mirrors/minisign
1
0
Fork 0
mirror of https://github.com/jedisct1/minisign.git synced 2025-04-04 19:37:48 +03:00
Code Issues Projects Releases Packages Wiki Activity

Overwrite a previous key pair now requires the -f flag

Browse source
This commit is contained in:
Frank Denis 2016-07-31 23:31:46 +02:00
parent 86e2210682
commit e8a6730eae
1 changed files with 39 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

42
src/minisign.c
View file

@ -19,7 +19,7 @@
#include "minisign.h" #include "minisign.h"
#ifndef VERIFY_ONLY #ifndef VERIFY_ONLY
static const char *getopt_options = "GSVHhc:m:oP:p:qQs:t:vx:"; static const char *getopt_options = "GSVHhc:fm:oP:p:qQs:t:vx:";
#else #else
static const char *getopt_options = "Vhm:oP:p:qQvx:"; static const char *getopt_options = "Vhm:oP:p:qQvx:";
#endif #endif
@ -58,6 +58,7 @@ usage(void)
#endif #endif
"-q quiet mode, suppress output\n" "-q quiet mode, suppress output\n"
"-Q pretty quiet mode, only print the trusted comment\n" "-Q pretty quiet mode, only print the trusted comment\n"
"-f force. Combined with -G, overwrite a previous key pair\n"
"-v display version number\n" "-v display version number\n"
); );
exit(2); exit(2);
@ -503,8 +504,37 @@ sign(const char *sk_file, const char *message_file, const char *sig_file,
return 0; return 0;
} }
static void
abort_on_existing_key_file(const char *file)
{
FILE *fp;
int exists = 0;
if ((fp = fopen(file, "r")) != NULL) {
exists = 1;
fclose(fp);
}
if (exists != 0) {
fprintf(stderr, "Key generation aborted, because %s already exists.\n"
"If you really want to overwrite the existing key pair, add the -f switch to \n"
"force this operation.\n", file);
exit(1);
}
}
static void
abort_on_existing_key_files(const char *pk_file, const char *sk_file,
int force)
{
if (force == 0) {
abort_on_existing_key_file(pk_file);
abort_on_existing_key_file(sk_file);
}
}
static int static int
generate(const char *pk_file, const char *sk_file, const char *comment) generate(const char *pk_file, const char *sk_file, const char *comment,
int force)
{ {
char *pwd = xsodium_malloc(PASSWORDMAXBYTES); char *pwd = xsodium_malloc(PASSWORDMAXBYTES);
char *pwd2 = xsodium_malloc(PASSWORDMAXBYTES); char *pwd2 = xsodium_malloc(PASSWORDMAXBYTES);
@ -513,6 +543,7 @@ generate(const char *pk_file, const char *sk_file, const char *comment)
unsigned char *stream ; unsigned char *stream ;
FILE *fp; FILE *fp;
abort_on_existing_key_files(pk_file, sk_file, force);
randombytes_buf(seckey_struct->keynum_sk.keynum, randombytes_buf(seckey_struct->keynum_sk.keynum,
sizeof seckey_struct->keynum_sk.keynum); sizeof seckey_struct->keynum_sk.keynum);
crypto_sign_keypair(pubkey_struct->keynum_pk.pk, crypto_sign_keypair(pubkey_struct->keynum_pk.pk,
@ -555,6 +586,7 @@ generate(const char *pk_file, const char *sk_file, const char *comment)
sodium_free(stream); sodium_free(stream);
puts("done\n"); puts("done\n");
abort_on_existing_key_files(pk_file, sk_file, force);
if ((fp = fopen_create_useronly(sk_file)) == NULL) { if ((fp = fopen_create_useronly(sk_file)) == NULL) {
exit_err(sk_file); exit_err(sk_file);
} }
@ -673,6 +705,7 @@ main(int argc, char **argv)
int hashed = 0; int hashed = 0;
int quiet = 0; int quiet = 0;
int output = 0; int output = 0;
int force = 0;
Action action = ACTION_NONE; Action action = ACTION_NONE;
while ((opt_flag = getopt(argc, argv, getopt_options)) != -1) { while ((opt_flag = getopt(argc, argv, getopt_options)) != -1) {
@ -701,6 +734,9 @@ main(int argc, char **argv)
case 'c': case 'c':
comment = optarg; comment = optarg;
break; break;
case 'f':
force = 1;
break;
#endif #endif
case 'h': case 'h':
usage(); usage();
@ -757,7 +793,7 @@ main(int argc, char **argv)
if (pk_file == NULL) { if (pk_file == NULL) {
pk_file = SIG_DEFAULT_PKFILE; pk_file = SIG_DEFAULT_PKFILE;
} }
return generate(pk_file, sk_file, comment) != 0; return generate(pk_file, sk_file, comment, force) != 0;
case ACTION_SIGN: case ACTION_SIGN:
if (message_file == NULL) { if (message_file == NULL) {
usage(); usage();