Annotation of src/usr.bin/signify/signify.c, Revision 1.79
1.79 ! tedu 1: /* $OpenBSD: signify.c,v 1.78 2014/05/06 23:50:53 tedu Exp $ */
1.1 tedu 2: /*
3: * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: */
17: #include <sys/stat.h>
18:
19: #include <netinet/in.h>
20: #include <resolv.h>
21:
22: #include <stdint.h>
23: #include <fcntl.h>
24: #include <string.h>
25: #include <stdio.h>
1.34 tedu 26: #include <stdlib.h>
1.1 tedu 27: #include <err.h>
28: #include <unistd.h>
29: #include <readpassphrase.h>
30: #include <util.h>
31: #include <sha2.h>
32:
33: #include "crypto_api.h"
34:
35: #define SIGBYTES crypto_sign_ed25519_BYTES
36: #define SECRETBYTES crypto_sign_ed25519_SECRETKEYBYTES
37: #define PUBLICBYTES crypto_sign_ed25519_PUBLICKEYBYTES
38:
39: #define PKALG "Ed"
40: #define KDFALG "BK"
1.13 tedu 41: #define FPLEN 8
42:
1.18 tedu 43: #define COMMENTHDR "untrusted comment: "
44: #define COMMENTHDRLEN 19
45: #define COMMENTMAXLEN 1024
1.51 tedu 46: #define VERIFYWITH "verify with "
1.1 tedu 47:
48: struct enckey {
49: uint8_t pkalg[2];
50: uint8_t kdfalg[2];
51: uint32_t kdfrounds;
52: uint8_t salt[16];
53: uint8_t checksum[8];
1.13 tedu 54: uint8_t fingerprint[FPLEN];
1.1 tedu 55: uint8_t seckey[SECRETBYTES];
56: };
57:
58: struct pubkey {
59: uint8_t pkalg[2];
1.13 tedu 60: uint8_t fingerprint[FPLEN];
1.1 tedu 61: uint8_t pubkey[PUBLICBYTES];
62: };
63:
64: struct sig {
65: uint8_t pkalg[2];
1.13 tedu 66: uint8_t fingerprint[FPLEN];
1.1 tedu 67: uint8_t sig[SIGBYTES];
68: };
69:
70: extern char *__progname;
71:
72: static void
1.31 tedu 73: usage(const char *error)
1.1 tedu 74: {
1.31 tedu 75: if (error)
76: fprintf(stderr, "%s\n", error);
1.9 espie 77: fprintf(stderr, "usage:"
1.15 espie 78: #ifndef VERIFYONLY
1.47 naddy 79: "\t%1$s -C [-q] -p pubkey -x sigfile [file ...]\n"
1.31 tedu 80: "\t%1$s -G [-n] [-c comment] -p pubkey -s seckey\n"
81: "\t%1$s -I [-p pubkey] [-s seckey] [-x sigfile]\n"
82: "\t%1$s -S [-e] [-x sigfile] -s seckey -m message\n"
1.15 espie 83: #endif
1.42 tedu 84: "\t%1$s -V [-eq] [-x sigfile] -p pubkey -m message\n",
1.15 espie 85: __progname);
1.1 tedu 86: exit(1);
87: }
88:
89: static int
1.61 deraadt 90: xopen(const char *fname, int oflags, mode_t mode)
1.1 tedu 91: {
1.53 tedu 92: struct stat sb;
1.1 tedu 93: int fd;
94:
1.31 tedu 95: if (strcmp(fname, "-") == 0) {
1.61 deraadt 96: if ((oflags & O_WRONLY))
1.31 tedu 97: fd = dup(STDOUT_FILENO);
98: else
99: fd = dup(STDIN_FILENO);
100: if (fd == -1)
101: err(1, "dup failed");
102: } else {
1.61 deraadt 103: fd = open(fname, oflags, mode);
1.31 tedu 104: if (fd == -1)
105: err(1, "can't open %s for %s", fname,
1.61 deraadt 106: (oflags & O_WRONLY) ? "writing" : "reading");
1.31 tedu 107: }
1.53 tedu 108: if (fstat(fd, &sb) == -1 || S_ISDIR(sb.st_mode))
1.66 tedu 109: errx(1, "not a valid file: %s", fname);
1.1 tedu 110: return fd;
111: }
112:
113: static void *
114: xmalloc(size_t len)
115: {
116: void *p;
117:
118: p = malloc(len);
119: if (!p)
120: err(1, "malloc %zu", len);
121: return p;
122: }
123:
1.16 tedu 124: static size_t
1.46 tedu 125: parseb64file(const char *filename, char *b64, void *buf, size_t buflen,
1.18 tedu 126: char *comment)
1.16 tedu 127: {
128: char *commentend, *b64end;
129:
130: commentend = strchr(b64, '\n');
131: if (!commentend || commentend - b64 <= COMMENTHDRLEN ||
1.65 tedu 132: memcmp(b64, COMMENTHDR, COMMENTHDRLEN) != 0)
1.16 tedu 133: errx(1, "invalid comment in %s; must start with '%s'",
134: filename, COMMENTHDR);
1.75 tedu 135: *commentend = '\0';
1.40 deraadt 136: if (comment) {
137: if (strlcpy(comment, b64 + COMMENTHDRLEN,
138: COMMENTMAXLEN) >= COMMENTMAXLEN)
1.71 tedu 139: errx(1, "comment too long");
1.40 deraadt 140: }
1.16 tedu 141: b64end = strchr(commentend + 1, '\n');
142: if (!b64end)
143: errx(1, "missing new line after b64 in %s", filename);
1.75 tedu 144: *b64end = '\0';
1.77 tedu 145: if (b64_pton(commentend + 1, buf, buflen) != buflen)
1.16 tedu 146: errx(1, "invalid b64 encoding in %s", filename);
1.65 tedu 147: if (memcmp(buf, PKALG, 2) != 0)
1.16 tedu 148: errx(1, "unsupported file %s", filename);
149: return b64end - b64 + 1;
150: }
151:
1.1 tedu 152: static void
1.46 tedu 153: readb64file(const char *filename, void *buf, size_t buflen, char *comment)
1.1 tedu 154: {
155: char b64[2048];
1.10 tedu 156: int rv, fd;
1.1 tedu 157:
158: fd = xopen(filename, O_RDONLY | O_NOFOLLOW, 0);
159: rv = read(fd, b64, sizeof(b64) - 1);
160: if (rv == -1)
1.7 espie 161: err(1, "read from %s", filename);
1.75 tedu 162: b64[rv] = '\0';
1.46 tedu 163: parseb64file(filename, b64, buf, buflen, comment);
1.41 tedu 164: explicit_bzero(b64, sizeof(b64));
1.1 tedu 165: close(fd);
166: }
167:
1.35 tedu 168: static uint8_t *
1.1 tedu 169: readmsg(const char *filename, unsigned long long *msglenp)
170: {
1.49 tedu 171: unsigned long long msglen = 0;
172: uint8_t *msg = NULL;
1.1 tedu 173: struct stat sb;
1.49 tedu 174: ssize_t x, space;
1.1 tedu 175: int fd;
1.73 tedu 176: const unsigned long long maxmsgsize = 1UL << 30;
1.1 tedu 177:
178: fd = xopen(filename, O_RDONLY | O_NOFOLLOW, 0);
1.49 tedu 179: if (fstat(fd, &sb) == 0 && S_ISREG(sb.st_mode)) {
1.73 tedu 180: if (sb.st_size > maxmsgsize)
1.49 tedu 181: errx(1, "msg too large in %s", filename);
182: space = sb.st_size + 1;
183: } else {
1.67 tedu 184: space = 64 * 1024;
1.49 tedu 185: }
186:
1.67 tedu 187: msg = xmalloc(space + 1);
1.49 tedu 188: while (1) {
189: if (space == 0) {
1.73 tedu 190: if (msglen * 2 > maxmsgsize)
1.67 tedu 191: errx(1, "msg too large in %s", filename);
192: space = msglen;
1.49 tedu 193: if (!(msg = realloc(msg, msglen + space + 1)))
194: errx(1, "realloc");
195: }
196: if ((x = read(fd, msg + msglen, space)) == -1)
197: err(1, "read from %s", filename);
198: if (x == 0)
199: break;
200: space -= x;
201: msglen += x;
202: }
203:
1.75 tedu 204: msg[msglen] = '\0';
1.1 tedu 205: close(fd);
206:
207: *msglenp = msglen;
208: return msg;
209: }
210:
211: static void
