sigchk

sign and check files using ed25519
git clone git://z3bra.org/sick
Log | Files | Refs | Submodules | README | LICENSE

commit 440b40a1a0800600ec6dfa8994a41802cb746069
parent 86dc08daba5ed8bc3415fd7f18b5617fd1f6a2ab
Author: z3bra <willyatmailoodotorg>
Date:   Thu Apr 28 00:51:19 2016

Deduce sigfile name from filename to check

When checking a file, we only append ".sig" to it to get the signature file.
This way we can call sick(1) with the filename to check rather than
then signature file.

Diffstat:
 sick.c | 53 ++++++++++++++++++++++++++++++++---------------------
 1 file changed, 32 insertions(+), 21 deletions(-)

diff --git a/sick.c b/sick.c @@ -16,7 +16,7 @@ #define SIGSIZ 64 #define DEFAULT_ALIAS "ed25519" -#define KEYRING "./keyring" +#define KEYRING (getenv("KEYRING")?getenv("KEYRING"):"./keyring") enum { ACTION_INVALID = -1, @@ -33,7 +33,7 @@ char *base_name(char *path); int genkey(char *alias); int sign(char *file, char *key); int verify(char *file, char *key); -int check(char *file); +int check(char *file, char *keyring); void usage(char *name) @@ -163,17 +163,26 @@ verify(char *file, char *key) { int fd = 0, check = 0; size_t len = 0; - char *base = NULL; + char *base = NULL, sigfile[PATH_MAX]; unsigned char sig[64], pub[PRIVSIZ], *msg = NULL; - /* read content of the sigfile into the sig[] buffer */ - fd = open(file, O_RDONLY); + /* + * read content of the sigfile into the sig[] buffer + * We assume here that the sigfile has the same path as + * the file, with the .sig suffix appended + * TODO: extract the signature from the file + */ + len = strnlen(file, PATH_MAX); + memset(sigfile, 0, PATH_MAX); + memcpy(sigfile, file, len); + memcpy(sigfile+len, ".sig", 4); + fd = open(sigfile, O_RDONLY); if (fd < 0) { - perror(file); + perror(sigfile); return fd; } if (read(fd, sig, 64) < 64) { - perror(file); + perror(sigfile); return -1; } close(fd); @@ -190,12 +199,9 @@ verify(char *file, char *key) } close(fd); - /* - * the message is the sigfile's base name, minus the ".sig" - * extension (4 bytes). - */ + /* the message is the sigfile's base name */ base = base_name(file); - len = strnlen(base, PATH_MAX) - 4; + len = strnlen(base, PATH_MAX); msg = malloc(len + 1); memset(msg, 0, len + 1); memcpy(msg, base, len); @@ -207,24 +213,26 @@ verify(char *file, char *key) } int -check(char *file) +check(char *file, char *keyring) { - int fd = 0; + size_t len = 0; DIR *dirp = NULL; struct dirent *dt = NULL; char path[PATH_MAX]; - dirp = opendir(KEYRING); + dirp = opendir(keyring); if (dirp == NULL) { - perror(KEYRING); + perror(keyring); return -1; } while ((dt = readdir(dirp)) != NULL) { if (dt->d_type == DT_REG) { + len = strnlen(keyring, PATH_MAX); memset(path, 0, PATH_MAX); - memcpy(path, KEYRING"/", strlen(KEYRING) + 1); - memcpy(path+strlen(KEYRING) + 1, dt->d_name, dt->d_reclen); + memcpy(path, keyring, len); + path[len] = '/'; + memcpy(path+len+1, dt->d_name, dt->d_reclen); if (verify(file, path) == 0) { closedir(dirp); return 0; @@ -240,8 +248,11 @@ int main(int argc, char **argv) { int action = ACTION_DEFAULT; - char *key = NULL; - char *argv0 = NULL; + char *argv0 = NULL, *key = NULL; + char keyring[PATH_MAX]; + + memset(keyring, 0, PATH_MAX); + memcpy(keyring, KEYRING, strnlen(KEYRING, PATH_MAX)); ARGBEGIN{ case 'c': @@ -263,7 +274,7 @@ main(int argc, char **argv) switch(action) { case ACTION_CHECK: - if (check(*argv) == 0) { + if (check(*argv, keyring) == 0) { puts(*argv); } break;