ucert.c 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749
  1. /*
  2. * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
  3. *
  4. * This program is free software; you can redistribute it and/or modify
  5. * it under the terms of the GNU General Public License version 3
  6. * as published by the Free Software Foundation
  7. *
  8. * This program is distributed in the hope that it will be useful,
  9. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  10. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  11. * GNU General Public License for more details.
  12. */
  13. #define _GNU_SOURCE
  14. #include <fcntl.h>
  15. #include <dlfcn.h>
  16. #include <stdio.h>
  17. #include <stdbool.h>
  18. #include <stdlib.h>
  19. #include <string.h>
  20. #include <getopt.h>
  21. #include <stdint.h>
  22. #include <unistd.h>
  23. #include <inttypes.h>
  24. #include <sys/stat.h>
  25. #include <sys/wait.h>
  26. #include <json-c/json.h>
  27. #include <libubox/blob.h>
  28. #include <libubox/utils.h>
  29. #include <libubox/list.h>
  30. #include <libubox/vlist.h>
  31. #include <libubox/blobmsg_json.h>
  32. #include "usign.h"
  33. #define CERT_BUF_LEN 4096
  34. static enum {
  35. CMD_APPEND,
  36. CMD_DUMP,
  37. CMD_ISSUE,
  38. CMD_REVOKE,
  39. CMD_VERIFY,
  40. CMD_NONE,
  41. } cmd = CMD_NONE;
  42. static bool quiet;
  43. #ifndef UCERT_STRIP_MESSAGES
  44. #define DPRINTF(format, ...) if (!quiet) fprintf(stderr, "%s(%d): " format, __func__, __LINE__, ## __VA_ARGS__)
  45. #else
  46. #define DPRINTF(format, ...)
  47. #endif
  48. /*
  49. * ucert structure
  50. * | BLOB |
  51. * | SIGNATURE | PAYLOAD |
  52. * | |[ BLOBMSG CONTAINER ]|
  53. * | |[[T,i,v,e,f,pubkey ]]|
  54. */
  55. enum cert_attr {
  56. CERT_ATTR_SIGNATURE,
  57. CERT_ATTR_PAYLOAD,
  58. CERT_ATTR_MAX
  59. };
  60. static const struct blob_attr_info cert_policy[CERT_ATTR_MAX] = {
  61. [CERT_ATTR_SIGNATURE] = { .type = BLOB_ATTR_BINARY },
  62. [CERT_ATTR_PAYLOAD] = { .type = BLOB_ATTR_NESTED },
  63. };
  64. enum cert_cont_attr {
  65. CERT_CT_ATTR_PAYLOAD,
  66. CERT_CT_ATTR_MAX
  67. };
  68. static const struct blobmsg_policy cert_cont_policy[CERT_CT_ATTR_MAX] = {
  69. [CERT_CT_ATTR_PAYLOAD] = { .name = "ucert", .type = BLOBMSG_TYPE_TABLE },
  70. };
  71. enum cert_payload_attr {
  72. CERT_PL_ATTR_CERTTYPE,
  73. CERT_PL_ATTR_CERTID,
  74. CERT_PL_ATTR_VALIDFROMTIME,
  75. CERT_PL_ATTR_EXPIRETIME,
  76. CERT_PL_ATTR_PUBKEY,
  77. CERT_PL_ATTR_KEY_FINGERPRINT,
  78. CERT_PL_ATTR_MAX
  79. };
  80. enum certtype_id {
  81. CERTTYPE_UNSPEC,
  82. CERTTYPE_AUTH,
  83. CERTTYPE_REVOKE
  84. };
  85. static const struct blobmsg_policy cert_payload_policy[CERT_PL_ATTR_MAX] = {
  86. [CERT_PL_ATTR_CERTTYPE] = { .name = "certtype", .type = BLOBMSG_TYPE_INT32 },
  87. [CERT_PL_ATTR_CERTID] = { .name = "certid", .type = BLOBMSG_TYPE_INT32 },
  88. [CERT_PL_ATTR_VALIDFROMTIME] = { .name = "validfrom", .type = BLOBMSG_TYPE_INT64 },
  89. [CERT_PL_ATTR_EXPIRETIME] = { .name = "expiresat", .type = BLOBMSG_TYPE_INT64 },
  90. [CERT_PL_ATTR_PUBKEY] = { .name = "pubkey", .type = BLOBMSG_TYPE_STRING },
