Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package secvarctl for openSUSE:Factory checked in at 2023-10-13 23:15:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/secvarctl (Old) and /work/SRC/openSUSE:Factory/.secvarctl.new.20540 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "secvarctl" Fri Oct 13 23:15:47 2023 rev:6 rq:1117679 version:1.0.0~rc2+git1.1f96bad Changes: -------- --- /work/SRC/openSUSE:Factory/secvarctl/secvarctl.changes 2023-10-04 22:31:31.639805696 +0200 +++ /work/SRC/openSUSE:Factory/.secvarctl.new.20540/secvarctl.changes 2023-10-13 23:16:43.331489011 +0200 @@ -1,0 +2,11 @@ +Fri Oct 13 14:04:07 UTC 2023 - msucha...@suse.com + +- Update to version 1.0.0~rc2+git1.1f96bad: + * guest/read: return early if next esd cannot be parsed + * guest: Remove x509 SHA GUID functions and macros + * guest/generate: change --append option to be a boolean based on presence + * guest/read: allow paths with or without a trailing slash + * Makefile: Fix installation after source reorganization +- Remove upstreamed secvarctl-install.patch + +------------------------------------------------------------------- Old: ---- secvarctl-1.0.0~rc1+git0.a180a56.tar.gz secvarctl-install.patch New: ---- secvarctl-1.0.0~rc2+git1.1f96bad.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ secvarctl.spec ++++++ --- /var/tmp/diff_new_pack.vPLiLO/_old 2023-10-13 23:16:43.775505747 +0200 +++ /var/tmp/diff_new_pack.vPLiLO/_new 2023-10-13 23:16:43.779505897 +0200 @@ -18,13 +18,12 @@ %global make_parms OPENSSL=1 DEBUG=1 Name: secvarctl -Version: 1.0.0~rc1+git0.a180a56 +Version: 1.0.0~rc2+git1.1f96bad Release: 0 Summary: Suite of tools to manipulate and generate Secure Boot variables on POWER License: Apache-2.0 URL: https://github.com/open-power/secvarctl Source: %{name}-%{version}.tar.gz -Patch0: secvarctl-install.patch BuildRequires: openssl-devel ExclusiveArch: ppc64 ppc64le ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.vPLiLO/_old 2023-10-13 23:16:43.823507556 +0200 +++ /var/tmp/diff_new_pack.vPLiLO/_new 2023-10-13 23:16:43.823507556 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/open-power/secvarctl.git</param> - <param name="changesrevision">a180a56b5c3330b1f5130633e7e7fb889e7eb74b</param></service></servicedata> + <param name="changesrevision">1f96bada397352ffb4640c1d1f165eaea63621d0</param></service></servicedata> (No newline at EOF) ++++++ secvarctl-1.0.0~rc1+git0.a180a56.tar.gz -> secvarctl-1.0.0~rc2+git1.1f96bad.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/Makefile new/secvarctl-1.0.0~rc2+git1.1f96bad/Makefile --- old/secvarctl-1.0.0~rc1+git0.a180a56/Makefile 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/Makefile 2023-10-12 17:51:48.000000000 +0200 @@ -167,11 +167,9 @@ install: all @mkdir -p $(DESTDIR)/usr/bin - @install -m 0755 secvarctl $(DESTDIR)/usr/bin/secvarctl + @install -m 0755 bin/secvarctl $(DESTDIR)/usr/bin/secvarctl @mkdir -p $(DESTDIR)/$(MANDIR)/man1 @install -m 0644 secvarctl.1 $(DESTDIR)/$(MANDIR)/man1 - @mkdir -p $(DESTDIR)/usr/lib/secvarctl - @install -m 0755 ./lib/* $(DESTDIR)/usr/lib/secvarctl @echo "secvarctl installed successfully!" uninstall: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/generate.c new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/generate.c --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/generate.c 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/generate.c 2023-10-12 17:51:48.000000000 +0200 @@ -436,6 +436,11 @@ rc = validate_cert(cert, cert_size); + if (rc) { + free(cert); + return rc; + } + *cert_data = cert; *cert_data_size = cert_size; @@ -449,7 +454,7 @@ * @param buffer_size , length of buffer * @param hash_funct, index of hash function information to use for ESL GUID, * also helps in prevalation, if inform is '[c]ert' then this doesn't matter - * @param hash_data, the generated hash data + * @param hash_data, the generated hash data, buffer should be allocated before calling * @param hash_data_size, the length of hash data * @param esl_guid, signature type of ESL * @return SUCCESS or err number @@ -458,27 +463,23 @@ uint8_t *hash_data, size_t *hash_data_size) { int rc = SUCCESS; - size_t data_size = 0; - uint8_t *data = NULL; - enum signature_type x509_hash_func; + size_t crt_size = 0; + uint8_t *crt_der = NULL, *out_data = NULL; - rc = is_x509certificate(buffer, buffer_size, &data, &data_size); + rc = is_x509certificate(buffer, buffer_size, &crt_der, &crt_size); if (rc == SUCCESS) { - rc = get_x509_hash_function(get_crypto_alg_name(hash_funct), &x509_hash_func); - if (rc) - return rc; - - hash_funct = x509_hash_func; - } else { - data_size = buffer_size; - data = (uint8_t *)buffer; - } - - rc = crypto_md_generate_hash(data, data_size, get_crypto_alg_id(hash_funct), &hash_data, - hash_data_size); + rc = crypto_md_generate_hash(crt_der, crt_size, get_crypto_alg_id(hash_funct), + &out_data, hash_data_size); + free(crt_der); + } else + rc = crypto_md_generate_hash(buffer, buffer_size, get_crypto_alg_id(hash_funct), + &out_data, hash_data_size); if (rc != CRYPTO_SUCCESS) return HASH_FAIL; + memcpy(hash_data, out_data, *hash_data_size); + free(out_data); + return SUCCESS; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/read.c new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/read.c --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/read.c 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/read.c 2023-10-12 17:51:48.000000000 +0200 @@ -5,6 +5,7 @@ #include <stdio.h> #include <string.h> #include <stdlib.h> +#include <esl.h> // libstb-secvar #include "err.h" #include "prlog.h" #include "generic.h" @@ -111,105 +112,123 @@ } /* - * prints human readable data in of ESL buffer + * prints ESDs inside an ESL buffer in human readable form * - * @param vuffer , buffer containing ESL data - * @param buffer_size , length of buffer - * @param var_name, secure boot variable name - * @return SUCCESS or error number if failure + * @param esl, pointer to the beginning of valid esl data. NOTE: caller is responsible for validation + * @param esl_size, size of the esl data buffer + * @param sig_type, signature type enum as extracted from e.g. get_signature_type + * @return SUCCESS or propogates error code */ -int print_variables(const uint8_t *buffer, size_t buffer_size, const char *var_name) +static int print_esd_from_esl_buffer(const uint8_t *esl, size_t esl_size, + enum signature_type sig_type) { - int rc; - ssize_t esl_data_size = buffer_size, cert_size; - size_t count = 0, offset = 0; - uint8_t *cert = NULL, *esl_data = (uint8_t *)buffer; - enum signature_type sig_type; - sv_esl_t *sig_list; - sv_esd_t *esd = NULL; crypto_x509_t *x509 = NULL; + int rc; + size_t esd_data_size, esd_count = 0; + uuid_t esd_owner; + union { + const uint8_t *raw; + sv_esd_t *esd; + } curr_esd; + curr_esd.raw = NULL; + + rc = next_esd_from_esl(esl, &curr_esd.raw, &esd_data_size, &esd_owner); + if (rc) { + prlog(PR_ERR, "Error reading esd from esl, rc = %d\n", rc); + return rc; + } - while (esl_data_size > 0) { - // TODO: consider breaking this down into functions, to avoid these scope reductions - size_t esl_size, next_esl_size, sig_offset; - size_t signature_size; - - if (esl_data_size < sizeof(sv_esl_t)) { - prlog(PR_ERR, - "ERROR: ESL has %zd bytes and is smaller than an ESL (%zu bytes)," - " remaining data not parsed\n", - esl_data_size, sizeof(sv_esl_t)); - break; - } + while (curr_esd.esd != NULL) { + esd_count++; + switch (sig_type) { + case ST_HASHES_START ... ST_HASHES_END: + printf("\tData-%zu: ", esd_count); + print_hex(curr_esd.raw, esd_data_size); + case ST_X509: + x509 = crypto_x509_parse_der(curr_esd.raw, esd_data_size); + if (!x509) + break; + printf("\tCertificate-%zu: ", esd_count); + rc = print_cert_info(x509); - /* Get sig list */ - sig_list = extract_esl_signature_list(buffer + offset, esl_data_size); - esl_size = sig_list->signature_list_size; - signature_size = cpu_to_le32(sig_list->signature_size); - sig_type = get_signature_type(sig_list->signature_type); + // we're done with the x509, free it immediately + crypto_x509_free(x509); + x509 = NULL; + + // ...then bail if there was an error printing the cert + if (rc) + return rc; - if (esl_size < sizeof(sv_esl_t) || esl_size > esl_data_size) { - prlog(PR_ERR, "ERROR: invalid ESL size (%zu)\n", esl_size); + break; + case ST_SBAT: + printf("\tData: "); + print_raw((char *)curr_esd.raw, esd_data_size); + break; + case ST_DELETE: + printf("\tDELETE-MSG: "); + print_raw((char *)curr_esd.raw, esd_data_size); + break; + default: + prlog(PR_ERR, "ERROR: unknown signature type = %d\n", sig_type); break; } - print_esl_info(sig_list); - next_esl_size = esl_size; - offset = sizeof(sv_esl_t) + cpu_to_le32(sig_list->signature_header_size); - esl_size = esl_size - offset; - sig_offset = 0; - - /* reads the esd from esl */ - while (esl_size > 0) { - size_t data_size; - - esd = (sv_esd_t *)(esl_data + (offset + sig_offset)); - data_size = signature_size - sizeof(sv_esd_t); - cert = esd->signature_data; - cert_size = data_size; - - switch (sig_type) { - case ST_HASHES_START ... ST_X509_HASHES_END: - printf("\tData-%zu: ", count); - print_hex(cert, cert_size); - case ST_X509: - x509 = crypto_x509_parse_der(cert, cert_size); - if (!x509) - break; - printf("\tCertificate-%zu: ", count); - rc = print_cert_info(x509); - if (rc) - break; - - crypto_x509_free(x509); - x509 = NULL; - break; - case ST_SBAT: - printf("\tData: "); - print_raw((char *)cert, cert_size); - case ST_DELETE: - printf("\tDELETE-MSG: "); - print_raw((char *)cert, cert_size); - default: - prlog(PR_ERR, "ERROR: invalid signature type\n"); - goto outside; - } - - count++; - esl_size -= signature_size; - sig_offset += signature_size; + rc = next_esd_from_esl(esl, &curr_esd.raw, &esd_data_size, &esd_owner); + if (rc) { + prlog(PR_ERR, "Error reading next esd (%zu), rc = %d\n", esd_count, rc); + return rc; } - outside: + } - /* we read all esl_size bytes so iterate to next esl */ - esl_data += next_esl_size; - esl_data_size -= next_esl_size; + return SUCCESS; +} + +/* + * prints human readable data in of ESL buffer + * + * @param vuffer , buffer containing ESL data + * @param buffer_size , length of buffer + * @param var_name, secure boot variable name + * @return SUCCESS or error number if failure + */ +int print_esl_buffer(const uint8_t *buffer, size_t buffer_size, const char *var_name) +{ + int rc; + size_t esl_data_size = 0; + size_t esl_count = 0; + enum signature_type sig_type; + + union { + const uint8_t *raw; + sv_esl_t *esl; + } curr_esl; + curr_esl.raw = NULL; + + rc = next_esl_from_buffer(buffer, buffer_size, &curr_esl.raw, &esl_data_size); + if (rc) { + prlog(PR_ERR, "Error reading from esl buffer: %d\n", rc); + return rc; } - printf("\tFound %zu ESL's\n\n", count); + while (curr_esl.esl != NULL) { + esl_count++; + printf("ESL %zu:\n", esl_count); + print_esl_info(curr_esl.esl); + + sig_type = get_signature_type(curr_esl.esl->signature_type); + rc = print_esd_from_esl_buffer(curr_esl.raw, esl_data_size, sig_type); + if (rc) + return rc; + + rc = next_esl_from_buffer(buffer, buffer_size, &curr_esl.raw, &esl_data_size); + if (rc) { + prlog(PR_ERR, "Error reading next esl (%zu) from buffer: %d\n", esl_count, + rc); + return rc; + } + } - if (x509) - crypto_x509_free(x509); + printf("\tFound %zu ESL's\n\n", esl_count); return SUCCESS; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/util.c new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/util.c --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/util.c 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/util.c 2023-10-12 17:51:48.000000000 +0200 @@ -31,9 +31,6 @@ [ST_HASH_SHA256] = { .name = "SHA256", .uuid = &PKS_CERT_SHA256_GUID, .crypto_id = CRYPTO_MD_SHA256, .size = 32 }, [ST_HASH_SHA384] = { .name = "SHA384", .uuid = &PKS_CERT_SHA384_GUID, .crypto_id = CRYPTO_MD_SHA384, .size = 48 }, [ST_HASH_SHA512] = { .name = "SHA512", .uuid = &PKS_CERT_SHA512_GUID, .crypto_id = CRYPTO_MD_SHA512, .size = 64 }, - [ST_X509_HASH_SHA256] = { .name = "SHA256", .uuid = &PKS_CERT_X509_SHA256_GUID }, - [ST_X509_HASH_SHA384] = { .name = "SHA384", .uuid = &PKS_CERT_X509_SHA384_GUID }, - [ST_X509_HASH_SHA512] = { .name = "SHA512", .uuid = &PKS_CERT_X509_SHA512_GUID }, [ST_UNKNOWN] = { .name = "UNKNOWN", .uuid = NULL}, }; // clang-format on @@ -107,35 +104,6 @@ prlog(PR_ERR, "%s }\n", signature_type_list[i].name); else prlog(PR_ERR, "%s, ", signature_type_list[i].name); - } - - return ARG_PARSE_FAIL; -} - -/* - * given a string, it will return the corresponding x509 sig_type info index - * - * @param name, the name of the hash function {"sha1", "sha246"...} - * @param returnfunct, the corresponding sig_type info index - * @return success or err number if not a valid hash function name - */ -int get_x509_hash_function(const char *name, enum signature_type *returnfunct) -{ - for (int i = ST_X509_HASHES_START; i <= ST_X509_HASHES_END; i++) { - if (strcmp(name, signature_type_list[i].name)) - continue; - - *returnfunct = i; - return SUCCESS; - } - - prlog(PR_ERR, "error: invalid hash algorithm %s , hint: use -h { ", name); - - for (int i = ST_X509_HASHES_START; i <= ST_X509_HASHES_END; i++) { - if (i == ST_X509_HASHES_END) - prlog(PR_ERR, "%s }\n", signature_type_list[i].name); - else - prlog(PR_ERR, "%s, ", signature_type_list[i].name); } return ARG_PARSE_FAIL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/validate.c new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/validate.c --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/validate.c 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/validate.c 2023-10-12 17:51:48.000000000 +0200 @@ -85,8 +85,7 @@ bool validate_hash(uuid_t type, size_t size) { int idx = get_signature_type(type); - if (idx < ST_HASHES_END || idx < ST_X509_HASHES_START || - signature_type_list[idx].size != size) + if (idx > ST_HASHES_END || idx < ST_HASHES_START || signature_type_list[idx].size != size) return false; return true; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/verify.c new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/verify.c --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/common/verify.c 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/common/verify.c 2023-10-12 17:51:48.000000000 +0200 @@ -8,6 +8,7 @@ #include <fcntl.h> #include <unistd.h> #include <argp.h> +#include "common/read.h" #include "err.h" #include "prlog.h" #include "generic.h" @@ -70,8 +71,8 @@ prlog(PR_INFO, "\tappend update: %s\n\n", (append_update ? "True" : "False")); if (*new_esl_data != NULL) { - rc = print_variables((*new_esl_data + TIMESTAMP_LEN), - (*new_esl_data_size - TIMESTAMP_LEN), variable_name); + rc = print_esl_buffer((*new_esl_data + TIMESTAMP_LEN), + (*new_esl_data_size - TIMESTAMP_LEN), variable_name); if (rc != SUCCESS) return rc; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/guest_svc_generate.c new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/guest_svc_generate.c --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/guest_svc_generate.c 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/guest_svc_generate.c 2023-10-12 17:51:48.000000000 +0200 @@ -477,12 +477,7 @@ } break; case 'a': - args->append_flag = strtol(arg, NULL, 0); - if (args->append_flag < 0 || args->append_flag > 1) { - prlog(PR_ERR, "ERROR: append flag accept 0 or 1 only but it is %d\n", - args->append_flag); - rc = ARG_PARSE_FAIL; - } + args->append_flag = 1; break; case ARGP_KEY_ARG: /* check if reset key is desired */ @@ -515,8 +510,6 @@ "option\n"); else if (args->output_file == NULL) prlog(PR_ERR, "ERROR: no output file given, see usage below...