6 #define _RPMIOB_INTERNAL
9 #define _RPMHKP_INTERNAL
14 #define _RPMPGP_INTERNAL
19 #define _RPMEVR_INTERNAL
21 #define _RPMNS_INTERNAL
26 #define _RPMTS_INTERNAL
42 #define SPEW(_list) if (_rpmns_debug) fprintf _list
54 "i386",
"i486",
"i586",
"i686",
"athlon",
"pentium3",
"pentium4",
55 "x86_64",
"amd64",
"ia32e",
56 "alpha",
"alphaev5",
"alphaev56",
"alphapca56",
"alphaev6",
"alphaev67",
57 "sparc",
"sun4",
"sun4m",
"sun4c",
"sun4d",
"sparcv8",
58 "sparcv9",
"sparcv9b",
"sparcv9v",
"sparcv9v2",
59 "sparc64",
"sun4u",
"sparc64v",
60 "mips",
"mipsel",
"IP",
61 "ppc",
"ppciseries",
"ppcpseries",
62 "ppc64",
"ppc64iseries",
"ppc64pseries",
66 "armv3l",
"armv4b",
"armv4l",
67 "armv5teb",
"armv5tel",
"armv5tejl",
69 "s390",
"i370",
"s390x",
70 "sh",
"sh3",
"sh4",
"sh4a",
"xtensa",
81 #if defined(RPM_VENDOR_WINDRIVER)
82 const char * known_arch =
rpmExpand(
"%{?_known_arch}", NULL);
83 const char *p, *pe, *t;
86 pe = p ;
while (*pe && !
xisspace(*pe)) pe++;
89 t = strndup(p, (pe - p));
95 known_arch =
_free(known_arch);
99 for (av = rpmnsArches; *av != NULL; av++) {
100 if (strcmp(str, *av))
113 #define _ENTRY(_s, _type) { #_s, sizeof(#_s)-1, _type }
178 const char * se = strchr(s,
')');
182 if (se == NULL || (slen = (se - s)) <
sizeof(
"ABC()")-1)
188 size_t i = (l + u)/2;
191 int rc = strncmp(s, av->
NS, NSlen);
208 if (slen == 0) slen = strlen(s);
216 if (s[0] ==
'%' && s[1] ==
'{' && se[-1] ==
'}')
218 if ((se - s) > 3 && se[-3] ==
'.' && se[-2] ==
's' && se[-1] ==
'o')
223 for (se = s; *se !=
'\0'; se++) {
224 if (se[0] ==
'(' || se[--slen] ==
')')
226 if (se[0] ==
'.' && se[1] ==
's' && se[2] ==
'o')
230 if (_rpmns_N_at_A && _rpmns_N_at_A[0]) {
231 if (se[0] == _rpmns_N_at_A[0] &&
rpmnsArch(se+1))
245 size_t tlen = strlen(t);
257 if ((t = strrchr(t, _rpmns_N_at_A[0])) != NULL)
281 if (ns->NS[0] ==
'!')
283 if ((t = strchr(t,
'(')) != NULL) {
286 t[strlen(t)-1] =
'\0';
317 static inline unsigned char nibble(
char c)
320 if (c >=
'0' && c <=
'9')
321 return (
unsigned char)(c -
'0');
322 if (c >=
'A' && c <=
'F')
323 return (
unsigned char)((int)(c -
'A') + 10);
324 if (c >=
'a' && c <=
'f')
325 return (
unsigned char)((int)(c -
'a') + 10);
330 const char * pubfn,
const char * pubid,
338 size_t sigpktlen = 0;
347 SPEW((stderr,
"==> check(%s, %s, %s, %s)\n", fn,
348 (sigfn ? sigfn :
"(null)"),
349 (pubfn ? pubfn :
"(null)"),
350 (pubid ? pubid :
"(null)")));
354 if (!(sigfn && *sigfn))
358 {
const char * _sigfn =
rpmExpand(sigfn, NULL);
361 SPEW((stderr,
"==> pgpReadPkts(%s) SIG %p[%u] ret %d\n", _sigfn, sigpkt, (
unsigned)sigpktlen, xx));
362 _sigfn =
_free(_sigfn);
365 _sigfn =
_free(_sigfn);
374 SPEW((stderr,
"==> unverifiable V%u\n", (
unsigned)sigp->version));
383 if (pubfn && *pubfn) {
384 const char * _pubfn =
rpmExpand(pubfn, NULL);
386 hkp->pkt =
_free(hkp->pkt);
392 SPEW((stderr,
"==> pgpReadPkts(%s) PUB %p[%u] rc %d\n", _pubfn, hkp->pkt, (
unsigned)hkp->pktlen, xx));
393 _pubfn =
_free(_pubfn);
396 _pubfn =
_free(_pubfn);
399 hkp->pkts =
_free(hkp->pkts);
401 xx =
pgpGrabPkts(hkp->pkt, hkp->pktlen, &hkp->pkts, &hkp->npkts);
