Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature - Ability to specify time or use current #12

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Feature - Ability to specify time or use current #12

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8257b46
add optional switch -T to specify time, else current time is used
XakerTwo Nov 23, 2024
30565c4
fix optionality issue of switch -T of sh script
XakerTwo Nov 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 11 additions & 5 deletions gencat.sh
100755 → 100644
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@
# Server_v100_ARM64_24H2 - arm 64-bit Windows Server 2025 (not tested + officially the first ARM64 Server)

function usage_and_exit() {
echo Usage: "$0 -o <output-file> [-h <hardware-ids>] [-O OS string] [-A OS attribute string] file1 [ file2 ... ]"
echo Usage: "$0 -o <output-file> [-h <hardware-ids>] [-O OS string] [-A OS attribute string] [-T <generation-time>] file1 [ file2 ... ]"
echo See comment inside this .sh file for list of OS string and OS attributes
exit 1
}
Expand All @@ -68,9 +68,10 @@ OUTPUT_CAT_FILE=-
HARDWARE_ID=windrbd
OS_STRING=7X64,8X64,_v100_X64
OS_ATTR=2:6.1,2:6.2,2:10.0
GEN_TIME="-T 230823140713Z"
DRY_RUN=0

args=$( getopt do:h:O:A: $* )
args=$( getopt do:h:O:A:T: $* )
if [ $? -ne 0 ]
then
usage_and_exit
Expand Down Expand Up @@ -106,6 +107,11 @@ do
shift
shift
;;
-T)
GEN_TIME="-T $2"
shift
shift
;;
--)
shift
break
Expand Down Expand Up @@ -141,13 +147,13 @@ unset IFS

if [ $DRY_RUN -eq 1 ]
then
echo $EXEC_DIR/generate-cat-file -A $OS_ATTR -O $OS_STRING -h $HARDWARE_IDS ${sorted_images[*]}
echo $EXEC_DIR/generate-cat-file "$GEN_TIME" -A $OS_ATTR -O $OS_STRING -h $HARDWARE_IDS ${sorted_images[*]}
exit 0
fi

if [ $OUTPUT_CAT_FILE == '-' ]
then
$EXEC_DIR/generate-cat-file -A $OS_ATTR -O $OS_STRING -h $HARDWARE_IDS ${sorted_images[*]}
$EXEC_DIR/generate-cat-file "$GEN_TIME" -A $OS_ATTR -O $OS_STRING -h $HARDWARE_IDS ${sorted_images[*]}
else
$EXEC_DIR/generate-cat-file -A $OS_ATTR -O $OS_STRING -h $HARDWARE_IDS ${sorted_images[*]} > $OUTPUT_CAT_FILE
$EXEC_DIR/generate-cat-file "$GEN_TIME" -A $OS_ATTR -O $OS_STRING -h $HARDWARE_IDS ${sorted_images[*]} > $OUTPUT_CAT_FILE
fi
25 changes: 22 additions & 3 deletions generate-cat-file.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
#include <sys/errno.h>
#include <ctype.h>
#include <unistd.h>
#include <time.h>

/* DER encoding */

Expand Down Expand Up @@ -990,6 +991,8 @@ void free_allocated(struct pkcs7_toplevel *sdat)
}


free(sdat->data.cert_trust_list.catalog_list_element->a_time);
sdat->data.cert_trust_list.catalog_list_element->a_time = NULL;
free(sdat->data.cert_trust_list.catalog_list_element);
}

Expand Down Expand Up @@ -1032,9 +1035,10 @@ void create_binary_tree(struct pkcs7_toplevel *sdat)

void __attribute((noreturn)) usage_and_exit(void)
{
fprintf(stderr, "Usage: generate_cat_file -h <hardware-ids> [-O OS string] [-A OS attribute string] file-with-hash1 [ file-with-hash2 ... ]\n");
fprintf(stderr, "Usage: generate_cat_file -h <hardware-ids> [-O OS string] [-A OS attribute string] [-T <generation-time>] file-with-hash1 [ file-with-hash2 ... ]\n");
fprintf(stderr, "Generates a Microsoft Security Catalog (\".cat\") file.\n");
fprintf(stderr, "hardware-ids is comma separated list\n");
fprintf(stderr, "generation-time has the format YYmmddHHMMSSZ, Z is constant, means 0 timezone\n");
fprintf(stderr, "file-with-hash has the format filename:sha1-hash-in-hex[:PE]\n");
fprintf(stderr, "Use osslsigncode to sign it afterwards.\n");
exit(1);
Expand Down Expand Up @@ -1205,9 +1209,10 @@ int main(int argc, char **argv)
char *os_string = "7X64,8X64,_v100_X64";
char *os_attr_string = "2:6.1,2:6.2,2:10.0";
char *hardware_ids = NULL;
char *gen_time = NULL;
char c;

while ((c = getopt(argc, argv, "h:A:O:")) != -1) {
while ((c = getopt(argc, argv, "h:A:O:T:")) != -1) {
switch (c) {
case 'h':
//hardware_ids = strdup(optarg);
Expand All @@ -1219,6 +1224,9 @@ int main(int argc, char **argv)
case 'O':
os_string = optarg;
break;
case 'T':
gen_time = strdup(optarg); //strdup for avoid complications with freeing
break;
default:
usage_and_exit();
}
Expand All @@ -1228,6 +1236,16 @@ int main(int argc, char **argv)
usage_and_exit();
}

if (gen_time) {
if (strlen(gen_time) != 13 || gen_time[12] != 'Z')
usage_and_exit();
}
else {
gen_time = malloc(14);
time_t t = time(NULL);
strftime(gen_time, 14, "%y%m%d%H%M%SZ", gmtime(&t));
}

parse_hwids_arg(hardware_ids, &hwids);
parse_file_args(argv + optind, argc - optind, os_attr_string, &files);

Expand All @@ -1241,7 +1259,7 @@ int main(int argc, char **argv)

s.data.an_int = 1;
s.data.cert_trust_list.catalog_list_element->a_hash = a_hash;
s.data.cert_trust_list.catalog_list_element->a_time = "230823140713Z";
s.data.cert_trust_list.catalog_list_element->a_time = gen_time;
s.data.cert_trust_list.catalog_list_element->hwids = hwids;
s.data.cert_trust_list.catalog_list_element->files = files;
s.data.cert_trust_list.catalog_list_element->os_info.data.name = "OS";
Expand Down Expand Up @@ -1285,6 +1303,7 @@ int main(int argc, char **argv)
datacache.node = root_node; //otherwise, all used nodes except the last one would not be freed
free_allocated(&s);
root_node = NULL; files = NULL;
gen_time = NULL;
hwids = NULL;
//free(hardware_ids);
//hardware_ids = NULL;
Expand Down