diff --git a/runtime/librsgt.c b/runtime/librsgt.c index 5ec4785d7..68248496a 100644 --- a/runtime/librsgt.c +++ b/runtime/librsgt.c @@ -60,6 +60,8 @@ typedef unsigned char uchar; #define VERSION "no-version" #endif +int RSGT_FLAG_TLV16_RUNTIME = RSGT_FLAG_TLV16; +int RSGT_FLAG_NONCRIT_RUNTIME = RSGT_FLAG_NONCRIT; static void reportErr(gtctx ctx, char *errmsg) @@ -282,26 +284,26 @@ done: return r; } -int +static int tlv8Write(gtfile gf, int flags, int tlvtype, int len) { int r; assert((flags & RSGT_TYPE_MASK) == 0); assert((tlvtype & RSGT_TYPE_MASK) == tlvtype); - r = tlvbufAddOctet(gf, (flags & ~RSGT_FLAG_TLV16) | tlvtype); + r = tlvbufAddOctet(gf, (flags & ~RSGT_FLAG_TLV16_RUNTIME) | tlvtype); if(r != 0) goto done; r = tlvbufAddOctet(gf, len & 0xff); done: return r; } -int +static int tlv16Write(gtfile gf, int flags, int tlvtype, uint16_t len) { uint16_t typ; int r; assert((flags & RSGT_TYPE_MASK) == 0); assert((tlvtype >> 8 & RSGT_TYPE_MASK) == (tlvtype >> 8)); - typ = ((flags | RSGT_FLAG_TLV16) << 8) | tlvtype; + typ = ((flags | RSGT_FLAG_TLV16_RUNTIME) << 8) | tlvtype; r = tlvbufAddOctet(gf, typ >> 8); if(r != 0) goto done; r = tlvbufAddOctet(gf, typ & 0xff); diff --git a/runtime/librsgt.h b/runtime/librsgt.h index 55d016fba..5f91db530 100644 --- a/runtime/librsgt.h +++ b/runtime/librsgt.h @@ -342,6 +342,14 @@ void rsgt_errctxFrstRecInBlk(gterrctx_t *ectx, char *rec); void rsgt_objfree(uint16_t tlvtype, void *obj); void rsgt_set_debug(int iDebug); +int rsgt_ConvertSigFile(char* name, FILE *oldsigfp, FILE *newsigfp, int verbose); +// int tlvbufAddOctet(gtfile gf, int8_t octet); +// int tlvbufAddOctetString(gtfile gf, uint8_t *octet, int size); +// int tlvbufAddInt64(gtfile gf, uint64_t val); +// uint8_t tlvbufGetInt64OctetSize(uint64_t val); +// int tlvbufPhysWrite(gtfile gf); + + /* TODO: replace these? */ int hash_m(gtfile gf, GTDataHash **m); @@ -349,5 +357,7 @@ int hash_r(gtfile gf, GTDataHash **r, const unsigned char *rec, const size_t len int hash_node(gtfile gf, GTDataHash **node, GTDataHash *m, GTDataHash *r, uint8_t level); extern char *rsgt_read_puburl; /**< url of publication server */ extern uint8_t rsgt_read_showVerified; +extern int RSGT_FLAG_TLV16_RUNTIME; +extern int RSGT_FLAG_NONCRIT_RUNTIME; #endif /* #ifndef INCLUDED_LIBRSGT_H */ diff --git a/runtime/librsgt_common.h b/runtime/librsgt_common.h index d90cf2ae1..a303f7fa5 100644 --- a/runtime/librsgt_common.h +++ b/runtime/librsgt_common.h @@ -82,7 +82,7 @@ sigTypeName(uint8_t sigID) /* Flags and record types for TLV handling */ #define RSGT_FLAG_NONCRIT 0x20 #define RSGT_FLAG_FORWARD 0x40 -#define RSGT_FLAG_TLV16 0x80 #define RSGT_TYPE_MASK 0x1f +#define RSGT_FLAG_TLV16 0x80 #endif /* #ifndef INCLUDED_LIBRSGTCM_H */ \ No newline at end of file diff --git a/runtime/librsgt_read.c b/runtime/librsgt_read.c index 806bb4c83..be573491d 100644 --- a/runtime/librsgt_read.c +++ b/runtime/librsgt_read.c @@ -64,6 +64,12 @@ uint8_t rsgt_read_showVerified = 0; /* check return state of operation and abort, if non-OK */ #define CHKr(code) if((r = code) != 0) goto done +static void +errfunc(__attribute__((unused)) void *usrptr, uchar *emsg) +{ + if (rsgt_read_debug) + printf("Internal Error: %s \n", emsg); +} /* if verbose==0, only the first and last two octets are shown, * otherwise everything. @@ -201,6 +207,110 @@ reportVerifySuccess(gterrctx_t *ectx, GTVerificationInfo *vrfyInf) } } +/* return the actual length in to-be-written octets of an integer */ +static inline uint8_t +rsgt_tlvGetInt64OctetSize(uint64_t val) +{ + if(val >> 56) + return 8; + if((val >> 48) & 0xff) + return 7; + if((val >> 40) & 0xff) + return 6; + if((val >> 32) & 0xff) + return 5; + if((val >> 24) & 0xff) + return 4; + if((val >> 16) & 0xff) + return 3; + if((val >> 8) & 0xff) + return 2; + return 1; +} + +static inline int rsgt_tlvfileAddOctet(FILE *newsigfp, int8_t octet) +{ + /* Directory write into file */ + int r = 0; + if ( fputc(octet, newsigfp) == EOF ) + r = RSGTE_IO; +done: return r; +} +static inline int rsgt_tlvfileAddOctetString(FILE *newsigfp, uint8_t *octet, int size) +{ + int i, r = 0; + for(i = 0 ; i < size ; ++i) { + r = rsgt_tlvfileAddOctet(newsigfp, octet[i]); + if(r != 0) goto done; + } +done: return r; +} +static inline int rsgt_tlvfileAddInt64(FILE *newsigfp, uint64_t val) +{ + uint8_t doWrite = 0; + int r; + if(val >> 56) { + r = rsgt_tlvfileAddOctet(newsigfp, (val >> 56) & 0xff), doWrite = 1; + if(r != 0) goto done; + } + if(doWrite || ((val >> 48) & 0xff)) { + r = rsgt_tlvfileAddOctet(newsigfp, (val >> 48) & 0xff), doWrite = 1; + if(r != 0) goto done; + } + if(doWrite || ((val >> 40) & 0xff)) { + r = rsgt_tlvfileAddOctet(newsigfp, (val >> 40) & 0xff), doWrite = 1; + if(r != 0) goto done; + } + if(doWrite || ((val >> 32) & 0xff)) { + r = rsgt_tlvfileAddOctet(newsigfp, (val >> 32) & 0xff), doWrite = 1; + if(r != 0) goto done; + } + if(doWrite || ((val >> 24) & 0xff)) { + r = rsgt_tlvfileAddOctet(newsigfp, (val >> 24) & 0xff), doWrite = 1; + if(r != 0) goto done; + } + if(doWrite || ((val >> 16) & 0xff)) { + r = rsgt_tlvfileAddOctet(newsigfp, (val >> 16) & 0xff), doWrite = 1; + if(r != 0) goto done; + } + if(doWrite || ((val >> 8) & 0xff)) { + r = rsgt_tlvfileAddOctet(newsigfp, (val >> 8) & 0xff), doWrite = 1; + if(r != 0) goto done; + } + r = rsgt_tlvfileAddOctet(newsigfp, val & 0xff); +done: return r; +} + +static int +rsgt_tlv8Write(FILE *newsigfp, int flags, int tlvtype, int len) +{ + int r; + assert((flags & RSGT_TYPE_MASK) == 0); + assert((tlvtype & RSGT_TYPE_MASK) == tlvtype); + r = rsgt_tlvfileAddOctet(newsigfp, (flags & ~RSGT_FLAG_TLV16_RUNTIME) | tlvtype); + if(r != 0) goto done; + r = rsgt_tlvfileAddOctet(newsigfp, len & 0xff); +done: return r; +} + +static int +rsgt_tlv16Write(FILE *newsigfp, int flags, int tlvtype, uint16_t len) +{ + uint16_t typ; + int r; + assert((flags & RSGT_TYPE_MASK) == 0); + assert((tlvtype >> 8 & RSGT_TYPE_MASK) == (tlvtype >> 8)); + typ = ((flags | RSGT_FLAG_TLV16_RUNTIME) << 8) | tlvtype; + r = rsgt_tlvfileAddOctet(newsigfp, typ >> 8); + if(r != 0) goto done; + r = rsgt_tlvfileAddOctet(newsigfp, typ & 0xff); + if(r != 0) goto done; + r = rsgt_tlvfileAddOctet(newsigfp, (len >> 8) & 0xff); + if(r != 0) goto done; + r = rsgt_tlvfileAddOctet(newsigfp, len & 0xff); +done: return r; +} + /** * Write the provided record to the current file position. * @@ -250,7 +360,9 @@ rsgt_tlvRecRead(FILE *fp, tlvrecord_t *rec) NEXTC; rec->hdr[0] = c; rec->tlvtype = c & 0x1f; - if(c & RSGT_FLAG_TLV16) { /* tlv16? */ + if(c & RSGT_FLAG_TLV16_RUNTIME) { /* tlv16? */ + if(rsgt_read_debug) + printf("debug: TL168 %d\n", c); rec->lenHdr = 4; NEXTC; rec->hdr[1] = c; @@ -262,21 +374,26 @@ rsgt_tlvRecRead(FILE *fp, tlvrecord_t *rec) rec->hdr[3] = c; rec->tlvlen |= c; } else { + if(rsgt_read_debug) + printf("debug: TLV8 %d\n", c); NEXTC; rec->lenHdr = 2; rec->hdr[1] = c; rec->tlvlen = c; } if(fread(rec->data, (size_t) rec->tlvlen, 1, fp) != 1) { + if(rsgt_read_debug) + printf("debug: rec->tlvlen %d\n", rec->tlvlen); r = feof(fp) ? RSGTE_EOF : RSGTE_IO; goto done; } - if(rsgt_read_debug) - printf("debug: rsgt_tlvRecRead tlvtype %4.4x, len %u\n", (unsigned) rec->tlvtype, - (unsigned) rec->tlvlen); r = 0; -done: return r; +done: + if(rsgt_read_debug) + printf("debug: rsgt_tlvRecRead tlvtype %4.4x, len %u, r = %d\n", (unsigned) rec->tlvtype, + (unsigned) rec->tlvlen, r); + return r; } /* decode a sub-tlv record from an existing record's memory buffer @@ -291,7 +408,7 @@ rsgt_tlvDecodeSUBREC(tlvrecord_t *rec, uint16_t *stridx, tlvrecord_t *newrec) c = rec->data[(*stridx)++]; newrec->hdr[0] = c; newrec->tlvtype = c & 0x1f; - if(c & RSGT_FLAG_TLV16) { /* tlv16? */ + if(c & RSGT_FLAG_TLV16_RUNTIME) { /* tlv16? */ newrec->lenHdr = 4; if(rec->tlvlen == *stridx) {r=RSGTE_LEN; goto done;} c = rec->data[(*stridx)++]; @@ -447,7 +564,10 @@ rsgt_tlvDecodeSIG(tlvrecord_t *rec, uint16_t *strtidx, block_sig_t *bs) if((bs->sig.der.data = (uint8_t*)malloc(bs->sig.der.len)) == NULL) {r=RSGTE_OOM;goto done;} memcpy(bs->sig.der.data, subrec.data, bs->sig.der.len); r = 0; -done: return r; +done: + if(rsgt_read_debug) + printf("debug: rsgt_tlvDecodeSIG returned %d, tlvtype %4.4x\n", r, (unsigned) rec->tlvtype); + return r; } static int @@ -847,6 +967,8 @@ rsgt_chkFileHdr(FILE *fp, char *expect) char hdr[9]; if((r = rsgt_tlvrdHeader(fp, (uchar*)hdr)) != 0) goto done; + if (rsgt_read_debug) + printf("debug: rsgt_chkFileHdr header returned %s\n", hdr); if(strcmp(hdr, expect)) r = RSGTE_INVLHDR; else @@ -1097,7 +1219,7 @@ rsgt_extendSig(GTTimestamp *timestamp, tlvrecord_t *rec, gterrctx_t *ectx) COPY_SUBREC_TO_NEWREC if ((r = rsgt_tlvDecodeSUBREC(rec, &iRd, &subrec)) != 0) goto done; /* actual sig! */ - newrec.data[iWr++] = 0x09 | RSGT_FLAG_TLV16; + newrec.data[iWr++] = 0x09 | RSGT_FLAG_TLV16_RUNTIME; newrec.data[iWr++] = 0x06; newrec.data[iWr++] = (lenDer >> 8) & 0xff; newrec.data[iWr++] = lenDer & 0xff; @@ -1202,3 +1324,214 @@ void rsgt_set_debug(int iDebug) { rsgt_read_debug = iDebug; } + +/* Helper function to convert an old V10 signature file into V11 */ +int rsgt_ConvertSigFile(char* name, FILE *oldsigfp, FILE *newsigfp, int verbose) +{ + int r = 0, rRead = 0; + imprint_t *imp = NULL; + tlvrecord_t rec; + tlvrecord_t subrec; + + /* For signature convert*/ + int i; + uint16_t strtidx = 0; + block_hdr_t *bh = NULL; + block_sig_t *bs = NULL; + uint16_t typconv; + unsigned tlvlen; + uint8_t tlvlenRecords; + + /* Temporary change flags back to old default */ + RSGT_FLAG_TLV16_RUNTIME = 0x20; + + /* Start reading Sigblocks from old FILE */ + while(1) { /* we will err out on EOF */ + rRead = rsgt_tlvRecRead(oldsigfp, &rec); + if(rRead == 0 /*|| rRead == RSGTE_EOF*/) { + switch(rec.tlvtype) { + case 0x0900: + case 0x0901: + /* Convert tlvrecord Header */ + if (rec.tlvtype == 0x0900) { + typconv = ((0x00 /*flags*/ | 0x80 /* NEW RSGT_FLAG_TLV16_RUNTIME*/) << 8) | 0x0902; + rec.hdr[0] = typconv >> 8; + rec.hdr[1] = typconv & 0xff; + } else if (rec.tlvtype == 0x0901) { + typconv = ((0x00 /*flags*/ | 0x80 /* NEW RSGT_FLAG_TLV16_RUNTIME*/) << 8) | 0x0903; + rec.hdr[0] = typconv >> 8; + rec.hdr[1] = typconv & 0xff; + } + + /* Debug verification output */ + r = rsgt_tlvDecodeIMPRINT(&rec, &imp); + if(r != 0) goto donedecode; + rsgt_printREC_HASH(stdout, imp, verbose); + + /* Output into new FILE */ + if((r = rsgt_tlvwrite(newsigfp, &rec)) != 0) goto done; + + /* Free mem*/ + free(imp->data); + free(imp); + break; + case 0x0902: + /* Split Data into HEADER and BLOCK */ + strtidx = 0; + + /* Create BH and BS*/ + if((bh = calloc(1, sizeof(block_hdr_t))) == NULL) { + r = RSGTE_OOM; + goto donedecode; + } + if((bs = calloc(1, sizeof(block_sig_t))) == NULL) { + r = RSGTE_OOM; + goto donedecode; + } + + /* Check OLD encoded HASH ALGO */ + CHKr(rsgt_tlvDecodeSUBREC(&rec, &strtidx, &subrec)); + if(!(subrec.tlvtype == 0x00 && subrec.tlvlen == 1)) { + r = RSGTE_FMT; + goto donedecode; + } + bh->hashID = subrec.data[0]; + + /* Check OLD encoded BLOCK_IV */ + CHKr(rsgt_tlvDecodeSUBREC(&rec, &strtidx, &subrec)); + if(!(subrec.tlvtype == 0x01)) { + r = RSGTE_INVLTYP; + goto donedecode; + } + if((bh->iv = (uint8_t*)malloc(subrec.tlvlen)) == NULL) {r=RSGTE_OOM;goto donedecode;} + memcpy(bh->iv, subrec.data, subrec.tlvlen); + + /* Check OLD encoded LAST HASH */ + CHKr(rsgt_tlvDecodeSUBREC(&rec, &strtidx, &subrec)); + if(!(subrec.tlvtype == 0x02)) { r = RSGTE_INVLTYP; goto donedecode; } + bh->lastHash.hashID = subrec.data[0]; + if(subrec.tlvlen != 1 + hashOutputLengthOctets(bh->lastHash.hashID)) { + r = RSGTE_LEN; + goto donedecode; + } + bh->lastHash.len = subrec.tlvlen - 1; + if((bh->lastHash.data = (uint8_t*)malloc(bh->lastHash.len)) == NULL) {r=RSGTE_OOM;goto donedecode;} + memcpy(bh->lastHash.data, subrec.data+1, subrec.tlvlen-1); + + /* Debug verification output */ + rsgt_printBLOCK_HDR(stdout, bh, verbose); + + /* Check OLD encoded COUNT */ + CHKr(rsgt_tlvDecodeSUBREC(&rec, &strtidx, &subrec)); + if(!(subrec.tlvtype == 0x03 && subrec.tlvlen <= 8)) { r = RSGTE_INVLTYP; goto donedecode; } + bs->recCount = 0; + for(i = 0 ; i < subrec.tlvlen ; ++i) { + bs->recCount = (bs->recCount << 8) + subrec.data[i]; + } + + /* Check OLD encoded SIG */ + CHKr(rsgt_tlvDecodeSUBREC(&rec, &strtidx, &subrec)); + if(!