409 memcpy(pubp->signid, hkp->keyid,
sizeof(pubp->signid));
414 if (validate && hkp->npkts >= 3) {
427 SPEW((stderr,
"\t<-- rpmhkpValidate() rc %d\n", xx));
434 xx =
rpmhkpFindKey(hkp, dig, sigp->signid, sigp->pubkey_algo);
436 SPEW((stderr,
"\t<-- rpmhkpFindKey() rc %d\n", xx));
443 SPEW((stderr,
"\t<-- pgpFindPubkey() rc %d\n", rc));
449 if (pubid && *pubid) {
450 size_t ns = strlen(pubid);
456 for (i = 0, s = pubid; *s && isxdigit(*s); s++, i++)
458 if (!(*s ==
'\0' && i > 8 && (i%2) == 0)) {
459 SPEW((stderr,
"==> invalid pubid: %s\n", pubid));
470 t = (
char *) memset(
alloca(ns), 0,
ns);
471 for (i = 0; i <
ns; i++)
472 t[i] = (
char)((
nibble(s[2*i]) << 4) |
nibble(s[2*i+1]));
475 s = (
const char *)pubp->signid;
476 xx = memcmp(t, s + (8 - ns),
ns);
485 SPEW((stderr,
"==> mismatched: pubkey id (%08x %08x) != %s\n",
492 if (!(sigp->pubkey_algo == pubp->pubkey_algo
494 && sigp->hash_algo == pubp->hash_algo
496 && !memcmp(sigp->signid, pubp->signid,
sizeof(sigp->signid)) ) ) {
498 SPEW((stderr,
"==> mismatch between signature and pubkey\n"));
499 SPEW((stderr,
"\tpubkey_algo: %u %u\n",
500 (
unsigned)sigp->pubkey_algo, (
unsigned)pubp->pubkey_algo));
501 SPEW((stderr,
"\tsignid: %08X %08X %08X %08X\n",
511 static const char clrtxt[] =
"-----BEGIN PGP SIGNED MESSAGE-----";
512 static const char sigtxt[] =
"-----BEGIN PGP SIGNATURE-----";
517 if (!(_rc == 0 && iob != NULL)) {
518 SPEW((stderr,
"==> rpmiobSlurp(%s) MSG rc %d\n", _fn, _rc));
526 if (!strncmp((
char *)iob->b, clrtxt, strlen(clrtxt))) {
527 const char * be = (
char *) (iob->b + iob->blen);
532 while (t && t < be && *t !=
'\n')
533 t = strchr(t,
'\n') + 1;
542 if (strncmp(t,
"- ", 2) == 0)
544 if ((teol = te = strchr(t,
'\n')) == NULL)
546 while (te > t && strchr(
" \t\r\n", te[-1]))
549 if (!strncmp((t = teol + 1), sigtxt, strlen(sigtxt)))
559 if (sigp->hash != NULL)
564 trailer[0] = sigp->version;
566 trailer[2] = (sigp->hashlen >> 24) & 0xff;
567 trailer[3] = (sigp->hashlen >> 16) & 0xff;
568 trailer[4] = (sigp->hashlen >> 8) & 0xff;
569 trailer[5] = (sigp->hashlen ) & 0xff;
574 switch(sigp->pubkey_algo) {
589 SPEW((stderr,
"==> can't load pubkey_algo(%u)\n", (
unsigned)sigp->pubkey_algo));
594 switch(sigp->pubkey_algo) {
606 sigpkt =
_free(sigpkt);
613 SPEW((stderr,
"============================ verify: %s\n",
static unsigned char nibble(char c)
Convert hex to binary nibble.
void _rpmhkpDumpDig(const char *msg, pgpDig dig, FILE *fp)
pgpDigParams pgpGetPubkey(pgpDig dig)
Return OpenPGP pubkey parameters.
int rpmhkpFindKey(rpmhkp hkp, pgpDig dig, const rpmuint8_t *signid, rpmuint8_t pubkey_algo)
rpmRC rpmhkpValidate(rpmhkp hkp, const char *keyname)
Retrieve/Validate binding and certification signatures on a pubkey.
enum nsType_e nsType
Dependency types.
const char bson_timestamp_t * ts
int pgpPktLen(const rpmuint8_t *pkt, size_t pleft, pgpPkt pp)
OpenPGP constants and structures from RFC-2440.
struct pgpDigParams_s * pgpDigParams
DIGEST_CTX rpmDigestInit(pgpHashAlgo hashalgo, rpmDigestFlags flags)
Initialize digest context.
