rpm/lib/signature.h

#ifndef H_SIGNATURE
#define	H_SIGNATURE

/** \ingroup signature
 * \file lib/signature.h
 * Generate and verify signatures.
 */

#include <header.h>

/** \ingroup signature
 * Signature types stored in rpm lead.
 */
typedef	enum sigType_e {
    RPMSIGTYPE_HEADERSIG= 5	/*!< Header style signature */
} sigType;

/** \ingroup signature
 * Identify PGP versions.
 * @note Greater than 0 is a valid PGP version.
 */
typedef enum pgpVersion_e {
    PGP_NOTDETECTED	= -1,
    PGP_UNKNOWN		= 0,
    PGP_2		= 2,
    PGP_5		= 5
} pgpVersion;

#ifdef __cplusplus
extern "C" {
#endif

/** \ingroup signature
 * Return new, empty (signature) header instance.
 * @return		signature header
 */
Header rpmNewSignature(void)
	/*@*/;

/** \ingroup signature
 * Read (and verify header+payload size) signature header.
 * If an old-style signature is found, we emulate a new style one.
 * @param fd		file handle
 * @retval sighp	address of (signature) header (or NULL)
 * @param sig_type	type of signature header to read (from lead)
 * @retval msg		failure msg
 * @return		rpmRC return code
 */
rpmRC rpmReadSignature(FD_t fd, /*@null@*/ /*@out@*/ Header *sighp,
		sigType sig_type, /*@null@*/ /*@out@*/ const char ** msg)
	/*@globals fileSystem @*/
	/*@modifies fd, *sighp, *msg, fileSystem @*/;

/** \ingroup signature
 * Write signature header.
 * @param fd		file handle
 * @param h		(signature) header
 * @return		0 on success, 1 on error
 */
int rpmWriteSignature(FD_t fd, Header h)
	/*@globals fileSystem @*/
	/*@modifies fd, h, fileSystem @*/;

/** \ingroup signature
 * Generate signature(s) from a header+payload file, save in signature header.
 * @param sigh		signature header
 * @param file		header+payload file name
 * @param sigTag	type of signature(s) to add
 * @param passPhrase	private key pass phrase
 * @return		0 on success, -1 on failure
 */
int rpmAddSignature(Header sigh, const char * file,
		    int_32 sigTag, /*@null@*/ const char * passPhrase)
	/*@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @*/
	/*@modifies sigh, rpmGlobalMacroContext, fileSystem, internalState @*/;

/******************************************************************/

/**
 *  Possible actions for rpmLookupSignatureType()
 */
#define RPMLOOKUPSIG_QUERY	0	/* Lookup type in effect          */
#define RPMLOOKUPSIG_DISABLE	1	/* Disable (--sign was not given) */
#define RPMLOOKUPSIG_ENABLE	2	/* Re-enable %_signature          */

/** \ingroup signature
 * Return type of signature needed for signing/building.
 * @param action	enable/disable/query action
 * @return		sigTag to use, 0 if none, -1 on error
 */
int rpmLookupSignatureType(int action)
	/*@globals rpmGlobalMacroContext, h_errno, internalState @*/
	/*@modifies rpmGlobalMacroContext, internalState @*/;

/** \ingroup signature
 * Read a pass phrase using getpass(3), confirm with gpg/pgp helper binaries.
 * @param prompt	user prompt
 * @param sigTag	signature type/tag
 * @return		pass phrase
 */
/*@dependent@*/ /*@null@*/
char * rpmGetPassPhrase(/*@null@*/ const char * prompt,
		const int sigTag)
	/*@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @*/
	/*@modifies rpmGlobalMacroContext, fileSystem, internalState @*/;

