Changeset 100442 in vbox

Timestamp:

Jul 8, 2023 11:10:51 AM (21 months ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

158185

Message:

IPRT,OpenSSL: Support ECDSA for verficiation purposes when IPRT links with OpenSSL. This required quite a bit of cleanups, so not entirely no-risk. bugref:10479 ticketref:21621

Location:

trunk

Files:

• include/iprt/crypto/key.h (modified) (3 diffs)
• include/iprt/crypto/pkix.h (modified) (5 diffs)
• include/iprt/crypto/x509.h (modified) (4 diffs)
• include/iprt/err.h (modified) (2 diffs)
• include/iprt/mangling.h (modified) (3 diffs)
• src/VBox/Runtime/Makefile.kmk (modified) (2 diffs)
• src/VBox/Runtime/common/asn1/oiddb.cfg (modified) (2 diffs)
• src/VBox/Runtime/common/crypto/digest-builtin.cpp (modified) (9 diffs)
• src/VBox/Runtime/common/crypto/key-internal.h (modified) (2 diffs)
• src/VBox/Runtime/common/crypto/key-openssl.cpp (modified) (9 diffs)
• src/VBox/Runtime/common/crypto/key.cpp (modified) (8 diffs)
• src/VBox/Runtime/common/crypto/pkcs7-sanity.cpp (modified) (1 diff)
• src/VBox/Runtime/common/crypto/pkix-sign.cpp (modified) (2 diffs)
• src/VBox/Runtime/common/crypto/pkix-signature-builtin.cpp (modified) (1 diff)
• src/VBox/Runtime/common/crypto/pkix-signature-builtin.h (modified) (1 diff)
• src/VBox/Runtime/common/crypto/pkix-signature-core.cpp (modified) (2 diffs)
• src/VBox/Runtime/common/crypto/pkix-signature-rsa.cpp (modified) (2 diffs)
• src/VBox/Runtime/common/crypto/pkix-util.cpp (modified) (2 diffs)
• src/VBox/Runtime/common/crypto/pkix-verify.cpp (modified) (9 diffs)
• src/VBox/Runtime/common/crypto/spc-sanity.cpp (modified) (2 diffs)
• src/VBox/Runtime/common/crypto/x509-core.cpp (modified) (5 diffs)
• src/VBox/Runtime/common/crypto/x509-verify.cpp (modified) (5 diffs)
• src/VBox/Runtime/common/ldr/ldrPE.cpp (modified) (2 diffs)
• src/VBox/Runtime/r3/memsafer-r3.cpp (modified) (1 diff)
• src/VBox/Runtime/tools/Makefile.kmk (modified) (1 diff)
• src/VBox/Runtime/tools/RTSignTool.cpp (modified) (3 diffs)
• src/libs/openssl-3.0.7/crypto/asn1/Makefile.kmk (modified) (1 diff)

