diff options
author | David Kalnischkies <kalnischkies@gmail.com> | 2013-03-15 18:53:53 +0100 |
---|---|---|
committer | David Kalnischkies <kalnischkies@gmail.com> | 2013-03-15 18:53:53 +0100 |
commit | 2d3fe9cfadb33556b7563a98bb5a4698888e6c40 (patch) | |
tree | b5337b311f7ed3801ddc11c772d91a6b4b99cc87 /apt-pkg/contrib/gpgv.h | |
parent | 4fb400a66f2436cba6c89cecdc9560c9b1c54337 (diff) |
- if ExecGPGV deals with a clear-signed file it will split this file
into data and signatures, pass it to gpgv for verification and
recombines it after that in a known-good way without unsigned blocks
and whitespaces resulting usually in more or less the same file as
before, but later code can be sure about the format
* apt-pkg/deb/debmetaindex.cc:
- reenable InRelease by default
Diffstat (limited to 'apt-pkg/contrib/gpgv.h')
-rw-r--r-- | apt-pkg/contrib/gpgv.h | 41 |
1 files changed, 40 insertions, 1 deletions
diff --git a/apt-pkg/contrib/gpgv.h b/apt-pkg/contrib/gpgv.h index 8aeea2fb3..8e04855e4 100644 --- a/apt-pkg/contrib/gpgv.h +++ b/apt-pkg/contrib/gpgv.h @@ -10,6 +10,7 @@ #define CONTRIB_GPGV_H #include <string> +#include <vector> #if __GNUC__ >= 4 #define APT_noreturn __attribute__ ((noreturn)) @@ -20,7 +21,9 @@ /** \brief generates and run the command to verify a file with gpgv * * If File and FileSig specify the same file it is assumed that we - * deal with a clear-signed message. + * deal with a clear-signed message. In that case the file will be + * rewritten to be in a good-known format without uneeded whitespaces + * and additional messages (unsigned or signed). * * @param File is the message (unsigned or clear-signed) * @param FileSig is the signature (detached or clear-signed) @@ -35,4 +38,40 @@ inline void ExecGPGV(std::string const &File, std::string const &FileSig, #undef APT_noreturn +/** \brief Split an inline signature into message and signature + * + * Takes a clear-signed message and puts the first signed message + * in the content file and all signatures following it into the + * second. Unsigned messages, additional messages as well as + * whitespaces are discarded. The resulting files are suitable to + * be checked with gpgv. + * + * If one or all Fds are -1 they will not be used and the content + * which would have been written to them is discarded. + * + * The code doesn't support dash-encoded lines as these are not + * expected to be present in files we have to deal with. + * + * @param InFile is the clear-signed file + * @param ContentFile is the Fd the message will be written to + * @param ContentHeader is a list of all required Amored Headers for the message + * @param SignatureFile is the Fd all signatures will be written to + */ +bool SplitClearSignedFile(std::string const &InFile, int const ContentFile, + std::vector<std::string> * const ContentHeader, int const SignatureFile); + +/** \brief recombines message and signature to an inline signature + * + * Reverses the splitting down by #SplitClearSignedFile by writing + * a well-formed clear-signed message without unsigned messages, + * additional signed messages or just trailing whitespaces + * + * @param OutFile will be clear-signed file + * @param ContentFile is the Fd the message will be read from + * @param ContentHeader is a list of all required Amored Headers for the message + * @param SignatureFile is the Fd all signatures will be read from + */ +bool RecombineToClearSignedFile(std::string const &OutFile, int const ContentFile, + std::vector<std::string> const &ContentHeader, int const SignatureFile); + #endif |