int
pkg_delete_files(struct pkg *pkg, int force)
{
struct pkg_file *file = NULL;
char sha256[SHA256_DIGEST_LENGTH * 2 + 1];
const char *path;
while (pkg_files(pkg, &file) == EPKG_OK) {
path = pkg_file_path(file);
/* Regular files and links */
/* check sha256 */
if (!force && pkg_file_sha256(file)[0] != '\0') {
if (sha256_file(path, sha256) == -1) {
pkg_emit_error("sha256 calculation failed for '%s'",
path);
} else if (strcmp(sha256, pkg_file_sha256(file)) != 0) {
pkg_emit_error("%s fails original SHA256 checksum,"
" not removing", path);
continue;
}
}
if (unlink(path) == -1) {
pkg_emit_errno("unlink", path);
continue;
}
}
return (EPKG_OK);
}
static int
dccoffer_cb (char *word[], void *userdata)
{
int result;
struct stat buffer; /* buffer for storing file info */
char sum[65]; /* buffer for checksum */
result = stat (word[3], &buffer);
if (result == 0) /* stat returns 0 on success */
{
if (buffer.st_size <= (unsigned long long) get_limit () * 1048576)
{
sha256_file (word[3], sum); /* word[3] is the full filename */
hexchat_commandf (ph, "quote PRIVMSG %s :SHA-256 checksum for %s (remote): %s", word[2], word[1], sum);
}
else
{
hexchat_set_context (ph, hexchat_find_context (ph, NULL, word[3]));
hexchat_printf (ph, "quote PRIVMSG %s :SHA-256 checksum for %s (remote): (size limit reached, no checksum calculated)", word[2], word[1]);
}
}
else
{
hexchat_printf (ph, "File access error!\n");
}
return HEXCHAT_EAT_NONE;
}
int
pkg_repo_verify(const char *path, unsigned char *sig, unsigned int sig_len)
{
char sha256[SHA256_DIGEST_LENGTH *2 +1];
char errbuf[1024];
RSA *rsa = NULL;
sha256_file(path, sha256);
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
rsa = load_rsa_public_key(pkg_config("PUBKEY"));
if (rsa == NULL)
return(EPKG_FATAL);
if (RSA_verify(NID_sha1, sha256, sizeof(sha256), sig, sig_len, rsa) == 0) {
pkg_emit_error("%s: %s", pkg_config("PUBKEY"),
ERR_error_string(ERR_get_error(), errbuf));
return (EPKG_FATAL);
}
RSA_free(rsa);
ERR_free_strings();
return (EPKG_OK);
}
int
pkg_delete_files(struct pkg *pkg, bool force)
{
struct pkg_file *file = NULL;
char sha256[SHA256_DIGEST_LENGTH * 2 + 1];
const char *path;
while (pkg_files(pkg, &file) == EPKG_OK) {
const char *sum = pkg_file_cksum(file);
if (file->keep == 1)
continue;
path = pkg_file_path(file);
/* Regular files and links */
/* check sha256 */
if (!force && sum[0] != '\0') {
if (sha256_file(path, sha256) != EPKG_OK)
continue;
if (strcmp(sha256, sum)) {
pkg_emit_error("%s fails original SHA256 "
"checksum, not removing", path);
continue;
}
}
if (unlink(path) == -1) {
pkg_emit_errno("unlink", path);
continue;
}
}
return (EPKG_OK);
}
static void
file_exists(sqlite3_context *ctx, int argc, sqlite3_value **argv)
{
char fpath[MAXPATHLEN];
sqlite3 *db = sqlite3_context_db_handle(ctx);
char *path = dirname(sqlite3_db_filename(db, "main"));
char cksum[SHA256_DIGEST_LENGTH * 2 +1];
if (argc != 2) {
sqlite3_result_error(ctx, "file_exists needs two argument", -1);
return;
}
snprintf(fpath, sizeof(fpath), "%s/%s", path, sqlite3_value_text(argv[0]));
if (access(fpath, R_OK) == 0) {
sha256_file(fpath, cksum);
if (strcmp(cksum, sqlite3_value_text(argv[1])) == 0)
sqlite3_result_int(ctx, 1);
else
sqlite3_result_int(ctx, 0);
} else {
sqlite3_result_int(ctx, 0);
}
}
int
rsa_sign(char *path, struct rsa_key *rsa, unsigned char **sigret, unsigned int *siglen)
{
char errbuf[1024];
int max_len = 0, ret;
char sha256[SHA256_DIGEST_LENGTH * 2 +1];
if (access(rsa->path, R_OK) == -1) {
pkg_emit_errno("access", rsa->path);
return (EPKG_FATAL);
}
if (rsa->key == NULL && _load_rsa_private_key(rsa) != EPKG_OK) {
pkg_emit_error("can't load key from %s", rsa->path);
return (EPKG_FATAL);
}
max_len = RSA_size(rsa->key);
*sigret = calloc(1, max_len + 1);
sha256_file(path, sha256);
ret = RSA_sign(NID_sha1, sha256, sizeof(sha256), *sigret, siglen, rsa->key);
if (ret == 0) {
/* XXX pass back RSA errors correctly */
pkg_emit_error("%s: %s", rsa->path,
ERR_error_string(ERR_get_error(), errbuf));
return (EPKG_FATAL);
}
return (EPKG_OK);
}
static int
dccrecv_cb (char *word[], void *userdata)
{
int result;
struct stat64 buffer; /* buffer for storing file info */
char sum[65]; /* buffer for checksum */
result = stat64 (word[2], &buffer);
if (result == 0) /* stat returns 0 on success */
{
if (buffer.st_size <= (unsigned long long) get_limit () * 1048576)
{
sha256_file (word[2], sum); /* word[2] is the full filename */
/* try to print the checksum in the privmsg tab of the sender */
xchat_set_context (ph, xchat_find_context (ph, NULL, word[3]));
xchat_printf (ph, "SHA-256 checksum for %s (local): %s\n", word[1], sum);
}
else
{
xchat_set_context (ph, xchat_find_context (ph, NULL, word[3]));
xchat_printf (ph, "SHA-256 checksum for %s (local): (size limit reached, no checksum calculated, you can increase it with /CHECKSUM INC)\n", word[1]);
