void print_type(struct object_heap* oh, struct Object* o) {
struct Object* traits;
struct Object* traitsWindow;
struct OopArray* x;
if (object_is_smallint(o)) {
fprintf(stderr, "%" PRIdPTR " (0x%" PRIuPTR ")\n", object_to_smallint(o), object_to_smallint(o));
return;
}
if (object_type(o) == TYPE_BYTE_ARRAY) {
fprintf(stderr, "(");
print_byte_array(o);
fprintf(stderr, ") ");
/*return;*/
}
x = o->map->delegates;
if (!x || array_size(x) < 1) goto fail;
traitsWindow = x->elements[0];
{
if (traitsWindow == oh->cached.compiled_method_window) {
fprintf(stderr, "(method #");
print_byte_array((struct Object*)(((struct CompiledMethod*)o)->method->selector));
fprintf(stderr, ")");
}
}
x = traitsWindow->map->delegates;
if (!x || array_size(x) < 1) goto fail;
traits = x->elements[array_size(x)-1];
if (o == oh->cached.nil) {
fprintf(stderr, "nil\n");
} else if (o == oh->cached.true_object) {
fprintf(stderr, "true\n");
} else if (o == oh->cached.false_object) {
fprintf(stderr, "false\n");
} else {
print_printname(oh, o);
fprintf(stderr, "(");
print_printname(oh, traits);
fprintf(stderr, ")\n");
}
return;
fail:
fprintf(stderr, "<unknown type>\n");
}
Chunk* load_chunk(std::ifstream& stream, int x, int z)
{
ByteString bytes;
uint32_t metadataOffset = 4 * (x + z * 32);
stream.seekg(metadataOffset);
bytes = read_bytes_from_stream(stream, 4);
uint32_t offset = bytes.read<uint32_t>() >> 8;
if(offset == 0) {
return NULL;
}
stream.seekg(4096 * offset);
bytes = read_bytes_from_stream(stream, 5);
uint32_t bytecount = bytes.read<uint32_t>();
bytes = read_bytes_from_stream(stream, bytecount - 1);
// decompress
unsigned long uncompressedLength;
ByteString uncompressedData(CHUNK_INFLATE_MAX);
std::cout << uncompress(uncompressedData.bytes(), &uncompressedLength, bytes.bytes(), bytecount - 1) << std::endl;;
//std::cout << uncompressedLength << std::endl;
print_byte_array(uncompressedData.bytes(), uncompressedLength);
return read_chunk(ByteString(uncompressedData));
}
bool_t print_printname(struct object_heap* oh, struct Object* o) {
word_t i;
struct Map* map = o->map;
struct SlotTable* slotTable = map->slotTable;
word_t limit = slot_table_capacity(slotTable);
for (i=0; i < limit; i++) {
if (slotTable->slots[i].name == (struct Symbol*)oh->cached.nil) continue;
if (strncmp((char*)slotTable->slots[i].name->elements, "printName", 9) == 0) {
struct Object* obj = object_slot_value_at_offset(o, object_to_smallint(slotTable->slots[i].offset));
if (object_is_smallint(obj) || object_type(obj) != TYPE_BYTE_ARRAY) {
return FALSE;
} else {
print_byte_array(obj);
return TRUE;
}
}
}
return FALSE;
}
void typeArrayKlass::oop_print_on(oop obj, outputStream* st) {
arrayKlass::oop_print_on(obj, st);
typeArrayOop ta = typeArrayOop(obj);
int print_len = MIN2((intx) ta->length(), MaxElementPrintSize);
switch (element_type()) {
case T_BOOLEAN: print_boolean_array(ta, print_len, st); break;
case T_CHAR: print_char_array(ta, print_len, st); break;
case T_FLOAT: print_float_array(ta, print_len, st); break;
case T_DOUBLE: print_double_array(ta, print_len, st); break;
case T_BYTE: print_byte_array(ta, print_len, st); break;
case T_SHORT: print_short_array(ta, print_len, st); break;
case T_INT: print_int_array(ta, print_len, st); break;
case T_LONG: print_long_array(ta, print_len, st); break;
default: ShouldNotReachHere();
