...
|
...
|
@@ -523,7 +523,7 @@ static int asn1_get_x509(fmap_t *map, const void **asn1data, unsigned int *size,
|
523
|
523
|
if(map_sha1(map, obj.content, obj.size, x509.serial))
|
524
|
524
|
break;
|
525
|
525
|
|
526
|
|
- if(asn1_expect_rsa(map, &obj.next, &tbs.size, &hashtype1)) /* algo = sha1WithRSAEncryption | md5WithRSAEncryption */
|
|
526
|
+ if(asn1_expect_rsa(map, &obj.next, &tbs.size, &hashtype1)) /* algo - Ex: sha1WithRSAEncryption */
|
527
|
527
|
break;
|
528
|
528
|
|
529
|
529
|
if(asn1_expect_objtype(map, obj.next, &tbs.size, &obj, ASN1_TYPE_SEQUENCE)) /* issuer */
|
...
|
...
|
@@ -731,7 +731,7 @@ static int asn1_get_x509(fmap_t *map, const void **asn1data, unsigned int *size,
|
731
|
731
|
if(map_sha1(map, issuer, issuersize, x509.issuer))
|
732
|
732
|
break;
|
733
|
733
|
|
734
|
|
- if(asn1_expect_rsa(map, &tbs.next, &crt.size, &hashtype2)) /* signature algo = sha1WithRSAEncryption | md5WithRSAEncryption */
|
|
734
|
+ if(asn1_expect_rsa(map, &tbs.next, &crt.size, &hashtype2)) /* signature algo - Ex: sha1WithRSAEncryption */
|
735
|
735
|
break;
|
736
|
736
|
|
737
|
737
|
if(hashtype1 != hashtype2) {
|
...
|
...
|
@@ -777,6 +777,7 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
777
|
777
|
const uint8_t *message, *attrs;
|
778
|
778
|
unsigned int dsize, message_size, attrs_size;
|
779
|
779
|
cli_crt_hashtype hashtype;
|
|
780
|
+ unsigned int hashsize;
|
780
|
781
|
cli_crt *x509;
|
781
|
782
|
void *ctx;
|
782
|
783
|
int result;
|
...
|
...
|
@@ -790,70 +791,114 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
790
|
790
|
break;
|
791
|
791
|
}
|
792
|
792
|
|
793
|
|
- if(asn1_expect_objtype(map, message, &size, &asn1, ASN1_TYPE_SEQUENCE)) /* SEQUENCE */
|
|
793
|
+ if(asn1_expect_objtype(map, message, &size, &asn1, ASN1_TYPE_SEQUENCE)){ /* SEQUENCE */
|
|
794
|
+ cli_dbgmsg("asn1_parse_mscat: expected SEQUENCE at top level\n");
|
794
|
795
|
break;
|
|
796
|
+ }
|
|
797
|
+
|
|
798
|
+ // TODO Example where this is the case?
|
795
|
799
|
/* if(size) { */
|
796
|
800
|
/* cli_dbgmsg("asn1_parse_mscat: found extra data after pkcs#7 %u\n", size); */
|
797
|
801
|
/* break; */
|
798
|
802
|
/* } */
|
799
|
803
|
size = asn1.size;
|
800
|
|
- if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_OBJECT_ID, lenof(OID_signedData), OID_signedData)) /* OBJECT 1.2.840.113549.1.7.2 - contentType = signedData */
|
|
804
|
+ if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_OBJECT_ID, lenof(OID_signedData), OID_signedData)){ /* OBJECT 1.2.840.113549.1.7.2 - contentType = signedData */
|
|
805
|
+ cli_dbgmsg("asn1_parse_mscat: expected contentType == signedData\n");
|
801
|
806
|
break;
|
802
|
|
- if(asn1_expect_objtype(map, asn1.content, &size, &asn1, 0xa0)) /* [0] - content */
|
|
807
|
+ }
|
|
808
|
+ if(asn1_expect_objtype(map, asn1.content, &size, &asn1, 0xa0)){ /* [0] - content */
|
|
809
|
+ cli_dbgmsg("asn1_parse_mscat: expected '[0] - content' following signedData contentType\n");
|
803
|
810
|
break;
|
|
811
|
+ }
|
804
|
812
|
if(size) {
|
805
|
813
|
cli_dbgmsg("asn1_parse_mscat: found extra data in pkcs#7\n");
|
806
|
814
|
break;
|
807
|
815
|
}
|
808
|
816
|
size = asn1.size;
|
809
|
|
- if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE)) /* SEQUENCE */
|
|
817
|
+ if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE)){ /* SEQUENCE */
|
|
818
|
+ cli_dbgmsg("asn1_parse_mscat: expected SEQUENCE inside signedData '[0] - content'\n");
|
810
|
819
|
break;
|
|
820
|
+ }
|
811
|
821
|
if(size) {
|
812
|
822
|
cli_dbgmsg("asn1_parse_mscat: found extra data in signedData\n");
|
813
|
823
|
break;
|
814
|
824
|
}
|
815
|
825
|
size = asn1.size;
|
816
|
|
- if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_INTEGER, 1, "\x01")) /* INTEGER - VERSION 1 */
|
|
826
|
+ if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_INTEGER, 1, "\x01")){ /* INTEGER - VERSION 1 */
|
|
827
|
+ cli_dbgmsg("asn1_parse_mscat: expected 'INTEGER - VERSION 1' for signedData version\n");
|
817
|
828
|
break;
|
|
829
|
+ }
|
818
|
830
|
|
819
|
|
- if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SET)) /* SET OF DigestAlgorithmIdentifier */
