vbatts/sbsigntools
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

sbkeysync: Generate and print key descriptions

Browse source 
.. rather than printing the raw IDs.

Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
This commit is contained in:
Jeremy Kerr 2012-08-22 18:15:57 +08:00
parent 7dc407e311
commit ae3344f5eb
1 changed files with 18 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
src/sbkeysync.c
View file

@ -83,6 +83,8 @@ struct key {
int id_len; int id_len;
uint8_t *id; uint8_t *id;
char *description;
struct list_node list; struct list_node list;
/* set for keys loaded from a filesystem keystore */ /* set for keys loaded from a filesystem keystore */
@ -141,6 +143,7 @@ static void guid_to_str(const EFI_GUID *guid, char *str)
static int sha256_key_parse(struct key *key, uint8_t *data, size_t len) static int sha256_key_parse(struct key *key, uint8_t *data, size_t len)
{ {
const unsigned int sha256_id_size = 256 / 8; const unsigned int sha256_id_size = 256 / 8;
unsigned int i;
if (len != sha256_id_size) if (len != sha256_id_size)
return -1; return -1;
@ -148,15 +151,21 @@ static int sha256_key_parse(struct key *key, uint8_t *data, size_t len)
key->id = talloc_memdup(key, data, sha256_id_size); key->id = talloc_memdup(key, data, sha256_id_size);
key->id_len = sha256_id_size; key->id_len = sha256_id_size;
key->description = talloc_array(key, char, len * 2 + 1);
for (i = 0; i < len; i++)
snprintf(&key->description[i*2], 3, "%02x", data[i]);
key->description[len*2] = '\0';
return 0; return 0;
} }
static int x509_key_parse(struct key *key, uint8_t *data, size_t len) static int x509_key_parse(struct key *key, uint8_t *data, size_t len)
{ {
const int description_len = 160;
ASN1_INTEGER *serial; ASN1_INTEGER *serial;
const uint8_t *tmp; const uint8_t *tmp;
int tmp_len, rc;
X509 *x509; X509 *x509;
int rc;
rc = -1; rc = -1;
@ -173,7 +182,11 @@ static int x509_key_parse(struct key *key, uint8_t *data, size_t len)
serial = x509->cert_info->serialNumber; serial = x509->cert_info->serialNumber;
key->id_len = ASN1_STRING_length(serial); key->id_len = ASN1_STRING_length(serial);
key->id = talloc_memdup(key, ASN1_STRING_data(serial), tmp_len); key->id = talloc_memdup(key, ASN1_STRING_data(serial), key->id_len);
key->description = talloc_array(key, char, description_len);
X509_NAME_oneline(x509->cert_info->subject,
key->description, description_len);
rc = 0; rc = 0;
@ -458,24 +471,16 @@ static int read_key_databases(struct sync_context *ctx)
static void print_key_database(struct key_database *kdb) static void print_key_database(struct key_database *kdb)
{ {
struct key *key; struct key *key;
int i;
printf(" %s (firmware)\n", kdb->type->name); printf(" %s (firmware)\n", kdb->type->name);
list_for_each(&kdb->firmware_keys, key, list) { list_for_each(&kdb->firmware_keys, key, list)
printf(" %d bytes: [ ", key->id_len); printf(" %s\n", key->description);
for (i = 0; i < key->id_len; i++)
printf("0x%02x ", key->id[i]);
printf("]\n");
}
printf(" %s (filesystem)\n", kdb->type->name); printf(" %s (filesystem)\n", kdb->type->name);
list_for_each(&kdb->filesystem_keys, key, list) { list_for_each(&kdb->filesystem_keys, key, list) {
printf(" %d bytes: [ ", key->id_len); printf(" %s\n", key->description);
for (i = 0; i < key->id_len; i++)
printf("0x%02x ", key->id[i]);
printf("]\n");
printf(" from %s/%s\n", printf(" from %s/%s\n",
key->keystore_entry->root, key->keystore_entry->root,
key->keystore_entry->name); key->keystore_entry->name);