rpmtsSiglen</a>(ts); <a name="l01218"></a>01218 <span class="preprocessor">#endif</span> <a name="l01219"></a>01219 <span class="preprocessor"></span> <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> sigtag = <a class="code" href="group__rpmts.html#ge4ec35553665073cbf54c91e6309a21b">rpmtsSigtag</a>(ts); <a name="l01220"></a>01220 <a class="code" href="structpgpDig__s.html">pgpDig</a> dig = <a class="code" href="group__rpmts.html#g2bbb2abf2e5879cc00dd60b106d38d4a">rpmtsDig</a>(ts); <a name="l01221"></a>01221 <a class="code" href="structpgpDigParams__s.html">pgpDigParams</a> sigp = <a class="code" href="group__rpmts.html#g29435d12759f96b389ca1b87ee754ab9">rpmtsSignature</a>(ts); <a name="l01222"></a>01222 SECOidTag sigalg; <a name="l01223"></a>01223 <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>; <a name="l01224"></a>01224 <span class="keywordtype">int</span> xx; <a name="l01225"></a>01225 SECItem digest; <a name="l01226"></a>01226 <a name="l01227"></a>01227 *t = <span class="charliteral">'\0'</span>; <a name="l01228"></a>01228 <span class="keywordflow">if</span> (dig != NULL && dig-><a class="code" href="structpgpDig__s.html#38aebd646b5be4c6ccab406d7789e429">hdrmd5ctx</a> == md5ctx) <a name="l01229"></a>01229 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Header "</span>)); <a name="l01230"></a>01230 *t++ = <span class="charliteral">'V'</span>; <a name="l01231"></a>01231 <span class="keywordflow">switch</span> (sigp-><a class="code" href="structpgpDigParams__s.html#9e27897366b81022dea600c4dbc69fd1">version</a>) { <a name="l01232"></a>01232 <span class="keywordflow">case</span> 3: *t++ = <span class="charliteral">'3'</span>; <span class="keywordflow">break</span>; <a name="l01233"></a>01233 <span class="keywordflow">case</span> 4: *t++ = <span class="charliteral">'4'</span>; <span class="keywordflow">break</span>; <a name="l01234"></a>01234 } <a name="l01235"></a>01235 <a name="l01236"></a>01236 <span class="keywordflow">if</span> (md5ctx == NULL || sig == NULL || dig == NULL || sigp == NULL) { <a name="l01237"></a>01237 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01238"></a>01238 } <a name="l01239"></a>01239 <a name="l01240"></a>01240 <span class="comment">/* Verify the desired signature match. */</span> <a name="l01241"></a>01241 <span class="keywordflow">switch</span> (sigp-><a class="code" href="structpgpDigParams__s.html#91db52d3177e0980b2feb221f8437cae">pubkey_algo</a>) { <a name="l01242"></a>01242 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#40b051ecf9ec18b011f737b2244cd03891f7b078af891e97ae8616c86bddedce">PGPPUBKEYALGO_RSA</a>: <a name="l01243"></a>01243 <span class="keywordflow">if</span> (sigtag == <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a> || sigtag == <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59bf5438c2d5c3e85d660be9588869ad7d">RPMSIGTAG_PGP5</a> || sigtag == <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59d5ce205120582b92319e8e686b7e5886">RPMSIGTAG_RSA</a>) <a name="l01244"></a>01244 <span class="keywordflow">break</span>; <a name="l01245"></a>01245 <span class="comment">/*@fallthrough@*/</span> <a name="l01246"></a>01246 <span class="keywordflow">default</span>: <a name="l01247"></a>01247 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01248"></a>01248 <span class="keywordflow">break</span>; <a name="l01249"></a>01249 } <a name="l01250"></a>01250 <a name="l01251"></a>01251 <span class="comment">/* Verify the desired hash match. */</span> <a name="l01252"></a>01252 <span class="comment">/* XXX Values from PKCS#1 v2.1 (aka RFC-3447) */</span> <a name="l01253"></a>01253 <span class="keywordflow">switch</span> (sigp-><a class="code" href="structpgpDigParams__s.html#845361657400bd6ae9c792664bc43569">hash_algo</a>) { <a name="l01254"></a>01254 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54ed06371dade65fdf985086d1461218820">PGPHASHALGO_MD5</a>: <a name="l01255"></a>01255 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" RSA/MD5"</span>); <a name="l01256"></a>01256 sigalg = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; <a name="l01257"></a>01257 <span class="keywordflow">break</span>; <a name="l01258"></a>01258 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54efadb8ed49f2346f83847d7ef8e0efe24">PGPHASHALGO_SHA1</a>: <a name="l01259"></a>01259 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" RSA/SHA1"</span>); <a