VirtualBox

source: vbox/trunk/src/VBox/Runtime/common/crypto/pkix-util.cpp@ 88485

Last change on this file since 88485 was 85121, checked in by vboxsync, 5 years ago

iprt/cdefs.h: Refactored the typedef use of DECLCALLBACK as well as DECLCALLBACKMEMBER to wrap the whole expression, similar to the DECLR?CALLBACKMEMBER macros. This allows adding a throw() at the end when compiling with the VC++ compiler to indicate that the callbacks won't throw anything, so we can stop supressing the C5039 warning about passing functions that can potential throw C++ exceptions to extern C code that can't necessarily cope with such (unwind,++). Introduced a few _EX variations that allows specifying different/no calling convention too, as that's handy when dynamically resolving host APIs. Fixed numerous places missing DECLCALLBACK and such. Left two angry @todos regarding use of CreateThread. bugref:9794

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 5.0 KB
Line 
1/* $Id: pkix-util.cpp 85121 2020-07-08 19:33:26Z vboxsync $ */
2/** @file
3 * IPRT - Crypto - Public Key Infrastructure API, Utilities.
4 */
5
6/*
7 * Copyright (C) 2006-2020 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*********************************************************************************************************************************
29* Header Files *
30*********************************************************************************************************************************/
31#include "internal/iprt.h"
32#include <iprt/crypto/pkix.h>
33
34#include <iprt/asn1.h>
35#include <iprt/assert.h>
36#include <iprt/err.h>
37#include <iprt/string.h>
38#include <iprt/crypto/rsa.h>
39
40#ifdef IPRT_WITH_OPENSSL
41# include "internal/iprt-openssl.h"
42# include "internal/openssl-pre.h"
43# include <openssl/evp.h>
44# include "internal/openssl-post.h"
45#endif
46
47
48
49
50RTDECL(const char *) RTCrPkixGetCiperOidFromSignatureAlgorithm(PCRTASN1OBJID pAlgorithm)
51{
52 /*
53 * This is all hardcoded, at least for the time being.
54 */
55 if (RTAsn1ObjId_StartsWith(pAlgorithm, RTCR_PKCS1_OID))
56 {
57 if (RTAsn1ObjIdCountComponents(pAlgorithm) == 7)
58 switch (RTAsn1ObjIdGetLastComponentsAsUInt32(pAlgorithm))
59 {
60 case 2:
61 case 3:
62 case 4:
63 case 5:
64 case 11:
65 case 12:
66 case 13:
67 case 14:
68 return RTCR_PKCS1_RSA_OID;
69 case 1: AssertFailed();
70 RT_FALL_THRU();
71 default:
72 return NULL;
73 }
74 }
75 /*
76 * OIW oddballs.
77 */
78 else if (RTAsn1ObjId_StartsWith(pAlgorithm, "1.3.14.3.2"))
79 {
80 if (RTAsn1ObjIdCountComponents(pAlgorithm) == 6)
81 switch (RTAsn1ObjIdGetLastComponentsAsUInt32(pAlgorithm))
82 {
83 case 11:
84 case 14:
85 case 15:
86 case 24:
87 case 25:
88 case 29:
89 return RTCR_PKCS1_RSA_OID;
90 default:
91 return NULL;
92 }
93 }
94
95
96 return NULL;
97}
98
99
100RTDECL(bool) RTCrPkixPubKeyCanHandleDigestType(PCRTCRX509SUBJECTPUBLICKEYINFO pPublicKeyInfo, RTDIGESTTYPE enmDigestType,
101 PRTERRINFO pErrInfo)
102{
103 bool fRc = false;
104 if (RTCrX509SubjectPublicKeyInfo_IsPresent(pPublicKeyInfo))
105 {
106 void const * const pvKeyBits = RTASN1BITSTRING_GET_BIT0_PTR(&pPublicKeyInfo->SubjectPublicKey);
107 uint32_t const cbKeyBits = RTASN1BITSTRING_GET_BYTE_SIZE(&pPublicKeyInfo->SubjectPublicKey);
108 RTASN1CURSORPRIMARY PrimaryCursor;
109 union
110 {
111 RTCRRSAPUBLICKEY RsaPublicKey;
112 } u;
113
114 if (RTAsn1ObjId_CompareWithString(&pPublicKeyInfo->Algorithm.Algorithm, RTCR_PKCS1_RSA_OID) == 0)
115 {
116 /*
117 * RSA.
118 */
119 RTAsn1CursorInitPrimary(&PrimaryCursor, pvKeyBits, cbKeyBits, pErrInfo, &g_RTAsn1DefaultAllocator,
120 RTASN1CURSOR_FLAGS_DER, "rsa");
121
122 RT_ZERO(u.RsaPublicKey);
123 int rc = RTCrRsaPublicKey_DecodeAsn1(&PrimaryCursor.Cursor, 0, &u.RsaPublicKey, "PublicKey");
124 if (RT_SUCCESS(rc))
125 fRc = RTCrRsaPublicKey_CanHandleDigestType(&u.RsaPublicKey, enmDigestType, pErrInfo);
126 RTCrRsaPublicKey_Delete(&u.RsaPublicKey);
127 }
128 else
129 {
130 RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_NOT_KNOWN, "%s", pPublicKeyInfo->Algorithm.Algorithm.szObjId);
131 AssertMsgFailed(("unknown key algorithm: %s\n", pPublicKeyInfo->Algorithm.Algorithm.szObjId));
132 fRc = true;
133 }
134 }
135 return fRc;
136}
137
138
139RTDECL(bool) RTCrPkixCanCertHandleDigestType(PCRTCRX509CERTIFICATE pCertificate, RTDIGESTTYPE enmDigestType, PRTERRINFO pErrInfo)
140{
141 if (RTCrX509Certificate_IsPresent(pCertificate))
142 return RTCrPkixPubKeyCanHandleDigestType(&pCertificate->TbsCertificate.SubjectPublicKeyInfo, enmDigestType, pErrInfo);
143 return false;
144}
145
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette