libubox
C utility functions for OpenWrt.
test-blob-parse.c
Go to the documentation of this file.
1 /*
2  * Based on certificate dump functionality from ucert.c:
3  *
4  * Copyright (C) 2018 Daniel Golle <daniel@makrotopia.org>
5  * SPDX-License-Identifier: GPL-3.0
6  *
7  */
8 
9 #include <stdio.h>
10 #include <stdint.h>
11 #include <stddef.h>
12 #include <libgen.h>
13 
14 #include "blob.h"
15 #include "list.h"
16 #include "blobmsg_json.h"
17 
18 #define CERT_BUF_LEN 4096
19 
20 /*
21  * ucert structure
22  * | BLOB |
23  * | SIGNATURE | PAYLOAD |
24  * | |[ BLOBMSG CONTAINER ]|
25  * | |[[T,i,v,e,f,pubkey ]]|
26  */
27 enum cert_attr {
28  CERT_ATTR_SIGNATURE,
29  CERT_ATTR_PAYLOAD,
30  CERT_ATTR_MAX
31 };
32 
33 static const struct blob_attr_info cert_policy[CERT_ATTR_MAX] = {
34  [CERT_ATTR_SIGNATURE] = { .type = BLOB_ATTR_BINARY },
35  [CERT_ATTR_PAYLOAD] = { .type = BLOB_ATTR_NESTED },
36 };
37 
38 enum cert_cont_attr {
39  CERT_CT_ATTR_PAYLOAD,
40  CERT_CT_ATTR_MAX
41 };
42 
43 enum cert_payload_attr {
44  CERT_PL_ATTR_CERTTYPE,
45  CERT_PL_ATTR_CERTID,
46  CERT_PL_ATTR_VALIDFROMTIME,
47  CERT_PL_ATTR_EXPIRETIME,
48  CERT_PL_ATTR_PUBKEY,
49  CERT_PL_ATTR_KEY_FINGERPRINT,
50  CERT_PL_ATTR_MAX
51 };
52 
53 enum certtype_id {
54  CERTTYPE_UNSPEC,
55  CERTTYPE_AUTH,
56  CERTTYPE_REVOKE
57 };
58 
59 /* list to store certificate chain at runtime */
60 struct cert_object {
61  struct list_head list;
62  struct blob_attr *cert[CERT_ATTR_MAX];
63 };
64 
65 static int cert_load(const char *certfile, struct list_head *chain)
66 {
67  FILE *f;
68  struct blob_attr *certtb[CERT_ATTR_MAX];
69  struct blob_attr *bufpt;
70  struct cert_object *cobj;
71  char *filebuf = NULL;
72  int ret = 0, pret = 0;
73  size_t len, pos = 0;
74 
75  f = fopen(certfile, "r");
76  if (!f)
77  return 1;
78 
79  filebuf = malloc(CERT_BUF_LEN+1);
80  if (!filebuf)
81  return 1;
82 
83  len = fread(filebuf, 1, CERT_BUF_LEN, f);
84  if (len < 64) {
85  free(filebuf);
86  return 1;
87  }
88 
89  ret = ferror(f) || !feof(f);
90  fclose(f);
91  if (ret) {
92  free(filebuf);
93  return 1;
94  }
95 
96  bufpt = (struct blob_attr *)filebuf;
97  do {
98  pret = blob_parse_untrusted(bufpt, len, certtb, cert_policy, CERT_ATTR_MAX);
99  if (pret <= 0)
100  /* no attributes found */
101  break;
102 
103  if (pos + blob_pad_len(bufpt) > len)
104  /* blob exceeds filebuffer */
105  break;
106  else
107  pos += blob_pad_len(bufpt);
108 
109  if (!certtb[CERT_ATTR_SIGNATURE])
110  /* no signature -> drop */
111  break;
112 
113  cobj = calloc(1, sizeof(*cobj));
114  cobj->cert[CERT_ATTR_SIGNATURE] = blob_memdup(certtb[CERT_ATTR_SIGNATURE]);
115  if (certtb[CERT_ATTR_PAYLOAD])
116  cobj->cert[CERT_ATTR_PAYLOAD] = blob_memdup(certtb[CERT_ATTR_PAYLOAD]);
117 
118  list_add_tail(&cobj->list, chain);
119  ret += pret;
120  /* repeat parsing while there is still enough remaining data in buffer */
121  } while(len > pos + sizeof(struct blob_attr) && (bufpt = blob_next(bufpt)));
122 
123  free(filebuf);
124  return (ret <= 0);
125 }
126 
127 /* dump single chain element to console */
128 static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX])
129 {
130  int i;
131  char *json = NULL;
132 
133  for (i = 0; i < CERT_ATTR_MAX; i++) {
134  struct blob_attr *v = cert[i];
135 
136  if (!v)
137  continue;
138 
139  switch(cert_policy[i].type) {
140  case BLOB_ATTR_BINARY:
141  fprintf(stdout, "signature:\n---\n%s---\n", (char *) blob_data(v));
142  break;
143  case BLOB_ATTR_NESTED:
144  json = blobmsg_format_json_indent(blob_data(v), false, 0);
145  if (!json)
146  continue;
147 
148  fprintf(stdout, "payload:\n---\n%s\n---\n", json);
149  free(json);
150  break;
151  }
152  }
153 }
154 
155 static int cert_dump(const char *certfile)
156 {
157  struct cert_object *cobj;
158  static LIST_HEAD(certchain);
159  unsigned int count = 0;
160 
161  if (cert_load(certfile, &certchain)) {
162  fprintf(stderr, "cannot parse cert %s\n", basename((char *) certfile));
163  return 1;
164  }
165 
166  list_for_each_entry(cobj, &certchain, list) {
167  fprintf(stdout, "=== CHAIN ELEMENT %02u ===\n", ++count);
168  cert_dump_blob(cobj->cert);
169  }
170 
171  return 0;
172 }
173 
174 int main(int argc, char *argv[])
175 {
176  if (argc != 2) {
177  fprintf(stderr, "Usage: %s <cert.ucert>\n", argv[0]);
178  return 3;
179  }
180 
181  cert_dump(argv[1]);
182 
183  return 0;
184 }
blob_parse_untrusted
int blob_parse_untrusted(struct blob_attr *attr, size_t attr_len, struct blob_attr **data, const struct blob_attr_info *info, int max)
Definition: blob.c:272
blob_memdup
struct blob_attr * blob_memdup(struct blob_attr *attr)
Definition: blob.c:326
BLOB_ATTR_BINARY
@ BLOB_ATTR_BINARY
Definition: blob.h:36
BLOB_ATTR_NESTED
@ BLOB_ATTR_NESTED
Definition: blob.h:35
blob_pad_len
static size_t blob_pad_len(const struct blob_attr *attr)
Definition: blob.h:118
blob_next
static struct blob_attr * blob_next(const struct blob_attr *attr)
Definition: blob.h:185
blob_data
static void * blob_data(const struct blob_attr *attr)
Definition: blob.h:75
blobmsg_json.h
blobmsg_format_json_indent
static char * blobmsg_format_json_indent(struct blob_attr *attr, bool list, int indent)
Definition: blobmsg_json.h:40
LIST_HEAD
#define LIST_HEAD(name)
Definition: list.h:60
list_add_tail
static void list_add_tail(struct list_head *_new, struct list_head *head)
Definition: list.h:165
list_for_each_entry
#define list_for_each_entry(p, h, field)
Definition: list.h:132
blob_attr_info
Definition: blob.h:57
blob_attr_info::type
unsigned int type
Definition: blob.h:58
blob_attr
Definition: blob.h:52
cert_object
Definition: test-blob-parse.c:60
cert_object::cert
struct blob_attr * cert[CERT_ATTR_MAX]
Definition: test-blob-parse.c:62
cert_object::list
struct list_head list
Definition: test-blob-parse.c:61
list_head
Definition: list.h:53
cert_cont_attr
cert_cont_attr
Definition: test-blob-parse.c:38
CERT_CT_ATTR_MAX
@ CERT_CT_ATTR_MAX
Definition: test-blob-parse.c:40
CERT_CT_ATTR_PAYLOAD
@ CERT_CT_ATTR_PAYLOAD
Definition: test-blob-parse.c:39
main
int main(int argc, char *argv[])
Definition: test-blob-parse.c:174
cert_policy
static const struct blob_attr_info cert_policy[CERT_ATTR_MAX]
Definition: test-blob-parse.c:33
cert_attr
cert_attr
Definition: test-blob-parse.c:27
CERT_ATTR_MAX
@ CERT_ATTR_MAX
Definition: test-blob-parse.c:30
CERT_ATTR_SIGNATURE
@ CERT_ATTR_SIGNATURE
Definition: test-blob-parse.c:28
CERT_ATTR_PAYLOAD
@ CERT_ATTR_PAYLOAD
Definition: test-blob-parse.c:29
CERT_BUF_LEN
#define CERT_BUF_LEN
Definition: test-blob-parse.c:18
cert_dump_blob
static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX])
Definition: test-blob-parse.c:128
cert_load
static int cert_load(const char *certfile, struct list_head *chain)
Definition: test-blob-parse.c:65
cert_payload_attr
cert_payload_attr
Definition: test-blob-parse.c:43
CERT_PL_ATTR_PUBKEY
@ CERT_PL_ATTR_PUBKEY
Definition: test-blob-parse.c:48
CERT_PL_ATTR_MAX
@ CERT_PL_ATTR_MAX
Definition: test-blob-parse.c:50
CERT_PL_ATTR_CERTTYPE
@ CERT_PL_ATTR_CERTTYPE
Definition: test-blob-parse.c:44
CERT_PL_ATTR_CERTID
@ CERT_PL_ATTR_CERTID
Definition: test-blob-parse.c:45
CERT_PL_ATTR_KEY_FINGERPRINT
@ CERT_PL_ATTR_KEY_FINGERPRINT
Definition: test-blob-parse.c:49
CERT_PL_ATTR_EXPIRETIME
@ CERT_PL_ATTR_EXPIRETIME
Definition: test-blob-parse.c:47
CERT_PL_ATTR_VALIDFROMTIME
@ CERT_PL_ATTR_VALIDFROMTIME
Definition: test-blob-parse.c:46
certtype_id
certtype_id
Definition: test-blob-parse.c:53
CERTTYPE_REVOKE
@ CERTTYPE_REVOKE
Definition: test-blob-parse.c:56
CERTTYPE_UNSPEC
@ CERTTYPE_UNSPEC
Definition: test-blob-parse.c:54
CERTTYPE_AUTH
@ CERTTYPE_AUTH
Definition: test-blob-parse.c:55
cert_dump
static int cert_dump(const char *certfile)
Definition: test-blob-parse.c:155
FILE
FILE(GLOB test_cases "test-*.c") MACRO(ADD_FUZZER_TEST name) ADD_EXECUTABLE($
Definition: CMakeLists.txt:1
type
uint8_t type
Definition: udebug-proto.h:0