VirtualBox

source: vbox/trunk/src/VBox/Main/include/ApplianceImplPrivate.h@ 90441

Last change on this file since 90441 was 84340, checked in by vboxsync, 5 years ago

Main/Appliance: Implemented verifying PKCS#7/CMS signing certificates. Needs proper testing, though. bugref:9699

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 18.8 KB
Line 
1/* $Id: ApplianceImplPrivate.h 84340 2020-05-18 17:37:30Z vboxsync $ */
2/** @file
3 * VirtualBox Appliance private data definitions
4 */
5
6/*
7 * Copyright (C) 2006-2020 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18#ifndef MAIN_INCLUDED_ApplianceImplPrivate_h
19#define MAIN_INCLUDED_ApplianceImplPrivate_h
20#ifndef RT_WITHOUT_PRAGMA_ONCE
21# pragma once
22#endif
23
24
25class VirtualSystemDescription;
26
27#include "ovfreader.h"
28#include "SecretKeyStore.h"
29#include "ThreadTask.h"
30#include "CertificateImpl.h"
31#include <map>
32#include <vector>
33#include <iprt/manifest.h>
34#include <iprt/vfs.h>
35#include <iprt/crypto/x509.h>
36#include <iprt/crypto/pkcs7.h>
37
38////////////////////////////////////////////////////////////////////////////////
39//
40// Appliance data definition
41//
42////////////////////////////////////////////////////////////////////////////////
43
44namespace settings
45{
46 struct AttachedDevice;
47}
48
49typedef std::pair<Utf8Str, Utf8Str> STRPAIR;
50
51typedef std::vector<com::Guid> GUIDVEC;
52
53/* Describe a location for the import/export. The location could be a file on a
54 * local hard disk or a remote target based on the supported inet protocols. */
55struct LocationInfo
56{
57 LocationInfo()
58 : storageType(VFSType_File) {}
59 VFSType_T storageType; /* Which type of storage should be handled */
60 Utf8Str strProvider; /* cloud provider name in case of export/import to Cloud */
61 Utf8Str strPath; /* File path for the import/export */
62 Utf8Str strHostname; /* Hostname on remote storage locations (could be empty) */
63 Utf8Str strUsername; /* Username on remote storage locations (could be empty) */
64 Utf8Str strPassword; /* Password on remote storage locations (could be empty) */
65};
66
67/**
68 * opaque private instance data of Appliance class
69 */
70struct Appliance::Data
71{
72 enum digest_T {SHA1, SHA256};
73
74 Data()
75 : state(Appliance::ApplianceIdle)
76 , fDigestTypes(0)
77 , hOurManifest(NIL_RTMANIFEST)
78 , fManifest(true)
79 , fDeterminedDigestTypes(false)
80 , hTheirManifest(NIL_RTMANIFEST)
81 , hMemFileTheirManifest(NIL_RTVFSFILE)
82 , fSignerCertLoaded(false)
83 , fCertificateIsSelfSigned(false)
84 , fSignatureValid(false)
85 , fCertificateValid(false)
86 , fCertificateMissingPath(true)
87 , fCertificateValidTime(false)
88 , pbSignedDigest(NULL)
89 , cbSignedDigest(0)
90 , enmSignedDigestType(RTDIGESTTYPE_INVALID)
91 , fContentInfoLoaded(false)
92 , fContentInfoOkay(false)
93 , fContentInfoSameCert(false)
94 , fContentInfoValidSignature(false)
95 , fExportISOImages(false)
96 , pReader(NULL)
97 , ulWeightForXmlOperation(0)
98 , ulWeightForManifestOperation(0)
99 , ulTotalDisksMB(0)
100 , cDisks(0)
101 , m_cPwProvided(0)
102 {
103 RT_ZERO(SignerCert);
104 RT_ZERO(ContentInfo);
105 }
106
107 ~Data()
108 {
109 if (pReader)
110 {
111 delete pReader;
112 pReader = NULL;
113 }
114 resetReadData();
115 }
116
117 /**
118 * Resets data used by read.
