c9aecf99f9c05965157b92732bdd865391c01ab4
2 * wrapper functions around the usign executable
3 * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 3
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
23 #ifdef UCERT_HOST_BUILD
24 #define USIGN_EXEC "usign"
26 #define USIGN_EXEC "/usr/bin/usign"
30 * check for revoker deadlink in pubkeydir
31 * return true if a revoker exists, false otherwise
33 int _usign_key_is_revoked(const char *fingerprint
, const char *pubkeydir
) {
35 char rfname
[256] = {0};
37 snprintf(rfname
, sizeof(rfname
)-1, "%s/%s", pubkeydir
, fingerprint
);
38 if (readlink(rfname
, tml
, sizeof(tml
)) > 0 &&
39 !strcmp(tml
, ".revoked.")) {
49 * return WEXITSTATUS or -1 if fork fails
51 int usign_s(const char *msgfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
54 const char *usign_argv
[16] = {0};
55 unsigned int usign_argc
= 0;
57 usign_argv
[usign_argc
++] = USIGN_EXEC
;
58 usign_argv
[usign_argc
++] = "-S";
59 usign_argv
[usign_argc
++] = "-m";
60 usign_argv
[usign_argc
++] = msgfile
;
61 usign_argv
[usign_argc
++] = "-s";
62 usign_argv
[usign_argc
++] = seckeyfile
;
63 usign_argv
[usign_argc
++] = "-x";
64 usign_argv
[usign_argc
++] = sigfile
;
67 usign_argv
[usign_argc
++] = "-q";
75 execvp(usign_argv
[0], (char *const *)usign_argv
);
77 perror("Failed to execute usign");
81 waitpid(pid
, &status
, 0);
82 return WEXITSTATUS(status
);
85 int usign_s(const char *msgfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
91 * call usign -F ... and set fingerprint returned
92 * return WEXITSTATUS or -1 if fork fails
94 static int usign_f(char fingerprint
[17], const char *pubkeyfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
98 const char *usign_argv
[16] = {0};
99 unsigned int usign_argc
= 0;
104 usign_argv
[usign_argc
++] = USIGN_EXEC
;
105 usign_argv
[usign_argc
++] = "-F";
108 usign_argv
[usign_argc
++] = "-p";
109 usign_argv
[usign_argc
++] = pubkeyfile
;
113 usign_argv
[usign_argc
++] = "-s";
114 usign_argv
[usign_argc
++] = seckeyfile
;
118 usign_argv
[usign_argc
++] = "-x";
119 usign_argv
[usign_argc
++] = sigfile
;
133 execvp(usign_argv
[0], (char *const *)usign_argv
);
135 perror("Failed to execute usign");
139 waitpid(pid
, &status
, 0);
140 status
= WEXITSTATUS(status
);
141 if (fingerprint
&& !WEXITSTATUS(status
)) {
143 memset(fingerprint
, 0, 17);
144 r
= read(fds
[0], fingerprint
, 17);
148 fingerprint
[16] = '\0';
157 * call usign -F -p ...
159 int usign_f_pubkey(char fingerprint
[17], const char *pubkeyfile
, bool quiet
) {
160 return usign_f(fingerprint
, pubkeyfile
, NULL
, NULL
, quiet
);
164 * call usign -F -s ...
166 int usign_f_seckey(char fingerprint
[17], const char *seckeyfile
, bool quiet
) {
167 return usign_f(fingerprint
, NULL
, seckeyfile
, NULL
, quiet
);
171 * call usign -F -x ...
173 int usign_f_sig(char fingerprint
[17], const char *sigfile
, bool quiet
) {
174 return usign_f(fingerprint
, NULL
, NULL
, sigfile
, quiet
);
180 * return WEXITSTATUS or -1 if fork fails
182 int usign_v(const char *msgfile
, const char *pubkeyfile
,
183 const char *pubkeydir
, const char *sigfile
, bool quiet
) {
186 const char *usign_argv
[16] = {0};
187 unsigned int usign_argc
= 0;
188 char fingerprint
[17];
190 if (usign_f_sig(fingerprint
, sigfile
, quiet
)) {
192 fprintf(stderr
, "cannot get signing key fingerprint\n");
196 if (pubkeydir
&& _usign_key_is_revoked(fingerprint
, pubkeydir
)) {
198 fprintf(stderr
, "key %s has been revoked!\n", fingerprint
);
201 usign_argv
[usign_argc
++] = USIGN_EXEC
;
202 usign_argv
[usign_argc
++] = "-V";
203 usign_argv
[usign_argc
++] = "-m";
204 usign_argv
[usign_argc
++] = msgfile
;
207 usign_argv
[usign_argc
++] = "-q";
210 usign_argv
[usign_argc
++] = "-p";
211 usign_argv
[usign_argc
++] = pubkeyfile
;
215 usign_argv
[usign_argc
++] = "-P";
216 usign_argv
[usign_argc
++] = pubkeydir
;
220 usign_argv
[usign_argc
++] = "-x";
221 usign_argv
[usign_argc
++] = sigfile
;
230 execvp(usign_argv
[0], (char *const *)usign_argv
);
232 perror("Failed to execute usign");
236 waitpid(pid
, &status
, 0);
237 return WEXITSTATUS(status
);