#define _ENTRY(_s, _type)
Dependency probe table (must be sorted).
static unsigned int pgpGrab(const rpmuint8_t *s, size_t nbytes)
Return (native-endian) integer from big-endian representation.
enum pgpHashAlgo_e pgpHashAlgo
9.4.
rpmhkp rpmhkpNew(const rpmuint8_t *keyid, uint32_t flags)
Create a new hkp handle.
Structure(s) and routine(s) used for classifying and parsing names.
nsType rpmnsProbe(const char *s, size_t slen)
Is string a known probe namespace?
static struct _rpmnsProbes_s rpmnsProbes[]
rpmiob rpmiobFree(rpmiob iob)
Destroy a I/O buffer instance.
rpmhkp rpmhkpFree(rpmhkp hkp)
Destroy a hkp handle.
static int pgpImplSetDSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
int rpmiobSlurp(const char *fn, rpmiob *iobp)
enum evrFlags_e evrFlags
Dependency Attributes.
pgpArmor pgpReadPkts(const char *fn, rpmuint8_t **pkt, size_t *pktlen)
Parse armored OpenPGP packets from a file.
void rpmtsCleanDig(rpmts ts)
Free signature verification data.
int rpmDigestUpdate(DIGEST_CTX ctx, const void *data, size_t len)
Update context with next plain text buffer.
rpmRC rpmnsProbeSignature(void *_ts, const char *fn, const char *sigfn, const char *pubfn, const char *pubid, int flags)
Verify OpenPGP signature on a file.
int pgpFindPubkey(pgpDig dig)
Call find pubkey vector.
Structures and prototypes used for an "rpmps" problem set.
static const char * rpmnsArches[]
unsigned char rpmuint8_t
Private int typedefs to avoid C99 portability issues.
nsType rpmnsArch(const char *str)
Is string a known arch suffix?
static int xisspace(int c)
pgpDigParams pgpGetSignature(pgpDig dig)
Return OpenPGP signature parameters.
const char const char * user
static int pgpImplSetECDSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
char * rpmExpand(const char *arg,...)
Return (malloc'ed) concatenated macro expansion(s).
const char const bson int mongo_write_concern int flags
static int pgpImplSetRSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
int pgpGrabPkts(const rpmuint8_t *pkts, size_t pktlen, rpmuint8_t ***pppkts, int *pnpkts)
Return array of packet pointers.
enum rpmRC_e rpmRC
RPM return codes.
rpmhkp rpmhkpLink(rpmhkp hkp)
Reference a hkp handle instance.
static int xisdigit(int c)
static void set(char *t, NODE *ip)
int pgpPubkeyFingerprint(const rpmuint8_t *pkt, size_t pktlen, rpmuint8_t *keyid)
Print/parse an OpenPGP subtype packet.
nsType rpmnsClassify(const char *s, size_t slen)
Classify a string as a dependency type.
struct rpmts_s * rpmts
The RPM Transaction Set.
static void * _free(const void *p)
Wrapper to free(3), hides const compilation noise, permit NULL, return NULL.
Structures and prototypes used for an "rpmts" transaction set.
static int pgpImplVerify(pgpDig dig)
Structure(s) and routine(s) used for EVR parsing and comparison.
int rpmnsParse(const char *s, rpmns ns)
Expand and split NS(N).A string into namespace, name and arch components.
int pgpPrtPkts(const rpmuint8_t *pkts, size_t pktlen, pgpDig dig, int printing)
Print/parse a OpenPGP packet(s).
Access RPM indices using Berkeley DB interface(s).
pgpDig rpmtsDig(rpmts ts)
Get OpenPGP packet parameters, i.e.
static size_t rpmnsProbesCount
int rpmhkpLoadSignature(rpmhkp hkp, pgpDig dig, pgpPkt pp)
const char * _rpmns_N_at_A