VirtualBox

source: vbox/trunk/src/VBox/Runtime/common/crypto/pkcs7-asn1-decoder.cpp@ 75482

Last change on this file since 75482 was 74760, checked in by vboxsync, 6 years ago

IPRT/ldr/asn1/pkcs7: Ironed out issues in decoding indefinite ASN.1 length records and successfully verified the first Mach-O signature. bugref:9232

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 6.4 KB
Line 
1/* $Id: pkcs7-asn1-decoder.cpp 74760 2018-10-11 11:25:24Z vboxsync $ */
2/** @file
3 * IPRT - Crypto - PKCS \#7, Decoder for ASN.1.
4 */
5
6/*
7 * Copyright (C) 2006-2017 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*********************************************************************************************************************************
29* Header Files *
30*********************************************************************************************************************************/
31#include "internal/iprt.h"
32#include <iprt/crypto/pkcs7.h>
33
34#include <iprt/err.h>
35#include <iprt/string.h>
36#include <iprt/crypto/spc.h>
37#include <iprt/crypto/tsp.h>
38
39#include "pkcs7-internal.h"
40
41
42/*
43 * PKCS #7 ContentInfo
44 */
45typedef enum RTCRPKCS7CONTENTINFOCHOICE
46{
47 RTCRPKCS7CONTENTINFOCHOICE_INVALID = 0,
48 RTCRPKCS7CONTENTINFOCHOICE_UNKNOWN,
49 RTCRPKCS7CONTENTINFOCHOICE_SIGNED_DATA,
50 RTCRPKCS7CONTENTINFOCHOICE_SPC_INDIRECT_DATA_CONTENT,
51 RTCRPKCS7CONTENTINFOCHOICE_TSP_TST_INFO,
52 RTCRPKCS7CONTENTINFOCHOICE_END,
53 RTCRPKCS7CONTENTINFOCHOICE_32BIT_HACK = 0x7fffffff
54} RTCRPKCS7CONTENTINFOCHOICE;
55
56static int rtCrPkcs7ContentInfo_DecodeExtra(PRTASN1CURSOR pCursor, uint32_t fFlags, PRTCRPKCS7CONTENTINFO pThis,
57 const char *pszErrorTag)
58{
59 RT_NOREF_PV(fFlags); RT_NOREF_PV(pszErrorTag);
60 pThis->u.pCore = NULL;
61
62 /*
63 * Figure the type.
64 */
65 RTCRPKCS7CONTENTINFOCHOICE enmChoice;
66 size_t cbContent = 0;
67 if (RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRPKCS7SIGNEDDATA_OID) == 0)
68 {
69 enmChoice = RTCRPKCS7CONTENTINFOCHOICE_SIGNED_DATA;
70 cbContent = sizeof(*pThis->u.pSignedData);
71 }
72 else if (RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRSPCINDIRECTDATACONTENT_OID) == 0)
73 {
74 enmChoice = RTCRPKCS7CONTENTINFOCHOICE_SPC_INDIRECT_DATA_CONTENT;
75 cbContent = sizeof(*pThis->u.pIndirectDataContent);
76 }
77 else if (RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRTSPTSTINFO_OID) == 0)
78 {
79 enmChoice = RTCRPKCS7CONTENTINFOCHOICE_TSP_TST_INFO;
80 cbContent = sizeof(*pThis->u.pTstInfo);
81 }
82 else
83 {
84 enmChoice = RTCRPKCS7CONTENTINFOCHOICE_UNKNOWN;
85 cbContent = 0;
86 }
87
88 int rc = VINF_SUCCESS;
89 if (enmChoice != RTCRPKCS7CONTENTINFOCHOICE_UNKNOWN)
90 {
91 /*
92 * Detect CMS octet string format and open the content cursor.
93 *
94 * Current we don't have any octent string content which, they're all
95 * sequences, which make detection so much simpler.
96 */
97 PRTASN1OCTETSTRING pOctetString = &pThis->Content;
98 RTASN1CURSOR ContentCursor;
99 rc = RTAsn1CursorInitSubFromCore(pCursor, &pThis->Content.Asn1Core, &ContentCursor, "Content");
100 if ( RT_SUCCESS(rc)
101 && RTAsn1CursorIsNextEx(&ContentCursor, ASN1_TAG_OCTET_STRING, ASN1_TAGFLAG_PRIMITIVE | ASN1_TAGCLASS_UNIVERSAL))
102 {
103 rc = RTAsn1MemAllocZ(&pThis->Content.EncapsulatedAllocation, (void **)&pThis->Content.pEncapsulated,
104 sizeof(*pOctetString));
105 if (RT_SUCCESS(rc))
106 {
107 pThis->pCmsContent = pOctetString = (PRTASN1OCTETSTRING)pThis->Content.pEncapsulated;
108 rc = RTAsn1OctetString_DecodeAsn1(&ContentCursor, 0, pOctetString, "CmsContent");
109 if (RT_SUCCESS(rc))
110 rc = RTAsn1CursorCheckEnd(&ContentCursor);
111 if (RT_SUCCESS(rc))
112 rc = RTAsn1CursorInitSubFromCore(pCursor, &pOctetString->Asn1Core, &ContentCursor, "CmsContent");
113 }
114 }
115 if (RT_SUCCESS(rc))
116 {
117 /*
118 * Allocate memory for the decoded content.
119 */
120 rc = RTAsn1MemAllocZ(&pOctetString->EncapsulatedAllocation, (void **)&pOctetString->pEncapsulated, cbContent);
121 if (RT_SUCCESS(rc))
122 {
123 pThis->u.pCore = pOctetString->pEncapsulated;
124
125 /*
126 * Decode it.
127 */
128 switch (enmChoice)
129 {
130 case RTCRPKCS7CONTENTINFOCHOICE_SIGNED_DATA:
131 rc = RTCrPkcs7SignedData_DecodeAsn1(&ContentCursor, 0, pThis->u.pSignedData, "SignedData");
132 break;
133 case RTCRPKCS7CONTENTINFOCHOICE_SPC_INDIRECT_DATA_CONTENT:
134 rc = RTCrSpcIndirectDataContent_DecodeAsn1(&ContentCursor, 0, pThis->u.pIndirectDataContent,
135 "IndirectDataContent");
136 break;
137 case RTCRPKCS7CONTENTINFOCHOICE_TSP_TST_INFO:
138 rc = RTCrTspTstInfo_DecodeAsn1(&ContentCursor, 0, pThis->u.pTstInfo, "TstInfo");
139 break;
140 default:
141 AssertFailed();
142 rc = VERR_IPE_NOT_REACHED_DEFAULT_CASE;
143 break;
144 }
145 if (RT_SUCCESS(rc))
146 rc = RTAsn1CursorCheckOctStrEnd(&ContentCursor, &pThis->Content);
147 if (RT_SUCCESS(rc))
148 return VINF_SUCCESS;
149
150 RTAsn1MemFree(&pOctetString->EncapsulatedAllocation, pOctetString->pEncapsulated);
151 pOctetString->pEncapsulated = NULL;
152 pThis->u.pCore = NULL;
153 }
154 }
155 }
156 return rc;
157}
158
159
160/*
161 * Generate the code.
162 */
163#include <iprt/asn1-generator-asn1-decoder.h>
164
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette