0dde81ed647b94a382044d97695fe25b497a4443
2 * wrapper functions around the usign executable
3 * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 3
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
23 #ifdef UCERT_HOST_BUILD
24 #define USIGN_EXEC "usign"
26 #define USIGN_EXEC "/usr/bin/usign"
30 * check for revoker deadlink in pubkeydir
31 * return true if a revoker exists, false otherwise
33 int _usign_key_is_revoked(const char *fingerprint
, const char *pubkeydir
) {
35 char rfname
[256] = {0};
37 snprintf(rfname
, sizeof(rfname
)-1, "%s/%s", pubkeydir
, fingerprint
);
38 if (readlink(rfname
, tml
, sizeof(tml
)) > 0 &&
39 !strcmp(tml
, ".revoked.")) {
49 * return WEXITSTATUS or -1 if fork fails
51 int usign_s(const char *msgfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
54 const char *usign_argv
[16] = {0};
55 unsigned int usign_argc
= 0;
57 usign_argv
[usign_argc
++] = USIGN_EXEC
;
58 usign_argv
[usign_argc
++] = "-S";
59 usign_argv
[usign_argc
++] = "-m";
60 usign_argv
[usign_argc
++] = msgfile
;
61 usign_argv
[usign_argc
++] = "-s";
62 usign_argv
[usign_argc
++] = seckeyfile
;
63 usign_argv
[usign_argc
++] = "-x";
64 usign_argv
[usign_argc
++] = sigfile
;
67 usign_argv
[usign_argc
++] = "-q";
75 execvp(usign_argv
[0], (char *const *)usign_argv
);
77 perror("Failed to execute usign");
81 waitpid(pid
, &status
, 0);
82 return WEXITSTATUS(status
);
85 int usign_s(const char *msgfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
91 * call usign -F ... and set fingerprint returned
92 * return WEXITSTATUS or -1 if fork fails
94 static int usign_f(char fingerprint
[17], const char *pubkeyfile
, const char *seckeyfile
, const char *sigfile
, bool quiet
) {
98 const char *usign_argv
[16] = {0};
99 unsigned int usign_argc
= 0;
104 usign_argv
[usign_argc
++] = USIGN_EXEC
;
105 usign_argv
[usign_argc
++] = "-F";
108 usign_argv
[usign_argc
++] = "-p";
109 usign_argv
[usign_argc
++] = pubkeyfile
;
113 usign_argv
[usign_argc
++] = "-s";
114 usign_argv
[usign_argc
++] = seckeyfile
;
118 usign_argv
[usign_argc
++] = "-x";
119 usign_argv
[usign_argc
++] = sigfile
;
133 execvp(usign_argv
[0], (char *const *)usign_argv
);
135 perror("Failed to execute usign");
141 waitpid(pid
, &status
, 0);
142 status
= WEXITSTATUS(status
);
143 if (fingerprint
&& !WEXITSTATUS(status
)) {
145 memset(fingerprint
, 0, 17);
146 r
= read(fds
[0], fingerprint
, 17);
150 fingerprint
[16] = '\0';
158 * call usign -F -p ...
160 int usign_f_pubkey(char fingerprint
[17], const char *pubkeyfile
, bool quiet
) {
161 return usign_f(fingerprint
, pubkeyfile
, NULL
, NULL
, quiet
);
165 * call usign -F -s ...
167 int usign_f_seckey(char fingerprint
[17], const char *seckeyfile
, bool quiet
) {
168 return usign_f(fingerprint
, NULL
, seckeyfile
, NULL
, quiet
);
172 * call usign -F -x ...
174 int usign_f_sig(char fingerprint
[17], const char *sigfile
, bool quiet
) {
175 return usign_f(fingerprint
, NULL
, NULL
, sigfile
, quiet
);
181 * return WEXITSTATUS or -1 if fork fails
183 int usign_v(const char *msgfile
, const char *pubkeyfile
,
184 const char *pubkeydir
, const char *sigfile
, bool quiet
) {
187 const char *usign_argv
[16] = {0};
188 unsigned int usign_argc
= 0;
189 char fingerprint
[17];
191 if (usign_f_sig(fingerprint
, sigfile
, quiet
)) {
193 fprintf(stderr
, "cannot get signing key fingerprint\n");
197 if (pubkeydir
&& _usign_key_is_revoked(fingerprint
, pubkeydir
)) {
199 fprintf(stderr
, "key %s has been revoked!\n", fingerprint
);
202 usign_argv
[usign_argc
++] = USIGN_EXEC
;
203 usign_argv
[usign_argc
++] = "-V";
204 usign_argv
[usign_argc
++] = "-m";
205 usign_argv
[usign_argc
++] = msgfile
;
208 usign_argv
[usign_argc
++] = "-q";
211 usign_argv
[usign_argc
++] = "-p";
212 usign_argv
[usign_argc
++] = pubkeyfile
;
216 usign_argv
[usign_argc
++] = "-P";
217 usign_argv
[usign_argc
++] = pubkeydir
;
221 usign_argv
[usign_argc
++] = "-x";
222 usign_argv
[usign_argc
++] = sigfile
;
231 execvp(usign_argv
[0], (char *const *)usign_argv
);
233 perror("Failed to execute usign");
237 waitpid(pid
, &status
, 0);
238 return WEXITSTATUS(status
);