projects / project / ucert.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
use list to model certificate chain
[project/ucert.git] / usign-exec.c
1 #include <stdbool.h>
2 #include <string.h>
3 #include <unistd.h>
4 #include <sys/wait.h>
5
6 #include "usign.h"
7
8 int usign_v(const char *msgfile, const char *pubkeyfile,
9 const char *pubkeydir, const char *sigfile, bool quiet) {
10 pid_t pid;
11 int status;
12 const char *usign_argv[16] = {0};
13 unsigned int usign_argc = 0;
14
15 usign_argv[usign_argc++] = "/usr/bin/usign";
16 usign_argv[usign_argc++] = "-V";
17 usign_argv[usign_argc++] = "-m";
18 usign_argv[usign_argc++] = msgfile;
19
20 if (quiet)
21 usign_argv[usign_argc++] = "-q";
22
23 if (pubkeyfile) {
24 usign_argv[usign_argc++] = "-p";
25 usign_argv[usign_argc++] = pubkeyfile;
26 }
27
28 if (pubkeydir) {
29 usign_argv[usign_argc++] = "-P";
30 usign_argv[usign_argc++] = pubkeydir;
31 }
32
33 pid = fork();
34 switch (pid) {
35 case -1:
36 return -1;
37
38 case 0:
39 if (execv(usign_argv[0], usign_argv))
40 return -1;
41
42 break;
43
44 default:
45 waitpid(pid, &status, 0);
46 return WEXITSTATUS(status);
47 }
48
49 return -1;
50 }
51
52 int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bool quiet) {
53 pid_t pid;
54 int status;
55 const char *usign_argv[16] = {0};
56 unsigned int usign_argc = 0;
57
58 usign_argv[usign_argc++] = "/usr/bin/usign";
59 usign_argv[usign_argc++] = "-S";
60 usign_argv[usign_argc++] = "-m";
61 usign_argv[usign_argc++] = msgfile;
62 usign_argv[usign_argc++] = "-s";
63 usign_argv[usign_argc++] = seckeyfile;
64 usign_argv[usign_argc++] = "-x";
65 usign_argv[usign_argc++] = sigfile;
66
67 if (quiet)
68 usign_argv[usign_argc++] = "-q";
69
70 pid = fork();
71 switch (pid) {
72 case -1:
73 return -1;
74
75 case 0:
76 if (execv(usign_argv[0], usign_argv))
77 return -1;
78
79 break;
80
81 default:
82 waitpid(pid, &status, 0);
83 return WEXITSTATUS(status);
84 }
85
86 return -1;
87 }
88
89 static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile) {
90 int fds[2];
91 pid_t pid;
92 int status;
93 const char *usign_argv[16] = {0};
94 unsigned int usign_argc = 0;
95
96 if (pipe(fds))
97 return -1;
98
99 usign_argv[usign_argc++] = "/usr/bin/usign";
100 usign_argv[usign_argc++] = "-F";
101
102 if (pubkeyfile) {
103 usign_argv[usign_argc++] = "-p";
104 usign_argv[usign_argc++] = pubkeyfile;
105 }
106
107 if (seckeyfile) {
108 usign_argv[usign_argc++] = "-s";
109 usign_argv[usign_argc++] = seckeyfile;
110 }
111
112 if (sigfile) {
113 usign_argv[usign_argc++] = "-x";
114 usign_argv[usign_argc++] = sigfile;
115 }
116
117 pid = fork();
118 switch (pid) {
119 case -1:
120 return -1;
121
122 case 0:
123 uloop_done();
124
125 dup2(fds[1], 1);
126
127 close(0);
128 close(2);
129 close(fds[0]);
130 close(fds[1]);
131
132 if (execv(usign_argv[0], usign_argv))
133 return -1;
134
135 break;
136
137 default:
138 waitpid(pid, &status, 0);
139 if (fingerprint && !WEXITSTATUS(status)) {
140 memset(fingerprint, 0, 16);
141 read(fds[0], fingerprint, 16);
142 fingerprint[16] = '\0';
143 }
144 close(fds[0]);
145 close(fds[1]);
146 return WEXITSTATUS(status);
147 }
148
149 return -1;
150 }
151
152 int usign_f_pubkey(char *fingerprint, const char *pubkeyfile) {
153 return usign_f(fingerprint, pubkeyfile, NULL, NULL);
154 }
155
156 int usign_f_seckey(char *fingerprint, const char *seckeyfile) {
157 return usign_f(fingerprint, NULL, seckeyfile, NULL);
158 }
159
160 int usign_f_sig(char *fingerprint, const char *sigfile) {
161 return usign_f(fingerprint, NULL, NULL, sigfile);
162 }
OpenWrt usign certificate wrapper