2 * wrapper functions around the usign executable
3 * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 3
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
23 #ifdef UCERT_HOST_BUILD
24 #define USIGN_EXEC "usign"
26 #define USIGN_EXEC "/usr/bin/usign"
30 * check for revoker deadlink in pubkeydir
31 * return true if a revoker exists, false otherwise
33 int _usign_key_is_revoked(const char *fingerprint
, const char *pubkeydir
) {
35 char rfname
[256] = {0};
37 snprintf(rfname
, sizeof(rfname
)-1, "%s/%s", pubkeydir
, fingerprint
);
38 if (readlink(rfname
, tml
, sizeof(tml
)) > 0 &&
39 !strcmp(tml
, ".revoked.")) {
49 * return WEXITSTATUS or -1 if fork fails
51 int usign_s(const char *msgfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
54 const char *usign_argv
[16] = {0};
55 unsigned int usign_argc
= 0;
57 usign_argv
[usign_argc
++] = USIGN_EXEC
;
58 usign_argv
[usign_argc
++] = "-S";
59 usign_argv
[usign_argc
++] = "-m";
60 usign_argv
[usign_argc
++] = msgfile
;
61 usign_argv
[usign_argc
++] = "-s";
62 usign_argv
[usign_argc
++] = seckeyfile
;
63 usign_argv
[usign_argc
++] = "-x";
64 usign_argv
[usign_argc
++] = sigfile
;
67 usign_argv
[usign_argc
++] = "-q";
75 execvp(usign_argv
[0], (char *const *)usign_argv
);
77 perror("Failed to execute usign");
81 waitpid(pid
, &status
, 0);
82 return WEXITSTATUS(status
);
88 int usign_s(const char *msgfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
94 * call usign -F ... and set fingerprint returned
95 * return WEXITSTATUS or -1 if fork fails
97 static int usign_f(char *fingerprint
, const char *pubkeyfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
101 const char *usign_argv
[16] = {0};
102 unsigned int usign_argc
= 0;
107 usign_argv
[usign_argc
++] = USIGN_EXEC
;
108 usign_argv
[usign_argc
++] = "-F";
111 usign_argv
[usign_argc
++] = "-p";
112 usign_argv
[usign_argc
++] = pubkeyfile
;
116 usign_argv
[usign_argc
++] = "-s";
117 usign_argv
[usign_argc
++] = seckeyfile
;
121 usign_argv
[usign_argc
++] = "-x";
122 usign_argv
[usign_argc
++] = sigfile
;
136 execvp(usign_argv
[0], (char *const *)usign_argv
);
138 perror("Failed to execute usign");
142 waitpid(pid
, &status
, 0);
143 status
= WEXITSTATUS(status
);
144 if (fingerprint
&& !WEXITSTATUS(status
)) {
146 memset(fingerprint
, 0, 17);
147 r
= read(fds
[0], fingerprint
, 17);
151 fingerprint
[16] = '\0';
163 * call usign -F -p ...
165 int usign_f_pubkey(char *fingerprint
, const char *pubkeyfile
, bool quiet
) {
166 return usign_f(fingerprint
, pubkeyfile
, NULL
, NULL
, quiet
);
170 * call usign -F -s ...
172 int usign_f_seckey(char *fingerprint
, const char *seckeyfile
, bool quiet
) {
173 return usign_f(fingerprint
, NULL
, seckeyfile
, NULL
, quiet
);
177 * call usign -F -x ...
179 int usign_f_sig(char *fingerprint
, const char *sigfile
, bool quiet
) {
180 return usign_f(fingerprint
, NULL
, NULL
, sigfile
, quiet
);
186 * return WEXITSTATUS or -1 if fork fails
188 int usign_v(const char *msgfile
, const char *pubkeyfile
,
189 const char *pubkeydir
, const char *sigfile
, bool quiet
) {
192 const char *usign_argv
[16] = {0};
193 unsigned int usign_argc
= 0;
194 char fingerprint
[17];
196 if (usign_f_sig(fingerprint
, sigfile
, quiet
)) {
198 fprintf(stderr
, "cannot get signing key fingerprint\n");
202 if (pubkeydir
&& _usign_key_is_revoked(fingerprint
, pubkeydir
)) {
204 fprintf(stderr
, "key %s has been revoked!\n", fingerprint
);
207 usign_argv
[usign_argc
++] = USIGN_EXEC
;
208 usign_argv
[usign_argc
++] = "-V";
209 usign_argv
[usign_argc
++] = "-m";
210 usign_argv
[usign_argc
++] = msgfile
;
213 usign_argv
[usign_argc
++] = "-q";
216 usign_argv
[usign_argc
++] = "-p";
217 usign_argv
[usign_argc
++] = pubkeyfile
;
221 usign_argv
[usign_argc
++] = "-P";
222 usign_argv
[usign_argc
++] = pubkeydir
;
226 usign_argv
[usign_argc
++] = "-x";
227 usign_argv
[usign_argc
++] = sigfile
;
236 execvp(usign_argv
[0], (char *const *)usign_argv
);
238 perror("Failed to execute usign");
242 waitpid(pid
, &status
, 0);
243 return WEXITSTATUS(status
);