\n"); - else if (args->append_flag > 0 && strcmp(PK_VARIABLE, args->variable_name) == 0) - prlog(PR_ERR, "ERROR: append flag should be 0 for PK\n"); else break; argp_usage(state); @@ -527,6 +520,12 @@ if (rc) prlog(PR_ERR, "failed during argument parsing\n"); + // Special case, filter out appends on PK + if (args->append_flag > 0 && strcmp(PK_VARIABLE, args->variable_name) == 0) { + prlog(PR_ERR, "ERROR: PK does not support the append flag\n"); + rc = ARG_PARSE_FAIL; + } + return rc; } @@ -586,8 +585,7 @@ "info/ranges" }, { "force", 'f', 0, 0, "does not do prevalidation on the input file, assumes format is correct" }, - { "append flag", 'a', "APPEND_FLAG", 0, - "set append flag, used when generating auth file" }, + { "append", 'a', 0, 0, "set append flag, used when generating auth file" }, { 0, 'i', "FILE", OPTION_HIDDEN, "input file" }, { 0, 'o', "FILE", OPTION_HIDDEN, "output file" }, { "help", '?', 0, 0, "Give this help list", 1 }, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/guest_svc_read.c new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/guest_svc_read.c --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/guest_svc_read.c 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/guest_svc_read.c 2023-10-12 17:51:48.000000000 +0200 @@ -52,22 +52,25 @@ static int get_variable_path(const char *path, const char *variable_name, char **variable_path) { int len = 0; - char *esl_data = "/data"; + char esl_data[] = "/data"; + char sep[2] = { 0 }; - len = strlen(path) + strlen(variable_name) + strlen(esl_data); - *variable_path = malloc(len + 1); + len = strlen(path); + + // Determine if we need to append a / to path + if (path[len - 1] != '/') { + len += 1; + sep[0] = '/'; + } + + len += strlen(variable_name) + strlen(esl_data) + 1; + *variable_path = calloc(1, len); if (*variable_path == NULL) { prlog(PR_ERR, "ERROR: failed to allocate memory\n"); return ALLOC_FAIL; } - memset(*variable_path, 0x00, len + 1); - len = 0; - memcpy(*variable_path + len, path, strlen(path)); - len += strlen(path); - memcpy(*variable_path + len, variable_name, strlen(variable_name)); - len += strlen(variable_name); - memcpy(*variable_path + len, esl_data, strlen(esl_data)); + snprintf(*variable_path, len, "%s%s%s%s", path, sep, variable_name, esl_data); return SUCCESS; } @@ -150,7 +153,7 @@ return rc; } - rc = print_variables(esl_data, esl_data_len, variable_name); + rc = print_esl_buffer(esl_data, esl_data_len, variable_name); return rc; } @@ -227,8 +230,8 @@ if (auth_size == auth_data_len) printf("ESL is empty, it is reset file.\n"); else - rc = print_variables(auth_data + APPEND_HEADER_LEN + auth_size, - auth_data_len - auth_size, variable_name); + rc = print_esl_buffer(auth_data + APPEND_HEADER_LEN + auth_size, + auth_data_len - auth_size, variable_name); return rc; } @@ -259,8 +262,8 @@ if (is_print_raw || esl_data_size == DEFAULT_PK_LEN) print_raw((char *)esl_data, esl_data_size); else if (esl_data_size >= TIMESTAMP_LEN) - rc = print_variables(esl_data + TIMESTAMP_LEN, - esl_data_size - TIMESTAMP_LEN, variable_name); + rc = print_esl_buffer(esl_data + TIMESTAMP_LEN, + esl_data_size - TIMESTAMP_LEN, variable_name); else prlog(PR_WARNING, "WARNING: The %s database is empty.\n", variable_name); @@ -287,9 +290,9 @@ strcmp(defined_sb_variables[i], PK_VARIABLE) == 0)) print_raw((char *)esl_data, esl_data_size); else if (esl_data_size >= TIMESTAMP_LEN) - rc = print_variables(esl_data + TIMESTAMP_LEN, - esl_data_size - TIMESTAMP_LEN, - defined_sb_variables[i]); + rc = print_esl_buffer(esl_data + TIMESTAMP_LEN, + esl_data_size - TIMESTAMP_LEN, + defined_sb_variables[i]); else prlog(PR_WARNING, "WARNING: The %s database is empty.