nstool/src/PkiCertProcess.cpp

#include <iostream>
#include <iomanip>
#include <fnd/SimpleTextOutput.h>
#include <fnd/OffsetAdjustedIFile.h>
#include <nn/pki/SignUtils.h>
#include "PkiCertProcess.h"
#include "PkiValidator.h"

PkiCertProcess::PkiCertProcess() :
	mFile(),
	mCliOutputMode(_BIT(OUTPUT_BASIC)),
	mVerify(false)
{
}

void PkiCertProcess::process()
{
	importCerts();

	if (mVerify)
		validateCerts();

	if (_HAS_BIT(mCliOutputMode, OUTPUT_BASIC))
		displayCerts();
}

void PkiCertProcess::setInputFile(const fnd::SharedPtr<fnd::IFile>& file)
{
	mFile = file;
}

void PkiCertProcess::setKeyCfg(const KeyConfiguration& keycfg)
{
	mKeyCfg = keycfg;
}

void PkiCertProcess::setCliOutputMode(CliOutputMode mode)
{
	mCliOutputMode = mode;
}

void PkiCertProcess::setVerifyMode(bool verify)
{
	mVerify = verify;
}

void PkiCertProcess::importCerts()
{
	fnd::Vec<byte_t> scratch;

	if (*mFile == nullptr)
	{
		throw fnd::Exception(kModuleName, "No file reader set.");
	}

	scratch.alloc((*mFile)->size());
	(*mFile)->read(scratch.data(), 0, scratch.size());

	nn::pki::SignedData<nn::pki::CertificateBody> cert;
	for (size_t f_pos = 0; f_pos < scratch.size(); f_pos += cert.getBytes().size())
	{
		cert.fromBytes(scratch.data() + f_pos, scratch.size() - f_pos);
		mCert.addElement(cert);
	}
}

void PkiCertProcess::validateCerts()
{
	PkiValidator pki;
	
	try
	{
		pki.setKeyCfg(mKeyCfg);
		pki.addCertificates(mCert);
	}
	catch (const fnd::Exception& e)
	{
		std::cout << "[WARNING] " << e.error() << std::endl;
		return;
	}
}

void PkiCertProcess::displayCerts()
{
	for (size_t i = 0; i < mCert.size(); i++)
	{
		displayCert(mCert[i]);
	}
}

void PkiCertProcess::displayCert(const nn::pki::SignedData<nn::pki::CertificateBody>& cert)
{
	std::cout << "[NNPKI Certificate]" << std::endl;

	std::cout << "  SignType       " << getSignTypeStr(cert.getSignature().getSignType());
	if (_HAS_BIT(mCliOutputMode, OUTPUT_EXTENDED))
		std::cout << " (0x" << std::hex << cert.getSignature().getSignType() << ") (" << getEndiannessStr(cert.getSignature().isLittleEndian()) << ")";
	std::cout << std::endl;

	std::cout << "  Issuer:        " << cert.getBody().getIssuer() << std::endl;
	std::cout << "  Subject:       " << cert.getBody().getSubject() << std::endl;
	std::cout << "  PublicKeyType: " << getPublicKeyTypeStr(cert.getBody().getPublicKeyType());
	if (_HAS_BIT(mCliOutputMode, OUTPUT_EXTENDED))
		std::cout << " (" << std::dec << cert.getBody().getPublicKeyType() << ")";
	std::cout << std::endl;
	std::cout << "  CertID:        0x" << std::hex << cert.getBody().getCertId() << std::endl;
	
