From 4a4047c326d717d30fb0bf9d001ba57c1e20af77 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Wed, 24 Apr 2019 15:27:29 +0100
Subject: [PATCH] Add script to auto-generate certs.c

This commit adds the script scripts/generate_certs.sh which
parses library/certs.c and inserts certificate and key files
for any block of the form

   /* BEGIN FILE [string|binary] [variable|macro] NAME FILE */
   ...
   /* END FILE */

Here, the first argument string / binary indicates whether the
file should be inserted as a string or as a binary array. The
second argument indicates whether the resulting object should
be registered as a C variable or a macro.

This script allows to easily update certs.c in case any of the
test certificates from tests/data_files change, or new test
certificates / keys need to be added.
---
 scripts/generate_certs.sh | 66 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 66 insertions(+)
 create mode 100755 scripts/generate_certs.sh

diff --git a/scripts/generate_certs.sh b/scripts/generate_certs.sh
new file mode 100755
index 000000000..4de4a5324
--- /dev/null
+++ b/scripts/generate_certs.sh
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+if [ -d include/mbedtls ]; then :; else
+    echo "$0: must be run from root" >&2
+    exit 1
+fi
+
+CERTS="library/certs.c"
+CERTS_TMP="${CERTS}.tmp"
+CERTS_NEW="${CERTS}.new"
+
+# Remove bodies of BEGIN FILE ... END FILE blocks
+SED_RM_FILE_BODIES=":o; /BEGIN FILE/!{p;n;bo}; /BEGIN FILE/{p; n; :i; /END FILE/{n; bo}; n; bi}"
+sed -n "${SED_RM_FILE_BODIES}" $CERTS > ${CERTS_TMP}
+while IFS= read -r line; do
+    echo "$line"
+    CMD=`echo "$line" | sed -n 's/^\/\* BEGIN FILE \([^ ]*\) \([^ ]*\) \([^ ]*\) \([^ ]*\)*.*$/\1 \2 \3 \4/p'`
+    if [ -n "$CMD" ]; then
+        enc=$(echo "$CMD" | cut -f1 -d' ' )
+        type=$(echo "$CMD" | cut -f2 -d' ' )
+        name=$(echo "$CMD" | cut -f3 -d' ' )
+        file=$(echo "$CMD" | cut -f4 -d' ' )
+
+        if [ "$type" != "variable" ] && [ "$type" != "macro" ]; then
+            exit 1
+        fi
+
+        if [ "$enc" != "string" ] && [ "$enc" != "binary" ]; then
+            exit 1
+        fi
+
+        # Support 'binary' and 'string' encoding
+        # Support 'variable' and 'macro' types
+
+        if [ "$enc" = "binary" ]; then
+            DATA=`xxd -i "$file" | tail -n +2 | head -n -2 | sed 's/^[ ]*/    /'`
+        elif [ "$enc" = "string" ]; then
+            DATA=`cat "$file" | sed 's/^/    \"/;s/$/\\r\\n\"/'`
+        fi
+
+        if [ "$type" = "variable" ]; then
+            if [ "$enc" = "binary" ]; then
+                echo "const unsigned char ${name}[] = {"
+                xxd -i "$file" | sed 's/^[ ]*/    /' | tail -n +2 | head -n -2
+                echo "};"
+            elif [ "$enc" = "string" ]; then
+                echo "const char ${name}[] ="
+                cat "$file" | head -n -1 | sed 's/^/    \"/;s/$/\\r\\n\"/'
+                cat "$file" | tail -n 1  | sed 's/^/    \"/;s/$/\\r\\n\";/'
+            fi
+        elif [ "$type" = "macro" ]; then
+            if [ "$enc" = "binary" ]; then
+                printf '%-77s\\\n' "#define ${name} {"
+                xxd -i "$file" | sed 's/^[ ]*/    /' | tail -n +2 | head -n -2 |
+                    xargs -d'\n' printf '%-77s\\\n'
+                echo "}"
+            elif [ "$enc" = "string" ]; then
+                printf '%-75s\\\n' "#define ${name}"
+                cat "$file" | head -n -1 | sed 's/^/    \"/; s/$/\\r\\n\"/' | xargs -d'\n' printf '%-75s\\\n'
+                cat "$file" | tail -n 1  | sed 's/^/    \"/; s/$/\\r\\n\"/'
+            fi
+        fi
+
+        echo "/* END FILE */"
+    fi
+done < ${CERTS_TMP} > ${CERTS}