  91. [CERT_PL_ATTR_KEY_FINGERPRINT] = { .name = "fingerprint", .type = BLOBMSG_TYPE_STRING },
  92. };
  93. /* list to store certificate chain at runtime */
  94. struct cert_object {
  95. struct list_head list;
  96. struct blob_attr *cert[CERT_ATTR_MAX];
  97. };
  98. /* write buffer to file */
  99. static int write_file(const char *filename, void *buf, size_t len, bool append) {
  100. FILE *f;
  101. size_t outlen;
  102. f = fopen(filename, append?"a":"w");
  103. if (!f)
  104. return 1;
  105. outlen = fwrite(buf, 1, len, f);
  106. fclose(f);
  107. return (outlen == len);
  108. }
  109. /* load certfile into list */
  110. static int cert_load(const char *certfile, struct list_head *chain) {
  111. FILE *f;
  112. struct blob_attr *certtb[CERT_ATTR_MAX];
  113. struct blob_attr *bufpt;
  114. struct cert_object *cobj;
  115. char filebuf[CERT_BUF_LEN];
  116. int ret = 0, pret = 0;
  117. int len, pos = 0;
  118. f = fopen(certfile, "r");
  119. if (!f)
  120. return 1;
  121. len = fread(&filebuf, 1, CERT_BUF_LEN - 1, f);
  122. if (len < 64)
  123. return 1;
  124. ret = ferror(f) || !feof(f);
  125. fclose(f);
  126. if (ret)
  127. return 1;
  128. bufpt = (struct blob_attr *)filebuf;
  129. do {
  130. pret = blob_parse(bufpt, certtb, cert_policy, CERT_ATTR_MAX);
  131. if (pret <= 0)
  132. /* no attributes found */
  133. break;
  134. if (pos + blob_pad_len(bufpt) > len)
  135. /* blob exceeds filebuffer */
  136. break;
  137. else
  138. pos += blob_pad_len(bufpt);
  139. if (!certtb[CERT_ATTR_SIGNATURE])
  140. /* no signature -> drop */
  141. break;
  142. cobj = calloc(1, sizeof(*cobj));
  143. cobj->cert[CERT_ATTR_SIGNATURE] = blob_memdup(certtb[CERT_ATTR_SIGNATURE]);
  144. if (certtb[CERT_ATTR_PAYLOAD])
  145. cobj->cert[CERT_ATTR_PAYLOAD] = blob_memdup(certtb[CERT_ATTR_PAYLOAD]);
  146. list_add_tail(&cobj->list, chain);
  147. ret += pret;
  148. /* repeat parsing while there is still enough remaining data in buffer */
  149. } while(len > pos + sizeof(struct blob_attr) && (bufpt = blob_next(bufpt)));
  150. return (ret <= 0);
  151. }
  152. #ifdef UCERT_FULL
  153. /* append signature to certfile */
  154. static int cert_append(const char *certfile, const char *sigfile) {
  155. FILE *fs;
  156. char filebuf[CERT_BUF_LEN];
  157. struct blob_buf sigbuf = {0};
  158. int len;
  159. int ret;
  160. fs = fopen(sigfile, "r");
  161. if (!fs)
  162. return 1;
  163. len = fread(&filebuf, 1, CERT_BUF_LEN - 1, fs);
  164. ret = ferror(fs) || !feof(fs) || (len < 64);
  165. fclose(fs);
  166. if (ret)
  167. return 1;
  168. blob_buf_init(&sigbuf, 0);
  169. blob_put(&sigbuf, CERT_ATTR_SIGNATURE, filebuf, len);
  170. ret = write_file(certfile, sigbuf.head, blob_raw_len(sigbuf.head), true);
  171. blob_buf_free(&sigbuf);
  172. return ret;
  173. }
  174. #endif
  175. /* verify the signature of a single chain element */
  176. static int cert_verify_blob(struct blob_attr *cert[CERT_ATTR_MAX],
  177. const char *pubkeyfile, const char *pubkeydir) {
  178. int i;
  179. char msgfname[256], sigfname[256];
  180. int ret;