|
|
831
|
+ if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SET)){ /* SET OF DigestAlgorithmIdentifier */
|
|
832
|
+ cli_dbgmsg("asn1_parse_mscat: expected SET OF DigestAlgorithmIdentifier inside signedData\n");
|
820
|
833
|
break;
|
|
834
|
+ }
|
821
|
835
|
|
822
|
|
- if(asn1_expect_algo(map, &asn1.content, &asn1.size, lenof(OID_sha1), OID_sha1)) /* DigestAlgorithmIdentifier[0] == sha1 */
|
|
836
|
+ if(asn1_expect_algo(map, &asn1.content, &asn1.size, lenof(OID_sha1), OID_sha1)){ /* DigestAlgorithmIdentifier[0] == sha1 */
|
|
837
|
+ cli_dbgmsg("asn1_parse_mscat: DigestAlgorithmIdentifier[0] does not indicate SHA1\n");
|
823
|
838
|
break;
|
|
839
|
+ }
|
824
|
840
|
if(asn1.size) {
|
825
|
841
|
cli_dbgmsg("asn1_parse_mscat: only one digestAlgorithmIdentifier is allowed\n");
|
826
|
842
|
break;
|
827
|
843
|
}
|
828
|
844
|
|
829
|
|
- if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_SEQUENCE)) /* SEQUENCE - contentInfo */
|
|
845
|
+ if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_SEQUENCE)){ /* SEQUENCE - contentInfo */
|
|
846
|
+ cli_dbgmsg("asn1_parse_mscat: expected 'SEQUENCE - contentInfo' inside DigestAlgorithmIdentifier SET\n");
|
830
|
847
|
break;
|
|
848
|
+ }
|
831
|
849
|
/* Here there is either a PKCS #7 ContentType Object Identifier for Certificate Trust List (szOID_CTL)
|
832
|
850
|
* or a single SPC_INDIRECT_DATA_OBJID */
|
833
|
851
|
if(
|
834
|
852
|
(!embedded && asn1_expect_obj(map, &asn1.content, &asn1.size, ASN1_TYPE_OBJECT_ID, lenof(OID_szOID_CTL), OID_szOID_CTL)) ||
|
835
|
853
|
(embedded && asn1_expect_obj(map, &asn1.content, &asn1.size, ASN1_TYPE_OBJECT_ID, lenof(OID_SPC_INDIRECT_DATA_OBJID), OID_SPC_INDIRECT_DATA_OBJID))
|
836
|
|
- )
|
|
854
|
+ ){
|
|
855
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected ContentType for embedded mode %d\n", embedded);
|
837
|
856
|
break;
|
|
857
|
+ }
|
838
|
858
|
|
839
|
|
- if(asn1_expect_objtype(map, asn1.content, &asn1.size, &deep, 0xa0))
|
|
859
|
+ if(asn1_expect_objtype(map, asn1.content, &asn1.size, &deep, 0xa0)){
|
|
860
|
+ cli_dbgmsg("asn1_parse_mscat: expected '[0] - content' following DigestAlgorithmIdentifier contentType\n");
|
840
|
861
|
break;
|
|
862
|
+ }
|
841
|
863
|
if(asn1.size) {
|
842
|
864
|
cli_dbgmsg("asn1_parse_mscat: found extra data in contentInfo\n");
|
843
|
865
|
break;
|
844
|
866
|
}
|
845
|
867
|
dsize = deep.size;
|
846
|
868
|
if(asn1_expect_objtype(map, deep.content, &dsize, &deep, ASN1_TYPE_SEQUENCE))
|
|
869
|
+ {
|
|
870
|
+ cli_dbgmsg("asn1_parse_mscat: expected SEQUENCE in DigestAlgorithmIdentifier '[0] - contentInfo'\n");
|
847
|
871
|
break;
|
|
872
|
+ }
|
848
|
873
|
if(dsize) {
|
849
|
874
|
cli_dbgmsg("asn1_parse_mscat: found extra data in content\n");
|
850
|
875
|
break;
|
851
|
876
|
}
|
|
877
|
+
|
|
878
|
+ /*
|
|
879
|
+ * Hashes should look like: TODO Verify
|
|
880
|
+ * SEQUENCE(2 elem)
|
|
881
|
+ * OBJECT IDENTIFIER 1.3.6.1.4.1.311.2.1.15 spcPEImageData
|
|
882
|
+ * SEQUENCE(2 elem)
|
|
883
|
+ * BIT STRING(0 elem)
|
|
884
|
+ * [0](1 elem)
|
|
885
|
+ * [2](1 elem)
|
|
886
|
+ * [0]
|
|
887
|
+ * SEQUENCE(2 elem)
|
|
888
|
+ * SEQUENCE(2 elem)
|
|
889
|
+ * OBJECT IDENTIFIER 1.3.14.3.2.26 sha1 (OIW)
|
|
890
|
+ * NULL
|
|
891
|
+ * OCTET STRING(20 byte)
|
|
892
|
+ */
|
|
893
|
+
|
852
|
894
|
*hashes = deep.content;
|
853
|
895
|
*hashes_size = deep.size;
|
854
|
896
|
|
855
|
|
- if(asn1_expect_objtype(map, asn1.next, &size, &asn1, 0xa0)) /* certificates */
|
|
897
|
+ if(asn1_expect_objtype(map, asn1.next, &size, &asn1, 0xa0)){ /* certificates */
|
|
898
|
+ cli_dbgmsg("asn1_parse_mscat: expected 0xa0 certificates entry\n");
|
856
|
899
|
break;
|
|
900
|
+ }
|
857
|
901
|
|
858
|
902
|
dsize = asn1.size;
|
859
|
903
|
if(dsize) {
|
...
|
...
|
@@ -867,6 +912,7 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
867
|
867
|
}
|
868
|
868
|
if(dsize) {
|
869
|
869
|
crtmgr_free(&newcerts);
|
|
870
|
+ cli_dbgmsg("asn1_parse_mscat: an error occurred while extracting x509 certificates\n");
|
870
|
871
|
break;
|
871
|
872
|
}
|
872
|
873
|
if(newcerts.crts) {
|
...
|
...