name="l01260"></a>01260 sigalg = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; <a name="l01261"></a>01261 <span class="keywordflow">break</span>; <a name="l01262"></a>01262 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54e4504cec1d192341bba8b61e8ea247a54">PGPHASHALGO_RIPEMD160</a>: <a name="l01263"></a>01263 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01264"></a>01264 <span class="keywordflow">break</span>; <a name="l01265"></a>01265 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54e322cbc66a629ad8b3cfff47a0afb4c6b">PGPHASHALGO_MD2</a>: <a name="l01266"></a>01266 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" RSA/MD2"</span>); <a name="l01267"></a>01267 sigalg = SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION; <a name="l01268"></a>01268 <span class="keywordflow">break</span>; <a name="l01269"></a>01269 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54e4ce911926cfe4e14187900b8540bc546">PGPHASHALGO_TIGER192</a>: <a name="l01270"></a>01270 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01271"></a>01271 <span class="keywordflow">break</span>; <a name="l01272"></a>01272 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54e2645f0e71da93e9df6a98fae0f6206f6">PGPHASHALGO_HAVAL_5_160</a>: <a name="l01273"></a>01273 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01274"></a>01274 <span class="keywordflow">break</span>; <a name="l01275"></a>01275 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54e1318894b57fbacba8ca82305ba5198f2">PGPHASHALGO_SHA256</a>: <a name="l01276"></a>01276 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" RSA/SHA256"</span>); <a name="l01277"></a>01277 sigalg = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION; <a name="l01278"></a>01278 <span class="keywordflow">break</span>; <a name="l01279"></a>01279 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54e02392fb7e4ada02a9d7fc6e09ef2dbb2">PGPHASHALGO_SHA384</a>: <a name="l01280"></a>01280 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" RSA/SHA384"</span>); <a name="l01281"></a>01281 sigalg = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION; <a name="l01282"></a>01282 <span class="keywordflow">break</span>; <a name="l01283"></a>01283 <span class="keywordflow">case</span> <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54ead5f6348a6d370be440d76cac0f7d9d2">PGPHASHALGO_SHA512</a>: <a name="l01284"></a>01284 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">" RSA/SHA512"</span>); <a name="l01285"></a>01285 sigalg = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION; <a name="l01286"></a>01286 <span class="keywordflow">break</span>; <a name="l01287"></a>01287 <span class="keywordflow">default</span>: <a name="l01288"></a>01288 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01289"></a>01289 sigalg = SEC_OID_UNKNOWN; <a name="l01290"></a>01290 <span class="keywordflow">break</span>; <a name="l01291"></a>01291 } <a name="l01292"></a>01292 <a name="l01293"></a>01293 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">" signature: "</span>)); <a name="l01294"></a>01294 <span class="keywordflow">if</span> (res != <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>) { <a name="l01295"></a>01295 <span class="keywordflow">goto</span> exit; <a name="l01296"></a>01296 } <a name="l01297"></a>01297 <a name="l01298"></a>01298 (void) <a class="code" href="group__rpmio.html#g7f69caae88f9572093fc8b0adf8ecf65">rpmswEnter</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>), 0); <a name="l01299"></a>01299 { <a class="code" href="structDIGEST__CTX__s.html">DIGEST_CTX</a> ctx = <a class="code" href="group__rpmio.html#g85489559128fb8811f8d13177151d35c">rpmDigestDup</a>(md5ctx); <a name="l01300"></a>01300 <a name="l01301"></a>01301 <span class="keywordflow">if</span> (sigp-><a class="code" href="structpgpDigParams__s.html#223724f41ce08e24de161e2133faf787">hash</a> != NULL) <a name="l01302"></a>01302 xx = <a class="code" href="group__rpmio.html#gc9ca49fa22e116d5b481c666c82c579e">rpmDigestUpdate</a>(ctx, sigp-><a class="code" href="structpgpDigParams__s.html#223724f41ce08e24de161e2133faf787">hash</a>, sigp-><a class="code" href="structpgpDigParams__s.html#6a4f426c2eb187370e0141bb2a24e5fa">hashlen</a>); <a name="l01303"></a>01303 <a name="l01304"></a>01304 <span class="preprocessor">#ifdef NOTYET </span><span class="comment">/* XXX not for binary/text signatures as in packages. */</span> <a name="l01305"></a>01305 <span class="keywordflow">if</span> (!(sigp-><a class="code" href="structpgpDigParams__s.html#ec2d8f110e1ad01bc9d034435bb0ec30">sigtype</a> == <a class="code" href="rpmpgp_8h.html#8fc331a64843a9be0bf76cf25bead0bfe841827cc53342cc3ecceb5ff5aa6cf9">PGPSIGTYPE_BINARY</a> || sigp-><a class="code" href="structpgpDigParams__s.html#ec2d8f110e1ad01bc9d034435bb0ec30">sigtype</a> == PGP_SIGTYPE_TEXT)) { <a name="l01306"></a>01306 <span class="keywordtype">int</span> nb = dig-><a class="code" href="structpgpDig__s.html#477c62388c8c4033391b464cce80e7ab">nbytes</a> + sigp-><a class="code" href="structpgpDigParams__s.html#6a4f426c2eb187370e0141bb2a24e5fa">hashlen</a>; <a name="l01307"></a>01307 <a class="code" href="rpmpgp_8h.html#0c8186d9b9b7880309c27230bbb5e69d">byte</a> trailer[6]; <a name="l01308"></a>01308 nb = htonl(nb); <a name="l01309"></a>01309 trailer[0] = 0x4; <a name="l01310"></a>01310 trailer[1] = 0xff; <a name="l01311"></a>01311 memcpy(trailer+2, &nb, <span class="keyword">sizeof</span>(nb)); <a name="l01312"></a>01312 xx = <a class="code" href="group__rpmio.html#gc9ca49fa22e116d5b481c666c82c579e">rpmDigestUpdate</a>(ctx, trailer, <span class="keyword">sizeof</span>(trailer)); <a name="l01313"></a>01313 } <a name="l01314"></a>01314 <span class="preprocessor">#endif</span> <a name="l01315"></a>01315 <span class="preprocessor"></span> <a name="l01316"></a>01316 xx = <a class="code" href="group__rpmio.html#g54e20bdf025588cd2f2bb640b7978de9">rpmDigestFinal</a>(ctx, (<span class="keywordtype">void</span> **)&dig-><a class="code" href="structpgpDig__s.html#18b5a4d55f8e7d388994f305633e8a47">md5</a>, &dig-><a class="code" href="structpgpDig__s.html#c631fbf8c0446901199c41e5110c55f8">md5len</a>, 0); <a name="l01317"></a>01317 (void) <a class="code" href="group__rpmio.html#g59c7d4152875cee4e893b5a27ce6b02a">rpmswExit</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>), sigp-><a class="code" href="structpgpDigParams__s.html#6a4f426c2eb187370e0141bb2a24e5fa">hashlen</a>); <a name="l01318"></a>01318 <a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>)-><a class="code" href="structrpmop__s.html#9634b69532968bc33f29d42025fce0ea">count</a>--; <span class="comment">/* XXX one too many */</span> <a name="l01319"></a>01319 <a name="l01320"></a>01320 <span class="comment">/* Compare leading 16 bits of digest for quick check. */</span> <a name="l01321"></a>01321 <span class="keywordflow">if</span> (memcmp(dig-><a class="code" href="structpgpDig__s.html#18b5a4d55f8e7d388994f305633e8a47">md5</a>, sigp-><a class="code" href="structpgpDigParams__s.html#103f364f47fa02bc535326e6e4d3d666">signhash16</a>, 2)) { <a name="l01322"></a>01322 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <a name="l01323"></a>01323 <span class="keywordflow">goto</span> exit; <a name="l01324"></a>01324 } <a name="l01325"></a>01325 digest.type = siBuffer; <a name="l01326"></a>01326 digest.data = dig-><a class="code" href="structpgpDig__s.html#18b5a4d55f8e7d388994f305633e8a47">md5</a>; <a name="l01327"></a>01327 digest.len = dig-><a class="code" href="structpgpDig__s.html#c631fbf8c0446901199c41e5110c55f8">md5len</a>; <a name="l01328"></a>01328 } <a name="l01329"></a>01329 <a name="l01330"></a>01330 <span class="comment">/* Retrieve the matching public key. */</span> <a name="l01331"></a>01331 res = <a class="code" href="rpmts_8c.html#a023ea4074128da4eaeab8370dc65a2d">rpmtsFindPubkey</a>(ts); <a name="l01332"></a>01332 <span class="keywordflow">if</span> (res != <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>) <a name="l01333"></a>01333 <span class="keywordflow">goto</span> exit; <a name="l01334"></a>01334 <a name="l01335"></a>01335 (void) <a class="code" href="group__rpmio.html#g7f69caae88f9572093fc8b0adf8ecf65">rpmswEnter</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8cd751b874525c4a91d5069882ea4c3bd">RPMTS_OP_SIGNATURE</a>), 0); <a name="l01336"></a>01336 { SECItem *sig = dig-><a class="code" href="structpgpDig__s.html#55b9b13d4560190ac6ac35f6a62e03dc">rsasig</a>; <a name="l01337"></a>01337 size_t siglen = SECKEY_SignatureLen(dig-><a class="code" href="structpgpDig__s.html#957b43d567ee6a9ce899cd761cf3c3d2">rsa</a>); <a name="l01338"></a>01338 <a name="l01339"></a>01339 <span class="comment">/* Zero-pad signature data up to expected size if necessary */</span> <a name="l01340"></a>01340 <span class="keywordflow">if</span> (siglen > sig->len) { <a name="l01341"></a>01341 size_t pad = siglen - sig->len; <a name="l01342"></a>01342 <span class="keywordflow">if</span> ((sig = SECITEM_AllocItem(NULL, NULL, siglen)) == NULL) { <a name="l01343"></a>01343 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <a name="l01344"></a>01344 <span class="keywordflow">goto</span> exit; <a name="l01345"></a>01345 } <a name="l01346"></a>01346 memset(sig->data, 0, pad); <a name="l01347"></a>01347 memcpy(sig->data+pad, dig-><a class="code" href="structpgpDig__s.html#55b9b13d4560190ac6ac35f6a62e03dc">rsasig</a>->data, dig-><a class="code" href="structpgpDig__s.html#55b9b13d4560190ac6ac35f6a62e03dc">rsasig</a>->len); <a name="l01348"></a>01348 } <a name="l01349"></a>01349 <a name="l01350"></a>01350 <span class="keywordflow">if</span> (VFY_VerifyDigest(&digest, dig-><a class="code" href="structpgpDig__s.html#957b43d567ee6a9ce899cd761cf3c3d2">rsa</a>, sig, sigalg, NULL) == SECSuccess) <a name="l01351"></a>01351 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>; <a name="l01352"></a>01352 <span class="keywordflow">else</span> <a name="l01353"></a>01353 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <a name="l01354"></a>01354 <a name="l01355"></a>01355 <span class="keywordflow">if</span> (sig != dig-><a class="code" href="structpgpDig__s.html#55b9b13d4560190ac6ac35f6a62e03dc">rsasig</a>) { <a name="l01356"></a>01356 SECITEM_ZfreeItem(sig, 1); <a name="l01357"></a>01357 } <a name="l01358"></a>01358 } <a name="l01359"></a>01359 (void) <a class="code" href="group__rpmio.html#g59c7d4152875cee4e893b5a27ce6b02a">rpmswExit</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8cd751b874525c4a91d5069882ea4c3bd">RPMTS_OP_SIGNATURE</a>), 0); <a name="l01360"></a>01360 <a name="l01361"></a>01361 exit: <a name="l01362"></a>01362 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01363"></a>01363 <span class="keywordflow">if</span> (sigp != NULL) { <a name="l01364"></a>01364 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">", key ID "</span>); <a name="l01365"></a>01365 (void) <a class="code" href="rpmpgp_8h.html#05e38dcc026946bdd09e9f8e114da62f">pgpHexCvt</a>(t, sigp-><a class="code" href="structpgpDigParams__s.html#0fb7d8a42809a08967465ed01875c731">signid</a>+4, <span class="keyword">sizeof</span>(sigp-><a class="code" href="structpgpDigParams__s.html#0fb7d8a42809a08967465ed01875c731">signid</a>)-4); <a name="l01366"></a>01366 t += strlen(t); <a name="l01367"></a>01367 } <a name="l01368"></a>01368 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">"\n"</span>); <a name="l01369"></a>01369 <span class="keywordflow">return</span> res; <a name="l01370"></a>01370 } <a name="l01371"></a>01371 <span class="comment">/*@=boundswrite@*/</span> <a name="l01372"></a>01372 <a name="l01380"></a>01380 <span class="comment">/*@-boundswrite@*/</span> <a name="l01381"></a>01381 <span class="keyword">static</span> <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> <a name="l01382"></a><a class="code" href="signature_8c.html#6ae59661f3eb5eb51e9594fbe8cb0921">01382</a> <a class="code" href="signature_8c.html#6ae59661f3eb5eb51e9594fbe8cb0921">verifyDSASignature</a>(<a class="code" href="rpmlib_8h.html#1a512138316a227059ca128597dbd464">rpmts</a> ts, <span class="comment">/*@out@*/</span> <span class="keywordtype">char</span> * t, <a name="l01383"></a>01383 <span class="comment">/*@null@*/</span> <a class="code" href="structDIGEST__CTX__s.html">DIGEST_CTX</a> sha1ctx) <a name="l01384"></a>01384 <span class="comment">/*@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @*/</span> <a name="l01385"></a>01385 <span class="comment">/*@modifies ts, *t, rpmGlobalMacroContext, fileSystem, internalState */</span> <a name="l01386"></a>01386 { <a name="l01387"></a>01387 <span class="keyword">const</span> <span class="keywordtype">void</span> * sig = <a class="code" href="group__rpmts.html#gcba74560f97f228aa1ccce1b9fbfb99c">rpmtsSig</a>(ts); <a name="l01388"></a>01388 <span class="preprocessor">#ifdef NOTYET</span> <a name="l01389"></a>01389 <span class="preprocessor"></span> <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> siglen = <a class="code" href="group__rpmts.html#gb50941e69189d188a9ba7055a1a5314a">rpmtsSiglen</a>(ts); <a