Google Git
Sign in
qemu / ipxe / refs/heads/centos7 / . / src / image / pem.c
blob: 2dcc36442355dfadeadb7faa24d4870977a815c8 [file] [log] [blame]
/*
* Copyright (C) 2016 Michael Brown <mbrown@fensystems.co.uk>.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*
* You can also choose to distribute this program under the terms of
* the Unmodified Binary Distribution Licence (as given in the file
* COPYING.UBDL), provided that you have satisfied its requirements.
*/
FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
#include <stdlib.h>
#include <errno.h>
#include <assert.h>
#include <ipxe/asn1.h>
#include <ipxe/base64.h>
#include <ipxe/uaccess.h>
#include <ipxe/image.h>
#include <ipxe/pem.h>
/** @file
*
* PEM-encoded ASN.1 data
*
*/
/**
* Locate next line
*
* @v data PEM data
* @v len Length of PEM data
* @v offset Starting offset
* @ret next Offset to next line
*/
static size_t pem_next ( userptr_t data, size_t len, size_t offset ) {
off_t eol;
/* Find and skip next newline character, if any */
eol = memchr_user ( data, offset, '\n', ( len - offset ) );
if ( eol < 0 )
return len;
return ( eol + 1 );
}
/**
* Locate boundary marker line
*
* @v data PEM data
* @v len Length of PEM data
* @v offset Starting offset
* @v marker Boundary marker
* @ret offset Offset to boundary marker line, or negative error
*/
static int pem_marker ( userptr_t data, size_t len, size_t offset,
const char *marker ) {
char buf[ strlen ( marker ) ];
/* Sanity check */
assert ( offset <= len );
/* Scan for marker at start of line */
while ( offset < len ) {
/* Check for marker */
if ( ( len - offset ) < sizeof ( buf ) )
break;
copy_from_user ( buf, data, offset, sizeof ( buf ) );
if ( memcmp ( buf, marker, sizeof ( buf ) ) == 0 )
return offset;
/* Move to next line */
offset = pem_next ( data, len, offset );
assert ( offset <= len );
}
return -ENOENT;
}
/**
* Extract ASN.1 object from PEM data
*
* @v data PEM data
* @v len Length of PEM data
* @v offset Offset within data
* @v cursor ASN.1 cursor to fill in
* @ret next Offset to next object, or negative error
*
* The caller is responsible for eventually calling free() on the
* allocated ASN.1 cursor.
*/
int pem_asn1 ( userptr_t data, size_t len, size_t offset,
struct asn1_cursor **cursor ) {
size_t encoded_len;
size_t decoded_max_len;
char *encoded;
void *decoded;
int decoded_len;
int begin;
int end;
int rc;
/* Locate and skip BEGIN marker */
begin = pem_marker ( data, len, offset, PEM_BEGIN );
if ( begin < 0 ) {
rc = begin;
DBGC ( data, "PEM [%#zx,%#zx) missing BEGIN marker: %s\n",
offset, len, strerror ( rc ) );
goto err_begin;
}
begin = pem_next ( data, len, begin );
/* Locate and skip END marker */
end = pem_marker ( data, len, begin, PEM_END );
if ( end < 0 ) {
rc = end;
DBGC ( data, "PEM [%#zx,%#zx) missing END marker: %s\n",
offset, len, strerror ( rc ) );
goto err_end;
}
encoded_len = ( end - begin );
end = pem_next ( data, len, end );
/* Extract Base64-encoded data */
encoded = malloc ( encoded_len + 1 /* NUL */ );
if ( ! encoded ) {
rc = -ENOMEM;
goto err_alloc_encoded;
}
copy_from_user ( encoded, data, begin, encoded_len );
encoded[encoded_len] = '\0';
/* Allocate cursor and data buffer */
decoded_max_len = base64_decoded_max_len ( encoded );
*cursor = malloc ( sizeof ( **cursor ) + decoded_max_len );
if ( ! *cursor ) {
rc = -ENOMEM;
goto err_alloc_cursor;
}
decoded = ( ( ( void * ) *cursor ) + sizeof ( **cursor ) );
/* Decode Base64-encoded data */
decoded_len = base64_decode ( encoded, decoded, decoded_max_len );
if ( decoded_len < 0 ) {
rc = decoded_len;
DBGC ( data, "PEM could not decode: %s\n", strerror ( rc ) );
goto err_decode;
}
(*cursor)->data = decoded;
(*cursor)->len = decoded_len;
assert ( (*cursor)->len <= decoded_max_len );
/* Free Base64-encoded data */
free ( encoded );
/* Update offset and skip any unencapsulated trailer */
offset = end;
if ( pem_marker ( data, len, offset, PEM_BEGIN ) < 0 )
offset = len;
return offset;
err_decode:
free ( *cursor );
*cursor = NULL;
err_alloc_cursor:
free ( encoded );
err_alloc_encoded:
err_end:
err_begin:
return rc;
}
/**
* Probe PEM image
*
* @v image PEM image
* @ret rc Return status code
*/
static int pem_image_probe ( struct image *image ) {
int offset;
int rc;
/* Check that image contains a BEGIN marker */
if ( ( offset = pem_marker ( image->data, image->len, 0,
PEM_BEGIN ) ) < 0 ) {
rc = offset;
DBGC ( image, "PEM %s has no BEGIN marker: %s\n",
image->name, strerror ( rc ) );
return rc;
}
return 0;
}
/**
* Extract ASN.1 object from image
*
* @v image PEM image
* @v offset Offset within image
* @v cursor ASN.1 cursor to fill in
* @ret next Offset to next image, or negative error
*
* The caller is responsible for eventually calling free() on the
* allocated ASN.1 cursor.
*/
static int pem_image_asn1 ( struct image *image, size_t offset,
struct asn1_cursor **cursor ) {
int next;
int rc;
/* Extract ASN.1 object */
if ( ( next = pem_asn1 ( image->data, image->len, offset,
cursor ) ) < 0 ) {
rc = next;
DBGC ( image, "PEM %s could not extract ASN.1: %s\n",
image->name, strerror ( rc ) );
return rc;
}
return next;
}
/** PEM image type */
struct image_type pem_image_type __image_type ( PROBE_NORMAL ) = {
.name = "PEM",
.probe = pem_image_probe,
.asn1 = pem_image_asn1,
};