retvalue signature_check(const struct signature_requirement *requirements, const char *releasegpg, const char *releasename, const char *releasedata, size_t releaselen) {
gpg_error_t err;
int gpgfd;
gpgme_data_t dh, dh_gpg;
assert (requirements != NULL);
if (FAILEDTOALLOC(releasedata) || FAILEDTOALLOC(releasegpg))
return RET_ERROR_OOM;
assert (context != NULL);
/* Read the file and its signature into memory: */
gpgfd = open(releasegpg, O_RDONLY|O_NOCTTY);
if (gpgfd < 0) {
int e = errno;
fprintf(stderr, "Error opening '%s': %s\n",
releasegpg, strerror(e));
return RET_ERRNO(e);
}
err = gpgme_data_new_from_fd(&dh_gpg, gpgfd);
if (err != 0) {
(void)close(gpgfd);
fprintf(stderr, "Error reading '%s':\n", releasegpg);
return gpgerror(err);
}
err = gpgme_data_new_from_mem(&dh, releasedata, releaselen, 0);
if (err != 0) {
gpgme_data_release(dh_gpg);
return gpgerror(err);
}
/* Verify the signature */
err = gpgme_op_verify(context, dh_gpg, dh, NULL);
gpgme_data_release(dh_gpg);
gpgme_data_release(dh);
close(gpgfd);
if (err != 0) {
fprintf(stderr, "Error verifying '%s':\n", releasegpg);
return gpgerror(err);
}
return verify_signature(requirements, releasegpg, releasename);
}
std::unique_ptr<gpgme_data_t, std::function<void(gpgme_data_t *)>> c_gpgme::load_file ( const std::string &filename ) {
if (!boost::filesystem::exists(filename)) {
throw std::runtime_error(std::string("file not exists"));
}
auto deleter = [](gpgme_data_t *ptr) {
gpgme_data_release(*ptr);
delete ptr;
};
std::unique_ptr<gpgme_data_t, std::function<void(gpgme_data_t *)>> data_file_ptr(new gpgme_data_t, deleter);
int file_descriptor = open(filename.c_str(), O_RDONLY);
if (file_descriptor == -1) {
throw std::runtime_error(std::string("cannot open file ") + filename);
}
m_error_code = gpgme_data_new_from_fd(data_file_ptr.get(), file_descriptor);
if (m_error_code) {
throw std::runtime_error(std::string("load file error, error code ") + std::to_string(m_error_code));
}
return data_file_ptr;
}
gboolean
lr_gpg_check_signature_fd(int signature_fd,
int data_fd,
const char *home_dir,
GError **err)
{
gpgme_error_t gpgerr;
gpgme_ctx_t context;
gpgme_data_t signature_data;
gpgme_data_t data_data;
gpgme_verify_result_t result;
gpgme_signature_t sig;
assert(!err || *err == NULL);
// Initialization
gpgme_check_version(NULL);
gpgerr = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_engine_check_version: %s",
__func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGNOTSUPPORTED,
"gpgme_engine_check_version() error: %s",
gpgme_strerror(gpgerr));
return FALSE;
}
gpgerr = gpgme_new(&context);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_new: %s", __func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_new() error: %s", gpgme_strerror(gpgerr));
return FALSE;
}
gpgerr = gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_set_protocol: %s", __func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_set_protocol() error: %s", gpgme_strerror(gpgerr));
gpgme_release(context);
return FALSE;
}
if (home_dir) {
gpgerr = gpgme_ctx_set_engine_info(context, GPGME_PROTOCOL_OpenPGP,
NULL, home_dir);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_ctx_set_engine_info: %s", __func__,
gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_ctx_set_engine_info() error: %s",
gpgme_strerror(gpgerr));
gpgme_release(context);
return FALSE;
}
}
gpgme_set_armor(context, 1);
gpgerr = gpgme_data_new_from_fd(&signature_data, signature_fd);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_data_new_from_fd: %s",