}
int remaining = ta->length() - print_len;
if (remaining > 0) {
tty->print_cr(" - <%d more elements, increase MaxElementPrintSize to print>", remaining);
}
}
bool CRefWLGen::set_key_and_sign(const char* prikey_file, ref_le_white_list_t *p_wl, uint16_t wl_count, sgx_rsa3072_signature_t* p_signature)
{
rsa_params_t rsa_params;
int key_type;
if (!parse_key_file(prikey_file, &rsa_params, &key_type))
{
return false;
}
rsa_params.e[0] = 3;
sgx_rsa3072_key_t rsa_key;
memcpy(&(rsa_key.mod), &(rsa_params.n), sizeof(rsa_key.mod));
memcpy(&(rsa_key.d), &(rsa_params.d), sizeof(rsa_key.d));
memcpy(&(rsa_key.e), &(rsa_params.e), sizeof(rsa_key.e));
memcpy(&(p_wl->signer_pubkey.mod), &(rsa_params.n), sizeof(p_wl->signer_pubkey.mod));
memcpy(&(p_wl->signer_pubkey.exp), &(rsa_params.e), sizeof(p_wl->signer_pubkey.exp));
print_line(false, " Signer public key modolus: ");
print_byte_array(false, (uint8_t*)&(p_wl->signer_pubkey.mod), sizeof(p_wl->signer_pubkey.mod), " ");
print_line(false, " Signer public key exponent: %d\n", p_wl->signer_pubkey.exp);
reverse_byte_array((uint8_t*)&(p_wl->signer_pubkey.mod), sizeof(p_wl->signer_pubkey.mod));
reverse_byte_array((uint8_t*)&(p_wl->signer_pubkey.exp), sizeof(p_wl->signer_pubkey.exp));
int len = REF_LE_WL_SIZE(wl_count);
sgx_status_t res = sgx_rsa3072_sign((const uint8_t*) p_wl, len, &rsa_key, p_signature);
if (res != SGX_SUCCESS)
{
return false;
}
return true;
}
void print_object_with_depth(struct object_heap* oh, struct Object* o, word_t depth, word_t max_depth) {
struct Map* map;
word_t i;
if (depth >= max_depth || object_is_smallint(o)) {
fprintf(stderr, "(depth limit reached) "); print_object(o);
return;
}
if (o == oh->cached.nil) {
fprintf(stderr, "<object NilObject>\n");
return;
}
map = o->map;
print_object(o);
if (object_hash(o) >= ID_HASH_RESERVED) {
indent(depth); fprintf(stderr, "<object is free/reserved>\n");
return;
}
indent(depth); fprintf(stderr, "{\n");
if (object_type(o) == TYPE_BYTE_ARRAY) {
indent(depth); fprintf(stderr, "bytes: ");
print_byte_array(o); fprintf(stderr, "\n");
}
if (object_type(o) == TYPE_OOP_ARRAY) {
struct OopArray* array = (struct OopArray*)o;
indent(depth); fprintf(stderr, "size(array) = %" PRIdPTR "\n", object_array_size(o));
for (i=0; i < object_array_size(o); i++) {
indent(depth); fprintf(stderr, "array[%" PRIdPTR "]: ", i); print_object_with_depth(oh, array->elements[i], depth+1, max_depth);
if (object_array_size(o) - i > 10) {
indent(depth); fprintf(stderr, "...\n");
i = object_array_size(o) - 2;
}
}
}
indent(depth);
fprintf(stderr, "map flags: %" PRIdPTR " (%s)\n",
object_to_smallint(map->flags),
((((word_t)map->flags & MAP_FLAG_RESTRICT_DELEGATION)==0)? "delegation not restricted":"delegation restricted"));
{
/*print if delegate*/
struct OopArray* delegates = map->delegates;
word_t offset = object_array_offset((struct Object*)delegates);
word_t limit = object_total_size((struct Object*)delegates);
for (i = 0; offset != limit; offset += sizeof(word_t), i++) {
struct Object* delegate = object_slot_value_at_offset((struct Object*)delegates, offset);
indent(depth); fprintf(stderr, "delegate[%" PRIdPTR "] = ", i);
print_object_with_depth(oh, delegate,
(((word_t)map->flags & MAP_FLAG_RESTRICT_DELEGATION) == 0)? depth+1 : max(max_depth-1, depth+1), max_depth);
}
}
{/*if?*/
struct SlotTable* slotTable = map->slotTable;
word_t limit = slot_table_capacity(map->slotTable);
indent(depth); fprintf(stderr, "slot count: %" PRIdPTR "\n", object_to_smallint(map->slotCount));
for (i=0; i < limit; i++) {
if (slotTable->slots[i].name == (struct Symbol*)oh->cached.nil) continue;
indent(depth);
fprintf(stderr, "slot[%" PRIdPTR "]['", i); print_symbol(slotTable->slots[i].name); fprintf(stderr, "'] = ");
{
struct Object* obj = object_slot_value_at_offset(o, object_to_smallint(slotTable->slots[i].offset));
if (object_is_smallint(obj) || object_type(obj) != TYPE_BYTE_ARRAY) {
print_object(obj);
} else {
print_byte_array(obj); fprintf(stderr, "\n");
}
}
}
}
/*indent(depth); fprintf(stderr, "map = "); print_object_with_depth(oh, (struct Object*)map, depth+1, max_depth);*/
/*roles */
{
struct RoleTable* roleTable = map->roleTable;
word_t limit = role_table_capacity(roleTable);
indent(depth); fprintf(stderr, "role table capacity: %" PRIdPTR "\n", limit);
for (i = 0; i < limit; i++) {
if (roleTable->roles[i].name == (struct Symbol*)oh->cached.nil) {continue;}
else {
indent(depth); fprintf(stderr, "role[%" PRIdPTR "]['", i); print_symbol(roleTable->roles[i].name);
fprintf(stderr, "'] @ 0x%04" PRIxPTR "\n", object_to_smallint(roleTable->roles[i].rolePositions));
#if 0
print_object_with_depth(oh, (struct Object*)roleTable->roles[i].methodDefinition, max_depth, max_depth);
#endif
if (limit - i > 50 && depth >= 2) {
indent(depth); fprintf(stderr, "...\n");
i = limit - 3;
}
}
}
}
indent(depth); fprintf(stderr, "}\n");
}
void print_backtrace(struct object_heap* oh) {
word_t depth = 0, detail_depth = -1 /*raise this to print verbose args in stack longer*/;
struct Interpreter* i = oh->cached.interpreter;
struct Closure* closure = (struct Closure*)i->method;
word_t codePointer = i->codePointer;
word_t fp = i->framePointer;
word_t sp = i->stackPointer;
word_t codeSize = i->codeSize;
word_t resultStackPointer = object_to_smallint(i->stack->elements[fp - FRAME_OFFSET_RESULT_STACK_POINTER]);
struct LexicalContext* lc = (struct LexicalContext*)i->stack->elements[fp - FRAME_OFFSET_LEXICAL_CONTEXT];;
fprintf(stderr, "printing backtrace from fp=%" PRIdPTR ", sp=%" PRIdPTR "\n", fp, i->stackPointer);
do {
word_t j;
struct Object** vars;
word_t input_count = object_to_smallint(closure->method->inputVariables);
word_t local_count = object_to_smallint(closure->method->localVariables);
vars = (closure->method->heapAllocate == oh->cached.true_object)? (&lc->variables[0]) : (&i->stack->elements[fp]);
fprintf(stderr, "------------------------------\n");
fprintf(stderr, "FP: %" PRIdPTR "\n", fp);
fprintf(stderr, "SP: %" PRIdPTR "\n", sp);
fprintf(stderr, "IP: %" PRIdPTR "/%" PRIdPTR "\n", codePointer, codeSize);
fprintf(stderr, "result: %" PRIdPTR "\n", resultStackPointer);
fprintf(stderr, "code: %p\n", closure->method->code);
fprintf(stderr, "selector #"); print_byte_array((struct Object*)(closure->method->selector)); fprintf(stderr, "\n");
fprintf(stderr, "regs: %" PRIdPTR "\n", object_to_smallint(closure->method->registerCount));
fprintf(stderr, "heap alloc: %s\n", (closure->method->heapAllocate == oh->cached.true_object)? "true" : "false");
for (j = 0; j < input_count; j++) {
fprintf(stderr, "arg[%" PRIdPTR "] (%p) = ", j, (void*)vars[j]);
if (depth > detail_depth) {
print_type(oh, vars[j]);
} else {
print_detail(oh, vars[j]);
}
}
if (closure->method->heapAllocate == oh->cached.true_object) {
for (j = 0; j < local_count; j++) {
fprintf(stderr, "var[%" PRIdPTR "] (%p)= ", j, (void*)lc->variables[j]);
if (depth > detail_depth) {
print_type(oh, lc->variables[j]);
} else {
print_detail(oh, lc->variables[j]);
}
}
} else {
for (j = input_count; j < input_count + local_count; j++) {
fprintf(stderr, "var[%" PRIdPTR "] (%p) = ", j - input_count, (void*)vars[j]);
if (depth > detail_depth) {
print_type(oh, vars[j]);
} else {
print_detail(oh, vars[j]);
}
}
}
/*order matters here*/
codePointer = object_to_smallint(i->stack->elements[fp - FRAME_OFFSET_CODE_POINTER]);
fp = object_to_smallint(i->stack->elements[fp - FRAME_OFFSET_PREVIOUS_FRAME_POINTER]);
if (fp < FUNCTION_FRAME_SIZE) break;
sp = object_to_smallint(i->stack->elements[fp - FRAME_OFFSET_BEFORE_CALL_STACK_POINTER]);
resultStackPointer = object_to_smallint(i->stack->elements[fp - FRAME_OFFSET_RESULT_STACK_POINTER]);
closure = (struct Closure*)i->stack->elements[fp - FRAME_OFFSET_METHOD];
lc = (struct LexicalContext*)i->stack->elements[fp - FRAME_OFFSET_LEXICAL_CONTEXT];
codeSize = array_size(closure->method->code);
depth++;
} while (fp >= FUNCTION_FRAME_SIZE);
}
int
main(
int argc,
char *argv[]
) {
char *qemu_host;
char *qemu_port;
VSCMsgHeader mhHeader;
VSCMsgError *error_msg;
int rv;
int dwSendLength;
int dwRecvLength;
uint8_t pbRecvBuffer[APDUBufSize];
uint8_t pbSendBuffer[APDUBufSize];
VReaderStatus reader_status;
VReader *reader = NULL;
VCardEmulOptions *command_line_options = NULL;
char *cert_names[MAX_CERTS];
char *emul_args = NULL;
int cert_count = 0;
int c;
while ((c = getopt(argc, argv, "c:e:pd:")) != -1) {
switch (c) {
case 'c':
if (cert_count >= MAX_CERTS) {
printf("too many certificates (max = %d)\n", MAX_CERTS);
exit(5);
}
cert_names[cert_count++] = optarg;
break;
case 'e':
emul_args = optarg;
break;
case 'p':
print_usage();
exit(4);
break;
case 'd':
verbose = get_id_from_string(optarg, 1);
break;
}
}
if (argc - optind != 2) {
print_usage();
exit(4);
}
if (cert_count > 0) {
char *new_args;
int len, i;
/* if we've given some -c options, we clearly we want do so some
* software emulation. add that emulation now. this is NSS Emulator
* specific */
if (emul_args == NULL) {
emul_args = (char *)"db=\"/etc/pki/nssdb\"";
}
#define SOFT_STRING ",soft=(,Virtual Reader,CAC,,"
/* 2 == close paren & null */
len = strlen(emul_args) + strlen(SOFT_STRING) + 2;
for (i = 0; i < cert_count; i++) {
len += strlen(cert_names[i])+1; /* 1 == comma */
}
new_args = g_malloc(len);
strcpy(new_args, emul_args);
strcat(new_args, SOFT_STRING);
for (i = 0; i < cert_count; i++) {
strcat(new_args, cert_names[i]);
strcat(new_args, ",");
}
strcat(new_args, ")");
emul_args = new_args;
}
if (emul_args) {
command_line_options = vcard_emul_options(emul_args);
}
qemu_host = g_strdup(argv[argc - 2]);
qemu_port = g_strdup(argv[argc - 1]);
sock = connect_to_qemu(qemu_host, qemu_port);
if (sock == -1) {
fprintf(stderr, "error opening socket, exiting.\n");
exit(5);
}
qemu_mutex_init(&write_lock);
qemu_mutex_init(&pending_reader_lock);
qemu_cond_init(&pending_reader_condition);
vcard_emul_init(command_line_options);
printf("> ");
fflush(stdout);
/* Send init message, Host responds (and then we send reader attachments) */
