1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
// -*- mode: cpp; mode: fold -*-
// Description /*{{{*/
/* ######################################################################
Helpers to deal with gpgv better and more easily
##################################################################### */
/*}}}*/
#ifndef CONTRIB_GPGV_H
#define CONTRIB_GPGV_H
#include <apt-pkg/macros.h>
#include <string>
#include <vector>
class FileFd;
/** \brief generates and run the command to verify a file with gpgv
*
* If File and FileSig specify the same file it is assumed that we
* deal with a clear-signed message. Note that the method will accept
* and validate files which include additional (unsigned) messages
* without complaining. Do NOT open files accepted by this method
* for reading. Use #OpenMaybeClearSignedFile to access the message
* instead to ensure you are only reading signed data.
*
* The method does not return, but has some notable exit-codes:
* 111 signals an internal error like the inability to execute gpgv,
* 112 indicates a clear-signed file which doesn't include a message,
* which can happen if APT is run while on a network requiring
* authentication before usage (e.g. in hotels)
* All other exit-codes are passed-through from gpgv.
*
* @param File is the message (unsigned or clear-signed)
* @param FileSig is the signature (detached or clear-signed)
* @param statusfd is the fd given to gpgv as --status-fd
* @param fd is used as a pipe for the standard output of gpgv
* @param key is the specific one to be used instead of using all
*/
APT_PUBLIC void ExecGPGV(std::string const &File, std::string const &FileSig,
int const &statusfd, int fd[2], std::string const &Key = "") APT_NORETURN;
inline APT_NORETURN void ExecGPGV(std::string const &File, std::string const &FileSig,
int const &statusfd = -1) {
int fd[2];
ExecGPGV(File, FileSig, statusfd, fd);
}
/** \brief Split an inline signature into message and signature
*
* Takes a clear-signed message and puts the first signed message
* in the content file and all signatures following it into the
* second. Unsigned messages, additional messages as well as
* whitespaces are discarded. The resulting files are suitable to
* be checked with gpgv.
*
* If a FileFd pointers is NULL it will not be used and the content
* which would have been written to it is silently discarded.
*
* The content of the split files is undefined if the splitting was
* unsuccessful.
*
* Note that trying to split an unsigned file will fail, but
* not generate an error message.
*
* @param InFile is the clear-signed file
* @param ContentFile is the FileFd the message will be written to
* @param ContentHeader is a list of all required Amored Headers for the message
* @param SignatureFile is the FileFd all signatures will be written to
* @return true if the splitting was successful, false otherwise
*/
APT_PUBLIC bool SplitClearSignedFile(std::string const &InFile, FileFd * const ContentFile,
std::vector<std::string> * const ContentHeader, FileFd * const SignatureFile);
/** \brief open a file which might be clear-signed
*
* This method tries to extract the (signed) message of a file.
* If the file isn't signed it will just open the given filename.
* Otherwise the message is extracted to a temporary file which
* will be opened instead.
*
* @param ClearSignedFileName is the name of the file to open
* @param[out] MessageFile is the FileFd in which the file will be opened
* @return true if opening was successful, otherwise false
*/
APT_PUBLIC bool OpenMaybeClearSignedFile(std::string const &ClearSignedFileName, FileFd &MessageFile);
#endif
|