__func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_data_new_from_fd(_, %d) error: %s",
signature_fd, gpgme_strerror(gpgerr));
gpgme_release(context);
return FALSE;
}
gpgerr = gpgme_data_new_from_fd(&data_data, data_fd);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_data_new_from_fd: %s",
__func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_data_new_from_fd(_, %d) error: %s",
data_fd, gpgme_strerror(gpgerr));
gpgme_data_release(signature_data);
gpgme_release(context);
return FALSE;
}
// Verify
gpgerr = gpgme_op_verify(context, signature_data, data_data, NULL);
gpgme_data_release(signature_data);
gpgme_data_release(data_data);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_op_verify: %s", __func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_op_verify() error: %s", gpgme_strerror(gpgerr));
gpgme_release(context);
return FALSE;
}
result = gpgme_op_verify_result(context);
if (!result) {
g_debug("%s: gpgme_op_verify_result: error", __func__);
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_op_verify_result() error: %s",
gpgme_strerror(gpgerr));
gpgme_release(context);
return FALSE;
}
// Check result of verification
sig = result->signatures;
if(!sig) {
g_debug("%s: signature verify error (no signatures)", __func__);
g_set_error(err, LR_GPG_ERROR, LRE_BADGPG,
"Signature verify error - no signatures");
gpgme_release(context);
return FALSE;
}
// Example of signature usage could be found in gpgme git repository
// in the gpgme/tests/run-verify.c
for (; sig; sig = sig->next) {
if ((sig->summary & GPGME_SIGSUM_VALID) || // Valid
(sig->summary & GPGME_SIGSUM_GREEN) || // Valid
(sig->summary == 0 && sig->status == GPG_ERR_NO_ERROR)) // Valid but key is not certified with a trusted signature
{
gpgme_release(context);
return TRUE;
}
}
gpgme_release(context);
g_debug("%s: Bad GPG signature", __func__);
g_set_error(err, LR_GPG_ERROR, LRE_BADGPG, "Bad GPG signature");
return FALSE;
}
gboolean
lr_gpg_import_key(const char *key_fn, const char *home_dir, GError **err)
{
gpgme_error_t gpgerr;
int key_fd;
gpgme_ctx_t context;
gpgme_data_t key_data;
assert(!err || *err == NULL);
// Initialization
gpgme_check_version(NULL);
gpgerr = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_engine_check_version: %s",
__func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGNOTSUPPORTED,
"gpgme_engine_check_version() error: %s",
gpgme_strerror(gpgerr));
return FALSE;
}
gpgerr = gpgme_new(&context);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_new: %s", __func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_new() error: %s", gpgme_strerror(gpgerr));
return FALSE;
}
gpgerr = gpgme_set_protocol(context, GPGME_PROTOCOL_OpenPGP);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_set_protocol: %s", __func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_set_protocol() error: %s", gpgme_strerror(gpgerr));
gpgme_release(context);
return FALSE;
}
if (home_dir) {
gpgerr = gpgme_ctx_set_engine_info(context, GPGME_PROTOCOL_OpenPGP,
NULL, home_dir);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_ctx_set_engine_info: %s", __func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_ctx_set_engine_info() error: %s",
gpgme_strerror(gpgerr));
gpgme_release(context);
return FALSE;
}
}
gpgme_set_armor(context, 1);
// Key import
key_fd = open(key_fn, O_RDONLY);
if (key_fd == -1) {
g_debug("%s: Opening key: %s", __func__, strerror(errno));
g_set_error(err, LR_GPG_ERROR, LRE_IO,
"Error while opening key %s: %s",
key_fn, strerror(errno));
gpgme_release(context);
