libstb/(create|print)-container: Sync with sb-signing-utils

The sb-signing-utils project has improved upon the skeleton
create-container tool that existed in skiboot, including
being able to (quite easily) create *signed* images.

This commit brings in that code (and makes it build in the
skiboot build environment) and updates our skiboot.*.stb
generating code to use the development keys.

We also update print-container as well, syncing it with the
upstream project.

Derived from github.com:open-power/sb-signing-utils.git
at v0.3-5-gcb111c03ad7f
(and yes, changes here will be submitted upstream)

Cc: Dave Heller <hellerda@linux.vnet.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>

1 files changed, 137 insertions, 0 deletions

diff --git a/libstb/container-utils.c b/libstb/container-utils.c
new file mode 100644
index 0000000..d2c1f9d
--- /dev/null
+++ b/libstb/container-utils.c
@@ -0,0 +1,137 @@
+/* Copyright 2017 IBM Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * 	http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "config.h"
+
+#include <regex.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sysexits.h>
+
+#include "ccan/short_types/short_types.h"
+#include "container-utils.h"
+#include "container.h"
+
+extern char *progname;
+
+extern bool verbose, debug;
+extern int wrap;
+
+
+void hex_print(char *lead, unsigned char *buffer, size_t buflen)
+{
+	unsigned int i, indent = 4;
+	char prelead[100];
+	const char *pad;
+	int col;
+
+	snprintf(prelead, 100, "--> %s: ", progname);
+
+	pad = (((strlen(prelead) + strlen(lead)) % 2) == 0) ? "" : " ";
+	wrap = ((wrap % 2) == 0) ? wrap : wrap - 1;
+	indent = ((indent % 2) == 0) ? indent : indent - 1;
+	col = fprintf(stdout, "%s%s%s", prelead, lead, pad);
+	for (i = 1; i < buflen + 1; i++) {
+		fprintf(stdout, "%02x", buffer[i - 1]);
+		col = col + 2;
+		if (((col % wrap) == 0) && (i < buflen)) {
+			fprintf(stdout, "\n%*c", indent, ' ');
+			col = indent;
+		}
+	}
+	fprintf(stdout, "\n");
+}
+
+void verbose_print(char *lead, unsigned char *buffer, size_t buflen)
+{
+	if (verbose)
+		hex_print(lead, buffer, buflen);
+}
+
+void debug_print(char *lead, unsigned char *buffer, size_t buflen)
+{
+	if (debug)
+		hex_print(lead, buffer, buflen);
+}
+
+/**
+ * Validate hexadecimal ASCII input of a given length.
+ * - len is the byte len of the resulting value, not the len of the hexascii.
+ * - len = 0 means validate input of arbitrary length.
+*/
+int isValidHex(char *input, int len) {
+	int r;
+	size_t maxlen = 512; // sane limit
+	regex_t regexpr;
+	char pattern[48];
+	char multiplier[8];
+	bool result = false;
+
+	if ((strnlen(input, maxlen) > maxlen * 2) || (len > (int) maxlen))
+		die(EX_DATAERR, "input exceeded max length: %lu", maxlen);
+
+	if (len > 0)
+		sprintf(multiplier, "{%d}", len * 2); // allow this (byte) len only
+	else
+		sprintf(multiplier, "+"); // unlimited
+
+	sprintf(pattern, "^(0x|0X)?[a-fA-F0-9]%s$", multiplier);
+
+	if ((r = regcomp(&regexpr, pattern, REG_EXTENDED | REG_NOSUB)))
+		die(EX_SOFTWARE, "%s", "failure to compile regex");
+
+	if (!(r = regexec(&regexpr, input, 0, NULL, 0)))
+		result = true;
+
+	regfree(&regexpr);
+	return result;
+}
+
+/**
+ * Validate ASCII input up to a given length.
+ * - len is the expected len of the ascii input.
+ * - len = 0 means validate input of arbitrary length.
+ * - NOTE: not all ascii chars are allowed here.
+ */
+int isValidAscii(char *input, int len) {
+	int r;
+	size_t maxlen = 256; // sane limit
+	regex_t regexpr;
+	char pattern[48];
+	char multiplier[8];
+	bool result = false;
+
+	if ((strnlen(input, maxlen) > maxlen) || (len > (int) maxlen))
+		die(EX_DATAERR, "input exceeded max length: %lu", maxlen);
+
+	if (len > 0)
+		sprintf(multiplier, "{,%d}", len);  // allow *up to* this len
+	else
+		sprintf(multiplier, "+"); // unlimited
+
+	sprintf(pattern, "^[a-zA-Z0-9_+-]%s$", multiplier);
+
+	if ((r = regcomp(&regexpr, pattern, REG_EXTENDED | REG_NOSUB)))
+		die(EX_SOFTWARE, "%s", "failure to compile regex");
+
+	if (!(r = regexec(&regexpr, input, 0, NULL, 0)))
+		result = true;
+
+	regfree(&regexpr);
+	return result;
+}