1 /* $OpenBSD: signify.c,v 1.91 2014/07/13 18:59:40 tedu Exp $ */ 2 /* 3 * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org> 4 * 5 * Permission to use, copy, modify, and distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 */ 17 #include <sys/stat.h> 18 19 #include <netinet/in.h> 20 #include <resolv.h> 21 22 #include <stdint.h> 23 #include <fcntl.h> 24 #include <string.h> 25 #include <stdio.h> 26 #include <stdlib.h> 27 #include <err.h> 28 #include <unistd.h> 29 #include <readpassphrase.h> 30 #include <util.h> 31 #include <sha2.h> 32 33 #include "crypto_api.h" 34 #ifndef VERIFY_ONLY 35 #include <stdint.h> 36 #include <stddef.h> 37 #include <ohash.h> 38 #endif 39 40 #define SIGBYTES crypto_sign_ed25519_BYTES 41 #define SECRETBYTES crypto_sign_ed25519_SECRETKEYBYTES 42 #define PUBLICBYTES crypto_sign_ed25519_PUBLICKEYBYTES 43 44 #define PKALG "Ed" 45 #define KDFALG "BK" 46 #define FPLEN 8 47 48 #define COMMENTHDR "untrusted comment: " 49 #define COMMENTHDRLEN 19 50 #define COMMENTMAXLEN 1024 51 #define VERIFYWITH "verify with " 52 53 struct enckey { 54 uint8_t pkalg[2]; 55 uint8_t kdfalg[2]; 56 uint32_t kdfrounds; 57 uint8_t salt[16]; 58 uint8_t checksum[8]; 59 uint8_t fingerprint[FPLEN]; 60 uint8_t seckey[SECRETBYTES]; 61 }; 62 63 struct pubkey { 64 uint8_t pkalg[2]; 65 uint8_t fingerprint[FPLEN]; 66 uint8_t pubkey[PUBLICBYTES]; 67 }; 68 69 struct sig { 70 uint8_t pkalg[2]; 71 uint8_t fingerprint[FPLEN]; 72 uint8_t sig[SIGBYTES]; 73 }; 74 75 extern char *__progname; 76 77 static void 78 usage(const char *error) 79 { 80 if (error) 81 fprintf(stderr, "%s\n", error); 82 fprintf(stderr, "usage:" 83 #ifndef VERIFYONLY 84 "\t%1$s -C [-q] -p pubkey -x sigfile [file ...]\n" 85 "\t%1$s -G [-n] [-c comment] -p pubkey -s seckey\n" 86 "\t%1$s -I [-p pubkey] [-s seckey] [-x sigfile]\n" 87 "\t%1$s -S [-e] [-x sigfile] -s seckey -m message\n" 88 #endif 89 "\t%1$s -V [-eq] [-x sigfile] -p pubkey -m message\n", 90 __progname); 91 exit(1); 92 } 93 94 static int 95 xopen(const char *fname, int oflags, mode_t mode) 96 { 97 struct stat sb; 98 int fd; 99 100 if (strcmp(fname, "-") == 0) { 101 if ((oflags & O_WRONLY)) 102 fd = dup(STDOUT_FILENO); 103 else 104 fd = dup(STDIN_FILENO); 105 if (fd == -1) 106 err(1, "dup failed"); 107 } else { 108 fd = open(fname, oflags, mode); 109 if (fd == -1) 110 err(1, "can't open %s for %s", fname, 111 (oflags & O_WRONLY) ? "writing" : "reading"); 112 } 113 if (fstat(fd, &sb) == -1 || S_ISDIR(sb.st_mode)) 114 errx(1, "not a valid file: %s", fname); 115 return fd; 116 } 117 118 static void * 119 xmalloc(size_t len) 120 { 121 void *p; 122 123 if (!(p = malloc(len))) 124 err(1, "malloc %zu", len); 125 return p; 126 } 127 128 static size_t 129 parseb64file(const char *filename, char *b64, void *buf, size_t buflen, 130 char *comment) 131 { 132 char *commentend, *b64end; 133 134 commentend = strchr(b64, '\n'); 135 if (!commentend || commentend - b64 <= COMMENTHDRLEN || 136 memcmp(b64, COMMENTHDR, COMMENTHDRLEN) != 0) 137 errx(1, "invalid comment in %s; must start with '%s'", 138 filename, COMMENTHDR); 139 *commentend = '\0'; 140 if (comment) { 141 if (strlcpy(comment, b64 + COMMENTHDRLEN, 142 COMMENTMAXLEN) >= COMMENTMAXLEN) 143 errx(1, "comment too long"); 144 } 145 if (!