	if (cert.getBody().getPublicKeyType() == nn::pki::cert::RSA4096)
	{
		std::cout << "  PublicKey:" << std::endl;
		std::cout << "    Modulus:" << std::endl;
		fnd::SimpleTextOutput::hexDump(cert.getBody().getRsa4098PublicKey().modulus, getHexDumpLen(fnd::rsa::kRsa4096Size), 0x10, 6);
		std::cout << "    Public Exponent:" << std::endl;
		fnd::SimpleTextOutput::hexDump(cert.getBody().getRsa4098PublicKey().public_exponent, fnd::rsa::kRsaPublicExponentSize, 0x10, 6);
	}
	else if (cert.getBody().getPublicKeyType() == nn::pki::cert::RSA2048)
	{
		std::cout << "  PublicKey:" << std::endl;
		std::cout << "    Modulus:" << std::endl;
		fnd::SimpleTextOutput::hexDump(cert.getBody().getRsa2048PublicKey().modulus, getHexDumpLen(fnd::rsa::kRsa2048Size), 0x10, 6);
		std::cout << "    Public Exponent:" << std::endl;
		fnd::SimpleTextOutput::hexDump(cert.getBody().getRsa2048PublicKey().public_exponent, fnd::rsa::kRsaPublicExponentSize, 0x10, 6);
	}
	else if (cert.getBody().getPublicKeyType() == nn::pki::cert::ECDSA240)
	{
		std::cout << "  PublicKey:" << std::endl;
		std::cout << "    R:" << std::endl;
		fnd::SimpleTextOutput::hexDump(cert.getBody().getEcdsa240PublicKey().r, getHexDumpLen(fnd::ecdsa::kEcdsa240Size), 0x10, 6);
		std::cout << "    S:" << std::endl;
		fnd::SimpleTextOutput::hexDump(cert.getBody().getEcdsa240PublicKey().s, getHexDumpLen(fnd::ecdsa::kEcdsa240Size), 0x10, 6);
	}
}

size_t PkiCertProcess::getHexDumpLen(size_t max_size) const
{
	return _HAS_BIT(mCliOutputMode, OUTPUT_EXTENDED) ? max_size : kSmallHexDumpLen;
}

const char* PkiCertProcess::getSignTypeStr(nn::pki::sign::SignatureId type) const
{
	const char* str;
	switch (type)
	{
	case (nn::pki::sign::SIGN_ID_RSA4096_SHA1):
		str = "RSA4096-SHA1";
		break;
	case (nn::pki::sign::SIGN_ID_RSA2048_SHA1):
		str = "RSA2048-SHA1";
		break;
	case (nn::pki::sign::SIGN_ID_ECDSA240_SHA1):
		str = "ECDSA240-SHA1";
		break;
	case (nn::pki::sign::SIGN_ID_RSA4096_SHA256):
		str = "RSA4096-SHA256";
		break;
	case (nn::pki::sign::SIGN_ID_RSA2048_SHA256):
		str = "RSA2048-SHA256";
		break;
	case (nn::pki::sign::SIGN_ID_ECDSA240_SHA256):
		str = "ECDSA240-SHA256";
		break;
	default:
		str = "Unknown";
		break;
	}
	return str;
}

const char* PkiCertProcess::getEndiannessStr(bool isLittleEndian) const
{
	return isLittleEndian ? "LittleEndian" : "BigEndian";
}

const char* PkiCertProcess::getPublicKeyTypeStr(nn::pki::cert::PublicKeyType type) const
{
	const char* str;
	switch (type)
	{
	case (nn::pki::cert::RSA4096):
		str = "RSA4096";
		break;
	case (nn::pki::cert::RSA2048):
		str = "RSA2048";
		break;
	case (nn::pki::cert::ECDSA240):
		str = "ECDSA240";
		break;
	default:
		str = "Unknown";
		break;
	}
	return str;
}
[nstool] Replaced printf with cout pipes. 2018-07-29 12:27:08 +00:00			`#include <iostream>`
			`#include <iomanip>`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`#include <fnd/SimpleTextOutput.h>`
[fnd\|nstool] Promote IFile wrapped classes to libfnd. 2018-10-06 08:45:09 +00:00			`#include <fnd/OffsetAdjustedIFile.h>`
Fixed links. 2018-08-07 07:17:51 +00:00			`#include <nn/pki/SignUtils.h>`
[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`#include "PkiCertProcess.h"`
[nstool] Encapsulate nnpki validation in PkiValidator. 2018-08-05 15:09:07 +00:00			`#include "PkiValidator.h"`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00
[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`PkiCertProcess::PkiCertProcess() :`
[nstool] Improve fnd::IFile ptr handling/sharing with fnd::SharedPtr 2018-09-23 03:29:22 +00:00			`mFile(),`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`mCliOutputMode(_BIT(OUTPUT_BASIC)),`
			`mVerify(false)`
			`{`
			`}`

