add and delete components
[strongswan.git] / src / libimcv / plugins / imv_attestation / attest.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #define _GNU_SOURCE
17 #include <getopt.h>
18 #include <unistd.h>
19 #include <stdio.h>
20 #include <string.h>
21 #include <errno.h>
22 #include <syslog.h>
23
24 #include <library.h>
25 #include <debug.h>
26
27 #include <imcv.h>
28 #include <libpts.h>
29 #include <pts/pts_meas_algo.h>
30
31 #include "attest_db.h"
32 #include "attest_usage.h"
33
34 /**
35 * global debug output variables
36 */
37 static int debug_level = 0;
38 static bool stderr_quiet = TRUE;
39
40 /**
41 * attest dbg function
42 */
43 static void attest_dbg(debug_t group, level_t level, char *fmt, ...)
44 {
45 int priority = LOG_INFO;
46 char buffer[8192];
47 char *current = buffer, *next;
48 va_list args;
49
50 if (level <= debug_level)
51 {
52 if (!stderr_quiet)
53 {
54 va_start(args, fmt);
55 vfprintf(stderr, fmt, args);
56 fprintf(stderr, "\n");
57 va_end(args);
58 }
59
60 /* write in memory buffer first */
61 va_start(args, fmt);
62 vsnprintf(buffer, sizeof(buffer), fmt, args);
63 va_end(args);
64
65 /* do a syslog with every line */
66 while (current)
67 {
68 next = strchr(current, '\n');
69 if (next)
70 {
71 *(next++) = '\0';
72 }
73 syslog(priority, "%s\n", current);
74 current = next;
75 }
76 }
77 }
78
79 /**
80 * global attestation database object
81 */
82 attest_db_t *attest;
83
84 /**
85 * atexit handler to close db on shutdown
86 */
87 static void cleanup(void)
88 {
89 attest->destroy(attest);
90 libpts_deinit();
91 libimcv_deinit();
92 closelog();
93 }
94
95 static void do_args(int argc, char *argv[])
96 {
97 enum {
98 OP_UNDEF,
99 OP_USAGE,
100 OP_FILES,
101 OP_COMPONENTS,
102 OP_PRODUCTS,
103 OP_HASHES,
104 OP_ADD,
105 OP_DEL,
106 } op = OP_UNDEF;
107
108 /* reinit getopt state */
109 optind = 0;
110
111 while (TRUE)
112 {
113 int c;
114
115 struct option long_opts[] = {
116 { "help", no_argument, NULL, 'h' },
117 { "components", no_argument, NULL, 'c' },
118 { "files", no_argument, NULL, 'f' },
119 { "products", no_argument, NULL, 'p' },
120 { "hashes", no_argument, NULL, 'H' },
121 { "add", no_argument, NULL, 'a' },
122 { "delete", no_argument, NULL, 'd' },
123 { "del", no_argument, NULL, 'd' },
124 { "products", no_argument, NULL, 'p' },
125 { "hashes", no_argument, NULL, 'H' },
126 { "add", no_argument, NULL, 'a' },
127 { "delete", no_argument, NULL, 'd' },
128 { "del", no_argument, NULL, 'd' },
129 { "directory", required_argument, NULL, 'D' },
130 { "dir", required_argument, NULL, 'D' },
131 { "file", required_argument, NULL, 'F' },
132 { "product", required_argument, NULL, 'P' },
133 { "sha1", no_argument, NULL, '1' },
134 { "sha256", no_argument, NULL, '2' },
135 { "sha384", no_argument, NULL, '3' },
136 { "did", required_argument, NULL, '4' },
137 { "fid", required_argument, NULL, '5' },
138 { "pid", required_argument, NULL, '6' },
139 { "cid", required_argument, NULL, '7' },
140 { 0,0,0,0 }
141 };
142
143 c = getopt_long(argc, argv, "", long_opts, NULL);
144 switch (c)
145 {
146 case EOF:
147 break;
148 case 'h':
149 op = OP_USAGE;
150 break;
151 case 'c':
152 op = OP_COMPONENTS;
153 continue;
154 case 'f':
