diff options
author | Stewart Smith <stewart@linux.vnet.ibm.com> | 2017-12-13 17:26:42 +1100 |
---|---|---|
committer | Stewart Smith <stewart@linux.vnet.ibm.com> | 2017-12-18 21:30:57 -0600 |
commit | 6e05c6f21b34f9c4f6597ace36dfca9624c7923c (patch) | |
tree | 4215358d42122cc17c5c6198c1d8b306b1161a88 /libstb/container-utils.c | |
parent | 63ef6f54445e52e0cd3af4672e73c047484a6a12 (diff) | |
download | skiboot-6e05c6f21b34f9c4f6597ace36dfca9624c7923c.zip skiboot-6e05c6f21b34f9c4f6597ace36dfca9624c7923c.tar.gz skiboot-6e05c6f21b34f9c4f6597ace36dfca9624c7923c.tar.bz2 |
libstb/(create|print)-container: Sync with sb-signing-utils
The sb-signing-utils project has improved upon the skeleton
create-container tool that existed in skiboot, including
being able to (quite easily) create *signed* images.
This commit brings in that code (and makes it build in the
skiboot build environment) and updates our skiboot.*.stb
generating code to use the development keys.
We also update print-container as well, syncing it with the
upstream project.
Derived from github.com:open-power/sb-signing-utils.git
at v0.3-5-gcb111c03ad7f
(and yes, changes here will be submitted upstream)
Cc: Dave Heller <hellerda@linux.vnet.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Diffstat (limited to 'libstb/container-utils.c')
-rw-r--r-- | libstb/container-utils.c | 137 |
1 files changed, 137 insertions, 0 deletions
diff --git a/libstb/container-utils.c b/libstb/container-utils.c new file mode 100644 index 0000000..d2c1f9d --- /dev/null +++ b/libstb/container-utils.c @@ -0,0 +1,137 @@ +/* Copyright 2017 IBM Corp. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "config.h" + +#include <regex.h> +#include <stdbool.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sysexits.h> + +#include "ccan/short_types/short_types.h" +#include "container-utils.h" +#include "container.h" + +extern char *progname; + +extern bool verbose, debug; +extern int wrap; + + +void hex_print(char *lead, unsigned char *buffer, size_t buflen) +{ + unsigned int i, indent = 4; + char prelead[100]; + const char *pad; + int col; + + snprintf(prelead, 100, "--> %s: ", progname); + + pad = (((strlen(prelead) + strlen(lead)) % 2) == 0) ? "" : " "; + wrap = ((wrap % 2) == 0) ? wrap : wrap - 1; + indent = ((indent % 2) == 0) ? indent : indent - 1; + col = fprintf(stdout, "%s%s%s", prelead, lead, pad); + for (i = 1; i < buflen + 1; i++) { + fprintf(stdout, "%02x", buffer[i - 1]); + col = col + 2; + if (((col % wrap) == 0) && (i < buflen)) { + fprintf(stdout, "\n%*c", indent, ' '); + col = indent; + } + } + fprintf(stdout, "\n"); +} + +void verbose_print(char *lead, unsigned char *buffer, size_t buflen) +{ + if (verbose) + hex_print(lead, buffer, buflen); +} + +void debug_print(char *lead, unsigned char *buffer, size_t buflen) +{ + if (debug) + hex_print(lead, buffer, buflen); +} + +/** + * Validate hexadecimal ASCII input of a given length. + * - len is the byte len of the resulting value, not the len of the hexascii. + * - len = 0 means validate input of arbitrary length. +*/ +int isValidHex(char *input, int len) { + int r; + size_t maxlen = 512; // sane limit + regex_t regexpr; + char pattern[48]; + char multiplier[8]; + bool result = false; + + if ((strnlen(input, maxlen) > maxlen * 2) || (len > (int) maxlen)) + die(EX_DATAERR, "input exceeded max length: %lu", maxlen); + + if (len > 0) + sprintf(multiplier, "{%d}", len * 2); // allow this (byte) len only + else + sprintf(multiplier, "+"); // unlimited + + sprintf(pattern, "^(0x|0X)?[a-fA-F0-9]%s$", multiplier); + + if ((r = regcomp(®expr, pattern, REG_EXTENDED | REG_NOSUB))) + die(EX_SOFTWARE, "%s", "failure to compile regex"); + + if (!(r = regexec(®expr, input, 0, NULL, 0))) + result = true; + + regfree(®expr); + return result; +} + +/** + * Validate ASCII input up to a given length. + * - len is the expected len of the ascii input. + * - len = 0 means validate input of arbitrary length. + * - NOTE: not all ascii chars are allowed here. + */ +int isValidAscii(char *input, int len) { + int r; + size_t maxlen = 256; // sane limit + regex_t regexpr; + char pattern[48]; + char multiplier[8]; + bool result = false; + + if ((strnlen(input, maxlen) > maxlen) || (len > (int) maxlen)) + die(EX_DATAERR, "input exceeded max length: %lu", maxlen); + + if (len > 0) + sprintf(multiplier, "{,%d}", len); // allow *up to* this len + else + sprintf(multiplier, "+"); // unlimited + + sprintf(pattern, "^[a-zA-Z0-9_+-]%s$", multiplier); + + if ((r = regcomp(®expr, pattern, REG_EXTENDED | REG_NOSUB))) + die(EX_SOFTWARE, "%s", "failure to compile regex"); + + if (!(r = regexec(®expr, input, 0, NULL, 0))) + result = true; + + regfree(®expr); + return result; +} |