(b64end = strchr(commentend + 1, '\n'))) 146 errx(1, "missing new line after base64 in %s", filename); 147 *b64end = '\0'; 148 if (b64_pton(commentend + 1, buf, buflen) != buflen) 149 errx(1, "invalid base64 encoding in %s", filename); 150 if (memcmp(buf, PKALG, 2) != 0) 151 errx(1, "unsupported file %s", filename); 152 return b64end - b64 + 1; 153 } 154 155 static void 156 readb64file(const char *filename, void *buf, size_t buflen, char *comment) 157 { 158 char b64[2048]; 159 int rv, fd; 160 161 fd = xopen(filename, O_RDONLY | O_NOFOLLOW, 0); 162 if ((rv = read(fd, b64, sizeof(b64) - 1)) == -1) 163 err(1, "read from %s", filename); 164 b64[rv] = '\0'; 165 parseb64file(filename, b64, buf, buflen, comment); 166 explicit_bzero(b64, sizeof(b64)); 167 close(fd); 168 } 169 170 static uint8_t * 171 readmsg(const char *filename, unsigned long long *msglenp) 172 { 173 unsigned long long msglen = 0; 174 uint8_t *msg = NULL; 175 struct stat sb; 176 ssize_t x, space; 177 int fd; 178 const unsigned long long maxmsgsize = 1UL << 30; 179 180 fd = xopen(filename, O_RDONLY | O_NOFOLLOW, 0); 181 if (fstat(fd, &sb) == 0 && S_ISREG(sb.st_mode)) { 182 if (sb.st_size > maxmsgsize) 183 errx(1, "msg too large in %s", filename); 184 space = sb.st_size + 1; 185 } else { 186 space = 64 * 1024; 187 } 188 189 msg = xmalloc(space + 1); 190 while (1) { 191 if (space == 0) { 192 if (msglen * 2 > maxmsgsize) 193 errx(1, "msg too large in %s", filename); 194 space = msglen; 195 if (!(msg = realloc(msg, msglen + space + 1))) 196 errx(1, "realloc"); 197 } 198 if ((x = read(fd, msg + msglen, space)) == -1) 199 err(1, "read from %s", filename); 200 if (x == 0) 201 break; 202 space -= x; 203 msglen += x; 204 } 205 206 msg[msglen] = '\0'; 207 close(fd); 208 209 *msglenp = msglen; 210 return msg; 211 } 212 213 static void 214 writeall(int fd, const void *buf, size_t buflen, const char *filename) 215 { 216 ssize_t x; 217 218 while (buflen != 0) { 219 if ((x = write(fd, buf, buflen)) == -1) 220 err(1, "write to %s", filename); 221 buflen -= x; 222 buf = (char *)buf + x; 223 } 224 } 225 226 #ifndef VERIFYONLY 227 static void 228 writeb64file(const char *filename, const char *comment, const void *buf, 229 size_t buflen, const void *msg, size_t msglen, int oflags, mode_t mode) 230 { 231 char header[1024]; 232 char b64[1024]; 233 int fd, rv, nr; 234 235 fd = xopen(filename, O_CREAT|oflags|O_NOFOLLOW|O_WRONLY, mode); 236 if ((nr = snprintf(header, sizeof(header), "%s%s\n", 237 COMMENTHDR, comment)) == -1 || nr >= sizeof(header)) 238 errx(1, "comment too long"); 239 writeall(fd, header, strlen(header), filename); 240 if ((rv = b64_ntop(buf, buflen, b64, sizeof(b64)-1)) == -1) 241 errx(1, "base64 