diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/main.rs | 3 | ||||
| -rw-r--r-- | src/openpgp/mod.rs | 2 | ||||
| -rw-r--r-- | src/openpgp/signatures.rs | 0 | ||||
| -rw-r--r-- | src/openpgp/trusted.rs | 45 |
4 files changed, 49 insertions, 1 deletions
diff --git a/src/main.rs b/src/main.rs index bc019c8..b9e4cec 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,16 +1,17 @@ mod cfg; mod net; mod pkgtoolkit; +mod openpgp; use crate::cfg::config::Config; use crate::net::{http_package::HTTPPackage, i2p_package::I2PPackage}; - use crate::pkgtoolkit::Package; use crate::pkgtoolkit::archive::ArchiveOperations; use crate::pkgtoolkit::build::BuildOperations; use crate::pkgtoolkit::git_source::GitSource; use crate::pkgtoolkit::index::IndexOperations; use crate::pkgtoolkit::install::InstallOperations; +use crate::openpgp::trusted::ScanResult; use clap::{Args, Parser, Subcommand}; use std::io::Write; diff --git a/src/openpgp/mod.rs b/src/openpgp/mod.rs new file mode 100644 index 0000000..79c020a --- /dev/null +++ b/src/openpgp/mod.rs @@ -0,0 +1,2 @@ +pub mod signatures; +pub mod trusted;
\ No newline at end of file diff --git a/src/openpgp/signatures.rs b/src/openpgp/signatures.rs new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/src/openpgp/signatures.rs diff --git a/src/openpgp/trusted.rs b/src/openpgp/trusted.rs new file mode 100644 index 0000000..d2d77b6 --- /dev/null +++ b/src/openpgp/trusted.rs @@ -0,0 +1,45 @@ +use gpgme::{Context, Key, Data}; +use std::path::Path; +use std::fs::File; +use std::io::BufReader; + + +pub enum ScanResult { + Trusted, + Unsigned, + Untrusted +} + +pub trait OpenPGPOpertaions { + fn get_trusted_keys(&self, keys: &[Key]) -> Vec<Key>; + fn check_sign(&self, sig_path: &Path, context: &Context, file: &Path) -> Result<ScanResult, gpgme::Error>; +} + +impl OpenPGPOpertaions for Key { + fn get_trusted_keys(&self, keys: &[Key]) -> Vec<Key> { + let mut trusted_keys = Vec::new(); + for key in keys { + if key.can_encrypt() || key.can_sign() { + trusted_keys.push(key.clone()); + } + } + trusted_keys + } + fn check_sign(&self, sig_path: &Path, context: &Context, file: &Path) -> Result<ScanResult, gpgme::Error> { + let mut ctx = Context::from_protocol(gpgme::Protocol::OpenPgp)?; + + let file_reader = BufReader::new(File::open(file)?); + let sig_reader = BufReader::new(File::open(sig_path)?); + let sig_data = Data::from_reader(sig_reader).map_err(|e| gpgme::Error::from(std::io::Error::other(e)))?; + let file_data = Data::from_reader(file_reader).map_err(|e| gpgme::Error::from(std::io::Error::other(e)))?; + + let result = ctx.verify_detached(sig_data, file_data); + + if result.is_ok() { + Ok(ScanResult::Trusted) + } else { + Ok(ScanResult::Unsigned) + } + } + +}
\ No newline at end of file |