119 */
120 void resetReadData(void)
121 {
122 strOvfManifestEntry.setNull();
123 if (hOurManifest != NIL_RTMANIFEST)
124 {
125 RTManifestRelease(hOurManifest);
126 hOurManifest = NIL_RTMANIFEST;
127 }
128 if (hTheirManifest != NIL_RTMANIFEST)
129 {
130 RTManifestRelease(hTheirManifest);
131 hTheirManifest = NIL_RTMANIFEST;
132 }
133 if (hMemFileTheirManifest)
134 {
135 RTVfsFileRelease(hMemFileTheirManifest);
136 hMemFileTheirManifest = NIL_RTVFSFILE;
137 }
138 if (pbSignedDigest)
139 {
140 RTMemFree(pbSignedDigest);
141 pbSignedDigest = NULL;
142 cbSignedDigest = 0;
143 }
144 if (fSignerCertLoaded)
145 {
146 RTCrX509Certificate_Delete(&SignerCert);
147 fSignerCertLoaded = false;
148 }
149 RT_ZERO(SignerCert);
150 enmSignedDigestType = RTDIGESTTYPE_INVALID;
151 fCertificateIsSelfSigned = false;
152 fSignatureValid = false;
153 fCertificateValid = false;
154 fCertificateMissingPath = true;
155 fCertificateValidTime = false;
156 fDeterminedDigestTypes = false;
157 fDigestTypes = RTMANIFEST_ATTR_SHA1 | RTMANIFEST_ATTR_SHA256 | RTMANIFEST_ATTR_SHA512;
158 ptrCertificateInfo.setNull();
159 strCertError.setNull();
160 if (fContentInfoLoaded)
161 {
162 RTCrPkcs7ContentInfo_Delete(&ContentInfo);
163 fContentInfoLoaded = false;
164 }
165 RT_ZERO(ContentInfo);
166 }
167
168 Appliance::ApplianceState state;
169
170 LocationInfo locInfo; // location info for the currently processed OVF
171 /** The digests types to calculate (RTMANIFEST_ATTR_XXX) for the manifest.
172 * This will be a single value when exporting. Zero, one or two. */
173 uint32_t fDigestTypes;
174 /** Manifest created while importing or exporting. */
175 RTMANIFEST hOurManifest;
176
177 /** @name Write data
178 * @{ */
179 bool fManifest; // Create a manifest file on export
180 /** @} */
181
182 /** @name Read data
183 * @{ */
184 /** The manifest entry name of the OVF-file. */
185 Utf8Str strOvfManifestEntry;
186
187 /** Set if we've parsed the manifest and determined the digest types. */
188 bool fDeterminedDigestTypes;
189
190 /** Manifest read in during read() and kept around for later verification. */
191 RTMANIFEST hTheirManifest;
192 /** Memorized copy of the manifest file for signature checking purposes. */
193 RTVFSFILE hMemFileTheirManifest;
194
195 /** The signer certificate from the signature file (.cert).
196 * This will be used in the future provide information about the signer via
197 * the API. */
198 RTCRX509CERTIFICATE SignerCert;
199 /** Set if the SignerCert member contains usable data. */
200 bool fSignerCertLoaded;
201 /** Cached RTCrX509Validity_IsValidAtTimeSpec result set by read(). */
202 bool fCertificateIsSelfSigned;
203 /** Set by read() if pbSignedDigest verified correctly against SignerCert. */
204 bool fSignatureValid;
205 /** Set by read() when the SignerCert checked out fine. */
206 bool fCertificateValid;
207 /** Set by read() when the SignerCert certificate path couldn't be built. */
208 bool fCertificateMissingPath;
209 /** Set by read() when the SignerCert (+path) is valid in the temporal sense. */
210 bool fCertificateValidTime;
211 /** For keeping certificate error messages we delay from read() to import(). */
212 Utf8Str strCertError;
213 /** The signed digest of the manifest. */
214 uint8_t *pbSignedDigest;
215 /** The size of the signed digest. */
216 size_t cbSignedDigest;
217 /** The digest type used to sign the manifest. */
218 RTDIGESTTYPE enmSignedDigestType;
219 /** The certificate info object. This is NULL if no signature and
220 * successfully loaded certificate. */
221 ComObjPtr<Certificate> ptrCertificateInfo;
222
223 /** The PKCS\#7/CMS signed data signing manifest, optional VBox extension.
224 * This contains at least one signature using the same certificate as above
225 * (SignerCert), but should preferrably use a different digest. The PKCS\#7/CMS
226 * format is a lot more versatile, allow multiple signatures using different
227 * digests and certificates, optionally with counter signed timestamps.
228 * Additional intermediate certificates can also be shipped, helping to bridge
229 * the gap to a trusted root certificate installed on the recieving system. */
230 RTCRPKCS7CONTENTINFO ContentInfo;
231 /** Set if the ContentInfo member contains usable data. */
232 bool fContentInfoLoaded;
233 /** Set by read() if the ContentInfo member checked out okay (says nothing about
234 * the signature or certificates within it). */
235 bool fContentInfoOkay;
236 /** Set by read() if the ContentInfo member is using the SignerCert too. */
237 bool fContentInfoSameCert;
238 /** Set by read() if the ContentInfo member contains valid signatures (not
239 * saying anything about valid signing certificates). */
240 bool fContentInfoValidSignature;
241 /** Set by read() if we've already verified the signed data signature(s). */
242 bool fContentInfoDoneVerification;
243
244 bool fContentInfoVerifiedOkay;
245 /** @} */
246
247 bool fExportISOImages;// when 1 the ISO images are exported
248
249 RTCList<ImportOptions_T> optListImport;
250 RTCList<ExportOptions_T> optListExport;
251
252 ovf::OVFReader *pReader;
253
254 std::list< ComObjPtr<VirtualSystemDescription> >
255 virtualSystemDescriptions;
256
257 std::list<Utf8Str> llWarnings;
258
259 ULONG ulWeightForXmlOperation;
260 ULONG ulWeightForManifestOperation;
261 ULONG ulTotalDisksMB;
262 ULONG cDisks;
263
264 std::list<Guid> llGuidsMachinesCreated;
265
266 /** Sequence of password identifiers to encrypt disk images during export. */
267 std::vector<com::Utf8Str> m_vecPasswordIdentifiers;
268 /** Map to get all medium identifiers assoicated with a given password identifier. */
269 std::map<com::Utf8Str, GUIDVEC> m_mapPwIdToMediumIds;
270 /** Secret key store used to hold the passwords during export. */
271 SecretKeyStore *m_pSecretKeyStore;
272 /** Number of passwords provided. */
273 uint32_t m_cPwProvided;
274};
275
276struct Appliance::XMLStack
277{
278 std::map<Utf8Str, const VirtualSystemDescriptionEntry*> mapDisks;
279 std::list<Utf8Str> mapDiskSequence;
280 std::list<Utf8Str> mapDiskSequenceForOneVM;//temporary keeps all disks attached to one exported VM
281 std::map<Utf8Str, bool> mapNetworks;
282};
283
284class Appliance::TaskOVF : public ThreadTask
285{
286public:
287 enum TaskType
288 {
289 Read,
290 Import,
291 Write
292 };
293
294 TaskOVF(Appliance *aThat,
295 TaskType aType,
296 LocationInfo aLocInfo,
297 ComObjPtr<Progress> &aProgress)
298 : ThreadTask("TaskOVF"),
299 pAppliance(aThat),
300 taskType(aType),
301 locInfo(aLocInfo),
302 pProgress(aProgress),
303 enFormat(ovf::OVFVersion_unknown),
304 rc(S_OK)
305 {
306 switch (taskType)
307 {
308 case TaskOVF::Read: m_strTaskName = "ApplRead"; break;
309 case TaskOVF::Import: m_strTaskName = "ApplImp"; break;
310 case TaskOVF::Write: m_strTaskName = "ApplWrit"; break;
311 default: m_strTaskName = "ApplTask"; break;
312 }
313 }
314
315 static DECLCALLBACK(int) updateProgress(unsigned uPercent, void *pvUser);
316
317 Appliance *pAppliance;
318 TaskType taskType;
319 const LocationInfo locInfo;
320 ComObjPtr<Progress> pProgress;
321
322 ovf::OVFVersion_T enFormat;
323
324 HRESULT rc;
325
326 void handler()