encode failed"); 242 b64[rv++] = '\n'; 243 writeall(fd, b64, rv, filename); 244 explicit_bzero(b64, sizeof(b64)); 245 if (msg) 246 writeall(fd, msg, msglen, filename); 247 close(fd); 248 } 249 250 static void 251 kdf(uint8_t *salt, size_t saltlen, int rounds, int allowstdin, int confirm, 252 uint8_t *key, size_t keylen) 253 { 254 char pass[1024]; 255 int rppflags = RPP_ECHO_OFF; 256 257 if (rounds == 0) { 258 memset(key, 0, keylen); 259 return; 260 } 261 262 if (allowstdin && !isatty(STDIN_FILENO)) 263 rppflags |= RPP_STDIN; 264 if (!readpassphrase("passphrase: ", pass, sizeof(pass), rppflags)) 265 errx(1, "unable to read passphrase"); 266 if (strlen(pass) == 0) 267 errx(1, "please provide a password"); 268 if (confirm && !(rppflags & RPP_STDIN)) { 269 char pass2[1024]; 270 if (!readpassphrase("confirm passphrase: ", pass2, 271 sizeof(pass2), rppflags)) 272 errx(1, "unable to read passphrase"); 273 if (strcmp(pass, pass2) != 0) 274 errx(1, "passwords don't match"); 275 explicit_bzero(pass2, sizeof(pass2)); 276 } 277 if (bcrypt_pbkdf(pass, strlen(pass), salt, saltlen, key, 278 keylen, rounds) == -1) 279 errx(1, "bcrypt pbkdf"); 280 explicit_bzero(pass, sizeof(pass)); 281 } 282 283 static void 284 signmsg(uint8_t *seckey, uint8_t *msg, unsigned long long msglen, 285 uint8_t *sig) 286 { 287 unsigned long long siglen; 288 uint8_t *sigbuf; 289 290 sigbuf = xmalloc(msglen + SIGBYTES); 291 crypto_sign_ed25519(sigbuf, &siglen, msg, msglen, seckey); 292 memcpy(sig, sigbuf, SIGBYTES); 293 free(sigbuf); 294 } 295 296 static void 297 generate(const char *pubkeyfile, const char *seckeyfile, int rounds, 298 const char *comment) 299 { 300 uint8_t digest[SHA512_DIGEST_LENGTH]; 301 struct pubkey pubkey; 302 struct enckey enckey; 303 uint8_t xorkey[sizeof(enckey.seckey)]; 304 uint8_t fingerprint[FPLEN]; 305 char commentbuf[COMMENTMAXLEN]; 306 SHA2_CTX ctx; 307 int i, nr; 308 309 crypto_sign_ed25519_keypair(pubkey.pubkey, enckey.seckey); 310 arc4random_buf(fingerprint, sizeof(fingerprint)); 311 312 SHA512Init(&ctx); 313 SHA512Update(&ctx, enckey.seckey, sizeof(enckey.seckey)); 314 SHA512Final(digest, &ctx); 315 316 memcpy(enckey.pkalg, PKALG, 2); 317 memcpy(enckey.kdfalg, KDFALG, 2); 318 enckey.kdfrounds = htonl(rounds); 319 memcpy(enckey.fingerprint, fingerprint, FPLEN); 320 arc4random_buf(enckey.salt, sizeof(enckey.salt)); 321 kdf(enckey.salt, sizeof(enckey.salt), rounds, 1, 1, xorkey, sizeof(xorkey)); 322 memcpy(enckey.checksum, digest, sizeof(enckey.checksum)); 323 for (i = 0; i < sizeof(enckey.seckey); i++) 324 enckey.seckey[i] ^= xorkey[i]; 325 explicit_bzero(digest, sizeof(digest)); 326 explicit_bzero(xorkey, sizeof(xorkey)); 327 328 if ((nr = snprintf(commentbuf, sizeof(commentbuf), "%s secret key", 329 comment)) == -1 || nr >= sizeof(commentbuf)) 330 errx(1, "comment too long"); 331 writeb64file(seckeyfile, commentbuf, &enckey, 332 sizeof(enckey), NULL, 0, O_EXCL, 0600); 333 explicit_bzero(&enckey, sizeof(enckey)); 334 335 memcpy(pubkey.pkalg, PKALG, 2); 336 memcpy(pubkey.fingerprint, fingerprint, FPLEN); 337 if ((nr = snprintf(commentbuf, sizeof(commentbuf), "%s public key", 338 comment)) == -1 || nr >= sizeof(commentbuf)) 339 errx(1, "comment too long"); 340 writeb64file(pubkeyfile, commentbuf, &pubkey, 341 sizeof(pubkey), NULL, 0, O_EXCL, 0666); 342 } 343 344 static void 345 sign(const char *seckeyfile, const char *msgfile, const char *sigfile, 346 int embedded) 347 { 348 struct sig sig; 349 uint8_t digest[SHA512_DIGEST_LENGTH]; 350 struct enckey enckey; 351 uint8_t xorkey[sizeof(enckey.seckey)]; 352 uint8_t *msg; 353 char comment[COMMENTMAXLEN], sigcomment[COMMENTMAXLEN]; 354 char *secname; 355 unsigned long long msglen; 356 int i, rounds, nr; 357 SHA2_CTX ctx; 358 359 readb64file(seckeyfile, &enckey, sizeof(enckey), comment); 360 361 if (memcmp(enckey.kdfalg, KDFALG, 2) != 0) 362 errx(1, "unsupported KDF"); 363 rounds = ntohl(enckey.kdfrounds); 364 kdf(enckey.salt, sizeof(enckey.salt), rounds, strcmp(msgfile, "-") != 0, 365 0, xorkey, sizeof(xorkey)); 366 for (i = 0; i < sizeof(enckey.seckey); i++) 367 enckey.seckey[i] ^= xorkey[i]; 368 explicit_bzero(xorkey, sizeof(xorkey)); 369 SHA512Init(&ctx); 370 SHA512Update(&ctx, enckey.seckey, sizeof(enckey.seckey)); 371 SHA512Final(digest, &ctx); 372 if (memcmp(enckey.checksum, digest, sizeof(enckey.checksum)) != 0) 373 errx(1, "incorrect passphrase"); 374 explicit_bzero(digest, sizeof(digest)); 375 376 msg = readmsg(msgfile, &msglen); 377 378 signmsg(enckey.seckey, msg, msglen, sig.sig); 379 memcpy(sig.fingerprint, enckey.fingerprint, FPLEN); 380 explicit_bzero(&enckey, sizeof(enckey)); 381 382 memcpy(sig.pkalg, PKALG, 2); 383 secname = strstr(seckeyfile, ".sec"); 384 if (secname && strlen(secname) == 4) { 385 if ((nr = snprintf(sigcomment, sizeof(sigcomment), VERIFYWITH "%.*s.pub", 386 (int)strlen(seckeyfile) - 4, seckeyfile)) == -1 || nr >= sizeof(sigcomment)) 387 errx(1, "comment too long"); 388 } else { 389 if ((nr = snprintf(sigcomment, sizeof(sigcomment), "signature from %s", 390 comment)) == -1 || nr >= sizeof(sigcomment)) 391 errx(1, "comment too long"); 392 } 393 if (embedded) 394 writeb64file(sigfile, sigcomment, &sig, sizeof(sig), msg, 395 msglen, O_TRUNC, 0666); 396 else 397 writeb64file(sigfile, sigcomment, &sig, sizeof(sig), NULL, 398 0, O_TRUNC, 0666); 399 400 free(msg); 401 } 402 403 static void 404 inspect(const char *seckeyfile, const char *pubkeyfile, const char *sigfile) 405 { 406 struct sig sig; 407 struct enckey enckey; 408 struct pubkey pubkey; 409 char fp[(FPLEN + 2) / 3 * 4 + 1]; 410 411 if (seckeyfile) { 412 readb64file(seckeyfile, &enckey, sizeof(enckey), NULL); 413 b64_ntop(enckey.fingerprint, FPLEN, fp, sizeof(fp)); 414 printf("sec fp: %s\n", fp); 415 } 416 if (pubkeyfile) { 417 readb64file(pubkeyfile, &pubkey, sizeof(pubkey), NULL); 418 b64_ntop(pubkey.fingerprint, FPLEN, fp, sizeof(fp)); 419 printf("pub fp: %s\n", fp); 420 } 421 if (sigfile) { 422 