version 1.434, 2021/07/24 02:51:14 |
version 1.435, 2021/08/11 08:54:17 |
|
|
} |
} |
|
|
static int |
static int |
sig_process_opts(char * const *opts, size_t nopts, uint64_t *verify_timep) |
sig_process_opts(char * const *opts, size_t nopts, uint64_t *verify_timep, |
|
int *print_pubkey) |
{ |
{ |
size_t i; |
size_t i; |
time_t now; |
time_t now; |
|
|
*verify_timep = 0; |
*verify_timep = 0; |
|
*print_pubkey = 0; |
for (i = 0; i < nopts; i++) { |
for (i = 0; i < nopts; i++) { |
if (strncasecmp(opts[i], "verify-time=", 12) == 0) { |
if (strncasecmp(opts[i], "verify-time=", 12) == 0) { |
if (parse_absolute_time(opts[i] + 12, |
if (parse_absolute_time(opts[i] + 12, |
|
|
error("Invalid \"verify-time\" option"); |
error("Invalid \"verify-time\" option"); |
return SSH_ERR_INVALID_ARGUMENT; |
return SSH_ERR_INVALID_ARGUMENT; |
} |
} |
|
} else if (print_pubkey && |
|
strcasecmp(opts[i], "print-pubkey") == 0) { |
|
*print_pubkey = 1; |
} else { |
} else { |
error("Invalid option \"%s\"", opts[i]); |
error("Invalid option \"%s\"", opts[i]); |
return SSH_ERR_INVALID_ARGUMENT; |
return SSH_ERR_INVALID_ARGUMENT; |
|
|
char * const *opts, size_t nopts) |
char * const *opts, size_t nopts) |
{ |
{ |
int r, ret = -1; |
int r, ret = -1; |
|
int print_pubkey = 0; |
struct sshbuf *sigbuf = NULL, *abuf = NULL; |
struct sshbuf *sigbuf = NULL, *abuf = NULL; |
struct sshkey *sign_key = NULL; |
struct sshkey *sign_key = NULL; |
char *fp = NULL; |
char *fp = NULL; |
struct sshkey_sig_details *sig_details = NULL; |
struct sshkey_sig_details *sig_details = NULL; |
uint64_t verify_time = 0; |
uint64_t verify_time = 0; |
|
|
if (sig_process_opts(opts, nopts, &verify_time) != 0) |
if (sig_process_opts(opts, nopts, &verify_time, &print_pubkey) != 0) |
goto done; /* error already logged */ |
goto done; /* error already logged */ |
|
|
memset(&sig_details, 0, sizeof(sig_details)); |
memset(&sig_details, 0, sizeof(sig_details)); |
|
|
printf("Could not verify signature.\n"); |
printf("Could not verify signature.\n"); |
} |
} |
} |
} |
|
/* Print the signature key if requested */ |
|
if (ret == 0 && print_pubkey && sign_key != NULL) { |
|
if ((r = sshkey_write(sign_key, stdout)) == 0) |
|
fputc('\n', stdout); |
|
else { |
|
error_r(r, "Could not print public key.\n"); |
|
ret = -1; |
|
} |
|
} |
sshbuf_free(sigbuf); |
sshbuf_free(sigbuf); |
sshbuf_free(abuf); |
sshbuf_free(abuf); |
sshkey_free(sign_key); |
sshkey_free(sign_key); |
|
|
char *principals = NULL, *cp, *tmp; |
char *principals = NULL, *cp, *tmp; |
uint64_t verify_time = 0; |
uint64_t verify_time = 0; |
|
|
if (sig_process_opts(opts, nopts, &verify_time) != 0) |
if (sig_process_opts(opts, nopts, &verify_time, NULL) != 0) |
goto done; /* error already logged */ |
goto done; /* error already logged */ |
|
|
if ((r = sshbuf_load_file(signature, &abuf)) != 0) { |
if ((r = sshbuf_load_file(signature, &abuf)) != 0) { |