VirtualBox

source: vbox/trunk/src/VBox/Runtime/common/crypto/pkcs7-core.cpp@ 72367

Last change on this file since 72367 was 69111, checked in by vboxsync, 7 years ago

(C) year

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 7.3 KB
Line 
1/* $Id: pkcs7-core.cpp 69111 2017-10-17 14:26:02Z vboxsync $ */
2/** @file
3 * IPRT - Crypto - PKCS \#7, Core APIs.
4 */
5
6/*
7 * Copyright (C) 2006-2017 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*********************************************************************************************************************************
29* Header Files *
30*********************************************************************************************************************************/
31#include "internal/iprt.h"
32#include <iprt/crypto/pkcs7.h>
33
34#include <iprt/err.h>
35#include <iprt/string.h>
36#include <iprt/crypto/tsp.h>
37
38#include "pkcs7-internal.h"
39
40
41/*
42 * PCKS #7 SignerInfo
43 */
44
45RTDECL(PCRTASN1TIME) RTCrPkcs7SignerInfo_GetSigningTime(PCRTCRPKCS7SIGNERINFO pThis, PCRTCRPKCS7SIGNERINFO *ppSignerInfo)
46{
47 /*
48 * Check the immediate level, unless we're continuing a previous search.
49 * Note! We ASSUME a single signing time attribute, which simplifies the interface.
50 */
51 uint32_t cAttrsLeft;
52 PRTCRPKCS7ATTRIBUTE const *ppAttr;
53 if (!ppSignerInfo || *ppSignerInfo == NULL)
54 {
55 cAttrsLeft = pThis->AuthenticatedAttributes.cItems;
56 ppAttr = pThis->AuthenticatedAttributes.papItems;
57 while (cAttrsLeft-- > 0)
58 {
59 PCRTCRPKCS7ATTRIBUTE pAttr = *ppAttr;
60 if ( pAttr->enmType == RTCRPKCS7ATTRIBUTETYPE_SIGNING_TIME
61 && pAttr->uValues.pSigningTime->cItems > 0)
62 {
63 if (ppSignerInfo)
64 *ppSignerInfo = pThis;
65 return pAttr->uValues.pSigningTime->papItems[0];
66 }
67 ppAttr++;
68 }
69 }
70 else if (*ppSignerInfo == pThis)
71 *ppSignerInfo = NULL;
72
73 /*
74 * Check counter signatures.
75 */
76 cAttrsLeft = pThis->UnauthenticatedAttributes.cItems;
77 ppAttr = pThis->UnauthenticatedAttributes.papItems;
78 while (cAttrsLeft-- > 0)
79 {
80 PCRTCRPKCS7ATTRIBUTE pAttr = *ppAttr;
81 if (pAttr->enmType == RTCRPKCS7ATTRIBUTETYPE_COUNTER_SIGNATURES)
82 {
83 uint32_t cSignatures = pAttr->uValues.pCounterSignatures->cItems;
84 PRTCRPKCS7SIGNERINFO *ppSignature = pAttr->uValues.pCounterSignatures->papItems;
85
86 /* Skip past the previous counter signature. */
87 if (ppSignerInfo && *ppSignerInfo != NULL)
88 while (cSignatures > 0)
89 {
90 cSignatures--;
91 if (*ppSignature == *ppSignerInfo)
92 {
93 *ppSignerInfo = NULL;
94 ppSignature++;
95 break;
96 }
97 ppSignature++;
98 }
99
100 /* Search the counter signatures (if any remaining). */
101 while (cSignatures-- > 0)
102 {
103 PCRTCRPKCS7SIGNERINFO pSignature = *ppSignature;
104 uint32_t cCounterAttrsLeft = pSignature->AuthenticatedAttributes.cItems;
105 PRTCRPKCS7ATTRIBUTE const *ppCounterAttr = pSignature->AuthenticatedAttributes.papItems;
