Update rewrite ruls to handled encrypted and signed files

Add certutils from usecallmanager.nz
Add etc/certs directory

tools/certutils/TLV/Builder.pm

@@ -0,0 +1,76 @@
+#!/usr/bin/perl
+
+package TLV::Builder;
+
+use strict;
+use parent qw/Exporter/;
+use Carp qw/croak/;
+
+our $VERSION = '1.0';
+
+sub new {
+    my $class = shift;
+
+    my $self = {
+	content => undef,
+	index   => 0
+    };
+
+    return bless ($self, $class);
+}
+
+sub next_tag {
+    my ($self, $tag);
+
+    $self = shift;
+    $tag  = shift;
+
+    $self->{content} .= pack ('C', $tag);
+    $self->{index} += 1;
+
+    return $self->{tag};
+}
+
+sub next_length {
+    my ($self, $length);
+
+    $self   = shift;
+    $length = shift;
+
+    croak 'Length is 0' unless ($length);
+
+    $self->{content} .= pack ('S>', $length);
+    $self->{index} += 2;
+}
+
+sub next_value {
+    my ($self, $value);
+
+    $self  = shift;
+    $value = shift;
+
+    $self->{content} .= $value;
+    $self->{index} += length $value;
+}
+
+sub index {
+    my $self = shift;
+    return $self->{index};
+}
+
+sub length {
+    my ($self, $index, $length);
+
+    $self   = shift;
+    $index  = shift;
+    $length = shift;
+
+    substr ($self->{content}, $index, 2, pack ('S>', $length));
+}
+
+sub content {
+    my $self = shift;
+    return $self->{content};
+}
+
+1;

tools/certutils/TLV/Parser.pm

@@ -0,0 +1,96 @@
+#!/usr/bin/perl
+
+package TLV::Parser;
+
+use strict;
+use parent qw/Exporter/;
+use Carp qw/croak/;
+
+our $VERSION = '1.0';
+
+sub new {
+    my ($class, $content);
+
+    $class   = shift;
+    $content = shift;
+
+    croak 'No content' unless (length $content);
+
+    my $self = {
+	content        => $content,
+	content_length => length $content,
+	index          => 0,
+	tag            => undef,
+	length         => 0,
+	value          => undef
+    };
+
+    return bless ($self, $class);
+}
+
+sub next_tag {
+    my $self = shift;
+
+    croak 'No space for tag' if ($self->{index} + 1 > $self->{content_length});
+
+    $self->{tag} = unpack ('C', substr ($self->{content}, $self->{index}, 1));
+    $self->{index} += 1;
+
+    return $self->{tag};
+}
+
+sub next_length {
+    my $self = shift;
+
+    croak 'No space for length' if ($self->{index} + 2 > $self->{content_length});
+
+    $self->{length} = unpack ('S>', substr ($self->{content}, $self->{index}, 2));
+    $self->{index} += 2;
+
+    croak 'Length is 0' unless ($self->{length});
+
+    return $self->{length};
+}
+
+sub next_value {
+    my $self = shift;
+
+    croak 'No space for value' if ($self->{index} + $self->{length} > $self->{content_length});
+
+    $self->{value} = substr ($self->{content}, $self->{index}, $self->{length});
+    $self->{index} += $self->{length};
+
+    return $self->{value};
+}
+
+sub index {
+    my $self = shift;
+    return $self->{index};
+}
+
+sub tag {
+    my $self = shift;
+    return $self->{tag};
+}
+
+sub length {
+    my $self = shift;
+    return $self->{length};
+}
+
+sub value {
+    my $self = shift;
+    return $self->{value};
+}
+
+sub content {
+    my $self = shift;
+    return $self->{content};
+}
+
+sub done {
+    my $self = shift;
+    return $self->{index} == $self->{content_length};
+}
+
+1;

