changeset 623:5042ace08cba

Add certificate specific logging functions
author Andre Heinecke <andre.heinecke@intevation.de>
date Fri, 20 Jun 2014 12:17:32 +0200
parents c0f988e3df9f
children 736e95c63b86
files common/events.mc common/logging.c common/logging.h
diffstat 3 files changed, 161 insertions(+), 25 deletions(-) [+]
line wrap: on
line diff
--- a/common/events.mc	Fri Jun 20 09:56:10 2014 +0200
+++ b/common/events.mc	Fri Jun 20 12:17:32 2014 +0200
@@ -75,3 +75,35 @@
 Language=German
 %1
 .
+
+;/* Keep the following two lines in line with the linux counterparts in
+;   logging.c */
+MessageId=0x102
+Severity=Informational
+Facility=Runtime
+SymbolicName=MSG_CERT_INSTALL
+Language=English
+Installation of root certificate: %1%n
+Sha256 thumbprint:<%2>%n
+Certificate store: "%3"
+.
+Language=German
+Installation des Wurzelzertifikats: %1%n
+Sha256 Fingerabdruck:<%2>%n
+Zertifikatsspeicher: "%3"
+.
+
+MessageId=0x103
+Severity=Informational
+Facility=Runtime
+SymbolicName=MSG_CERT_REMOVE
+Language=English
+Removal of root certificate: %1%n
+Sha256 thumbprint:<%2>%n
+Certificate store: "%3"
+.
+Language=German
+Entfernung des Wurzelzertifikats: %1%n
+Sha256 Fingerabdruck:<%2>%n
+Zertifikatsspeicher: "%3"
+.
--- a/common/logging.c	Fri Jun 20 09:56:10 2014 +0200
+++ b/common/logging.c	Fri Jun 20 12:17:32 2014 +0200
@@ -14,6 +14,10 @@
 
 #include <strhelp.h>
 
+#include <certhelp.h>
+
+#include <polarssl/sha256.h>
+
 #ifdef WIN32
 # include <windows.h>
 # include "events.h"
@@ -21,21 +25,17 @@
 # include <syslog.h>
 #endif
 
-
 #ifdef WIN32
+
+/** @brief helper to prepare common logging information */
 static void
-win_log(const char *format, va_list ap, bool error)
+win_do_log(WORD type, WORD category, DWORD eventID, WORD numStrings, LPCWSTR *strings)
 {
   HANDLE log_src = NULL,
          process_token = NULL;
-  wchar_t *wmsg = NULL;
-  BOOL success = FALSE;
-  char buffer[MAX_LOG+1];
   PTOKEN_USER user_struct = NULL;
   PSID user_sid = NULL;
-
-  vsnprintf (buffer, MAX_LOG, format, ap);
-  buffer[MAX_LOG] = '\0';
+  BOOL success = FALSE;
 
   log_src = RegisterEventSourceW (NULL, L"" LOG_NAME);
 
@@ -45,15 +45,7 @@
       return;
     }
 
-  wmsg = utf8_to_wchar (buffer, strlen(buffer));
-  if (wmsg == NULL)
-    {
-      ERRORPRINTF ("Failed to convert log message to utf-16");
-      goto done;
-    }
-
   /* Get the current user sid for logging */
-
   OpenProcessToken (GetCurrentProcess(), TOKEN_READ, &process_token);
   if (process_token)
     {
@@ -69,33 +61,57 @@
         }
     }
 
-
   success = ReportEventW (log_src,
-                          error ? EVENTLOG_ERROR_TYPE : EVENTLOG_INFORMATION_TYPE,
-                          EVENT_CAT_TB,
-                          error ? MSG_DEFAULT_ERROR : MSG_DEFAULT_INFO,
+                          type,
+                          category,
+                          eventID,
                           user_sid,
-                          1,
+                          numStrings,
                           0,
-                          (const WCHAR **) &wmsg,
+                          strings,
                           NULL);
   if (!success)
     {
       PRINTLASTERROR ("Failed to report event.");
     }
 