  181. char tmpdir[] = "/tmp/ucert-XXXXXX";
  182. if (mkdtemp(tmpdir) == NULL)
  183. return errno;
  184. snprintf(msgfname, sizeof(msgfname) - 1, "%s/%s", tmpdir, "payload");
  185. snprintf(sigfname, sizeof(sigfname) - 1, "%s/%s", tmpdir, "payload.sig");
  186. for (i = 0; i < CERT_ATTR_MAX; i++) {
  187. struct blob_attr *v = cert[i];
  188. if (!v)
  189. break;
  190. switch(cert_policy[i].type) {
  191. case BLOB_ATTR_BINARY:
  192. write_file(sigfname, blob_data(v), blob_len(v), false);
  193. break;
  194. case BLOB_ATTR_NESTED:
  195. write_file(msgfname, blob_data(v), blob_len(v), false);
  196. break;
  197. }
  198. }
  199. ret = usign_v(msgfname, pubkeyfile, pubkeydir, sigfname, quiet);
  200. unlink(msgfname);
  201. unlink(sigfname);
  202. rmdir(tmpdir);
  203. return ret;
  204. }
  205. /* verify cert chain (and message) */
  206. static int chain_verify(const char *msgfile, const char *pubkeyfile,
  207. const char *pubkeydir, struct list_head *chain) {
  208. struct cert_object *cobj;
  209. struct blob_attr *containertb[CERT_CT_ATTR_MAX];
  210. struct blob_attr *payloadtb[CERT_PL_ATTR_MAX];
  211. char tmpdir[] = "/tmp/ucert-XXXXXX";
  212. char chainedpubkey[256] = {0};
  213. char chainedfp[17] = {0};
  214. char extsigfile[256] = {0};
  215. int ret = 1;
  216. int checkmsg = 0;
  217. struct timeval tv;
  218. if (mkdtemp(tmpdir) == NULL)
  219. return errno;
  220. if (msgfile)
  221. checkmsg = -1;
  222. gettimeofday(&tv, NULL);
  223. list_for_each_entry(cobj, chain, list) {
  224. /* blob has payload, verify that using signature */
  225. if (cobj->cert[CERT_ATTR_PAYLOAD]) {
  226. uint64_t validfrom;
  227. uint64_t expiresat;
  228. uint32_t certtype;
  229. ret = cert_verify_blob(cobj->cert, chainedpubkey[0]?chainedpubkey:pubkeyfile, pubkeydir);
  230. if (ret)
  231. goto clean_and_return;
  232. blobmsg_parse(cert_cont_policy,
  233. ARRAY_SIZE(cert_cont_policy),
  234. containertb,
  235. blob_data(cobj->cert[CERT_ATTR_PAYLOAD]),
  236. blob_len(cobj->cert[CERT_ATTR_PAYLOAD]));
  237. if (!containertb[CERT_CT_ATTR_PAYLOAD]) {
  238. ret = 1;
  239. DPRINTF("no ucert in signed payload\n");
  240. goto clean_and_return;
  241. }
  242. blobmsg_parse(cert_payload_policy,
  243. ARRAY_SIZE(cert_payload_policy),
  244. payloadtb,
  245. blobmsg_data(containertb[CERT_CT_ATTR_PAYLOAD]),
  246. blobmsg_data_len(containertb[CERT_CT_ATTR_PAYLOAD]));
  247. if (!payloadtb[CERT_PL_ATTR_CERTTYPE] ||
  248. !payloadtb[CERT_PL_ATTR_VALIDFROMTIME] ||
  249. !payloadtb[CERT_PL_ATTR_EXPIRETIME] ||
  250. !payloadtb[CERT_PL_ATTR_PUBKEY]) {
  251. ret = 1;
  252. DPRINTF("missing mandatory ucert attributes\n");
  253. goto clean_and_return;
  254. }
  255. certtype = blobmsg_get_u32(payloadtb[CERT_PL_ATTR_CERTTYPE]);
  256. validfrom = blobmsg_get_u64(payloadtb[CERT_PL_ATTR_VALIDFROMTIME]);
  257. expiresat = blobmsg_get_u64(payloadtb[CERT_PL_ATTR_EXPIRETIME]);
  258. if (certtype != CERTTYPE_AUTH) {
  259. ret = 2;
  260. DPRINTF("wrong certificate type\n");
  261. goto clean_and_return;
  262. }
  263. if (tv.tv_sec < validfrom ||
