Skip to content

Commit

Permalink
Merge pull request #13138 from mlschroe/master
Browse files Browse the repository at this point in the history 
[backend] make certinfo less confusing
  • Loading branch information
@mlschroe
mlschroe committed Sep 27, 2022
2 parents 48b1002 + 2034b0c commit 26f33fb
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 10 deletions.
20 changes: 13 additions & 7 deletions src/backend/BSSrcServer/Signkey.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,24 +155,24 @@ sub pubkeyinfo {
sub subjectpublickeyinfo {
my ($pk, $isder) = @_;
my ($algo, $curve, $keysize);
my $fingerprint;
my $keyid;
eval {
my $pku = $isder ? $pk : BSASN1::pem2der($pk, 'PUBLIC KEY');
my $d = BSX509::pubkey2keydata($pku);
$algo = $d->{'algo'} if $d->{'algo'};
$curve = $d->{'curve'} if $d->{'curve'};
$keysize = $d->{'keysize'} if $d->{'keysize'};
$fingerprint = unpack('H*', BSX509::generate_key_id($pku));
$keyid = unpack('H*', BSX509::generate_key_id($pku));
};
warn($@) if $@;
my $pubkey = {};
$pubkey->{'algo'} = $algo if $algo;
$pubkey->{'curve'} = $curve if $curve;
$pubkey->{'keysize'} = $keysize if $keysize;
if ($fingerprint) {
$fingerprint =~ s/(....)/$1 /g;
$fingerprint =~ s/ $//;
$pubkey->{'fingerprint'} = $fingerprint;
if ($keyid) {
$keyid =~ s/(....)/$1 /g;
$keyid =~ s/ $//;
$pubkey->{'keyid'} = $keyid;
}
return $pubkey;
}
Expand All @@ -188,9 +188,15 @@ sub certinfo {
$info->{'serial'} = length($serial) ? '0x' . unpack('H*', $serial) : '0x0';
($info->{'begins'}, $info->{'expires'}) = BSX509::unpack_validity($validity);
my $pkinfo = subjectpublickeyinfo($subjectkeyinfo, 1);
defined($pkinfo->{$_}) && ($info->{$_} = $pkinfo->{$_}) for qw{algo keysize fingerprint};
defined($pkinfo->{$_}) && ($info->{$_} = $pkinfo->{$_}) for qw{algo keysize keyid};
$info->{'subject'} = BSX509::dn2str($subject);
$info->{'issuer'} = BSX509::dn2str($issuer) if $issuer ne $subject;
my $fp = unpack('H*', BSX509::generate_cert_fingerprint($der));
if ($fp) {
$fp =~ s/(....)/$1 /g;
$fp =~ s/ $//;
$info->{'fingerprint'} = $fp;
}
};
warn($@) if $@;
return $info;
Expand Down
11 changes: 10 additions & 1 deletion src/backend/BSX509.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,8 @@ our $oid_street_address = BSASN1::pack_obj_id(2, 5, 4, 9);
our $oid_org_name = BSASN1::pack_obj_id(2, 5, 4, 10);
our $oid_org_unit_name = BSASN1::pack_obj_id(2, 5, 4, 11);
our $oid_email_address = BSASN1::pack_obj_id(1, 2, 840, 113549, 1, 9, 1);
our $oid_user_id = BSASN1::pack_obj_id(0, 9, 2342, 19200300, 100, 1, 1);
our $oid_domain_component = BSASN1::pack_obj_id(0, 9, 2342, 19200300, 100, 1, 25);
our $oid_sha1 = BSASN1::pack_obj_id(1, 3, 14, 3, 2, 26);
our $oid_sha256 = BSASN1::pack_obj_id(2, 16, 840, 1, 101, 3, 4, 2, 1);
our $oid_sha512 = BSASN1::pack_obj_id(2, 16, 840, 1, 101, 3, 4, 2, 3);
Expand Down Expand Up @@ -232,6 +234,11 @@ sub generate_key_id {
return Digest::SHA::sha1(BSASN1::unpack_bytes($bits));
}

sub generate_cert_fingerprint {
my ($cert) = @_;
return Digest::SHA::sha1($cert);
}

my %oid2abbrev = (
$oid_common_name => 'CN',
$oid_country_name => 'C',
Expand All @@ -240,6 +247,8 @@ my %oid2abbrev = (
$oid_org_name => 'O',
$oid_org_unit_name => 'OU',
$oid_street_address => 'STREET',
$oid_domain_component => 'DC',
$oid_user_id => 'UID',
$oid_email_address => 'emailAddress',
);

Expand All @@ -251,7 +260,7 @@ sub dn2str {
my @rdns;
for my $rdn (unpack_distinguished_name(@_)) {
my %s = @{$rdn || []};
push @rdns, join('/', map { ($oid2abbrev{$_} || oid2str($_))."=$s{$_}" } sort keys %s);
push @rdns, join('+', map { ($oid2abbrev{$_} || oid2str($_))."=$s{$_}" } sort keys %s);
}
return join(', ', @rdns);
}
Expand Down
1 change: 1 addition & 0 deletions src/backend/BSXML.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2063,6 +2063,7 @@ our $certinfo = [
'begins',
'expires',
'fingerprint',
'keyid',
'_content',
];

Expand Down
4 changes: 2 additions & 2 deletions src/backend/bs_repserver
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4369,11 +4369,11 @@ my $dispatches = [
'POST:/worker cmd=checkconstraints $project $repository $arch $package' => \&checkconstraints,

# worker calls
'!worker /worker $arch $port $state: workerid? working:bool? memory:num? disk:num? buildarch:arch* tellnojob:bool? proto:' => \&workerstate,
'!worker /worker $arch $port $state: workerid? working:bool? memory:num? disk:num? buildarch:arch* tellnojob:bool? proto:?' => \&workerstate,
'!worker /getbuildcode' => \&getbuildcode,
'!worker /getworkercode' => \&getworkercode,
'!worker POST:/putjob $arch $job $jobid $code:? now:num? kiwitree:bool? workerid?' => \&putjob,
'!worker POST:/workerdispatched $arch $job $jobid hostarch:arch port proto: workerid?' => \&workerdispatched,
'!worker POST:/workerdispatched $arch $job $jobid hostarch:arch port proto:? workerid?' => \&workerdispatched,
'!worker /getbinaries $project $repository $arch binaries: nometa:bool? metaonly:bool? workerid? now:num? module*' => \&getbinaries,
'!worker /getbinaryversions $project $repository $arch binaries: nometa:bool? workerid? now:num? module*' => \&getbinaryversions,
'!worker /getjobdata $arch $job $jobid workerid?' => \&getjobdata,
Expand Down

0 comments on commit 26f33fb

Please sign in to comment.