-done:
   if (process_token)
     {
       CloseHandle(process_token);
     }
   xfree (user_struct);
-  xfree (wmsg);
 
   if (!DeregisterEventSource (log_src))
     {
       PRINTLASTERROR ("Failed to close log source.");
     }
+}
+
+static void
+win_log(const char *format, va_list ap, bool error)
+{
+  wchar_t *wmsg = NULL;
+  char buffer[MAX_LOG+1];
+  vsnprintf (buffer, MAX_LOG, format, ap);
+
+  buffer[MAX_LOG] = '\0';
+
+  wmsg = utf8_to_wchar (buffer, strlen(buffer));
+  if (wmsg == NULL)
+    {
+      ERRORPRINTF ("Failed to convert log message to utf-16");
+      return;
+    }
+
+  win_do_log (error ? EVENTLOG_ERROR_TYPE : EVENTLOG_INFORMATION_TYPE,
+              EVENT_CAT_TB,
+              error ? MSG_DEFAULT_ERROR : MSG_DEFAULT_INFO,
+              1,
+              (const WCHAR **) &wmsg);
+
+
+  xfree (wmsg);
+
   return;
 }
 
@@ -134,7 +150,6 @@
 
 #else /* WIN32 */
 
-
 static void
 linux_log (const char *format, va_list ap, bool error)
 {
@@ -145,6 +160,82 @@
 #endif /* WIN32 */
 
 void
+log_certificate(const char* store, char *b64cert, bool install)
+{
+  char subject[MAX_LOG + 1],
+       *der_data = NULL;
+  size_t der_size = 0;
+  int ret = 0,
+      i = 0;
+  x509_crt chain;
+  unsigned char sha256sum[32];
+  char fingerprint[32 * 3 + 1];
+
+  ret = str_base64_decode (&der_data, &der_size, b64cert, strlen(b64cert));
+
+  if (ret != 0)
+    {
+      ERRORPRINTF ("Error decoding certificate.\n");
+      return;
+    }
+
+  x509_crt_init(&chain);
+  if (x509_crt_parse_der(&chain, (const unsigned char *)der_data,
+                         der_size) != 0)
+    {
+      ERRORPRINTF("Failed to parse cert..");
+      xfree (der_data);
+      return;
+    }
+
+  ret = x509_dn_gets(subject, MAX_LOG, &(chain.subject));
+
+  if (ret == -1)
+    {
+      ERRORPRINTF("Failed to parse subject..");
+      xfree (der_data);
+      return;
+    }
+  subject[MAX_LOG] = '\0';
+
+  sha256 (chain.raw.p, chain.raw.len, sha256sum, 0);
+
+  for (i = 0; i < 31; i++)
+    {
+      snprintf (fingerprint + i * 3, 3, "%02X:", sha256sum[i]);
+    }
+  snprintf (fingerprint + 31 * 3, 2, "%02X", sha256sum[31]);
+
+  fingerprint[32*3] = '\0';
+
+#ifdef WIN32
+    {
+      wchar_t *wstrings[3];
+
+      wstrings[0] = utf8_to_wchar (subject, strnlen (subject, MAX_LOG));
+      wstrings[1] = utf8_to_wchar (fingerprint, strnlen (fingerprint, MAX_LOG));
+      wstrings[2] = utf8_to_wchar (store, strnlen (store, MAX_LOG));
+
+      win_do_log (EVENTLOG_INFORMATION_TYPE,
+                  EVENT_CAT_CINST,
+                  install ? MSG_CERT_INSTALL : MSG_CERT_REMOVE,
+                  3,
+                  (const WCHAR**) wstrings);
+      xfree (wstrings[0]);
+      xfree (wstrings[1]);
+      xfree (wstrings[2]);
+    }
+#else
+  /* Please keep the following line in line with message from events.mc */
+  linux_log ("%s of root certificate: %s\nSha256 thumbprint:<%s>.\nCertificate store \"%s\"",
+             install ? "Installation" : "Removal",
+             subject, fingerprint, store);
+#endif
+  x509_crt_free (&chain);
+  xfree (der_data);
+}
+
+void
 syslog_info_printf(const char *format, ...)
 {
   va_list args;
--- a/common/logging.h	Fri Jun 20 09:56:10 2014 +0200
+++ b/common/logging.h	Fri Jun 20 12:17:32 2014 +0200
@@ -18,6 +18,7 @@
  */
 
 #include <stdio.h>
+#include <stdbool.h>
 
 /** @def Maximum length of log messages */
 #define MAX_LOG 511
@@ -134,6 +135,18 @@
  */
 void syslog_error_printf(const char *format, ...);
 
+ /**
+ * @brief log a certificate install / remove event.
+ *
+ * Logs a message in the event / syslog to mark a certificate
+ * installation or removal.
+ *
+ * @param[in] store name of the certificate store.
+ * @param[in] b64cert base64 encoded certificate.
+ * @param[in] install weather to log this as installation or removal
+ */
+void log_certificate(const char *store, char *b64cert, bool install);
+
 #ifdef __cplusplus
 }
 #endif

http://wald.intevation.org/projects/trustbridge/