}
}
else
{
xchat_printf (ph, "File access error!\n");
}
return XCHAT_EAT_NONE;
}
void sign(int argc, char **argv) {
ecc_int256_t secret, hash, k, krecip, r, s, tmp;
ecc_25519_work_t kG;
if (argc != 2)
exit_error(1, 0, "Usage: ecdsautil sign file (secret is read from stdin)");
if (!sha256_file(argv[1], tmp.p))
exit_error(1, 0, "Error while hashing file");
char secret_string[65];
if (fgets(secret_string, sizeof(secret_string), stdin) == NULL)
exit_error(1, 0, "Error reading secret");
if (!parsehex(secret.p, secret_string, 32))
exit_error(1, 0, "Error reading secret");
// Reduce hash (instead of clearing 3 bits)
ecc_25519_gf_reduce(&hash, &tmp);
// Generate k
generate_k(k.p, secret.p, tmp.p);
ecc_25519_gf_sanitize_secret(&k, &k);
// calculate k^(-1)
ecc_25519_gf_recip(&krecip, &k);
// calculate kG = k * base point
ecc_25519_scalarmult_base(&kG, &k);
// store x coordinate of kG in r
ecc_25519_store_xy(&tmp, NULL, &kG);
ecc_25519_gf_reduce(&r, &tmp);
if (ecc_25519_gf_is_zero(&r))
exit_error(1, 0, "Error: r is zero (this should never happen)");
// tmp = r * secret
ecc_25519_gf_mult(&tmp, &r, &secret);
// s = hash + tmp = hash + r * secret
ecc_25519_gf_add(&s, &hash, &tmp);
// tmp = krecip * s = k^(-1) * s
ecc_25519_gf_mult(&tmp, &krecip, &s);
// mod n (order of G)
ecc_25519_gf_reduce(&s, &tmp);
if (ecc_25519_gf_is_zero(&s))
exit_error(1, 0, "Error: s is zero (this should never happen)");
hexdump(stdout, r.p, 32);
hexdump(stdout, s.p, 32);
puts("");
}
static int sha256_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha256_file( path, output, 0 );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
CAMLprim value stub_sha256_file(value name)
{
CAMLparam1(name);
CAMLlocal1(result);
result = caml_alloc_string(32);
if (sha256_file(String_val(name), String_val(result)))
caml_failwith("file error");
CAMLreturn(result);
}
static int sha256_wrapper( char *filename, unsigned char *sum )
{
int ret = sha256_file( filename, sum, 0 );
if( ret == 1 )
fprintf( stderr, "failed to open: %s\n", filename );
if( ret == 2 )
fprintf( stderr, "failed to read: %s\n", filename );
return( ret );
}
int
pkg_finish_repo(char *path, pem_password_cb *password_cb, char *rsa_key_path)
{
char repo_path[MAXPATHLEN + 1];
char repo_archive[MAXPATHLEN + 1];
struct packing *pack;
int max_len = 0;
unsigned char *sigret = NULL;
int siglen = 0;
RSA *rsa = NULL;
char sha256[SHA256_DIGEST_LENGTH * 2 +1];
snprintf(repo_path, sizeof(repo_path), "%s/repo.sqlite", path);
snprintf(repo_archive, sizeof(repo_archive), "%s/repo", path);
packing_init(&pack, repo_archive, TXZ);
if (rsa_key_path != NULL) {
if (access(rsa_key_path, R_OK) == -1) {
pkg_emit_errno("access", rsa_key_path);
return EPKG_FATAL;
}
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
rsa = load_rsa_private_key(rsa_key_path, password_cb);
max_len = RSA_size(rsa);
sigret = malloc(max_len + 1);
memset(sigret, 0, max_len);
sha256_file(repo_path, sha256);
if (RSA_sign(NID_sha1, sha256, sizeof(sha256), sigret, &siglen, rsa) == 0) {
/* XXX pass back RSA errors correctly */
pkg_emit_error("%s: %lu", rsa_key_path, ERR_get_error());
return EPKG_FATAL;
}
packing_append_buffer(pack, sigret, "signature", siglen + 1);
free(sigret);
RSA_free(rsa);
ERR_free_strings();
}
packing_append_file(pack, repo_path, "repo.sqlite");
unlink(repo_path);
packing_finish(pack);
return (EPKG_OK);
}
int
pkg_delete_files(struct pkg *pkg, int force)
{
int do_remove, i;
int ret = EPKG_OK;
struct pkg_file **files;
char sha256[65];
const char *path;
files = pkg_files(pkg);
for (i = 0; files[i] != NULL; i++) {
path = pkg_file_path(files[i]);
/* Directories */
if (path[strlen(path) - 1] == '/') {
/*
* currently do not warn on this because multiple
* packages can own the same directory
*/
rmdir(path);
continue;
}
/* Regular files and links */
/* check sha256 */
do_remove = 1;
if (pkg_file_sha256(files[i])[0] != '\0') {
if (sha256_file(path, sha256) == -1) {
warnx("sha256 calculation failed for '%s'",
path);
} else {
if (strcmp(sha256, pkg_file_sha256(files[i])) != 0) {
if (force)
warnx("%s fails original SHA256 checksum", path);
else {
do_remove = 0;
warnx("%s fails original SHA256 checksum, not removing", path);
}
}
}
}
if (do_remove && unlink(path) == -1) {
warn("unlink(%s)", path);
continue;
}
}
return (ret);
}
int
pkg_from_old(struct pkg *p)
{
struct pkg_file *f = NULL;
char sha256[SHA256_DIGEST_LENGTH * 2 + 1];
p->type = PKG_INSTALLED;
while (pkg_files(p, &f) == EPKG_OK) {
if (f->sum[0] == '\0')
continue;
if (sha256_file(f->path, sha256) == EPKG_OK)
strlcpy(f->sum, sha256, sizeof(f->sum));
}
return (EPKG_OK);
}
int
pkg_delete_files(struct pkg *pkg, unsigned force)
/* force: 0 ... be careful and vocal about it.
* 1 ... remove files without bothering about checksums.
* 2 ... like 1, but remain silent if removal fails.
*/
{
struct pkg_file *file = NULL;
char sha256[SHA256_DIGEST_LENGTH * 2 + 1];
const char *path;
char fpath[MAXPATHLEN];
while (pkg_files(pkg, &file) == EPKG_OK) {
const char *sum = pkg_file_cksum(file);
ucl_object_t *obj;
if (file->keep == 1)
continue;
path = pkg_file_path(file);
obj = pkg_annotation_lookup(pkg, "relocated");
snprintf(fpath, sizeof(fpath), "%s%s",
obj ? pkg_object_string(obj) : "" , path );
/* Regular files and links */
/* check sha256 */
if (!force && sum[0] != '\0') {
if (sha256_file(fpath, sha256) != EPKG_OK)
continue;
if (strcmp(sha256, sum)) {
pkg_emit_error("%s fails original SHA256 "
"checksum, not removing", path);
continue;
}
}
if (unlink(fpath) == -1) {
if (force < 2)
pkg_emit_errno("unlink", fpath);
continue;
}
}
return (EPKG_OK);
}
int
rsa_sign(char *path, pem_password_cb *password_cb, char *rsa_key_path,
unsigned char **sigret, unsigned int *siglen)
{
char errbuf[1024];
int max_len = 0, ret;
RSA *rsa = NULL;
char sha256[SHA256_DIGEST_LENGTH * 2 +1];
if (access(rsa_key_path, R_OK) == -1) {
pkg_emit_errno("access", rsa_key_path);
return EPKG_FATAL;
}
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
rsa = _load_rsa_private_key(rsa_key_path, password_cb);
if (rsa == NULL) {
pkg_emit_error("can't load key from %s", rsa_key_path);
return EPKG_FATAL;
}
max_len = RSA_size(rsa);
*sigret = calloc(1, max_len + 1);
sha256_file(path, sha256);
ret = RSA_sign(NID_sha1, sha256, sizeof(sha256), *sigret, siglen, rsa);
if (ret == 0) {
/* XXX pass back RSA errors correctly */
pkg_emit_error("%s: %s", rsa_key_path,
ERR_error_string(ERR_get_error(), errbuf));
return EPKG_FATAL;
}
RSA_free(rsa);
ERR_free_strings();
return (EPKG_OK);
}
static int
dccrecv_cb (char *word[], void *userdata)
{
int result;
struct stat buffer; /* buffer for storing file info */
char sum[65]; /* buffer for checksum */
const char *file;
char *cfile;
if (hexchat_get_prefs (ph, "dcc_completed_dir", &file, NULL) == 1 && file[0] != 0)
{
cfile = g_strconcat (file, G_DIR_SEPARATOR_S, word[1], NULL);
}
else
{
cfile = g_strdup(word[2]);
}
result = stat (cfile, &buffer);
if (result == 0) /* stat returns 0 on success */
{
if (buffer.st_size <= (unsigned long long) get_limit () * 1048576)
{
sha256_file (cfile, sum); /* file is the full filename even if completed dir set */
/* try to print the checksum in the privmsg tab of the sender */
hexchat_set_context (ph, hexchat_find_context (ph, NULL, word[3]));
hexchat_printf (ph, "SHA-256 checksum for %s (local): %s\n", word[1], sum);
}
else
{
hexchat_set_context (ph, hexchat_find_context (ph, NULL, word[3]));
hexchat_printf (ph, "SHA-256 checksum for %s (local): (size limit reached, no checksum calculated, you can increase it with /CHECKSUM INC)\n", word[1]);
}
}
else
{
hexchat_printf (ph, "File access error!\n");
}
g_free (cfile);
return HEXCHAT_EAT_NONE;
}
int mchp_sha256_validate( const char *path, unsigned const char *sha2 )
{
int i,result;
unsigned char sha256sum[32],sha256hex[65];
/* Determine SHA2 digest of file to be verified */
result = sha256_file( path , sha256sum, 0 );
/* If valid, convert SHA digest to hex */
if( 0 == result )
{
for( i=0 ; i<32 ; i++ )
{
sprintf( sha256hex + i * 2, "%02x", sha256sum[i] );
}
}
sha256hex[64]='\0';
/* Compare the calulated SAH2 digest with known value */
return strcmp( sha256hex , sha2 );
}
int
pkg_delete_files(struct pkg *pkg, unsigned force)
/* force: 0 ... be careful and vocal about it.
* 1 ... remove files without bothering about checksums.
* 2 ... like 1, but remain silent if removal fails.
*/
{
struct pkg_file *file = NULL;
char sha256[SHA256_DIGEST_LENGTH * 2 + 1];
const char *path;
while (pkg_files(pkg, &file) == EPKG_OK) {
const char *sum = pkg_file_cksum(file);
if (file->keep == 1)
continue;
path = pkg_file_path(file);
/* Regular files and links */
/* check sha256 */
if (!force && sum[0] != '\0') {
if (sha256_file(path, sha256) != EPKG_OK)
continue;
if (strcmp(sha256, sum)) {
pkg_emit_error("%s fails original SHA256 "
"checksum, not removing", path);
continue;
}
}
if (unlink(path) == -1) {
if (force < 2)
pkg_emit_errno("unlink", path);
continue;
}
}
return (EPKG_OK);
}
void SendCoinsDialog::openExist()
{
QString filename = QFileDialog::getOpenFileName(this, tr("Choose a File"), tr("*.*"));
const char *path = filename.toUtf8().constData();
static char hashBuffer[65];
// QString qUserFeedback;
int result;
result = sha256_file(path, hashBuffer);
QString qUserFeedback;
if (result == 0) {
static char outputBuffer[76];
sprintf(outputBuffer, "{\"hash\":\"%s\"}", hashBuffer);
qUserFeedback = QString(outputBuffer);
nProdTypeID = SNRG_EXIST;
} else {
qUserFeedback = QString("");
}
ui->editTxComment->setText(qUserFeedback);
}
int mchp_sha256( const char *path, unsigned char output[65] )
{
int i,result;
unsigned char sha256sum[32];
/* Calculate the SHA2 digest of given file */
result = sha256_file( path , sha256sum, 0 );
/* If valid, convert SHA digest to hex */
if( 0 == result )
{
for( i=0 ; i<32 ; i++ )
{
sprintf( output + i * 2, "%02x", sha256sum[i] );
}
}
#if defined(_BUILD_SHA_CHECKSUM_)
else
fprintf(stderr,"Error: cannot create hash for %s\n", path);
#endif
output[64]='\0';
return 0;
}
int
pkg_repo_fetch(struct pkg *pkg)
{
char dest[MAXPATHLEN + 1];
char url[MAXPATHLEN + 1];
int fetched = 0;
char cksum[SHA256_DIGEST_LENGTH * 2 +1];
char *path = NULL;
const char *packagesite = NULL;
const char *cachedir = NULL;
bool multirepos_enabled = false;
int retcode = EPKG_OK;
const char *repopath, *repourl, *sum, *name, *version;
assert((pkg->type & PKG_REMOTE) == PKG_REMOTE);
if (pkg_config_string(PKG_CONFIG_CACHEDIR, &cachedir) != EPKG_OK)
return (EPKG_FATAL);
pkg_get(pkg, PKG_REPOPATH, &repopath, PKG_REPOURL, &repourl,
PKG_CKSUM, &sum, PKG_NAME, &name, PKG_VERSION, &version);
snprintf(dest, sizeof(dest), "%s/%s", cachedir, repopath);
/* If it is already in the local cachedir, dont bother to
* download it */
if (access(dest, F_OK) == 0)
goto checksum;
/* Create the dirs in cachedir */
if ((path = dirname(dest)) == NULL) {
pkg_emit_errno("dirname", dest);
retcode = EPKG_FATAL;
goto cleanup;
}
if ((retcode = mkdirs(path)) != EPKG_OK)
goto cleanup;
/*
* In multi-repos the remote URL is stored in pkg[PKG_REPOURL]
* For a single attached database the repository URL should be
* defined by PACKAGESITE.