|
@@ -918,8 +964,10 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
918
|
918
|
|
919
|
919
|
x509->codeSign &= parent->codeSign;
|
920
|
920
|
x509->timeSign &= parent->timeSign;
|
921
|
|
- if(crtmgr_add(cmgr, x509))
|
|
921
|
+ if(crtmgr_add(cmgr, x509)) {
|
|
922
|
+ cli_dbgmsg("asn1_parse_mscat: adding x509 cert to crtmgr failed\n");
|
922
|
923
|
break;
|
|
924
|
+ }
|
923
|
925
|
crtmgr_del(&newcerts, x509);
|
924
|
926
|
x509 = newcerts.crts;
|
925
|
927
|
continue;
|
...
|
...
|
@@ -936,10 +984,14 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
936
|
936
|
}
|
937
|
937
|
}
|
938
|
938
|
|
939
|
|
- if(asn1_get_obj(map, asn1.next, &size, &asn1))
|
|
939
|
+ if(asn1_get_obj(map, asn1.next, &size, &asn1)) {
|
|
940
|
+ cli_dbgmsg("asn1_parse_mscat: failed to get next ASN1 section\n");
|
940
|
941
|
break;
|
941
|
|
- if(asn1.type == 0xa1 && asn1_get_obj(map, asn1.next, &size, &asn1)) /* crls - unused shouldn't be present */
|
|
942
|
+ }
|
|
943
|
+ if(asn1.type == 0xa1 && asn1_get_obj(map, asn1.next, &size, &asn1)){ /* crls - unused shouldn't be present */
|
|
944
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected CRL entries were found\n");
|
942
|
945
|
break;
|
|
946
|
+ }
|
943
|
947
|
if(asn1.type != ASN1_TYPE_SET) { /* signerInfos */
|
944
|
948
|
cli_dbgmsg("asn1_parse_mscat: unexpected type %02x for signerInfos\n", asn1.type);
|
945
|
949
|
break;
|
...
|
...
|
@@ -949,37 +1001,85 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
949
|
949
|
break;
|
950
|
950
|
}
|
951
|
951
|
size = asn1.size;
|
952
|
|
- if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE))
|
|
952
|
+ if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE)) {
|
|
953
|
+ cli_dbgmsg("asn1_parse_mscat: expected SEQUENCE in signerInfos");
|
953
|
954
|
break;
|
|
955
|
+ }
|
954
|
956
|
if(size) {
|
955
|
957
|
cli_dbgmsg("asn1_parse_mscat: only one signerInfo shall be present\n");
|
956
|
958
|
break;
|
957
|
959
|
}
|
958
|
960
|
size = asn1.size;
|
959
|
|
- if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_INTEGER, 1, "\x01")) /* Version = 1 */
|
|
961
|
+ if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_INTEGER, 1, "\x01")){ /* Version = 1 */
|
|
962
|
+ cli_dbgmsg("asn1_parse_mscat: expected Version == 1 for signerInfo\n");
|
960
|
963
|
break;
|
961
|
|
- if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE)) /* issuerAndSerialNumber */
|
|
964
|
+ }
|
|
965
|
+ if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE)){ /* issuerAndSerialNumber */
|
|
966
|
+ cli_dbgmsg("asn1_parse_mscat: expected issuerAndSerialNumber SEQUENCE\n");
|
962
|
967
|
break;
|
|
968
|
+ }
|
963
|
969
|
dsize = asn1.size;
|
964
|
|
- if(asn1_expect_objtype(map, asn1.content, &dsize, &deep, ASN1_TYPE_SEQUENCE)) /* issuer */
|
|
970
|
+ if(asn1_expect_objtype(map, asn1.content, &dsize, &deep, ASN1_TYPE_SEQUENCE)){ /* issuer */
|
|
971
|
+ cli_dbgmsg("asn1_parse_mscat: expected issuer SEQUENCE\n");
|
965
|
972
|
break;
|
966
|
|
- if(map_sha1(map, deep.content, deep.size, issuer))
|
|
973
|
+ }
|
|
974
|
+
|
|
975
|
+ /* Make sure the issuer ID is mapped into memory and then compute the
|
|
976
|
+ * SHA1 of it so we can use this value in verification later on. This
|
|
977
|
+ * will be a hash over all the values in the issuer SEQUENCE, which
|
|
978
|
+ * looks something like:
|
|
979
|
+ * SET(1 elem)
|
|
980
|
+ * SEQUENCE(2 elem)
|
|
981
|
+ * OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component)
|
|
982
|
+ * PrintableString
|
|
983
|
+ * SET(1 elem)
|
|
984
|
+ * SEQUENCE(2 elem)
|
|
985
|
+ * OBJECT IDENTIFIER2.5.4.8 stateOrProvinceName (X.520 DN component)
|
|
986
|
+ * PrintableString
|
|
987
|
+ * SET(1 elem)
|
|
988
|
+ * SEQUENCE(2 elem)
|
|
989
|
+ * OBJECT IDENTIFIER2.5.4.7 localityName (X.520 DN component)
|
|
990
|
+ * PrintableString
|
|
991
|
+ * SET(1 elem)
|
|
992
|
+ * SEQUENCE(2 elem)
|
|
993
|
+ * OBJECT IDENTIFIER2.5.4.10 organizationName (X.520 DN component)
|
|
994
|
+ * PrintableString
|
|
995
|
+ * SET(1 elem)
|
|
996
|
+ * SEQUENCE(2 elem)
|
|
997
|
+ * OBJECT IDENTIFIER2.5.4.3commonName(X.520 DN component)
|
|
998
|
+ * PrintableString
|
|
999
|
+ */
|
|
1000
|
+ if(map_sha1(map, deep.content, deep.size, issuer)){
|
|
1001
|
+ cli_dbgmsg("asn1_parse_mscat: error in call to map_sha1 for issuer\n");
|
967
|
1002
|
break;
|
|
1003
|
+ }
|
968
|
1004
|
|
969
|
|
- if(asn1_expect_objtype(map, deep.next, &dsize, &deep, ASN1_TYPE_INTEGER)) /* serial */
|
|
1005
|
+ // TODO Isn't dsize too big here? Should we use dsize - deep.size
|
|
1006
|
+ if(asn1_expect_objtype(map, deep.next, &dsize, &deep, ASN1_TYPE_INTEGER)){ /* serial */
|
|
1007
|
+ cli_dbgmsg("asn1_parse_mscat: expected ASN1_TYPE_INTEGER serial\n");
|
970
|
1008
|
break;
|
971
|
|
- if(map_sha1(map, deep.content, deep.size, serial))
|
|
1009
|
+ }
|
|
1010
|
+
|
|
1011
|
+ /* Make sure the serial INTEGER is mapped into memory and compute the
|
|
1012
|
+ * SHA1 of it so we can use this value in verification later on. */
|
|
1013
|
+ if(map_sha1(map, deep.content, deep.size, serial)){
|
|
1014
|
+ cli_dbgmsg("asn1_parse_mscat: error in call to map_sha1 for serial\n");
|
972
|
1015
|
break;
|
|
1016
|
+ }
|
973
|
1017
|
if(dsize) {
|
974
|
1018
|
cli_dbgmsg("asn1_parse_mscat: extra data inside issuerAndSerialNumber\n");
|
975
|
1019
|
break;
|
976
|
1020
|
}
|
977
|
|
- if(asn1_expect_algo(map, &asn1.next, &size, lenof(OID_sha1), OID_sha1)) /* digestAlgorithm == sha1 */
|
|
1021
|
+ if(asn1_expect_algo(map, &asn1.next, &size, lenof(OID_sha1), OID_sha1)){ /* digestAlgorithm == sha1 */
|
|
1022
|
+ cli_dbgmsg("asn1_parse_mscat: expected digestAlgorithm == sha1\n");
|
978
|
1023
|
break;
|
|
1024
|
+ }
|
979
|
1025
|
|
980
|
1026
|
attrs = asn1.next;
|
981
|
|
- if(asn1_expect_objtype(map, asn1.next, &size, &asn1, 0xa0)) /* authenticatedAttributes */
|
|
1027
|
+ if(asn1_expect_objtype(map, asn1.next, &size, &asn1, 0xa0)){ /* authenticatedAttributes */
|
|
1028
|
+ cli_dbgmsg("asn1_parse_mscat: unable to parse authenticatedAttributes section\n");
|
982
|
1029
|
break;
|
|
1030
|
+ }
|
983
|
1031
|
attrs_size = (uint8_t *)(asn1.next) - attrs;
|
984
|
1032
|
if(attrs_size < 2) {
|
985
|
1033
|
cli_dbgmsg("asn1_parse_mscat: authenticatedAttributes size is too small\n");
|
...
|
...
|
@@ -993,10 +1093,12 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
993
|
993
|
struct cli_asn1 cobj;
|
994
|
994
|
int content;
|
995
|
995
|
if(asn1_expect_objtype(map, deep.next, &dsize, &deep, ASN1_TYPE_SEQUENCE)) { /* attribute */
|
|
996
|
+ cli_dbgmsg("asn1_parse_mscat: expected attribute SEQUENCE\n");
|
996
|
997
|
dsize = 1;
|
997
|
998
|
break;
|
998
|
999
|
}
|
999
|
1000
|
if(asn1_expect_objtype(map, deep.content, &deep.size, &deeper, ASN1_TYPE_OBJECT_ID)) { /* attribute type */
|
|
1001
|
+ cli_dbgmsg("asn1_parse_mscat: expected attribute type inside attribute SEQUENCE\n");
|
1000
|
1002
|
dsize = 1;
|
1001
|
1003
|
break;
|
1002
|
1004
|
}
|
...
|
...
|
@@ -1014,6 +1116,7 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1014
|
1014
|
else
|
1015
|
1015
|
continue;
|
1016
|
1016
|
if(asn1_expect_objtype(map, deeper.next, &deep.size, &deeper, ASN1_TYPE_SET)) { /* set - contents */
|
|
1017
|
+ cli_dbgmsg("asn1_parse_mscat: expected 'set - contents' for authenticated attribute\n");
|
1017
|
1018
|
dsize = 1;
|
1018
|
1019
|
break;
|
1019
|
1020
|
}
|
...
|
...
|
@@ -1034,12 +1137,14 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1034
|
1034
|
(!embedded && asn1_expect_obj(map, &deeper.content, &deeper.size, ASN1_TYPE_OBJECT_ID, lenof(OID_szOID_CTL), OID_szOID_CTL)) || /* cat file */
|
1035
|
1035
|
(embedded && asn1_expect_obj(map, &deeper.content, &deeper.size, ASN1_TYPE_OBJECT_ID, lenof(OID_SPC_INDIRECT_DATA_OBJID), OID_SPC_INDIRECT_DATA_OBJID)) /* embedded cat */
|
1036
|
1036
|
) {
|
|
1037
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected ContentType for embedded mode %d (for authenticated attribute)\n", embedded);
|
1037
|
1038
|
dsize = 1;
|
1038
|
1039
|
break;
|
1039
|
1040
|
}
|
1040
|
1041
|
result |= 1;
|
1041
|
1042
|
} else { /* messageDigest */
|
1042
|
1043
|
if(asn1_expect_objtype(map, deeper.content, &deeper.size, &cobj, ASN1_TYPE_OCTET_STRING)) {
|
|
1044
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected messageDigest value\n");
|
1043
|
1045
|
dsize = 1;
|
1044
|
1046
|
break;
|
1045
|
1047
|
}
|
...
|
...