readb64file(sigfile, &sig, sizeof(sig), NULL); 423 b64_ntop(sig.fingerprint, FPLEN, fp, sizeof(fp)); 424 printf("sig fp: %s\n", fp); 425 } 426 } 427 #endif 428 429 static void 430 verifymsg(struct pubkey *pubkey, uint8_t *msg, unsigned long long msglen, 431 struct sig *sig, int quiet) 432 { 433 uint8_t *sigbuf, *dummybuf; 434 unsigned long long siglen, dummylen; 435 436 if (memcmp(pubkey->fingerprint, sig->fingerprint, FPLEN) != 0) 437 errx(1, "verification failed: checked against wrong key"); 438 439 siglen = SIGBYTES + msglen; 440 sigbuf = xmalloc(siglen); 441 dummybuf = xmalloc(siglen); 442 memcpy(sigbuf, sig->sig, SIGBYTES); 443 memcpy(sigbuf + SIGBYTES, msg, msglen); 444 if (crypto_sign_ed25519_open(dummybuf, &dummylen, sigbuf, siglen, 445 pubkey->pubkey) == -1) 446 errx(1, "signature verification failed"); 447 if (!quiet) 448 printf("Signature Verified\n"); 449 free(sigbuf); 450 free(dummybuf); 451 } 452 453 static void 454 readpubkey(const char *pubkeyfile, struct pubkey *pubkey, 455 const char *sigcomment) 456 { 457 const char *safepath = "/etc/signify/"; 458 459 if (!pubkeyfile) { 460 pubkeyfile = strstr(sigcomment, VERIFYWITH); 461 if (pubkeyfile) { 462 pubkeyfile += strlen(VERIFYWITH); 463 if (strncmp(pubkeyfile, safepath, strlen(safepath)) != 0 || 464 strstr(pubkeyfile, "/../") != NULL) 465 errx(1, "untrusted path %s", pubkeyfile); 466 } else 467 usage("must specify pubkey"); 468 } 469 readb64file(pubkeyfile, pubkey, sizeof(*pubkey), NULL); 470 } 471 472 static void 473 verifysimple(const char *pubkeyfile, const char *msgfile, const char *sigfile, 474 int quiet) 475 { 476 char sigcomment[COMMENTMAXLEN]; 477 struct sig sig; 478 struct pubkey pubkey; 479 unsigned long long msglen; 480 uint8_t *msg; 481 482 msg = readmsg(msgfile, &msglen); 483 484 readb64file(sigfile, &sig, sizeof(sig), sigcomment); 485 readpubkey(pubkeyfile, &pubkey, sigcomment); 486 487 verifymsg(&pubkey, msg, msglen, &sig, quiet); 488 489 free(msg); 490 } 491 492 static uint8_t * 493 verifyembedded(const char *pubkeyfile, const char *sigfile, 494 int quiet, unsigned long long *msglenp) 495 { 496 char sigcomment[COMMENTMAXLEN]; 497 struct sig sig; 498 struct pubkey pubkey; 499 unsigned long long msglen, siglen; 500 uint8_t *msg; 501 502 msg = readmsg(sigfile, &msglen); 503 504 siglen = parseb64file(sigfile, msg, &sig, sizeof(sig), sigcomment); 505 readpubkey(pubkeyfile, &pubkey, sigcomment); 506 507 msglen -= siglen; 508 memmove(msg, msg + siglen, msglen); 509 msg[msglen] = 0; 510 511 verifymsg(&pubkey, msg, msglen, &sig, quiet); 512 513 *msglenp = msglen; 514 return msg; 515 } 516 517 static void 518 verify(const char *pubkeyfile, const char *msgfile, const char *sigfile, 519 int embedded, int quiet) 520 { 521 unsigned long long msglen; 522 uint8_t *msg; 523 int fd; 524 525 if (embedded) { 526 msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen); 527 fd = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666); 528 writeall(fd, msg, msglen, msgfile); 529 free(msg); 530 close(fd); 531 } else { 532 verifysimple(pubkeyfile, msgfile, sigfile, quiet); 533 } 534 } 535 536 #ifndef VERIFYONLY 537 #define HASHBUFSIZE 224 538 struct checksum { 539 char file[1024]; 540 char hash[HASHBUFSIZE]; 541 char algo[32]; 542 }; 543 544 static void * 545 ecalloc(size_t s1, size_t s2, void *data) 546 { 547 void *p; 548 549 if (!