summaryrefslogtreecommitdiff
path: root/legacy/eet/src/bin
diff options
context:
space:
mode:
authorCedric BAIL <cedric.bail@free.fr>2008-09-08 09:19:57 +0000
committerCedric BAIL <cedric.bail@free.fr>2008-09-08 09:19:57 +0000
commit46b7796946d58e83cd24dbed2b9de670d7cf4937 (patch)
tree2534bd2cf3e9613fe7a0ad88e35c32adc3040d88 /legacy/eet/src/bin
parentaa2fded0fc262199480338243a024c835e43c1b0 (diff)
Add signature support in eet.
You can use eet -s to sign a eet file and eet -c to check its signature. The current code doesn't check any certificate trust path, only if the signature match the certificate and that the certificate could be loaded. If that's not the case, eet_open will fail. If the file is not signed, eet_open will just continue to succeed. SVN revision: 35882
Diffstat (limited to 'legacy/eet/src/bin')
-rw-r--r--legacy/eet/src/bin/eet_main.c58
1 files changed, 58 insertions, 0 deletions
diff --git a/legacy/eet/src/bin/eet_main.c b/legacy/eet/src/bin/eet_main.c
index 539cec8854..0db402641a 100644
--- a/legacy/eet/src/bin/eet_main.c
+++ b/legacy/eet/src/bin/eet_main.c
@@ -200,6 +200,50 @@ do_eet_remove(const char *file, const char *key)
200 eet_close(ef); 200 eet_close(ef);
201} 201}
202 202
203static void
204do_eet_check(const char *file)
205{
206 Eet_File *ef;
207 const void *der;
208 int der_length;
209
210 ef = eet_open(file, EET_FILE_MODE_READ);
211 if (!ef)
212 {
213 fprintf(stdout, "checking signature of `%s` failed\n", file);
214 exit(-1);
215 }
216
217 der = eet_identity_x509(ef, &der_length);
218
219 eet_identity_certificate_print(der, der_length, stdout);
220
221 eet_close(ef);
222}
223
224static void
225do_eet_sign(const char *file, const char *private_key, const char *public_key)
226{
227 Eet_File *ef;
228 Eet_Key *key;
229
230 ef = eet_open(file, EET_FILE_MODE_READ_WRITE);
231 if (!ef)
232 {
233 fprintf(stdout, "cannot open for read+write: %s.\n", file);
234 exit(-1);
235 }
236
237 key = eet_identity_open(public_key, private_key, NULL);
238
239 fprintf(stdout, "Using the following key to sign `%s`.\n", file);
240 eet_identity_print(key, stdout);
241
242 eet_identity_set(ef, key);
243
244 eet_close(ef);
245}
246
203int 247int
204main(int argc, char **argv) 248main(int argc, char **argv)
205{ 249{
@@ -214,6 +258,8 @@ main(int argc, char **argv)
214 " eet -i FILE.EET KEY IN-FILE COMPRESS insert data to KEY in FILE.EET from IN-FILE and if COMPRESS is 1, compress it\n" 258 " eet -i FILE.EET KEY IN-FILE COMPRESS insert data to KEY in FILE.EET from IN-FILE and if COMPRESS is 1, compress it\n"
215 " eet -e FILE.EET KEY IN-FILE COMPRESS insert and encode to KEY in FILE.EET from IN-FILE and if COMPRESS is 1, compress it\n" 259 " eet -e FILE.EET KEY IN-FILE COMPRESS insert and encode to KEY in FILE.EET from IN-FILE and if COMPRESS is 1, compress it\n"
216 " eet -r FILE.EET KEY remove KEY in FILE.EET\n" 260 " eet -r FILE.EET KEY remove KEY in FILE.EET\n"
261 " eet -c FILE.EET report and check the signature information of an eet file\n"
262 " eet -s FILE.EET PRIVATE_KEY PUBLIC_KEY sign FILE.EET with PRIVATE_KEY and attach PUBLIC_KEY as it's certificate\n"
217 ); 263 );
218 eet_shutdown(); 264 eet_shutdown();
219 return -1; 265 return -1;
@@ -250,6 +296,18 @@ main(int argc, char **argv)
250 { 296 {
251 goto help; 297 goto help;
252 } 298 }
299 else if ((!strcmp(argv[1], "-c")) && (argc > 2))
300 {
301 do_eet_check(argv[2]);
302 }
303 else if ((!strcmp(argv[1], "-s")) && (argc > 4))
304 {
305 do_eet_sign(argv[2], argv[3], argv[4]);
306 }
307 else
308 {
309 goto help;
310 }
253 eet_shutdown(); 311 eet_shutdown();
254 return 0; 312 return 0;
255} 313}