app: restructure and start building p15 output

2025-06-08 04:46:52 +00:00 · 2024-01-25 20:16:37 -05:00 · 2024-01-25 20:16:37 -05:00 · e2e4f2037c
commit e2e4f2037c
parent 6610c92058
24 changed files with 622 additions and 168 deletions
--- a/pkg/app/app.go
+++ b/pkg/app/app.go
@ -0,0 +1,65 @@
+package app
+
+import (
+	"apc-p15-tool/pkg/pkcs15"
+	"encoding/base64"
+	"os"
+
+	"go.uber.org/zap"
+)
+
+// struct for receivers to use common app pieces
+type app struct {
+	logger *zap.SugaredLogger
+	config *config
+}
+
+// actual application start
+func Start() {
+	// make app w/ initial logger pre-config
+	initLogLevel := "debug"
+	app := &app{
+		logger: makeZapLogger(&initLogLevel),
+	}
+
+	// get config
+	app.getConfig()
+
+	// re-init logger with configured log level
+	app.logger = makeZapLogger(app.config.logLevel)
+
+	// break point for building additional alternate functions
+
+	// function: make p15 from pem files
+
+	// Read in PEM files
+	keyPem, err := os.ReadFile(*app.config.keyPemFilePath)
+	if err != nil {
+		app.logger.Fatalf("failed to read key file (%s)", err)
+		// FATAL
+	}
+
+	certPem, err := os.ReadFile(*app.config.certPemFilePath)
+	if err != nil {
+		app.logger.Fatalf("failed to read cert file (%s)", err)
+		// FATAL
+	}
+
+	p15, err := pkcs15.ParsePEMToPKCS15(keyPem, certPem)
+	if err != nil {
+		app.logger.Fatalf("failed to parse pem files (%s)", err)
+		// FATAL
+	}
+
+	// TEMP TEMP TEMP
+	p15File, err := p15.ToP15File()
+	if err != nil {
+		app.logger.Fatalf("failed to make p15 file (%s)", err)
+		// FATAL
+	}
+
+	// app.logger.Debug(hex.EncodeToString(p15File))
+	app.logger.Debug(base64.RawStdEncoding.EncodeToString(p15File))
+
+	// TEMP TEMP TEMP
+}
--- a/pkg/app/app_config.go
+++ b/pkg/app/app_config.go
@ -0,0 +1,45 @@
+package app
+
+import (
+	"os"
+
+	"github.com/peterbourgon/ff/v4"
+	"github.com/peterbourgon/ff/v4/ffhelp"
+)
+
+const (
+	environmentVarPrefix = "APC_P15_TOOL"
+)
+
+// app's config options from user
+type config struct {
+	logLevel        *string
+	keyPemFilePath  *string
+	certPemFilePath *string
+}
+
+// getConfig returns the app's configuration from either command line args,
+// or environment variables
+func (app *app) getConfig() {
+	// make config and flag set
+	cfg := &config{}
+	fs := ff.NewFlagSet("apc-p15-tool")
+
+	// define options
+	cfg.logLevel = fs.StringEnum('l', "loglevel", "log level: debug, info, warn, error, dpanic, panic, or fatal",
+		"info", "debug", "warn", "error", "dpanic", "panic", "fatal")
+
+	cfg.keyPemFilePath = fs.StringLong("keyfile", "", "path and filename of the rsa-2048 key in pem format")
+	cfg.certPemFilePath = fs.StringLong("certfile", "", "path and filename of the rsa-2048 key in pem format")
+	// TODO key and pem directly in a flag/env var
+
+	// parse using args and/or ENV vars
+	err := ff.Parse(fs, os.Args[1:], ff.WithEnvVarPrefix(environmentVarPrefix))
+	if err != nil {
+		app.logger.Fatal(ffhelp.Flags(fs))
+		// FATAL
+	}
+
+	// set app config
+	app.config = cfg
+}
--- a/pkg/app/app_logger.go
+++ b/pkg/app/app_logger.go
@ -0,0 +1,47 @@
+package app
+
+import (
+	"os"
+
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapcore"
+)
+
+// makeZapLogger creates a logger for the app; if log level is nil or does not parse
+// the default 'Info' level will be used.
