static void
usage(void)
{
sign_usage();
verify_usage();
exit(1);
}
void
sign(int argc, char *argv[])
{
struct key *key;
char *gzipfile, tmppath[MAXPATHLEN];
FILE *fin, *fout;
int i, fd, error, qflag;
qflag = 0;
while ((i = getopt(argc, argv, "qvf:")) != -1) {
switch (i) {
case 'q':
qflag = 1;
break;
case 'v':
qflag = 0;
break;
case 'f':
passphrase_file = optarg;
break;
default:
sign_usage();
exit(1);
}
}
argc -= optind;
argv += optind;
if (argc < 1) {
sign_usage();
exit(1);
}
OpenSSL_add_all_algorithms();
if ((key = key_new()) == NULL)
fatal(1, "Couldn't initialize private key");
if (key_load_private(key, argv[0]) < 0)
fatal(1, "Couldn't load private key");
if (argc == 1 || *argv[1] == '-') {
argc = 0;
if (embed_signature(key, stdin, stdout) == 0) {
if (!qflag)
fprintf(stderr, "Signed input\n");
} else
fatal(1, "Couldn't sign input");
}
for (i = 1; i < argc; i++) {
gzipfile = argv[i];
if ((fin = fopen(gzipfile, "r+")) == NULL) {
fprintf(stderr, "Error opening %s: %s\n",
gzipfile, strerror(errno));
continue;
}
snprintf(tmppath, sizeof(tmppath), "%s.XXXXXX", gzipfile);
if ((fd = mkstemp(tmppath)) < 0) {
fprintf(stderr, "Error creating %s: %s\n",
tmppath, strerror(errno));
fclose(fin);
continue;
}
if ((fout = fdopen(fd, "w")) == NULL) {
fprintf(stderr, "Error opening %s: %s\n",
tmppath, strerror(errno));
fclose(fin);
close(fd);
continue;
}
if (copy_permissions(fileno(fin), fd) < 0) {
fprintf(stderr, "Error initializing %s: %s\n",
tmppath, strerror(errno));
fclose(fin);
fclose(fout);
continue;
}
error = embed_signature(key, fin, fout);
fclose(fin);
fclose(fout);
if (!error) {
if (rename(tmppath, gzipfile) < 0) {
unlink(tmppath);
fatal(1, "Couldn't sign %s", gzipfile);
}
if (!qflag)
fprintf(stderr, "Signed %s\n", gzipfile);
} else {
unlink(tmppath);
fatal(1, "Couldn't sign %s", gzipfile);
}
}
key_free(key);
}
