static bool quiet;
+/*
+ * ucert structure
+ * | BLOB |
+ * | SIGNATURE | PAYLOAD |
+ * | |[ BLOBMSG CONTAINER ]|
+ * | |[[T,i,v,e,f,pubkey ]]|
+ */
enum cert_attr {
CERT_ATTR_SIGNATURE,
CERT_ATTR_PAYLOAD,
[CERT_PL_ATTR_KEY_FINGERPRINT] = { .name = "fingerprint", .type = BLOBMSG_TYPE_STRING },
};
+/* list to store certificate chain at runtime */
struct cert_object {
struct list_head list;
struct blob_attr *cert[CERT_ATTR_MAX];
};
+/* write buffer to file */
static int write_file(const char *filename, void *buf, size_t len, bool append) {
FILE *f;
size_t outlen;
return (outlen == len);
}
+/* load certfile into list */
static int cert_load(const char *certfile, struct list_head *chain) {
FILE *f;
struct blob_attr *certtb[CERT_ATTR_MAX];
return (ret <= 0);
}
+/* append signature to certfile */
static int cert_append(const char *certfile, const char *sigfile) {
FILE *fs;
char filebuf[CERT_BUF_LEN];
return ret;
}
+/* verify the signature of a single chain element */
static int cert_verify_blob(struct blob_attr *cert[CERT_ATTR_MAX],
const char *pubkeyfile, const char *pubkeydir) {
int i;
return ret;
}
+/* verify cert chain (and message) */
static int chain_verify(const char *msgfile, const char *pubkeyfile,
const char *pubkeydir, struct list_head *chain) {
struct cert_object *cobj;
return ret | checkmsg;
}
+/* dump single chain element to console */
static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX]) {
int i;
}
}
+/* dump certfile to console */
static int cert_dump(const char *certfile) {
struct cert_object *cobj;
static LIST_HEAD(certchain);
return 0;
}
+/* issue an auth certificate for pubkey */
static int cert_issue(const char *certfile, const char *pubkeyfile, const char *seckeyfile) {
struct blob_buf certbuf;
struct blob_buf payloadbuf;
return 0;
}
+/* process revoker certificate */
static int cert_process_revoker(const char *certfile, const char *pubkeydir) {
static LIST_HEAD(certchain);
struct cert_object *cobj;
return ret;
}
+/* load and verify certfile (and message) */
static int cert_verify(const char *certfile, const char *pubkeyfile, const char *pubkeydir, const char *msgfile) {
static LIST_HEAD(certchain);
return chain_verify(msgfile, pubkeyfile, pubkeydir, &certchain);
}
+/* output help */
static int usage(const char *cmd)
{
fprintf(stderr,
return 1;
}
+/* parse command line options and call functions */
int main(int argc, char *argv[]) {
int ch;
const char *msgfile = NULL;
+/*
+ * wrapper functions around the usign executable
+ * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+
#include <stdbool.h>
#include <stdio.h>
#include <string.h>
+/*
+ * usign/signify API header
+ * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+
+#ifndef _USIGN_H
+#define _USIGN_H
+
+/**
+ * Verify
+ *
+ * calls: usign -V ...
+ */
int usign_v(const char *msgfile, const char *pubkeyfile,
const char *pubkeydir, const char *sigfile, bool quiet);
+/**
+ * Sign
+ *
+ * calls: usign -S ...
+ */
int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bool quiet);
+/**
+ * Fingerprint {pubkey, seckey, sig}
+ *
+ * calls: usign -F ...
+ */
int usign_f_pubkey(char *fingerprint, const char *pubkeyfile);
int usign_f_seckey(char *fingerprint, const char *seckeyfile);
int usign_f_sig(char *fingerprint, const char *sigfile);
+/**
+ * custom extension to check for revokers
+ */
int _usign_key_is_revoked(const char *fingerprint, const char *pubkeydir);
+
+#endif /* _USIGN_H */
projects / oweals / ucert.git / commitdiff