VSCMsgInit init = {
.version = htonl(VSCARD_VERSION),
.magic = VSCARD_MAGIC,
.capabilities = {0}
};
send_msg(VSC_Init, mhHeader.reader_id, &init, sizeof(init));
do {
fd_set fds;
FD_ZERO(&fds);
FD_SET(1, &fds);
FD_SET(sock, &fds);
/* waiting on input from the socket */
rv = select(sock+1, &fds, NULL, NULL, NULL);
if (rv < 0) {
/* handle error */
perror("select");
return 7;
}
if (FD_ISSET(1, &fds)) {
do_command();
}
if (!FD_ISSET(sock, &fds)) {
continue;
}
rv = read(sock, &mhHeader, sizeof(mhHeader));
if (rv < sizeof(mhHeader)) {
/* Error */
if (rv < 0) {
perror("header read error\n");
} else {
fprintf(stderr, "header short read %d\n", rv);
}
return 8;
}
mhHeader.type = ntohl(mhHeader.type);
mhHeader.reader_id = ntohl(mhHeader.reader_id);
mhHeader.length = ntohl(mhHeader.length);
if (verbose) {
printf("Header: type=%d, reader_id=%u length=%d (0x%x)\n",
mhHeader.type, mhHeader.reader_id, mhHeader.length,
mhHeader.length);
}
switch (mhHeader.type) {
case VSC_APDU:
case VSC_Flush:
case VSC_Error:
case VSC_Init:
rv = read(sock, pbSendBuffer, mhHeader.length);
break;
default:
fprintf(stderr, "Unexpected message of type 0x%X\n", mhHeader.type);
return 0;
}
switch (mhHeader.type) {
case VSC_APDU:
if (rv < 0) {
/* Error */
fprintf(stderr, "read error\n");
close(sock);
return 8;
}
if (verbose) {
printf(" recv APDU: ");
print_byte_array(pbSendBuffer, mhHeader.length);
}
/* Transmit received APDU */
dwSendLength = mhHeader.length;
dwRecvLength = sizeof(pbRecvBuffer);
reader = vreader_get_reader_by_id(mhHeader.reader_id);
reader_status = vreader_xfr_bytes(reader,
pbSendBuffer, dwSendLength,
pbRecvBuffer, &dwRecvLength);
if (reader_status == VREADER_OK) {
mhHeader.length = dwRecvLength;
if (verbose) {
printf(" send response: ");
print_byte_array(pbRecvBuffer, mhHeader.length);
}
send_msg(VSC_APDU, mhHeader.reader_id,
pbRecvBuffer, dwRecvLength);
} else {
rv = reader_status; /* warning: not meaningful */
send_msg(VSC_Error, mhHeader.reader_id, &rv, sizeof(uint32_t));
}
vreader_free(reader);
reader = NULL; /* we've freed it, don't use it by accident
again */
break;
case VSC_Flush:
/* TODO: actually flush */
send_msg(VSC_FlushComplete, mhHeader.reader_id, NULL, 0);
break;
case VSC_Error:
error_msg = (VSCMsgError *) pbSendBuffer;
if (error_msg->code == VSC_SUCCESS) {
qemu_mutex_lock(&pending_reader_lock);
if (pending_reader) {
vreader_set_id(pending_reader, mhHeader.reader_id);
vreader_free(pending_reader);
pending_reader = NULL;
qemu_cond_signal(&pending_reader_condition);
}
qemu_mutex_unlock(&pending_reader_lock);
break;
}
printf("warning: qemu refused to add reader\n");
if (error_msg->code == VSC_CANNOT_ADD_MORE_READERS) {
/* clear pending reader, qemu can't handle any more */
qemu_mutex_lock(&pending_reader_lock);
if (pending_reader) {
pending_reader = NULL;
/* make sure the event loop doesn't hang */
qemu_cond_signal(&pending_reader_condition);
}
qemu_mutex_unlock(&pending_reader_lock);
}
break;
case VSC_Init:
if (on_host_init(&mhHeader, (VSCMsgInit *)pbSendBuffer) < 0) {
return -1;
}
break;
default:
printf("Default\n");
return 0;
}
} while (rv >= 0);
return 0;
}
static void *
event_thread(void *arg)
{
unsigned char atr[MAX_ATR_LEN];
int atr_len = MAX_ATR_LEN;
VEvent *event = NULL;
unsigned int reader_id;
while (1) {
const char *reader_name;
