catcrypt.c, catsign.c: Shorten chunk sizes.

[u/mdw/catacomb] / dsig.c

diff --git a/dsig.c b/dsig.c
index a8fc2f9..c379e94 100644 (file)
--- a/dsig.c
+++ b/dsig.c
@@ -7,7 +7,7 @@
  * (c) 2000 Straylight/Edgeware
  */
 
-/*----- Licensing notice --------------------------------------------------* 
+/*----- Licensing notice --------------------------------------------------*
  *
  * This file is part of Catacomb.
  *
@@ -15,12 +15,12 @@
  * it under the terms of the GNU Library General Public License as
  * published by the Free Software Foundation; either version 2 of the
  * License, or (at your option) any later version.
- * 
+ *
  * Catacomb is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU Library General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU Library General Public
  * License along with Catacomb; if not, write to the Free
  * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
@@ -585,7 +585,7 @@ static void bemit(block *b, FILE *fp, ghash *h, unsigned bin)
   if (fp && !bin)
     bwrite(b, fp);
 }
-    
+
 /*----- Static variables --------------------------------------------------*/
 
 static const char *keyring = "keyring";
@@ -645,7 +645,7 @@ static void fhex(FILE *fp, const void *p, size_t sz)
     if (!sz)
       break;
   }
-}    
+}
 
 /*----- Signature generation ----------------------------------------------*/
 
@@ -654,6 +654,7 @@ static int sign(int argc, char *argv[])
 #define f_raw 1u
 #define f_bin 2u
 #define f_bogus 4u
+#define f_nocheck 8u
 
   unsigned f = 0;
   const char *ki = "dsig";
@@ -682,9 +683,10 @@ static int sign(int argc, char *argv[])
       { "output",      OPTF_ARGREQ,    0,      'o' },
       { "key",         OPTF_ARGREQ,    0,      'k' },
       { "expire",      OPTF_ARGREQ,    0,      'e' },
+      { "nocheck",     OPTF_ARGREQ,    0,      'C' },
       { 0,             0,              0,      0 }
     };
-    int i = mdwopt(argc, argv, "+0vqb" "c:" "f:o:" "k:e:", opts, 0, 0, 0);
+    int i = mdwopt(argc, argv, "+0vqbC" "c:" "f:o:" "k:e:", opts, 0, 0, 0);
     if (i < 0)
       break;
     switch (i) {
@@ -701,6 +703,9 @@ static int sign(int argc, char *argv[])
        if (verb > 0)
          verb--;
        break;
+      case 'C':
+       f |= f_nocheck;
+       break;
       case 'c':
        c = optarg;
        break;
@@ -742,7 +747,7 @@ static int sign(int argc, char *argv[])
 
   /* --- Check the key --- */
 
-  if ((err = s->ops->check(s)) != 0)
+  if (!(f & f_nocheck) && (err = s->ops->check(s)) != 0)
     moan("key `%s' fails check: %s", d.buf, err);
 
   /* --- Open files --- */
@@ -766,7 +771,7 @@ static int sign(int argc, char *argv[])
   binit(&b); b.tag = T_IDENT;
   dstr_putf(&b.d, "%s, Catacomb version " VERSION, QUIS);
   bemit(&b, ofp, 0, f & f_bin);
-  
+
   breset(&b); b.tag = T_KEYID; b.k = k->id;
   bemit(&b, ofp, 0, f & f_bin);
 
@@ -864,6 +869,7 @@ static int sign(int argc, char *argv[])
 #undef f_raw
 #undef f_bin
 #undef f_bogus
+#undef f_nocheck
 }
 
 /*----- Signature verification --------------------------------------------*/
@@ -873,6 +879,7 @@ static int verify(int argc, char *argv[])
 #define f_bogus 1u
 #define f_bin 2u
 #define f_ok 4u
+#define f_nocheck 8u
 
   unsigned f = 0;
   unsigned verb = 1;
@@ -891,9 +898,10 @@ static int verify(int argc, char *argv[])
     static struct option opts[] = {
       { "verbose",     0,              0,      'v' },
       { "quiet",       0,              0,      'q' },
+      { "nocheck",     0,              0,      'C' },
       { 0,             0,              0,      0 }
     };
-    int i = mdwopt(argc, argv, "+vq", opts, 0, 0, 0);
+    int i = mdwopt(argc, argv, "+vqC", opts, 0, 0, 0);
     if (i < 0)
       break;
     switch (i) {
@@ -904,6 +912,9 @@ static int verify(int argc, char *argv[])
        if (verb)
          verb--;
        break;
+      case 'C':
+       f |= f_nocheck;
+       break;
       default:
        f |= f_bogus;
        break;
@@ -912,7 +923,7 @@ static int verify(int argc, char *argv[])
   argc -= optind;
   argv += optind;
   if ((f & f_bogus) || argc > 1)
-    die(EXIT_FAILURE, "Usage: verify [-qv] [FILE]");
+    die(EXIT_FAILURE, "Usage: verify [-qvC] [FILE]");
 
   /* --- Open the key file, and start reading the input file --- */
 
@@ -979,7 +990,7 @@ static int verify(int argc, char *argv[])
   }
 
   s = getsig(k, "dsig", 0);
-  if (verb && (err = s->ops->check(s)) != 0)
+  if (!(f & f_nocheck) && verb && (err = s->ops->check(s)) != 0)
     printf("WARN public key fails check: %s", err);
 
   for (;;) {
@@ -1072,6 +1083,7 @@ done:
 #undef f_bogus
 #undef f_bin
 #undef f_ok
+#undef f_nocheck
 }
 
 /*----- Main code ---------------------------------------------------------*/
@@ -1097,7 +1109,7 @@ static cmd cmdtab[] = {
   { "help", cmd_help, "help [COMMAND...]" },
   { "show", cmd_show, "show [ITEM...]" },
   { "sign", sign,
-    "sign [-0bqv] [-c COMMENT] [-k TAG] [-e EXPIRE]\n\t\
+    "sign [-0bqvC] [-c COMMENT] [-k TAG] [-e EXPIRE]\n\t\
 [-f FILE] [-o OUTPUT]",
     "\
 Options:\n\
@@ -1106,6 +1118,7 @@ Options:\n\
 -b, --binary           Produce a binary output file.\n\
 -q, --quiet            Produce fewer messages while working.\n\
 -v, --verbose          Produce more messages while working.\n\
+-C, --nocheck          Don't check the private key.\n\
 -c, --comment=COMMENT  Include COMMENT in the output file.\n\
 -f, --file=FILE                Read filenames to hash from FILE.\n\
 -o, --output=FILE      Write the signed result to FILE.\n\
@@ -1113,11 +1126,12 @@ Options:\n\
 -e, --expire=TIME      The signature should expire after TIME.\n\
 " },
   { "verify", verify,
-    "verify [-qv] [FILE]", "\
+    "verify [-qvC] [FILE]", "\
 Options:\n\
 \n\
 -q, --quiet            Produce fewer messages while working.\n\
 -v, --verbose          Produce more messages while working.\n\
+-C, --nocheck          Don't check the public key.\n\
 " },
   { 0, 0, 0 }
 };