name="l01390"></a>01390 <span class="preprocessor">#endif</span> <a name="l01391"></a>01391 <span class="preprocessor"></span> <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> sigtag = <a class="code" href="group__rpmts.html#ge4ec35553665073cbf54c91e6309a21b">rpmtsSigtag</a>(ts); <a name="l01392"></a>01392 <a class="code" href="structpgpDig__s.html">pgpDig</a> dig = <a class="code" href="group__rpmts.html#g2bbb2abf2e5879cc00dd60b106d38d4a">rpmtsDig</a>(ts); <a name="l01393"></a>01393 <a class="code" href="structpgpDigParams__s.html">pgpDigParams</a> sigp = <a class="code" href="group__rpmts.html#g29435d12759f96b389ca1b87ee754ab9">rpmtsSignature</a>(ts); <a name="l01394"></a>01394 <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> res; <a name="l01395"></a>01395 <span class="keywordtype">int</span> xx; <a name="l01396"></a>01396 SECItem digest; <a name="l01397"></a>01397 <a name="l01398"></a>01398 *t = <span class="charliteral">'\0'</span>; <a name="l01399"></a>01399 <span class="keywordflow">if</span> (dig != NULL && dig-><a class="code" href="structpgpDig__s.html#ca4c6a75da58d4a4a437f1be969a72f4">hdrsha1ctx</a> == sha1ctx) <a name="l01400"></a>01400 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Header "</span>)); <a name="l01401"></a>01401 *t++ = <span class="charliteral">'V'</span>; <a name="l01402"></a>01402 <span class="keywordflow">switch</span> (sigp-><a class="code" href="structpgpDigParams__s.html#9e27897366b81022dea600c4dbc69fd1">version</a>) { <a name="l01403"></a>01403 <span class="keywordflow">case</span> 3: *t++ = <span class="charliteral">'3'</span>; <span class="keywordflow">break</span>; <a name="l01404"></a>01404 <span class="keywordflow">case</span> 4: *t++ = <span class="charliteral">'4'</span>; <span class="keywordflow">break</span>; <a name="l01405"></a>01405 } <a name="l01406"></a>01406 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">" DSA signature: "</span>)); <a name="l01407"></a>01407 <a name="l01408"></a>01408 <span class="keywordflow">if</span> (sha1ctx == NULL || sig == NULL || dig == NULL || sigp == NULL) { <a name="l01409"></a>01409 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01410"></a>01410 <span class="keywordflow">goto</span> exit; <a name="l01411"></a>01411 } <a name="l01412"></a>01412 <a name="l01413"></a>01413 <span class="comment">/* XXX sanity check on sigtag and signature agreement. */</span> <a name="l01414"></a>01414 <span class="keywordflow">if</span> (!((sigtag == <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590ed5d0c19de281d46d38e0210dc9faa7">RPMSIGTAG_GPG</a> || sigtag == <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59b52ed4e5aa7d330de398f3e92334d828">RPMSIGTAG_DSA</a>) <a name="l01415"></a>01415 && sigp-><a class="code" href="structpgpDigParams__s.html#91db52d3177e0980b2feb221f8437cae">pubkey_algo</a> == <a class="code" href="rpmpgp_8h.html#40b051ecf9ec18b011f737b2244cd038ed719534d762654b5d2eb00b93c4bab1">PGPPUBKEYALGO_DSA</a> <a name="l01416"></a>01416 && sigp-><a class="code" href="structpgpDigParams__s.html#845361657400bd6ae9c792664bc43569">hash_algo</a> == <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54efadb8ed49f2346f83847d7ef8e0efe24">PGPHASHALGO_SHA1</a>)) <a name="l01417"></a>01417 { <a name="l01418"></a>01418 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801bb7bafd0fb0f5b69af85b79008fcd5da">RPMRC_NOKEY</a>; <a name="l01419"></a>01419 <span class="keywordflow">goto</span> exit; <a name="l01420"></a>01420 } <a name="l01421"></a>01421 <a name="l01422"></a>01422 (void) <a class="code" href="group__rpmio.html#g7f69caae88f9572093fc8b0adf8ecf65">rpmswEnter</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>), 0); <a name="l01423"></a>01423 { <a class="code" href="structDIGEST__CTX__s.html">DIGEST_CTX</a> ctx = <a class="code" href="group__rpmio.html#g85489559128fb8811f8d13177151d35c">rpmDigestDup</a>(sha1ctx); <a name="l01424"></a>01424 <a name="l01425"></a>01425 <span class="keywordflow">if</span> (sigp-><a class="code" href="structpgpDigParams__s.html#223724f41ce08e24de161e2133faf787">hash</a> != NULL) <a name="l01426"></a>01426 xx = <a class="code" href="group__rpmio.html#gc9ca49fa22e116d5b481c666c82c579e">rpmDigestUpdate</a>(ctx, sigp-><a class="code" href="structpgpDigParams__s.html#223724f41ce08e24de161e2133faf787">hash</a>, sigp-><a