327 {
328 Appliance::i_importOrExportThreadTask(this);
329 }
330};
331
332class Appliance::TaskOPC : public ThreadTask
333{
334public:
335 enum TaskType
336 {
337 Export
338 };
339
340 TaskOPC(Appliance *aThat,
341 TaskType aType,
342 LocationInfo aLocInfo,
343 ComObjPtr<Progress> &aProgress)
344 : ThreadTask("TaskOPC"),
345 pAppliance(aThat),
346 taskType(aType),
347 locInfo(aLocInfo),
348 pProgress(aProgress),
349 rc(S_OK)
350 {
351 m_strTaskName = "OPCExpt";
352 }
353
354 ~TaskOPC()
355 {
356 }
357
358 static DECLCALLBACK(int) updateProgress(unsigned uPercent, void *pvUser);
359
360 Appliance *pAppliance;
361 TaskType taskType;
362 const LocationInfo locInfo;
363 ComObjPtr<Progress> pProgress;
364
365 HRESULT rc;
366
367 void handler()
368 {
369 Appliance::i_exportOPCThreadTask(this);
370 }
371};
372
373
374class Appliance::TaskCloud : public ThreadTask
375{
376public:
377 enum TaskType
378 {
379 Export,
380 Import,
381 ReadData
382 };
383
384 TaskCloud(Appliance *aThat,
385 TaskType aType,
386 LocationInfo aLocInfo,
387 ComObjPtr<Progress> &aProgress)
388 : ThreadTask("TaskCloud"),
389 pAppliance(aThat),
390 taskType(aType),
391 locInfo(aLocInfo),
392 pProgress(aProgress),
393 rc(S_OK)
394 {
395 switch (taskType)
396 {
397 case TaskCloud::Export: m_strTaskName = "CloudExpt"; break;
398 case TaskCloud::Import: m_strTaskName = "CloudImpt"; break;
399 case TaskCloud::ReadData: m_strTaskName = "CloudRead"; break;
400 default: m_strTaskName = "CloudTask"; break;
401 }
402 }
403
404 ~TaskCloud()
405 {
406 }
407
408 static DECLCALLBACK(int) updateProgress(unsigned uPercent, void *pvUser);
409
410 Appliance *pAppliance;
411 TaskType taskType;
412 const LocationInfo locInfo;
413 ComObjPtr<Progress> pProgress;
414
415 HRESULT rc;
416
417 void handler()
418 {
419 Appliance::i_importOrExportCloudThreadTask(this);
420 }
421};
422
423struct MyHardDiskAttachment
424{
425 ComPtr<IMachine> pMachine;
426 Utf8Str controllerName;
427 int32_t lControllerPort; // 0-29 for SATA
428 int32_t lDevice; // IDE: 0 or 1, otherwise 0 always
429};
430
431/**
432 * Used by Appliance::importMachineGeneric() to store
433 * input parameters and rollback information.
434 */
435struct Appliance::ImportStack
436{
437 // input pointers
438 const LocationInfo &locInfo; // ptr to location info from Appliance::importFS()
439 Utf8Str strSourceDir; // directory where source files reside
440 const ovf::DiskImagesMap &mapDisks; // ptr to disks map in OVF
441 ComObjPtr<Progress> &pProgress; // progress object passed into Appliance::importFS()
442
443 // input parameters from VirtualSystemDescriptions
444 Utf8Str strNameVBox; // VM name
445 Utf8Str strSettingsFilename; // Absolute path to VM config file
446 Utf8Str strMachineFolder; // Absolute path to VM folder (derived from strSettingsFilename)
447 Utf8Str strOsTypeVBox; // VirtualBox guest OS type as string
448 Utf8Str strPrimaryGroup; // VM primary group as string
449 Utf8Str strDescription;
450 uint32_t cCPUs; // CPU count
451 bool fForceHWVirt; // if true, we force enabling hardware virtualization
452 bool fForceIOAPIC; // if true, we force enabling the IOAPIC
453 uint32_t ulMemorySizeMB; // virtual machine RAM in megabytes
454 Utf8Str strFirmwareType; //Firmware - BIOS or EFI
455#ifdef VBOX_WITH_USB
456 bool fUSBEnabled;
457#endif
458 Utf8Str strAudioAdapter; // if not empty, then the guest has audio enabled, and this is the decimal
459 // representation of the audio adapter (should always be "0" for AC97 presently)