  264. tv.tv_sec >= expiresat) {
  265. ret = 3;
  266. DPRINTF("certificate expired\n");
  267. goto clean_and_return;
  268. }
  269. snprintf(chainedpubkey, sizeof(chainedpubkey) - 1, "%s/%s", tmpdir, "chained-pubkey");
  270. write_file(chainedpubkey,
  271. blobmsg_data(payloadtb[CERT_PL_ATTR_PUBKEY]),
  272. blobmsg_data_len(payloadtb[CERT_PL_ATTR_PUBKEY]),
  273. false);
  274. if (usign_f_pubkey(chainedfp, chainedpubkey)) {
  275. DPRINTF("cannot get fingerprint for chained key\n");
  276. ret = 2;
  277. goto clean_and_return;
  278. }
  279. if (pubkeydir && _usign_key_is_revoked(chainedfp, pubkeydir)) {
  280. DPRINTF("key %s has been revoked!\n", chainedfp);
  281. ret = 4;
  282. goto clean_and_return;
  283. }
  284. } else {
  285. /* blob doesn't have payload, verify message using signature */
  286. if (msgfile) {
  287. snprintf(extsigfile, sizeof(extsigfile) - 1, "%s/%s", tmpdir, "ext-sig");
  288. write_file(extsigfile,
  289. blob_data(cobj->cert[CERT_ATTR_SIGNATURE]),
  290. blob_len(cobj->cert[CERT_ATTR_SIGNATURE]),
  291. false);
  292. checkmsg = ret = usign_v(msgfile,
  293. chainedpubkey[0]?chainedpubkey:pubkeyfile,
  294. pubkeydir, extsigfile, quiet);
  295. unlink(extsigfile);
  296. } else {
  297. DPRINTF("stray trailing signature without anything to verify!\n");
  298. ret = 1;
  299. };
  300. }
  301. }
  302. if (checkmsg == -1)
  303. DPRINTF("missing signature to verify message!\n");
  304. clean_and_return:
  305. if (chainedpubkey[0])
  306. unlink(chainedpubkey);
  307. rmdir(tmpdir);
  308. return ret | checkmsg;
  309. }
  310. #ifdef UCERT_FULL
  311. /* dump single chain element to console */
  312. static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX]) {
  313. int i;
  314. for (i = 0; i < CERT_ATTR_MAX; i++) {
  315. struct blob_attr *v = cert[i];
  316. if (!v)
  317. continue;
  318. switch(cert_policy[i].type) {
  319. case BLOB_ATTR_BINARY:
  320. fprintf(stdout, "signature:\n---\n%s---\n", (char *) blob_data(v));
  321. break;
  322. case BLOB_ATTR_NESTED:
  323. fprintf(stdout, "payload:\n---\n%s\n---\n", blobmsg_format_json_indent(blob_data(v), false, 0));
  324. break;
  325. }
  326. }
  327. }
  328. /* dump certfile to console */
  329. static int cert_dump(const char *certfile) {
  330. struct cert_object *cobj;
  331. static LIST_HEAD(certchain);
  332. unsigned int count = 0;
  333. if (cert_load(certfile, &certchain)) {
  334. DPRINTF("cannot parse cert\n");
  335. return 1;
  336. }
  337. list_for_each_entry(cobj, &certchain, list) {
  338. fprintf(stdout, "=== CHAIN ELEMENT %02u ===\n", ++count);
  339. cert_dump_blob(cobj->cert);
  340. }
  341. return 0;
  342. }
  343. /* issue an auth certificate for pubkey */
  344. static int cert_issue(const char *certfile, const char *pubkeyfile, const char *seckeyfile) {
  345. struct blob_buf payloadbuf = {0};
  346. struct blob_buf certbuf = {0};
  347. struct timeval tv;
  348. int pklen, siglen;
  349. int revoker = 1;
  350. void *c;
  351. FILE *pkf, *sigf;
  352. char pkb[512];
  353. char sigb[1024];
  354. char fname[256], sfname[256];
  355. char pkfp[17];
