mirrors/minisign
1
0
Fork 0
mirror of https://github.com/jedisct1/minisign.git synced 2025-04-06 12:27:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

Add the ability to sign multiple files at once

Browse source
This commit is contained in:
Frank Denis 2018-02-02 23:24:01 +01:00
parent 75879f460f
commit 0c265d0dc6
1 changed files with 63 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

103
src/minisign.c
View file

@ -32,7 +32,7 @@ usage(void)
puts("Usage:\n" puts("Usage:\n"
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
"minisign -G [-p pubkey] [-s seckey]\n" "minisign -G [-p pubkey] [-s seckey]\n"
"minisign -S [-H] [-x sigfile] [-s seckey] [-c untrusted_comment] [-t trusted_comment] -m file\n" "minisign -S [-H] [-x sigfile] [-s seckey] [-c untrusted_comment] [-t trusted_comment] -m file [file ...]\n"
#endif #endif
"minisign -V [-x sigfile] [-p pubkeyfile | -P pubkey] [-o] [-q] -m file\n" "minisign -V [-x sigfile] [-p pubkeyfile | -P pubkey] [-o] [-q] -m file\n"
"\n" "\n"
@ -446,7 +446,34 @@ verify(PubkeyStruct *pubkey_struct, const char *message_file,
} }
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
static int static char *
default_trusted_comment(const char *message_file)
{
char *ret;
time_t ts = time(NULL);
if (asprintf(&ret, "timestamp:%lu\tfile:%s",
(unsigned long) ts, file_basename(message_file)) < 0 ||
ret == NULL) {
exit_err("asprintf()");
}
return ret;
}
static char *
append_sig_suffix(const char *message_file)
{
char *sig_file;
size_t message_file_len = strlen(message_file);
sig_file = xmalloc(message_file_len + sizeof SIG_SUFFIX);
memcpy(sig_file, message_file, message_file_len);
memcpy(sig_file + message_file_len, SIG_SUFFIX, sizeof SIG_SUFFIX);
return sig_file;
}
static void
sign(SeckeyStruct *seckey_struct, PubkeyStruct *pubkey_struct, sign(SeckeyStruct *seckey_struct, PubkeyStruct *pubkey_struct,
const char *message_file, const char *sig_file, const char *comment, const char *message_file, const char *sig_file, const char *comment,
const char *trusted_comment, int hashed) const char *trusted_comment, int hashed)
@ -456,10 +483,15 @@ sign(SeckeyStruct *seckey_struct, PubkeyStruct *pubkey_struct,
FILE *fp; FILE *fp;
unsigned char *message; unsigned char *message;
unsigned char *sig_and_trusted_comment; unsigned char *sig_and_trusted_comment;
char *tmp_trusted_comment = NULL;
size_t comment_len; size_t comment_len;
size_t trusted_comment_len; size_t trusted_comment_len;
size_t message_len; size_t message_len;
if (trusted_comment == NULL || *trusted_comment == 0) {
tmp_trusted_comment = default_trusted_comment(message_file);
trusted_comment = tmp_trusted_comment;
}
message = message_load(&message_len, message_file, hashed); message = message_load(&message_len, message_file, hashed);
if (hashed != 0) { if (hashed != 0) {
memcpy(sig_struct.sig_alg, SIGALG_HASHED, sizeof sig_struct.sig_alg); memcpy(sig_struct.sig_alg, SIGALG_HASHED, sizeof sig_struct.sig_alg);
@ -510,11 +542,32 @@ sign(SeckeyStruct *seckey_struct, PubkeyStruct *pubkey_struct,
pubkey_struct->keynum_pk.pk) != 0)) { pubkey_struct->keynum_pk.pk) != 0)) {
exit_msg("Verification would fail with the given public key"); exit_msg("Verification would fail with the given public key");
} }
xfput_b64(fp, (unsigned char *) (void *) &global_sig, sizeof global_sig);
xfclose(fp);
free(sig_and_trusted_comment);
free(tmp_trusted_comment);
}
static int
sign_all(SeckeyStruct *seckey_struct, PubkeyStruct *pubkey_struct,
const char *message_file, const char *additional_files[], int additional_count,
const char *sig_file, const char *comment, const char *trusted_comment,
int hashed)
{
char *additional_sig_file;
char *additional_trusted_comment;
int i;
sign(seckey_struct, pubkey_struct, message_file, sig_file, comment,
trusted_comment, hashed);
for (i = 0; i < additional_count; i++) {
additional_sig_file = append_sig_suffix(additional_files[i]);
sign(seckey_struct, pubkey_struct, additional_files[i],
additional_sig_file, comment, trusted_comment, hashed);
free(additional_sig_file);
}
sodium_free(seckey_struct); sodium_free(seckey_struct);
sodium_free(pubkey_struct); sodium_free(pubkey_struct);
xfput_b64(fp, (unsigned char *) (void *) &global_sig, sizeof global_sig);
free(sig_and_trusted_comment);
xfclose(fp);
return 0; return 0;
} }
@ -637,34 +690,7 @@ generate(const char *pk_file, const char *sk_file, const char *comment,
} }
#endif #endif
static char *
append_sig_suffix(const char *message_file)
{
char *sig_file;
size_t message_file_len = strlen(message_file);
sig_file = xmalloc(message_file_len + sizeof SIG_SUFFIX);
memcpy(sig_file, message_file, message_file_len);
memcpy(sig_file + message_file_len, SIG_SUFFIX, sizeof SIG_SUFFIX);
return sig_file;
}
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
static char *
default_trusted_comment(const char *message_file)
{
char *ret;
time_t ts = time(NULL);
if (asprintf(&ret, "timestamp:%lu\tfile:%s",
(unsigned long) ts, file_basename(message_file)) < 0 ||
ret == NULL) {
exit_err("asprintf()");
}
return ret;
}
static char * static char *
sig_config_dir(void) sig_config_dir(void)
{ {
@ -819,14 +845,11 @@ main(int argc, char **argv)
if (comment == NULL || *comment == 0) { if (comment == NULL || *comment == 0) {
comment = DEFAULT_COMMENT; comment = DEFAULT_COMMENT;
} }
if (trusted_comment == NULL || *trusted_comment == 0) { return sign_all(seckey_load(sk_file),
trusted_comment = default_trusted_comment(message_file); ((pk_file != NULL || pubkey_s != NULL) ?
} pubkey_load(pk_file, pubkey_s) : NULL),
return sign(seckey_load(sk_file), message_file, (const char **) &argv[optind], argc - optind,
((pk_file != NULL || pubkey_s != NULL) ? sig_file, comment, trusted_comment, hashed) != 0;
pubkey_load(pk_file, pubkey_s) : NULL),
message_file, sig_file, comment, trusted_comment,
hashed) != 0;
#endif #endif
case ACTION_VERIFY: case ACTION_VERIFY:
if (message_file == NULL) { if (message_file == NULL) {