\n", defined_sb_variables[i]); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/include/common/generate.h new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/include/common/generate.h --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/include/common/generate.h 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/include/common/generate.h 2023-10-12 17:51:48.000000000 +0200 @@ -139,7 +139,7 @@ * @param buffer_size , length of buffer * @param hash_funct, index of hash function information to use for ESL GUID, * also helps in prevalation, if inform is '[c]ert' then this doesn't matter - * @param hash_data, the generated hash data + * @param hash_data, the generated hash data, should already be allocated to hold hash * @param hash_data_size, the length of hash data * @param esl_guid, signature type of ESL * @return SUCCESS or err number diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/include/common/read.h new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/include/common/read.h --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/include/common/read.h 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/include/common/read.h 2023-10-12 17:51:48.000000000 +0200 @@ -61,6 +61,6 @@ * @param key, variable name {"db","dbx","KEK", "PK"} b/c dbx is a different format * @return SUCCESS or error number if failure */ -int print_variables(const uint8_t *buffer, size_t buffer_size, const char *var_name); +int print_esl_buffer(const uint8_t *buffer, size_t buffer_size, const char *var_name); #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/include/common/util.h new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/include/common/util.h --- old/secvarctl-1.0.0~rc1+git0.a180a56/backends/guest/include/common/util.h 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/backends/guest/include/common/util.h 2023-10-12 17:51:48.000000000 +0200 @@ -3,6 +3,7 @@ #include <stdint.h> #include "pseries.h" +#include "prlog.h" #define CERT_BUFFER_SIZE 2048 #define zalloc(...) calloc(1, __VA_ARGS__) @@ -38,11 +39,6 @@ ST_HASH_SHA384, ST_HASH_SHA512, #define ST_HASHES_END ST_HASH_SHA512 -#define ST_X509_HASHES_START ST_X509_HASH_SHA256 - ST_X509_HASH_SHA256, - ST_X509_HASH_SHA384, - ST_X509_HASH_SHA512, -#define ST_X509_HASHES_END ST_X509_HASH_SHA512 ST_UNKNOWN, #define ST_LIST_END ST_UNKNOWN }; @@ -98,20 +94,11 @@ int get_hash_function(const char *name, enum signature_type *returnfunct); /* - * given a string, it will return the corresponding x509 sig_type info index - * - * @param name, the name of the hash function {"sha1", "sha246"...} - * @param returnfunct, the corresponding sig_type info index - * @return success or err number if not a valid hash function name - */ -int get_x509_hash_function(const char *name, enum signature_type *returnfunct); - -/* * check it whether given signature type is hash or not */ static inline bool is_hash(enum signature_type st) { - return (ST_HASHES_START <= st) && (st <= ST_X509_HASHES_END); + return (ST_HASHES_START <= st) && (st <= ST_HASHES_END); } /* @@ -179,7 +166,7 @@ /* Get crypto lib defined ID for MD alg idx of signature_type_list */ static inline int get_crypto_alg_id(enum signature_type idx) { - if (idx > ST_HASHES_END || idx < ST_X509_HASHES_START) { + if (idx > ST_HASHES_END || idx < ST_HASHES_START) { prlog(PR_ERR, "error: invalid crypto alg key %d\n", idx); idx = ST_HASH_SHA256; } @@ -189,7 +176,7 @@ /* Get crypto lib defined ID for MD alg idx of signature_type_list */ static inline size_t get_crypto_alg_len(enum signature_type idx) { - if (idx > ST_HASHES_END || idx < ST_X509_HASHES_START) { + if (idx > ST_HASHES_END || idx < ST_HASHES_START) { prlog(PR_ERR, "error: invalid crypto alg key %d\n", idx); idx = ST_HASH_SHA256; } @@ -199,7 +186,7 @@ /* Get crypto lib defined ID for MD alg idx of signature_type_list */ static inline const char *get_crypto_alg_name(enum signature_type idx) { - if (idx > ST_HASHES_END || idx < ST_X509_HASHES_START) { + if (idx > ST_HASHES_END || idx < ST_HASHES_START) { prlog(PR_ERR, "error: invalid crypto alg key %d\n", idx); idx = ST_HASH_SHA256; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/generic.c