(subrec.tlvtype == 0x0906)) { r = RSGTE_INVLTYP; goto donedecode; } + bs->sig.der.len = subrec.tlvlen; + bs->sigID = SIGID_RFC3161; + if((bs->sig.der.data = (uint8_t*)malloc(bs->sig.der.len)) == NULL) {r=RSGTE_OOM;goto donedecode;} + memcpy(bs->sig.der.data, subrec.data, bs->sig.der.len); + r = 0; + + /* Debug output */ + rsgt_printBLOCK_SIG(stdout, bs, verbose); + + if(strtidx != rec.tlvlen) { + r = RSGTE_LEN; + goto donedecode; + } + + /* Set back to NEW default */ + RSGT_FLAG_TLV16_RUNTIME = 0x80; + + /* Create Block Header */ + tlvlen = 2 + 1 /* hash algo TLV */ + + 2 + hashOutputLengthOctets(bh->hashID) /* iv */ + + 2 + 1 + bh->lastHash.len /* last hash */; + /* write top-level TLV object block-hdr */ + r = rsgt_tlv16Write(newsigfp, 0x00, 0x0901, tlvlen); + /* and now write the children */ + /* hash-algo */ + r = rsgt_tlv8Write(newsigfp, 0x00, 0x01, 1); + if(r != 0) goto done; + r = rsgt_tlvfileAddOctet(newsigfp, hashIdentifier(bh->hashID)); + if(r != 0) goto done; + /* block-iv */ + r = rsgt_tlv8Write(newsigfp, 0x00, 0x02, hashOutputLengthOctets(bh->hashID)); + if(r != 0) goto done; + r = rsgt_tlvfileAddOctetString(newsigfp, bh->iv, hashOutputLengthOctets(bh->hashID)); + if(r != 0) goto done; + /* last-hash */ + r = rsgt_tlv8Write(newsigfp, 0x00, 0x03, bh->lastHash.len + 1); + if(r != 0) goto done; + r = rsgt_tlvfileAddOctet(newsigfp, bh->lastHash.hashID); + if(r != 0) goto done; + r = rsgt_tlvfileAddOctetString(newsigfp, bh->lastHash.data, bh->lastHash.len); + if(r != 0) goto done; + + /* Create Block Signature */ + tlvlenRecords = rsgt_tlvGetInt64OctetSize(bs->recCount); + tlvlen = 2 + tlvlenRecords /* rec-count */ + + 4 + bs->sig.der.len /* rfc-3161 */; + /* write top-level TLV object (block-sig */ + r = rsgt_tlv16Write(newsigfp, 0x00, 0x0904, tlvlen); + if(r != 0) goto done; + /* and now write the children */ + /* rec-count */ + r = rsgt_tlv8Write(newsigfp, 0x00, 0x01, tlvlenRecords); + if(r != 0) goto done; + r = rsgt_tlvfileAddInt64(newsigfp, bs->recCount); + if(r != 0) goto done; + /* rfc-3161 */ + r = rsgt_tlv16Write(newsigfp, 0x00, 0x906, bs->sig.der.len); + if(r != 0) goto done; + r = rsgt_tlvfileAddOctetString(newsigfp, bs->sig.der.data, bs->sig.der.len); + + /* Set back to OLD default */ + RSGT_FLAG_TLV16_RUNTIME = 0x20; + +donedecode: + /* Free mem*/ + if (bh != NULL) { + free(bh->iv); + free(bh->lastHash.data); + free(bh); + bh = NULL; + } + if (bs != NULL) { + free(bs->sig.der.data); + free(bs); + bs = NULL; + } + if(r != 0) goto done; + break; + default: + fprintf(stdout, "unknown tlv record %4.4x\n", rec.tlvtype); + break; + } + } else { + /*if(feof(oldsigfp)) + break; + else*/ + r = rRead; + if(r == RSGTE_EOF) + r = 0; /* Successfully finished file */ + else if(rsgt_read_debug) + printf("debug: rsgt_ConvertSigFile failed to read with error %d\n", r); + goto done; + } + + /* Abort further processing if EOF */ + if (rRead == RSGTE_EOF) + goto done; + } +done: + if(rsgt_read_debug) + printf("debug: rsgt_ConvertSigFile returned %d\n", r); + return r; +} diff --git a/runtime/librsksi.c b/runtime/librsksi.c index a5f8d4799..d6b39b8ee 100644 --- a/runtime/librsksi.c +++ b/runtime/librsksi.c @@ -59,6 +59,8 @@ typedef unsigned char uchar; #define VERSION "no-version" #endif +int RSKSI_FLAG_TLV16_RUNTIME = RSGT_FLAG_TLV16; +int RSKSI_FLAG_NONCRIT_RUNTIME = RSGT_FLAG_NONCRIT; static void reportErr(rsksictx ctx, char *errmsg) @@ -298,7 +300,7 @@ tlv8WriteKSI(ksifile ksi, int flags, int tlvtype, int len) int r; assert((flags & RSGT_TYPE_MASK) == 0); assert((tlvtype & RSGT_TYPE_MASK) == tlvtype); - r = tlvbufAddOctet(ksi, (flags & ~RSGT_FLAG_TLV16) | tlvtype); + r = tlvbufAddOctet(ksi, (flags & ~RSKSI_FLAG_TLV16_RUNTIME) | tlvtype); if(r != 0) goto done; r = tlvbufAddOctet(ksi, len & 0xff); done: return r; @@ -311,7 +313,7 @@ tlv16WriteKSI(ksifile ksi, int flags, int tlvtype, uint16_t len) int r; assert((flags & RSGT_TYPE_MASK) == 0); assert((tlvtype >> 8 & RSGT_TYPE_MASK) == (tlvtype >> 8)); - typ = ((flags | RSGT_FLAG_TLV16) << 8) | tlvtype; + typ = ((flags | RSKSI_FLAG_TLV16_RUNTIME) << 8) | tlvtype; r = tlvbufAddOctet(ksi, typ >> 8); if(r != 0) goto done; r = tlvbufAddOctet(ksi, typ & 0xff); diff --git a/runtime/librsksi.h b/runtime/librsksi.h index 1be70f7c3..9d7c65691 100644 --- a/runtime/librsksi.h +++ b/runtime/librsksi.h @@ -390,5 +390,7 @@ int hash_r_ksi(ksifile ksi, KSI_DataHash **r, const unsigned char *rec, const si int hash_node_ksi(ksifile ksi, KSI_DataHash **node, KSI_DataHash *m, KSI_DataHash *r, uint8_t level); extern char *rsksi_read_puburl; /**< url of publication server */ extern uint8_t rsksi_read_showVerified; +extern int RSKSI_FLAG_TLV16_RUNTIME; +extern int RSKSI_FLAG_NONCRIT_RUNTIME; #endif /* #ifndef INCLUDED_LIBRSKSI_H */ diff --git a/runtime/librsksi_read.c b/runtime/librsksi_read.c index 3359bcb18..e3dbcf1cc 100644 --- a/runtime/librsksi_read.c +++ b/runtime/librsksi_read.c @@ -266,7 +266,7 @@ rsksi_tlvRecRead(FILE *fp, tlvrecord_t *rec) NEXTC; rec->hdr[0] = c; rec->tlvtype = c & 0x1f; - if(c & RSGT_FLAG_TLV16) { /* tlv16? */ + if(c & RSKSI_FLAG_TLV16_RUNTIME) { /* tlv16? */ rec->lenHdr = 4; NEXTC; rec->hdr[1] = c; @@ -307,7 +307,7 @@ rsksi_tlvDecodeSUBREC(tlvrecord_t *rec, uint16_t *stridx, tlvrecord_t *newrec) c = rec->data[(*stridx)++]; newrec->hdr[0] = c; newrec->tlvtype = c & 0x1f; - if(c & RSGT_FLAG_TLV16) { /* tlv16? */ + if(c & RSKSI_FLAG_TLV16_RUNTIME) { /* tlv16? */ newrec->lenHdr = 4; if(rec->tlvlen == *stridx) {r=RSGTE_LEN; goto done;} c = rec->data[(*stridx)++]; @@ -1112,7 +1112,7 @@ rsksi_extendSig(KSI_Signature *sig, ksifile ksi, tlvrecord_t *rec, ksierrctx_t * COPY_SUBREC_TO_NEWREC if ((r = rsksi_tlvDecodeSUBREC(rec, &iRd, &subrec)) != 0) goto done; /* actual sig! */ - newrec.data[iWr++] = 0x09 | RSGT_FLAG_TLV16; + newrec.data[iWr++] = 0x09 | RSKSI_FLAG_TLV16_RUNTIME; newrec.data[iWr++] = 0x06; newrec.data[iWr++] = (lenDer >> 8) & 0xff; newrec.data[iWr++] = lenDer & 0xff; diff --git a/tools/rsgtutil.c b/tools/rsgtutil.c index d86511194..fd6e1cb01 100644 --- a/tools/rsgtutil.c +++ b/tools/rsgtutil.c @@ -46,7 +46,7 @@ typedef unsigned char uchar; static enum { MD_DUMP, MD_DETECT_FILE_TYPE, MD_SHOW_SIGBLK_PARAMS, - MD_VERIFY, MD_EXTEND + MD_VERIFY, MD_EXTEND, MD_CONVERT } mode = MD_DUMP; static enum { API_GT, API_KSI } apimode = API_GT; static int verbose = 0; @@ -57,7 +57,7 @@ static void dumpFile(char *name) { FILE *fp; - uchar hdr[9]; + char hdr[9]; void *obj; tlvrecord_t rec; int r = -1; @@ -71,8 +71,14 @@ dumpFile(char *name) goto err; } } - if((r = rsgt_tlvrdHeader(fp, hdr)) != 0) goto err; - printf("File Header: '%s'\n", hdr); + if((r = rsgt_tlvrdHeader(fp, (uchar*)hdr)) != 0) goto err; + if(!strcmp(hdr, "LOGSIG10")) + printf("File Header: Version 10 (deprecated) - conversion needed.