#include "archive.h"
#include "errors.h"
+#include "key.h"
#include "package.h"
PyObject* new_archive(PyTypeObject* type, struct pakfire_archive* archive) {
return NULL;
}
+static PyObject* Archive_sign(ArchiveObject* self, PyObject* args) {
+ KeyObject* key = NULL;
+
+ if (!PyArg_ParseTuple(args, "O!", &KeyType, &key))
+ return NULL;
+
+ // Create signature
+ int r = pakfire_archive_sign(self->archive, key->key);
+ if (r) {
+ PyErr_SetFromErrno(PyExc_OSError);
+ return NULL;
+ }
+
+ Py_RETURN_NONE;
+}
+
static PyObject* Archive_extract(ArchiveObject* self, PyObject* args) {
const char* prefix = NULL;
METH_VARARGS,
NULL
},
+ {
+ "sign",
+ (PyCFunction)Archive_sign,
+ METH_VARARGS,
+ NULL
+ },
{
"verify",
(PyCFunction)Archive_verify,
return status;
}
+static int pakfire_archive_load_checksums_mtree(struct pakfire_archive* archive) {
+ return 0;
+}
+
+static int pakfire_archive_load_checksums_legacy(struct pakfire_archive* archive) {
+ return 0;
+}
+
+static int pakfire_archive_load_checksums(struct pakfire_archive* archive) {
+ if (archive->format >= 6)
+ return pakfire_archive_load_checksums_mtree(archive);
+ else
+ return pakfire_archive_load_checksums_legacy(archive);
+}
+
/*
This function is called to examine whether we have a signature and if so verify it
*/
return _("Unknown error");
}
+static int pakfire_archive_create_signature(struct pakfire_archive* archive,
+ struct pakfire_key* key, char** signature, size_t signature_length) {
+ char* buffer = NULL;
+ size_t length = 0;
+
+ // Read chksums
+ int r = open_archive_and_read(archive, "chksums", &buffer, &length);
+ if (r)
+ goto ERROR;
+
+ // Use the key to sign the buffer
+ r = pakfire_key_sign(key, buffer, length, signature, signature_length);
+ if (r)
+ goto ERROR;
+
+ERROR:
+ if (buffer)
+ free(buffer);
+
+ return r;
+}
+
+PAKFIRE_EXPORT int pakfire_archive_sign(struct pakfire_archive* archive, struct pakfire_key* key) {
+ int r;
+
+ // XXX check if all checksums match
+
+ char* signature = NULL;
+ size_t signature_length = 0;
+
+ // Create the signature
+ r = pakfire_archive_create_signature(archive, key, &signature, &signature_length);
+ if (r)
+ return r;
+
+ // XXX write signature to archive
+
+ return 0;
+}
+
PAKFIRE_EXPORT size_t pakfire_archive_get_size(struct pakfire_archive* archive) {
struct stat buf;
int pakfire_archive_verify(struct pakfire_archive* archive,
pakfire_archive_verify_status_t* status);
const char* pakfire_archive_verify_strerror(pakfire_archive_verify_status_t status);
+int pakfire_archive_sign(struct pakfire_archive* archive, struct pakfire_key* key);
size_t pakfire_archive_get_size(struct pakfire_archive* archive);
struct pakfire_package* pakfire_archive_make_package(