*/
pkg_config_bool(PKG_CONFIG_MULTIREPOS, &multirepos_enabled);
if (multirepos_enabled) {
packagesite = repourl;
} else {
pkg_config_string(PKG_CONFIG_REPO, &packagesite);
}
if (packagesite == NULL || packagesite[0] == '\0') {
pkg_emit_error("PACKAGESITE is not defined");
retcode = 1;
goto cleanup;
}
if (packagesite[strlen(packagesite) - 1] == '/')
snprintf(url, sizeof(url), "%s%s", packagesite, repopath);
else
snprintf(url, sizeof(url), "%s/%s", packagesite, repopath);
retcode = pkg_fetch_file(url, dest, 0);
fetched = 1;
if (retcode != EPKG_OK)
goto cleanup;
checksum:
retcode = sha256_file(dest, cksum);
if (retcode == EPKG_OK)
if (strcmp(cksum, sum)) {
if (fetched == 1) {
pkg_emit_error("%s-%s failed checksum "
"from repository", name, version);
retcode = EPKG_FATAL;
} else {
pkg_emit_error("cached package %s-%s: "
"checksum mismatch, fetching from remote",
name, version);
unlink(dest);
return (pkg_repo_fetch(pkg));
}
}
cleanup:
if (retcode != EPKG_OK)
unlink(dest);
return (retcode);
}
void ECDSA_sign_file (char * path, ptr_curve_t E, ptr_point_t G, ptr_point_t Q, bases_t d_bases, mpz_t r, mpz_t s)
{
printf("\n\tStrat EC-DSA algo\n");
mpz_t k_inv, r0, r1, r2, n, d, k, z, x1;
mpz_init(k_inv);
mpz_init(r0);
mpz_init(r1);
mpz_init(r2);
mpz_init(s);
mpz_init(k);
mpz_init(z);
mpz_init(x1);
mpz_init(r);
bases_t k_bases;
bases_init(k_bases);
point_t X;
point_init(&X);
//sha-256 de m
char buffer[65];
char buffer_M[40];
mpz_init(n);
mpz_ui_pow_ui(n,2,M);
mpz_init(d);
bases_to_int(d_bases,d);
mpz_t seed;
mpz_init_set_str(seed,"85e25bfe5c86226cdb12016f7553f9d0e693a268",16);
gmp_randstate_t rand_stat;
gmp_randinit_default(rand_stat);
gmp_randseed(rand_stat,seed);
//gmp_randseed_ui(rand_stat,time(NULL));
//k*G=(x1,y1) (un scalaire fois un point)
int step_3 = 0;
while(!step_3)
{
mpz_urandomb(k,rand_stat,M);
if(DEBUG)gmp_printf("%Zd\n",k);
int_to_bases(k,k_bases);
multiple_point_CE(E,G,k_bases,&X);
if(DEBUG)point_print(&X,"X");
//r=x1 mod n (x1 est transformé en integer)
bases_to_int(X._x,x1);
if(DEBUG)gmp_printf("%Zd\n",x1);
mpz_mod_2exp(r,x1,M);
if(mpz_cmp_ui(r,0)<=0)
{
printf("\tRestart EC-DSA algo because r = 0\n");
continue;
}
if(DEBUG)gmp_printf("r = x1 mod n, r = %Zd\n", r);
//z = Hex_to_int(sha-256(M))
sha256_file(path,buffer);
strncpy(buffer_M,buffer,40);
mpz_init_set_str(z,buffer_M,16);
//s= k^-1(z+r*d) mod n (multiplication d'integers)
mpz_invert(k_inv,k,n);
mpz_mul(r0,r,d);
mpz_add(r1,z,r0);
mpz_mul(r2,k_inv,r1);
mpz_mod_2exp(s,r2,M);
//if s = 0 go to step_3
if(mpz_cmp_ui(s,0)>0)
{
step_3 = 1;
}
else
{
printf("\tRestart EC-DSA algo because s = 0\n");
}
}
printf("\t\thash : sha-256(M) = %s\n", buffer);
gmp_printf("\t\tz = %Zd\n",z);
gmp_printf("\t\tr = %Zd\n",r);
gmp_printf("\t\ts = %Zd\n",s);
printf("\tEnd EC-DSA algo\n");
}//ECDSA_sign_file()
int
pkg_repo_fetch(struct pkg *pkg)
{
char dest[MAXPATHLEN + 1];
char url[MAXPATHLEN + 1];
int fetched = 0;
char cksum[SHA256_DIGEST_LENGTH * 2 +1];
char *path = NULL;
const char *packagesite = NULL;
int retcode = EPKG_OK;
assert((pkg->type & PKG_REMOTE) == PKG_REMOTE);
if ((packagesite = pkg_config("PACKAGESITE")) == NULL) {
pkg_emit_error("pkg_repo_fetch(): %s", "PACKAGESITE is not defined");
return (EPKG_FATAL);
}
snprintf(dest, sizeof(dest), "%s/%s", pkg_config("PKG_CACHEDIR"),
pkg_get(pkg, PKG_REPOPATH));
/* If it is already in the local cachedir, dont bother to download it */
if (access(dest, F_OK) == 0)
goto checksum;
/* Create the dirs in cachedir */
if ((path = dirname(dest)) == NULL) {
pkg_emit_errno("dirname", dest);
retcode = EPKG_FATAL;
goto cleanup;
}
if ((retcode = mkdirs(path)) != 0)
goto cleanup;
if (packagesite[strlen(packagesite) - 1] == '/')
snprintf(url, sizeof(url), "%s%s", packagesite,
pkg_get(pkg, PKG_REPOPATH));
else
snprintf(url, sizeof(url), "%s/%s", packagesite,
pkg_get(pkg, PKG_REPOPATH));
retcode = pkg_fetch_file(url, dest);
fetched = 1;
if (retcode != EPKG_OK)
goto cleanup;
checksum:
retcode = sha256_file(dest, cksum);
if (retcode == EPKG_OK)
if (strcmp(cksum, pkg_get(pkg, PKG_CKSUM))) {
if (fetched == 1) {
pkg_emit_error("%s-%s failed checksum from repository",
pkg_get(pkg, PKG_NAME), pkg_get(pkg, PKG_VERSION));
retcode = EPKG_FATAL;
} else {
pkg_emit_error("cached package %s-%s: checksum mismatch, fetching from remote",
pkg_get(pkg, PKG_NAME), pkg_get(pkg, PKG_VERSION));
unlink(dest);
return (pkg_repo_fetch(pkg));
}
}
cleanup:
if (retcode != EPKG_OK)
unlink(dest);
return (retcode);
}
int
pkg_create_repo(char *path, void (progress)(struct pkg *pkg, void *data), void *data)
{
FTS *fts = NULL;
FTSENT *ent = NULL;
struct stat st;
struct pkg *pkg = NULL;
struct pkg_dep *dep = NULL;
struct pkg_category *category = NULL;
struct pkg_license *license = NULL;
struct pkg_option *option = NULL;
struct sbuf *manifest = sbuf_new_auto();
char *ext = NULL;
sqlite3 *sqlite = NULL;
sqlite3_stmt *stmt_deps = NULL;
sqlite3_stmt *stmt_pkg = NULL;
sqlite3_stmt *stmt_lic1 = NULL;
sqlite3_stmt *stmt_lic2 = NULL;
sqlite3_stmt *stmt_cat1 = NULL;
sqlite3_stmt *stmt_cat2 = NULL;
sqlite3_stmt *stmt_opts = NULL;
int64_t package_id;
char *errmsg = NULL;
int retcode = EPKG_OK;
char *pkg_path;
char cksum[SHA256_DIGEST_LENGTH * 2 +1];
