+/*
+ * call usign -F -x ...
+ */
+int usign_f_sig(char fingerprint[17], const char *sigfile, bool quiet) {
+ return usign_f(fingerprint, NULL, NULL, sigfile, quiet);
+}
+
+
+/*
+ * call usign -V ...
+ * return WEXITSTATUS or -1 if fork fails
+ */
+int usign_v(const char *msgfile, const char *pubkeyfile,
+ const char *pubkeydir, const char *sigfile, bool quiet) {
+ pid_t pid;
+ int status;
+ const char *usign_argv[16] = {0};
+ unsigned int usign_argc = 0;
+ char fingerprint[17];
+
+ if (usign_f_sig(fingerprint, sigfile, quiet)) {
+ if (!quiet)
+ fprintf(stderr, "cannot get signing key fingerprint\n");
+ return 1;
+ }
+
+ if (pubkeydir && _usign_key_is_revoked(fingerprint, pubkeydir)) {
+ if (!quiet)
+ fprintf(stderr, "key %s has been revoked!\n", fingerprint);
+ return 1;
+ }
+ usign_argv[usign_argc++] = USIGN_EXEC;
+ usign_argv[usign_argc++] = "-V";
+ usign_argv[usign_argc++] = "-m";
+ usign_argv[usign_argc++] = msgfile;
+
+ if (quiet)
+ usign_argv[usign_argc++] = "-q";
+
+ if (pubkeyfile) {
+ usign_argv[usign_argc++] = "-p";
+ usign_argv[usign_argc++] = pubkeyfile;
+ }
+
+ if (pubkeydir) {
+ usign_argv[usign_argc++] = "-P";
+ usign_argv[usign_argc++] = pubkeydir;
+ }
+
+ if (sigfile) {
+ usign_argv[usign_argc++] = "-x";
+ usign_argv[usign_argc++] = sigfile;
+ }
+
+ pid = fork();
+ switch (pid) {
+ case -1:
+ return -1;
+
+ case 0:
+ execvp(usign_argv[0], (char *const *)usign_argv);
+ if (!quiet)
+ perror("Failed to execute usign");
+ _exit(1);
+ }
+
+ waitpid(pid, &status, 0);
+ return WIFEXITED(status) ? WEXITSTATUS(status) : -1;