event = vevent_wait_next_vevent();
if (event == NULL) {
break;
}
reader_id = vreader_get_id(event->reader);
if (reader_id == VSCARD_UNDEFINED_READER_ID &&
event->type != VEVENT_READER_INSERT) {
/* ignore events from readers qemu has rejected */
/* if qemu is still deciding on this reader, wait to see if need to
* forward this event */
qemu_mutex_lock(&pending_reader_lock);
if (!pending_reader || (pending_reader != event->reader)) {
/* wasn't for a pending reader, this reader has already been
* rejected by qemu */
qemu_mutex_unlock(&pending_reader_lock);
vevent_delete(event);
continue;
}
/* this reader hasn't been told its status from qemu yet, wait for
* that status */
while (pending_reader != NULL) {
qemu_cond_wait(&pending_reader_condition, &pending_reader_lock);
}
qemu_mutex_unlock(&pending_reader_lock);
/* now recheck the id */
reader_id = vreader_get_id(event->reader);
if (reader_id == VSCARD_UNDEFINED_READER_ID) {
/* this reader was rejected */
vevent_delete(event);
continue;
}
/* reader was accepted, now forward the event */
}
switch (event->type) {
case VEVENT_READER_INSERT:
/* tell qemu to insert a new CCID reader */
/* wait until qemu has responded to our first reader insert
* before we send a second. That way we won't confuse the responses
* */
qemu_mutex_lock(&pending_reader_lock);
while (pending_reader != NULL) {
qemu_cond_wait(&pending_reader_condition, &pending_reader_lock);
}
pending_reader = vreader_reference(event->reader);
qemu_mutex_unlock(&pending_reader_lock);
reader_name = vreader_get_name(event->reader);
if (verbose > 10) {
printf(" READER INSERT: %s\n", reader_name);
}
send_msg(VSC_ReaderAdd,
reader_id, /* currerntly VSCARD_UNDEFINED_READER_ID */
NULL, 0 /* TODO reader_name, strlen(reader_name) */);
break;
case VEVENT_READER_REMOVE:
/* future, tell qemu that an old CCID reader has been removed */
if (verbose > 10) {
printf(" READER REMOVE: %u\n", reader_id);
}
send_msg(VSC_ReaderRemove, reader_id, NULL, 0);
break;
case VEVENT_CARD_INSERT:
/* get the ATR (intended as a response to a power on from the
* reader */
atr_len = MAX_ATR_LEN;
vreader_power_on(event->reader, atr, &atr_len);
/* ATR call functions as a Card Insert event */
if (verbose > 10) {
printf(" CARD INSERT %u: ", reader_id);
print_byte_array(atr, atr_len);
}
send_msg(VSC_ATR, reader_id, atr, atr_len);
break;
case VEVENT_CARD_REMOVE:
/* Card removed */
if (verbose > 10) {
printf(" CARD REMOVE %u:\n", reader_id);
}
send_msg(VSC_CardRemove, reader_id, NULL, 0);
break;
default:
break;
}
vevent_delete(event);
}
return NULL;
}
bool CRefWLGen::generate_wl()
{
print_line(true, "Building white list...\n");
ref_le_white_list_t* wl = (ref_le_white_list_t*)malloc(REF_LE_WL_SIZE(MAX_NUM_OF_RECORDS));
memset(wl, 0, REF_LE_WL_SIZE(MAX_NUM_OF_RECORDS));
// Init values of white-list
print_line(true, "While list format version: %d\n", WL_FILE_VERSION);
wl->version = WL_FILE_VERSION;
print_line(true, "While list instance version: %d\n", m_version);
wl->wl_version = m_version;
// Read configuration information
print_line(true, "Reading configuration file: %s\n", m_cfgfile);
FILE *cfgfile = fopen(m_cfgfile, "r");
if (!cfgfile)
{
print_line(true, "Failed to open the configuration file '%s'.\n", m_cfgfile);
free(wl);
return false;
}
char line[LINE_LEN];
// TODO: what if line len is not enough?