[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`void PkiCertProcess::process()`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
			`importCerts();`
[nstool] Migrated printf to std::cout 2018-08-13 17:14:21 +00:00
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`if (mVerify)`
			`validateCerts();`

			`if (_HAS_BIT(mCliOutputMode, OUTPUT_BASIC))`
			`displayCerts();`
			`}`

[nstool] Improve fnd::IFile ptr handling/sharing with fnd::SharedPtr 2018-09-23 03:29:22 +00:00			`void PkiCertProcess::setInputFile(const fnd::SharedPtr<fnd::IFile>& file)`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
			`mFile = file;`
			`}`

[nstool] Migrated from sKeyset to KeyConfiguration 2018-08-21 12:03:19 +00:00			`void PkiCertProcess::setKeyCfg(const KeyConfiguration& keycfg)`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
[nstool] Migrated from sKeyset to KeyConfiguration 2018-08-21 12:03:19 +00:00			`mKeyCfg = keycfg;`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`}`

[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`void PkiCertProcess::setCliOutputMode(CliOutputMode mode)`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
			`mCliOutputMode = mode;`
			`}`

[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`void PkiCertProcess::setVerifyMode(bool verify)`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
			`mVerify = verify;`
			`}`

[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`void PkiCertProcess::importCerts()`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
			`fnd::Vec<byte_t> scratch;`

[nstool] Improve fnd::IFile ptr handling/sharing with fnd::SharedPtr 2018-09-23 03:29:22 +00:00			`if (*mFile == nullptr)`
[nstool] Migrated printf to std::cout 2018-08-13 17:14:21 +00:00			`{`
			`throw fnd::Exception(kModuleName, "No file reader set.");`
			`}`

[nstool] Improve fnd::IFile ptr handling/sharing with fnd::SharedPtr 2018-09-23 03:29:22 +00:00			`scratch.alloc((*mFile)->size());`
			`(*mFile)->read(scratch.data(), 0, scratch.size());`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`nn::pki::SignedData<nn::pki::CertificateBody> cert;`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`for (size_t f_pos = 0; f_pos < scratch.size(); f_pos += cert.getBytes().size())`
			`{`
			`cert.fromBytes(scratch.data() + f_pos, scratch.size() - f_pos);`
			`mCert.addElement(cert);`
			`}`
			`}`

[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`void PkiCertProcess::validateCerts()`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
[nstool] Encapsulate nnpki validation in PkiValidator. 2018-08-05 15:09:07 +00:00			`PkiValidator pki;`
[nstool\|es] Add cert validation. 2018-07-29 19:18:02 +00:00
[nstool] Encapsulate nnpki validation in PkiValidator. 2018-08-05 15:09:07 +00:00			`try`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
[nstool] Migrated from sKeyset to KeyConfiguration 2018-08-21 12:03:19 +00:00			`pki.setKeyCfg(mKeyCfg);`
[nstool] Encapsulate nnpki validation in PkiValidator. 2018-08-05 15:09:07 +00:00			`pki.addCertificates(mCert);`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`}`
[nstool] Encapsulate nnpki validation in PkiValidator. 2018-08-05 15:09:07 +00:00			`catch (const fnd::Exception& e)`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
[nstool] Encapsulate nnpki validation in PkiValidator. 2018-08-05 15:09:07 +00:00			`std::cout << "[WARNING] " << e.error() << std::endl;`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`return;`
			`}`
			`}`

