return pakfire_filelist_ref(archive->filelist);
}
-static pakfire_archive_verify_status_t __pakfire_archive_verify_file(struct pakfire* pakfire,
- struct archive* a, const struct pakfire_archive_chksum* chksum) {
- pakfire_archive_verify_status_t status = PAKFIRE_ARCHIVE_VERIFY_ERROR;
-
- int r;
- const EVP_MD* md;
-
- // Initialise context
- EVP_MD_CTX* mdctx = EVP_MD_CTX_new();
-
- // Select algorithm
- md = EVP_sha512();
-
- // Initialise the hash algorithm
- r = EVP_DigestInit_ex(mdctx, md, NULL);
- if (r != 1) {
- ERROR(pakfire, "Could not initialize hash algorithm: %s\n",
- ERR_error_string(ERR_get_error(), NULL));
- goto ERROR;
- }
-
- const void* buffer;
- size_t size;
- off_t offset;
-
- for (;;) {
- int r = archive_read_data_block(a, &buffer, &size, &offset);
- if (r == ARCHIVE_EOF)
- break;
-
- if (r != ARCHIVE_OK) {
- status = PAKFIRE_ARCHIVE_VERIFY_ERROR;
- goto ERROR;
- }
-
- // Update hash digest
- r = EVP_DigestUpdate(mdctx, buffer, size);
- if (r != 1) {
- ERROR(pakfire, "%s\n", ERR_error_string(ERR_get_error(), NULL));
- goto ERROR;
- }
- }
-
- unsigned char digest[EVP_MAX_MD_SIZE];
- unsigned int digest_length = sizeof(digest);
-
- r = EVP_DigestFinal_ex(mdctx, digest, &digest_length);
- if (r != 1) {
- ERROR(pakfire, "%s\n", ERR_error_string(ERR_get_error(), NULL));
- goto ERROR;
- }
-
- // Compare digests
- if (CRYPTO_memcmp(digest, chksum->digest_sha512, EVP_MD_CTX_size(mdctx)) == 0) {
- DEBUG(pakfire, "Checksum of %s is OK\n", chksum->path);
- status = PAKFIRE_ARCHIVE_VERIFY_OK;
- } else {
- DEBUG(pakfire, "Checksum of %s did not match\n", chksum->path);
- status = PAKFIRE_ARCHIVE_VERIFY_INVALID;
- }
-
-ERROR:
- if (mdctx)
- EVP_MD_CTX_free(mdctx);
-
- return status;
-}
-
static int pakfire_archive_load_checksums_mtree(struct pakfire_archive* archive) {
struct archive* a = NULL;
struct archive_entry* entry = NULL;
*status = archive->verify;
return 0;
-
-#if 0
- // Open the archive file
- struct archive* a;
- int r = open_archive(archive, &a);
- if (r)
- return PAKFIRE_ARCHIVE_VERIFY_ERROR;
-
- struct archive_entry* entry;
- while ((r = archive_read_next_header(a, &entry)) == ARCHIVE_OK) {
- const char* entry_name = archive_entry_pathname(entry);
-
- // See if we have a checksum for this file
- const struct pakfire_archive_chksum* chksum = pakfire_archive_find_chksum(archive, entry_name);
- if (!chksum) {
- DEBUG(archive->pakfire, "Could not find checksum for %s\n", entry_name);
- continue;
- }
-
- // Compare the checksums
- status = pakfire_archive_verify_file(archive->pakfire, a, chksum);
- if (status)
- goto END;
- }
-
- status = PAKFIRE_ARCHIVE_VERIFY_OK;
- DEBUG(archive->pakfire, "Archive %p has been successfully verified\n", archive);
-
-END:
- close_archive(archive, a);
-
- return status;
-#endif
}
PAKFIRE_EXPORT const char* pakfire_archive_verify_strerror(pakfire_archive_verify_status_t status) {