Everything should be working, but I'm having a hard time finding a binary
to test with that doesn't encounter other parsing issues (no countersignature,
extra data in the unauthenticatedAttributes section, etc.)
... | ... |
@@ -127,6 +127,14 @@ static int map_raw(fmap_t *map, const void *data, unsigned int len, uint8_t raw[ |
127 | 127 |
return 0; |
128 | 128 |
} |
129 | 129 |
|
130 |
+static int map_sha256(fmap_t *map, const void *data, unsigned int len, uint8_t sha256[SHA256_HASH_SIZE]) { |
|
131 |
+ if(!fmap_need_ptr_once(map, data, len)) { |
|
132 |
+ cli_dbgmsg("map_sha256: failed to read hash data\n"); |
|
133 |
+ return 1; |
|
134 |
+ } |
|
135 |
+ return (cl_sha256(data, len, sha256, NULL) == NULL); |
|
136 |
+} |
|
137 |
+ |
|
130 | 138 |
static int map_sha1(fmap_t *map, const void *data, unsigned int len, uint8_t sha1[SHA1_HASH_SIZE]) { |
131 | 139 |
if(!fmap_need_ptr_once(map, data, len)) { |
132 | 140 |
cli_dbgmsg("map_sha1: failed to read hash data\n"); |
... | ... |
@@ -282,8 +290,7 @@ static int asn1_expect_rsa(fmap_t *map, const void **asn1data, unsigned int *asn |
282 | 282 |
return 1; |
283 | 283 |
} |
284 | 284 |
else if(obj.size == lenof(OID_sha256WithRSAEncryption) && !memcmp(obj.content, OID_sha256WithRSAEncryption, lenof(OID_sha256WithRSAEncryption))) { |
285 |
- cli_dbgmsg("asn1_expect_rsa: SHA256 with RSA (not yet supported)\n"); |
|
286 |
- return 1; |
|
285 |
+ *hashtype = CLI_SHA256RSA; /* sha256WithRSAEncryption 1.2.840.113549.1.1.11 */ |
|
287 | 286 |
} |
288 | 287 |
else if(obj.size == lenof(OID_sha512WithRSAEncryption) && !memcmp(obj.content, OID_sha512WithRSAEncryption, lenof(OID_sha512WithRSAEncryption))) { |
289 | 288 |
cli_dbgmsg("asn1_expect_rsa: SHA512 with RSA (not yet supported)\n"); |
... | ... |
@@ -759,7 +766,9 @@ static int asn1_get_x509(fmap_t *map, const void **asn1data, unsigned int *size, |
759 | 759 |
break; |
760 | 760 |
} |
761 | 761 |
|
762 |
- if((x509.hashtype == CLI_SHA1RSA && map_sha1(map, tbsdata, tbssize, x509.tbshash)) || (x509.hashtype == CLI_MD5RSA && (map_md5(map, tbsdata, tbssize, x509.tbshash)))) |
|
762 |
+ if((x509.hashtype == CLI_SHA1RSA && map_sha1(map, tbsdata, tbssize, x509.tbshash)) || \ |
|
763 |
+ (x509.hashtype == CLI_MD5RSA && map_md5(map, tbsdata, tbssize, x509.tbshash)) || \ |
|
764 |
+ (x509.hashtype == CLI_SHA256RSA && map_sha256(map, tbsdata, tbssize, x509.tbshash))) |
|
763 | 765 |
break; |
764 | 766 |
|
765 | 767 |
if(crtmgr_add(other, &x509)) |
... | ... |
@@ -1508,6 +1517,8 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
1508 | 1508 |
ctx = cl_hash_init("sha1"); |
1509 | 1509 |
} else if (hashtype == CLI_MD5RSA) { |
1510 | 1510 |
ctx = cl_hash_init("md5"); |
1511 |
+ } else { |
|
1512 |
+ break; |
|
1511 | 1513 |
} |
1512 | 1514 |
|
1513 | 1515 |
if (!(ctx)) |
... | ... |
@@ -27,6 +27,15 @@ |
27 | 27 |
#include "others.h" |
28 | 28 |
#include "crtmgr.h" |
29 | 29 |
|
30 |
+#define OID_1_2_840_113549_2_5 "\x2a\x86\x48\x86\xf7\x0d\x02\x05" |
|
31 |
+#define OID_md5 OID_1_2_840_113549_2_5 |
|
32 |
+ |
|
33 |
+#define OID_1_3_14_3_2_26 "\x2b\x0e\x03\x02\x1a" |
|
34 |
+#define OID_sha1 OID_1_3_14_3_2_26 |
|
35 |
+ |
|
36 |
+#define OID_2_16_840_1_101_3_4_2_1 "\x60\x86\x48\x01\x65\x03\x04\x02\x01" |
|
37 |
+#define OID_sha256 OID_2_16_840_1_101_3_4_2_1 |
|
38 |
+ |
|
30 | 39 |
int cli_crt_init(cli_crt *x509) { |
31 | 40 |
int ret; |
32 | 41 |
if((ret = mp_init_multi(&x509->n, &x509->e, &x509->sig, NULL))) { |
... | ... |
@@ -132,7 +141,6 @@ int crtmgr_add(crtmgr *m, cli_crt *x509) { |
132 | 132 |
|
133 | 133 |
memcpy(i->raw_subject, x509->raw_subject, sizeof(i->raw_subject)); |
134 | 134 |
memcpy(i->raw_issuer, x509->raw_issuer, sizeof(i->raw_issuer)); |
135 |
- memcpy(i->raw_tbshash, x509->raw_tbshash, sizeof(i->raw_tbshash)); |
|
136 | 135 |
memcpy(i->raw_serial, x509->raw_serial, sizeof(i->raw_serial)); |
137 | 136 |
memcpy(i->subject, x509->subject, sizeof(i->subject)); |
138 | 137 |
memcpy(i->serial, x509->serial, sizeof(i->serial)); |
... | ... |
@@ -187,10 +195,21 @@ void crtmgr_free(crtmgr *m) { |
187 | 187 |
|
188 | 188 |
static int crtmgr_rsa_verify(cli_crt *x509, mp_int *sig, cli_crt_hashtype hashtype, const uint8_t *refhash) { |
189 | 189 |
int keylen = mp_unsigned_bin_size(&x509->n), siglen = mp_unsigned_bin_size(sig); |
190 |
- int ret, j, objlen, hashlen = (hashtype == CLI_SHA1RSA) ? SHA1_HASH_SIZE : 16; |
|
190 |
+ int ret, j, objlen, hashlen; |
|
191 | 191 |
uint8_t d[513]; |
192 | 192 |
mp_int x; |
193 | 193 |
|
194 |
+ if (hashtype == CLI_SHA1RSA) { |
|
195 |
+ hashlen = SHA1_HASH_SIZE; |
|
196 |
+ } else if (hashtype == CLI_MD5RSA) { |
|
197 |
+ hashlen = MD5_HASH_SIZE; |
|
198 |
+ } else if (hashtype == CLI_SHA256RSA) { |
|
199 |
+ hashlen = SHA256_HASH_SIZE; |
|
200 |
+ } else { |
|
201 |
+ cli_errmsg("crtmgr_rsa_verify: Unsupported hashtype\n"); |
|
202 |
+ return 1; |
|
203 |
+ } |
|
204 |
+ |
|
194 | 205 |
if((ret = mp_init(&x))) { |
195 | 206 |
cli_errmsg("crtmgr_rsa_verify: mp_init failed with %d\n", ret); |
196 | 207 |
return 1; |
... | ... |
@@ -244,12 +263,20 @@ static int crtmgr_rsa_verify(cli_crt *x509, mp_int *sig, cli_crt_hashtype hashty |
244 | 244 |
if(keylen < objlen) |
245 | 245 |
break; |
246 | 246 |
if(objlen == 9) { |
247 |
- if(hashtype != CLI_SHA1RSA || memcmp(&d[j], "\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00", 9)) { |
|
247 |
+ // Check for OID type indicating a length of 5, OID_sha1, and the NULL type/value |
|
248 |
+ if(hashtype != CLI_SHA1RSA || memcmp(&d[j], "\x06\x05" OID_sha1 "\x05\x00", 9)) { |
|
248 | 249 |
cli_errmsg("crtmgr_rsa_verify: FIXME ACAB - CRYPTO MISSING?\n"); |
249 | 250 |
break; |
250 | 251 |
} |
251 | 252 |
} else if(objlen == 12) { |
252 |
- if(hashtype != CLI_MD5RSA || memcmp(&d[j], "\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05\x05\x00", 12)) { |
|
253 |
+ // Check for OID type indicating a length of 8, OID_md5, and the NULL type/value |
|
254 |
+ if(hashtype != CLI_MD5RSA || memcmp(&d[j], "\x06\x08" OID_md5 "\x05\x00", 12)) { |
|
255 |
+ cli_errmsg("crtmgr_rsa_verify: FIXME ACAB - CRYPTO MISSING?\n"); |
|
256 |
+ break; |
|
257 |
+ } |
|
258 |
+ } else if(objlen == 13) { |
|
259 |
+ // Check for OID type indicating a length of 9, OID_sha256, and the NULL type/value |
|
260 |
+ if(hashtype != CLI_SHA256RSA || memcmp(&d[j], "\x06\x09" OID_sha256 "\x05\x00", 13)) { |
|
253 | 261 |
cli_errmsg("crtmgr_rsa_verify: FIXME ACAB - CRYPTO MISSING?\n"); |
254 | 262 |
break; |
255 | 263 |
} |
... | ... |
@@ -26,7 +26,7 @@ |
26 | 26 |
|
27 | 27 |
#include "bignum.h" |
28 | 28 |
|
29 |
-typedef enum { CLI_SHA1RSA, CLI_MD5RSA } cli_crt_hashtype; |
|
29 |
+typedef enum { CLI_SHA1RSA, CLI_MD5RSA, CLI_SHA256RSA } cli_crt_hashtype; |
|
30 | 30 |
typedef enum {VRFY_CODE, VRFY_TIME} cli_vrfy_type; |
31 | 31 |
|
32 | 32 |
#define CRT_RAWMAXLEN 64 |
... | ... |
@@ -34,12 +34,14 @@ typedef struct cli_crt_t { |
34 | 34 |
char *name; |
35 | 35 |
uint8_t raw_subject[CRT_RAWMAXLEN]; |
36 | 36 |
uint8_t raw_issuer[CRT_RAWMAXLEN]; |
37 |
- uint8_t raw_tbshash[CRT_RAWMAXLEN]; |
|
38 | 37 |
uint8_t raw_serial[CRT_RAWMAXLEN]; |
39 | 38 |
uint8_t subject[SHA1_HASH_SIZE]; |
40 | 39 |
uint8_t issuer[SHA1_HASH_SIZE]; |
41 |
- uint8_t tbshash[SHA1_HASH_SIZE]; |
|
42 | 40 |
uint8_t serial[SHA1_HASH_SIZE]; |
41 |
+ /* tbshash holds the hash we'll use for verification with data in the sig, |
|
42 |
+ * so it must have at least enough space for the largest hash in |
|
43 |
+ * cli_crt_hashtype */ |
|
44 |
+ uint8_t tbshash[SHA256_HASH_SIZE]; |
|
43 | 45 |
mp_int n; |
44 | 46 |
mp_int e; |
45 | 47 |
mp_int sig; |