460
461 // session (not initially created)
462 ComPtr<ISession> pSession; // session opened in Appliance::importFS() for machine manipulation
463 bool fSessionOpen; // true if the pSession is currently open and needs closing
464
465 /** @name File access related stuff (TAR stream)
466 * @{ */
467 /** OVA file system stream handle. NIL if not OVA. */
468 RTVFSFSSTREAM hVfsFssOva;
469 /** OVA lookahead I/O stream object. */
470 RTVFSIOSTREAM hVfsIosOvaLookAhead;
471 /** OVA lookahead I/O stream object name. */
472 char *pszOvaLookAheadName;
473 /** @} */
474
475 // a list of images that we created/imported; this is initially empty
476 // and will be cleaned up on errors
477 std::list<MyHardDiskAttachment> llHardDiskAttachments; // disks that were attached
478 std::map<Utf8Str , Utf8Str> mapNewUUIDsToOriginalUUIDs;
479
480 ImportStack(const LocationInfo &aLocInfo,
481 const ovf::DiskImagesMap &aMapDisks,
482 ComObjPtr<Progress> &aProgress,
483 RTVFSFSSTREAM aVfsFssOva)
484 : locInfo(aLocInfo),
485 mapDisks(aMapDisks),
486 pProgress(aProgress),
487 cCPUs(1),
488 fForceHWVirt(false),
489 fForceIOAPIC(false),
490 ulMemorySizeMB(0),
491 fSessionOpen(false),
492 hVfsFssOva(aVfsFssOva),
493 hVfsIosOvaLookAhead(NIL_RTVFSIOSTREAM),
494 pszOvaLookAheadName(NULL)
495 {
496 if (hVfsFssOva != NIL_RTVFSFSSTREAM)
497 RTVfsFsStrmRetain(hVfsFssOva);
498
499 // disk images have to be on the same place as the OVF file. So
500 // strip the filename out of the full file path
501 strSourceDir = aLocInfo.strPath;
502 strSourceDir.stripFilename();
503 }
504
505 ~ImportStack()
506 {
507 if (hVfsFssOva != NIL_RTVFSFSSTREAM)
508 {
509 RTVfsFsStrmRelease(hVfsFssOva);
510 hVfsFssOva = NIL_RTVFSFSSTREAM;
511 }
512 if (hVfsIosOvaLookAhead != NIL_RTVFSIOSTREAM)
513 {
514 RTVfsIoStrmRelease(hVfsIosOvaLookAhead);
515 hVfsIosOvaLookAhead = NIL_RTVFSIOSTREAM;
516 }
517 if (pszOvaLookAheadName)
518 {
519 RTStrFree(pszOvaLookAheadName);
520 pszOvaLookAheadName = NULL;
521 }
522 }
523
524 HRESULT restoreOriginalUUIDOfAttachedDevice(settings::MachineConfigFile *config);
525 HRESULT saveOriginalUUIDOfAttachedDevice(settings::AttachedDevice &device,
526 const Utf8Str &newlyUuid);
527 RTVFSIOSTREAM claimOvaLookAHead(void);
528
529};
530
531////////////////////////////////////////////////////////////////////////////////
532//
533// VirtualSystemDescription data definition
534//
535////////////////////////////////////////////////////////////////////////////////
536
537struct VirtualSystemDescription::Data
538{
539 std::vector<VirtualSystemDescriptionEntry>
540 maDescriptions; // item descriptions
541
542 ComPtr<Machine> pMachine; // VirtualBox machine this description was exported from (export only)
543
544 settings::MachineConfigFile
545 *pConfig; // machine config created from <vbox:Machine> element if found (import only)
546};
547
548////////////////////////////////////////////////////////////////////////////////
549//
550// Internal helpers
551//
552////////////////////////////////////////////////////////////////////////////////
553
554void convertCIMOSType2VBoxOSType(Utf8Str &strType, ovf::CIMOSType_T c, const Utf8Str &cStr);
555
556ovf::CIMOSType_T convertVBoxOSType2CIMOSType(const char *pcszVBox, BOOL fLongMode);
557
558Utf8Str convertNetworkAttachmentTypeToString(NetworkAttachmentType_T type);
559
560
561#endif /* !MAIN_INCLUDED_ApplianceImplPrivate_h */
562
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette