add usign-exec.c
authorDaniel Golle <daniel@makrotopia.org>
Wed, 6 Jun 2018 19:12:50 +0000 (21:12 +0200)
committerDaniel Golle <daniel@makrotopia.org>
Thu, 14 Jun 2018 16:51:22 +0000 (18:51 +0200)
create C function wrappers calling the /usr/bin/usign executable and
processing the results.

usign_v()   : usign -V ...
usign_s()   : usign -S ...
usign_f_*() : usign -F ...

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)

CMakeLists.txt
ucert.c
usign-exec.c [new file with mode: 0644]
usign.h [new file with mode: 0644]

index 5b63312..c86c3bf 100644 (file)
@@ -7,6 +7,6 @@ SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "")
 
 find_library(json NAMES json-c json)
 
-ADD_EXECUTABLE(ucert ucert.c)
+ADD_EXECUTABLE(ucert ucert.c usign-exec.c)
 TARGET_LINK_LIBRARIES(ucert ubox blobmsg_json ${json})
 INSTALL(TARGETS ucert RUNTIME DESTINATION bin)
diff --git a/ucert.c b/ucert.c
index 9afca1c..06b46bb 100644 (file)
--- a/ucert.c
+++ b/ucert.c
@@ -33,6 +33,8 @@
 #include <libubox/vlist.h>
 #include <libubox/blobmsg_json.h>
 
+#include "usign.h"
+
 #define CERT_BUF_LEN 4096
 
 static enum {
@@ -107,9 +109,7 @@ static int cert_load(const char *certfile, struct blob_attr *certtb[]) {
        if (ret)
                return 1;
 
-       blob_parse(certbuf.head, certtb, cert_policy, CERT_ATTR_MAX);
-
-       return 0;
+       return (blob_parse(certbuf.head, certtb, cert_policy, CERT_ATTR_MAX) != 0);
 }
 
 static int cert_append(const char *certfile, const char *pubkeyfile, const char *sigfile) {
@@ -129,6 +129,14 @@ static int cert_dump(const char *certfile) {
 }
 
 static int cert_issue(const char *certfile, const char *pubkeyfile, const char *seckeyfile) {
+       struct blob_buf certbuf;
+       struct blob_buf payloadbuf;
+
+       blob_buf_init(&payloadbuf, 0);
+/*     usign_s() */
+
+       blob_buf_init(&certbuf, 0);
+
        fprintf(stderr, "not implemented\n");
        return 1;
 }
diff --git a/usign-exec.c b/usign-exec.c
new file mode 100644 (file)
index 0000000..d25f9b6
--- /dev/null
@@ -0,0 +1,162 @@
+#include <stdbool.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/wait.h>
+
+#include "usign.h"
+
+int usign_v(const char *msgfile, const char *pubkeyfile,
+           const char *pubkeydir, const char *sigfile, bool quiet) {
+       pid_t pid;
+       int status;
+       const char *usign_argv[16] = {0};
+       unsigned int usign_argc = 0;
+
+       usign_argv[usign_argc++] = "/usr/bin/usign";
+       usign_argv[usign_argc++] = "-V";
+       usign_argv[usign_argc++] = "-m";
+       usign_argv[usign_argc++] = msgfile;
+
+       if (quiet)
+               usign_argv[usign_argc++] = "-q";
+
+       if (pubkeyfile) {
+               usign_argv[usign_argc++] = "-p";
+               usign_argv[usign_argc++] = pubkeyfile;
+       }
+
+       if (pubkeydir) {
+               usign_argv[usign_argc++] = "-P";
+               usign_argv[usign_argc++] = pubkeydir;
+       }
+
+       pid = fork();
+       switch (pid) {
+       case -1:
+               return -1;
+
+       case 0:
+               if (execv(usign_argv[0], usign_argv))
+                       return -1;
+
+               break;
+
+       default:
+               waitpid(pid, &status, 0);
+               return WEXITSTATUS(status);
+       }
+
+       return -1;
+}
+
+int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bool quiet) {
+       pid_t pid;
+       int status;
+       const char *usign_argv[16] = {0};
+       unsigned int usign_argc = 0;
+
+       usign_argv[usign_argc++] = "/usr/bin/usign";
+       usign_argv[usign_argc++] = "-S";
+       usign_argv[usign_argc++] = "-m";
+       usign_argv[usign_argc++] = msgfile;
+       usign_argv[usign_argc++] = "-s";
+       usign_argv[usign_argc++] = seckeyfile;
+       usign_argv[usign_argc++] = "-x";
+       usign_argv[usign_argc++] = sigfile;
+
+       if (quiet)
+               usign_argv[usign_argc++] = "-q";
+
+       pid = fork();
+       switch (pid) {
+       case -1:
+               return -1;
+
+       case 0:
+               if (execv(usign_argv[0], usign_argv))
+                       return -1;
+
+               break;
+
+       default:
+               waitpid(pid, &status, 0);
+               return WEXITSTATUS(status);
+       }
+
+       return -1;
+}
+
+static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile) {
+       int fds[2];
+       pid_t pid;
+       int status;
+       const char *usign_argv[16] = {0};
+       unsigned int usign_argc = 0;
+
+       if (pipe(fds))
+               return -1;
+
+       usign_argv[usign_argc++] = "/usr/bin/usign";
+       usign_argv[usign_argc++] = "-F";
+
+       if (pubkeyfile) {
+               usign_argv[usign_argc++] = "-p";
+               usign_argv[usign_argc++] = pubkeyfile;
+       }
+
+       if (seckeyfile) {
+               usign_argv[usign_argc++] = "-s";
+               usign_argv[usign_argc++] = seckeyfile;
+       }
+
+       if (sigfile) {
+               usign_argv[usign_argc++] = "-x";
+               usign_argv[usign_argc++] = sigfile;
+       }
+
+       pid = fork();
+       switch (pid) {
+       case -1:
+               return -1;
+
+       case 0:
+               uloop_done();
+
+               dup2(fds[1], 1);
+
+               close(0);
+               close(2);
+               close(fds[0]);
+               close(fds[1]);
+
+               if (execv(usign_argv[0], usign_argv))
+                       return -1;
+
+               break;
+
+       default:
+               waitpid(pid, &status, 0);
+               if (fingerprint && !WEXITSTATUS(status)) {
+                       memset(fingerprint, 0, 16);
+                       read(fds[0], fingerprint, 16);
+                       fingerprint[16] = '\0';
+               }
+               close(fds[0]);
+               close(fds[1]);
+               return WEXITSTATUS(status);
+       }
+
+       return -1;
+}
+
+int usign_f_pubkey(char *fingerprint, const char *pubkeyfile) {
+       return usign_f(fingerprint, pubkeyfile, NULL, NULL);
+}
+
+int usign_f_seckey(char *fingerprint, const char *seckeyfile) {
+       return usign_f(fingerprint, NULL, seckeyfile, NULL);
+}
+
+int usign_f_sig(char *fingerprint, const char *sigfile) {
+       return usign_f(fingerprint, NULL, NULL, sigfile);
+}
diff --git a/usign.h b/usign.h
new file mode 100644 (file)
index 0000000..e2f8e21
--- /dev/null
+++ b/usign.h
@@ -0,0 +1,10 @@
+int usign_v(const char *msgfile, const char *pubkeyfile,
+           const char *pubkeydir, const char *sigfile, bool quiet);
+
+int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bool quiet);
+
+int usign_f_pubkey(char *fingerprint, const char *pubkeyfile);
+
+int usign_f_seckey(char *fingerprint, const char *seckeyfile);
+
+int usign_f_sig(char *fingerprint, const char *sigfile);