char *repopath[2];
char repodb[MAXPATHLEN + 1];
const char initsql[] = ""
"CREATE TABLE packages ("
"id INTEGER PRIMARY KEY,"
"origin TEXT UNIQUE,"
"name TEXT NOT NULL,"
"version TEXT NOT NULL,"
"comment TEXT NOT NULL,"
"desc TEXT NOT NULL,"
"arch TEXT NOT NULL,"
"osversion TEXT NOT NULL,"
"maintainer TEXT NOT NULL,"
"www TEXT,"
"prefix TEXT NOT NULL,"
"pkgsize INTEGER NOT NULL,"
"flatsize INTEGER NOT NULL,"
"licenselogic INTEGER NOT NULL,"
"cksum TEXT NOT NULL,"
"path TEXT NOT NULL," /* relative path to the package in the repository */
"pkg_format_version INTEGER"
");"
"CREATE TABLE deps ("
"origin TEXT,"
"name TEXT,"
"version TEXT,"
"package_id INTEGER REFERENCES packages(id),"
"UNIQUE(package_id, origin)"
");"
"CREATE TABLE categories ("
"id INTEGER PRIMARY KEY, "
"name TEXT NOT NULL UNIQUE "
");"
"CREATE TABLE pkg_categories ("
"package_id INTEGER REFERENCES packages(id), "
"category_id INTEGER REFERENCES categories(id), "
"UNIQUE(package_id, category_id)"
");"
"CREATE TABLE licenses ("
"id INTEGER PRIMARY KEY,"
"name TEXT NOT NULL UNIQUE"
");"
"CREATE TABLE pkg_licenses ("
"package_id INTEGER REFERENCES packages(id), "
"license_id INTEGER REFERENCES licenses(id), "
"UNIQUE(package_id, license_id)"
");"
"CREATE TABLE options ("
"package_id INTEGER REFERENCES packages(id), "
"option TEXT,"
"value TEXT,"
"UNIQUE (package_id, option)"
");"
"PRAGMA user_version=2;"
;
const char pkgsql[] = ""
"INSERT INTO packages ("
"origin, name, version, comment, desc, arch, osversion, "
"maintainer, www, prefix, pkgsize, flatsize, licenselogic, cksum, path"
")"
"VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8, ?9, ?10, ?11, ?12, ?13, ?14, ?15);";
const char depssql[] = ""
"INSERT INTO deps (origin, name, version, package_id) "
"VALUES (?1, ?2, ?3, ?4);";
const char licsql[] = "INSERT OR IGNORE INTO licenses(name) VALUES(?1);";
const char addlicsql[] = "INSERT OR ROLLBACK INTO pkg_licenses(package_id, license_id) "
"VALUES (?1, (SELECT id FROM licenses WHERE name = ?2));";
const char catsql[] = "INSERT OR IGNORE INTO categories(name) VALUES(?1);";
const char addcatsql[] = "INSERT OR ROLLBACK INTO pkg_categories(package_id, category_id) "
"VALUES (?1, (SELECT id FROM categories WHERE name = ?2));";
const char addoption[] = "INSERT OR ROLLBACK INTO options (option, value, package_id) "
"VALUES (?1, ?2, ?3);";
if (!is_dir(path)) {
pkg_emit_error("%s is not a directory", path);
return EPKG_FATAL;
}
repopath[0] = path;
repopath[1] = NULL;
snprintf(repodb, sizeof(repodb), "%s/repo.sqlite", path);
if (stat(repodb, &st) != -1)
if (unlink(repodb) != 0) {
pkg_emit_errno("unlink", path);
return EPKG_FATAL;
}
sqlite3_initialize();
if (sqlite3_open(repodb, &sqlite) != SQLITE_OK) {
sqlite3_shutdown();
return (EPKG_FATAL);
}
if ((retcode = sql_exec(sqlite, initsql)) != EPKG_OK)
goto cleanup;
if ((retcode = sql_exec(sqlite, "BEGIN TRANSACTION;")) != EPKG_OK)
goto cleanup;
if (sqlite3_prepare_v2(sqlite, pkgsql, -1, &stmt_pkg, NULL) != SQLITE_OK) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
if (sqlite3_prepare_v2(sqlite, depssql, -1, &stmt_deps, NULL) != SQLITE_OK) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
if (sqlite3_prepare_v2(sqlite, licsql, -1, &stmt_lic1, NULL) != SQLITE_OK) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
if (sqlite3_prepare_v2(sqlite, addlicsql, -1, &stmt_lic2, NULL) != SQLITE_OK) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
if (sqlite3_prepare_v2(sqlite, addoption, -1, &stmt_opts, NULL) != SQLITE_OK) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
if ((fts = fts_open(repopath, FTS_PHYSICAL, NULL)) == NULL) {
pkg_emit_errno("fts_open", path);
retcode = EPKG_FATAL;
goto cleanup;
}
if (sqlite3_prepare_v2(sqlite, catsql, -1, &stmt_cat1, NULL) != SQLITE_OK) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
if (sqlite3_prepare_v2(sqlite, addcatsql, -1, &stmt_cat2, NULL) != SQLITE_OK) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
while ((ent = fts_read(fts)) != NULL) {
cksum[0] = '\0';
/* skip everything that is not a file */
if (ent->fts_info != FTS_F)
continue;
ext = strrchr(ent->fts_name, '.');
if (ext == NULL)
continue;
if (strcmp(ext, ".tgz") != 0 &&
strcmp(ext, ".tbz") != 0 &&
strcmp(ext, ".txz") != 0 &&
strcmp(ext, ".tar") != 0)
continue;
pkg_path = ent->fts_path;
pkg_path += strlen(path);
while (pkg_path[0] == '/' )
pkg_path++;
if (pkg_open(&pkg, ent->fts_accpath, manifest) != EPKG_OK) {
retcode = EPKG_WARN;
continue;
}
if (progress != NULL)
progress(pkg, data);
sqlite3_bind_text(stmt_pkg, 1, pkg_get(pkg, PKG_ORIGIN), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 2, pkg_get(pkg, PKG_NAME), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 3, pkg_get(pkg, PKG_VERSION), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 4, pkg_get(pkg, PKG_COMMENT), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 5, pkg_get(pkg, PKG_DESC), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 6, pkg_get(pkg, PKG_ARCH), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 7, pkg_get(pkg, PKG_OSVERSION), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 8, pkg_get(pkg, PKG_MAINTAINER), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 9, pkg_get(pkg, PKG_WWW), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 10, pkg_get(pkg, PKG_PREFIX), -1, SQLITE_STATIC);