|
@@ -1069,17 +1174,26 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1069
|
1069
|
break;
|
1070
|
1070
|
}
|
1071
|
1071
|
|
1072
|
|
- if(asn1_expect_algo(map, &asn1.next, &size, lenof(OID_rsaEncryption), OID_rsaEncryption)) /* digestEncryptionAlgorithm == sha1 */
|
|
1072
|
+ if(asn1_expect_algo(map, &asn1.next, &size, lenof(OID_rsaEncryption), OID_rsaEncryption)) { /* digestEncryptionAlgorithm == rsa */
|
|
1073
|
+ cli_dbgmsg("asn1_parse_mscat: digestEncryptionAlgorithms other than RSA are not yet supported\n");
|
1073
|
1074
|
break;
|
|
1075
|
+ }
|
1074
|
1076
|
|
1075
|
|
- if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_OCTET_STRING)) /* encryptedDigest */
|
|
1077
|
+ if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_OCTET_STRING)) { /* encryptedDigest */
|
|
1078
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected encryptedDigest value\n");
|
1076
|
1079
|
break;
|
|
1080
|
+ }
|
|
1081
|
+
|
|
1082
|
+ // TODO Is this much space needed? why not just 256
|
1077
|
1083
|
if(asn1.size > 513) {
|
1078
|
1084
|
cli_dbgmsg("asn1_parse_mscat: encryptedDigest too long\n");
|
1079
|
1085
|
break;
|
1080
|
1086
|
}
|
1081
|
|
- if(map_sha1(map, *hashes, *hashes_size, sha1))
|
|
1087
|
+
|
|
1088
|
+ if(map_sha1(map, *hashes, *hashes_size, sha1)) {
|
|
1089
|
+ cli_dbgmsg("asn1_parse_mscat: error in call to map_sha1 for extracting the message digest\n");
|
1082
|
1090
|
break;
|
|
1091
|
+ }
|
1083
|
1092
|
if(memcmp(sha1, md, sizeof(sha1))) {
|
1084
|
1093
|
cli_dbgmsg("asn1_parse_mscat: messageDigest mismatch\n");
|
1085
|
1094
|
break;
|
...
|
...
|
@@ -1102,6 +1216,8 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1102
|
1102
|
cli_dbgmsg("asn1_parse_mscat: failed to read encryptedDigest\n");
|
1103
|
1103
|
break;
|
1104
|
1104
|
}
|
|
1105
|
+
|
|
1106
|
+ // Verify the authenticatedAttributes
|
1105
|
1107
|
if(!(x509 = crtmgr_verify_pkcs7(cmgr, issuer, serial, asn1.content, asn1.size, CLI_SHA1RSA, sha1, VRFY_CODE))) {
|
1106
|
1108
|
cli_dbgmsg("asn1_parse_mscat: pkcs7 signature verification failed\n");
|
1107
|
1109
|
break;
|
...
|
...
|
@@ -1114,8 +1230,10 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1114
|
1114
|
break;
|
1115
|
1115
|
}
|
1116
|
1116
|
|
1117
|
|
- if(size && asn1_expect_objtype(map, asn1.next, &size, &asn1, 0xa1)) /* unauthenticatedAttributes */
|
|
1117
|
+ if(size && asn1_expect_objtype(map, asn1.next, &size, &asn1, 0xa1)) { /* unauthenticatedAttributes */
|
|
1118
|
+ cli_dbgmsg("asn1_parse_mscat: unable to find unauthenticatedAttributes section\n");
|
1118
|
1119
|
break;
|
|
1120
|
+ }
|
1119
|
1121
|
|
1120
|
1122
|
if(size) {
|
1121
|
1123
|
cli_dbgmsg("asn1_parse_mscat: extra data inside signerInfo\n");
|
...
|
...
|
@@ -1123,8 +1241,10 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1123
|
1123
|
}
|
1124
|
1124
|
|
1125
|
1125
|
size = asn1.size;
|
1126
|
|
- if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE))
|
|
1126
|
+ if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE)) {
|
|
1127
|
+ cli_dbgmsg("asn1_parse_mscat: expected SEQUENCE in unauthenticated data section\n");
|
1127
|
1128
|
break;
|
|
1129
|
+ }
|
1128
|
1130
|
if(size) {
|
1129
|
1131
|
cli_dbgmsg("asn1_parse_mscat: extra data inside unauthenticatedAttributes\n");
|
1130
|
1132
|
break;
|
...
|
...
|
@@ -1132,51 +1252,80 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1132
|
1132
|
|
1133
|
1133
|
size = asn1.size;
|
1134
|
1134
|
/* 1.2.840.113549.1.9.6 - counterSignature */
|
1135
|
|
- if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_OBJECT_ID, lenof(OID_countersignature), OID_countersignature))
|
|
1135
|
+ if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_OBJECT_ID, lenof(OID_countersignature), OID_countersignature)) {
|
|
1136
|
+ cli_dbgmsg("asn1_parse_mscat: expected countersignature OID in the first unauthenticatedAttributes SEQUENCE\n");
|
1136
|
1137
|
break;
|
1137
|
|
- if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SET))
|
|
1138
|
+ }
|
|
1139
|
+ if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SET)) {
|
|
1140
|
+ cli_dbgmsg("asn1_parse_mscat: expected SET following counterSignature OID\n");
|
1138
|
1141
|
break;
|
|
1142
|
+ }
|
1139
|
1143
|
if(size) {
|
1140
|
|
- cli_dbgmsg("asn1_parse_mscat: extra data inside counterSignature\n");
|
|
1144
|
+ cli_dbgmsg("asn1_parse_mscat: extra data inside counterSignature SEQUENCE\n");
|
1141
|
1145
|
break;