return FALSE;
}
gpgerr = gpgme_data_new_from_fd(&key_data, key_fd);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_data_new_from_fd: %s",
__func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_data_new_from_fd(_, %d) error: %s",
key_fd, gpgme_strerror(gpgerr));
gpgme_release(context);
close(key_fd);
return FALSE;
}
gpgerr = gpgme_op_import(context, key_data);
gpgme_data_release(key_data);
if (gpgerr != GPG_ERR_NO_ERROR) {
g_debug("%s: gpgme_op_import: %s", __func__, gpgme_strerror(gpgerr));
g_set_error(err, LR_GPG_ERROR, LRE_GPGERROR,
"gpgme_op_import() error: %s", gpgme_strerror(gpgerr));
gpgme_release(context);
close(key_fd);
return FALSE;
}
close(key_fd);
gpgme_release(context);
return TRUE;
}
retvalue signature_check(const struct signature_requirement *requirements, const char *releasegpg, const char *release) {
gpg_error_t err;
int fd, gpgfd;
gpgme_data_t dh, dh_gpg;
gpgme_verify_result_t result;
int i;
const struct signature_requirement *req;
assert (requirements != NULL);
if (FAILEDTOALLOC(release) || FAILEDTOALLOC(releasegpg))
return RET_ERROR_OOM;
assert (context != NULL);
/* Read the file and its signature into memory: */
gpgfd = open(releasegpg, O_RDONLY|O_NOCTTY);
if (gpgfd < 0) {
int e = errno;
fprintf(stderr, "Error opening '%s': %s\n",
releasegpg, strerror(e));
return RET_ERRNO(e);
}
fd = open(release, O_RDONLY|O_NOCTTY);
if (fd < 0) {
int e = errno;
(void)close(gpgfd);
fprintf(stderr, "Error opening '%s': %s\n",
release, strerror(e));
return RET_ERRNO(e);
}
err = gpgme_data_new_from_fd(&dh_gpg, gpgfd);
if (err != 0) {
(void)close(gpgfd); (void)close(fd);
fprintf(stderr, "Error reading '%s':\n", releasegpg);
return gpgerror(err);
}
err = gpgme_data_new_from_fd(&dh, fd);
if (err != 0) {
gpgme_data_release(dh_gpg);
(void)close(gpgfd); (void)close(fd);
fprintf(stderr, "Error reading '%s':\n", release);
return gpgerror(err);
}
/* Verify the signature */
err = gpgme_op_verify(context, dh_gpg, dh, NULL);
gpgme_data_release(dh_gpg);
gpgme_data_release(dh);
close(gpgfd); close(fd);
if (err != 0) {
fprintf(stderr, "Error verifying '%s':\n", releasegpg);
return gpgerror(err);
}
result = gpgme_op_verify_result(context);
if (result == NULL) {
fprintf(stderr,
"Internal error communicating with libgpgme: no result record!\n\n");
return RET_ERROR_GPGME;
}
for (req = requirements ; req != NULL ; req = req->next) {
bool fullfilled = false;
/* check first for good signatures, and then for good enough
signatures, to not pester the user with warnings of one
of the alternate keys, if the last one is good enough */
for (i = 0 ; (size_t)i < req->num_keys ; i++) {
if (key_good(&req->keys[i], result->signatures)) {
fullfilled = true;
break;
}
}
for (i = 0 ; !fullfilled && (size_t)i < req->num_keys ; i++) {
if (key_good_enough(&req->keys[i], result->signatures,
releasegpg, release)) {
fullfilled = true;
break;
}
}
if (!fullfilled) {
fprintf(stderr,
"ERROR: Condition '%s' not fullfilled for '%s'.\n",
req->condition, releasegpg);
print_signatures(stderr, result->signatures,
releasegpg);
return RET_ERROR_BADSIG;
}
if (verbose > 10) {
fprintf(stdout, "Condition '%s' fullfilled for '%s'.\n",
req->condition, releasegpg);
}
}
if (verbose > 20)
print_signatures(stdout, result->signatures, releasegpg);
return RET_OK;
}
GpgME::Data::Data( int fd ) {
gpgme_data_t data;
const gpgme_error_t e = gpgme_data_new_from_fd( &data, fd );
d = new Private( e ? 0 : data );
d->ref();
}
/* Loop through all files in metalink structure and retrieve them.
Returns RETROK if all files were downloaded.