sqlite3_bind_int64(stmt_pkg, 11, ent->fts_statp->st_size);
sqlite3_bind_int64(stmt_pkg, 12, pkg_flatsize(pkg));
sha256_file(ent->fts_accpath, cksum);
sqlite3_bind_int64(stmt_pkg, 13, pkg_licenselogic(pkg));
sqlite3_bind_text(stmt_pkg, 14, cksum, -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_pkg, 15, pkg_path, -1, SQLITE_STATIC);
if (sqlite3_step(stmt_pkg) != SQLITE_DONE) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
sqlite3_reset(stmt_pkg);
package_id = sqlite3_last_insert_rowid(sqlite);
dep = NULL;
while (pkg_deps(pkg, &dep) == EPKG_OK) {
sqlite3_bind_text(stmt_deps, 1, pkg_dep_origin(dep), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_deps, 2, pkg_dep_name(dep), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_deps, 3, pkg_dep_version(dep), -1, SQLITE_STATIC);
sqlite3_bind_int64(stmt_deps, 4, package_id);
if (sqlite3_step(stmt_deps) != SQLITE_DONE) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
sqlite3_reset(stmt_deps);
}
category = NULL;
while (pkg_categories(pkg, &category) == EPKG_OK) {
sqlite3_bind_text(stmt_cat1, 1, pkg_category_name(category), -1, SQLITE_STATIC);
sqlite3_bind_int64(stmt_cat2, 1, package_id);
sqlite3_bind_text(stmt_cat2, 2, pkg_category_name(category), -1, SQLITE_STATIC);
if (sqlite3_step(stmt_cat1) != SQLITE_DONE) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
if (sqlite3_step(stmt_cat2) != SQLITE_DONE) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
sqlite3_reset(stmt_cat1);
sqlite3_reset(stmt_cat2);
}
license = NULL;
while (pkg_licenses(pkg, &license) == EPKG_OK) {
sqlite3_bind_text(stmt_lic1, 1, pkg_license_name(license), -1, SQLITE_STATIC);
sqlite3_bind_int64(stmt_lic2, 1, package_id);
sqlite3_bind_text(stmt_lic2, 2, pkg_license_name(license), -1, SQLITE_STATIC);
if (sqlite3_step(stmt_lic1) != SQLITE_DONE) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
if (sqlite3_step(stmt_lic2) != SQLITE_DONE) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
sqlite3_reset(stmt_lic1);
sqlite3_reset(stmt_lic2);
}
option = NULL;
while (pkg_options(pkg, &option) == EPKG_OK) {
sqlite3_bind_text(stmt_opts, 1, pkg_option_opt(option), -1, SQLITE_STATIC);
sqlite3_bind_text(stmt_opts, 2, pkg_option_value(option), -1, SQLITE_STATIC);
sqlite3_bind_int64(stmt_opts, 3, package_id);
if (sqlite3_step(stmt_opts) != SQLITE_DONE) {
ERROR_SQLITE(sqlite);
retcode = EPKG_FATAL;
goto cleanup;
}
sqlite3_reset(stmt_opts);
}
}
if (sqlite3_exec(sqlite, "COMMIT;", NULL, NULL, &errmsg) != SQLITE_OK) {
pkg_emit_error("sqlite: %s", errmsg);
retcode = EPKG_FATAL;
}
cleanup:
if (fts != NULL)
fts_close(fts);
if (pkg != NULL)
pkg_free(pkg);
if (stmt_pkg != NULL)
sqlite3_finalize(stmt_pkg);
if (stmt_deps != NULL)
sqlite3_finalize(stmt_deps);
if (stmt_cat1 != NULL)
sqlite3_finalize(stmt_cat1);
if (stmt_cat2 != NULL)
sqlite3_finalize(stmt_cat2);
if (stmt_lic1 != NULL)
sqlite3_finalize(stmt_lic1);
if (stmt_lic2 != NULL)
sqlite3_finalize(stmt_lic2);
if (stmt_opts != NULL)
sqlite3_finalize(stmt_opts);
if (sqlite != NULL)
sqlite3_close(sqlite);
if (errmsg != NULL)
sqlite3_free(errmsg);
sbuf_delete(manifest);
sqlite3_shutdown();
return (retcode);
}
void
read_pkg_file(void *data)
{
struct thd_data *d = (struct thd_data*) data;
struct pkg_result *r;
FTSENT *fts_ent = NULL;
char fts_accpath[MAXPATHLEN + 1];
char fts_path[MAXPATHLEN + 1];
char fts_name[MAXPATHLEN + 1];
off_t st_size;
int fts_info;
char *ext = NULL;
char *pkg_path;
for (;;) {
fts_ent = NULL;
/*
* Get a file to read from.
* Copy the data we need from the fts entry localy because as soon as
* we unlock the fts_m mutex, we can not access it.
*/
pthread_mutex_lock(&d->fts_m);
if (d->stop == false) {
fts_ent = fts_read(d->fts);
}
if (fts_ent != NULL) {
strlcpy(fts_accpath, fts_ent->fts_accpath, sizeof(fts_accpath));
strlcpy(fts_path, fts_ent->fts_path, sizeof(fts_path));
strlcpy(fts_name, fts_ent->fts_name, sizeof(fts_name));
st_size = fts_ent->fts_statp->st_size;
fts_info = fts_ent->fts_info;
}
pthread_mutex_unlock(&d->fts_m);
// There is no more jobs, exit the main loop.
if (fts_ent == NULL)
break;
/* skip everything that is not a file */
if (fts_info != FTS_F)
continue;
ext = strrchr(fts_name, '.');
if (ext == NULL)
continue;
if (strcmp(ext, ".tgz") != 0 &&
strcmp(ext, ".tbz") != 0 &&
strcmp(ext, ".txz") != 0 &&
strcmp(ext, ".tar") != 0)
continue;
if (strcmp(fts_name, "repo.txz") == 0)
continue;
pkg_path = fts_path;
pkg_path += strlen(d->root_path);
while (pkg_path[0] == '/')
pkg_path++;
r = calloc(1, sizeof(struct pkg_result));
strlcpy(r->path, pkg_path, sizeof(r->path));
r->size = st_size;
sha256_file(fts_accpath, r->cksum);
if (pkg_open(&r->pkg, fts_accpath) != EPKG_OK) {
r->retcode = EPKG_WARN;
}
/* Add result to the FIFO and notify */
pthread_mutex_lock(&d->results_m);
while (d->num_results >= d->max_results) {
pthread_cond_wait(&d->has_room, &d->results_m);
}
STAILQ_INSERT_TAIL(&d->results, r, next);
d->num_results++;
pthread_cond_signal(&d->has_result);
pthread_mutex_unlock(&d->results_m);
}
/*
* This thread is about to exit.