|
1142
|
1146
|
}
|
1143
|
1147
|
|
1144
|
1148
|
size = asn1.size;
|
1145
|
|
- if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE))
|
|
1149
|
+ if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE)) {
|
|
1150
|
+ cli_dbgmsg("asn1_parse_mscat: expected SEQUENCE inside counterSignature SET\n");
|
1146
|
1151
|
break;
|
|
1152
|
+ }
|
1147
|
1153
|
if(size) {
|
1148
|
|
- cli_dbgmsg("asn1_parse_mscat: extra data inside unauthenticatedAttributes\n");
|
|
1154
|
+ cli_dbgmsg("asn1_parse_mscat: extra data inside counterSignature SET\n");
|
1149
|
1155
|
break;
|
1150
|
1156
|
}
|
1151
|
1157
|
|
1152
|
1158
|
size = asn1.size;
|
1153
|
|
- if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_INTEGER, 1, "\x01")) /* Version = 1*/
|
|
1159
|
+ if(asn1_expect_obj(map, &asn1.content, &size, ASN1_TYPE_INTEGER, 1, "\x01")) { /* Version = 1*/
|
|
1160
|
+ cli_dbgmsg("asn1_parse_mscat: expected counterSignature version to be 1\n");
|
1154
|
1161
|
break;
|
|
1162
|
+ }
|
1155
|
1163
|
|
1156
|
|
- if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE)) /* issuerAndSerialNumber */
|
|
1164
|
+ if(asn1_expect_objtype(map, asn1.content, &size, &asn1, ASN1_TYPE_SEQUENCE)) { /* issuerAndSerialNumber */
|
|
1165
|
+ cli_dbgmsg("asn1_parse_mscat: unable to parse issuerAndSerialNumber SEQUENCE in counterSignature\n");
|
1157
|
1166
|
break;
|
|
1167
|
+ }
|
1158
|
1168
|
|
1159
|
|
- if(asn1_expect_objtype(map, asn1.content, &asn1.size, &deep, ASN1_TYPE_SEQUENCE)) /* issuer */
|
|
1169
|
+ if(asn1_expect_objtype(map, asn1.content, &asn1.size, &deep, ASN1_TYPE_SEQUENCE)) { /* issuer */
|
|
1170
|
+ cli_dbgmsg("asn1_parse_mscat: unable to parse issuer SEQUENCE in counterSignature\n");
|
1160
|
1171
|
break;
|
1161
|
|
- if(map_sha1(map, deep.content, deep.size, issuer))
|
|
1172
|
+ }
|
|
1173
|
+ // Compute the hash of the issuer section
|
|
1174
|
+ if(map_sha1(map, deep.content, deep.size, issuer)) {
|
|
1175
|
+ cli_dbgmsg("asn1_parse_mscat: error in call to map_sha1 for counterSignature issuer\n");
|
1162
|
1176
|
break;
|
|
1177
|
+ }
|
1163
|
1178
|
|
1164
|
|
- if(asn1_expect_objtype(map, deep.next, &asn1.size, &deep, ASN1_TYPE_INTEGER)) /* serial */
|
|
1179
|
+ // TODO This seems like a bug, but it might have no effect. asn1.size
|
|
1180
|
+ // is too big, asn1.content points to the issuer sequence and not the
|
|
1181
|
+ // integer object. Should we use asn1.size - deep.size
|
|
1182
|
+ if(asn1_expect_objtype(map, deep.next, &asn1.size, &deep, ASN1_TYPE_INTEGER)) { /* serial */
|
|
1183
|
+ cli_dbgmsg("asn1_parse_mscat: expected ASN1_TYPE_INTEGER serial for counterSignature\n");
|
1165
|
1184
|
break;
|
1166
|
|
- if(map_sha1(map, deep.content, deep.size, serial))
|
|
1185
|
+ }
|
|
1186
|
+
|
|
1187
|
+ // Compute the hash of the serial INTEGER
|
|
1188
|
+ if(map_sha1(map, deep.content, deep.size, serial)) {
|
|
1189
|
+ cli_dbgmsg("asn1_parse_mscat: error in call to map_sha1 for counterSignature serial\n");
|
1167
|
1190
|
break;
|
|
1191
|
+ }
|
1168
|
1192
|
|
1169
|
1193
|
if(asn1.size) {
|
1170
|
|
- cli_dbgmsg("asn1_parse_mscat: extra data inside countersignature issuer\n");
|
|
1194
|
+ cli_dbgmsg("asn1_parse_mscat: extra data inside counterSignature issuer\n");
|
1171
|
1195
|
break;
|
1172
|
1196
|
}
|
1173
|
1197
|
|
1174
|
|
- if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_SEQUENCE)) /* digestAlgorithm */
|
|
1198
|
+ // TODO This is the way to replace asn1_expect_algo above
|
|
1199
|
+ if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_SEQUENCE)) { /* digestAlgorithm */
|
|
1200
|
+ cli_dbgmsg("asn1_parse_mscat: expected SEQUENCE to start digestAlgorithm counterSignature section\n");
|
1175
|
1201
|
break;
|
1176
|
|
- if(asn1_expect_objtype(map, asn1.content, &asn1.size, &deep, ASN1_TYPE_OBJECT_ID))
|
|
1202
|
+ }
|
|
1203
|
+ if(asn1_expect_objtype(map, asn1.content, &asn1.size, &deep, ASN1_TYPE_OBJECT_ID)) {
|
|
1204
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected value when parsing counterSignature\n");
|
1177
|
1205
|
break;
|
|
1206
|
+ }
|
1178
|
1207
|
if(deep.size != lenof(OID_sha1) && deep.size != lenof(OID_md5)) {
|
1179
|
|
- cli_dbgmsg("asn1_parse_mscat: wrong digestAlgorithm size\n");
|
|
1208
|
+ cli_dbgmsg("asn1_parse_mscat: wrong digestAlgorithm size in counterSignature\n");
|
1180
|
1209
|
break;
|
1181
|
1210
|
}
|
1182
|
1211
|
if(!fmap_need_ptr_once(map, deep.content, deep.size)) {
|
...
|
...