  356. char tmpdir[] = "/tmp/ucert-XXXXXX";
  357. pkf = fopen(pubkeyfile, "r");
  358. if (!pkf)
  359. return -1;
  360. pklen = fread(pkb, 1, 512, pkf);
  361. pkb[pklen] = '\0';
  362. if (pklen < 32)
  363. return -1;
  364. fclose(pkf);
  365. if (usign_f_pubkey(pkfp, pubkeyfile))
  366. return -1;
  367. gettimeofday(&tv, NULL);
  368. if (mkdtemp(tmpdir) == NULL)
  369. return errno;
  370. while (revoker >= 0) {
  371. blob_buf_init(&payloadbuf, 0);
  372. c = blobmsg_open_table(&payloadbuf, "ucert");
  373. blobmsg_add_u32(&payloadbuf, "certtype", revoker?CERTTYPE_REVOKE:CERTTYPE_AUTH);
  374. blobmsg_add_u64(&payloadbuf, "validfrom", tv.tv_sec);
  375. if (!revoker) {
  376. blobmsg_add_u64(&payloadbuf, "expiresat", tv.tv_sec + 60 * 60 * 24 * 365);
  377. blobmsg_add_string(&payloadbuf, "pubkey", pkb);
  378. } else {
  379. blobmsg_add_string(&payloadbuf, "fingerprint", pkfp);
  380. }
  381. blobmsg_close_table(&payloadbuf, c);
  382. snprintf(fname, sizeof(fname) - 1, "%s/%s", tmpdir, revoker?"revoker":"payload");
  383. write_file(fname, blob_data(payloadbuf.head), blob_len(payloadbuf.head), false);
  384. snprintf(sfname, sizeof(sfname) - 1, "%s/%s", tmpdir, revoker?"revoker.sig":"payload.sig");
  385. if (usign_s(fname, seckeyfile, sfname, quiet))
  386. return 1;
  387. sigf = fopen(sfname, "r");
  388. if (!sigf)
  389. return 1;
  390. siglen = fread(sigb, 1, 1024, sigf);
  391. if (siglen < 1)
  392. return 1;
  393. sigb[siglen] = '\0';
  394. fclose(sigf);
  395. unlink(fname);
  396. unlink(sfname);
  397. blob_buf_init(&certbuf, 0);
  398. blob_put(&certbuf, CERT_ATTR_SIGNATURE, sigb, siglen);
  399. blob_put(&certbuf, CERT_ATTR_PAYLOAD, blob_data(payloadbuf.head), blob_len(payloadbuf.head));
  400. snprintf(fname, sizeof(fname) - 1, "%s%s", certfile, revoker?".revoke":"");
  401. write_file(fname, certbuf.head, blob_raw_len(certbuf.head), true);
  402. blob_buf_free(&certbuf);
  403. blob_buf_free(&payloadbuf);
  404. revoker--;
  405. }
  406. rmdir(tmpdir);
  407. return 0;
  408. }
  409. #endif
  410. /* process revoker certificate */
  411. static int cert_process_revoker(const char *certfile, const char *pubkeydir) {
  412. static LIST_HEAD(certchain);
  413. struct cert_object *cobj;
  414. struct blob_attr *containertb[CERT_CT_ATTR_MAX];
  415. struct blob_attr *payloadtb[CERT_PL_ATTR_MAX];
  416. struct stat st;
  417. struct timeval tv;
  418. uint64_t validfrom;
  419. uint32_t certtype;
  420. char *fingerprint;
  421. char rfname[512];
  422. int ret;
  423. if (cert_load(certfile, &certchain)) {
  424. DPRINTF("cannot parse cert\n");
  425. return 1;
  426. }
  427. gettimeofday(&tv, NULL);
  428. list_for_each_entry(cobj, &certchain, list) {
  429. if (!cobj->cert[CERT_ATTR_PAYLOAD])
  430. return 2;
  431. /* blob has payload, verify that using signature */
  432. ret = cert_verify_blob(cobj->cert, NULL, pubkeydir);
  433. if (ret)
  434. return ret;
  435. blobmsg_parse(cert_cont_policy,
  436. ARRAY_SIZE(cert_cont_policy),
  437. containertb,
  438. blob_data(cobj->cert[CERT_ATTR_PAYLOAD]),
  439. blob_len(cobj->cert[CERT_ATTR_PAYLOAD]));