* Notify the main thread that we are done.
*/
pthread_mutex_lock(&d->results_m);
d->thd_finished++;
pthread_cond_signal(&d->has_result);
pthread_mutex_unlock(&d->results_m);
}
static int
pkg_create_from_dir(struct pkg *pkg, const char *root,
struct packing *pkg_archive)
{
char fpath[MAXPATHLEN];
struct pkg_file *file = NULL;
struct pkg_dir *dir = NULL;
char *m;
int ret;
const char *mtree;
bool developer;
struct stat st;
char sha256[SHA256_DIGEST_LENGTH * 2 + 1];
int64_t flatsize = 0;
ucl_object_t *obj;
if (pkg_is_valid(pkg) != EPKG_OK) {
pkg_emit_error("the package is not valid");
return (EPKG_FATAL);
}
obj = pkg_annotation_lookup(pkg, "relocated");
/*
* Get / compute size / checksum if not provided in the manifest
*/
while (pkg_files(pkg, &file) == EPKG_OK) {
const char *pkg_path = pkg_file_path(file);
const char *pkg_sum = pkg_file_cksum(file);
snprintf(fpath, sizeof(fpath), "%s%s%s", root ? root : "",
obj ? pkg_object_string(obj) : "", pkg_path);
if (lstat(fpath, &st) != 0 || S_ISLNK(st.st_mode))
continue;
if (file->size == 0)
file->size = (int64_t)st.st_size;
flatsize += file->size;
if (pkg_sum == NULL || pkg_sum[0] == '\0') {
if (pkg->type == PKG_OLD_FILE) {
if (md5_file(fpath, sha256) != EPKG_OK)
return (EPKG_FATAL);
} else {
if (sha256_file(fpath, sha256) != EPKG_OK)
return (EPKG_FATAL);
}
strlcpy(file->sum, sha256, sizeof(file->sum));
}
}
pkg_set(pkg, PKG_FLATSIZE, flatsize);
if (pkg->type == PKG_OLD_FILE) {
const char *desc, *display, *comment;
char oldcomment[BUFSIZ];
pkg_old_emit_content(pkg, &m);
packing_append_buffer(pkg_archive, m, "+CONTENTS", strlen(m));
free(m);
pkg_get(pkg, PKG_DESC, &desc, PKG_MESSAGE, &display, PKG_COMMENT, &comment);
packing_append_buffer(pkg_archive, desc, "+DESC", strlen(desc));
packing_append_buffer(pkg_archive, display, "+DISPLAY", strlen(display));
snprintf(oldcomment, sizeof(oldcomment), "%s\n", comment);
packing_append_buffer(pkg_archive, oldcomment, "+COMMENT", strlen(oldcomment));
} else {
/*
* Register shared libraries used by the package if
* SHLIBS enabled in conf. Deletes shlib info if not.
*/
struct sbuf *b = sbuf_new_auto();
pkg_register_shlibs(pkg, root);
pkg_emit_manifest_sbuf(pkg, b, PKG_MANIFEST_EMIT_COMPACT, NULL);
packing_append_buffer(pkg_archive, sbuf_data(b), "+COMPACT_MANIFEST", sbuf_len(b));
sbuf_clear(b);
pkg_emit_manifest_sbuf(pkg, b, 0, NULL);
sbuf_finish(b);
packing_append_buffer(pkg_archive, sbuf_data(b), "+MANIFEST", sbuf_len(b));
sbuf_delete(b);
}
pkg_get(pkg, PKG_MTREE, &mtree);
if (mtree != NULL)
packing_append_buffer(pkg_archive, mtree, "+MTREE_DIRS",
strlen(mtree));
while (pkg_files(pkg, &file) == EPKG_OK) {
const char *pkg_path = pkg_file_path(file);
snprintf(fpath, sizeof(fpath), "%s%s%s", root ? root : "",
obj ? pkg_object_string(obj) : "", pkg_path);
ret = packing_append_file_attr(pkg_archive, fpath, pkg_path,
file->uname, file->gname, file->perm);
developer = pkg_object_bool(pkg_config_get("DEVELOPER_MODE"));
if (developer && ret != EPKG_OK)
return (ret);
}
while (pkg_dirs(pkg, &dir) == EPKG_OK) {
const char *pkg_path = pkg_dir_path(dir);
snprintf(fpath, sizeof(fpath), "%s%s%s", root ? root : "",
obj ? pkg_object_string(obj) : "", pkg_path);
ret = packing_append_file_attr(pkg_archive, fpath, pkg_path,
dir->uname, dir->gname, dir->perm);
developer = pkg_object_bool(pkg_config_get("DEVELOPER_MODE"));
if (developer && ret != EPKG_OK)
return (ret);
}
return (EPKG_OK);
}
int verify(const char *command, int argc, char **argv) {
int ret = 1;
unsigned char signature[sizeof(ecdsa_signature_t)];
set pubkeys, signatures;
set_init(&pubkeys, sizeof(ecc_25519_work_t), 5);
set_init(&signatures, sizeof(signature), 5);
size_t min_good_signatures = 1;
int opt;
while ((opt = getopt(argc, argv, "s:p:n:")) != -1) {
ecc_int256_t pubkey_packed;
ecc_25519_work_t pubkey;
switch (opt) {
case 's':
if (!parsehex(signature, optarg, sizeof(signature))) {
fprintf(stderr, "Error while reading signature %s\n", optarg);
break;
}
if (!set_add(&signatures, signature)) {
fprintf(stderr, "Error in array_add\n");
goto out;
}
break;
case 'p':
if (!parsehex(pubkey_packed.p, optarg, 32)) {
fprintf(stderr, "Error while reading pubkey %s\n", optarg);
break;
}
int ok = ecc_25519_load_packed_legacy(&pubkey, &pubkey_packed);
if (!ok || !ecdsa_is_valid_pubkey(&pubkey)) {
fprintf(stderr, "Invalid pubkey %s\n", optarg);
break;
}
if (!set_add(&pubkeys, &pubkey)) {
fprintf(stderr, "Error in array_add\n");
goto out;
}
break;
case 'n':
min_good_signatures = atoi(optarg);
}
}
if (optind > argc) {