Returns last retrieval error (from retrieve_url) if some files
could not be downloaded. */
uerr_t
retrieve_from_metalink (const metalink_t* metalink)
{
metalink_file_t **mfile_ptr;
uerr_t last_retr_err = RETROK; /* Store last encountered retrieve error. */
FILE *_output_stream = output_stream;
bool _output_stream_regular = output_stream_regular;
char *_output_document = opt.output_document;
DEBUGP (("Retrieving from Metalink\n"));
/* No files to download. */
if (!metalink->files)
return RETROK;
if (opt.output_document)
{
/* We cannot support output_document as we need to compute checksum
of downloaded file, and to remove it if the checksum is bad. */
logputs (LOG_NOTQUIET,
_("-O not supported for metalink download. Ignoring.\n"));
}
for (mfile_ptr = metalink->files; *mfile_ptr; mfile_ptr++)
{
metalink_file_t *mfile = *mfile_ptr;
metalink_resource_t **mres_ptr;
char *filename = NULL;
bool hash_ok = false;
uerr_t retr_err = METALINK_MISSING_RESOURCE;
/* -1 -> file should be rejected
0 -> could not verify
1 -> verified successfully */
char sig_status = 0;
output_stream = NULL;
DEBUGP (("Processing metalink file %s...\n", quote (mfile->name)));
/* Resources are sorted by priority. */
for (mres_ptr = mfile->resources; *mres_ptr; mres_ptr++)
{
metalink_resource_t *mres = *mres_ptr;
metalink_checksum_t **mchksum_ptr, *mchksum;
struct iri *iri;
struct url *url;
int url_err;
if (!RES_TYPE_SUPPORTED (mres->type))
{
logprintf (LOG_VERBOSE,
_("Resource type %s not supported, ignoring...\n"),
quote (mres->type));
continue;
}
retr_err = METALINK_RETR_ERROR;
/* If output_stream is not NULL, then we have failed on
previous resource and are retrying. Thus, remove the file. */
if (output_stream)
{
fclose (output_stream);
output_stream = NULL;
if (unlink (filename))
logprintf (LOG_NOTQUIET, "unlink: %s\n", strerror (errno));
xfree (filename);
}
/* Parse our resource URL. */
iri = iri_new ();
set_uri_encoding (iri, opt.locale, true);
url = url_parse (mres->url, &url_err, iri, false);
if (!url)
{
char *error = url_error (mres->url, url_err);
logprintf (LOG_NOTQUIET, "%s: %s.\n", mres->url, error);
xfree (error);
inform_exit_status (URLERROR);
iri_free (iri);
continue;
}
else
{
/* Avoid recursive Metalink from HTTP headers. */
bool _metalink_http = opt.metalink_over_http;
/* Assure proper local file name regardless of the URL
of particular Metalink resource.
To do that we create the local file here and put
it as output_stream. We restore the original configuration
after we are finished with the file. */
output_stream = unique_create (mfile->name, true, &filename);
output_stream_regular = true;
/* Store the real file name for displaying in messages. */
opt.output_document = filename;
opt.metalink_over_http = false;
DEBUGP (("Storing to %s\n", filename));
retr_err = retrieve_url (url, mres->url, NULL, NULL,
NULL, NULL, opt.recursive, iri, false);
opt.metalink_over_http = _metalink_http;
}
url_free (url);
iri_free (iri);
if (retr_err == RETROK)
{
FILE *local_file;
/* Check the digest. */
local_file = fopen (filename, "rb");
if (!local_file)
{
logprintf (LOG_NOTQUIET, _("Could not open downloaded file.\n"));
continue;
}
for (mchksum_ptr = mfile->checksums; *mchksum_ptr; mchksum_ptr++)
{
char sha256[SHA256_DIGEST_SIZE];
char sha256_txt[2 * SHA256_DIGEST_SIZE + 1];
mchksum = *mchksum_ptr;
/* I have seen both variants... */
if (strcasecmp (mchksum->type, "sha256")
&& strcasecmp (mchksum->type, "sha-256"))
{
DEBUGP (("Ignoring unsupported checksum type %s.\n",
quote (mchksum->type)));
continue;
}
logprintf (LOG_VERBOSE, _("Computing checksum for %s\n"),
quote (mfile->name));
sha256_stream (local_file, sha256);
wg_hex_to_string (sha256_txt, sha256, SHA256_DIGEST_SIZE);
DEBUGP (("Declared hash: %s\n", mchksum->hash));
DEBUGP (("Computed hash: %s\n", sha256_txt));
if (!strcmp (sha256_txt, mchksum->hash))
{
logputs (LOG_VERBOSE,
_("Checksum matches.\n"));
hash_ok = true;
}
else
{
logprintf (LOG_NOTQUIET,
_("Checksum mismatch for file %s.\n"),
quote (mfile->name));
hash_ok = false;
}
/* Stop as soon as we checked the supported checksum. */
break;
} /* Iterate over available checksums. */
fclose (local_file);
local_file = NULL;
if (!hash_ok)
continue;
sig_status = 0; /* Not verified. */
#ifdef HAVE_GPGME
/* Check the crypto signature.