[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`void PkiCertProcess::displayCerts()`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
			`for (size_t i = 0; i < mCert.size(); i++)`
			`{`
			`displayCert(mCert[i]);`
			`}`
			`}`

Fix project files and typos. 2018-08-07 08:13:18 +00:00			`void PkiCertProcess::displayCert(const nn::pki::SignedData<nn::pki::CertificateBody>& cert)`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`std::cout << "[NNPKI Certificate]" << std::endl;`
[nstool] Replaced printf with cout pipes. 2018-07-29 12:27:08 +00:00
			`std::cout << " SignType " << getSignTypeStr(cert.getSignature().getSignType());`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`if (_HAS_BIT(mCliOutputMode, OUTPUT_EXTENDED))`
[nstool] Fix typos. 2018-08-14 07:24:43 +00:00			`std::cout << " (0x" << std::hex << cert.getSignature().getSignType() << ") (" << getEndiannessStr(cert.getSignature().isLittleEndian()) << ")";`
[nstool] Replaced printf with cout pipes. 2018-07-29 12:27:08 +00:00			`std::cout << std::endl;`

			`std::cout << " Issuer: " << cert.getBody().getIssuer() << std::endl;`
			`std::cout << " Subject: " << cert.getBody().getSubject() << std::endl;`
[nstool] Fixed method name typo. 2018-07-29 12:28:01 +00:00			`std::cout << " PublicKeyType: " << getPublicKeyTypeStr(cert.getBody().getPublicKeyType());`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`if (_HAS_BIT(mCliOutputMode, OUTPUT_EXTENDED))`
[nstool] Replaced printf with cout pipes. 2018-07-29 12:27:08 +00:00			`std::cout << " (" << std::dec << cert.getBody().getPublicKeyType() << ")";`
			`std::cout << std::endl;`
			`std::cout << " CertID: 0x" << std::hex << cert.getBody().getCertId() << std::endl;`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`if (cert.getBody().getPublicKeyType() == nn::pki::cert::RSA4096)`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
[nstool] Replaced printf with cout pipes. 2018-07-29 12:27:08 +00:00			`std::cout << " PublicKey:" << std::endl;`
			`std::cout << " Modulus:" << std::endl;`
Condense crypto and compress wrapper libraries into foundation. 2018-08-07 08:35:03 +00:00			`fnd::SimpleTextOutput::hexDump(cert.getBody().getRsa4098PublicKey().modulus, getHexDumpLen(fnd::rsa::kRsa4096Size), 0x10, 6);`
[nstool] Replaced printf with cout pipes. 2018-07-29 12:27:08 +00:00			`std::cout << " Public Exponent:" << std::endl;`
Condense crypto and compress wrapper libraries into foundation. 2018-08-07 08:35:03 +00:00			`fnd::SimpleTextOutput::hexDump(cert.getBody().getRsa4098PublicKey().public_exponent, fnd::rsa::kRsaPublicExponentSize, 0x10, 6);`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`}`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`else if (cert.getBody().getPublicKeyType() == nn::pki::cert::RSA2048)`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
[nstool] Replaced printf with cout pipes. 2018-07-29 12:27:08 +00:00			`std::cout << " PublicKey:" << std::endl;`
			`std::cout << " Modulus:" << std::endl;`
[nstool] Fix typos. 2018-08-14 07:24:43 +00:00			`fnd::SimpleTextOutput::hexDump(cert.getBody().getRsa2048PublicKey().modulus, getHexDumpLen(fnd::rsa::kRsa2048Size), 0x10, 6);`
			`std::cout << " Public Exponent:" << std::endl;`
Condense crypto and compress wrapper libraries into foundation. 2018-08-07 08:35:03 +00:00			`fnd::SimpleTextOutput::hexDump(cert.getBody().getRsa2048PublicKey().public_exponent, fnd::rsa::kRsaPublicExponentSize, 0x10, 6);`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`}`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`else if (cert.getBody().getPublicKeyType() == nn::pki::cert::ECDSA240)`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
[nstool] Replaced printf with cout pipes. 2018-07-29 12:27:08 +00:00			`std::cout << " PublicKey:" << std::endl;`
			`std::cout << " R:" << std::endl;`
Condense crypto and compress wrapper libraries into foundation. 2018-08-07 08:35:03 +00:00			`fnd::SimpleTextOutput::hexDump(cert.getBody().getEcdsa240PublicKey().r, getHexDumpLen(fnd::ecdsa::kEcdsa240Size), 0x10, 6);`
[nstool] Replaced printf with cout pipes. 2018-07-29 12:27:08 +00:00			`std::cout << " S:" << std::endl;`
Condense crypto and compress wrapper libraries into foundation. 2018-08-07 08:35:03 +00:00			`fnd::SimpleTextOutput::hexDump(cert.getBody().getEcdsa240PublicKey().s, getHexDumpLen(fnd::ecdsa::kEcdsa240Size), 0x10, 6);`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`}`
			`}`