trunk/include/iprt/crypto/key.h

@@ -66 +66 @@
     /** RSA public key. */
     RTCRKEYTYPE_RSA_PUBLIC,
+    /** ECDSA private key. */
+    RTCRKEYTYPE_ECDSA_PRIVATE,
+    /** ECDSA public key. */
+    RTCRKEYTYPE_ECDSA_PUBLIC,
     /** End of key types. */
     RTCRKEYTYPE_END,
@@ -75 +79 @@
 RTDECL(int)             RTCrKeyCreateFromSubjectPublicKeyInfo(PRTCRKEY phKey, struct RTCRX509SUBJECTPUBLICKEYINFO const *pSrc,
                                                               PRTERRINFO pErrInfo, const char *pszErrorTag);
-RTDECL(int)             RTCrKeyCreateFromPublicAlgorithmAndBits(PRTCRKEY phKey,  PCRTASN1OBJID pAlgorithm,
-                                                                PCRTASN1BITSTRING pPublicKey,
+RTDECL(int)             RTCrKeyCreateFromPublicAlgorithmAndBits(PRTCRKEY phKey, PCRTASN1OBJID pAlgorithm,
+                                                                PCRTASN1DYNTYPE pParameters, PCRTASN1BITSTRING pPublicKey,
                                                                 PRTERRINFO pErrInfo, const char *pszErrorTag);
 RTDECL(int)             RTCrKeyCreateFromPemSection(PRTCRKEY phKey, uint32_t fFlags, struct RTCRPEMSECTION const *pSection,
@@ -105 +109 @@
 RTDECL(int)             RTCrKeyQueryRsaModulus(RTCRKEY hKey, PRTBIGNUM pModulus);
 RTDECL(int)             RTCrKeyQueryRsaPrivateExponent(RTCRKEY hKey, PRTBIGNUM pPrivateExponent);
+RTDECL(int)             RTCrKeyVerifyParameterCompatibility(RTCRKEY hKey, PCRTASN1DYNTYPE pParameters, bool fForSignature,
+                                                            PCRTASN1OBJID pAlgorithm, PRTERRINFO pErrInfo);
+
 
 /** Public key markers. */

trunk/include/iprt/crypto/pkix.h

@@ -60 +60 @@
  * @param   pAlgorithm      The signature algorithm (digest w/ cipher).
  * @param   hPublicKey      The public key.
- * @param   pParameters     Parameter to the public key algorithm. Optional.
+ * @param   pParameters     The signature parameters (not key, those are already
+ *                          kept by hPublicKey).
  * @param   pSignatureValue The signature value.
  * @param   pvData          The signed data.
@@ -81 +82 @@
  * @param   pAlgorithm      The signature algorithm (digest w/ cipher).
  * @param   hPublicKey      The public key.
- * @param   pParameters     Parameter to the public key algorithm. Optional.
+ * @param   pParameters     The signature parameters (not key, those are already
+ *                          kept by hPublicKey).
  * @param   pvSignedDigest  The signed digest.
  * @param   cbSignedDigest  The signed digest size.
@@ -146 +148 @@
  *
  * @returns Cipher OID string on success, NULL on failure.
- * @param   pAlgorithm      The signature algorithm (digest w/ cipher).
+ * @param   pAlgorithm          The signature algorithm (hash function w/ cipher).
+ * @sa      RTCrX509AlgorithmIdentifier_GetEncryptionOid,
+ *          RTCrX509AlgorithmIdentifier_GetEncryptionOidFromOid
  */
 RTDECL(const char *) RTCrPkixGetCiperOidFromSignatureAlgorithm(PCRTASN1OBJID pAlgorithm);
+
+/**
+ * Gets the cipher OID matching the given signature algorithm OID.
+ *
+ * @returns Cipher OID string on success, NULL on failure.
+ * @param   pszSignatureOid     The signature algorithm ID (hash function w/ cipher).
+ * @sa      RTCrX509AlgorithmIdentifier_GetEncryptionOid,
+ *          RTCrX509AlgorithmIdentifier_GetEncryptionOidFromOid
+ */
+RTDECL(const char *) RTCrPkixGetCiperOidFromSignatureAlgorithmOid(const char *pszSignatureOid);
 