Note that the signtures from Metalink in XML will not be
parsed when using libmetalink version older than 0.1.3.
Metalink-over-HTTP is not affected by this problem. */
if (mfile->signature)
{
metalink_signature_t *msig = mfile->signature;
gpgme_error_t gpgerr;
gpgme_ctx_t gpgctx;
gpgme_data_t gpgsigdata, gpgdata;
gpgme_verify_result_t gpgres;
gpgme_signature_t gpgsig;
gpgme_protocol_t gpgprot = GPGME_PROTOCOL_UNKNOWN;
int fd = -1;
/* Initialize the library - as name suggests. */
gpgme_check_version (NULL);
/* Open data file. */
fd = open (filename, O_RDONLY);
if (fd == -1)
{
logputs (LOG_NOTQUIET,
_("Could not open downloaded file for signature "
"verification.\n"));
goto gpg_skip_verification;
}
/* Assign file descriptor to GPG data structure. */
gpgerr = gpgme_data_new_from_fd (&gpgdata, fd);
if (gpgerr != GPG_ERR_NO_ERROR)
{
logprintf (LOG_NOTQUIET,
"GPGME data_new_from_fd: %s\n",
gpgme_strerror (gpgerr));
goto gpg_skip_verification;
}
/* Prepare new GPGME context. */
gpgerr = gpgme_new (&gpgctx);
if (gpgerr != GPG_ERR_NO_ERROR)
{
logprintf (LOG_NOTQUIET,
"GPGME new: %s\n",
gpgme_strerror (gpgerr));
gpgme_data_release (gpgdata);
goto gpg_skip_verification;
}
DEBUGP (("Verifying signature %s:\n%s\n",
quote (msig->mediatype),
msig->signature));
/* Check signature type. */
if (!strcmp (msig->mediatype, "application/pgp-signature"))
gpgprot = GPGME_PROTOCOL_OpenPGP;
else /* Unsupported signature type. */
{
gpgme_release (gpgctx);
gpgme_data_release (gpgdata);
goto gpg_skip_verification;
}
gpgerr = gpgme_set_protocol (gpgctx, gpgprot);
if (gpgerr != GPG_ERR_NO_ERROR)
{
logprintf (LOG_NOTQUIET,
"GPGME set_protocol: %s\n",
gpgme_strerror (gpgerr));
gpgme_release (gpgctx);
gpgme_data_release (gpgdata);
goto gpg_skip_verification;
}
/* Load the signature. */
gpgerr = gpgme_data_new_from_mem (&gpgsigdata,
msig->signature,
strlen (msig->signature),
0);
if (gpgerr != GPG_ERR_NO_ERROR)
{
logprintf (LOG_NOTQUIET,
_("GPGME data_new_from_mem: %s\n"),
gpgme_strerror (gpgerr));
gpgme_release (gpgctx);
gpgme_data_release (gpgdata);
goto gpg_skip_verification;
}
/* Verify the signature. */
gpgerr = gpgme_op_verify (gpgctx, gpgsigdata, gpgdata, NULL);
if (gpgerr != GPG_ERR_NO_ERROR)
{
logprintf (LOG_NOTQUIET,
_("GPGME op_verify: %s\n"),
gpgme_strerror (gpgerr));
gpgme_data_release (gpgsigdata);
gpgme_release (gpgctx);
gpgme_data_release (gpgdata);
goto gpg_skip_verification;
}
/* Check the results. */
gpgres = gpgme_op_verify_result (gpgctx);
if (!gpgres)
{
logputs (LOG_NOTQUIET,
_("GPGME op_verify_result: NULL\n"));
gpgme_data_release (gpgsigdata);
gpgme_release (gpgctx);
gpgme_data_release (gpgdata);
goto gpg_skip_verification;
}
/* The list is null-terminated. */
for (gpgsig = gpgres->signatures; gpgsig; gpgsig = gpgsig->next)
{
DEBUGP (("Checking signature %s\n", gpgsig->fpr));
if (gpgsig->summary
& (GPGME_SIGSUM_VALID | GPGME_SIGSUM_GREEN))
{
logputs (LOG_VERBOSE,
_("Signature validation suceeded.\n"));
