2 * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 3
6 * as published by the Free Software Foundation
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
29 #include <json-c/json.h>
30 #include <libubox/blob.h>
31 #include <libubox/list.h>
32 #include <libubox/vlist.h>
33 #include <libubox/blobmsg_json.h>
52 static const struct blob_attr_info cert_policy
[CERT_ATTR_MAX
] = {
53 [CERT_ATTR_SIGNATURE
] = { .type
= BLOB_ATTR_BINARY
},
54 [CERT_ATTR_PAYLOAD
] = { .type
= BLOB_ATTR_NESTED
},
57 enum cert_payload_attr
{
58 CERT_PL_ATTR_CERTTYPE
,
61 CERT_PL_ATTR_KEY_FINGERPRINT
,
70 static const struct blobmsg_policy cert_payload_policy
[CERT_PL_ATTR_MAX
] = {
71 [CERT_PL_ATTR_CERTTYPE
] = { .type
= BLOBMSG_TYPE_INT8
},
72 [CERT_PL_ATTR_CERTID
] = { .type
= BLOBMSG_TYPE_INT64
},
73 [CERT_PL_ATTR_PUBKEY
] = { .type
= BLOBMSG_TYPE_STRING
},
74 [CERT_PL_ATTR_KEY_FINGERPRINT
] = { .type
= BLOBMSG_TYPE_STRING
},
77 static int cert_append(const char *certfile
, const char *pubkeyfile
, const char *sigfile
) {
78 fprintf(stderr
, "not implemented\n");
82 static int cert_dump(const char *certfile
) {
83 fprintf(stderr
, "not implemented\n");
87 static int cert_issue(const char *certfile
, const char *pubkeyfile
, const char *seckeyfile
) {
88 fprintf(stderr
, "not implemented\n");
92 static int cert_process_revoker(const char *certfile
) {
93 fprintf(stderr
, "not implemented\n");
97 static int cert_verify(const char *certfile
, const char *pubkeyfile
, const char *pubkeydir
, const char *msgfile
) {
98 fprintf(stderr
, "not implemented\n");
102 static int usage(const char *cmd
)
105 "Usage: %s <command> <options>\n"
107 " -A: append (needs -c and -p and/or -x)\n"
109 " -I: issue cert and revoker (needs -c and -p and -s)\n"
110 " -R: process revoker certificate (needs -c)\n"
111 " -V: verify (needs -c and -p|-P)\n"
113 " -c <file>: certificate file\n"
114 " -m <file>: message file (verify only)\n"
115 " -p <file>: public key file\n"
116 " -P <path>: public key directory (verify only)\n"
117 " -q: quiet (do not print verification result, use return code only)\n"
118 " -s <file>: secret key file (issue only)\n"
119 " -x <file>: signature file\n"
125 int main(int argc
, char *argv
[]) {
127 const char *msgfile
= NULL
;
128 const char *sigfile
= NULL
;
129 const char *pubkeyfile
= NULL
;
130 const char *pubkeydir
= NULL
;
131 const char *certfile
= NULL
;
132 const char *seckeyfile
= NULL
;
135 while ((ch
= getopt(argc
, argv
, "ADIRVc:m:p:P:qs:x:")) != -1) {
174 return usage(argv
[0]);
180 if (certfile
&& (pubkeyfile
|| sigfile
))
181 return cert_append(certfile
, pubkeyfile
, sigfile
);
183 return usage(argv
[0]);
186 return cert_dump(certfile
);
188 return usage(argv
[0]);
190 if (certfile
&& pubkeyfile
&& seckeyfile
)
191 return cert_issue(certfile
, pubkeyfile
, seckeyfile
);
193 return usage(argv
[0]);
196 return cert_process_revoker(certfile
);
198 return usage(argv
[0]);
200 if (certfile
&& (pubkeyfile
|| pubkeydir
))
201 return cert_verify(certfile
, pubkeyfile
, pubkeydir
, msgfile
);
203 return usage(argv
[0]);
205 return usage(argv
[0]);
209 return usage(argv
[0]);