  440. if (!containertb[CERT_CT_ATTR_PAYLOAD]) {
  441. DPRINTF("no ucert in signed payload\n");
  442. return 2;
  443. }
  444. blobmsg_parse(cert_payload_policy,
  445. ARRAY_SIZE(cert_payload_policy),
  446. payloadtb,
  447. blobmsg_data(containertb[CERT_CT_ATTR_PAYLOAD]),
  448. blobmsg_data_len(containertb[CERT_CT_ATTR_PAYLOAD]));
  449. if (!payloadtb[CERT_PL_ATTR_CERTTYPE] ||
  450. !payloadtb[CERT_PL_ATTR_VALIDFROMTIME] ||
  451. !payloadtb[CERT_PL_ATTR_KEY_FINGERPRINT]) {
  452. DPRINTF("missing mandatory ucert attributes\n");
  453. return 2;
  454. }
  455. certtype = blobmsg_get_u32(payloadtb[CERT_PL_ATTR_CERTTYPE]);
  456. validfrom = blobmsg_get_u64(payloadtb[CERT_PL_ATTR_VALIDFROMTIME]);
  457. fingerprint = blobmsg_get_string(payloadtb[CERT_PL_ATTR_KEY_FINGERPRINT]);
  458. if (certtype != CERTTYPE_REVOKE) {
  459. DPRINTF("wrong certificate type\n");
  460. return 2;
  461. }
  462. if (tv.tv_sec < validfrom) {
  463. return 3;
  464. }
  465. snprintf(rfname, sizeof(rfname)-1, "%s/%s", pubkeydir, fingerprint);
  466. /* check if entry in pubkeydir exists */
  467. if (stat(rfname, &st) == 0) {
  468. if (_usign_key_is_revoked(fingerprint, pubkeydir)) {
  469. DPRINTF("existing revoker deadlink for key %s\n", fingerprint);
  470. continue;
  471. };
  472. /* remove any other entry */
  473. if (unlink(rfname))
  474. return -1;
  475. }
  476. ret = symlink(".revoked.", rfname);
  477. if (ret)
  478. return ret;
  479. DPRINTF("created revoker deadlink for key %s\n", fingerprint);
  480. };
  481. return ret;
  482. }
  483. /* load and verify certfile (and message) */
  484. static int cert_verify(const char *certfile, const char *pubkeyfile, const char *pubkeydir, const char *msgfile) {
  485. static LIST_HEAD(certchain);
  486. if (cert_load(certfile, &certchain)) {
  487. DPRINTF("cannot parse cert\n");
  488. return 1;
  489. }
  490. return chain_verify(msgfile, pubkeyfile, pubkeydir, &certchain);
  491. }
  492. /* output help */
  493. static int usage(const char *cmd)
  494. {
  495. #ifndef UCERT_STRIP_MESSAGES
  496. fprintf(stderr,
  497. "Usage: %s <command> <options>\n"
  498. "Commands:\n"
  499. #ifdef UCERT_FULL
  500. " -A: append signature (needs -c and -x)\n"
  501. " -D: dump (needs -c)\n"
  502. " -I: issue cert and revoker (needs -c and -p and -s)\n"
  503. #endif /* UCERT_FULL */
  504. " -R: process revoker certificate (needs -c and -P)\n"
  505. " -V: verify (needs -c and -p|-P, may have -m)\n"
  506. "Options:\n"
  507. " -c <file>: certificate file\n"
  508. " -m <file>: message file (verify only)\n"
  509. " -p <file>: public key file\n"
  510. " -P <path>: public key directory (verify only)\n"
  511. " -q: quiet (do not print verification result, use return code only)\n"
  512. #ifdef UCERT_FULL
  513. " -s <file>: secret key file (issue only)\n"
  514. " -x <file>: signature file (append only)\n"
  515. #endif /* UCERT_FULL */
  516. "\n",
  517. cmd);
  518. #endif /* UCERT_STRIP_MESSAGES */
  519. return 1;
  520. }
  521. /* parse command line options and call functions */
  522. int main(int argc, char *argv[]) {