106 while (cCounterAttrsLeft-- > 0)
107 {
108 PCRTCRPKCS7ATTRIBUTE pCounterAttr = *ppCounterAttr;
109 if ( pCounterAttr->enmType == RTCRPKCS7ATTRIBUTETYPE_SIGNING_TIME
110 && pCounterAttr->uValues.pSigningTime->cItems > 0)
111 {
112 if (ppSignerInfo)
113 *ppSignerInfo = pSignature;
114 return pCounterAttr->uValues.pSigningTime->papItems[0];
115 }
116 ppCounterAttr++;
117 }
118 ppSignature++;
119 }
120 }
121 ppAttr++;
122 }
123
124 /*
125 * No signing timestamp found.
126 */
127 if (ppSignerInfo)
128 *ppSignerInfo = NULL;
129
130 return NULL;
131}
132
133
134RTDECL(PCRTASN1TIME) RTCrPkcs7SignerInfo_GetMsTimestamp(PCRTCRPKCS7SIGNERINFO pThis, PCRTCRPKCS7CONTENTINFO *ppContentInfoRet)
135{
136 /*
137 * Assume there is only one, so no need to enumerate anything here.
138 */
139 uint32_t cAttrsLeft = pThis->UnauthenticatedAttributes.cItems;
140 PRTCRPKCS7ATTRIBUTE const *ppAttr = pThis->UnauthenticatedAttributes.papItems;
141 while (cAttrsLeft-- > 0)
142 {
143 PCRTCRPKCS7ATTRIBUTE pAttr = *ppAttr;
144 if (pAttr->enmType == RTCRPKCS7ATTRIBUTETYPE_MS_TIMESTAMP)
145 {
146 uint32_t cLeft = pAttr->uValues.pContentInfos->cItems;
147 PRTCRPKCS7CONTENTINFO const *ppContentInfo = pAttr->uValues.pContentInfos->papItems;
148 while (cLeft-- > 0)
149 {
150 PCRTCRPKCS7CONTENTINFO pContentInfo = *ppContentInfo;
151 if (RTAsn1ObjId_CompareWithString(&pContentInfo->ContentType, RTCRPKCS7SIGNEDDATA_OID) == 0)
152 {
153 if (RTAsn1ObjId_CompareWithString(&pContentInfo->u.pSignedData->ContentInfo.ContentType,
154 RTCRTSPTSTINFO_OID) == 0)
155 {
156 if (ppContentInfoRet)
157 *ppContentInfoRet = pContentInfo;
158 return &pContentInfo->u.pSignedData->ContentInfo.u.pTstInfo->GenTime;
159 }
160 }
161
162 pContentInfo++;
163 }
164 }
165 ppAttr++;
166 }
167
168 /*
169 * No signature was found.
170 */
171 if (ppContentInfoRet)
172 *ppContentInfoRet = NULL;
173
174 return NULL;
175}
176
177
178/*
179 * PCKS #7 ContentInfo.
180 */
181
182RTDECL(bool) RTCrPkcs7ContentInfo_IsSignedData(PCRTCRPKCS7CONTENTINFO pThis)
183{
184 return RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRPKCS7SIGNEDDATA_OID) == 0;
185}
186
187
188/*
189 * Set of some kind of certificate supported by PKCS #7 or CMS.
190 */
191
192RTDECL(PCRTCRX509CERTIFICATE)
193RTCrPkcs7SetOfCerts_FindX509ByIssuerAndSerialNumber(PCRTCRPKCS7SETOFCERTS pCertificates,
194 PCRTCRX509NAME pIssuer, PCRTASN1INTEGER pSerialNumber)
195{
196 for (uint32_t i = 0; i < pCertificates->cItems; i++)
197 {
198 PCRTCRPKCS7CERT pCert = pCertificates->papItems[i];
199 if ( pCert->enmChoice == RTCRPKCS7CERTCHOICE_X509
200 && RTCrX509Certificate_MatchIssuerAndSerialNumber(pCert->u.pX509Cert, pIssuer, pSerialNumber))
201 return pCert->u.pX509Cert;
202 }
203 return NULL;
204}
205
206
207/*
208 * Generate the standard core code.
209 */
210#include <iprt/asn1-generator-core.h>
211
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette