static void usage(void) { sign_usage(); verify_usage(); exit(1); }
void sign(int argc, char *argv[]) { struct key *key; char *gzipfile, tmppath[MAXPATHLEN]; FILE *fin, *fout; int i, fd, error, qflag; qflag = 0; while ((i = getopt(argc, argv, "qvf:")) != -1) { switch (i) { case 'q': qflag = 1; break; case 'v': qflag = 0; break; case 'f': passphrase_file = optarg; break; default: sign_usage(); exit(1); } } argc -= optind; argv += optind; if (argc < 1) { sign_usage(); exit(1); } OpenSSL_add_all_algorithms(); if ((key = key_new()) == NULL) fatal(1, "Couldn't initialize private key"); if (key_load_private(key, argv[0]) < 0) fatal(1, "Couldn't load private key"); if (argc == 1 || *argv[1] == '-') { argc = 0; if (embed_signature(key, stdin, stdout) == 0) { if (!qflag) fprintf(stderr, "Signed input\n"); } else fatal(1, "Couldn't sign input"); } for (i = 1; i < argc; i++) { gzipfile = argv[i]; if ((fin = fopen(gzipfile, "r+")) == NULL) { fprintf(stderr, "Error opening %s: %s\n", gzipfile, strerror(errno)); continue; } snprintf(tmppath, sizeof(tmppath), "%s.XXXXXX", gzipfile); if ((fd = mkstemp(tmppath)) < 0) { fprintf(stderr, "Error creating %s: %s\n", tmppath, strerror(errno)); fclose(fin); continue; } if ((fout = fdopen(fd, "w")) == NULL) { fprintf(stderr, "Error opening %s: %s\n", tmppath, strerror(errno)); fclose(fin); close(fd); continue; } if (copy_permissions(fileno(fin), fd) < 0) { fprintf(stderr, "Error initializing %s: %s\n", tmppath, strerror(errno)); fclose(fin); fclose(fout); continue; } error = embed_signature(key, fin, fout); fclose(fin); fclose(fout); if (!error) { if (rename(tmppath, gzipfile) < 0) { unlink(tmppath); fatal(1, "Couldn't sign %s", gzipfile); } if (!qflag) fprintf(stderr, "Signed %s\n", gzipfile); } else { unlink(tmppath); fatal(1, "Couldn't sign %s", gzipfile); } } key_free(key); }