-static int cert_append(const char *certfile, const char *pubkeyfile, const char *sigfile) {
- fprintf(stderr, "not implemented\n");
- return 1;
+static int cert_append(const char *certfile, const char *sigfile) {
+ FILE *fs;
+ char filebuf[CERT_BUF_LEN];
+ struct blob_buf sigbuf;
+ struct stat st;
+ int len;
+ int ret;
+
+ if (stat(certfile, &st) != 0) {
+ fprintf(stderr, "certfile %s doesn't exist, can't append.\n", certfile);
+ return -1;
+ }
+
+ fs = fopen(sigfile, "r");
+ if (!fs)
+ return 1;
+
+ len = fread(&filebuf, 1, CERT_BUF_LEN - 1, fs);
+ ret = ferror(fs) || !feof(fs) || (len < 64);
+ fclose(fs);
+ if (ret)
+ return 1;
+
+ blob_buf_init(&sigbuf, 0);
+ blob_put(&sigbuf, CERT_ATTR_SIGNATURE, filebuf, len);
+ ret = write_file(certfile, sigbuf.head, blob_raw_len(sigbuf.head), true);
+ blob_buf_free(&sigbuf);
+ return ret;