Reconstitute and write out the secret

src/Makefile.am

@@ -4,6 +4,6 @@ gfsec_use_SOURCES = gfsec-use.c util.c util.h share.c share.h \
 		    secretcfg.c secretcfg.h \
 		    mtp-support.c mtp-support.h
 
-AM_CPPFLAGS = -I$(top_srcdir)/lib $(LIBMTP_CFLAGS)
-AM_LDFLAGS = -L$(top_builddir)/lib $(LIBMTP_LIBS)
+AM_CPPFLAGS = -I$(top_srcdir)/lib $(LIBGFSHARE_CFLAGS) $(LIBMTP_CFLAGS)
+AM_LDFLAGS = -L$(top_builddir)/lib $(LIBGFSHARE_LIBS) $(LIBMTP_LIBS)
 LDADD = -lgfsecret

src/gfsec-use.c

@@ -24,10 +24,13 @@
 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
+#include <sys/mman.h>
 
 #include <getopt.h>
 #include <err.h>
 
+#include <libgfshare.h>
+
 #include "util.h"
 #include "share.h"
 #include "secretcfg.h"
@@ -218,6 +221,66 @@ main(int argc, char **argv)
         share = share->next;
     }
 
+    if ( have_full ) {
+        share = cfg->shares;
+        while ( share ) {
+            if ( share->data && (share->flags & GFSEC_SHARE_FLAGS_FULL) > 0 )
+                break;
+            share = share->next;
+        }
+
+        printf("Using full data in %s\n", get_share_display_name(share));
+        if ( write_file(cfg->output_file, share->data, share->length) == -1 )
+            err(EXIT_FAILURE, "Cannot write secret");
+    }
+    else if ( have_shares >= cfg->threshold ) {
+        gfshare_ctx *ctx;
+        unsigned char sharenrs[255], *secret;
+        unsigned n, size;
+
+        n = size = 0;
+        share = cfg->shares;
+        while ( share ) {
+            if ( share->data && share->share_nr > 0 ) {
+                sharenrs[n++] = share->share_nr;
+
+                if ( size == 0 )
+                    size = share->length;
+                else if ( size != share->length )
+                    errx(EXIT_FAILURE, "Shares have different sizes");
+            }
+
+            share = share->next;
+        }
+
+        if ( ! (secret = malloc(size)) || mlock(secret, size) == -1 )
+            err(EXIT_FAILURE, "Cannot allocated mlocked memory");
+
+        if ( ! (ctx = gfshare_ctx_init_dec(sharenrs, n, size)) )
+            errx(EXIT_FAILURE, "Cannot initialize libgfshare context");
+
+        n = 0;
+        share = cfg->shares;
+        while ( share ) {
+            if ( share->data && share->share_nr > 0 ) {
+                printf("using share data in %s\n", get_share_display_name(share));
+                gfshare_ctx_dec_giveshare(ctx, n++, share->data);
+            }
+
+            share = share->next;
+        }
+
+        gfshare_ctx_dec_extract(ctx, secret);
+        if ( write_file(cfg->output_file, secret, size) == -1 )
+            err(EXIT_FAILURE, "Cannot write secret");
+
+        memset(secret, 0, size);
+        munlock(secret, size);
+        free(secret);
+    }
+    else
+        errx(EXIT_FAILURE, "Not enough data to reconstitute secret");
+
     gfsec_destroy_config(cfg);
 
     return EXIT_SUCCESS;

src/util.c

@@ -90,3 +90,22 @@ read_file(const char *filename, size_t *len)
 
     return blob;
 }
+
+int
+write_file(const char *filename, const unsigned char *contents, size_t len)
+{
+    FILE *f;
+    int rc;
+
+    if ( ! filename || ! contents ) {
+        errno = EINVAL;
+        return -1;
+    }
+
+    if ( (f = fopen(filename, "w")) ) {
+        rc = fwrite(contents, sizeof(char), len, f) == len ? 0 : -1;
+        fclose(f);
+    }
+
+    return rc;
+}

src/util.h

@@ -35,6 +35,9 @@ get_file_size(FILE *f);
 unsigned char *
 read_file(const char *, size_t *);
 
+int
+write_file(const char *, const unsigned char *, size_t);
+
 #ifdef __cplusplus
 }
 #endif