new/secvarctl-1.0.0~rc2+git1.1f96bad/generic.c --- old/secvarctl-1.0.0~rc1+git0.a180a56/generic.c 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/generic.c 2023-10-12 17:51:48.000000000 +0200 @@ -12,6 +12,7 @@ #include <sys/types.h> #include "err.h" #include "prlog.h" +#include "generic.h" /* * determines if given file currently exists @@ -31,7 +32,7 @@ return SUCCESS; } -void print_hex(unsigned char *data, size_t length) +void print_hex(const uint8_t *data, size_t length) { int i; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/guest-usage.md new/secvarctl-1.0.0~rc2+git1.1f96bad/guest-usage.md --- old/secvarctl-1.0.0~rc1+git0.a180a56/guest-usage.md 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/guest-usage.md 2023-10-12 17:51:48.000000000 +0200 @@ -172,7 +172,7 @@ --usage --help -v , verbose, gives process info - -a <append flag>, used when generating an auth file and By default, append flag is set to 0. it accept only 0 or 1. 0 for replace update and 1 for append update + -a , use when generating and auth file to set the append flag -n <varName> , name of secure boot variable, used when generating an auth file, PKCS7, or hash file -f force generation, skips validation of input file, assumes format to be correct -t <time> , where <time> is of the format described below. creates a custom timestamp used when generating an auth or PKCS7 file, if not given then current time is used, all times are in UTC diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/include/generic.h new/secvarctl-1.0.0~rc2+git1.1f96bad/include/generic.h --- old/secvarctl-1.0.0~rc1+git0.a180a56/include/generic.h 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/include/generic.h 2023-10-12 17:51:48.000000000 +0200 @@ -5,6 +5,8 @@ #ifndef GENERIC_H #define GENERIC_H +#include <stdint.h> + #define ARGP_OPT_USAGE_KEY 0x100 struct command { @@ -17,7 +19,7 @@ int create_file(const char *file, const char *buff, size_t size); void print_raw(const char *c, size_t size); int is_file(const char *path); -void print_hex(unsigned char *data, size_t length); +void print_hex(const uint8_t *data, size_t length); int realloc_array(void **arr, size_t new_length, size_t size_each); #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/secvarctl-1.0.0~rc1+git0.a180a56/test/guest_tests.py new/secvarctl-1.0.0~rc2+git1.1f96bad/test/guest_tests.py --- old/secvarctl-1.0.0~rc1+git0.a180a56/test/guest_tests.py 2023-09-27 19:58:24.000000000 +0200 +++ new/secvarctl-1.0.0~rc2+git1.1f96bad/test/guest_tests.py 2023-10-12 17:51:48.000000000 +0200 @@ -187,6 +187,11 @@ cmd = generate_esl(var_name, format_type, cert_file, esl_file) self.assertCmdTrue(cmd) + # dbx ESl can be generated with a hash OR a cert, validate both + if var_name == "dbx": + cmd = generate_esl(var_name, file_to_esl, cert_file, esl_file) + self.assertCmdTrue(cmd) + def test_generate_auth_files(self): for var_by_PK in variable_by_PK: auth_file = gen_dir + var_by_PK[0] + ".auth" @@ -236,6 +241,14 @@ self.assertCmdTrue(cmd) def test_read(self): + # Test path without appended / + cmd = SECTOOLS + ["read", "-p", "testdata/guest/goldenKeys", "-n", "PK"] + self.assertCmdTrue(cmd) + + # Test with appended / + cmd = SECTOOLS + ["read", "-p", "testdata/guest/goldenKeys/", "-n", "PK"] + self.assertCmdTrue(cmd) + for cert_file in cert_files: cmd = get_read_command(cert_type, cert_file) self.assertCmdTrue(cmd) @@ -249,6 +262,10 @@ cmd = get_read_command(path_type, test_env_path) self.assertCmdTrue(cmd) + # Should not segfault + cmd = SECTOOLS + ["read", "-e", "testdata/guest/errorfiles/PK_invalid_cert_size.esl"] + self.assertCmdFalse(cmd) + def test_validate(self): for cert_file in cert_files: cmd = get_validate_command(cert_type, cert_file) Binary files old/secvarctl-1.0.0~rc1+git0.a180a56/test/testdata/guest/errorfiles/PK_invalid_cert_size.esl and new/secvarctl-1.0.0~rc2+git1.1f96bad/test/testdata/guest/errorfiles/PK_invalid_cert_size.esl differ