fprintf(stderr, "Usage: %s [-s signature ...] [-p pubkey ...] [-n num] file\n", command);
goto out;
}
ecc_int256_t hash;
if (!sha256_file((optind <= argc) ? argv[optind] : NULL, hash.p)) {
fprintf(stderr, "Error while hashing file\n");
goto out;
}
{
ecdsa_verify_context_t ctxs[signatures.size];
for (size_t i = 0; i < signatures.size; i++)
ecdsa_verify_prepare_legacy(&ctxs[i], &hash, SET_INDEX(signatures, i));
size_t good_signatures = ecdsa_verify_list_legacy(ctxs, signatures.size, pubkeys.content, pubkeys.size);
if (good_signatures >= min_good_signatures)
ret = 0;
}
out:
set_destroy(&pubkeys);
set_destroy(&signatures);
return ret;
}
static int
pkg_create_from_dir(struct pkg *pkg, const char *root,
struct packing *pkg_archive)
{
char fpath[MAXPATHLEN + 1];
struct pkg_file *file = NULL;
struct pkg_dir *dir = NULL;
char *m;
int ret;
const char *mtree;
bool developer;
struct stat st;
char sha256[SHA256_DIGEST_LENGTH * 2 + 1];
if (pkg_is_valid(pkg) != EPKG_OK) {
pkg_emit_error("the package is not valid");
return (EPKG_FATAL);
}
/*
* if the checksum is not provided in the manifest recompute it
*/
while (pkg_files(pkg, &file) == EPKG_OK) {
const char *pkg_path = pkg_file_path(file);
const char *pkg_sum = pkg_file_cksum(file);
if (root != NULL)
snprintf(fpath, sizeof(fpath), "%s%s", root, pkg_path);
else
strlcpy(fpath, pkg_path, sizeof(fpath));
if ((pkg_sum == NULL || pkg_sum[0] == '\0') &&
lstat(fpath, &st) == 0 && !S_ISLNK(st.st_mode)) {
if (sha256_file(fpath, sha256) != EPKG_OK)
return (EPKG_FATAL);
strlcpy(file->sum, sha256, sizeof(file->sum));
}
}
/*
* Register shared libraries used by the package if SHLIBS
* enabled in conf. Deletes shlib info if not.
*/
pkg_register_shlibs(pkg);
pkg_emit_manifest(pkg, &m);
packing_append_buffer(pkg_archive, m, "+MANIFEST", strlen(m));
free(m);
pkg_get(pkg, PKG_MTREE, &mtree);
if (mtree != NULL)
packing_append_buffer(pkg_archive, mtree, "+MTREE_DIRS",
strlen(mtree));
while (pkg_files(pkg, &file) == EPKG_OK) {
const char *pkg_path = pkg_file_path(file);
if (root != NULL)
snprintf(fpath, sizeof(fpath), "%s%s", root, pkg_path);
else
strlcpy(fpath, pkg_path, sizeof(fpath));
ret = packing_append_file_attr(pkg_archive, fpath, pkg_path,
file->uname, file->gname, file->perm);
pkg_config_bool(PKG_CONFIG_DEVELOPER_MODE, &developer);
if (developer && ret != EPKG_OK)
return (ret);
}
while (pkg_dirs(pkg, &dir) == EPKG_OK) {
const char *pkg_path = pkg_dir_path(dir);
if (root != NULL)
snprintf(fpath, sizeof(fpath), "%s%s", root, pkg_path);
else
strlcpy(fpath, pkg_dir_path(dir), sizeof(fpath));
ret = packing_append_file_attr(pkg_archive, fpath, pkg_path,
dir->uname, dir->gname, dir->perm);
pkg_config_bool(PKG_CONFIG_DEVELOPER_MODE, &developer);
if (developer && ret != EPKG_OK)
return (ret);
}
return (EPKG_OK);
}
void ECDSA_verify_sign_file(char * path, ptr_curve_t E, ptr_point_t G, ptr_point_t Q, mpz_t r, mpz_t s)
{
mpz_t n;
mpz_init(n);
mpz_ui_pow_ui(n,2,M);
if(mpz_cmp(s,n)<0 && mpz_cmp_ui(s,0)>0)
{
printf("\t s is in ]0,n-1]\n");
}
else
{
printf("\t s isn't ]0,n-1]\n");
printf("\t signature is false\n");
return;
}
if(mpz_cmp(r,n)<0 && mpz_cmp_ui(r,0)>0)
{
printf("\t r is in ]0,n-1]\n");
}
else
{
printf("\t r isn't ]0,n-1]\n");
printf("\t signature is false\n");
return;
}
//sha-256 de m
mpz_t z;
char buffer[65];
char buffer_M[40];
//z = Hex_to_int(sha-256(M))
sha256_file(path,buffer);
strncpy(buffer_M,buffer,40);
mpz_init_set_str(z,buffer_M,16);
/*if(DEBUG)*/gmp_printf("\t\tn = %Zd\n",n);
/*if(DEBUG)*/gmp_printf("\t\tz = %Zd\n",z);
/*if(DEBUG)*/gmp_printf("\t\tr = %Zd\n",r);
/*if(DEBUG)*/gmp_printf("\t\ts = %Zd\n",s);
//w = s^-1 mod n
mpz_t w;
mpz_init(w);
mpz_invert(w,s,n);
//u1 = zw mod n & u2 = rw mod n
mpz_t u1, u2, r0;
mpz_init(u1);
mpz_init(u2);
mpz_init(r0);
mpz_mul(r0,z,w);
mpz_mod_2exp(u1,r0,M);
mpz_mul(r0,r,w);
mpz_mod_2exp(u2,r0,M);
//(x1,y1) = u1 G + u2 Q
point_t R;
point_init(&R);
point_t GQ;
point_init(&GQ);
addition_point_CE(E,G,Q,&GQ);
bases_t g_bases, q_bases;
bases_init(g_bases);
bases_init(q_bases);
int_to_bases(u1,g_bases);
int_to_bases(u2,q_bases);
/*if(DEBUG)*/gmp_printf("\t\tw = %Zd\n",w);
/*if(DEBUG)*/gmp_printf("\t\tu1 = %Zd\n",u1);
/*if(DEBUG)*/gmp_printf("\t\tu2 = %Zd\n",u2);
multiple_addition_point_CE(E,g_bases,G,q_bases,Q,&GQ,&R);
//res = R_x1 mod n (if r = res true else false sign)
mpz_t res, x1;
mpz_init(res);
mpz_init(x1);
bases_to_int(R._x,x1);
mpz_mod(res,x1,n);
if(mpz_cmp(res,r) == 0)
{
printf("\t signature is true\n");
}
else
{
printf("\t signature is false\n");
}
}//ECDSA_verify_sign_file()