/** \ingroup signature
 * Return path to pgp executable of given type, or NULL when not found.
 * @retval pgpVer	pgp version
 * @return		path to pgp executable
 */
/*@-exportlocal -redecl@*/
/*@null@*/ const char * rpmDetectPGPVersion(
			/*@null@*/ /*@out@*/ pgpVersion * pgpVer)
	/*@globals rpmGlobalMacroContext, h_errno @*/
	/*@modifies *pgpVer, rpmGlobalMacroContext @*/;
/*@=exportlocal =redecl@*/

#ifdef __cplusplus
}
#endif

#endif	/* H_SIGNATURE */
added H_SIGNATURE wrapper CVS patchset: 1072 CVS date: 1996/09/29 02:29:09 1996-09-29 10:29:09 +08:00			`#ifndef H_SIGNATURE`
Add multiple include avoidance and c++ prototype wrapping throughout .h. Delete trailing white space in .h. CVS patchset: 2181 CVS date: 1998/07/25 15:10:58 1998-07-25 23:10:58 +08:00			`#define H_SIGNATURE`
added H_SIGNATURE wrapper CVS patchset: 1072 CVS date: 1996/09/29 02:29:09 1996-09-29 10:29:09 +08:00
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`/** \ingroup signature`
			`* \file lib/signature.h`
Doxygen annotations. CVS patchset: 4132 CVS date: 2000/08/27 19:27:03 2000-08-28 03:27:03 +08:00			`* Generate and verify signatures.`
			`*/`
Initial revision CVS patchset: 309 CVS date: 1996/02/19 02:32:11 1996-02-19 10:32:11 +08:00
Perl bindings need #include <foo.h> not #include "foo.h" CVS patchset: 3143 CVS date: 1999/07/13 21:37:57 1999-07-14 05:37:57 +08:00			`#include <header.h>`

Rename RPMSIG_* signature types to RPMSIGTYPE_* to avoid confusion. Remove dead code. CVS patchset: 4549 CVS date: 2001/02/12 16:33:08 2001-02-13 00:33:08 +08:00			`/** \ingroup signature`
			`* Signature types stored in rpm lead.`
			`*/`
			`typedef enum sigType_e {`
Sync with rpm-4.1. CVS patchset: 5695 CVS date: 2002/08/31 22:39:34 2002-09-01 06:39:34 +08:00			`RPMSIGTYPE_HEADERSIG= 5 /!< Header style signature /`
Rename RPMSIG_* signature types to RPMSIGTYPE_* to avoid confusion. Remove dead code. CVS patchset: 4549 CVS date: 2001/02/12 16:33:08 2001-02-13 00:33:08 +08:00			`} sigType;`

			`/** \ingroup signature`
			`* Identify PGP versions.`
			`* @note Greater than 0 is a valid PGP version.`
			`*/`
			`typedef enum pgpVersion_e {`
			`PGP_NOTDETECTED = -1,`
			`PGP_UNKNOWN = 0,`
			`PGP_2 = 2,`
			`PGP_5 = 5`
			`} pgpVersion;`

