xref: /netbsd-src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c (revision 181254a7b1bdde6873432bffef2d2decc4b5c22f) 
1 /*-
2  * Copyright (c) 2012 Alistair Crooks <agc@NetBSD.org>
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  */
25 #include "config.h"
26 
27 #include <sys/types.h>
28 
29 #include <inttypes.h>
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
33 #include <time.h>
34 #include <unistd.h>
35 
36 #include "verify.h"
37 
38 /* print the time nicely */
39 static void
40 ptime(int64_t secs)
41 {
42 	time_t	t;
43 
44 	t = (time_t)secs;
45 	printf("%s", ctime(&t));
46 }
47 
48 /* print entry n */
49 static void
50 pentry(pgpv_t *pgp, int n, const char *modifiers)
51 {
52 	size_t	 cc;
53 	char	*s;
54 
55 	cc = pgpv_get_entry(pgp, (unsigned)n, &s, modifiers);
56 	fwrite(s, 1, cc, stdout);
57 	free(s);
58 }
59 
60 #define MB(x)	((x) * 1024 * 1024)
61 
62 /* get stdin into memory so we can verify it */
63 static char *
64 getstdin(ssize_t *cc, size_t *size)
65 {
66 	size_t	 newsize;
67 	char	*newin;
68 	char	*in;
69 	int	 rc;
70 
71 	*cc = 0;
72 	*size = 0;
73 	in = NULL;
74 	do {
75 		newsize = *size + MB(1);
76 		if ((newin = realloc(in, newsize)) == NULL) {
77 			break;
78 		}
79 		in = newin;
80 		*size = newsize;
81 		if ((rc = read(STDIN_FILENO, &in[*cc], newsize - *cc)) > 0) {
82 			*cc += rc;
83 		}
84 	} while (rc > 0);
85 	return in;
86 }
87 
88 /* verify memory or file */
89 static int
90 verify_data(pgpv_t *pgp, const char *cmd, const char *inname, char *in, ssize_t cc)
91 {
92 	pgpv_cursor_t	*cursor;
93 	const char	*modifiers;
94 	size_t		 size;
95 	size_t		 cookie;
96 	char		*data;
97 	int		 el;
98 	int		 ok;
99 
100 	cursor = pgpv_new_cursor();
101 	ok = 0;
102 	if (strcasecmp(cmd, "cat") == 0) {
103 		if ((cookie = pgpv_verify(cursor, pgp, in, cc)) != 0) {
104 			if ((size = pgpv_get_verified(cursor, cookie, &data)) > 0) {
105 				write(STDOUT_FILENO, data, size);
106 			}
107 			ok = 1;
108 		}
109 	} else if (strcasecmp(cmd, "dump") == 0) {
110 		if ((cookie = pgpv_verify(cursor, pgp, in, cc)) != 0) {
111 			size = pgpv_dump(pgp, &data);
112 			write(STDOUT_FILENO, data, size);
113 			ok = 1;
114 		}
115 	} else if (strcasecmp(cmd, "verify") == 0 || strcasecmp(cmd, "trust") == 0) {
116 		modifiers = (strcasecmp(cmd, "trust") == 0) ? "trust" : NULL;
117 		if (pgpv_verify(cursor, pgp, in, cc)) {
118 			printf("Good signature for %s made ", inname);
119 			ptime(pgpv_get_cursor_num(cursor, "sigtime"));
120 			el = pgpv_get_cursor_element(cursor, 0);
121 			pentry(pgp, el, modifiers);
122 			ok = 1;
123 		} else {
124 			fprintf(stderr, "Signature did not match contents -- %s\n",
125 				pgpv_get_cursor_str(cursor, "why"));
126 		}
127 	} else {
128 		fprintf(stderr, "unrecognised command \"%s\"\n", cmd);
129 	}
130 	pgpv_cursor_close(cursor);
131 	return ok;
132 }
133 
134 int
135 main(int argc, char **argv)
136 {
137 	const char	*keyring;
138 	const char	*cmd;
139 	ssize_t		 cc;
140 	size_t		 size;
141 	pgpv_t		*pgp;
142 	char		*in;
143 	int		 ssh;
144 	int		 ok;
145 	int		 i;
146 
147 	pgp = pgpv_new();
148 	keyring = NULL;
149 	ssh = 0;
150 	ok = 1;
151 	cmd = "verify";
152 	while ((i = getopt(argc, argv, "S:c:k:v")) != -1) {
153 		switch(i) {
154 		case 'S':
155 			ssh = 1;
156 			keyring = optarg;
157 			break;
158 		case 'c':
159 			cmd = optarg;
160 			break;
161 		case 'k':
162 			keyring = optarg;
163 			break;
164 		case 'v':
165 			printf("%s\n", NETPGPVERIFY_VERSION);
166 			exit(EXIT_SUCCESS);
167 		default:
168 			break;
169 		}
170 	}
171 	if (ssh) {
172 		if (!pgpv_read_ssh_pubkeys(pgp, keyring, -1)) {
173 			fprintf(stderr, "can't read ssh keyring\n");
174 			exit(EXIT_FAILURE);
175 		}
176 	} else if (!pgpv_read_pubring(pgp, keyring, -1)) {
177 		fprintf(stderr, "can't read keyring\n");
178 		exit(EXIT_FAILURE);
179 	}
180 	if (optind == argc) {
181 		in = getstdin(&cc, &size);
182 		ok = verify_data(pgp, cmd, "[stdin]", in, cc);
183 	} else {
184 		for (ok = 1, i = optind ; i < argc ; i++) {
185 			if (!verify_data(pgp, cmd, argv[i], argv[i], -1)) {
186 				ok = 0;
187 			}
188 		}
189 	}
190 	pgpv_close(pgp);
191 	exit((ok) ? EXIT_SUCCESS : EXIT_FAILURE);
192 }
193