projects
/
u
/
mdw
/
catacomb
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
pgroups: Ship a keyring file containing the custom prime groups.
[u/mdw/catacomb]
/
catsign.c
diff --git
a/catsign.c
b/catsign.c
index
ce05618
..
727c980
100644
(file)
--- a/
catsign.c
+++ b/
catsign.c
@@
-91,6
+91,7
@@
typedef struct sigmsg {
#define F_BOGUS 128u
#define F_BUFFER 256u
#define F_UTC 512u
#define F_BOGUS 128u
#define F_BUFFER 256u
#define F_UTC 512u
+#define F_NOCHECK 1024u
/*----- Chunk I/O ---------------------------------------------------------*/
/*----- Chunk I/O ---------------------------------------------------------*/
@@
-366,7
+367,7
@@
static void keyhash(key *k, sig *s, dstr *d)
ghash *h;
key_filter kf;
ghash *h;
key_filter kf;
- h = GH_INIT(
GH_CLASS(s->h)
);
+ h = GH_INIT(
s->ch
);
kf.f = KCAT_PUB;
kf.m = KF_CATMASK;
key_fingerprint(k, h, &kf);
kf.f = KCAT_PUB;
kf.m = KF_CATMASK;
key_fingerprint(k, h, &kf);
@@
-453,9
+454,10
@@
static int sign(int argc, char *argv[])
{ "format", OPTF_ARGREQ, 0, 'f' },
{ "output", OPTF_ARGREQ, 0, 'o' },
{ "text", 0, 0, 't' },
{ "format", OPTF_ARGREQ, 0, 'f' },
{ "output", OPTF_ARGREQ, 0, 'o' },
{ "text", 0, 0, 't' },
+ { "nocheck", 0, 0, 'C' },
{ 0, 0, 0, 0 }
};
{ 0, 0, 0, 0 }
};
- i = mdwopt(argc, argv, "k:f:o:abdt", opt, 0, 0, 0);
+ i = mdwopt(argc, argv, "k:f:o:abdt
C
", opt, 0, 0, 0);
if (i < 0) break;
switch (i) {
case 'k': kn = optarg; break;
if (i < 0) break;
switch (i) {
case 'k': kn = optarg; break;
@@
-465,6
+467,7
@@
static int sign(int argc, char *argv[])
case 't': f &= ~F_BINARY; break;
case 'b': f |= F_BINARY; break;
case 'd': f |= F_DETACH; break;
case 't': f &= ~F_BINARY; break;
case 'b': f |= F_BINARY; break;
case 'd': f |= F_DETACH; break;
+ case 'C': f |= F_NOCHECK; break;
default: f |= F_BOGUS; break;
}
}
default: f |= F_BOGUS; break;
}
}
@@
-494,7
+497,7
@@
static int sign(int argc, char *argv[])
dstr_reset(&d);
key_fulltag(k, &d);
s.s = getsig(k, "ccsig", 1);
dstr_reset(&d);
key_fulltag(k, &d);
s.s = getsig(k, "ccsig", 1);
- if ((err = s.s->ops->check(s.s)) != 0)
+ if (
!(f & F_NOCHECK) &&
(err = s.s->ops->check(s.s)) != 0)
moan("key %s fails check: %s", d.buf, err);
keyhash(k, s.s, &s.kh);
e = initenc(eo, ofp,
moan("key %s fails check: %s", d.buf, err);
keyhash(k, s.s, &s.kh);
e = initenc(eo, ofp,
@@
-600,9
+603,10
@@
static int verify(int argc, char *argv[])
{ "fresh-time", 0, 0, 't' },
{ "gmt", 0, 0, 'u' },
{ "verbose", 0, 0, 'v' },
{ "fresh-time", 0, 0, 't' },
{ "gmt", 0, 0, 'u' },
{ "verbose", 0, 0, 'v' },
+ { "nocheck", 0, 0, 'C' },
{ 0, 0, 0, 0 }
};
{ 0, 0, 0, 0 }
};
- i = mdwopt(argc, argv, "k:f:o:abqt:uv", opt, 0, 0, 0);
+ i = mdwopt(argc, argv, "k:f:o:abqt:uv
