projects / project / ucert.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
harden reading fingerprint from usign process
[project/ucert.git] / usign-exec.c
1 /*
2 * wrapper functions around the usign executable
3 * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 3
7 * as published by the Free Software Foundation
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 */
14
15 #include <stdbool.h>
16 #include <stdio.h>
17 #include <string.h>
18 #include <unistd.h>
19 #include <sys/wait.h>
20
21 #include "usign.h"
22
23 #define USIGN_EXEC "/usr/bin/usign"
24
25 /*
26 * check for revoker deadlink in pubkeydir
27 * return true if a revoker exists, false otherwise
28 */
29 int _usign_key_is_revoked(const char *fingerprint, const char *pubkeydir) {
30 char tml[64] = {0};
31 char rfname[256] = {0};
32
33 snprintf(rfname, sizeof(rfname)-1, "%s/%s", pubkeydir, fingerprint);
34 if (readlink(rfname, tml, sizeof(tml)) > 0 &&
35 !strcmp(tml, ".revoked.")) {
36 return true;
37 };
38
39 return false;
40 }
41
42 #ifdef UCERT_FULL
43 /*
44 * call usign -S ...
45 * return WEXITSTATUS or -1 if fork or execv fails
46 */
47 int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bool quiet) {
48 pid_t pid;
49 int status;
50 const char *usign_argv[16] = {0};
51 unsigned int usign_argc = 0;
52
53 usign_argv[usign_argc++] = USIGN_EXEC;
54 usign_argv[usign_argc++] = "-S";
55 usign_argv[usign_argc++] = "-m";
56 usign_argv[usign_argc++] = msgfile;
57 usign_argv[usign_argc++] = "-s";
58 usign_argv[usign_argc++] = seckeyfile;
59 usign_argv[usign_argc++] = "-x";
60 usign_argv[usign_argc++] = sigfile;
61
62 if (quiet)
63 usign_argv[usign_argc++] = "-q";
64
65 pid = fork();
66 switch (pid) {
67 case -1:
68 return -1;
69
70 case 0:
71 if (execv(usign_argv[0], usign_argv))
72 return -1;
73
74 break;
75
76 default:
77 waitpid(pid, &status, 0);
78 return WEXITSTATUS(status);
79 }
80
81 return -1;
82 }
83 #else
84 int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bool quiet) {
85 return -1;
86 };
87 #endif
88
89 /*
90 * call usign -F ... and set fingerprint returned
91 * return WEXITSTATUS or -1 if fork or execv fails
92 */
93 static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile) {
94 int fds[2];
95 pid_t pid;
96 int status;
97 const char *usign_argv[16] = {0};
98 unsigned int usign_argc = 0;
99
100 if (pipe(fds))
101 return -1;
102
103 usign_argv[usign_argc++] = USIGN_EXEC;
104 usign_argv[usign_argc++] = "-F";
105
106 if (pubkeyfile) {
107 usign_argv[usign_argc++] = "-p";
108 usign_argv[usign_argc++] = pubkeyfile;
109 }
110
111 if (seckeyfile) {
112 usign_argv[usign_argc++] = "-s";
113 usign_argv[usign_argc++] = seckeyfile;
114 }
115
116 if (sigfile) {
117 usign_argv[usign_argc++] = "-x";
118 usign_argv[usign_argc++] = sigfile;
119 }
120
121 pid = fork();
122 switch (pid) {
123 case -1:
124 return -1;
125
126 case 0:
127 dup2(fds[1], 1);
128
129 close(0);
130 close(2);
131 close(fds[0]);
132 close(fds[1]);
133
134 if (execv(usign_argv[0], usign_argv))
135 return -1;
136
137 break;
138
139 default:
140 waitpid(pid, &status, 0);
141 status = WEXITSTATUS(status);
142 if (fingerprint && !WEXITSTATUS(status)) {
143 memset(fingerprint, 0, 17);
144 read(fds[0], fingerprint, 17);
145 if (fingerprint[16] != '\n')
146 status = -1;
147
148 fingerprint[16] = '\0';
149
150 }
151 close(fds[0]);
152 close(fds[1]);
153 return status;
154 }
155
156 return -1;
157 }
158
159 /*
160 * call usign -F -p ...
161 */
162 int usign_f_pubkey(char *fingerprint, const char *pubkeyfile) {
163 return usign_f(fingerprint, pubkeyfile, NULL, NULL);
164 }
165
166 /*
167 * call usign -F -s ...
168 */
169 int usign_f_seckey(char *fingerprint, const char *seckeyfile) {
170 return usign_f(fingerprint, NULL, seckeyfile, NULL);
171 }
172
173 /*
174 * call usign -F -x ...
175 */
176 int usign_f_sig(char *fingerprint, const char *sigfile) {
177 return usign_f(fingerprint, NULL, NULL, sigfile);
178 }
179
180
181 /*
182 * call usign -V ...
183 * return WEXITSTATUS or -1 if fork or execv fails
184 */
185 int usign_v(const char *msgfile, const char *pubkeyfile,
186 const char *pubkeydir, const char *sigfile, bool quiet) {
187 pid_t pid;
188 int status;
189 const char *usign_argv[16] = {0};
190 unsigned int usign_argc = 0;
191 char fingerprint[17];
192
193 if (usign_f_sig(fingerprint, sigfile)) {
194 if (!quiet)
195 fprintf(stdout, "cannot get signing key fingerprint\n");
196 return 1;
197 }
198
199 if (pubkeydir && _usign_key_is_revoked(fingerprint, pubkeydir)) {
200 if (!quiet)
201 fprintf(stdout, "key %s has been revoked!\n", fingerprint);
202 return 1;
203 }
204 usign_argv[usign_argc++] = USIGN_EXEC;
205 usign_argv[usign_argc++] = "-V";
206 usign_argv[usign_argc++] = "-m";
207 usign_argv[usign_argc++] = msgfile;
208
209 if (quiet)
210 usign_argv[usign_argc++] = "-q";
211
212 if (pubkeyfile) {
213 usign_argv[usign_argc++] = "-p";
214 usign_argv[usign_argc++] = pubkeyfile;
215 }
216
217 if (pubkeydir) {
218 usign_argv[usign_argc++] = "-P";
219 usign_argv[usign_argc++] = pubkeydir;
220 }
221
222 if (sigfile) {
223 usign_argv[usign_argc++] = "-x";
224 usign_argv[usign_argc++] = sigfile;
225 }
226
227 pid = fork();
228 switch (pid) {
229 case -1:
230 return -1;
231
232 case 0:
233 if (execv(usign_argv[0], usign_argv))
234 return -1;
235
236 break;
237
238 default:
239 waitpid(pid, &status, 0);
240 return WEXITSTATUS(status);
241 }
242
243 return -1;
244 }
OpenWrt usign certificate wrapper