[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`size_t PkiCertProcess::getHexDumpLen(size_t max_size) const`
			`{`
			`return _HAS_BIT(mCliOutputMode, OUTPUT_EXTENDED) ? max_size : kSmallHexDumpLen;`
			`}`

Fix project files and typos. 2018-08-07 08:13:18 +00:00			`const char* PkiCertProcess::getSignTypeStr(nn::pki::sign::SignatureId type) const`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
			`const char* str;`
			`switch (type)`
			`{`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`case (nn::pki::sign::SIGN_ID_RSA4096_SHA1):`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`str = "RSA4096-SHA1";`
			`break;`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`case (nn::pki::sign::SIGN_ID_RSA2048_SHA1):`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`str = "RSA2048-SHA1";`
			`break;`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`case (nn::pki::sign::SIGN_ID_ECDSA240_SHA1):`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`str = "ECDSA240-SHA1";`
			`break;`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`case (nn::pki::sign::SIGN_ID_RSA4096_SHA256):`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`str = "RSA4096-SHA256";`
			`break;`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`case (nn::pki::sign::SIGN_ID_RSA2048_SHA256):`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`str = "RSA2048-SHA256";`
			`break;`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`case (nn::pki::sign::SIGN_ID_ECDSA240_SHA256):`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`str = "ECDSA240-SHA256";`
			`break;`
			`default:`
			`str = "Unknown";`
			`break;`
			`}`
			`return str;`
			`}`

[nstool] Rename EsCertProcess to PkiCertProcess 2018-08-06 09:11:15 +00:00			`const char* PkiCertProcess::getEndiannessStr(bool isLittleEndian) const`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
			`return isLittleEndian ? "LittleEndian" : "BigEndian";`
			`}`

Fix project files and typos. 2018-08-07 08:13:18 +00:00			`const char* PkiCertProcess::getPublicKeyTypeStr(nn::pki::cert::PublicKeyType type) const`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`{`
			`const char* str;`
			`switch (type)`
			`{`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`case (nn::pki::cert::RSA4096):`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`str = "RSA4096";`
			`break;`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`case (nn::pki::cert::RSA2048):`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`str = "RSA2048";`
			`break;`
Fix project files and typos. 2018-08-07 08:13:18 +00:00			`case (nn::pki::cert::ECDSA240):`
[nxtool] Inital reading of ES tickets and certificates. 2018-07-10 15:01:34 +00:00			`str = "ECDSA240";`
			`break;`
			`default:`
			`str = "Unknown";`
			`break;`
			`}`
			`return str;`
			`}`