2 * wrapper functions around the usign executable
3 * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 3
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
24 * check for revoker deadlink in pubkeydir
25 * return true if a revoker exists, false otherwise
27 int _usign_key_is_revoked(const char *fingerprint
, const char *pubkeydir
) {
29 char rfname
[256] = {0};
31 snprintf(rfname
, sizeof(rfname
)-1, "%s/%s", pubkeydir
, fingerprint
);
32 if (readlink(rfname
, tml
, sizeof(tml
)) > 0 &&
33 !strcmp(tml
, ".revoked.")) {
42 * return WEXITSTATUS or -1 if fork or execv fails
44 int usign_s(const char *msgfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
47 const char *usign_argv
[16] = {0};
48 unsigned int usign_argc
= 0;
50 usign_argv
[usign_argc
++] = "/usr/bin/usign";
51 usign_argv
[usign_argc
++] = "-S";
52 usign_argv
[usign_argc
++] = "-m";
53 usign_argv
[usign_argc
++] = msgfile
;
54 usign_argv
[usign_argc
++] = "-s";
55 usign_argv
[usign_argc
++] = seckeyfile
;
56 usign_argv
[usign_argc
++] = "-x";
57 usign_argv
[usign_argc
++] = sigfile
;
60 usign_argv
[usign_argc
++] = "-q";
68 if (execv(usign_argv
[0], usign_argv
))
74 waitpid(pid
, &status
, 0);
75 return WEXITSTATUS(status
);
82 * call usign -F ... and set fingerprint returned
83 * return WEXITSTATUS or -1 if fork or execv fails
85 static int usign_f(char *fingerprint
, const char *pubkeyfile
, const char *seckeyfile
, const char *sigfile
) {
89 const char *usign_argv
[16] = {0};
90 unsigned int usign_argc
= 0;
95 usign_argv
[usign_argc
++] = "/usr/bin/usign";
96 usign_argv
[usign_argc
++] = "-F";
99 usign_argv
[usign_argc
++] = "-p";
100 usign_argv
[usign_argc
++] = pubkeyfile
;
104 usign_argv
[usign_argc
++] = "-s";
105 usign_argv
[usign_argc
++] = seckeyfile
;
109 usign_argv
[usign_argc
++] = "-x";
110 usign_argv
[usign_argc
++] = sigfile
;
126 if (execv(usign_argv
[0], usign_argv
))
132 waitpid(pid
, &status
, 0);
133 if (fingerprint
&& !WEXITSTATUS(status
)) {
134 memset(fingerprint
, 0, 16);
135 read(fds
[0], fingerprint
, 16);
136 fingerprint
[16] = '\0';
140 return WEXITSTATUS(status
);
147 * call usign -F -p ...
149 int usign_f_pubkey(char *fingerprint
, const char *pubkeyfile
) {
150 return usign_f(fingerprint
, pubkeyfile
, NULL
, NULL
);
154 * call usign -F -s ...
156 int usign_f_seckey(char *fingerprint
, const char *seckeyfile
) {
157 return usign_f(fingerprint
, NULL
, seckeyfile
, NULL
);
161 * call usign -F -x ...
163 int usign_f_sig(char *fingerprint
, const char *sigfile
) {
164 return usign_f(fingerprint
, NULL
, NULL
, sigfile
);
170 * return WEXITSTATUS or -1 if fork or execv fails
172 int usign_v(const char *msgfile
, const char *pubkeyfile
,
173 const char *pubkeydir
, const char *sigfile
, bool quiet
) {
176 const char *usign_argv
[16] = {0};
177 unsigned int usign_argc
= 0;
178 char fingerprint
[17];
180 if (usign_f_sig(fingerprint
, sigfile
)) {
182 fprintf(stdout
, "cannot get signing key fingerprint\n");
186 if (pubkeydir
&& _usign_key_is_revoked(fingerprint
, pubkeydir
)) {
188 fprintf(stdout
, "key %s has been revoked!\n", fingerprint
);
191 usign_argv
[usign_argc
++] = "/usr/bin/usign";
192 usign_argv
[usign_argc
++] = "-V";
193 usign_argv
[usign_argc
++] = "-m";
194 usign_argv
[usign_argc
++] = msgfile
;
197 usign_argv
[usign_argc
++] = "-q";
200 usign_argv
[usign_argc
++] = "-p";
201 usign_argv
[usign_argc
++] = pubkeyfile
;
205 usign_argv
[usign_argc
++] = "-P";
206 usign_argv
[usign_argc
++] = pubkeydir
;
210 usign_argv
[usign_argc
++] = "-x";
211 usign_argv
[usign_argc
++] = sigfile
;
220 if (execv(usign_argv
[0], usign_argv
))
226 waitpid(pid
, &status
, 0);
227 return WEXITSTATUS(status
);