7 #include <rpm/rpmcli.h>
8 #include <rpm/rpmsign.h>
14 MODE_ADDSIGN = (1 << 0),
15 MODE_RESIGN = (1 << 1),
16 MODE_DELSIGN = (1 << 2),
19 static int mode = MODE_NONE;
22 static int signfiles = 0, fskpass = 0;
23 static char * fileSigningKey = NULL;
26 static struct rpmSignArgs sargs = {NULL, 0, 0};
28 static struct poptOption signOptsTable[] = {
29 { "addsign", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_ADDSIGN,
30 N_("sign package(s)"), NULL },
31 { "resign", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_RESIGN,
32 N_("sign package(s) (identical to --addsign)"), NULL },
33 { "delsign", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_DELSIGN,
34 N_("delete package signatures"), NULL },
36 { "signfiles", '\0', POPT_ARG_NONE, &signfiles, 0,
37 N_("sign package(s) files"), NULL},
38 { "fskpath", '\0', POPT_ARG_STRING, &fileSigningKey, 0,
39 N_("use file signing key <key>"),
41 { "fskpass", '\0', POPT_ARG_NONE, &fskpass, 0,
42 N_("prompt for file signing key password"), NULL},
47 static struct poptOption optionsTable[] = {
48 { NULL, '\0', POPT_ARG_INCLUDE_TABLE, signOptsTable, 0,
49 N_("Signature options:"), NULL },
50 { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmcliAllPoptTable, 0,
51 N_("Common options for all rpm modes and executables:"), NULL },
59 static char *get_fskpass(void)
61 struct termios flags, tmp_flags;
63 char *password = xmalloc(passlen);
66 tcgetattr(fileno(stdin), &flags);
68 tmp_flags.c_lflag &= ~ECHO;
69 tmp_flags.c_lflag |= ECHONL;
71 if (tcsetattr(fileno(stdin), TCSANOW, &tmp_flags) != 0) {
76 printf("PEM password: ");
77 pwd = fgets(password, passlen, stdin);
79 if (tcsetattr(fileno(stdin), TCSANOW, &flags) != 0) {
87 pwd[strlen(pwd) - 1] = '\0'; /* remove newline */
94 /* TODO: permit overriding macro setup on the command line */
95 static int doSign(poptContext optCon, struct rpmSignArgs *sargs)
97 int rc = EXIT_FAILURE;
98 char * name = rpmExpand("%{?_gpg_name}", NULL);
100 if (rstreq(name, "")) {
101 fprintf(stderr, _("You must set \"%%_gpg_name\" in your macro file\n"));
106 if (fileSigningKey) {
107 rpmPushMacro(NULL, "_file_signing_key", NULL, fileSigningKey, RMIL_GLOBAL);
111 char *fileSigningKeyPassword = NULL;
112 char *key = rpmExpand("%{?_file_signing_key}", NULL);
113 if (rstreq(key, "")) {
114 fprintf(stderr, _("You must set \"%%_file_signing_key\" in your macro file or on the command line with --fskpath\n"));
119 fileSigningKeyPassword = get_fskpass();
122 if (fileSigningKeyPassword) {
123 rpmPushMacro(NULL, "_file_signing_key_password", NULL,
124 fileSigningKeyPassword, RMIL_CMDLINE);
125 memset(fileSigningKeyPassword, 0, strlen(fileSigningKeyPassword));
126 free(fileSigningKeyPassword);
129 sargs->signfiles = 1;
136 while ((arg = poptGetArg(optCon)) != NULL) {
137 rc += rpmPkgSign(arg, sargs);
145 int main(int argc, char *argv[])
147 int ec = EXIT_FAILURE;
148 poptContext optCon = NULL;
151 xsetprogname(argv[0]); /* Portability call -- see system.h */
153 optCon = rpmcliInit(argc, argv, optionsTable);
156 printUsage(optCon, stderr, 0);
160 if (poptPeekArg(optCon) == NULL) {
161 argerror(_("no arguments given"));
165 if (fileSigningKey && !signfiles) {
166 argerror(_("--fskpath may only be specified when signing files"));
173 ec = doSign(optCon, &sargs);
177 while ((arg = poptGetArg(optCon)) != NULL) {
178 ec += rpmPkgDelSign(arg, &sargs);
182 printUsage(optCon, stderr, 0);
185 argerror(_("only one major mode may be specified"));