Perl bindings need #include <foo.h> not #include "foo.h" CVS patchset: 3143 CVS date: 1999/07/13 21:37:57 1999-07-14 05:37:57 +08:00			`#ifdef __cplusplus`
			`extern "C" {`
			`#endif`
new Header-style signatures CVS patchset: 737 CVS date: 1996/07/07 22:19:32 1996-07-08 06:19:32 +08:00
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`/** \ingroup signature`
			`* Return new, empty (signature) header instance.`
Rename RPMSIG_* signature types to RPMSIGTYPE_* to avoid confusion. Remove dead code. CVS patchset: 4549 CVS date: 2001/02/12 16:33:08 2001-02-13 00:33:08 +08:00			`* @return signature header`
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`*/`
lclint fiddles to annotate globals. CVS patchset: 5106 CVS date: 2001/10/15 03:22:10 2001-10-15 11:22:10 +08:00			`Header rpmNewSignature(void)`
			`/@/;`
new Header-style signatures CVS patchset: 737 CVS date: 1996/07/07 22:19:32 1996-07-08 06:19:32 +08:00
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`/** \ingroup signature`
- add header DSA signature. CVS patchset: 5345 CVS date: 2002/03/06 23:17:31 2002-03-07 07:17:31 +08:00			`* Read (and verify header+payload size) signature header.`
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`* If an old-style signature is found, we emulate a new style one.`
			`* @param fd file handle`
Sync with rpm-4.1. CVS patchset: 5695 CVS date: 2002/08/31 22:39:34 2002-09-01 06:39:34 +08:00			`* @retval sighp address of (signature) header (or NULL)`
- return multiple suggested packages (Pawel Kolodziej <pawelk@pld.org.pl>). - fix: return suggested packages when using Depends cache. CVS patchset: 4823 CVS date: 2001/05/31 22:31:14 2001-06-01 06:31:14 +08:00			`* @param sig_type type of signature header to read (from lead)`
Sync with rpm-4.1 parsing changes. CVS patchset: 5711 CVS date: 2002/09/16 20:10:20 2002-09-17 04:10:20 +08:00			`* @retval msg failure msg`
Add rpmRC return code type for the usual 0/1/2 codes. Add RPMRC_BADSIZE to deal with packages changing size after repackaging. CVS patchset: 4550 CVS date: 2001/02/12 19:02:15 2001-02-13 03:02:15 +08:00			`* @return rpmRC return code`
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`*/`
Sync with rpm-4.1. CVS patchset: 5695 CVS date: 2002/08/31 22:39:34 2002-09-01 06:39:34 +08:00			`rpmRC rpmReadSignature(FD_t fd, /@null@/ /@out@/ Header *sighp,`
- lclint clean. CVS patchset: 5715 CVS date: 2002/09/17 15:21:03 2002-09-17 23:21:03 +08:00			`sigType sig_type, /@null@/ /@out@/ const char ** msg)`
- beecrypt is at least as good as pgp/gpg on verify, pull the plug. CVS patchset: 5124 CVS date: 2001/10/19 19:51:18 2001-10-20 03:51:18 +08:00			`/@globals fileSystem @/`
- lclint clean. CVS patchset: 5715 CVS date: 2002/09/17 15:21:03 2002-09-17 23:21:03 +08:00			`/@modifies fd, sighp, msg, fileSystem @/;`
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00
			`/** \ingroup signature`
			`* Write signature header.`
			`* @param fd file handle`
- still more boring lclint annotations and fiddles. CVS patchset: 4738 CVS date: 2001/05/03 21:00:18 2001-05-04 05:00:18 +08:00			`* @param h (signature) header`
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`* @return 0 on success, 1 on error`
			`*/`
- still more boring lclint annotations and fiddles. CVS patchset: 4738 CVS date: 2001/05/03 21:00:18 2001-05-04 05:00:18 +08:00			`int rpmWriteSignature(FD_t fd, Header h)`
- beecrypt is at least as good as pgp/gpg on verify, pull the plug. CVS patchset: 5124 CVS date: 2001/10/19 19:51:18 2001-10-20 03:51:18 +08:00			`/@globals fileSystem @/`
