From: José Bollo Date: Thu, 3 Dec 2015 14:26:29 +0000 (+0100) Subject: comments X-Git-Tag: 2.0.2~164 X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=commitdiff_plain;h=3c72eb90658c072d50b18c48f2d8857bbc546b42;p=src%2Fapp-framework-main.git comments Change-Id: I9b4a2067deca27c067d3b827d87204e87fa9c493 --- diff --git a/wgtpkg-digsig.c b/wgtpkg-digsig.c index 6acfd6b..284acd1 100644 --- a/wgtpkg-digsig.c +++ b/wgtpkg-digsig.c @@ -132,22 +132,29 @@ static int check_one_reference(xmlNodePtr ref) /* parse the uri */ u = xmlParseURI(uri); - if (u == NULL) { + if (!u) { syslog(LOG_ERR, "error while parsing URI %s", uri); goto error2; } + /* check that unexpected parts are not there */ if (u->scheme || u->opaque || u->authority || u->server || u->user || u->query) { syslog(LOG_ERR, "unexpected uri component in %s", uri); goto error3; } + /* check path and fragment */ + if (!u->path && !u->fragment) { + syslog(LOG_ERR, "invalid uri %s", uri); + goto error3; + } if (u->path && u->fragment) { syslog(LOG_ERR, "not allowed to sign foreign fragment in %s", uri); goto error3; } if (u->path) { + /* check that the path is valid */ fdesc = file_of_name(u->path); if (fdesc == NULL) { syslog(LOG_ERR, "reference to unknown file %s", u->path); @@ -219,6 +226,7 @@ static int get_certificates(xmlNodePtr kinfo) return 0; } +/* checks the current document */ static int checkdocument() { int rc; @@ -266,6 +274,7 @@ error: return rc; } +/* verify the digital signature of the file described by 'fdesc' */ int verify_digsig(struct filedesc *fdesc) { int res; @@ -292,6 +301,7 @@ int verify_digsig(struct filedesc *fdesc) return res; } +/* check all the signature files */ int check_all_signatures() { int rc, irc; @@ -302,7 +312,6 @@ int check_all_signatures() rc = 0; for (i = n ; i-- > 0 ; ) { fdesc = signature_of_index(i); - assert ((fdesc->flags & flag_signature) != 0); irc = verify_digsig(fdesc); if (!irc) rc = irc; @@ -311,6 +320,9 @@ int check_all_signatures() return rc; } +/* create a signature of 'index' (0 for author, other values for distributors) +using the private 'key' (filename) and the certificates 'certs' (filenames) +as trusted chain */ int create_digsig(int index, const char *key, const char **certs) { struct filedesc *fdesc; @@ -318,14 +330,18 @@ int create_digsig(int index, const char *key, const char **certs) int rc, len; rc = -1; + + /* create the doc */ doc = xmlsec_create(index, key, certs); if (doc == NULL) goto error; + /* instanciate the filename */ fdesc = create_signature(index); if (fdesc == NULL) goto error2; + /* save the doc as file */ len = xmlSaveFormatFileEnc(fdesc->name, doc, NULL, 0); if (len < 0) { syslog(LOG_ERR, "xmlSaveFormatFileEnc to %s failed", fdesc->name); diff --git a/wgtpkg-files.c b/wgtpkg-files.c index 17e909a..06aac83 100644 --- a/wgtpkg-files.c +++ b/wgtpkg-files.c @@ -238,6 +238,7 @@ struct filedesc *create_signature(unsigned int number) return result; } +/* remove flags that are not related to being signature */ void file_clear_flags() { unsigned int i; diff --git a/wgtpkg-xmlsec.c b/wgtpkg-xmlsec.c index b2c2e50..843ea2b 100644 --- a/wgtpkg-xmlsec.c +++ b/wgtpkg-xmlsec.c @@ -42,12 +42,14 @@ static xmlSecKeysMngrPtr keymgr; #define CA_ROOT_DIRECTORY "./ca-certificates" #endif +/* checks if a file match uri (should not be a distributor signature) */ static int file_match_cb(const char *uri) { struct filedesc *fdesc = file_of_name(uri); return fdesc != NULL && fdesc->type == type_file && (fdesc->flags & flag_distributor_signature) == 0; } +/* open the file of uri */ static void *file_open_cb(const char *file) { struct filedesc *fdesc; @@ -68,22 +70,26 @@ static void *file_open_cb(const char *file) return f; } +/* read the opened file */ static int file_read_cb(void *context, char *buffer, int len) { size_t r = fread(buffer, 1, len, (FILE*)context); return r ? (int)r : feof((FILE*)context) ? 0 : - 1; } +/* close the opened file */ static int file_close_cb(void *context) { return (int)fclose((FILE*)context); } +/* echo an error message */ static void errors_cb(const char *file, int line, const char *func, const char *errorObject, const char *errorSubject, int reason, const char *msg) { syslog(LOG_ERR, "xmlSec error %3d: %s (subject=\"%s\", object=\"%s\")", reason, msg, errorSubject ? errorSubject : "?", errorObject ? errorObject : "?"); } +/* fills database with trusted keys */ static int fill_trusted_keys() { int err; @@ -118,6 +124,7 @@ static int fill_trusted_keys() } +/* initialisation of access to xmlsec */ int xmlsec_init() { @@ -175,7 +182,7 @@ end: return initstatus; } - +/* shuting down accesses to xmlsec */ void xmlsec_shutdown() { xmlSecKeysMngrDestroy(keymgr); @@ -187,6 +194,7 @@ void xmlsec_shutdown() xmlSecShutdown(); } +/* verify a signature */ int xmlsec_verify(xmlNodePtr node) { int rc; @@ -212,9 +220,10 @@ int xmlsec_verify(xmlNodePtr node) return rc; } +/* templates for properties of signature files */ static const struct { const char *id; const char *xml; } properties[2] = { { - .id = "AuthorSignature", + .id = "AuthorSignature", /* template of properties for author signature */ .xml = "" "" @@ -229,7 +238,7 @@ static const struct { const char *id; const char *xml; } properties[2] = { "" }, { - .id = "DistributorSignature", + .id = "DistributorSignature", /* template of properties for distributor signature */ .xml = "" "" @@ -245,6 +254,9 @@ static const struct { const char *id; const char *xml; } properties[2] = { } }; +/* create a signature of 'index' (0 for author, other values for distributors) +using the private 'key' (filename) and the certificates 'certs' (filenames) +as trusted chain */ xmlDocPtr xmlsec_create(int index, const char *key, const char **certs) { unsigned int i, fc, mask;