[PATCH] package.el: check tarball signature

all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: Daiki Ueno <ueno@gnu.org>
To: emacs-devel@gnu.org
Subject: [PATCH] package.el: check tarball signature
Date: Mon, 30 Sep 2013 15:48:16 -0400	[thread overview]
Message-ID: <m3eh863xbz.fsf-ueno@gnu.org> (raw)

[-- Attachment #1: Type: text/plain, Size: 565 bytes --]

Well, I still don't understand why this is advertised as such a
difficult problem, particularly why package.el would need sign operation
with Emacs.  Am I missing something?

Perhaps it might make sense to discuss with some code.  Here it is.

The code verifies a detached signature NAME-VERSION.tar.sig with a
trusted keyring located under ~/.emacs.d/elpa/gnupg/.  That's it.

For uploading packages, we could simply use the same mechanism as
gnupload in Gnulib.

It's actually a 10-minute work at an airport lobby and tested only with
the local package archive.


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: package-signature.patch --]
[-- Type: text/x-patch, Size: 1887 bytes --]

=== modified file 'lisp/emacs-lisp/package.el'
--- lisp/emacs-lisp/package.el	2013-08-03 02:34:22 +0000
+++ lisp/emacs-lisp/package.el	2013-09-30 16:50:40 +0000
@@ -739,13 +739,44 @@
       (error "Error during download request:%s"
 	     (buffer-substring-no-properties (point) (line-end-position))))))
 
+(declare-function epg-make-context "epg"
+		  (&optional protocol armor textmode include-certs
+			     cipher-algorithm
+			     digest-algorithm
+			     compress-algorithm))
+(declare-function epg-context-set-home-directory "epg" (context directory))
+(declare-function epg-verify-file "epg" (context signature
+						 &optional signed-text plain))
+
+(defun package--check-signature (pkg-desc)
+  "Check signature of a package.
+GnuPG keyring is located under \"gnupg\" in `package-user-dir'."
+  (let* ((location (package-archive-base pkg-desc))
+	 (sig-file (concat (package-desc-full-name pkg-desc)
+			   (package-desc-suffix pkg-desc)
+			   ".sig"))
+	 (signature (package--with-work-buffer location sig-file
+		      (buffer-string)))
+	 (context (epg-make-context 'OpenPGP)))
+    (epg-context-set-home-directory context
+				    (expand-file-name "gnupg" package-user-dir))
+    (epg-verify-file context signature (buffer-string))))
+
 (defun package-install-from-archive (pkg-desc)
   "Download and install a tar package."
   (let ((location (package-archive-base pkg-desc))
 	(file (concat (package-desc-full-name pkg-desc)
                       (package-desc-suffix pkg-desc))))
     (package--with-work-buffer location file
-      (package-unpack pkg-desc))))
+      (if (condition-case nil
+	      (progn
+		(package--check-signature pkg-desc)
+		t)
+	    (error (y-or-n-p
+		    (format "Cannot verify signature of `%s'; \
+install it anyway? "
+			    (package-desc-name pkg-desc)))))
+	  (package-unpack pkg-desc)))))
 
 (defvar package--initialized nil)
 


[-- Attachment #3: Type: text/plain, Size: 25 bytes --]


Regards,
-- 
Daiki Ueno

next             reply	other threads:[~2013-09-30 19:48 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-09-30 19:48 Daiki Ueno [this message]
2013-09-30 19:58 ` [PATCH] package.el: check tarball signature Eli Zaretskii
2013-10-02  6:20   ` [PATCHv2] " Daiki Ueno
2013-10-02 10:43     ` Ted Zlatanov
2013-09-30 21:54 ` [PATCH] " Ted Zlatanov
2013-09-30 22:56   ` Stefan Monnier
2013-10-02 11:17     ` Ted Zlatanov
2013-10-02  7:16   ` Daiki Ueno
2013-10-02 10:41     ` Ted Zlatanov
2013-10-02 12:22       ` Daiki Ueno
2013-10-02 13:53         ` Ted Zlatanov
2013-10-03  3:51           ` Stefan Monnier
2013-10-02 13:15     ` Thien-Thi Nguyen
2013-10-03  3:45       ` Stefan Monnier
2013-10-03  3:52     ` Stefan Monnier
2013-10-03  7:18       ` Daiki Ueno
2013-10-03 14:19         ` Ted Zlatanov
2013-10-03 15:01           ` Stefan Monnier
2013-10-04 19:23             ` Eli Zaretskii
2013-10-04 21:14               ` Ted Zlatanov
2013-10-05  0:34                 ` Daiki Ueno
2013-10-05  5:40                   ` Stephen J. Turnbull
2013-10-05 10:03                     ` Ted Zlatanov
2013-10-05 15:07                       ` Stephen J. Turnbull
2013-10-05 21:51                         ` Ted Zlatanov
2013-10-05  9:57                   ` Ted Zlatanov
2013-10-05  7:09                 ` Eli Zaretskii
2013-10-05 10:11                   ` Ted Zlatanov
2013-10-05 12:37                     ` Eli Zaretskii
2013-10-05 13:53                       ` Stefan Monnier
2013-10-04  2:46           ` Daiki Ueno
2013-10-04 16:19             ` Ted Zlatanov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m3eh863xbz.fsf-ueno@gnu.org \
    --to=ueno@gnu.org \
    --cc=emacs-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.