(p = calloc(s1, s2))) 550 err(1, "calloc"); 551 return p; 552 } 553 554 static void 555 efree(void *p, void *data) 556 { 557 free(p); 558 } 559 560 static void 561 recodehash(char *hash, size_t len) 562 { 563 uint8_t data[HASHBUFSIZE / 2]; 564 int i, rv; 565 566 if (strlen(hash) == len) 567 return; 568 if ((rv = b64_pton(hash, data, sizeof(data))) == -1) 569 errx(1, "invalid base64 encoding"); 570 for (i = 0; i < rv; i++) 571 snprintf(hash + i * 2, HASHBUFSIZE - i * 2, "%2.2x", data[i]); 572 } 573 574 static int 575 verifychecksum(struct checksum *c, int quiet) 576 { 577 char buf[HASHBUFSIZE]; 578 579 if (strcmp(c->algo, "SHA256") == 0) { 580 recodehash(c->hash, SHA256_DIGEST_STRING_LENGTH-1); 581 if (!SHA256File(c->file, buf)) 582 return 0; 583 } else if (strcmp(c->algo, "SHA512") == 0) { 584 recodehash(c->hash, SHA512_DIGEST_STRING_LENGTH-1); 585 if (!SHA512File(c->file, buf)) 586 return 0; 587 } else { 588 errx(1, "can't handle algorithm %s", c->algo); 589 } 590 if (strcmp(c->hash, buf) != 0) { 591 return 0; 592 } 593 if (!quiet) 594 printf("%s: OK\n", c->file); 595 return 1; 596 } 597 598 static void 599 verifychecksums(char *msg, int argc, char **argv, int quiet) 600 { 601 struct ohash_info info = { 0, NULL, ecalloc, efree, NULL }; 602 struct ohash myh; 603 struct checksum c; 604 char *e, *line, *endline; 605 int hasfailed = 0; 606 int i, rv; 607 unsigned int slot; 608 609 ohash_init(&myh, 6, &info); 610 if (argc) { 611 for (i = 0; i < argc; i++) { 612 slot = ohash_qlookup(&myh, argv[i]); 613 e = ohash_find(&myh, slot); 614 if (e == NULL) 615 ohash_insert(&myh, slot, argv[i]); 616 } 617 } 618 619 line = msg; 620 while (line && *line) { 621 if ((endline = strchr(line, '\n'))) 622 *endline++ = '\0'; 623 rv = sscanf(line, "%31s (%1023s = %223s", 624 c.algo, c.file, c.hash); 625 if (rv != 3 || c.file[0] == 0 || c.file[strlen(c.file)-1] != ')') 626 errx(1, "unable to parse checksum line %s", line); 627 c.file[strlen(c.file) - 1] = '\0'; 628 line = endline; 629 if (argc) { 630 slot = ohash_qlookup(&myh, c.file); 631 e = ohash_find(&myh, slot); 632 if (e != NULL) { 633 if (verifychecksum(&c, quiet) != 0) 634 ohash_remove(&myh, slot); 635 } 636 } else { 637 if (verifychecksum(&c, quiet) == 0) { 638 slot = ohash_qlookup(&myh, c.file); 639 e = ohash_find(&myh, slot); 640 if (e == NULL) { 641 if (!