class="code" href="structpgpDigParams__s.html#6a4f426c2eb187370e0141bb2a24e5fa">hashlen</a>); <a name="l01427"></a>01427 <a name="l01428"></a>01428 <span class="keywordflow">if</span> (sigp-><a class="code" href="structpgpDigParams__s.html#9e27897366b81022dea600c4dbc69fd1">version</a> == 4) { <a name="l01429"></a>01429 <span class="keywordtype">int</span> nb = sigp-><a class="code" href="structpgpDigParams__s.html#6a4f426c2eb187370e0141bb2a24e5fa">hashlen</a>; <a name="l01430"></a>01430 <a class="code" href="rpmpgp_8h.html#0c8186d9b9b7880309c27230bbb5e69d">byte</a> trailer[6]; <a name="l01431"></a>01431 nb = htonl(nb); <a name="l01432"></a>01432 trailer[0] = sigp-><a class="code" href="structpgpDigParams__s.html#9e27897366b81022dea600c4dbc69fd1">version</a>; <a name="l01433"></a>01433 trailer[1] = 0xff; <a name="l01434"></a>01434 memcpy(trailer+2, &nb, <span class="keyword">sizeof</span>(nb)); <a name="l01435"></a>01435 xx = <a class="code" href="group__rpmio.html#gc9ca49fa22e116d5b481c666c82c579e">rpmDigestUpdate</a>(ctx, trailer, <span class="keyword">sizeof</span>(trailer)); <a name="l01436"></a>01436 } <a name="l01437"></a>01437 xx = <a class="code" href="group__rpmio.html#g54e20bdf025588cd2f2bb640b7978de9">rpmDigestFinal</a>(ctx, (<span class="keywordtype">void</span> **)&dig-><a class="code" href="structpgpDig__s.html#b06b79572a0b8bca891d2ceb98095923">sha1</a>, &dig-><a class="code" href="structpgpDig__s.html#49c29bb94e65f8bd1faf82d9f206cf70">sha1len</a>, 0); <a name="l01438"></a>01438 (void) <a class="code" href="group__rpmio.html#g59c7d4152875cee4e893b5a27ce6b02a">rpmswExit</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>), sigp-><a class="code" href="structpgpDigParams__s.html#6a4f426c2eb187370e0141bb2a24e5fa">hashlen</a>); <a name="l01439"></a>01439 <a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8a1b0a28f4a226d6ede631a48c893c699">RPMTS_OP_DIGEST</a>)-><a class="code" href="structrpmop__s.html#9634b69532968bc33f29d42025fce0ea">count</a>--; <span class="comment">/* XXX one too many */</span> <a name="l01440"></a>01440 <a name="l01441"></a>01441 <span class="comment">/* Compare leading 16 bits of digest for quick check. */</span> <a name="l01442"></a>01442 <span class="keywordflow">if</span> (memcmp(dig-><a class="code" href="structpgpDig__s.html#b06b79572a0b8bca891d2ceb98095923">sha1</a>, sigp-><a class="code" href="structpgpDigParams__s.html#103f364f47fa02bc535326e6e4d3d666">signhash16</a>, 2)) { <a name="l01443"></a>01443 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <a name="l01444"></a>01444 <span class="keywordflow">goto</span> exit; <a name="l01445"></a>01445 } <a name="l01446"></a>01446 digest.type = siBuffer; <a name="l01447"></a>01447 digest.data = dig-><a class="code" href="structpgpDig__s.html#b06b79572a0b8bca891d2ceb98095923">sha1</a>; <a name="l01448"></a>01448 digest.len = dig-><a class="code" href="structpgpDig__s.html#49c29bb94e65f8bd1faf82d9f206cf70">sha1len</a>; <a name="l01449"></a>01449 } <a name="l01450"></a>01450 <a name="l01451"></a>01451 <span class="comment">/* Retrieve the matching public key. */</span> <a name="l01452"></a>01452 res = <a class="code" href="rpmts_8c.html#a023ea4074128da4eaeab8370dc65a2d">rpmtsFindPubkey</a>(ts); <a name="l01453"></a>01453 <span class="keywordflow">if</span> (res != <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>) <a name="l01454"></a>01454 <span class="keywordflow">goto</span> exit; <a name="l01455"></a>01455 <a name="l01456"></a>01456 (void) <a class="code" href="group__rpmio.html#g7f69caae88f9572093fc8b0adf8ecf65">rpmswEnter</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8cd751b874525c4a91d5069882ea4c3bd">RPMTS_OP_SIGNATURE</a>), 0); <a name="l01457"></a>01457 <span class="keywordflow">if</span> (VFY_VerifyDigest(&digest, dig-><a class="code" href="structpgpDig__s.html#bb93454a7c4725110bdf5375d42042eb">dsa</a>, dig-><a class="code" href="structpgpDig__s.html#af40c3987529d6eb8bf4ab26a58ba5bf">dsasig</a>, <a name="l01458"></a>01458 SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST, NULL) == SECSuccess) <a name="l01459"></a>01459 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e801b6a502fb02cfd2c16380fa6ac52902d4">RPMRC_OK</a>; <a name="l01460"></a>01460 <span class="keywordflow">else</span> <a name="l01461"></a>01461 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e8012e6125219f145fbb73353bc6ccac5cfc">RPMRC_FAIL</a>; <a