sigchk

sign and check files using ed25519
git clone git://z3bra.org/sick
Log | Files | Refs | Submodules | README | LICENSE

commit 67bd6ecbe7f1baef450c7c0157dc1232f8396328
parent 30872d3953840775356662d75abf9ee34f6fe598
Author: z3bra <willyatmailoodotorg>
Date:   Wed Apr 27 12:36:15 2016

Print sigfile to stdout if signature check succeed

Diffstat:
 sick.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 58 insertions(+), 1 deletion(-)

diff --git a/sick.c b/sick.c @@ -29,11 +29,12 @@ void usage(char *name); char *base_name(char *path); int genkey(char *alias); int sign(char *file, char *key); +int check(char *file, char *key); void usage(char *name) { - fprintf(stderr, "usage: %s [-gs] [-f key] [file]\n", name); + fprintf(stderr, "usage: %s [-cgs] [-f key] [file]\n", name); exit(1); } @@ -154,6 +155,54 @@ sign(char *file, char *key) } int +check(char *file, char *key) +{ + int fd = 0, check = 0; + size_t len = 0; + char *base = NULL; + unsigned char sig[64], pub[PRIVSIZ], *msg = NULL; + + /* read content of the sigfile into the sig[] buffer */ + fd = open(file, O_RDONLY); + if (fd < 0) { + perror(file); + return fd; + } + if (read(fd, sig, 64) < 64) { + perror(file); + return -1; + } + close(fd); + + /* read the content of the public key into the pub[] buffer */ + fd = open(key, O_RDONLY); + if (fd < 0) { + perror(key); + return fd; + } + if (read(fd, pub, PUBSIZ) < PUBSIZ) { + perror(key); + return -1; + } + close(fd); + + /* + * the message is the sigfile's base name, minus the ".sig" + * extension (4 bytes). + */ + base = base_name(file); + len = strnlen(base, PATH_MAX) - 4; + msg = malloc(len + 1); + memset(msg, 0, len + 1); + memcpy(msg, base, len); + + check = ed25519_verify(sig, msg, len + 1, pub) ? 0 : -1; + + free (msg); + return check; +} + +int main(int argc, char **argv) { int action = ACTION_DEFAULT; @@ -161,6 +210,9 @@ main(int argc, char **argv) char *argv0 = NULL; ARGBEGIN{ + case 'c': + action = ACTION_CHECK; + break; case 'f': key = EARGF(usage(argv0)); break; @@ -176,6 +228,11 @@ main(int argc, char **argv) }ARGEND; switch(action) { + case ACTION_CHECK: + if (check(*argv, key ? key : "ed25519.pub") == 0) { + puts(*argv); + } + break; case ACTION_GENKEY: genkey(key); break;