(e = strdup(c.file))) 642 err(1, "strdup"); 643 ohash_insert(&myh, slot, e); 644 } 645 } 646 } 647 } 648 649 for (e = ohash_first(&myh, &slot); e != NULL; e = ohash_next(&myh, &slot)) { 650 fprintf(stderr, "%s: FAIL\n", e); 651 hasfailed = 1; 652 if (argc == 0) 653 free(e); 654 } 655 ohash_delete(&myh); 656 if (hasfailed) 657 exit(1); 658 } 659 660 static void 661 check(const char *pubkeyfile, const char *sigfile, int quiet, int argc, 662 char **argv) 663 { 664 unsigned long long msglen; 665 uint8_t *msg; 666 667 msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen); 668 verifychecksums((char *)msg, argc, argv, quiet); 669 670 free(msg); 671 } 672 #endif 673 674 int 675 main(int argc, char **argv) 676 { 677 const char *pubkeyfile = NULL, *seckeyfile = NULL, *msgfile = NULL, 678 *sigfile = NULL; 679 char sigfilebuf[1024]; 680 const char *comment = "signify"; 681 int ch, rounds; 682 int embedded = 0; 683 int quiet = 0; 684 enum { 685 NONE, 686 CHECK, 687 GENERATE, 688 INSPECT, 689 SIGN, 690 VERIFY 691 } verb = NONE; 692 693 694 rounds = 42; 695 696 while ((ch = getopt(argc, argv, "CGISVc:em:np:qs:x:")) != -1) { 697 switch (ch) { 698 #ifndef VERIFYONLY 699 case 'C': 700 if (verb) 701 usage(NULL); 702 verb = CHECK; 703 break; 704 case 'G': 705 if (verb) 706 usage(NULL); 707 verb = GENERATE; 708 break; 709 case 'I': 710 if (verb) 711 usage(NULL); 712 verb = INSPECT; 713 break; 714 case 'S': 715 if (verb) 716 usage(NULL); 717 verb = SIGN; 718 break; 719 #endif 720 case 'V': 721 if (verb) 722 usage(NULL); 723 verb = VERIFY; 724 break; 725 case 'c': 726 comment = optarg; 727 break; 728 case 'e': 729 embedded = 1; 730 break; 731 case 'm': 732 msgfile = optarg; 733 break; 734 case 'n': 735 rounds = 0; 736 break; 737 case 'p': 738 pubkeyfile = optarg; 739 break; 740 case 'q': 741 quiet = 1; 742 break; 743 case 's': 744 seckeyfile = optarg; 745 break; 746 case 'x': 747 sigfile = optarg; 748 break; 749 default: 750 usage(NULL); 751 break; 752 } 753 } 754 argc -= optind; 755 argv += optind; 756 757 #ifndef VERIFYONLY 758 if (verb == CHECK) { 759 if (!sigfile) 760 usage("must specify sigfile"); 761 check(pubkeyfile, sigfile, quiet, argc, argv); 762 return 0; 763 } 764 #endif 765 766 if (argc != 0) 767 usage(NULL); 768 769 if (!sigfile && msgfile) { 770 int nr; 771 if (strcmp(msgfile, "-") == 0) 772 usage("must specify sigfile with - message"); 773 if ((nr = snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig", 774 msgfile)) == -1 || nr >= sizeof(sigfilebuf)) 775 errx(1, "path too long"); 776 sigfile = sigfilebuf; 777 } 778 779 switch (verb) { 780 #ifndef VERIFYONLY 781 case GENERATE: 782 if (!pubkeyfile || !seckeyfile) 783 usage("must specify pubkey and seckey"); 784 generate(pubkeyfile, seckeyfile, rounds, comment); 785 break; 786 case INSPECT: 787 inspect(seckeyfile, pubkeyfile, sigfile); 788 break; 789 case SIGN: 790 if (!msgfile || !seckeyfile) 791 usage("must specify message and seckey"); 792 sign(seckeyfile, msgfile, sigfile, embedded); 793 break; 794 #endif 795 case VERIFY: 796 if (!msgfile) 797 usage("must specify message"); 798 verify(pubkeyfile, msgfile, sigfile, embedded, quiet); 799 break; 800 default: 801 usage(NULL); 802 break; 803 } 804 805 return 0; 806 } 807