projects / project / ucert.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
allow append also on non-existing certfile
[project/ucert.git] / usign-exec.c
1 #include <stdbool.h>
2 #include <string.h>
3 #include <unistd.h>
4 #include <sys/wait.h>
5
6 #include "usign.h"
7
8 int usign_v(const char *msgfile, const char *pubkeyfile,
9 const char *pubkeydir, const char *sigfile, bool quiet) {
10 pid_t pid;
11 int status;
12 const char *usign_argv[16] = {0};
13 unsigned int usign_argc = 0;
14
15 usign_argv[usign_argc++] = "/usr/bin/usign";
16 usign_argv[usign_argc++] = "-V";
17 usign_argv[usign_argc++] = "-m";
18 usign_argv[usign_argc++] = msgfile;
19
20 if (quiet)
21 usign_argv[usign_argc++] = "-q";
22
23 if (pubkeyfile) {
24 usign_argv[usign_argc++] = "-p";
25 usign_argv[usign_argc++] = pubkeyfile;
26 }
27
28 if (pubkeydir) {
29 usign_argv[usign_argc++] = "-P";
30 usign_argv[usign_argc++] = pubkeydir;
31 }
32
33 if (sigfile) {
34 usign_argv[usign_argc++] = "-x";
35 usign_argv[usign_argc++] = sigfile;
36 }
37
38 pid = fork();
39 switch (pid) {
40 case -1:
41 return -1;
42
43 case 0:
44 if (execv(usign_argv[0], usign_argv))
45 return -1;
46
47 break;
48
49 default:
50 waitpid(pid, &status, 0);
51 return WEXITSTATUS(status);
52 }
53
54 return -1;
55 }
56
57 int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bool quiet) {
58 pid_t pid;
59 int status;
60 const char *usign_argv[16] = {0};
61 unsigned int usign_argc = 0;
62
63 usign_argv[usign_argc++] = "/usr/bin/usign";
64 usign_argv[usign_argc++] = "-S";
65 usign_argv[usign_argc++] = "-m";
66 usign_argv[usign_argc++] = msgfile;
67 usign_argv[usign_argc++] = "-s";
68 usign_argv[usign_argc++] = seckeyfile;
69 usign_argv[usign_argc++] = "-x";
70 usign_argv[usign_argc++] = sigfile;
71
72 if (quiet)
73 usign_argv[usign_argc++] = "-q";
74
75 pid = fork();
76 switch (pid) {
77 case -1:
78 return -1;
79
80 case 0:
81 if (execv(usign_argv[0], usign_argv))
82 return -1;
83
84 break;
85
86 default:
87 waitpid(pid, &status, 0);
88 return WEXITSTATUS(status);
89 }
90
91 return -1;
92 }
93
94 static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile) {
95 int fds[2];
96 pid_t pid;
97 int status;
98 const char *usign_argv[16] = {0};
99 unsigned int usign_argc = 0;
100
101 if (pipe(fds))
102 return -1;
103
104 usign_argv[usign_argc++] = "/usr/bin/usign";
105 usign_argv[usign_argc++] = "-F";
106
107 if (pubkeyfile) {
108 usign_argv[usign_argc++] = "-p";
109 usign_argv[usign_argc++] = pubkeyfile;
110 }
111
112 if (seckeyfile) {
113 usign_argv[usign_argc++] = "-s";
114 usign_argv[usign_argc++] = seckeyfile;
115 }
116
117 if (sigfile) {
118 usign_argv[usign_argc++] = "-x";
119 usign_argv[usign_argc++] = sigfile;
120 }
121
122 pid = fork();
123 switch (pid) {
124 case -1:
125 return -1;
126
127 case 0:
128 dup2(fds[1], 1);
129
130 close(0);
131 close(2);
132 close(fds[0]);
133 close(fds[1]);
134
135 if (execv(usign_argv[0], usign_argv))
136 return -1;
137
138 break;
139
140 default:
141 waitpid(pid, &status, 0);
142 if (fingerprint && !WEXITSTATUS(status)) {
143 memset(fingerprint, 0, 16);
144 read(fds[0], fingerprint, 16);
145 fingerprint[16] = '\0';
146 }
147 close(fds[0]);
148 close(fds[1]);
149 return WEXITSTATUS(status);
150 }
151
152 return -1;
153 }
154
155 int usign_f_pubkey(char *fingerprint, const char *pubkeyfile) {
156 return usign_f(fingerprint, pubkeyfile, NULL, NULL);
157 }
158
159 int usign_f_seckey(char *fingerprint, const char *seckeyfile) {
160 return usign_f(fingerprint, NULL, seckeyfile, NULL);
161 }
162
163 int usign_f_sig(char *fingerprint, const char *sigfile) {
164 return usign_f(fingerprint, NULL, NULL, sigfile);
165 }
OpenWrt usign certificate wrapper