From 5c506322f00dcbaa596f90ebe128c12a57093106 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Wed, 6 Jun 2018 20:37:50 +0200 Subject: [PATCH] start implementing loading cert from filesystem, add validity times Signed-off-by: Daniel Golle This work was sponsored by WIO (wiowireless.com) --- ucert.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 46 insertions(+), 2 deletions(-) diff --git a/ucert.c b/ucert.c index ac04420..9afca1c 100644 --- a/ucert.c +++ b/ucert.c @@ -28,10 +28,13 @@ #include #include +#include #include #include #include +#define CERT_BUF_LEN 4096 + static enum { CMD_APPEND, CMD_DUMP, @@ -57,12 +60,15 @@ static const struct blob_attr_info cert_policy[CERT_ATTR_MAX] = { enum cert_payload_attr { CERT_PL_ATTR_CERTTYPE, CERT_PL_ATTR_CERTID, + CERT_PL_ATTR_VALIDFROMTIME, + CERT_PL_ATTR_EXPIRETIME, CERT_PL_ATTR_PUBKEY, CERT_PL_ATTR_KEY_FINGERPRINT, CERT_PL_ATTR_MAX }; enum certtype_id { + CERTTYPE_UNSPEC, CERTTYPE_AUTH, CERTTYPE_REVOKE }; @@ -70,18 +76,56 @@ enum certtype_id { static const struct blobmsg_policy cert_payload_policy[CERT_PL_ATTR_MAX] = { [CERT_PL_ATTR_CERTTYPE] = { .type = BLOBMSG_TYPE_INT8 }, [CERT_PL_ATTR_CERTID] = { .type = BLOBMSG_TYPE_INT64 }, + [CERT_PL_ATTR_VALIDFROMTIME] = { .type = BLOBMSG_TYPE_INT64 }, + [CERT_PL_ATTR_EXPIRETIME] = { .type = BLOBMSG_TYPE_INT64 }, [CERT_PL_ATTR_PUBKEY] = { .type = BLOBMSG_TYPE_STRING }, [CERT_PL_ATTR_KEY_FINGERPRINT] = { .type = BLOBMSG_TYPE_STRING }, }; + +static int cert_load(const char *certfile, struct blob_attr *certtb[]) { + FILE *f; + struct blob_buf certbuf; + int ret = 0; + char filebuf[CERT_BUF_LEN]; + int len; + + blob_buf_init(&certbuf, 0); + + f = fopen(certfile, "r"); + if (!f) + return 1; + + do { + len = fread(&filebuf, 1, CERT_BUF_LEN - 1, f); + blob_put_raw(&certbuf, filebuf, len); + } while(!feof(f) && !ferror(f)); + + ret = ferror(f); + fclose(f); + + if (ret) + return 1; + + blob_parse(certbuf.head, certtb, cert_policy, CERT_ATTR_MAX); + + return 0; +} + static int cert_append(const char *certfile, const char *pubkeyfile, const char *sigfile) { fprintf(stderr, "not implemented\n"); return 1; } static int cert_dump(const char *certfile) { - fprintf(stderr, "not implemented\n"); - return 1; + struct blob_attr *certtb[CERT_ATTR_MAX]; + + if (cert_load(certfile, certtb)) { + fprintf(stderr, "cannot parse cert\n"); + return 1; + } + + return 0; } static int cert_issue(const char *certfile, const char *pubkeyfile, const char *seckeyfile) { -- 2.25.1