pub struct Package {
pub metadata: PackageMetadata,
pub content: Vec<u8>,
}
Expand description
A complete rpm file.
Can either be created using the PackageBuilder
or used with parse
to obtain from a file.
Fields§
§metadata: PackageMetadata
Header and metadata structures.
Contains the constant lead as well as the metadata store.
content: Vec<u8>
The compressed or uncompressed files.
Implementations§
source§impl Package
impl Package
sourcepub fn open(path: impl AsRef<Path>) -> Result<Self, Error>
pub fn open(path: impl AsRef<Path>) -> Result<Self, Error>
Open and parse a file at the provided path as an RPM package
sourcepub fn parse(input: &mut impl BufRead) -> Result<Self, Error>
pub fn parse(input: &mut impl BufRead) -> Result<Self, Error>
Parse an RPM package from an existing buffer
sourcepub fn write(&self, out: &mut impl Write) -> Result<(), Error>
pub fn write(&self, out: &mut impl Write) -> Result<(), Error>
Write the RPM package to a buffer
sourcepub fn write_file(&self, path: impl AsRef<Path>) -> Result<(), Error>
pub fn write_file(&self, path: impl AsRef<Path>) -> Result<(), Error>
Write the RPM package to a file
sourcepub fn sign<S>(&mut self, signer: S) -> Result<(), Error>
pub fn sign<S>(&mut self, signer: S) -> Result<(), Error>
Create package signatures using an external key and add them to the signature header
sourcepub fn sign_with_timestamp<S>(
&mut self,
signer: S,
t: impl TryInto<Timestamp, Error = impl Debug>
) -> Result<(), Error>
pub fn sign_with_timestamp<S>( &mut self, signer: S, t: impl TryInto<Timestamp, Error = impl Debug> ) -> Result<(), Error>
Create package signatures using an external key and provided timestamp. Adds generated signatures to the signature header.
This method is usually used for reproducible builds, otherwise you should
prefer using the sign
method instead.
§Examples
let mut package = rpm::Package::open("test_assets/ima_signed.rpm")?;
let raw_secret_key = std::fs::read("./test_assets/secret_key.asc")?;
let signer = rpm::signature::pgp::Signer::load_from_asc_bytes(&raw_secret_key)?;
// It's recommended to use timestamp of last commit in your VCS
let source_date = 1_600_000_000;
package.sign_with_timestamp(signer, source_date)?;
sourcepub fn signature_key_ids(&self) -> Result<Vec<String>, Error>
pub fn signature_key_ids(&self) -> Result<Vec<String>, Error>
Return the key ids (issuers) of the signature as a hexadecimal string
sourcepub fn verify_signature<V>(&self, verifier: V) -> Result<(), Error>
pub fn verify_signature<V>(&self, verifier: V) -> Result<(), Error>
Verify the signature as present within the RPM package.
sourcepub fn verify_digests(&self) -> Result<(), Error>
pub fn verify_digests(&self) -> Result<(), Error>
Verify any digests which may be present in the RPM headers