  523. int ch;
  524. const char *msgfile = NULL;
  525. const char *pubkeyfile = NULL;
  526. const char *pubkeydir = NULL;
  527. const char *certfile = NULL;
  528. #ifdef UCERT_FULL
  529. const char *sigfile = NULL;
  530. const char *seckeyfile = NULL;
  531. #endif
  532. quiet = false;
  533. while ((ch = getopt(argc, argv,
  534. "RVc:m:p:P:q"
  535. #ifdef UCERT_FULL
  536. "ADIs:x:"
  537. #endif
  538. )) != -1) {
  539. switch (ch) {
  540. #ifdef UCERT_FULL
  541. case 'A':
  542. if (cmd != CMD_NONE)
  543. return usage(argv[0]);
  544. cmd = CMD_APPEND;
  545. break;
  546. case 'D':
  547. if (cmd != CMD_NONE)
  548. return usage(argv[0]);
  549. cmd = CMD_DUMP;
  550. break;
  551. case 'I':
  552. if (cmd != CMD_NONE)
  553. return usage(argv[0]);
  554. cmd = CMD_ISSUE;
  555. break;
  556. #endif
  557. case 'R':
  558. if (cmd != CMD_NONE)
  559. return usage(argv[0]);
  560. cmd = CMD_REVOKE;
  561. break;
  562. case 'V':
  563. if (cmd != CMD_NONE)
  564. return usage(argv[0]);
  565. cmd = CMD_VERIFY;
  566. break;
  567. case 'c':
  568. if (certfile || cmd == CMD_NONE)
  569. return usage(argv[0]);
  570. certfile = optarg;
  571. break;
  572. case 'm':
  573. if (msgfile || cmd != CMD_VERIFY)
  574. return usage(argv[0]);
  575. msgfile = optarg;
  576. break;
  577. case 'p':
  578. if (pubkeyfile || (cmd != CMD_VERIFY && cmd != CMD_ISSUE) || cmd == CMD_NONE)
  579. return usage(argv[0]);
  580. pubkeyfile = optarg;
  581. break;
  582. case 'P':
  583. if (pubkeydir || (cmd != CMD_VERIFY && cmd != CMD_REVOKE) || cmd == CMD_NONE)
  584. return usage(argv[0]);
  585. pubkeydir = optarg;
  586. break;
  587. case 'q':
  588. if (quiet)
  589. return usage(argv[0]);
  590. quiet = true;
  591. break;
  592. #ifdef UCERT_FULL
  593. case 's':
  594. if (seckeyfile || cmd != CMD_ISSUE || cmd == CMD_NONE)
  595. return usage(argv[0]);
  596. seckeyfile = optarg;
  597. break;
  598. case 'x':
  599. if (sigfile || cmd != CMD_APPEND || cmd == CMD_NONE)
  600. return usage(argv[0]);
  601. sigfile = optarg;
  602. break;
  603. #endif
  604. default:
  605. return usage(argv[0]);
  606. }
  607. }
  608. switch (cmd) {
  609. #ifdef UCERT_FULL
  610. case CMD_APPEND:
  611. if (certfile && sigfile)
  612. return cert_append(certfile, sigfile);
  613. else
  614. return usage(argv[0]);
  615. case CMD_DUMP:
  616. if (certfile)
  617. return cert_dump(certfile);
  618. else
  619. return usage(argv[0]);
  620. case CMD_ISSUE:
  621. if (certfile && pubkeyfile && seckeyfile)
  622. return cert_issue(certfile, pubkeyfile, seckeyfile);
  623. else
  624. return usage(argv[0]);
  625. #endif
  626. case CMD_REVOKE:
  627. if (certfile && pubkeydir)
  628. return cert_process_revoker(certfile, pubkeydir);
  629. else
  630. return usage(argv[0]);
  631. case CMD_VERIFY:
  632. if (certfile && (pubkeyfile || pubkeydir))
  633. return cert_verify(certfile, pubkeyfile, pubkeydir, msgfile);
  634. else
  635. return usage(argv[0]);
  636. default:
  637. return usage(argv[0]);
  638. }
  639. /* unreachable */
  640. return usage(argv[0]);
  641. }