1.46 tedu 212: writeall(int fd, const void *buf, size_t buflen, const char *filename)
1.1 tedu 213: {
1.11 tedu 214: ssize_t x;
1.38 espie 215:
1.46 tedu 216: while (buflen != 0) {
217: x = write(fd, buf, buflen);
1.38 espie 218: if (x == -1)
219: err(1, "write to %s", filename);
1.46 tedu 220: buflen -= x;
1.61 deraadt 221: buf = (char *)buf + x;
1.7 espie 222: }
1.1 tedu 223: }
224:
1.17 deraadt 225: #ifndef VERIFYONLY
1.1 tedu 226: static void
227: writeb64file(const char *filename, const char *comment, const void *buf,
1.61 deraadt 228: size_t buflen, const void *msg, size_t msglen, int oflags, mode_t mode)
1.1 tedu 229: {
230: char header[1024];
231: char b64[1024];
232: int fd, rv;
233:
1.61 deraadt 234: fd = xopen(filename, O_CREAT|oflags|O_NOFOLLOW|O_WRONLY, mode);
1.40 deraadt 235: if (snprintf(header, sizeof(header), "%s%s\n",
236: COMMENTHDR, comment) >= sizeof(header))
1.71 tedu 237: errx(1, "comment too long");
1.7 espie 238: writeall(fd, header, strlen(header), filename);
1.46 tedu 239: if ((rv = b64_ntop(buf, buflen, b64, sizeof(b64)-1)) == -1)
1.1 tedu 240: errx(1, "b64 encode failed");
1.8 espie 241: b64[rv++] = '\n';
1.7 espie 242: writeall(fd, b64, rv, filename);
1.41 tedu 243: explicit_bzero(b64, sizeof(b64));
1.58 tedu 244: if (msg)
245: writeall(fd, msg, msglen, filename);
1.1 tedu 246: close(fd);
247: }
248:
249: static void
1.70 tedu 250: kdf(uint8_t *salt, size_t saltlen, int rounds, int allowstdin, int confirm,
1.50 tedu 251: uint8_t *key, size_t keylen)
1.1 tedu 252: {
253: char pass[1024];
1.48 tedu 254: int rppflags = RPP_ECHO_OFF;
1.1 tedu 255:
256: if (rounds == 0) {
257: memset(key, 0, keylen);
258: return;
259: }
260:
1.50 tedu 261: if (allowstdin && !isatty(STDIN_FILENO))
1.48 tedu 262: rppflags |= RPP_STDIN;
263: if (!readpassphrase("passphrase: ", pass, sizeof(pass), rppflags))
1.39 tedu 264: errx(1, "unable to read passphrase");
1.37 tedu 265: if (strlen(pass) == 0)
266: errx(1, "please provide a password");
1.70 tedu 267: if (confirm && !(rppflags & RPP_STDIN)) {
268: char pass2[1024];
269: if (!readpassphrase("confirm passphrase: ", pass2,
270: sizeof(pass2), rppflags))
271: errx(1, "unable to read passphrase");
272: if (strcmp(pass, pass2) != 0)
273: errx(1, "passwords don't match");
274: explicit_bzero(pass2, sizeof(pass2));
275: }
1.1 tedu 276: if (bcrypt_pbkdf(pass, strlen(pass), salt, saltlen, key,
277: keylen, rounds) == -1)
278: errx(1, "bcrypt pbkdf");
1.41 tedu 279: explicit_bzero(pass, sizeof(pass));
1.1 tedu 280: }
281:
282: static void
283: signmsg(uint8_t *seckey, uint8_t *msg, unsigned long long msglen,
284: uint8_t *sig)
285: {
286: unsigned long long siglen;
287: uint8_t *sigbuf;
288:
289: sigbuf = xmalloc(msglen + SIGBYTES);
290: crypto_sign_ed25519(sigbuf, &siglen, msg, msglen, seckey);
291: memcpy(sig, sigbuf, SIGBYTES);
292: free(sigbuf);
293: }
294:
295: static void
1.27 tedu 296: generate(const char *pubkeyfile, const char *seckeyfile, int rounds,
297: const char *comment)
1.1 tedu 298: {
299: uint8_t digest[SHA512_DIGEST_LENGTH];
300: struct pubkey pubkey;
301: struct enckey enckey;
302: uint8_t xorkey[sizeof(enckey.seckey)];
1.13 tedu 303: uint8_t fingerprint[FPLEN];
1.27 tedu 304: char commentbuf[COMMENTMAXLEN];
1.1 tedu 305: SHA2_CTX ctx;
306: int i;
307:
308: crypto_sign_ed25519_keypair(pubkey.pubkey, enckey.seckey);
1.13 tedu 309: arc4random_buf(fingerprint, sizeof(fingerprint));
1.1 tedu 310:
311: SHA512Init(&ctx);
312: SHA512Update(&ctx, enckey.seckey, sizeof(enckey.seckey));
313: SHA512Final(digest, &ctx);
314:
315: memcpy(enckey.pkalg, PKALG, 2);
316: memcpy(enckey.kdfalg, KDFALG, 2);
317: enckey.kdfrounds = htonl(rounds);
1.13 tedu 318: memcpy(enckey.fingerprint, fingerprint, FPLEN);
1.1 tedu 319: arc4random_buf(enckey.salt, sizeof(enckey.salt));
1.70 tedu 320: kdf(enckey.salt, sizeof(enckey.salt), rounds, 1, 1, xorkey, sizeof(xorkey));
1.1 tedu 321: memcpy(enckey.checksum, digest, sizeof(enckey.checksum));
322: for (i = 0; i < sizeof(enckey.seckey); i++)
323: enckey.seckey[i] ^= xorkey[i];
1.41 tedu 324: explicit_bzero(digest, sizeof(digest));
325: explicit_bzero(xorkey, sizeof(xorkey));
1.1 tedu 326:
1.40 deraadt 327: if (snprintf(commentbuf, sizeof(commentbuf), "%s secret key",
328: comment) >= sizeof(commentbuf))
1.71 tedu 329: errx(1, "comment too long");
1.27 tedu 330: writeb64file(seckeyfile, commentbuf, &enckey,
1.58 tedu 331: sizeof(enckey), NULL, 0, O_EXCL, 0600);
1.41 tedu 332: explicit_bzero(&enckey, sizeof(enckey));
1.1 tedu 333:
334: memcpy(pubkey.pkalg, PKALG, 2);
1.13 tedu 335: memcpy(pubkey.fingerprint, fingerprint, FPLEN);
1.40 deraadt 336: if (snprintf(commentbuf, sizeof(commentbuf), "%s public key",
337: comment) >= sizeof(commentbuf))
1.71 tedu 338: errx(1, "comment too long");
1.27 tedu 339: writeb64file(pubkeyfile, commentbuf, &pubkey,
1.58 tedu 340: sizeof(pubkey), NULL, 0, O_EXCL, 0666);
1.1 tedu 341: }
342:
343: static void
1.16 tedu 344: sign(const char *seckeyfile, const char *msgfile, const char *sigfile,
345: int embedded)
1.1 tedu 346: {
347: struct sig sig;
348: uint8_t digest[SHA512_DIGEST_LENGTH];
349: struct enckey enckey;
350: uint8_t xorkey[sizeof(enckey.seckey)];
351: uint8_t *msg;
1.51 tedu 352: char comment[COMMENTMAXLEN], sigcomment[COMMENTMAXLEN];
353: char *secname;
1.1 tedu 354: unsigned long long msglen;
355: int i, rounds;
356: SHA2_CTX ctx;
357:
1.18 tedu 358: readb64file(seckeyfile, &enckey, sizeof(enckey), comment);
1.1 tedu 359:
1.65 tedu 360: if (memcmp(enckey.kdfalg, KDFALG, 2) != 0)
1.1 tedu 361: errx(1, "unsupported KDF");
362: rounds = ntohl(enckey.kdfrounds);
1.50 tedu 363: kdf(enckey.salt, sizeof(enckey.salt), rounds, strcmp(msgfile, "-") != 0,
1.70 tedu 364: 0, xorkey, sizeof(xorkey));
1.1 tedu 365: for (i = 0; i < sizeof(enckey.seckey); i++)
366: enckey.seckey[i] ^= xorkey[i];
1.41 tedu 367: explicit_bzero(xorkey, sizeof(xorkey));
1.1 tedu 368: SHA512Init(&ctx);
369: SHA512Update(&ctx, enckey.seckey, sizeof(enckey.seckey));
370: SHA512Final(digest, &ctx);
1.65 tedu 371: if (memcmp(enckey.checksum, digest, sizeof(enckey.checksum)) != 0)
1.1 tedu 372: errx(1, "incorrect passphrase");
1.41 tedu 373: explicit_bzero(digest, sizeof(digest));
1.1 tedu 374:
1.16 tedu 375: msg = readmsg(msgfile, &msglen);
1.1 tedu 376:
377: signmsg(enckey.seckey, msg, msglen, sig.sig);
1.13 tedu 378: memcpy(sig.fingerprint, enckey.fingerprint, FPLEN);
1.41 tedu 379: explicit_bzero(&enckey, sizeof(enckey));
1.1 tedu 380:
381: memcpy(sig.pkalg, PKALG, 2);
1.51 tedu 382: if ((secname = strstr(seckeyfile, ".sec")) && strlen(secname) == 4) {
383: if (snprintf(sigcomment, sizeof(sigcomment), VERIFYWITH "%.*s.pub",
1.57 tedu 384: (int)strlen(seckeyfile) - 4, seckeyfile) >= sizeof(sigcomment))
1.71 tedu 385: errx(1, "comment too long");
1.51 tedu 386: } else {
387: if (snprintf(sigcomment, sizeof(sigcomment), "signature from %s",
388: comment) >= sizeof(sigcomment))
1.71 tedu 389: errx(1, "comment too long");
1.51 tedu 390: }
1.16 tedu 391: if (embedded)
1.58 tedu 392: writeb64file(sigfile, sigcomment, &sig, sizeof(sig), msg,
393: msglen, O_TRUNC, 0666);
394: else
395: writeb64file(sigfile, sigcomment, &sig, sizeof(sig), NULL,
396: 0, O_TRUNC, 0666);
1.1 tedu 397:
398: free(msg);
399: }
1.22 tedu 400:
401: static void
402: inspect(const char *seckeyfile, const char *pubkeyfile, const char *sigfile)
403: {
404: struct sig sig;
405: struct enckey enckey;
406: struct pubkey pubkey;
407: char fp[(FPLEN + 2) / 3 * 4 + 1];
408:
409: if (seckeyfile) {
410: readb64file(seckeyfile, &enckey, sizeof(enckey), NULL);
411: b64_ntop(enckey.fingerprint, FPLEN, fp, sizeof(fp));
412: printf("sec fp: %s\n", fp);
413: }
414: if (pubkeyfile) {
415: readb64file(pubkeyfile, &pubkey, sizeof(pubkey), NULL);
416: b64_ntop(pubkey.fingerprint, FPLEN, fp, sizeof(fp));
417: printf("pub fp: %s\n", fp);
418: }
419: if (sigfile) {
420: readb64file(sigfile, &sig, sizeof(sig), NULL);
421: b64_ntop(sig.fingerprint, FPLEN, fp, sizeof(fp));
422: printf("sig fp: %s\n", fp);
423: }
424: }
1.14 tedu 425: #endif
1.1 tedu 426:
427: static void
1.62 tedu 428: verifymsg(struct pubkey *pubkey, uint8_t *msg, unsigned long long msglen,
429: struct sig *sig, int quiet)
1.13 tedu 430: {
431: uint8_t *sigbuf, *dummybuf;
432: unsigned long long siglen, dummylen;
433:
1.65 tedu 434: if (memcmp(pubkey->fingerprint, sig->fingerprint, FPLEN) != 0)
1.62 tedu 435: errx(1, "verification failed: checked against wrong key");
436:
1.13 tedu 437: siglen = SIGBYTES + msglen;
438: sigbuf = xmalloc(siglen);
439: dummybuf = xmalloc(siglen);
1.62 tedu 440: memcpy(sigbuf, sig->sig, SIGBYTES);
1.13 tedu 441: memcpy(sigbuf + SIGBYTES, msg, msglen);
442: if (crypto_sign_ed25519_open(dummybuf, &dummylen, sigbuf, siglen,
1.62 tedu 443: pubkey->pubkey) == -1)
1.13 tedu 444: errx(1, "signature verification failed");
1.42 tedu 445: if (!quiet)
446: printf("Signature Verified\n");
1.13 tedu 447: free(sigbuf);
448: free(dummybuf);
449: }
450:
1.64 tedu 451: static void
452: readpubkey(const char *pubkeyfile, struct pubkey *pubkey,
453: const char *sigcomment)
454: {
1.76 tedu 455: const char *safepath = "/etc/signify/";
1.64 tedu 456:
457: if (!pubkeyfile) {
458: if ((pubkeyfile = strstr(sigcomment, VERIFYWITH))) {
459: pubkeyfile += strlen(VERIFYWITH);
1.76 tedu 460: if (strncmp(pubkeyfile, safepath, strlen(safepath)) != 0 ||
1.64 tedu 461: strstr(pubkeyfile, "/../") != NULL)
462: errx(1, "untrusted path %s", pubkeyfile);
463: } else
1.66 tedu 464: usage("must specify pubkey");
1.64 tedu 465: }
466: readb64file(pubkeyfile, pubkey, sizeof(*pubkey), NULL);
467: }
1.13 tedu 468:
469: static void
1.63 tedu 470: verifysimple(const char *pubkeyfile, const char *msgfile, const char *sigfile,
471: int quiet)
1.1 tedu 472: {
1.64 tedu 473: char sigcomment[COMMENTMAXLEN];
1.1 tedu 474: struct sig sig;
475: struct pubkey pubkey;
1.63 tedu 476: unsigned long long msglen;
1.1 tedu 477: uint8_t *msg;
1.16 tedu 478:
1.63 tedu 479: msg = readmsg(msgfile, &msglen);
1.1 tedu 480:
1.64 tedu 481: readb64file(sigfile, &sig, sizeof(sig), sigcomment);
482: readpubkey(pubkeyfile, &pubkey, sigcomment);
1.63 tedu 483:
484: verifymsg(&pubkey, msg, msglen, &sig, quiet);
485:
486: free(msg);
487: }
488:
489: static uint8_t *
490: verifyembedded(const char *pubkeyfile, const char *sigfile,
491: int quiet, unsigned long long *msglenp)
492: {
1.64 tedu 493: char sigcomment[COMMENTMAXLEN];
1.63 tedu 494: struct sig sig;
495: struct pubkey pubkey;
496: unsigned long long msglen, siglen;
497: uint8_t *msg;
498:
499: msg = readmsg(sigfile, &msglen);
500:
1.64 tedu 501: siglen = parseb64file(sigfile, msg, &sig, sizeof(sig), sigcomment);
502: readpubkey(pubkeyfile, &pubkey, sigcomment);
503:
1.63 tedu 504: msglen -= siglen;
505: memmove(msg, msg + siglen, msglen);
506: msg[msglen] = 0;
1.13 tedu 507:
1.62 tedu 508: verifymsg(&pubkey, msg, msglen, &sig, quiet);
1.63 tedu 509:
510: *msglenp = msglen;
511: return msg;
512: }
513:
514: static void
515: verify(const char *pubkeyfile, const char *msgfile, const char *sigfile,
516: int embedded, int quiet)
517: {
518: unsigned long long msglen;
519: uint8_t *msg;
520: int fd;
521:
1.16 tedu 522: if (embedded) {
1.63 tedu 523: msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen);
1.30 tedu 524: fd = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666);
1.16 tedu 525: writeall(fd, msg, msglen, msgfile);
1.68 espie 526: free(msg);
1.16 tedu 527: close(fd);
1.63 tedu 528: } else {
529: verifysimple(pubkeyfile, msgfile, sigfile, quiet);
1.16 tedu 530: }
1.1 tedu 531: }
532:
1.42 tedu 533: #ifndef VERIFYONLY
534: struct checksum {
535: char file[1024];
536: char hash[1024];
537: char algo[256];
538: };
539:
540: static void
1.45 tedu 541: verifychecksums(char *msg, int argc, char **argv, int quiet)
1.42 tedu 542: {
543: char buf[1024];
1.45 tedu 544: char *line, *endline;
1.42 tedu 545: struct checksum *checksums = NULL, *c = NULL;
1.79 ! tedu 546: int nchecksums = 0, checksumspace = 0;