name="l01462"></a>01462 (void) <a class="code" href="group__rpmio.html#g59c7d4152875cee4e893b5a27ce6b02a">rpmswExit</a>(<a class="code" href="rpmts_8c.html#c532195f0c1164659306125a44de2246">rpmtsOp</a>(ts, <a class="code" href="rpmts_8h.html#91b5b6bbde8250526b406de6b91735e8cd751b874525c4a91d5069882ea4c3bd">RPMTS_OP_SIGNATURE</a>), 0); <a name="l01463"></a>01463 <a name="l01464"></a>01464 exit: <a name="l01465"></a>01465 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <a class="code" href="signature_8c.html#c4f70071020206b2cfb716c84522000e">rpmSigString</a>(res)); <a name="l01466"></a>01466 <span class="keywordflow">if</span> (sigp != NULL) { <a name="l01467"></a>01467 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">", key ID "</span>); <a name="l01468"></a>01468 (void) <a class="code" href="rpmpgp_8h.html#05e38dcc026946bdd09e9f8e114da62f">pgpHexCvt</a>(t, sigp-><a class="code" href="structpgpDigParams__s.html#0fb7d8a42809a08967465ed01875c731">signid</a>+4, <span class="keyword">sizeof</span>(sigp-><a class="code" href="structpgpDigParams__s.html#0fb7d8a42809a08967465ed01875c731">signid</a>)-4); <a name="l01469"></a>01469 t += strlen(t); <a name="l01470"></a>01470 } <a name="l01471"></a>01471 t = <a class="code" href="system_8h.html#890dbcd7c456828c1b6ff714e405fcc1">stpcpy</a>(t, <span class="stringliteral">"\n"</span>); <a name="l01472"></a>01472 <span class="keywordflow">return</span> res; <a name="l01473"></a>01473 } <a name="l01474"></a>01474 <span class="comment">/*@=boundswrite@*/</span> <a name="l01475"></a>01475 <a name="l01476"></a>01476 <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> <a name="l01477"></a><a class="code" href="group__signature.html#gf8998cbf765cb5af427bba5648bd5443">01477</a> <a class="code" href="group__signature.html#gf8998cbf765cb5af427bba5648bd5443">rpmVerifySignature</a>(<span class="keyword">const</span> <a class="code" href="rpmlib_8h.html#1a512138316a227059ca128597dbd464">rpmts</a> ts, <span class="keywordtype">char</span> * result) <a name="l01478"></a>01478 { <a name="l01479"></a>01479 <span class="keyword">const</span> <span class="keywordtype">void</span> * sig = <a class="code" href="group__rpmts.html#gcba74560f97f228aa1ccce1b9fbfb99c">rpmtsSig</a>(ts); <a name="l01480"></a>01480 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> siglen = <a class="code" href="group__rpmts.html#gb50941e69189d188a9ba7055a1a5314a">rpmtsSiglen</a>(ts); <a name="l01481"></a>01481 <a class="code" href="header_8h.html#e5c5e6fe946fcce0d2156db86ffffa8a">int_32</a> sigtag = <a class="code" href="group__rpmts.html#ge4ec35553665073cbf54c91e6309a21b">rpmtsSigtag</a>(ts); <a name="l01482"></a>01482 <a class="code" href="structpgpDig__s.html">pgpDig</a> dig = <a class="code" href="group__rpmts.html#g2bbb2abf2e5879cc00dd60b106d38d4a">rpmtsDig</a>(ts); <a name="l01483"></a>01483 <a class="code" href="rpmlib_8h.html#06da857c39457bfb6ea9049643fdb706">rpmRC</a> res; <a name="l01484"></a>01484 <a name="l01485"></a>01485 <span class="keywordflow">if</span> (sig == NULL || siglen <= 0 || dig == NULL) { <a name="l01486"></a>01486 sprintf(result, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Verify signature: BAD PARAMETERS\n"</span>)); <a name="l01487"></a>01487 <span class="keywordflow">return</span> <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e80163a651497a21974d2993a25d9b60208d">RPMRC_NOTFOUND</a>; <a name="l01488"></a>01488 } <a name="l01489"></a>01489 <a name="l01490"></a>01490 <span class="keywordflow">switch</span> (sigtag) { <a name="l01491"></a>01491 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade599ce79a6dc5f08f628da38c4f0ed8461f">RPMSIGTAG_SIZE</a>: <a name="l01492"></a>01492 res = <a class="code" href="signature_8c.html#fd2b5b7efe970997aeb1a7a439c8f73f">verifySizeSignature</a>(ts, result); <a name="l01493"></a>01493 <span class="keywordflow">break</span>; <a name="l01494"></a>01494 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade5998404587b2537b1a0913f4bf84857b66">RPMSIGTAG_MD5</a>: <a name="l01495"></a>01495 res = <a class="code" href="signature_8c.html#a10497faa43c94377a14fe5a07622e38">verifyMD5Signature</a>(ts, result, dig-><a class="code" href="structpgpDig__s.html#304c8b883f9feb95856a37d5e0665225">md5ctx</a>); <a name="l01496"></a>01496 <span class="keywordflow">break</span>; <a name="l01497"></a>01497 