sig_status = 1;
break;
}
if (gpgsig->summary & GPGME_SIGSUM_RED)
{
logputs (LOG_NOTQUIET,
_("Invalid signature. Rejecting resource.\n"));
sig_status = -1;
break;
}
if (gpgsig->summary == 0
&& (gpgsig->status & 0xFFFF) == GPG_ERR_NO_ERROR)
{
logputs (LOG_VERBOSE,
_("Data matches signature, but signature "
"is not trusted.\n"));
}
if ((gpgsig->status & 0xFFFF) != GPG_ERR_NO_ERROR)
{
logprintf (LOG_NOTQUIET,
"GPGME: %s\n",
gpgme_strerror (gpgsig->status & 0xFFFF));
}
}
gpgme_data_release (gpgsigdata);
gpgme_release (gpgctx);
gpgme_data_release (gpgdata);
gpg_skip_verification:
if (fd != -1)
close (fd);
} /* endif (mfile->signature) */
#endif
/* Stop if file was downloaded with success. */
if (sig_status >= 0)
break;
} /* endif RETR_OK. */
} /* Iterate over resources. */
if (retr_err != RETROK)
{
logprintf (LOG_VERBOSE, _("Failed to download %s. Skipping resource.\n"),
quote (mfile->name));
}
else if (!hash_ok)
{
retr_err = METALINK_CHKSUM_ERROR;
logprintf (LOG_NOTQUIET,
_("File %s retrieved but checksum does not match. "
"\n"), quote (mfile->name));
}
#ifdef HAVE_GPGME
/* Signature will be only validated if hash check was successful. */
else if (sig_status < 0)
{
retr_err = METALINK_SIG_ERROR;
logprintf (LOG_NOTQUIET,
_("File %s retrieved but signature does not match. "
"\n"), quote (mfile->name));
}
#endif
last_retr_err = retr_err == RETROK ? last_retr_err : retr_err;
/* Remove the file if error encountered or if option specified.
Note: the file has been downloaded using *_loop. Therefore, it
is not necessary to keep the file for continuated download. */
if ((retr_err != RETROK || opt.delete_after)
&& filename != NULL && file_exists_p (filename))
{
logprintf (LOG_VERBOSE, _("Removing %s.\n"), quote (filename));
if (unlink (filename))
logprintf (LOG_NOTQUIET, "unlink: %s\n", strerror (errno));
}
if (output_stream)
{
fclose (output_stream);
output_stream = NULL;
}
xfree (filename);
} /* Iterate over files. */
/* Restore original values. */
opt.output_document = _output_document;
output_stream_regular = _output_stream_regular;
output_stream = _output_stream;
return last_retr_err;
}
retvalue signature_check_inline(const struct signature_requirement *requirements, const char *filename, char **chunk_p) {
gpg_error_t err;
gpgme_data_t dh, dh_gpg;
int fd;
fd = open(filename, O_RDONLY|O_NOCTTY);
if (fd < 0) {
int e = errno;
fprintf(stderr, "Error opening '%s': %s\n",
filename, strerror(e));
return RET_ERRNO(e);
}
err = gpgme_data_new_from_fd(&dh_gpg, fd);
if (err != 0) {
(void)close(fd);
return gpgerror(err);
}
err = gpgme_data_new(&dh);
if (err != 0) {
(void)close(fd);
gpgme_data_release(dh_gpg);
return gpgerror(err);
}
err = gpgme_op_verify(context, dh_gpg, NULL, dh);
(void)close(fd);
if (gpg_err_code(err) == GPG_ERR_NO_DATA) {
char *chunk; const char *n;
size_t len;
retvalue r;
gpgme_data_release(dh);
gpgme_data_release(dh_gpg);
r = readtextfile(filename, filename, &chunk, &len);