1.78 tedu 547: int i, j, rv, uselist, count, hasfailed;
1.42 tedu 548: int *failures;
549:
1.45 tedu 550: line = msg;
1.42 tedu 551: while (line && *line) {
1.79 ! tedu 552: if (nchecksums == checksumspace) {
! 553: checksumspace = 2 * (nchecksums + 1);
! 554: if (!(checksums = reallocarray(checksums,
! 555: checksumspace, sizeof(*checksums))))
! 556: err(1, "realloc");
! 557: }
1.42 tedu 558: c = &checksums[nchecksums++];
559: if ((endline = strchr(line, '\n')))
1.78 tedu 560: *endline++ = '\0';
561: rv = sscanf(line, "%255s %1023s = %1023s",
562: c->algo, buf, c->hash);
563: if (rv != 3 || buf[0] != '(' || buf[strlen(buf) - 1] != ')')
1.42 tedu 564: errx(1, "unable to parse checksum line %s", line);
565: buf[strlen(buf) - 1] = 0;
566: strlcpy(c->file, buf + 1, sizeof(c->file));
567: line = endline;
568: }
569:
570: if (argc) {
571: uselist = 0;
572: count = argc;
573: } else {
574: uselist = 1;
575: count = nchecksums;
576: }
1.74 tedu 577: if (!(failures = calloc(count, sizeof(*failures))))
1.43 tedu 578: err(1, "calloc");
1.42 tedu 579: for (i = 0; i < count; i++) {
580: if (uselist) {
581: c = &checksums[i];
582: } else {
583: for (j = 0; j < nchecksums; j++) {
584: c = &checksums[j];
585: if (strcmp(c->file, argv[i]) == 0)
586: break;
587: }
588: if (j == nchecksums) {
589: failures[i] = 1;
590: continue;
591: }
592: }
593:
594: if (strcmp(c->algo, "SHA256") == 0) {
595: if (!SHA256File(c->file, buf)) {
596: failures[i] = 1;
597: continue;
598: }
599: } else if (strcmp(c->algo, "SHA512") == 0) {
600: if (!SHA512File(c->file, buf)) {
601: failures[i] = 1;
602: continue;
603: }
604: } else {
605: errx(1, "can't handle algorithm %s", c->algo);
606: }
607: if (strcmp(c->hash, buf) != 0) {
608: failures[i] = 1;
609: continue;
610: }
611: if (!quiet)
612: printf("%s: OK\n", c->file);
613: }
1.43 tedu 614: hasfailed = 0;
1.42 tedu 615: for (i = 0; i < count; i++) {
616: if (failures[i]) {
617: fprintf(stderr, "%s: FAIL\n",
618: uselist ? checksums[i].file : argv[i]);
1.43 tedu 619: hasfailed = 1;
1.42 tedu 620: }
621: }
1.43 tedu 622: if (hasfailed)
1.42 tedu 623: exit(1);
624: free(checksums);
1.43 tedu 625: free(failures);
1.42 tedu 626: }
627:
628: static void
629: check(const char *pubkeyfile, const char *sigfile, int quiet, int argc,
630: char **argv)
631: {
1.63 tedu 632: unsigned long long msglen;
1.42 tedu 633: uint8_t *msg;
634:
1.63 tedu 635: msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen);
1.45 tedu 636: verifychecksums((char *)msg, argc, argv, quiet);
1.42 tedu 637:
1.63 tedu 638: free(msg);
1.42 tedu 639: }
640: #endif
641:
1.1 tedu 642: int
643: main(int argc, char **argv)
644: {
1.16 tedu 645: const char *pubkeyfile = NULL, *seckeyfile = NULL, *msgfile = NULL,
1.1 tedu 646: *sigfile = NULL;
647: char sigfilebuf[1024];
1.27 tedu 648: const char *comment = "signify";
1.1 tedu 649: int ch, rounds;
1.16 tedu 650: int embedded = 0;
1.42 tedu 651: int quiet = 0;
1.6 tedu 652: enum {
653: NONE,
1.42 tedu 654: CHECK,