while (fgets(line, LINE_LEN, cfgfile) != NULL)
{
char* start = clean_start(line);
if (*start == 0)
{
continue;
}
print_line(false, "Entry #%d:\n", wl->entries_count);
if (process_line(line, &(wl->wl_entries[wl->entries_count])) == false)
{
print_line(true, "Failed to process the configuration line.\n");
fclose(cfgfile);
free(wl);
return false;
}
wl->entries_count++;
}
fclose(cfgfile);
print_line(false, "Parsed entries count: %d\n", wl->entries_count);
uint16_t wl_count = wl->entries_count;
reverse_byte_array((uint8_t*)&(wl->version), sizeof(wl->version));
reverse_byte_array((uint8_t*)&(wl->wl_version), sizeof(wl->wl_version));
reverse_byte_array((uint8_t*)&(wl->entries_count), sizeof(wl->entries_count));
print_line(true, "Signing using key file: %s\n", m_keyfile);
sgx_rsa3072_signature_t sig;
if (!set_key_and_sign(m_keyfile, wl, wl_count, &sig))
{
free(wl);
return false;
}
reverse_byte_array((uint8_t*)&sig, sizeof(sgx_rsa3072_signature_t));
print_line(false, "Complete white list (big endian): ");
print_byte_array(false, (uint8_t*)wl, REF_LE_WL_SIZE(wl_count), " ");
print_line(false, "Signature (big endian): ");
print_byte_array(false, (uint8_t*)&sig, sizeof(sgx_rsa3072_signature_t), " ");
print_line(true, "Writing output file: %s\n", m_outfile);
FILE *pOut = fopen(m_outfile, "wb");
size_t written = fwrite(wl, 1, REF_LE_WL_SIZE(wl_count), pOut);
written += fwrite(&sig, 1, sizeof(sgx_rsa3072_signature_t), pOut);
fclose(pOut);
free(wl);
if (written != REF_LE_WL_SIZE(wl_count) + sizeof(sgx_rsa3072_signature_t))
{
return false;
}
print_line(true, "White list generation completed successfully. \n");
return true;
}
bool CRefWLGen::process_line(char *line, ref_le_white_list_entry_t *entry)
{
char *item = strtok(line, ",");
// parse item: allow provision key
item = clean_start(item);
if (strncmp(item, "true", 4) == 0)
{
entry->provision_key = 1;
}
else
{
entry->provision_key = 0;
}
print_line(false, " provision_key: %d\n", entry->provision_key);
// parse item: mr_enclave valid
item = strtok(NULL, ",");
item = clean_start(item);
if (strncmp(item, "true", 4) == 0)
{
entry->match_mr_enclave = 1;
}
else
{
entry->match_mr_enclave = 0;
}
print_line(false, " match_mr_enclave: %d\n", entry->match_mr_enclave);
// parse item: mr_signer hash/file
item = strtok(NULL, ",");
item = clean_start(item);
if (*item != 0)
{ // hash
if (get_hash_from_string(item, &(entry->mr_signer)) == false)
{
return false;
}
item = strtok(NULL, ","); // skip the next item
}
else
{ // file
item = strtok(NULL, ",");
item = clean_start(item);
if (get_hash_from_pubkey_file(item, &(entry->mr_signer)) == false)
{
return false;
}
}
print_line(false, " mr_signer: ");
print_byte_array(false, (uint8_t*)&(entry->mr_signer), sizeof(sgx_measurement_t), " ");
reverse_byte_array((uint8_t*)&(entry->mr_signer), sizeof(entry->mr_signer));
// parse item: mr_enclave hash/file
if (entry->match_mr_enclave == 1)
{
item = strtok(NULL, ",");
item = clean_start(item);
if (*item != 0)
{ // hash
if (get_hash_from_string(item, &(entry->mr_enclave)) == false)
{
return false;
}
item = strtok(NULL, ","); // skip the next item
}
else
{ // file
item = strtok(NULL, ",");
item = clean_start(item);
if (get_hash_from_sigstruct_file(item, &(entry->mr_enclave)) == false)
{
return false;
}
}
print_line(false, " mr_enclave: ");
print_byte_array(false, (uint8_t*)&(entry->mr_enclave), sizeof(sgx_measurement_t), " ");
reverse_byte_array((uint8_t*)&(entry->mr_enclave), sizeof(entry->mr_enclave));
}
print_line(false, " Full entry (big endian): ");
print_byte_array(false, (uint8_t*)entry, sizeof(ref_le_white_list_entry_t), " ");
return true;
}