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade591f0885c883cbf3c6a56b43378b2abb44">RPMSIGTAG_SHA1</a>: <a name="l01498"></a>01498 res = <a class="code" href="signature_8c.html#703e1c6b7fcdbcfaf8ddd44932725beb">verifySHA1Signature</a>(ts, result, dig-><a class="code" href="structpgpDig__s.html#ca4c6a75da58d4a4a437f1be969a72f4">hdrsha1ctx</a>); <a name="l01499"></a>01499 <span class="keywordflow">break</span>; <a name="l01500"></a>01500 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59d5ce205120582b92319e8e686b7e5886">RPMSIGTAG_RSA</a>: <a name="l01501"></a>01501 res = <a class="code" href="signature_8c.html#e2acebafa2174d98238a46bf030fdb86">verifyRSASignature</a>(ts, result, dig-><a class="code" href="structpgpDig__s.html#38aebd646b5be4c6ccab406d7789e429">hdrmd5ctx</a>); <a name="l01502"></a>01502 <span class="keywordflow">break</span>; <a name="l01503"></a>01503 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59bf5438c2d5c3e85d660be9588869ad7d">RPMSIGTAG_PGP5</a>: <span class="comment">/* XXX legacy */</span> <a name="l01504"></a>01504 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59ad2717c301116c93390eb57f1a5bdfc6">RPMSIGTAG_PGP</a>: <a name="l01505"></a>01505 res = <a class="code" href="signature_8c.html#e2acebafa2174d98238a46bf030fdb86">verifyRSASignature</a>(ts, result, <a name="l01506"></a>01506 ((dig-><a class="code" href="structpgpDig__s.html#28ff551e61329f6f14d87bbabd44d716">signature</a>.<a class="code" href="structpgpDigParams__s.html#845361657400bd6ae9c792664bc43569">hash_algo</a> == <a class="code" href="rpmpgp_8h.html#8d48cf9c33d66a07d2fee34b0875d54ed06371dade65fdf985086d1461218820">PGPHASHALGO_MD5</a>) <a name="l01507"></a>01507 ? dig-><a class="code" href="structpgpDig__s.html#304c8b883f9feb95856a37d5e0665225">md5ctx</a> : dig-><a class="code" href="structpgpDig__s.html#cbed880f589f34347221e0d95aa17683">sha1ctx</a>)); <a name="l01508"></a>01508 <span class="keywordflow">break</span>; <a name="l01509"></a>01509 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade59b52ed4e5aa7d330de398f3e92334d828">RPMSIGTAG_DSA</a>: <a name="l01510"></a>01510 res = <a class="code" href="signature_8c.html#6ae59661f3eb5eb51e9594fbe8cb0921">verifyDSASignature</a>(ts, result, dig-><a class="code" href="structpgpDig__s.html#ca4c6a75da58d4a4a437f1be969a72f4">hdrsha1ctx</a>); <a name="l01511"></a>01511 <span class="keywordflow">break</span>; <a name="l01512"></a>01512 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590ed5d0c19de281d46d38e0210dc9faa7">RPMSIGTAG_GPG</a>: <a name="l01513"></a>01513 res = <a class="code" href="signature_8c.html#6ae59661f3eb5eb51e9594fbe8cb0921">verifyDSASignature</a>(ts, result, dig-><a class="code" href="structpgpDig__s.html#cbed880f589f34347221e0d95aa17683">sha1ctx</a>); <a name="l01514"></a>01514 <span class="keywordflow">break</span>; <a name="l01515"></a>01515 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade590e8bbec8af85b808a50323497f3318e9">RPMSIGTAG_LEMD5_1</a>: <a name="l01516"></a>01516 <span class="keywordflow">case</span> <a class="code" href="group__signature.html#gg42c7580fde696ff3b0f70bfb7bdade593308808e75374022ddc3f68b33d823ef">RPMSIGTAG_LEMD5_2</a>: <a name="l01517"></a>01517 sprintf(result, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Broken MD5 digest: UNSUPPORTED\n"</span>)); <a name="l01518"></a>01518 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e80163a651497a21974d2993a25d9b60208d">RPMRC_NOTFOUND</a>; <a name="l01519"></a>01519 <span class="keywordflow">break</span>; <a name="l01520"></a>01520 <span class="keywordflow">default</span>: <a name="l01521"></a>01521 sprintf(result, <a class="code" href="system_8h.html#8a97de23397d8af6821824c0234d8c3c">_</a>(<span class="stringliteral">"Signature: UNKNOWN (%d)\n"</span>), sigtag); <a name="l01522"></a>01522 res = <a class="code" href="rpmlib_8h.html#a30b10f32f3a5e820ec05d099993e80163a651497a21974d2993a25d9b60208d">RPMRC_NOTFOUND</a>; <a name="l01523"></a>01523 <span class="keywordflow">break</span>; <a name="l01524"></a>01524 } <a name="l01525"></a>01525 <span class="keywordflow">return</span> res; <a name="l01526"></a>01526 } </pre></div><hr size="1"><address style="align: right;"><small>Generated on 1 Oct 2013 for rpm by <a href="http://www.doxygen.org/index.html"> <img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.4.7 </small></address> </body> </html>