Skip to content

Commit

Permalink
Merge pull request #58 from uptane/aktualizr-info-keys
Browse files Browse the repository at this point in the history 
aktualizr-info: Add options to print Secondary ECU keys and all key IDs.
  • Loading branch information
@pattivacek
pattivacek authored Feb 21, 2022
2 parents 637d1f1 + 06c5a63 commit f73c68e
Show file tree
Hide file tree
Showing 4 changed files with 138 additions and 25 deletions.
4 changes: 4 additions & 0 deletions src/aktualizr_info/aktualizr_info_config.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,16 +51,20 @@ void AktualizrInfoConfig::updateFromPropertyTree(const boost::property_tree::ptr
}

// from aktualizr config
CopySubtreeFromConfig(pacman, "bootloader", pt);
CopySubtreeFromConfig(pacman, "pacman", pt);
CopySubtreeFromConfig(storage, "storage", pt);
CopySubtreeFromConfig(storage, "uptane", pt);
}

void AktualizrInfoConfig::writeToStream(std::ostream& sink) const {
// Keep this order the same as in aktualizr_info_config.h and
// AktualizrInfoConfig::updateFromPropertyTree().
WriteSectionToStream(logger, "logger", sink);
WriteSectionToStream(logger, "bootloader", sink);
WriteSectionToStream(pacman, "pacman", sink);
WriteSectionToStream(storage, "storage", sink);
WriteSectionToStream(storage, "uptane", sink);
}

std::ostream& operator<<(std::ostream& os, const AktualizrInfoConfig& cfg) {
Expand Down
3 changes: 2 additions & 1 deletion src/aktualizr_info/aktualizr_info_config.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,11 @@ class AktualizrInfoConfig : public BaseConfig {
void writeToStream(std::ostream& sink) const;

// from Primary config
BootloaderConfig bootloader;
LoggerConfig logger;
BootloaderConfig bootloader;
PackageConfig pacman;
StorageConfig storage;
UptaneConfig uptane;

private:
void updateFromCommandLine(const boost::program_options::variables_map& cmd);
Expand Down
76 changes: 69 additions & 7 deletions src/aktualizr_info/aktualizr_info_test.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -299,18 +299,58 @@ TEST_F(AktualizrInfoTest, PrintPrimaryEcuKeys) {
db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}});
db_storage_->storeEcuRegistered();

const std::string public_key = "public-key-1dc766fe-136d-4c6c-bdf4-daa79c49b3c8";
const std::string private_key = "private-key-5cb805f1-859f-48b1-b787-8055d39b6c5f";
const std::string public_keyid = "c2a42c620f56698f343c6746efa6a145cf93f4ddbd4e7b7017fbe78003c73e2b";
const std::string public_key =
"-----BEGIN PUBLIC KEY-----\n"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMhBei0MRQAEf3VtNa5T\n"
"/aa3l3r1ekMQ5Fh8eqj9SfQbuF1BgmjpYhV6NqZjqQiYbnpZWBEDJKqg9RL1D8rk\n"
"9ILSr7YGQDs34+Bt/4vmsZjghvex/N0tfxv85ckWmybiseZPXIwaCRx/B2QruXts\n"
"tUh3shfKOms2dWt7ZXP27mc66Qe8/aIf+gT4lL1zYammaGfBoNqj5/1HdguqM4aX\n"
"K/4g9fivqwEA4q4ejDheJJ8w8w4kUJGnPNi+GAgJHHX+lX68ZVgmiO/+uef453sd\n"
"Vwandii+Fw6B0monaGAYG0pQ3ZZ1Cgz5cAZGjL+P9eviDrgx4x7F2DDZHyfUNP3h\n"
"5wIDAQAB\n"
"-----END PUBLIC KEY-----\n";
const std::string private_key =
"-----BEGIN RSA PRIVATE KEY-----\n"
"MIIEpAIBAAKCAQEAxMhBei0MRQAEf3VtNa5T/aa3l3r1ekMQ5Fh8eqj9SfQbuF1B\n"
"gmjpYhV6NqZjqQiYbnpZWBEDJKqg9RL1D8rk9ILSr7YGQDs34+Bt/4vmsZjghvex\n"
"/N0tfxv85ckWmybiseZPXIwaCRx/B2QruXtstUh3shfKOms2dWt7ZXP27mc66Qe8\n"
"/aIf+gT4lL1zYammaGfBoNqj5/1HdguqM4aXK/4g9fivqwEA4q4ejDheJJ8w8w4k\n"
"UJGnPNi+GAgJHHX+lX68ZVgmiO/+uef453sdVwandii+Fw6B0monaGAYG0pQ3ZZ1\n"
"Cgz5cAZGjL+P9eviDrgx4x7F2DDZHyfUNP3h5wIDAQABAoIBAE07s8c6CwjB2wIT\n"
"motpInn5hzEjB1m3HNgiiqixzsfJ0V9o6p8+gesHNvJgF9luEDW8O3i/JJatiYLm\n"
"r9xE69uzxPFF5eor0+HSYhncVOz7bZRLf0YZoRO0bmvZos++UVc1Z4yRSF6vGoRS\n"
"In8oHCCCksgJYkvPbI5lYwcMnqwuk50TBGAuGVPxamsCXhCETKJtclDX/ZMUmey2\n"
"psTqM76fjmzqhLLuSmurh+60VG3VCNueUVwrC/AW1xS07NzaQO28KZ/6AGFkXWWd\n"
"8Q6KSwKJ85qN4+qpsSKqNvzeva8OPWwWSFLBRRw8dwyvesmHUNncYeIReyM+nSMw\n"
"N0QkMgECgYEA7CS52/4K3y8coqkSSkeugRluSpCykd14YxvpyF1asq0MJcACpsUV\n"
"BJUWlqPAD9FM6ZvBNNrpDcV04YjDAzjLSNPN95TV7tS/eSrNqZ0Hd5lpYA0gVSq8\n"
"BQafuSlx/TTWIrreFc0v+eGq9WLHK6oPWDnGHgJbOYWEbn7WF858X4ECgYEA1VQ7\n"
"ZHrWtzAeJ9DohHUQNrz4LwseEu0Y+eqJ1PtxsX2eWW/gKa/4Ew4YUjOhD3ajcelf\n"
"ZcpzT/cdFk8Ya3zEHHKEU7ZMHKOPs0LpmFuYtxwOABXLanNIb/k9mvEkvTqIrYFf\n"
"QKxL2fC2VJiZCBDXeo2ImlUs6fgq1IsgckAN9WcCgYEAi2TKicAWbtSClMo0z8As\n"
"lGyMnFt57XzMecSaZfoldd+MkiQb7JHd7EyNfvK+hxfHzQZyMF8gv05VxmRSqW43\n"
"IZBVvtYOyuKu/Dl2Ga9mHwViHJ7i/SMyxcy5MDX04cD0vp+MRVZQAbNilWNvqqjC\n"
"UhQYjNJbQ0M7f3ZDrt3msQECgYEAoeOIJtppcx8a41BQA6Tqpv+Ev/6J1gcDuzRX\n"
"YL9oKi+QKYMS88/MTHmXz1nK0fdQVbOqZ47ZL0fyVOm1OGy4TnZBIV3oKJufA4S1\n"
"zJ9GJz8tCLeBZMkToZXdQGXbYZa3/iN9a5DVBxD67PvYthxByYj6r1QP/4YKyrzB\n"
"5LHjZeUCgYBFn5dKJ57ef+m0YelSf60Xa/ui5OodGmxgp9dC72WVsqTyePjQ8JSC\n"
"xRw2nRx80qFPGKwKeD7JO7nrPdCsgj41OQjIXgb2dTb+QDsSAAFcBSTIVPCa7Nb/\n"
"lbQDwseg8d8IrQyGvnMB6VDGt3rqd3UKt66h2PNRh13i0HYArfIAUQ==\n"
"-----END RSA PRIVATE KEY-----\n";

db_storage_->storePrimaryKeys(public_key, private_key);

aktualizr_info_process_.run({"--ecu-keys"});
ASSERT_FALSE(aktualizr_info_output.empty());

