[PATCH 21/41] Abstract X.509 purpose from configuration

[Stefano Babic]

The exact integer value for the X.509 purpose depends on the chosen
library. Create an abstraction using generic values, while each
implementation must implement a mapping between the abstracted value and
the library value.

Signed-off-by: Stefano Babic <stefan...@swupdate.org>
---
core/swupdate.c | 6 +++---
crypto/swupdate_cms_verify_openssl.c | 13 ++++++++++++-
include/swupdate_crypto.h | 6 ++++++
3 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/core/swupdate.c b/core/swupdate.c
index 2370f939..37a6af39 100644
--- a/core/swupdate.c
+++ b/core/swupdate.c
@@ -284,7 +284,7 @@ static void swupdate_init(struct swupdate_cfg *sw)
LIST_INSERT_HEAD(&sw->swupdate_types, update_type, next);
sw->update_type = update_type;

- sw->cert_purpose = SSL_PURPOSE_DEFAULT;
+ sw->cert_purpose = CERT_PURPOSE_EMAIL_PROT;

#ifdef CONFIG_MTD
mtd_init();
@@ -298,10 +298,10 @@ static int parse_cert_purpose(const char *text)
static const char EMAIL_PROT[] = "emailProtection";

if (strncmp(CODE_SIGN, text, sizeof(CODE_SIGN)) == 0)
- return SSL_PURPOSE_CODE_SIGN;
+ return CERT_PURPOSE_CODE_SIGN;

if (strncmp(EMAIL_PROT, text, sizeof(EMAIL_PROT)) == 0)
- return SSL_PURPOSE_EMAIL_PROT;
+ return CERT_PURPOSE_EMAIL_PROT;

ERROR("unknown certificate purpose '%s'\n", text);
exit(EXIT_FAILURE);
diff --git a/crypto/swupdate_cms_verify_openssl.c b/crypto/swupdate_cms_verify_openssl.c
index 13f0ce22..83ae7310 100644
--- a/crypto/swupdate_cms_verify_openssl.c
+++ b/crypto/swupdate_cms_verify_openssl.c
@@ -24,6 +24,17 @@

static swupdate_dgst_lib libs;

+static int openssl_map_purpose [] = {
+ [CERT_PURPOSE_EMAIL_PROT] = X509_PURPOSE_SMIME_SIGN,
+ [CERT_PURPOSE_CODE_SIGN] = X509_PURPOSE_CODE_SIGN
+};
+
+static inline int get_x509_purpose(unsigned int purpose) {
+ if (purpose > CERT_PURPOSE_LAST)
+ purpose = CERT_PURPOSE_EMAIL_PROT;
+ return openssl_map_purpose[purpose];
+}
+
static inline uint32_t SSL_X509_get_extension_flags(X509 *x)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
@@ -293,7 +304,7 @@ static int openssl_cms_dgst_init(struct swupdate_cfg *sw, const char *keyfile)
}
}

- if (!X509_STORE_set_purpose(dgst->certs, sw->cert_purpose)) {
+ if (!X509_STORE_set_purpose(dgst->certs, get_x509_purpose(sw->cert_purpose))) {
ERROR("failed to set purpose");
ret = -EINVAL;
goto dgst_init_error;
diff --git a/include/swupdate_crypto.h b/include/swupdate_crypto.h
index 349f9ef9..fa755297 100644
--- a/include/swupdate_crypto.h
+++ b/include/swupdate_crypto.h
@@ -19,6 +19,12 @@

struct swupdate_cfg;

+typedef enum {
+ CERT_PURPOSE_EMAIL_PROT,
+ CERT_PURPOSE_CODE_SIGN,
+ CERT_PURPOSE_LAST = CERT_PURPOSE_CODE_SIGN
+} ssl_cert_purpose_t;
+
typedef struct {
struct swupdate_digest *(*DECRYPT_init)(unsigned char *key, char keylen, unsigned char *iv);
int (*DECRYPT_update)(struct swupdate_digest *dgst, unsigned char *buf,
--
2.43.0

[Stefano Babic]

The exact integer value for the X.509 purpose depends on the chosen
library. Create an abstraction using generic values, while each
implementation must implement a mapping between the abstracted value and
the library value.

Signed-off-by: Stefano Babic <stefan...@swupdate.org>

Tested-by: Michael Glembotzki <Michael.G...@iris-sensing.com>

index dd0a72bd..e070da68 100644
--- a/crypto/swupdate_cms_verify_openssl.c
+++ b/crypto/swupdate_cms_verify_openssl.c
@@ -26,6 +26,17 @@

static swupdate_dgst_lib libs;

+static int openssl_map_purpose [] = {
+ [CERT_PURPOSE_EMAIL_PROT] = X509_PURPOSE_SMIME_SIGN,
+ [CERT_PURPOSE_CODE_SIGN] = X509_PURPOSE_CODE_SIGN
+};
+
+static inline int get_x509_purpose(unsigned int purpose) {
+ if (purpose > CERT_PURPOSE_LAST)
+ purpose = CERT_PURPOSE_EMAIL_PROT;
+ return openssl_map_purpose[purpose];
+}
+
static inline uint32_t SSL_X509_get_extension_flags(X509 *x)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L

@@ -295,7 +306,7 @@ static int openssl_cms_dgst_init(struct swupdate_cfg *sw, const char *keyfile)