155 op = OP_FILES;
156 continue;
157 case 'p':
158 op = OP_PRODUCTS;
159 continue;
160 case 'H':
161 op = OP_HASHES;
162 continue;
163 case 'a':
164 op = OP_ADD;
165 continue;
166 case 'd':
167 op = OP_DEL;
168 continue;
169 case 'C':
170 if (!attest->set_component(attest, optarg, op == OP_ADD))
171 {
172 exit(EXIT_FAILURE);
173 }
174 continue;
175 case 'D':
176 if (!attest->set_directory(attest, optarg, op == OP_ADD))
177 {
178 exit(EXIT_FAILURE);
179 }
180 continue;
181 case 'H':
182 op = OP_HASHES;
183 continue;
184 case 'a':
185 op = OP_ADD;
186 continue;
187 case 'd':
188 op = OP_DEL;
189 continue;
190 case 'D':
191 if (!attest->set_directory(attest, optarg, op == OP_ADD))
192 {
193 exit(EXIT_FAILURE);
194 }
195 continue;
196 case 'F':
197 if (!attest->set_file(attest, optarg, op == OP_ADD))
198 {
199 exit(EXIT_FAILURE);
200 }
201 continue;
202 case 'P':
203 if (!attest->set_product(attest, optarg, op == OP_ADD))
204 {
205 exit(EXIT_FAILURE);
206 }
207 continue;
208 case '1':
209 attest->set_algo(attest, PTS_MEAS_ALGO_SHA1);
210 continue;
211 case '2':
212 attest->set_algo(attest, PTS_MEAS_ALGO_SHA256);
213 continue;
214 case '3':
215 attest->set_algo(attest, PTS_MEAS_ALGO_SHA384);
216 continue;
217 case '4':
218 if (!attest->set_did(attest, atoi(optarg)))
219 {
220 exit(EXIT_FAILURE);
221 }
222 continue;
223 case '5':
224 if (!attest->set_fid(attest, atoi(optarg)))
225 {
226 exit(EXIT_FAILURE);
227 }
228 continue;
229 case '6':
230 if (!attest->set_pid(attest, atoi(optarg)))
231 {
232 exit(EXIT_FAILURE);
233 }
234 continue;
235 case '7':
236 if (!attest->set_cid(attest, atoi(optarg)))
237 {
238 exit(EXIT_FAILURE);
239 }
240 continue;
241 }
242 break;
243 }
244
245 switch (op)
246 {
247 case OP_USAGE:
248 usage();
249 break;
250 case OP_PRODUCTS:
251 attest->list_products(attest);
252 break;
253 case OP_COMPONENTS:
254 attest->list_components(attest);
255 break;
256 case OP_FILES:
257 attest->list_files(attest);
258 break;
259 case OP_HASHES:
260 attest->list_hashes(attest);
261 break;
262 case OP_ADD:
263 attest->add(attest);
264 break;
265 case OP_DEL:
266 attest->delete(attest);
267 break;
268 case OP_HASHES:
269 attest->list_hashes(attest);
270 break;
271 default:
272 usage();
273 exit(EXIT_FAILURE);
274 }
275 }
276
277 int main(int argc, char *argv[])
278 {
279 char *uri;
280
281 /* enable attest debugging hook */
282 dbg = attest_dbg;
283 openlog("attest", 0, LOG_DEBUG);
284
285 atexit(library_deinit);
286
287 /* initialize library */
288 if (!library_init(NULL))
289 {
290 exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
291 }
292 if (!lib->plugins->load(lib->plugins, NULL,
293 lib->settings->get_str(lib->settings, "attest.load", PLUGINS)))
294 {
295 exit(SS_RC_INITIALIZATION_FAILED);
296 }
297
298 uri = lib->settings->get_str(lib->settings, "attest.database", NULL);
299 if (!uri)
300 {
301 fprintf(stderr, "database URI attest.database not set.\n");
302 exit(SS_RC_INITIALIZATION_FAILED);
303 }
304 attest = attest_db_create(uri);
305 if (!attest)
306 {
307 exit(SS_RC_INITIALIZATION_FAILED);
308 }
309 atexit(cleanup);
310 libimcv_init();
311 libpts_init();
312
313 do_args(argc, argv);
314
315 exit(EXIT_SUCCESS);
316 }
317