EXPECT_NE(aktualizr_info_output.find("Public key:"), std::string::npos);
EXPECT_NE(aktualizr_info_output.find(public_key), std::string::npos);
EXPECT_NE(aktualizr_info_output.find("Public key ID: " + public_keyid), std::string::npos);
EXPECT_NE(aktualizr_info_output.find("Public key:\n" + public_key), std::string::npos);
EXPECT_NE(aktualizr_info_output.find("Private key:\n" + private_key), std::string::npos);

EXPECT_NE(aktualizr_info_output.find("Private key:"), std::string::npos);
EXPECT_NE(aktualizr_info_output.find(private_key), std::string::npos);
aktualizr_info_process_.run({"--ecu-keyid"});
ASSERT_FALSE(aktualizr_info_output.empty());
EXPECT_NE(aktualizr_info_output.find(public_keyid), std::string::npos);

aktualizr_info_process_.run({"--ecu-pub-key"});
ASSERT_FALSE(aktualizr_info_output.empty());
Expand Down Expand Up @@ -479,7 +519,29 @@ TEST_F(AktualizrInfoTest, PrintSecondaryEcuCurrentAndPendingVersions) {
EXPECT_NE(aktualizr_info_output.find("pending image hash: " + pending_ecu_version), std::string::npos);
EXPECT_NE(aktualizr_info_output.find("pending image filename: " + secondary_ecu_filename_update), std::string::npos);

// negative test, no any installed images
// Add Secondary public key and test that too.
const std::string secondary_key_raw =
"-----BEGIN PUBLIC KEY-----\n"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4R0QC/aI2375auDXdRM7\n"
"SQekXkGG72VmJxUXQmSmo8RiExkZWabJmrcGhqLMYGWfPNfUzxzMze3k30PAYdRK\n"
"TwxOERmIDSYy2lBclfjLskpQF/z3mwRNlDfh1OI9gLFR9BGF7oDd4s2yWPRhAL1c\n"
"hborUz1KeTv60kE26Wm/efmY/Kka4I0iR4YfOUOI7xFAs3ONYAPx19KvcXkIjTGT\n"
"BgdkSJUrlpuP0f2C8Tm8kCC923owB3ZxaYkmVYDmKar4CC5f8lf4eBrigkkC6ybb\n"
"m7ggeNCp38M1gOkSMdmH1vhMkgSRqMFegw4wdoxcda/sjLG8sRk6/al5+cBvFRdq\n"
"awIDAQAB\n"
"-----END PUBLIC KEY-----\n";
const PublicKey secondary_key(secondary_key_raw, KeyType::kRSA2048);
db_storage_->saveSecondaryInfo(secondary_ecu_serial, "secondary-type", secondary_key);

aktualizr_info_process_.run({"--secondary-keys"});
ASSERT_FALSE(aktualizr_info_output.empty());

EXPECT_NE(aktualizr_info_output.find("public key ID: " + secondary_key.KeyId()), std::string::npos)
<< aktualizr_info_output;
EXPECT_NE(aktualizr_info_output.find("public key:\n" + secondary_key_raw), std::string::npos)
<< aktualizr_info_output;

// negative test without any installed images
db_storage_->clearInstalledVersions();
db_storage_->clearEcuSerials();
db_storage_->storeEcuSerials({{primary_ecu_serial, primary_hw_id}, {secondary_ecu_serial, secondary_hw_id}});
Expand Down
80 changes: 63 additions & 17 deletions src/aktualizr_info/main.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,11 @@ int main(int argc, char **argv) {
("tls-root-ca", "Outputs TLS Root CA")
("tls-cert", "Outputs TLS client certificate")
("tls-prv-key", "Output TLS client private key")
("ecu-keys", "Outputs Uptane keys")
("ecu-pub-key", "Outputs Uptane public key")
("ecu-prv-key", "Outputs Uptane private key")
("ecu-keys", "Outputs Primary's Uptane keys")
("ecu-keyid", "Outputs Primary's Uptane public key ID")
("ecu-pub-key", "Outputs Primary's Uptane public key")
("ecu-prv-key", "Outputs Primary's Uptane private key")
("secondary-keys", "Outputs Secondaries' Uptane public keys")
("image-root", "Outputs root.json from Image repo")
("image-timestamp", "Outputs timestamp.json from Image repo")
("image-snapshot", "Outputs snapshot.json from Image repo")
Expand Down Expand Up @@ -199,29 +201,51 @@ int main(int argc, char **argv) {
bool ecukeys_loaded = false;
std::string priv;
std::string pub;