tools/certutils/TLV/Tags.pm

@@ -0,0 +1,74 @@
+#!/usr/bin/perl
+
+package TLV::Tags;
+
+use strict;
+use parent qw/Exporter/;
+
+our $VERSION = '1.0';
+
+our %EXPORT_TAGS = (header   => [qw/HEADER_VERSION HEADER_LENGTH HEADER_SIGNER_ID HEADER_SIGNER_NAME HEADER_SERIAL_NUMBER
+				    HEADER_CA_NAME HEADER_SIGNATURE_INFO HEADER_DIGEST_ALGORITHM
+				    HEADER_SIGNATURE_ALGORITHM_INFO HEADER_SIGNATURE_ALGORITHM HEADER_SIGNATURE_MODULUS
+				    HEADER_SIGNATURE HEADER_PADDING HEADER_FILENAME HEADER_TIMESTAMP/],
+		    record   => [qw/RECORD_LENGTH RECORD_DNS_NAME RECORD_SUBJECT_NAME RECORD_FUNCTION RECORD_ISSUER_NAME
+				    RECORD_SERIAL_NUMBER RECORD_PUBLIC_KEY RECORD_SIGNATURE RECORD_CERTIFICATE
+			            RECORD_IP_ADDRESS RECORD_CERTIFICATE_HASH RECORD_HASH_ALGORITHM/],
+		    digest   => [qw/DIGEST_SHA1 DIGEST_SHA256 DIGEST_SHA384 DIGEST_SHA512/],
+		    function => [qw/FUNCTION_SAST FUNCTION_CCM FUNCTION_CCM_TFTP FUNCTION_TFTP FUNCTION_CAPF FUNCTION_SRST
+		                    FUNCTION_HTTPS FUNCTION_TVS/]);
+
+our @EXPORT_OK = (@{$EXPORT_TAGS{header}}, @{$EXPORT_TAGS{record}}, @{$EXPORT_TAGS{digest}}, @{$EXPORT_TAGS{function}});
+
+use constant {
+    HEADER_VERSION                  => 1,
+    HEADER_LENGTH                   => 2,
+    HEADER_SIGNER_ID                => 3,
+    HEADER_SIGNER_NAME              => 4,
+    HEADER_SERIAL_NUMBER            => 5,
+    HEADER_CA_NAME                  => 6,
+    HEADER_SIGNATURE_INFO           => 7,
+    HEADER_DIGEST_ALGORITHM         => 8,
+    HEADER_SIGNATURE_ALGORITHM_INFO => 9,
+    HEADER_SIGNATURE_ALGORITHM      => 10,
+    HEADER_SIGNATURE_MODULUS        => 11,
+    HEADER_SIGNATURE                => 12,
+    HEADER_PADDING                  => 13,
+    HEADER_FILENAME                 => 14,
+    HEADER_TIMESTAMP                => 15
+};
+
+use constant {
+    RECORD_LENGTH           => 1,
+    RECORD_DNS_NAME         => 2,
+    RECORD_SUBJECT_NAME     => 3,
+    RECORD_FUNCTION         => 4,
+    RECORD_ISSUER_NAME      => 5,
+    RECORD_SERIAL_NUMBER    => 6,
+    RECORD_PUBLIC_KEY       => 7,
+    RECORD_SIGNATURE        => 8,
+    RECORD_CERTIFICATE      => 9,
+    RECORD_IP_ADDRESS       => 10,
+    RECORD_CERTIFICATE_HASH => 11,
+    RECORD_HASH_ALGORITHM   => 12
+};
+
+use constant {
+    DIGEST_SHA1   => 1,
+    DIGEST_SHA256 => 2,
+    DIGEST_SHA384 => 3,
+    DIGEST_SHA512 => 4
+};
+
+use constant {
+    FUNCTION_SAST     => 0,
+    FUNCTION_CCM      => 1,
+    FUNCTION_CCM_TFTP => 2,
+    FUNCTION_TFTP     => 3,
+    FUNCTION_CAPF     => 4,
+    FUNCTION_SRST     => 5,
+    FUNCTION_HTTPS    => 7,
+    FUNCTION_TVS      => 21
+};
+
+1;