diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-08-07 13:30:08 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-08-07 13:30:08 +0000 |
commit | 44cf9c6d2d274eac37502e835155f7e985f1b8e6 (patch) | |
tree | 9576ba968924c5b9a55ba9e14f4f26184c62c7d4 /scripts/Dpkg/OpenPGP | |
parent | Adding upstream version 1.22.6. (diff) | |
download | dpkg-44cf9c6d2d274eac37502e835155f7e985f1b8e6.tar.xz dpkg-44cf9c6d2d274eac37502e835155f7e985f1b8e6.zip |
Adding upstream version 1.22.7.upstream/1.22.7
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | scripts/Dpkg/OpenPGP/Backend/GnuPG.pm | 14 | ||||
-rw-r--r-- | scripts/Dpkg/OpenPGP/ErrorCodes.pm | 19 |
2 files changed, 31 insertions, 2 deletions
diff --git a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm index 6c834be..43ac1e2 100644 --- a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm +++ b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm @@ -34,7 +34,9 @@ use strict; use warnings; use POSIX qw(:sys_wait_h); +use File::Basename; use File::Temp; +use File::Copy; use MIME::Base64; use Dpkg::ErrorHandling; @@ -296,6 +298,18 @@ sub inline_sign { return OPENPGP_MISSING_CMD if ! $self->has_backend_cmd(); + my $file = basename($data); + my $signdir = File::Temp->newdir('dpkg-sign.XXXXXXXX', TMPDIR => 1); + my $signfile = "$signdir/$file"; + + # Make sure the file to sign ends with a newline, as GnuPG does not adhere + # to the OpenPGP specification (see <https://dev.gnupg.org/T7106>). + copy($data, $signfile); + open my $signfh, '>>', $signfile + or syserr(g_('cannot open %s'), $signfile); + print { $signfh } "\n"; + close $signfh or syserr(g_('cannot close %s'), $signfile); + my @exec = ($self->{cmd}); push @exec, _gpg_options_weak_digests(); push @exec, qw(--utf8-strings --textmode --armor); diff --git a/scripts/Dpkg/OpenPGP/ErrorCodes.pm b/scripts/Dpkg/OpenPGP/ErrorCodes.pm index 0db59aa..3a67dd8 100644 --- a/scripts/Dpkg/OpenPGP/ErrorCodes.pm +++ b/scripts/Dpkg/OpenPGP/ErrorCodes.pm @@ -1,4 +1,4 @@ -# Copyright © 2022 Guillem Jover <guillem@debian.org> +# Copyright © 2022-2024 Guillem Jover <guillem@debian.org> # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -44,7 +44,12 @@ our @EXPORT = qw( OPENPGP_MISSING_INPUT OPENPGP_KEY_IS_PROTECTED OPENPGP_UNSUPPORTED_SUBCMD + OPENPGP_UNSUPPORTED_SPECIAL_PREFIX + OPENPGP_AMBIGUOUS_INPUT OPENPGP_KEY_CANNOT_SIGN + OPENPGP_INCOMPATIBLE_OPTIONS + OPENPGP_NO_HW_KEY_FOUND + OPENPGP_HW_KEY_FAILURE OPENPGP_MISSING_CMD OPENPGP_NEEDS_KEYSTORE @@ -58,7 +63,7 @@ use Exporter qw(import); use Dpkg::Gettext; # Error codes based on -# https://ietf.org/archive/id/draft-dkg-openpgp-stateless-cli-04.html#section-6 +# https://ietf.org/archive/id/draft-dkg-openpgp-stateless-cli-10.html#section-7 # # Local error codes use a negative number, as that should not conflict with # the SOP exit codes. @@ -74,7 +79,12 @@ use constant { OPENPGP_MISSING_INPUT => 61, OPENPGP_KEY_IS_PROTECTED => 67, OPENPGP_UNSUPPORTED_SUBCMD => 69, + OPENPGP_UNSUPPORTED_SPECIAL_PREFIX => 71, + OPENPGP_AMBIGUOUS_INPUT => 73, OPENPGP_KEY_CANNOT_SIGN => 79, + OPENPGP_INCOMPATIBLE_OPTIONS => 83, + OPENPGP_NO_HW_KEY_FOUND => 97, + OPENPGP_HW_KEY_FAILURE => 101, OPENPGP_MISSING_CMD => -1, OPENPGP_NEEDS_KEYSTORE => -2, @@ -92,7 +102,12 @@ my %code2error = ( OPENPGP_MISSING_INPUT() => N_('input file does not exist'), OPENPGP_KEY_IS_PROTECTED() => N_('cannot unlock password-protected key'), OPENPGP_UNSUPPORTED_SUBCMD() => N_('unsupported subcommand'), + OPENPGP_UNSUPPORTED_SPECIAL_PREFIX() => N_('unknown special designator in indirect parameter'), + OPENPGP_AMBIGUOUS_INPUT() => N_('special designator in indirect parameter is an existing file'), OPENPGP_KEY_CANNOT_SIGN() => N_('key is not signature-capable'), + OPENPGP_INCOMPATIBLE_OPTIONS() => N_('mutually exclusive options'), + OPENPGP_NO_HW_KEY_FOUND() => N_('cannot identify hardware device for hardware-backed secret keys'), + OPENPGP_HW_KEY_FAILURE() => N_('cannot perform operation on hardware-backed secret key'), OPENPGP_MISSING_CMD() => N_('missing OpenPGP implementation'), OPENPGP_NEEDS_KEYSTORE() => N_('specified key needs a keystore'), |