|
@@ -1185,29 +1334,39 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1185
|
1185
|
}
|
1186
|
1186
|
if(deep.size == lenof(OID_sha1) && !memcmp(deep.content, OID_sha1, lenof(OID_sha1))) {
|
1187
|
1187
|
hashtype = CLI_SHA1RSA;
|
1188
|
|
- if(map_sha1(map, message, message_size, md))
|
|
1188
|
+ hashsize = SHA1_HASH_SIZE;
|
|
1189
|
+ if(map_sha1(map, message, message_size, md)) {
|
|
1190
|
+ cli_dbgmsg("asn1_parse_mscat: map_sha1 for counterSignature verification failed\n");
|
1189
|
1191
|
break;
|
|
1192
|
+ }
|
1190
|
1193
|
} else if(deep.size == lenof(OID_md5) && !memcmp(deep.content, OID_md5, lenof(OID_md5))) {
|
1191
|
1194
|
hashtype = CLI_MD5RSA;
|
1192
|
|
- if(map_md5(map, message, message_size, md))
|
|
1195
|
+ hashsize = MD5_HASH_SIZE;
|
|
1196
|
+ if(map_md5(map, message, message_size, md)) {
|
|
1197
|
+ cli_dbgmsg("asn1_parse_mscat: map_md5 for counterSignature verification failed\n");
|
1193
|
1198
|
break;
|
|
1199
|
+ }
|
1194
|
1200
|
} else {
|
1195
|
|
- cli_dbgmsg("asn1_parse_mscat: unknown digest oid in countersignature\n");
|
|
1201
|
+ cli_dbgmsg("asn1_parse_mscat: unknown digest OID in counterSignature\n");
|
1196
|
1202
|
break;
|
1197
|
1203
|
}
|
1198
|
|
- if(asn1.size && asn1_expect_obj(map, &deep.next, &asn1.size, ASN1_TYPE_NULL, 0, NULL))
|
|
1204
|
+ if(asn1.size && asn1_expect_obj(map, &deep.next, &asn1.size, ASN1_TYPE_NULL, 0, NULL)) {
|
|
1205
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected value after counterSignature digestAlgorithm\n");
|
1199
|
1206
|
break;
|
|
1207
|
+ }
|
1200
|
1208
|
if(asn1.size) {
|
1201
|
|
- cli_dbgmsg("asn1_parse_mscat: extra data in countersignature oid\n");
|
|
1209
|
+ cli_dbgmsg("asn1_parse_mscat: extra data in counterSignature OID\n");
|
1202
|
1210
|
break;
|
1203
|
1211
|
}
|
1204
|
1212
|
|
1205
|
1213
|
attrs = asn1.next;
|
1206
|
|
- if(asn1_expect_objtype(map, asn1.next, &size, &asn1, 0xa0)) /* authenticatedAttributes */
|
|
1214
|
+ if(asn1_expect_objtype(map, asn1.next, &size, &asn1, 0xa0)) { /* authenticatedAttributes */
|
|
1215
|
+ cli_dbgmsg("asn1_parse_mscat: unable to parse counterSignature authenticatedAttributes section\n");
|
1207
|
1216
|
break;
|
|
1217
|
+ }
|
1208
|
1218
|
attrs_size = (uint8_t *)(asn1.next) - attrs;
|
1209
|
1219
|
if(attrs_size < 2) {
|
1210
|
|
- cli_dbgmsg("asn1_parse_mscat: countersignature authenticatedAttributes are too small\n");
|
|
1220
|
+ cli_dbgmsg("asn1_parse_mscat: counterSignature authenticatedAttributes are too small\n");
|
1211
|
1221
|
break;
|
1212
|
1222
|
}
|
1213
|
1223
|
result = 0;
|
...
|
...
|
@@ -1216,10 +1375,12 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1216
|
1216
|
while(dsize) {
|
1217
|
1217
|
int content;
|
1218
|
1218
|
if(asn1_expect_objtype(map, deep.next, &dsize, &deep, ASN1_TYPE_SEQUENCE)) { /* attribute */
|
|
1219
|
+ cli_dbgmsg("asn1_parse_mscat: expected counterSignature attribute SEQUENCE\n");
|
1219
|
1220
|
dsize = 1;
|
1220
|
1221
|
break;
|
1221
|
1222
|
}
|
1222
|
1223
|
if(asn1_expect_objtype(map, deep.content, &deep.size, &deeper, ASN1_TYPE_OBJECT_ID)) { /* attribute type */
|
|
1224
|
+ cli_dbgmsg("asn1_parse_mscat: expected attribute type inside counterSignature attribute SEQUENCE\n");
|
1223
|
1225
|
dsize = 1;
|
1224
|
1226
|
break;
|
1225
|
1227
|
}
|
...
|
...
|
@@ -1227,6 +1388,7 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1227
|
1227
|
continue;
|
1228
|
1228
|
|
1229
|
1229
|
if(!fmap_need_ptr_once(map, deeper.content, lenof(OID_contentType))) {
|
|
1230
|
+ cli_dbgmsg("asn1_parse_mscat: failed to read counterSignature authenticated attribute\n");
|
1230
|
1231
|
dsize = 1;
|
1231
|
1232
|
break;
|
1232
|
1233
|
}
|
...
|
...
|
@@ -1244,7 +1406,8 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1244
|
1244
|
break;
|
1245
|
1245
|
}
|
1246
|
1246
|
result |= (1<<content);
|
1247
|
|
- if(asn1_expect_objtype(map, deeper.next, &deep.size, &deeper, ASN1_TYPE_SET)) { /* attribute type */
|
|
1247
|
+ if(asn1_expect_objtype(map, deeper.next, &deep.size, &deeper, ASN1_TYPE_SET)) { /* set - contents */
|
|
1248
|
+ cli_dbgmsg("asn1_parse_mscat: failed to read counterSignature authenticated attribute\n");
|
1248
|
1249
|
dsize = 1;
|
1249
|
1250
|
break;
|
1250
|
1251
|
}
|
...
|
...
|
@@ -1262,7 +1425,7 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1262
|
1262
|
cli_dbgmsg("asn1_parse_mscat: extra data in countersignature content-type\n");
|
1263
|
1263
|
break;
|
1264
|
1264
|
case 1: /* messageDigest */
|
1265
|
|
- if(asn1_expect_obj(map, &deeper.content, &deep.size, ASN1_TYPE_OCTET_STRING, (hashtype == CLI_SHA1RSA) ? SHA1_HASH_SIZE : 16, md)) {
|
|
1265
|
+ if(asn1_expect_obj(map, &deeper.content, &deep.size, ASN1_TYPE_OCTET_STRING, hashsize, md)) {
|
1266
|
1266
|
deep.size = 1;
|
1267
|
1267
|
cli_dbgmsg("asn1_parse_mscat: countersignature hash mismatch\n");
|
1268
|
1268
|
} else if(deep.size)
|
...
