# Copyright © 2017 Guillem Jover <guillem@debian.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.

package Dpkg::OpenPGP;

use strict;
use warnings;

use POSIX qw(:sys_wait_h);
use Exporter qw(import);
use File::Temp;
use File::Copy;

use Dpkg::Gettext;
use Dpkg::ErrorHandling;
use Dpkg::IPC;
use Dpkg::Path qw(find_command);

our $VERSION = '0.01';
our @EXPORT = qw(
    openpgp_sig_to_asc
);

sub _armor_gpg {
    my ($sig, $asc) = @_;

    my @gpg_opts = qw(--no-options);

    open my $fh_asc, '>', $asc
        or syserr(g_('cannot create signature file %s'), $asc);
    open my $fh_gpg, '-|', 'gpg', @gpg_opts, '-o', '-', '--enarmor', $sig
        or syserr(g_('cannot execute %s program'), 'gpg');
    while (my $line = <$fh_gpg>) {
        next if $line =~ m/^Version: /;
        next if $line =~ m/^Comment: /;

        $line =~ s/ARMORED FILE/SIGNATURE/;

        print { $fh_asc } $line;
    }

    close $fh_gpg or subprocerr('gpg');
    close $fh_asc or syserr(g_('cannot write signature file %s'), $asc);

    return $asc;
}

sub openpgp_sig_to_asc
{
    my ($sig, $asc) = @_;

    if (-e $sig) {
        my $is_openpgp_ascii_armor = 0;

        open my $fh_sig, '<', $sig or syserr(g_('cannot open %s'), $sig);
        while (<$fh_sig>) {
            if (m/^-----BEGIN PGP /) {
                $is_openpgp_ascii_armor = 1;
                last;
            }
        }
        close $fh_sig;

        if ($is_openpgp_ascii_armor) {
            notice(g_('signature file is already OpenPGP ASCII armor, copying'));
            copy($sig, $asc);
            return $asc;
        }

        if (find_command('gpg')) {
            return _armor_gpg($sig, $asc);
        } else {
            warning(g_('cannot OpenPGP ASCII armor signature file due to missing gpg'));
        }
    }

    return;
}

sub import_key {
    my ($asc, %opts) = @_;

    $opts{require_valid_signature} //= 1;

    my @exec;
    if (find_command('gpg')) {
        push @exec, 'gpg';
    } elsif ($opts{require_valid_signature}) {
        error(g_('cannot import key in %s since GnuPG is not installed'),
              $asc);
    } else {
        warning(g_('cannot import key in %s since GnuPG is not installed'),
                $asc);
        return;
    }

    my $gpghome = File::Temp->newdir('dpkg-import-key.XXXXXXXX', TMPDIR => 1);

    push @exec, '--homedir', $gpghome;
    push @exec, '--no-options', '--no-default-keyring', '-q', '--import';
    push @exec, '--keyring', $opts{keyring};
    push @exec, $asc;

    my ($stdout, $stderr);
    spawn(exec => \@exec, wait_child => 1, nocheck => 1, timeout => 10,
          to_string => \$stdout, error_to_string => \$stderr);
    if (WIFEXITED($?)) {
        my $status = WEXITSTATUS($?);
        print { *STDERR } "$stdout$stderr" if $status;
        if ($status == 1 or ($status && $opts{require_valid_signature})) {
            error(g_('failed to import key in %s'), $asc);
        } elsif ($status) {
            warning(g_('failed to import key in %s'), $asc);
        }
    } else {
        subprocerr("@exec");
    }
}

sub verify_signature {
    my ($sig, %opts) = @_;

    $opts{require_valid_signature} //= 1;

    my @exec;
    if (find_command('gpgv')) {
        push @exec, 'gpgv';
    } elsif (find_command('gpg')) {
        my @gpg_opts = qw(--no-options --no-default-keyring -q);
        push @exec, 'gpg', @gpg_opts, '--verify';
    } elsif ($opts{require_valid_signature}) {
        error(g_('cannot verify signature on %s since GnuPG is not installed'),
              $sig);
    } else {
        warning(g_('cannot verify signature on %s since GnuPG is not installed'),
                $sig);
        return;
    }

    my $gpghome = File::Temp->newdir('dpkg-verify-sig.XXXXXXXX', TMPDIR => 1);
    push @exec, '--homedir', $gpghome;
    foreach my $keyring (@{$opts{keyrings}}) {
        push @exec, '--keyring', $keyring;
    }
    push @exec, $sig;
    push @exec, $opts{datafile} if exists $opts{datafile};

    my ($stdout, $stderr);
    spawn(exec => \@exec, wait_child => 1, nocheck => 1, timeout => 10,
          to_string => \$stdout, error_to_string => \$stderr);
    if (WIFEXITED($?)) {
        my $status = WEXITSTATUS($?);
        print { *STDERR } "$stdout$stderr" if $status;
        if ($status == 1 or ($status && $opts{require_valid_signature})) {
            error(g_('failed to verify signature on %s'), $sig);
        } elsif ($status) {
            warning(g_('failed to verify signature on %s'), $sig);
        }
    } else {
        subprocerr("@exec");
    }
}

1;