let the signer sign

This commit is contained in:
Klas Lindfors
2014-09-26 16:23:03 +02:00
parent a7d5eb9d1c
commit 3b15949969
+33
View File
@@ -76,6 +76,7 @@ static bool sign_file(ykpiv_state *state, const char *input, const char *output,
unsigned int hash_len; unsigned int hash_len;
unsigned char hashed[EVP_MAX_MD_SIZE]; unsigned char hashed[EVP_MAX_MD_SIZE];
bool ret = false; bool ret = false;
int algo;
sscanf(slot, "%x", &key); sscanf(slot, "%x", &key);
@@ -101,6 +102,21 @@ static bool sign_file(ykpiv_state *state, const char *input, const char *output,
goto out; goto out;
} }
switch(algorithm) {
case algorithm_arg_RSA2048:
algo = YKPIV_ALGO_RSA2048;
break;
case algorithm_arg_RSA1024:
algo = YKPIV_ALGO_RSA1024;
break;
case algorithm_arg_ECCP256:
algo = YKPIV_ALGO_ECCP256;
break;
case algorithm__NULL:
default:
goto out;
}
mdctx = EVP_MD_CTX_create(); mdctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(mdctx, md, NULL); EVP_DigestInit_ex(mdctx, md, NULL);
while(!feof(input_file)) { while(!feof(input_file)) {
@@ -116,6 +132,23 @@ static bool sign_file(ykpiv_state *state, const char *input, const char *output,
fprintf(stderr, "\n"); fprintf(stderr, "\n");
} }
{
unsigned char buf[1024];
size_t len = sizeof(buf);
if(ykpiv_sign_data(state, hashed, hash_len, buf, &len, algo, key) != YKPIV_OK) {
fprintf(stderr, "failed signing file\n");
goto out;
}
if(verbosity) {
fprintf(stderr, "file signed as: ");
dump_hex(buf, len);
fprintf(stderr, "\n");
}
fwrite(buf, 1, len, output_file);
ret = true;
}
out: out:
if(input_file && input_file != stdin) { if(input_file && input_file != stdin) {
fclose(input_file); fclose(input_file);