1 #include "config.h"
2 
3 #include "csr.hpp"
4 
5 #include <openssl/bio.h>
6 #include <openssl/buffer.h>
7 #include <openssl/ossl_typ.h>
8 #include <openssl/pem.h>
9 #include <openssl/x509.h>
10 
11 #include <phosphor-logging/elog-errors.hpp>
12 #include <phosphor-logging/elog.hpp>
13 #include <phosphor-logging/log.hpp>
14 #include <xyz/openbmc_project/Certs/error.hpp>
15 #include <xyz/openbmc_project/Common/error.hpp>
16 
17 #include <cstdio>
18 #include <filesystem>
19 #include <memory>
20 #include <utility>
21 
22 namespace phosphor::certs
23 {
24 
25 using ::phosphor::logging::elog;
26 using ::phosphor::logging::entry;
27 using ::phosphor::logging::level;
28 using ::phosphor::logging::log;
29 using ::sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
30 namespace fs = std::filesystem;
31 
32 using X509ReqPtr = std::unique_ptr<X509_REQ, decltype(&::X509_REQ_free)>;
33 using BIOPtr = std::unique_ptr<BIO, decltype(&::BIO_free_all)>;
34 
35 CSR::CSR(sdbusplus::bus_t& bus, const char* path, std::string&& installPath,
36          const Status& status) :
37     internal::CSRInterface(bus, path,
38                            internal::CSRInterface::action::defer_emit),
39     objectPath(path), certInstallPath(std::move(installPath)), csrStatus(status)
40 {
41     // Emit deferred signal.
42     this->emit_object_added();
43 }
44 
45 std::string CSR::csr()
46 {
47     if (csrStatus == Status::failure)
48     {
49         log<level::ERR>("Failure in Generating CSR");
50         elog<InternalFailure>();
51     }
52     fs::path csrFilePath = certInstallPath;
53     csrFilePath = csrFilePath.parent_path() / defaultCSRFileName;
54     if (!fs::exists(csrFilePath))
55     {
56         log<level::ERR>("CSR file doesn't exists",
57                         entry("FILENAME=%s", csrFilePath.c_str()));
58         elog<InternalFailure>();
59     }
60 
61     FILE* fp = std::fopen(csrFilePath.c_str(), "r");
62     X509ReqPtr x509Req(PEM_read_X509_REQ(fp, nullptr, nullptr, nullptr),
63                        ::X509_REQ_free);
64     if (x509Req == nullptr || fp == nullptr)
65     {
66         if (fp != nullptr)
67         {
68             std::fclose(fp);
69         }
70         log<level::ERR>("ERROR occurred while reading CSR file",
71                         entry("FILENAME=%s", csrFilePath.c_str()));
72         elog<InternalFailure>();
73     }
74     std::fclose(fp);
75 
76     BIOPtr bio(BIO_new(BIO_s_mem()), ::BIO_free_all);
77     int ret = PEM_write_bio_X509_REQ(bio.get(), x509Req.get());
78     if (ret <= 0)
79     {
80         log<level::ERR>("Error occurred while calling PEM_write_bio_X509_REQ");
81         elog<InternalFailure>();
82     }
83 
84     BUF_MEM* mem = nullptr;
85     BIO_get_mem_ptr(bio.get(), &mem);
86     std::string pem(mem->data, mem->length);
87     return pem;
88 }
89 
90 } // namespace phosphor::certs
91