2 * wrapper functions around the usign executable
3 * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 3
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
23 #ifdef UCERT_HOST_BUILD
24 #define USIGN_EXEC "usign"
26 #define USIGN_EXEC "/usr/bin/usign"
30 * check for revoker deadlink in pubkeydir
31 * return true if a revoker exists, false otherwise
33 int _usign_key_is_revoked(const char *fingerprint
, const char *pubkeydir
) {
35 char rfname
[256] = {0};
37 snprintf(rfname
, sizeof(rfname
)-1, "%s/%s", pubkeydir
, fingerprint
);
38 if (readlink(rfname
, tml
, sizeof(tml
)) > 0 &&
39 !strcmp(tml
, ".revoked.")) {
49 * return WEXITSTATUS or -1 if fork or execv fails
51 int usign_s(const char *msgfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
54 const char *usign_argv
[16] = {0};
55 unsigned int usign_argc
= 0;
57 usign_argv
[usign_argc
++] = USIGN_EXEC
;
58 usign_argv
[usign_argc
++] = "-S";
59 usign_argv
[usign_argc
++] = "-m";
60 usign_argv
[usign_argc
++] = msgfile
;
61 usign_argv
[usign_argc
++] = "-s";
62 usign_argv
[usign_argc
++] = seckeyfile
;
63 usign_argv
[usign_argc
++] = "-x";
64 usign_argv
[usign_argc
++] = sigfile
;
67 usign_argv
[usign_argc
++] = "-q";
76 #ifdef UCERT_HOST_BUILD
77 execvp(usign_argv
[0], usign_argv
)
79 execv(usign_argv
[0], usign_argv
)
87 waitpid(pid
, &status
, 0);
88 return WEXITSTATUS(status
);
94 int usign_s(const char *msgfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
100 * call usign -F ... and set fingerprint returned
101 * return WEXITSTATUS or -1 if fork or execv fails
103 static int usign_f(char *fingerprint
, const char *pubkeyfile
, const char *seckeyfile
, const char *sigfile
) {
107 const char *usign_argv
[16] = {0};
108 unsigned int usign_argc
= 0;
113 usign_argv
[usign_argc
++] = USIGN_EXEC
;
114 usign_argv
[usign_argc
++] = "-F";
117 usign_argv
[usign_argc
++] = "-p";
118 usign_argv
[usign_argc
++] = pubkeyfile
;
122 usign_argv
[usign_argc
++] = "-s";
123 usign_argv
[usign_argc
++] = seckeyfile
;
127 usign_argv
[usign_argc
++] = "-x";
128 usign_argv
[usign_argc
++] = sigfile
;
145 #ifdef UCERT_HOST_BUILD
146 execvp(usign_argv
[0], usign_argv
)
148 execv(usign_argv
[0], usign_argv
)
156 waitpid(pid
, &status
, 0);
157 status
= WEXITSTATUS(status
);
158 if (fingerprint
&& !WEXITSTATUS(status
)) {
159 memset(fingerprint
, 0, 17);
160 read(fds
[0], fingerprint
, 17);
161 if (fingerprint
[16] != '\n')
164 fingerprint
[16] = '\0';
176 * call usign -F -p ...
178 int usign_f_pubkey(char *fingerprint
, const char *pubkeyfile
) {
179 return usign_f(fingerprint
, pubkeyfile
, NULL
, NULL
);
183 * call usign -F -s ...
185 int usign_f_seckey(char *fingerprint
, const char *seckeyfile
) {
186 return usign_f(fingerprint
, NULL
, seckeyfile
, NULL
);
190 * call usign -F -x ...
192 int usign_f_sig(char *fingerprint
, const char *sigfile
) {
193 return usign_f(fingerprint
, NULL
, NULL
, sigfile
);
199 * return WEXITSTATUS or -1 if fork or execv fails
201 int usign_v(const char *msgfile
, const char *pubkeyfile
,
202 const char *pubkeydir
, const char *sigfile
, bool quiet
) {
205 const char *usign_argv
[16] = {0};
206 unsigned int usign_argc
= 0;
207 char fingerprint
[17];
209 if (usign_f_sig(fingerprint
, sigfile
)) {
211 fprintf(stdout
, "cannot get signing key fingerprint\n");
215 if (pubkeydir
&& _usign_key_is_revoked(fingerprint
, pubkeydir
)) {
217 fprintf(stdout
, "key %s has been revoked!\n", fingerprint
);
220 usign_argv
[usign_argc
++] = USIGN_EXEC
;
221 usign_argv
[usign_argc
++] = "-V";
222 usign_argv
[usign_argc
++] = "-m";
223 usign_argv
[usign_argc
++] = msgfile
;
226 usign_argv
[usign_argc
++] = "-q";
229 usign_argv
[usign_argc
++] = "-p";
230 usign_argv
[usign_argc
++] = pubkeyfile
;
234 usign_argv
[usign_argc
++] = "-P";
235 usign_argv
[usign_argc
++] = pubkeydir
;
239 usign_argv
[usign_argc
++] = "-x";
240 usign_argv
[usign_argc
++] = sigfile
;
250 #ifdef UCERT_HOST_BUILD
251 execvp(usign_argv
[0], usign_argv
)
253 execv(usign_argv
[0], usign_argv
)
261 waitpid(pid
, &status
, 0);
262 return WEXITSTATUS(status
);