storage->loadPrimaryKeys(&pub, &priv);
if (!pub.empty() && !priv.empty()) {
ecukeys_loaded = true;
}

if (vm.count("ecu-keys") != 0U) {
std::cout << "Public key:" << std::endl << pub << std::endl;
std::cout << "Private key:" << std::endl << priv << std::endl;
cmd_trigger = true;
if (!ecukeys_loaded) {
std::cout << "Failed to load Primary ECU keys!" << std::endl;
} else {
// TODO: probably won't work with p11.
PublicKey pubkey(pub, config.uptane.key_type);
std::cout << "Public key ID: " << pubkey.KeyId() << std::endl;
std::cout << "Public key:" << std::endl << pub << std::endl;
std::cout << "Private key:" << std::endl << priv << std::endl;
cmd_trigger = true;
}
}

if (vm.count("ecu-keyid") != 0U) {
if (!ecukeys_loaded) {
std::cout << "Failed to load Primary ECU keys!" << std::endl;
} else {
// TODO: probably won't work with p11.
PublicKey pubkey(pub, config.uptane.key_type);
std::cout << pubkey.KeyId() << std::endl;
cmd_trigger = true;
}
}

if (vm.count("ecu-pub-key") != 0U) {
std::string key;
storage->loadPrimaryPublic(&key);
std::cout << key << std::endl;
return EXIT_SUCCESS;
if (!ecukeys_loaded) {
std::cout << "Failed to load Primary ECU keys!" << std::endl;
} else {
std::cout << pub << std::endl;
cmd_trigger = true;
}
}

if (vm.count("ecu-prv-key") != 0U) {
std::string key;
storage->loadPrimaryPrivate(&key);
std::cout << key << std::endl;
cmd_trigger = true;
if (!ecukeys_loaded) {
std::cout << "Failed to load Primary ECU keys!" << std::endl;
} else {
std::cout << priv << std::endl;
cmd_trigger = true;
}
}

// An arguments which depend on metadata.
Expand Down Expand Up @@ -329,18 +353,27 @@ int main(int argc, char **argv) {
}

if (serials.size() > 1) {
std::vector<SecondaryInfo> info;
if (vm.count("secondary-keys") != 0U) {
storage->loadSecondariesInfo(&info);
if (info.empty()) {
std::cout << "Failed to load Secondary info!" << std::endl;
}
}

auto it = serials.begin() + 1;
std::cout << "Secondaries:\n";
int secondary_number = 1;
for (; it != serials.end(); ++it) {
std::cout << secondary_number++ << ") serial ID: " << it->first << std::endl;
const Uptane::EcuSerial serial = it->first;
std::cout << secondary_number++ << ") serial ID: " << serial << std::endl;
std::cout << " hardware ID: " << it->second << std::endl;

boost::optional<Uptane::Target> current_version;
boost::optional<Uptane::Target> pending_version;

auto load_installed_version_res =
storage->loadInstalledVersions((it->first).ToString(), &current_version, &pending_version);
storage->loadInstalledVersions(serial.ToString(), &current_version, &pending_version);

if (!load_installed_version_res || (!current_version && !pending_version)) {
std::cout << " no details about installed nor pending images\n";
Expand All @@ -354,7 +387,20 @@ int main(int argc, char **argv) {
std::cout << " pending image filename: " << pending_version->filename() << "\n";
}
}

if (vm.count("secondary-keys") != 0U) {
auto f = std::find_if(info.cbegin(), info.cend(),
[&serial](const SecondaryInfo &i) { return serial == i.serial; });
if (f == info.cend()) {
std::cout << " Failed to find matching Secondary info!" << std::endl;
} else {
std::cout << " public key ID: " << f->pub_key.KeyId() << std::endl;
std::cout << " public key:" << std::endl << f->pub_key.Value() << std::endl;
}
}
}
} else if (vm.count("secondary-keys") != 0U) {
std::cout << "Failed to load Secondary data!" << std::endl;
}

std::vector<MisconfiguredEcu> misconfigured_ecus;
Expand Down

0 comments on commit f73c68e

Please sign in to comment.