\n"); + else if(!strcmp(hdr, "LOGSIG11")) + printf("File Header: Version 11\n"); + else + printf("File Header: '%s'\n", hdr); + while(1) { /* we will err out on EOF */ if((r = rsgt_tlvrd(fp, &rec, &obj)) != 0) { if(feof(fp)) @@ -87,7 +93,8 @@ dumpFile(char *name) if(fp != stdin) fclose(fp); return; -err: fprintf(stderr, "error %d (%s) processing file %s\n", r, RSGTE2String(r), name); +err: + fprintf(stderr, "error %d (%s) processing file %s\n", r, RSGTE2String(r), name); } static void @@ -130,6 +137,97 @@ err: if(r != RSGTE_EOF) fprintf(stderr, "error %d (%s) processing file %s\n", r, RSGTE2String(r), name); } + +static void +convertFile(char *name) +{ + FILE *oldsigfp = NULL, *newsigfp = NULL; + char hdr[9]; + int r = -1; + char newsigfname[4096]; + char oldsigfname[4096]; + + if(!strcmp(name, "-")) + oldsigfp = stdin; + else { + printf("Processing file %s:\n", name); + if((oldsigfp = fopen(name, "r")) == NULL) { + perror(name); + goto err; + } + } + if((r = rsgt_tlvrdHeader(oldsigfp, (uchar*)hdr)) != 0) goto err; + if(!strcmp(hdr, "LOGSIG10")) { + printf("Found Signature File with Version 10 - starting conversion.\n"); + snprintf(newsigfname, sizeof(newsigfname), "%s.LOGSIG11", name); + snprintf(oldsigfname, sizeof(oldsigfname), "%s.LOGSIG10", name); + if((newsigfp = fopen(newsigfname, "w")) == NULL) { + perror(newsigfname); + r = RSGTE_IO; + goto err; + } + else { + /* Write FileHeader first */ + if ( fwrite(LOGSIGHDR, sizeof(LOGSIGHDR)-1, 1, newsigfp) != 1) goto err; + } + + if ((r = rsgt_ConvertSigFile(name, oldsigfp, newsigfp, verbose)) != 0) + goto err; + else { + /* Delete OLDFILE if there is one*/ + if(unlink(oldsigfname) != 0) { + if(errno != ENOENT) { + perror("Error removing old file"); + r = RSGTE_IO; + goto err; + } + } + /* Copy main sigfile to oldfile */ + if(link(name, oldsigfname) != 0) { + perror("Error moving old file"); + r = RSGTE_IO; + goto err; + } + + /* Delete current sigfile*/ + if(unlink(name) != 0) { + if(errno != ENOENT) { + perror("Error removing old file"); + r = RSGTE_IO; + goto err; + } + } + /* Copy new sigfile to main sigfile */ + if(link(newsigfname, name) != 0) { + perror("Error moving new file"); + r = RSGTE_IO; + goto err; + } + + /* Delete temporary new sigfile*/ + if(unlink(newsigfname) != 0) { + if(errno != ENOENT) { + perror("Error removing new file"); + r = RSGTE_IO; + goto err; + } + } + + printf("File %s was converted to Version 11.