|
...
|
@@ -1294,10 +1457,14 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1294
|
1294
|
break;
|
1295
|
1295
|
}
|
1296
|
1296
|
|
1297
|
|
- if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_SEQUENCE)) /* digestEncryptionAlgorithm == sha1 */
|
|
1297
|
+ if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_SEQUENCE)) { /* digestEncryptionAlgorithm == sha1 */
|
|
1298
|
+ cli_dbgmsg("asn1_parse_mscat: expected to parse SEQUENCE after counterSignature attributes\n");
|
1298
|
1299
|
break;
|
1299
|
|
- if(asn1_expect_objtype(map, asn1.content, &asn1.size, &deep, ASN1_TYPE_OBJECT_ID)) /* digestEncryptionAlgorithm == sha1 */
|
|
1300
|
+ }
|
|
1301
|
+ if(asn1_expect_objtype(map, asn1.content, &asn1.size, &deep, ASN1_TYPE_OBJECT_ID)) {/* digestEncryptionAlgorithm == sha1 */
|
|
1302
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected value when parsing counterSignature digestEncryptionAlgorithm\n");
|
1300
|
1303
|
break;
|
|
1304
|
+ }
|
1301
|
1305
|
if(deep.size != lenof(OID_rsaEncryption)) { /* lenof(OID_rsaEncryption) = lenof(OID_sha1WithRSAEncryption) = 9 */
|
1302
|
1306
|
cli_dbgmsg("asn1_parse_mscat: wrong digestEncryptionAlgorithm size in countersignature\n");
|
1303
|
1307
|
break;
|
...
|
...
|
@@ -1311,15 +1478,19 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1311
|
1311
|
cli_dbgmsg("asn1_parse_mscat: digestEncryptionAlgorithm in countersignature is not sha1\n");
|
1312
|
1312
|
break;
|
1313
|
1313
|
}
|
1314
|
|
- if(asn1.size && asn1_expect_obj(map, &deep.next, &asn1.size, ASN1_TYPE_NULL, 0, NULL))
|
|
1314
|
+ if(asn1.size && asn1_expect_obj(map, &deep.next, &asn1.size, ASN1_TYPE_NULL, 0, NULL)) {
|
|
1315
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected value after counterSignature digestEncryptionAlgorithm\n");
|
1315
|
1316
|
break;
|
|
1317
|
+ }
|
1316
|
1318
|
if(asn1.size) {
|
1317
|
1319
|
cli_dbgmsg("asn1_parse_mscat: extra data in digestEncryptionAlgorithm in countersignature\n");
|
1318
|
1320
|
break;
|
1319
|
1321
|
}
|
1320
|
1322
|
|
1321
|
|
- if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_OCTET_STRING)) /* encryptedDigest */
|
|
1323
|
+ if(asn1_expect_objtype(map, asn1.next, &size, &asn1, ASN1_TYPE_OCTET_STRING)) { /* encryptedDigest */
|
|
1324
|
+ cli_dbgmsg("asn1_parse_mscat: unexpected encryptedDigest value in counterSignature\n");
|
1322
|
1325
|
break;
|
|
1326
|
+ }
|
1323
|
1327
|
if(asn1.size > 513) {
|
1324
|
1328
|
cli_dbgmsg("asn1_parse_mscat: countersignature encryptedDigest too long\n");
|
1325
|
1329
|
break;
|
...
|
...
|
@@ -1335,22 +1506,17 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1335
|
1335
|
|
1336
|
1336
|
if(hashtype == CLI_SHA1RSA) {
|
1337
|
1337
|
ctx = cl_hash_init("sha1");
|
1338
|
|
- if (!(ctx))
|
1339
|
|
- break;
|
1340
|
|
-
|
1341
|
|
- cl_update_hash(ctx, "\x31", 1);
|
1342
|
|
- cl_update_hash(ctx, (void *)(attrs + 1), attrs_size - 1);
|
1343
|
|
- cl_finish_hash(ctx, sha1);
|
1344
|
|
- } else {
|
|
1338
|
+ } else if (hashtype == CLI_MD5RSA) {
|
1345
|
1339
|
ctx = cl_hash_init("md5");
|
1346
|
|
- if (!(ctx))
|
1347
|
|
- break;
|
1348
|
|
-
|
1349
|
|
- cl_update_hash(ctx, "\x31", 1);
|
1350
|
|
- cl_update_hash(ctx, (void *)(attrs + 1), attrs_size - 1);
|
1351
|
|
- cl_finish_hash(ctx, sha1);
|
1352
|
1340
|
}
|
1353
|
1341
|
|
|
1342
|
+ if (!(ctx))
|
|
1343
|
+ break;
|
|
1344
|
+
|
|
1345
|
+ cl_update_hash(ctx, "\x31", 1);
|
|
1346
|
+ cl_update_hash(ctx, (void *)(attrs + 1), attrs_size - 1);
|
|
1347
|
+ cl_finish_hash(ctx, sha1);
|
|
1348
|
+
|
1354
|
1349
|
if(!fmap_need_ptr_once(map, asn1.content, asn1.size)) {
|
1355
|
1350
|
cli_dbgmsg("asn1_parse_mscat: failed to read countersignature encryptedDigest\n");
|
1356
|
1351
|
break;
|
...
|
...
|
@@ -1361,6 +1527,7 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg
|
1361
|
1361
|
}
|
1362
|
1362
|
|
1363
|
1363
|
cli_dbgmsg("asn1_parse_mscat: catalog successfully parsed\n");
|
|
1364
|
+
|
1364
|
1365
|
if (isBlacklisted) {
|
1365
|
1366
|
return 1;
|
1366
|
1367
|
}
|