C
", opt, 0, 0, 0);
if (i < 0) break;
switch (i) {
case 'a': ef = "pem"; break;
if (i < 0) break;
switch (i) {
case 'a': ef = "pem"; break;
@@
-611,6
+615,7
@@
static int verify(int argc, char *argv[])
case 'f': ef = optarg; break;
case 'o': of = optarg; break;
case 'u': v.f |= F_UTC; break;
case 'f': ef = optarg; break;
case 'o': of = optarg; break;
case 'u': v.f |= F_UTC; break;
+ case 'C': v.f |= F_NOCHECK; break;
case 't':
if (strcmp(optarg, "always") == 0) t_fresh = 0;
else if ((t_fresh = get_date(optarg, 0)) < 0)
case 't':
if (strcmp(optarg, "always") == 0) t_fresh = 0;
else if ((t_fresh = get_date(optarg, 0)) < 0)
@@
-672,7
+677,7
@@
static int verify(int argc, char *argv[])
s.s = getsig(k, "ccsig", 0);
dstr_reset(&d); key_fulltag(k, &d);
s.s = getsig(k, "ccsig", 0);
dstr_reset(&d); key_fulltag(k, &d);
- if (v.verb && (err = s.s->ops->check(s.s)) != 0)
+ if (
!(v.f & F_NOCHECK) &&
v.verb && (err = s.s->ops->check(s.s)) != 0)
printf("WARN verification key %s fails check: %s\n", d.buf, err);
dstr_reset(&dd); keyhash(k, s.s, &dd);
printf("WARN verification key %s fails check: %s\n", d.buf, err);
dstr_reset(&dd); keyhash(k, s.s, &dd);
@@
-1053,7
+1058,7
@@
static cmd cmdtab[] = {
CMD_ENCODE,
CMD_DECODE,
{ "sign", sign,
CMD_ENCODE,
CMD_DECODE,
{ "sign", sign,
- "sign [-adt] [-k TAG] [-f FORMAT] [-o OUTPUT] [FILE]", "\
+ "sign [-adt
C
] [-k TAG] [-f FORMAT] [-o OUTPUT] [FILE]", "\
Options:\n\
\n\
-a, --armour Same as `-f pem'.\n\
Options:\n\
\n\
-a, --armour Same as `-f pem'.\n\
@@
-1063,9
+1068,10
@@
Options:\n\
-k, --key=TAG Use public encryption key named by TAG.\n\
-o, --output=FILE Write output to FILE.\n\
-t, --text Canonify input message as a text file.\n\
-k, --key=TAG Use public encryption key named by TAG.\n\
-o, --output=FILE Write output to FILE.\n\
-t, --text Canonify input message as a text file.\n\
+-C, --nocheck Don't check the private key.\n\
" },
{ "verify", verify,
" },
{ "verify", verify,
- "verify [-abquv] [-f FORMAT] [-k TAG] [-o OUTPUT]\n\t\
+ "verify [-abquv
C
] [-f FORMAT] [-k TAG] [-o OUTPUT]\n\t\
[FILE [MESSAGE]]", "\
Options:\n\
\n\
[FILE [MESSAGE]]", "\
Options:\n\
\n\
@@
-1078,6
+1084,7
@@
Options:\n\
-t, --freshtime=TIME Only accept signatures made after this time.\n\
-u, --utc Show dates in UTC rather than local time.\n\
-v, --verbose Produce more verbose messages.\n\
-t, --freshtime=TIME Only accept signatures made after this time.\n\
-u, --utc Show dates in UTC rather than local time.\n\
-v, --verbose Produce more verbose messages.\n\
+-C, --nocheck Don't check the public key.\n\
" },
{ "info", info,
"info [-au] [-f FORMAT] [FILE]", "\
" },
{ "info", info,
"info [-au] [-f FORMAT] [FILE]", "\