projects / project / ucert.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
implement chain and message verify
[project/ucert.git] / usign-exec.c
1 #include <stdbool.h>
2 #include <string.h>
3 #include <unistd.h>
4 #include <sys/wait.h>
5
6 #include "usign.h"
7
8 int usign_v(const char *msgfile, const char *pubkeyfile,
9 const char *pubkeydir, const char *sigfile, bool quiet) {
10 pid_t pid;
11 int status;
12 const char *usign_argv[16] = {0};
13 unsigned int usign_argc = 0;
14
15 usign_argv[usign_argc++] = "/usr/bin/usign";
16 usign_argv[usign_argc++] = "-V";
17 usign_argv[usign_argc++] = "-m";
18 usign_argv[usign_argc++] = msgfile;
19
20 if (quiet)
21 usign_argv[usign_argc++] = "-q";
22
23 if (pubkeyfile) {
24 usign_argv[usign_argc++] = "-p";
25 usign_argv[usign_argc++] = pubkeyfile;
26 }
27
28 if (pubkeydir) {
29 usign_argv[usign_argc++] = "-P";
30 usign_argv[usign_argc++] = pubkeydir;
31 }
32
33 pid = fork();
34 switch (pid) {
35 case -1:
36 return -1;
37
38 case 0:
39 if (execv(usign_argv[0], usign_argv))
40 return -1;
41
42 break;
43
44 default:
45 waitpid(pid, &status, 0);
46 return WEXITSTATUS(status);
47 }
48
49 return -1;
50 }
51
52 int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bool quiet) {
53 pid_t pid;
54 int status;
55 const char *usign_argv[16] = {0};
56 unsigned int usign_argc = 0;
57
58 usign_argv[usign_argc++] = "/usr/bin/usign";
59 usign_argv[usign_argc++] = "-S";
60 usign_argv[usign_argc++] = "-m";
61 usign_argv[usign_argc++] = msgfile;
62 usign_argv[usign_argc++] = "-s";
63 usign_argv[usign_argc++] = seckeyfile;
64 usign_argv[usign_argc++] = "-x";
65 usign_argv[usign_argc++] = sigfile;
66
67 if (quiet)
68 usign_argv[usign_argc++] = "-q";
69
70 pid = fork();
71 switch (pid) {
72 case -1:
73 return -1;
74
75 case 0:
76 if (execv(usign_argv[0], usign_argv))
77 return -1;
78
79 break;
80
81 default:
82 waitpid(pid, &status, 0);
83 return WEXITSTATUS(status);
84 }
85
86 return -1;
87 }
88
89 static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile) {
90 int fds[2];
91 pid_t pid;
92 int status;
93 const char *usign_argv[16] = {0};
94 unsigned int usign_argc = 0;
95
96 if (pipe(fds))
97 return -1;
98
99 usign_argv[usign_argc++] = "/usr/bin/usign";
100 usign_argv[usign_argc++] = "-F";
101
102 if (pubkeyfile) {
103 usign_argv[usign_argc++] = "-p";
104 usign_argv[usign_argc++] = pubkeyfile;
105 }
106
107 if (seckeyfile) {
108 usign_argv[usign_argc++] = "-s";
109 usign_argv[usign_argc++] = seckeyfile;
110 }
111
112 if (sigfile) {
113 usign_argv[usign_argc++] = "-x";
114 usign_argv[usign_argc++] = sigfile;
115 }
116
117 pid = fork();
118 switch (pid) {
119 case -1:
120 return -1;
121
122 case 0:
123 dup2(fds[1], 1);
124
125 close(0);
126 close(2);
127 close(fds[0]);
128 close(fds[1]);
129
130 if (execv(usign_argv[0], usign_argv))
131 return -1;
132
133 break;
134
135 default:
136 waitpid(pid, &status, 0);
137 if (fingerprint && !WEXITSTATUS(status)) {
138 memset(fingerprint, 0, 16);
139 read(fds[0], fingerprint, 16);
140 fingerprint[16] = '\0';
141 }
142 close(fds[0]);
143 close(fds[1]);
144 return WEXITSTATUS(status);
145 }
146
147 return -1;
148 }
149
150 int usign_f_pubkey(char *fingerprint, const char *pubkeyfile) {
151 return usign_f(fingerprint, pubkeyfile, NULL, NULL);
152 }
153
154 int usign_f_seckey(char *fingerprint, const char *seckeyfile) {
155 return usign_f(fingerprint, NULL, seckeyfile, NULL);
156 }
157
158 int usign_f_sig(char *fingerprint, const char *sigfile) {
159 return usign_f(fingerprint, NULL, NULL, sigfile);
160 }
OpenWrt usign certificate wrapper