1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
/*
* Copyright (c) 2018, [Ribose Inc](https://www.ribose.com).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <rnp/rnp.h>
#include <string.h>
#include <time.h>
#define RNP_SUCCESS 0
/* sample pass provider implementation, which always return 'password' */
static bool
example_pass_provider(rnp_ffi_t ffi,
void * app_ctx,
rnp_key_handle_t key,
const char * pgp_context,
char buf[],
size_t buf_len)
{
strncpy(buf, "password", buf_len);
return true;
}
static int
ffi_sign()
{
rnp_ffi_t ffi = NULL;
rnp_input_t keyfile = NULL;
rnp_input_t input = NULL;
rnp_output_t output = NULL;
rnp_op_sign_t sign = NULL;
rnp_key_handle_t key = NULL;
const char * message = "RNP signing sample message";
int result = 1;
/* initialize FFI object */
if (rnp_ffi_create(&ffi, "GPG", "GPG") != RNP_SUCCESS) {
return result;
}
/* load secret keyring, as it is required for signing. However, you may need to load public
* keyring as well to validate key's signatures. */
if (rnp_input_from_path(&keyfile, "secring.pgp") != RNP_SUCCESS) {
fprintf(stdout, "failed to open secring.pgp. Did you run ./generate sample?\n");
goto finish;
}
/* we may use RNP_LOAD_SAVE_SECRET_KEYS | RNP_LOAD_SAVE_PUBLIC_KEYS as well */
if (rnp_load_keys(ffi, "GPG", keyfile, RNP_LOAD_SAVE_SECRET_KEYS) != RNP_SUCCESS) {
fprintf(stdout, "failed to read secring.pgp\n");
goto finish;
}
rnp_input_destroy(keyfile);
keyfile = NULL;
/* set the password provider - we'll need password to unlock secret keys */
rnp_ffi_set_pass_provider(ffi, example_pass_provider, NULL);
/* create file input and memory output objects for the encrypted message and decrypted
* message */
if (rnp_input_from_memory(&input, (uint8_t *) message, strlen(message), false) !=
RNP_SUCCESS) {
fprintf(stdout, "failed to create input object\n");
goto finish;
}
if (rnp_output_to_path(&output, "signed.asc") != RNP_SUCCESS) {
fprintf(stdout, "failed to create output object\n");
goto finish;
}
/* initialize and configure sign operation, use
* rnp_op_sign_create_cleartext/rnp_op_sign_create_detached for cleartext or detached
* signature. */
if (rnp_op_sign_create(&sign, ffi, input, output) != RNP_SUCCESS) {
fprintf(stdout, "failed to create sign operation\n");
goto finish;
}
/* armor, file name, compression */
rnp_op_sign_set_armor(sign, true);
rnp_op_sign_set_file_name(sign, "message.txt");
rnp_op_sign_set_file_mtime(sign, (uint32_t) time(NULL));
rnp_op_sign_set_compression(sign, "ZIP", 6);
/* signatures creation time - by default will be set to the current time as well */
rnp_op_sign_set_creation_time(sign, (uint32_t) time(NULL));
/* signatures expiration time - by default will be 0, i.e. never expire */
rnp_op_sign_set_expiration_time(sign, 365 * 24 * 60 * 60);
/* set hash algorithm - should be compatible for all signatures */
rnp_op_sign_set_hash(sign, RNP_ALGNAME_SHA256);
/* now add signatures. First locate the signing key, then add and setup signature */
/* RSA signature */
if (rnp_locate_key(ffi, "userid", "rsa@key", &key) != RNP_SUCCESS) {
fprintf(stdout, "failed to locate signing key rsa@key.\n");
goto finish;
}
/* we do not need pointer to the signature so passing NULL as the last parameter */
if (rnp_op_sign_add_signature(sign, key, NULL) != RNP_SUCCESS) {
fprintf(stdout, "failed to add signature for key rsa@key.\n");
goto finish;
}
/* do not forget to destroy key handle */
rnp_key_handle_destroy(key);
key = NULL;
/* EdDSA signature */
if (rnp_locate_key(ffi, "userid", "25519@key", &key) != RNP_SUCCESS) {
fprintf(stdout, "failed to locate signing key 25519@key.\n");
goto finish;
}
if (rnp_op_sign_add_signature(sign, key, NULL) != RNP_SUCCESS) {
fprintf(stdout, "failed to add signature for key 25519@key.\n");
goto finish;
}
rnp_key_handle_destroy(key);
key = NULL;
/* finally do signing */
if (rnp_op_sign_execute(sign) != RNP_SUCCESS) {
fprintf(stdout, "failed to sign\n");
goto finish;
}
fprintf(stdout, "Signing succeeded. See file signed.asc.\n");
result = 0;
finish:
rnp_input_destroy(keyfile);
rnp_key_handle_destroy(key);
rnp_op_sign_destroy(sign);
rnp_input_destroy(input);
rnp_output_destroy(output);
rnp_ffi_destroy(ffi);
return result;
}
int
main(int argc, char **argv)
{
return ffi_sign();
}
|
