Mercurial > trustbridge > trustbridge

--- a/cinst/CMakeLists.txt	Tue Mar 18 10:03:34 2014 +0000
+++ b/cinst/CMakeLists.txt	Tue Mar 18 10:04:30 2014 +0000
@@ -1,10 +1,12 @@
 set(CMAKE_AUTOMOC OFF)

 include_directories(${POLARSSL_INCLUDE_DIR})
+include_directories(${CMAKE_SOURCE_DIR}/common)

 set(CINST_SOURCES
     ${CMAKE_SOURCE_DIR}/cinst/main.c
     ${CMAKE_SOURCE_DIR}/common/listutil.c
+    ${CMAKE_SOURCE_DIR}/common/strhelp.c
 )

 set(MOZILLA_SOURCES
--- a/cinst/main.c	Tue Mar 18 10:03:34 2014 +0000
+++ b/cinst/main.c	Tue Mar 18 10:04:30 2014 +0000
@@ -5,12 +5,95 @@
  *  process will modify system wide certificate stores.
  *  Otherwise only the users certificate stores are modified.
  *
- * TODO
+ *  It expects a certificatelist on stdin enclosed in a
+ *  -----BEGIN CERTIFICATE LIST-----
+ *  ...
+ *  -----END CERTIFICATE LIST-----
+ *
+ *  Followed by additional instruction lines of:
+ *  I:<certificate>
+ *  R:<certificate>
+ *
+ *  It will only execute the instructions if the
+ *  I and R instructions are also part of the signed
+ *  certificate list. The signature is validated with the
+ *  built in key.
+ *
+ *  The special instruction "UNINSTALL" will cause the installer
+ *  to remove all certificates (Even those marked with I) that
+ *  are part of the list to be removed.
  *
  **/
+#define MAX_LINE_LENGTH 1000
+#define MAX_LINES 1000
+#define MAX_INPUT_SIZE 2000000 /* MAX_LINE_LENGTH * (MAX_LINES *2) */

 #include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "strhelp.h"
+#include "listutil.h"
+
+/* @brief Read stdin into data structures.
+ *
+ * Reads from stdin and sorts the input into the respective
+ * variables. The pointers returned need to be freed by the caller.
+ * Terminates in OOM conditions.
+ *
+ * @returns: 0 on success. -1 otherwise.
+ */
+void readInput(char **certificateList, char ***to_install,
+              char ***to_remove)
+{
+    int lines_read = 0;
+    int readingList = 0;
+    char buf[MAX_LINE_LENGTH + 1];
+
+    while (fgets(buf, MAX_LINE_LENGTH + 1, stdin)) {
+        if (lines_read ++ > MAX_LINES) {
+            printf("Too many lines\n");
+        }
+        if (strcmp("-----BEGIN CERTIFICATE LIST-----", buf) == 0){
+            readingList = 1;
+            continue;
+        }
+        if (strcmp("-----END CERTIFICATE LIST-----", buf) == 0){
+            readingList = 0;
+            continue;
+        }
+        if (readingList) {
+            str_append_str(certificateList, buf);
+            continue;
+        }
+        if (*buf == 'I') {
+            array_append_str(to_install, buf+2);
+            continue;
+        }
+        if (*buf == 'R') {
+            array_append_str(to_remove, buf+2);
+            continue;
+        }
+        if (strcmp("UNINSTALL", buf) == 0) {
+            array_append_str(to_remove, buf);
+        }
+    }
+
+    return;
+}

 int main() {
+
+    char **to_install = NULL;
+    char **to_remove = NULL;
+    char *certificateList = NULL;
+    int ret = -1;
+
+    readInput(&certificateList, &to_install, &to_remove);
+
+    ret = verify_list(certificateList, strlen(certificateList));
+
+    printf ("Verify List returned %i\n", ret);
+
     return 0;
 }
--- a/common/listutil.c	Tue Mar 18 10:03:34 2014 +0000
+++ b/common/listutil.c	Tue Mar 18 10:04:30 2014 +0000
@@ -89,16 +89,6 @@
     return 0;
 }

-/** @brief verify the certificate list
- *
- * The public key to verify against is the static publicKeyPEM data defined
- * in the pubkey header.
- *
- *  @param [in] data the list data
- *  @param [in] size the size of the data
- *
- *  @returns 0 if the list is valid a polarssl error or -1 otherwise
- */
 int verify_list(char *data, size_t size)
 {
     int ret = -1;
--- a/common/listutil.h	Tue Mar 18 10:03:34 2014 +0000
+++ b/common/listutil.h	Tue Mar 18 10:04:30 2014 +0000
@@ -41,6 +41,18 @@
  * @return status of the operation.
  */
 list_status_t read_and_verify_list(const char *fileName, char **data, size_t *size);
+
+/** @brief verify the certificate list
+ *
+ * The public key to verify against is the static publicKeyPEM data defined
+ * in the pubkey header.
+ *
+ *  @param [in] data the list data
+ *  @param [in] size the size of the data
+ *
+ *  @returns 0 if the list is valid a polarssl error or -1 otherwise
+ */
+int verify_list(char *data, size_t size);
 #ifdef __cplusplus
 }
 #endif
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/common/strhelp.c	Tue Mar 18 10:04:30 2014 +0000
@@ -0,0 +1,111 @@
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+
+static void
+out_of_core(void)
+{
+    fputs("\nfatal: out of memory\n", stderr);
+    exit(2);
+}
+void *
+xmalloc( size_t n )
+{
+    void *p = malloc( n );
+    if( !p )
+        out_of_core();
+    return p;
+}
+
+void *
+xrealloc( void *a, size_t n )
+{
+    void *p = realloc( a, n );
+    if( !p )
+        out_of_core();
+    return p;
+}
+
+char *
+xstrdup( const char *string )
+{
+    void *p = xmalloc( strlen(string)+1 );
+    strcpy( p, string );
+    return p;
+}
+
+
+/**
+ * strv_length:
+ * @str_array: a %NULL-terminated array of strings
+ *
+ * Returns the length of the given %NULL-terminated
+ * string array @str_array.
+ *
+ * Return value: length of @str_array.
+ *
+ */
+unsigned int
+strv_length (char **str_array)
+{
+    unsigned int i = 0;
+
+    if (!str_array)
+        return 0;
+
+    while (str_array[i])
+        ++i;
+
+    return i;
+}
+
+/* @brief append a string to a NULL terminated array of strings.
+ *
+ * @param[inout] array pointer to the NULL terminated list of string pointers.
+ * @param[in] string pointer to the string to append to the list.
+ * */
+void array_append_str(char ***pArray, const char *string)
+{
+    unsigned int old_len = strv_length(*pArray);
+    *pArray = xrealloc(*pArray, sizeof(char**) * (old_len + 2));
+
+    *pArray[old_len] = xstrdup(string);
+    *pArray[old_len + 1] = NULL;
+}
+
+/* @brief append a string to another string.
+ *
+ * @param[inout] pDst pointer to the string to be extended.
+ * @param[in] appendage pointer to the string to append.
+ * */
+void str_append_str(char **pDst, const char *appendage)
+{
+    size_t old_len = strlen(*pDst),
+           added_len = strlen(appendage);
+    size_t new_len = old_len + added_len + 1;
+
+    if (!appendage)
+        return;
+
+    *pDst = (char *)xrealloc(*pDst, sizeof(char) * (new_len));
+
+    strcpy(*pDst + old_len, appendage);
+
+    *pDst[new_len - 1] = '\0';
+}
+
+void
+strfreev (char **str_array)
+{
+  if (str_array)
+    {
+      int i;
+
+      for (i = 0; str_array[i] != NULL; i++)
+        free (str_array[i]);
+
+      free (str_array);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/common/strhelp.h	Tue Mar 18 10:04:30 2014 +0000
@@ -0,0 +1,38 @@
+/* @file Helper functions for c strings and memory management
+ *
+ * strhelp contains terminating memory allocation functions and
+ * some conveniance functions to work with c strings or arrays
+ * of c strings.
+ */
+void *xmalloc( size_t n );
+void *xrealloc( void *a, size_t n );
+void *xcalloc( size_t n, size_t m );
+char *xstrdup( const char *string );
+
+/**
+ * strv_length:
+ * @str_array: a %NULL-terminated array of strings
+ *
+ * Returns the length of the given %NULL-terminated
+ * string array @str_array.
+ *
+ * Return value: length of @str_array.
+ *
+ */
+unsigned int strv_length (char **str_array);
+
+/* @brief append a string to a NULL terminated array of strings.
+ *
+ * @param[inout] array pointer to the NULL terminated list of string pointers.
+ * @param[in] string pointer to the string to append to the list.
+ * */
+void array_append_str(char ***pArray, const char *string);
+
+/* @brief append a string to another string.
+ *
+ * @param[inout] pDst pointer to the string to be extended.
+ * @param[in] appendage pointer to the string to append.
+ * */
+void str_append_str(char **pDst, const char *appendage);
+
+void strfreev (char **str_array);