#include <libubox/vlist.h>
#include <libubox/blobmsg_json.h>
+#include "usign.h"
+
#define CERT_BUF_LEN 4096
static enum {
if (ret)
return 1;
- blob_parse(certbuf.head, certtb, cert_policy, CERT_ATTR_MAX);
-
- return 0;
+ return (blob_parse(certbuf.head, certtb, cert_policy, CERT_ATTR_MAX) != 0);
}
static int cert_append(const char *certfile, const char *pubkeyfile, const char *sigfile) {
}
static int cert_issue(const char *certfile, const char *pubkeyfile, const char *seckeyfile) {
+ struct blob_buf certbuf;
+ struct blob_buf payloadbuf;
+
+ blob_buf_init(&payloadbuf, 0);
+/* usign_s() */
+
+ blob_buf_init(&certbuf, 0);
+
fprintf(stderr, "not implemented\n");
return 1;
}
--- /dev/null
+#include <stdbool.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/wait.h>
+
+#include "usign.h"
+
+int usign_v(const char *msgfile, const char *pubkeyfile,
+ const char *pubkeydir, const char *sigfile, bool quiet) {
+ pid_t pid;
+ int status;
+ const char *usign_argv[16] = {0};
+ unsigned int usign_argc = 0;
+
+ usign_argv[usign_argc++] = "/usr/bin/usign";
+ usign_argv[usign_argc++] = "-V";
+ usign_argv[usign_argc++] = "-m";
+ usign_argv[usign_argc++] = msgfile;
+
+ if (quiet)
+ usign_argv[usign_argc++] = "-q";
+
+ if (pubkeyfile) {
+ usign_argv[usign_argc++] = "-p";
+ usign_argv[usign_argc++] = pubkeyfile;
+ }
+
+ if (pubkeydir) {
+ usign_argv[usign_argc++] = "-P";
+ usign_argv[usign_argc++] = pubkeydir;
+ }
+
+ pid = fork();
+ switch (pid) {
+ case -1:
+ return -1;
+
+ case 0:
+ if (execv(usign_argv[0], usign_argv))
+ return -1;
+
+ break;
+
+ default:
+ waitpid(pid, &status, 0);
+ return WEXITSTATUS(status);
+ }
+
+ return -1;
+}
+
+int usign_s(const char *msgfile, const char *seckeyfile, const char *sigfile, bool quiet) {
+ pid_t pid;
+ int status;
+ const char *usign_argv[16] = {0};
+ unsigned int usign_argc = 0;
+
+ usign_argv[usign_argc++] = "/usr/bin/usign";
+ usign_argv[usign_argc++] = "-S";
+ usign_argv[usign_argc++] = "-m";
+ usign_argv[usign_argc++] = msgfile;
+ usign_argv[usign_argc++] = "-s";
+ usign_argv[usign_argc++] = seckeyfile;
+ usign_argv[usign_argc++] = "-x";
+ usign_argv[usign_argc++] = sigfile;
+
+ if (quiet)
+ usign_argv[usign_argc++] = "-q";
+
+ pid = fork();
+ switch (pid) {
+ case -1:
+ return -1;
+
+ case 0:
+ if (execv(usign_argv[0], usign_argv))
+ return -1;
+
+ break;
+
+ default:
+ waitpid(pid, &status, 0);
+ return WEXITSTATUS(status);
+ }
+
+ return -1;
+}
+
+static int usign_f(char *fingerprint, const char *pubkeyfile, const char *seckeyfile, const char *sigfile) {
+ int fds[2];
+ pid_t pid;
+ int status;
+ const char *usign_argv[16] = {0};
+ unsigned int usign_argc = 0;
+
+ if (pipe(fds))
+ return -1;
+
+ usign_argv[usign_argc++] = "/usr/bin/usign";
+ usign_argv[usign_argc++] = "-F";
+
+ if (pubkeyfile) {
+ usign_argv[usign_argc++] = "-p";
+ usign_argv[usign_argc++] = pubkeyfile;
+ }
+
+ if (seckeyfile) {
+ usign_argv[usign_argc++] = "-s";
+ usign_argv[usign_argc++] = seckeyfile;
+ }
+
+ if (sigfile) {
+ usign_argv[usign_argc++] = "-x";
+ usign_argv[usign_argc++] = sigfile;
+ }
+
+ pid = fork();
+ switch (pid) {
+ case -1:
+ return -1;
+
+ case 0:
+ uloop_done();
+
+ dup2(fds[1], 1);
+
+ close(0);
+ close(2);
+ close(fds[0]);
+ close(fds[1]);
+
+ if (execv(usign_argv[0], usign_argv))
+ return -1;
+
+ break;
+
+ default:
+ waitpid(pid, &status, 0);
+ if (fingerprint && !WEXITSTATUS(status)) {
+ memset(fingerprint, 0, 16);
+ read(fds[0], fingerprint, 16);
+ fingerprint[16] = '\0';
+ }
+ close(fds[0]);
+ close(fds[1]);
+ return WEXITSTATUS(status);
+ }
+
+ return -1;
+}
+
+int usign_f_pubkey(char *fingerprint, const char *pubkeyfile) {
+ return usign_f(fingerprint, pubkeyfile, NULL, NULL);
+}
+
+int usign_f_seckey(char *fingerprint, const char *seckeyfile) {
+ return usign_f(fingerprint, NULL, seckeyfile, NULL);
+}
+
+int usign_f_sig(char *fingerprint, const char *sigfile) {
+ return usign_f(fingerprint, NULL, NULL, sigfile);
+}
projects / oweals / ucert.git / commitdiff