- fix typos in linux.{req,prov}. CVS patchset: 4834 CVS date: 2001/06/05 19:26:22 2001-06-06 03:26:22 +08:00			`/@modifies fd, h, fileSystem @/;`
Initial revision CVS patchset: 309 CVS date: 1996/02/19 02:32:11 1996-02-19 10:32:11 +08:00
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`/** \ingroup signature`
- add header DSA signature. CVS patchset: 5345 CVS date: 2002/03/06 23:17:31 2002-03-07 07:17:31 +08:00			`* Generate signature(s) from a header+payload file, save in signature header.`
Add hdrmd5ctx for header-only md5 rsa/md5 signatures. CVS patchset: 7800 CVS date: 2005/03/12 15:16:42 2005-03-12 23:16:42 +08:00			`* @param sigh signature header`
- add header DSA signature. CVS patchset: 5345 CVS date: 2002/03/06 23:17:31 2002-03-07 07:17:31 +08:00			`* @param file header+payload file name`
			`* @param sigTag type of signature(s) to add`
			`* @param passPhrase private key pass phrase`
			`* @return 0 on success, -1 on failure`
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`*/`
Add hdrmd5ctx for header-only md5 rsa/md5 signatures. CVS patchset: 7800 CVS date: 2005/03/12 15:16:42 2005-03-12 23:16:42 +08:00			`int rpmAddSignature(Header sigh, const char * file,`
- still more boring lclint annotations and fiddles. CVS patchset: 4738 CVS date: 2001/05/03 21:00:18 2001-05-04 05:00:18 +08:00			`int_32 sigTag, /@null@/ const char * passPhrase)`
- don't use error string after gzclose (Dmitry V. Levin). Spliddles for rpmio, drill h_errno all the way through. CVS patchset: 6826 CVS date: 2003/05/08 20:39:29 2003-05-09 04:39:29 +08:00			`/@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @/`
Add hdrmd5ctx for header-only md5 rsa/md5 signatures. CVS patchset: 7800 CVS date: 2005/03/12 15:16:42 2005-03-12 23:16:42 +08:00			`/@modifies sigh, rpmGlobalMacroContext, fileSystem, internalState @/;`
new Header-style signatures CVS patchset: 737 CVS date: 1996/07/07 22:19:32 1996-07-08 06:19:32 +08:00
			`/******************************************************************/`
Initial revision CVS patchset: 309 CVS date: 1996/02/19 02:32:11 1996-02-19 10:32:11 +08:00
- add header DSA signature. CVS patchset: 5345 CVS date: 2002/03/06 23:17:31 2002-03-07 07:17:31 +08:00			`/**`
			`* Possible actions for rpmLookupSignatureType()`
			`*/`
Doxygen fiddles. CVS patchset: 7495 CVS date: 2004/10/20 10:19:34 2004-10-20 18:19:34 +08:00			`#define RPMLOOKUPSIG_QUERY 0 /* Lookup type in effect */`
			`#define RPMLOOKUPSIG_DISABLE 1 /* Disable (--sign was not given) */`
			`#define RPMLOOKUPSIG_ENABLE 2 /* Re-enable %_signature */`
fix: don't add header if signature generation failed (Carlo Wood). CVS patchset: 2909 CVS date: 1999/03/22 17:31:53 1999-03-23 01:31:53 +08:00
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`/** \ingroup signature`
- add header DSA signature. CVS patchset: 5345 CVS date: 2002/03/06 23:17:31 2002-03-07 07:17:31 +08:00			`* Return type of signature needed for signing/building.`
			`* @param action enable/disable/query action`
			`* @return sigTag to use, 0 if none, -1 on error`
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`*/`
- still more boring lclint annotations and fiddles. CVS patchset: 4738 CVS date: 2001/05/03 21:00:18 2001-05-04 05:00:18 +08:00			`int rpmLookupSignatureType(int action)`
- don't use error string after gzclose (Dmitry V. Levin). Spliddles for rpmio, drill h_errno all the way through. CVS patchset: 6826 CVS date: 2003/05/08 20:39:29 2003-05-09 04:39:29 +08:00			`/@globals rpmGlobalMacroContext, h_errno, internalState @/`
