libalpm
Arch Linux Package Manager Library
signing.c File Reference
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <locale.h>
#include <gpgme.h>
#include "signing.h"
#include "package.h"
#include "base64.h"
#include "util.h"
#include "log.h"
#include "alpm.h"
#include "handle.h"
Include dependency graph for signing.c:

Macros

#define CHECK_ERR(void)
 

Functions

int alpm_decode_signature (const char *base64_data, unsigned char **data, size_t *data_len)
 Decode a loaded signature in base64 form.
 
static const char * string_validity (gpgme_validity_t validity)
 Return a statically allocated validity string based on the GPGME validity code.
 
static void sigsum_test_bit (gpgme_sigsum_t sigsum, alpm_list_t **summary, gpgme_sigsum_t bit, const char *value)
 
static alpm_list_tlist_sigsum (gpgme_sigsum_t sigsum)
 Calculate a set of strings to represent the given GPGME signature summary value.
 
static int init_gpgme (alpm_handle_t *handle)
 Initialize the GPGME library.
 
static int key_import_wkd (alpm_handle_t *handle, const char *email, const char *fpr)
 Import a key from a Web Key Directory (WKD) into the local keyring using.
 
static int key_search_keyserver (alpm_handle_t *handle, const char *fpr, alpm_pgpkey_t *pgpkey)
 Search for a GPG key on a keyserver.
 
static int key_import_keyserver (alpm_handle_t *handle, alpm_pgpkey_t *key)
 Import a key into the local keyring.
 
static int email_from_uid (const char *uid, char **email)
 Extract the email address from a user ID.
 
int alpm_pkg_check_pgp_signature (alpm_pkg_t *pkg, alpm_siglist_t *siglist)
 Check the PGP signature for the given package file.
 
int alpm_db_check_pgp_signature (alpm_db_t *db, alpm_siglist_t *siglist)
 Check the PGP signature for the given database.
 
int alpm_siglist_cleanup (alpm_siglist_t *siglist)
 Clean up and free a signature result list.
 
static size_t length_check (size_t length, size_t position, size_t a, alpm_handle_t *handle, const char *identifier)
 
static int parse_subpacket (alpm_handle_t *handle, const char *identifier, const unsigned char *sig, const size_t len, const size_t pos, const size_t plen, alpm_list_t **keys)
 
int alpm_extract_keyid (alpm_handle_t *handle, const char *identifier, const unsigned char *sig, const size_t len, alpm_list_t **keys)
 Extract the Issuer Key ID from a signature.
 

Macro Definition Documentation

◆ CHECK_ERR

#define CHECK_ERR ( void)
Value:
do { \
if(gpg_err_code(gpg_err) != GPG_ERR_NO_ERROR) { goto gpg_error; } \
} while(0)

Referenced by init_gpgme(), key_import_keyserver(), key_import_wkd(), and key_search_keyserver().

Function Documentation

◆ email_from_uid()

static int email_from_uid ( const char * uid,
char ** email )
static

Extract the email address from a user ID.

Parameters
uidthe user ID to parse in the form "Example Name <email@address.invalid>"
emailto hold email address
Returns
0 on success, -1 on error

References STRNDUP.

◆ init_gpgme()

static int init_gpgme ( alpm_handle_t * handle)
static

Initialize the GPGME library.

This can be safely called multiple times; however it is not thread-safe.

Parameters
handlethe context handle
Returns
0 on success, -1 on error

References _, ALPM_ERR_GPGME, ALPM_ERR_NOT_A_FILE, ALPM_LOG_DEBUG, ALPM_LOG_ERROR, ALPM_LOG_WARNING, CHECK_ERR, and RET_ERR.

◆ key_import_keyserver()

static int key_import_keyserver ( alpm_handle_t * handle,
alpm_pgpkey_t * key )
static

Import a key into the local keyring.

Parameters
handlethe context handle
keythe key to import, likely retrieved from key_search_keyserver
Returns
0 on success, -1 on error

References _, ALPM_LOG_DEBUG, ALPM_LOG_ERROR, CHECK_ERR, and alpm_pgpkey_t::data.

◆ key_import_wkd()

static int key_import_wkd ( alpm_handle_t * handle,
const char * email,
const char * fpr )
static

Import a key from a Web Key Directory (WKD) into the local keyring using.

This requires GPGME to call the gpg binary.

Parameters
handlethe context handle
emailthe email address of the key to import
fprthe fingerprint key ID to look up (or NULL)
Returns
0 on success, -1 on error

References _, ALPM_LOG_DEBUG, and CHECK_ERR.

◆ key_search_keyserver()

static int key_search_keyserver ( alpm_handle_t * handle,
const char * fpr,
alpm_pgpkey_t * pgpkey )
static

Search for a GPG key on a keyserver.

This requires GPGME to call the gpg binary and have a keyserver previously defined in a gpg.conf configuration file.

Parameters
handlethe context handle
fprthe fingerprint key ID to look up
pgpkeystorage location for the given key if found
Returns
1 on success, 0 on key not found, -1 on error

References ALPM_ERR_MEMORY, ALPM_LOG_DEBUG, CHECK_ERR, alpm_pgpkey_t::created, alpm_pgpkey_t::data, alpm_pgpkey_t::email, alpm_pgpkey_t::expires, alpm_pgpkey_t::fingerprint, alpm_pgpkey_t::length, MALLOC, alpm_pgpkey_t::name, alpm_pgpkey_t::pubkey_algo, RET_ERR, alpm_pgpkey_t::revoked, and alpm_pgpkey_t::uid.

◆ length_check()

static size_t length_check ( size_t length,
size_t position,
size_t a,
alpm_handle_t * handle,
const char * identifier )
static

References _, and ALPM_LOG_ERROR.

Referenced by alpm_extract_keyid(), and parse_subpacket().

◆ list_sigsum()

static alpm_list_t * list_sigsum ( gpgme_sigsum_t sigsum)
static

Calculate a set of strings to represent the given GPGME signature summary value.

This is a bitmask so you may get any number of strings back.

Parameters
sigsuma GPGME signature summary bitmask
Returns
the list of signature summary strings

References alpm_list_add(), and sigsum_test_bit().

◆ parse_subpacket()

static int parse_subpacket ( alpm_handle_t * handle,
const char * identifier,
const unsigned char * sig,
const size_t len,
const size_t pos,
const size_t plen,
alpm_list_t ** keys )
static

References alpm_list_add(), and length_check().

Referenced by alpm_extract_keyid().

◆ sigsum_test_bit()

static void sigsum_test_bit ( gpgme_sigsum_t sigsum,
alpm_list_t ** summary,
gpgme_sigsum_t bit,
const char * value )
static

References alpm_list_add().

Referenced by list_sigsum().

◆ string_validity()

static const char * string_validity ( gpgme_validity_t validity)
static

Return a statically allocated validity string based on the GPGME validity code.

This is mainly for debug purposes and is not translated.

Parameters
validitya validity code returned by GPGME
Returns
a string such as "marginal"