Pin::Pin() { gpg_error_t res; pid_t pid; int flags; const char *argv[2]; gpg_err_init(); res = assuan_new (&ctx); if(res) throw runtime_error(strprintf("pinentry initialisation: %s", gpg_strerror(res))); assuan_set_assuan_log_prefix("Pin: "); // needed esp. for ncurses lang = strprintf("OPTION lc-ctype=%s",getenv("LANG")); tty = strprintf("OPTION ttyname=%s",getenv("TTY")); flags = 0x0; argv[0] = "bitcoind"; // fake argv argv[1] = NULL; res = assuan_pipe_connect (ctx, SECURE_EXEC_PATH"/pinentry", argv, NULL, NULL, NULL, flags); if(res) throw runtime_error(strprintf("pinentry pipe forking: %s", gpg_strerror(res))); pid = assuan_get_pid(ctx); if(pid == ASSUAN_INVALID_PID) throw runtime_error(strprintf("pinentry not running: %s", gpg_strerror(res))); cmd(tty.c_str()); cmd(lang.c_str()); }
int main (int argc, char *argv[]) { int i = 1; int listmode = 0; const char *source_sym; const char *error_sym; gpg_error_t err; #ifndef GPG_ERR_INITIALIZED gpg_err_init (); #endif i18n_init (); if (argc == 1) { fprintf (stderr, _("Usage: %s GPG-ERROR [...]\n"), strrchr (argv[0],'/')? (strrchr (argv[0], '/')+1): argv[0]); exit (1); } else if (argc == 2 && !strcmp (argv[1], "--version")) { fputs ("gpg-error (" PACKAGE_NAME ") " PACKAGE_VERSION "\n", stdout); exit (0); } else if (argc == 2 && !strcmp (argv[1], "--list")) { listmode = 1; } if (listmode) { for (i=0; i < GPG_ERR_SOURCE_DIM; i++) { /* We use error code 1 because gpg_err_make requires a non-zero error code. */ err = gpg_err_make (i, 1); err -= 1; source_sym = gpg_strsource_sym (err); if (source_sym) printf ("%u = (%u, -) = (%s, -) = (%s, -)\n", err, gpg_err_source (err), source_sym, gpg_strsource (err)); } for (i=0; i < GPG_ERR_CODE_DIM; i++) { err = gpg_err_make (GPG_ERR_SOURCE_UNKNOWN, i); error_sym = gpg_strerror_sym (err); if (error_sym) printf ("%u = (-, %u) = (-, %s) = (-, %s)\n", err, gpg_err_code (err), error_sym, gpg_strerror (err)); } i = argc; /* Don't run the usual stuff. */ } while (i < argc) { if (get_err_from_number (argv[i], &err) || get_err_from_symbol (argv[i], &err) || get_err_from_str (argv[i], &err)) { source_sym = gpg_strsource_sym (err); error_sym = gpg_strerror_sym (err); printf ("%u = (%u, %u) = (%s, %s) = (%s, %s)\n", err, gpg_err_source (err), gpg_err_code (err), source_sym ? source_sym : "-", error_sym ? error_sym : "-", gpg_strsource (err), gpg_strerror (err)); } else fprintf (stderr, _("%s: warning: could not recognize %s\n"), argv[0], argv[i]); i++; } exit (0); }
gboolean zif_utils_gpg_verify (const gchar *filename, const gchar *filename_gpg, GError **error) { gboolean ret = FALSE; gpgme_ctx_t ctx = NULL; gpgme_data_t repomd_gpg = NULL; gpgme_data_t repomd = NULL; gpgme_error_t rc; gpgme_signature_t s; gpgme_verify_result_t result; /* check version */ gpgme_check_version (NULL); /* startup gpgme */ rc = gpg_err_init (); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, ZIF_UTILS_ERROR, ZIF_UTILS_ERROR_FAILED, "failed to startup GPG: %s", gpgme_strerror (rc)); goto out; } /* create a new GPG context */ rc = gpgme_new (&ctx); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, ZIF_UTILS_ERROR, ZIF_UTILS_ERROR_FAILED, "failed to create context: %s", gpgme_strerror (rc)); goto out; } /* set the protocol */ rc = gpgme_set_protocol (ctx, GPGME_PROTOCOL_OpenPGP); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, ZIF_UTILS_ERROR, ZIF_UTILS_ERROR_FAILED, "failed to set protocol: %s", gpgme_strerror (rc)); goto out; } /* enable armor mode */ gpgme_set_armor (ctx, TRUE); /* load file */ rc = gpgme_data_new_from_file (&repomd, filename, 1); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, ZIF_UTILS_ERROR, ZIF_UTILS_ERROR_FAILED, "failed to load repomd: %s", gpgme_strerror (rc)); goto out; } /* load signature */ rc = gpgme_data_new_from_file (&repomd_gpg, filename_gpg, 1); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, ZIF_UTILS_ERROR, ZIF_UTILS_ERROR_FAILED, "failed to load repomd.asc: %s", gpgme_strerror (rc)); goto out; } /* verify the repodata.xml */ g_debug ("verifying %s with %s", filename, filename_gpg); rc = gpgme_op_verify (ctx, repomd_gpg, repomd, NULL); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, ZIF_UTILS_ERROR, ZIF_UTILS_ERROR_FAILED, "failed to verify: %s", gpgme_strerror (rc)); goto out; } /* verify the result */ result = gpgme_op_verify_result (ctx); if (result == NULL) { g_set_error_literal (error, ZIF_UTILS_ERROR, ZIF_UTILS_ERROR_FAILED, "no result record from libgpgme"); goto out; } /* look at each signature */ for (s = result->signatures; s != NULL ; s = s->next ) { ret = zif_utils_gpg_check_signature (s, error); if (!ret) goto out; } /* success */ ret = TRUE; out: if (ctx != NULL) gpgme_release (ctx); gpgme_data_release (repomd_gpg); gpgme_data_release (repomd); return ret; }
static gboolean fu_keyring_setup (FuKeyring *keyring, GError **error) { FuKeyringPrivate *priv = GET_PRIVATE (keyring); gpgme_error_t rc; g_autofree gchar *gpg_home = NULL; g_return_val_if_fail (FU_IS_KEYRING (keyring), FALSE); if (priv->ctx != NULL) return TRUE; /* check version */ gpgme_check_version (NULL); /* startup gpgme */ rc = gpg_err_init (); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, FWUPD_ERROR, FWUPD_ERROR_INTERNAL, "failed to startup GPG: %s", gpgme_strerror (rc)); return FALSE; } /* create a new GPG context */ rc = gpgme_new (&priv->ctx); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, FWUPD_ERROR, FWUPD_ERROR_INTERNAL, "failed to create context: %s", gpgme_strerror (rc)); return FALSE; } /* set the protocol */ rc = gpgme_set_protocol (priv->ctx, GPGME_PROTOCOL_OpenPGP); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, FWUPD_ERROR, FWUPD_ERROR_INTERNAL, "failed to set protocol: %s", gpgme_strerror (rc)); return FALSE; } /* set a custom home directory */ gpg_home = g_build_filename (LOCALSTATEDIR, "lib", PACKAGE_NAME, "gnupg", NULL); if (g_mkdir_with_parents (gpg_home, 0700) < 0) { g_set_error (error, FWUPD_ERROR, FWUPD_ERROR_INTERNAL, "failed to create %s", gpg_home); return FALSE; } g_debug ("Using keyring at %s", gpg_home); rc = gpgme_ctx_set_engine_info (priv->ctx, GPGME_PROTOCOL_OpenPGP, NULL, gpg_home); if (rc != GPG_ERR_NO_ERROR) { g_set_error (error, FWUPD_ERROR, FWUPD_ERROR_INTERNAL, "failed to set protocol: %s", gpgme_strerror (rc)); return FALSE; } /* enable armor mode */ gpgme_set_armor (priv->ctx, TRUE); return TRUE; }