- beecrypt is at least as good as pgp/gpg on verify, pull the plug. CVS patchset: 5124 CVS date: 2001/10/19 19:51:18 2001-10-20 03:51:18 +08:00			`/@modifies rpmGlobalMacroContext, internalState @/;`
add getPassPhrase() CVS patchset: 352 CVS date: 1996/02/20 15:06:47 1996-02-20 23:06:47 +08:00
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`/** \ingroup signature`
- add header DSA signature. CVS patchset: 5345 CVS date: 2002/03/06 23:17:31 2002-03-07 07:17:31 +08:00			`* Read a pass phrase using getpass(3), confirm with gpg/pgp helper binaries.`
			`* @param prompt user prompt`
			`* @param sigTag signature type/tag`
			`* @return pass phrase`
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`*/`
Propagate splint-3.0.1.7 close(2) internalState annotation throughout. CVS patchset: 5542 CVS date: 2002/07/08 14:21:26 2002-07-08 22:21:26 +08:00			`/@dependent@/ /@null@/`
			`char * rpmGetPassPhrase(/@null@/ const char * prompt,`
- add header DSA signature. CVS patchset: 5345 CVS date: 2002/03/06 23:17:31 2002-03-07 07:17:31 +08:00			`const int sigTag)`
- don't use error string after gzclose (Dmitry V. Levin). Spliddles for rpmio, drill h_errno all the way through. CVS patchset: 6826 CVS date: 2003/05/08 20:39:29 2003-05-09 04:39:29 +08:00			`/@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @/`
- splint annotationsm, signature cleanup. CVS patchset: 5351 CVS date: 2002/03/10 19:00:31 2002-03-11 03:00:31 +08:00			`/@modifies rpmGlobalMacroContext, fileSystem, internalState @/;`
pgp and pgp5 have compatible RSA signature (#4780). CVS patchset: 3276 CVS date: 1999/09/10 23:48:56 1999-09-11 07:48:56 +08:00
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`/** \ingroup signature`
- add header DSA signature. CVS patchset: 5345 CVS date: 2002/03/06 23:17:31 2002-03-07 07:17:31 +08:00			`* Return path to pgp executable of given type, or NULL when not found.`
			`* @retval pgpVer pgp version`
			`* @return path to pgp executable`
Doxygen annotations. CVS patchset: 4138 CVS date: 2000/08/28 01:08:57 2000-08-28 09:08:57 +08:00			`*/`
Converging on lclint-3.0.17 strict level. CVS patchset: 5118 CVS date: 2001/10/17 16:43:36 2001-10-18 00:43:36 +08:00			`/@-exportlocal -redecl@/`
- still more boring lclint annotations and fiddles. CVS patchset: 4738 CVS date: 2001/05/03 21:00:18 2001-05-04 05:00:18 +08:00			`/@null@/ const char * rpmDetectPGPVersion(`
- enough lclint annotations and fiddles already. CVS patchset: 4741 CVS date: 2001/05/05 19:28:32 2001-05-06 03:28:32 +08:00			`/@null@/ /@out@/ pgpVersion * pgpVer)`
- don't use error string after gzclose (Dmitry V. Levin). Spliddles for rpmio, drill h_errno all the way through. CVS patchset: 6826 CVS date: 2003/05/08 20:39:29 2003-05-09 04:39:29 +08:00			`/@globals rpmGlobalMacroContext, h_errno @/`
- beecrypt is at least as good as pgp/gpg on verify, pull the plug. CVS patchset: 5124 CVS date: 2001/10/19 19:51:18 2001-10-20 03:51:18 +08:00			`/@modifies pgpVer, rpmGlobalMacroContext @*/;`
Converging on lclint-3.0.17 strict level. CVS patchset: 5118 CVS date: 2001/10/17 16:43:36 2001-10-18 00:43:36 +08:00			`/@=exportlocal =redecl@/`
pgp5 support (Carlo Wood <carlo@runaway.xs4all.nl>). CVS patchset: 2906 CVS date: 1999/03/21 18:43:22 1999-03-22 02:43:22 +08:00
Perl bindings need #include <foo.h> not #include "foo.h" CVS patchset: 3143 CVS date: 1999/07/13 21:37:57 1999-07-14 05:37:57 +08:00			`#ifdef __cplusplus`
			`}`
			`#endif`

Add multiple include avoidance and c++ prototype wrapping throughout .h. Delete trailing white space in .h. CVS patchset: 2181 CVS date: 1998/07/25 15:10:58 1998-07-25 23:10:58 +08:00			`#endif /* H_SIGNATURE */`