+func makeZapLogger(logLevel *string) *zap.SugaredLogger {
+	// default info level
+	zapLevel := zapcore.InfoLevel
+	var parseErr error
+
+	// try to parse specified level (if there is one)
+	if logLevel != nil {
+		parseLevel, err := zapcore.ParseLevel(*logLevel)
+		if err != nil {
+			parseErr = err
+		} else {
+			zapLevel = parseLevel
+		}
+	}
+
+	// make zap config
+	config := zap.NewProductionEncoderConfig()
+	config.EncodeTime = zapcore.ISO8601TimeEncoder
+	config.LineEnding = "\n"
+
+	// no stack trace
+	config.StacktraceKey = ""
+
+	// make logger
+	consoleEncoder := zapcore.NewConsoleEncoder(config)
+	core := zapcore.NewCore(consoleEncoder, zapcore.AddSync(os.Stdout), zapLevel)
+
+	logger := zap.New(core, zap.AddCaller(), zap.AddStacktrace(zapcore.ErrorLevel)).Sugar()
+
+	// log deferred parse error if there was one
+	if logLevel != nil && parseErr != nil {
+		logger.Errorf("failed to parse requested log level \"%s\" (%s)", *logLevel, parseErr)
+	}
+
+	return logger
+}
--- a/pkg/app/file_header.go
+++ b/pkg/app/file_header.go
@ -0,0 +1,74 @@
+package app
+
+import (
+	"encoding/binary"
+	"errors"
+
+	"github.com/sigurn/crc16"
+)
+
+// makeFileHeader generates the 228 byte header to prepend to the .p15
+// as required by APC UPS NMC. Only 2,048 bit RSA keys are supported
+// so the header will always be written with that key size assumption
+func makeFileHeader(p15File []byte) ([]byte, error) {
+	// original reference code from: https://github.com/bbczeuz/apc_tools
+	// // add APC header
+	// *(uint32_t *)(buf + 0) = 1; // always 1
+	// *(uint32_t *)(buf + 4) = 1; // always 1
+	// strncpy((char *)(buf + 8), "SecurityWizard103", 0xC8); // apparently supposed to identify the creating tool, SecWiz v1.04 sill puts 103 here
+	// *(uint32_t *)(buf + 208) = 1; // always 1
+	// *(uint32_t *)(buf + 212) = 1; // always 1
+	// *(uint32_t *)(buf + 216) = fileSize; // size of the following data
+	// *(uint32_t *)(buf + 208) = keySize; // 1 for 1024 key, otherwise (2048 bit) 2
+	// // 16 bit checksums are moved to 32 bit int with sign-extension
+	// *(uint32_t *)(buf + 220) = (int32_t)calc_cksum(0, buf + 228, fileSize); // checksum of the original file
+	// *(uint32_t *)(buf + 224) = (int32_t)calc_cksum(0, buf, 224); // checksum of the APC header
+
+	// NOTE: This line is unused as it seems the APC CLI tool v1.0.0 code always writes this as a 1 (regardless of key length)
+	// 		*(uint32_t *)(buf + 208) = keySize; // 1 for 1024 key, otherwise (2048 bit) 2
+	// Unsure why this was in original code but seems irrelevant
+
+	header := make([]byte, 228)
+
+	// always 1
+	header[0] = 1
+
+	// always 1
+	header[4] = 1
+
+	// apparently supposed to identify the creating tool
+	toolName := "NMCSecurityWizardCLI100"
+	toolNameBytes := []byte(toolName)
+	if len(toolNameBytes) > 200 {
+		return nil, errors.New("tool name is too big to fit in header")
+	}
+	copy(header[8:], toolNameBytes)
+
+	// always 1
+	header[208] = 1
+
+	// always 1
+	header[212] = 1
+
+	// size of the data after the header (the actual p15 file)
+	size := make([]byte, 4)
+	binary.LittleEndian.PutUint32(size, uint32(len(p15File)))
+	copy(header[216:], size)
+
+	// check sums (CRC Table)
+	checksumTable := crc16.MakeTable(crc16.CRC16_XMODEM)
+
+	// file checksum
+	fileChecksum := make([]byte, 4)
+	binary.LittleEndian.PutUint16(fileChecksum, crc16.Checksum(p15File, checksumTable))
+	copy(header[220:], fileChecksum)
+
+	// header checksum
+	headerChecksum := make([]byte, 4)
+	binary.LittleEndian.PutUint16(headerChecksum, crc16.Checksum(header[:224], checksumTable))
+	copy(header[224:], headerChecksum)
+
+	// this was in original code but
+
+	return header, nil
+}