\n", name); + } + } + else + printf("File does not need to be converted, File Header is: '%s'\n", hdr); + + if(oldsigfp != stdin) + fclose(oldsigfp); + if (newsigfp != NULL) + fclose(newsigfp); + return; +err: + fprintf(stderr, "error %d (%s) converting file %s\n", r, RSGTE2String(r), name); +} + #endif #ifdef ENABLEKSI @@ -137,7 +235,7 @@ static void dumpFileKSI(char *name) { FILE *fp; - uchar hdr[9]; + char hdr[9]; void *obj; tlvrecord_t rec; int r = -1; @@ -151,8 +249,13 @@ dumpFileKSI(char *name) goto err; } } - if((r = rsksi_tlvrdHeader(fp, hdr)) != 0) goto err; - printf("File Header: '%s'\n", hdr); + if((r = rsksi_tlvrdHeader(fp, (uchar*)hdr)) != 0) goto err; + if(!strcmp(hdr, "LOGSIG10")) + printf("File Header: Version 10 (deprecated) - conversion needed.\n"); + else if(!strcmp(hdr, "LOGSIG11")) + printf("File Header: Version 11\n"); + else + printf("File Header: '%s'\n", hdr); while(1) { /* we will err out on EOF */ if((r = rsksi_tlvrd(fp, &rec, &obj)) != 0) { if(feof(fp)) @@ -210,6 +313,38 @@ err: if(r != RSGTE_EOF) fprintf(stderr, "error %d (%s) processing file %s\n", r, RSKSIE2String(r), name); } + +static void +convertFileKSI(char *name) +{ + FILE *fp; + char hdr[9]; + int r = -1; + + if(!strcmp(name, "-")) + fp = stdin; + else { + printf("Processing file %s:\n", name); + if((fp = fopen(name, "r")) == NULL) { + perror(name); + goto err; + } + } + if((r = rsksi_tlvrdHeader(fp, (uchar*)hdr)) != 0) goto err; + if(!strcmp(hdr, "LOGSIG10")) { + printf("Found Signature File with Version 10 - starting conversion.\n"); + /* TODO CONVERT FILE!!!!! */ + } + else + printf("File does not need to be converted, File Header is: '%s'\n", hdr); + + if(fp != stdin) + fclose(fp); + return; +err: + fprintf(stderr, "error %d (%s) processing file %s\n", r, RSKSIE2String(r), name); +} + #endif #ifdef ENABLEGT @@ -312,6 +447,7 @@ verifyGT(char *name, char *errbuf, char *sigfname, char *oldsigfname, char *nsig fprintf(stderr, "error %d in rsgt_chkFileHdr\n", r); goto done; } + if(mode == MD_EXTEND) { if(fwrite("LOGSIG11", 8, 1, nsigfp) != 1) { perror(nsigfname); @@ -828,6 +964,16 @@ processFile(char *name) #ifdef ENABLEKSI if (apimode == API_KSI) showSigblkParamsKSI(name); +#endif + break; + case MD_CONVERT: +#ifdef ENABLEGT + if (apimode == API_GT) + convertFile(name); +#endif +#ifdef ENABLEKSI + if (apimode == API_KSI) + convertFileKSI(name); #endif break; case MD_VERIFY: @@ -843,6 +989,7 @@ processFile(char *name) static struct option long_options[] = { {"help", no_argument, NULL, 'h'}, + {"convert", no_argument, NULL, 'c'}, {"dump", no_argument, NULL, 'D'}, {"verbose", no_argument, NULL, 'v'}, {"debug", no_argument, NULL, 'd'}, @@ -869,6 +1016,7 @@ rsgtutil_usage(void) "\t-e, --extend \t\t\t Extends the RFC3161 signatures.\n" "\t-B, --show-sigblock-params \t Show signature block parameters.\n" "\t-T, --detect-file-type \t Show Type of signature file.\n" + "\t-c, --convert \t\t\t Convert Signature Format Version 10 to 11.\n" "\t-V, --Version \t\t\t Print utility version\n" "\t\tOptional parameters\n" "\t-a , --api \t Set which API to use.\n" @@ -888,7 +1036,7 @@ main(int argc, char *argv[]) int opt; while(1) { - opt = getopt_long(argc, argv, "aBdDeHPstTvV", long_options, NULL); + opt = getopt_long(argc, argv, "aBcdDeHPstTvV", long_options, NULL); if(opt == -1) break; switch(opt) { @@ -950,6 +1098,9 @@ main(int argc, char *argv[]) case 'e': mode = MD_EXTEND; break; + case 'c': + mode = MD_CONVERT; + break; case 'h': case '?': rsgtutil_usage();