1.6 tedu 655: GENERATE,
1.22 tedu 656: INSPECT,
1.6 tedu 657: SIGN,
658: VERIFY
659: } verb = NONE;
660:
1.1 tedu 661:
662: rounds = 42;
663:
1.42 tedu 664: while ((ch = getopt(argc, argv, "CGISVc:em:np:qs:x:")) != -1) {
1.1 tedu 665: switch (ch) {
1.14 tedu 666: #ifndef VERIFYONLY
1.42 tedu 667: case 'C':
668: if (verb)
669: usage(NULL);
670: verb = CHECK;
671: break;
1.6 tedu 672: case 'G':
673: if (verb)
1.31 tedu 674: usage(NULL);
1.6 tedu 675: verb = GENERATE;
676: break;
1.22 tedu 677: case 'I':
678: if (verb)
1.31 tedu 679: usage(NULL);
1.22 tedu 680: verb = INSPECT;
681: break;
1.6 tedu 682: case 'S':
683: if (verb)
1.31 tedu 684: usage(NULL);
1.6 tedu 685: verb = SIGN;
686: break;
1.14 tedu 687: #endif
1.6 tedu 688: case 'V':
689: if (verb)
1.31 tedu 690: usage(NULL);
1.6 tedu 691: verb = VERIFY;
692: break;
1.27 tedu 693: case 'c':
694: comment = optarg;
695: break;
1.16 tedu 696: case 'e':
697: embedded = 1;
698: break;
1.31 tedu 699: case 'm':
700: msgfile = optarg;
701: break;
1.6 tedu 702: case 'n':
1.1 tedu 703: rounds = 0;
704: break;
1.6 tedu 705: case 'p':
1.1 tedu 706: pubkeyfile = optarg;
707: break;
1.42 tedu 708: case 'q':
709: quiet = 1;
710: break;
1.6 tedu 711: case 's':
1.1 tedu 712: seckeyfile = optarg;
713: break;
1.31 tedu 714: case 'x':
715: sigfile = optarg;
716: break;
1.1 tedu 717: default:
1.31 tedu 718: usage(NULL);
1.1 tedu 719: break;
720: }
721: }
1.2 tedu 722: argc -= optind;
1.9 espie 723: argv += optind;
724:
1.42 tedu 725: #ifndef VERIFYONLY
726: if (verb == CHECK) {
727: if (!pubkeyfile || !sigfile)
1.66 tedu 728: usage("must specify pubkey and sigfile");
1.42 tedu 729: check(pubkeyfile, sigfile, quiet, argc, argv);
730: return 0;
731: }
732: #endif
733:
1.31 tedu 734: if (argc != 0)
735: usage(NULL);
736:
1.36 tedu 737: if (!sigfile && msgfile) {
738: if (strcmp(msgfile, "-") == 0)
1.66 tedu 739: usage("must specify sigfile with - message");
1.36 tedu 740: if (snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig",
741: msgfile) >= sizeof(sigfilebuf))
742: errx(1, "path too long");
743: sigfile = sigfilebuf;
744: }
1.1 tedu 745:
1.36 tedu 746: switch (verb) {
1.14 tedu 747: #ifndef VERIFYONLY
1.36 tedu 748: case GENERATE:
1.31 tedu 749: if (!pubkeyfile || !seckeyfile)
1.66 tedu 750: usage("must specify pubkey and seckey");
1.27 tedu 751: generate(pubkeyfile, seckeyfile, rounds, comment);
1.36 tedu 752: break;
753: case INSPECT:
1.22 tedu 754: inspect(seckeyfile, pubkeyfile, sigfile);
1.36 tedu 755: break;
756: case SIGN:
757: if (!msgfile || !seckeyfile)
1.66 tedu 758: usage("must specify message and seckey");
1.36 tedu 759: sign(seckeyfile, msgfile, sigfile, embedded);
760: break;
1.14 tedu 761: #endif
1.36 tedu 762: case VERIFY:
1.51 tedu 763: if (!msgfile)
1.66 tedu 764: usage("must specify message");
1.42 tedu 765: verify(pubkeyfile, msgfile, sigfile, embedded, quiet);
1.36 tedu 766: break;
767: default:
768: usage(NULL);
769: break;
1.1 tedu 770: }
1.9 espie 771:
1.1 tedu 772: return 0;
773: }