assert (r != RET_NOTHING);
if (RET_WAS_ERROR(r))
return r;
assert (chunk[len] == '\0');
len = chunk_extract(chunk, chunk, len, false, &n);
if (chunk[0] == '-' || *n != '\0') {
fprintf(stderr,
"Cannot parse '%s': found no signature but does not looks safe to be assumed unsigned, either.\n",
filename);
free(chunk);
return RET_ERROR;
}
if (requirements != NULL) {
free(chunk);
return RET_ERROR_BADSIG;
}
fprintf(stderr,
"WARNING: No signature found in %s, assuming it is unsigned!\n",
filename);
assert (chunk[len] == '\0');
*chunk_p = realloc(chunk, len+1);
if (FAILEDTOALLOC(*chunk_p))
*chunk_p = chunk;
return RET_OK;
} else {
char *plain_data, *chunk;
const char *n;
size_t plain_len, len;
retvalue r;
if (err != 0) {
gpgme_data_release(dh_gpg);
gpgme_data_release(dh);
return gpgerror(err);
}
gpgme_data_release(dh_gpg);
plain_data = gpgme_data_release_and_get_mem(dh, &plain_len);
if (plain_data == NULL) {
fprintf(stderr,
"Error: libgpgme failed to extract the plain data out of\n"
"'%s'.\n"
"While it did so in a way indicating running out of memory, experience says\n"
"this also happens when gpg returns a error code it does not understand.\n"
"To check this please try running gpg --verify '%s' manually.\n"
"Continuing extracting it ignoring all signatures...",
filename, filename);
return RET_ERROR;
}
chunk = malloc(plain_len+1);
if (FAILEDTOALLOC(chunk))
return RET_ERROR_OOM;
len = chunk_extract(chunk, plain_data, plain_len, false, &n);
#ifdef HAVE_GPGPME_FREE
gpgme_free(plain_data);
#else
free(plain_data);
#endif
assert (len <= plain_len);
if (plain_len != (size_t)(n - plain_data)) {
fprintf(stderr,
"Cannot parse '%s': extraced signed data looks malformed.\n",
filename);
r = RET_ERROR;
} else
r = verify_signature(requirements, filename, NULL);
if (RET_IS_OK(r)) {
*chunk_p = realloc(chunk, len+1);
if (FAILEDTOALLOC(*chunk_p))
*chunk_p = chunk;
} else
free(chunk);
return r;
}
}
void GPGME::encryptBytesToFile(const QByteArray & data, const QString & filename, const QString & keyId)
{
setError(GPG_ERR_NO_ERROR); // clear error
qDebug() << "Encrypt data to file" << filename;
gpgme_error_t err;
// check data size
if (data.size() > FILESIZE_HARD_LIMIT) {
setError(GPGME_WRAPPER_ERR_DATA_TOO_LARGE, true);
return;
}
// list all available keys and find the appropriate
err = gpgme_op_keylist_start(p->context, keyId.toLatin1().data(), 0);
gpgme_key_t key = 0;
gpgme_key_t loop_key = 0;
int foundCount = 0;
while (1) {
err = gpgme_op_keylist_next(p->context, &loop_key);
if (err != GPG_ERR_NO_ERROR) {
break;
}
qDebug() << "KEY FOUND";
if (loop_key != 0) {
key = loop_key;
}
foundCount++;
}
gpgme_op_keylist_end(p->context);
if (foundCount > 1) {
setError(GPGME_WRAPPER_ERR_MORE_THAN_ONE_KEY_FOUND);
return;
}
if (key == 0) {
// key not found
setError(GPGME_WRAPPER_ERR_CANNOT_FIND_KEY, true);
return;
}
// if filename ends with ".asc" then use armored output, otherwise use binary
if (filename.toLower().endsWith(".asc")) {
// use armored output
gpgme_set_armor(p->context, 1);
qDebug() << "Encode: use armored output";
}
gpgme_data_t cipher;
gpgme_data_t plain;
gpgme_data_new_from_mem(&plain, data.data(), data.size(), 0); // do not copy data
// backup file contents
QFile file(filename);
if (!file.open(QIODevice::ReadOnly)) {
setError(GPGME_WRAPPER_ERR_CANNOT_OPEN_FILE, true);
return;
}
if (file.size() > FILESIZE_HARD_LIMIT) {
setError(GPGME_WRAPPER_ERR_FILE_TOO_LARGE, true);
return;
}
QByteArray cipherBackup = file.readAll();
file.close();
// prepare file for writing
if (!file.open(QIODevice::WriteOnly)) {
setError(GPGME_WRAPPER_ERR_CANNOT_OPEN_FILE, true);
return;
}
err = gpgme_data_new_from_fd(&cipher, file.handle());
if (err != GPG_ERR_NO_ERROR) {
setError(err);
return;
}
gpgme_key_t keys[2];
keys[0] = key;
keys[1] = 0;
err = gpgme_op_encrypt(p->context, keys, static_cast<gpgme_encrypt_flags_t>(GPGME_ENCRYPT_ALWAYS_TRUST), plain, cipher);
if (err != GPG_ERR_NO_ERROR) {
// revert file contents in case of error
file.resize(0);
file.write(cipherBackup);
setError(err);
}
file.close();
}
QByteArray GPGME::decryptFile(const QString & filename, QString & keyId, QWidget * parent)
{
setError(GPG_ERR_NO_ERROR); // clear error
CallbackData cbData;
cbData.parent = parent;
qDebug() << "ERERR" << gpg_err_source(GPG_ERR_CODE_DIM+1);
gpgme_set_passphrase_cb(p->context, passphraseCallback, &cbData);
qDebug() << "decrypting file" << filename;
gpgme_data_t data;
gpgme_error_t err;
QFile file(filename);
if (!file.exists()) {
setError(GPGME_WRAPPER_ERR_FILE_NOT_FOUND, true);
return QByteArray();
}
if (!file.open(QIODevice::ReadOnly)) {
setError(GPGME_WRAPPER_ERR_CANNOT_OPEN_FILE, true);
return QByteArray();
}
if (file.size() > FILESIZE_HARD_LIMIT) {
setError(GPGME_WRAPPER_ERR_FILE_TOO_LARGE, true);
return QByteArray();
}
err = gpgme_data_new_from_fd(&data, file.handle());
if (err != GPG_ERR_NO_ERROR) {
setError(err);
return QByteArray();
}
// process data (it's cipher)
gpgme_data_t plain;
gpgme_data_new(&plain);
err = gpgme_op_decrypt(p->context, data, plain);
// unset passphrase callback
gpgme_set_passphrase_cb(p->context, 0, 0);
if (err != GPG_ERR_NO_ERROR) {
gpgme_data_release(data);
gpgme_data_release(plain);
setError(err);
return QByteArray();
}
// decryption is successful so load plain data
QByteArray resBytes;
const int bufSize = 1000;
int read;
char buf[bufSize];
gpgme_data_seek(plain, 0, SEEK_SET);
while (true) {
read = gpgme_data_read(plain, (void*)buf, bufSize);
if (read == 0) {
break;
}
if (read == -1) {
// error, ignore for now
break;
}
resBytes.append(buf, read);
}
gpgme_decrypt_result_t decrypt_res = gpgme_op_decrypt_result(p->context);
gpgme_recipient_t recipient;
if (decrypt_res) {
recipient = decrypt_res->recipients;
while (recipient) {
keyId = recipient->keyid;
recipient = recipient->next;
break; // just ignore the other recipients
}
}
return resBytes;
}