 
@@ -170 +184 @@
 #define RTCR_PKCS1_SHA512T224_WITH_RSA_OID          "1.2.840.113549.1.1.15"
 #define RTCR_PKCS1_SHA512T256_WITH_RSA_OID          "1.2.840.113549.1.1.16"
+/** @} */
+
+/** @name ANSI X9.62 Object Identifiers (OIDs)
+ * @{ */
+#define RTCR_X962_ECDSA_OID                         "1.2.840.10045.2.1"
+#define RTCR_X962_ECDSA_WITH_SHA1_OID               "1.2.840.10045.4.1"
+#define RTCR_X962_ECDSA_WITH_SHA2_OID               "1.2.840.10045.4.3"
+#define RTCR_X962_ECDSA_WITH_SHA224_OID             "1.2.840.10045.4.3.1"
+#define RTCR_X962_ECDSA_WITH_SHA256_OID             "1.2.840.10045.4.3.2"
+#define RTCR_X962_ECDSA_WITH_SHA384_OID             "1.2.840.10045.4.3.3"
+#define RTCR_X962_ECDSA_WITH_SHA512_OID             "1.2.840.10045.4.3.4"
+/** @}  */
+
+/** @name NIST Object Identifiers (OIDs)
+ * @{ */
+#define RTCR_NIST_ALGORITHM_OID                     "2.16.840.1.101.3.4"
+#define RTCR_NIST_HASH_ALGS_OID                     "2.16.840.1.101.3.4.2"
+#define RTCR_NIST_SIG_ALGS_OID                      "2.16.840.1.101.3.4.3"
+#define RTCR_NIST_SHA3_224_WITH_ECDSA_OID           "2.16.840.1.101.3.4.3.9"
+#define RTCR_NIST_SHA3_256_WITH_ECDSA_OID           "2.16.840.1.101.3.4.3.10"
+#define RTCR_NIST_SHA3_384_WITH_ECDSA_OID           "2.16.840.1.101.3.4.3.11"
+#define RTCR_NIST_SHA3_512_WITH_ECDSA_OID           "2.16.840.1.101.3.4.3.12"
+#define RTCR_NIST_SHA3_224_WITH_RSA_OID             "2.16.840.1.101.3.4.3.13"
+#define RTCR_NIST_SHA3_256_WITH_RSA_OID             "2.16.840.1.101.3.4.3.14"
+#define RTCR_NIST_SHA3_384_WITH_RSA_OID             "2.16.840.1.101.3.4.3.15"
+#define RTCR_NIST_SHA3_512_WITH_RSA_OID             "2.16.840.1.101.3.4.3.16"
 /** @}  */
 
@@ -300 +340 @@
  * @param   ppvOpaque   Where to store an opaque schema parameter. Optional.
  */
-PCRTCRPKIXSIGNATUREDESC RTCrPkixSignatureFindByObjIdString(const char *pszObjId, void *ppvOpaque);
+PCRTCRPKIXSIGNATUREDESC RTCrPkixSignatureFindByObjIdString(const char *pszObjId, void **ppvOpaque);
 
 /**

trunk/include/iprt/crypto/x509.h

@@ -81 +81 @@
  *
  * @returns Valid RTDIGESTTYPE on success, RTDIGESTTYPE_INVALID on failure.
- * @param   pThis           The IPRT representation of a X.509 algorithm
- *                          identifier object.
- */
-RTDECL(RTDIGESTTYPE) RTCrX509AlgorithmIdentifier_QueryDigestType(PCRTCRX509ALGORITHMIDENTIFIER pThis);
+ * @param   pThis               The IPRT representation of a X.509 algorithm
+ *                              identifier object.
+ * @param   fPureDigestsOnly    Whether to only match IDs that only identify
+ *                              digest algorithms, or whether to also include
+ *                              IDs that mixes hash and encryption/whatever.
+ */
+RTDECL(RTDIGESTTYPE) RTCrX509AlgorithmIdentifier_GetDigestType(PCRTCRX509ALGORITHMIDENTIFIER pThis, bool fPureDigestsOnly);
 
 /**
@@ -90 +93 @@
  *
  * @returns The digest size in bytes, UINT32_MAX if unknown digest.
- * @param   pThis           The IPRT representation of a X.509 algorithm
- *                          identifier object.
- */
-RTDECL(uint32_t) RTCrX509AlgorithmIdentifier_QueryDigestSize(PCRTCRX509ALGORITHMIDENTIFIER pThis);
+ * @param   pThis               The IPRT representation of a X.509 algorithm
+ *                              identifier object.
+ * @param   fPureDigestsOnly    Whether to only match IDs that only identify
+ *                              digest algorithms, or whether to also include
+ *                              IDs that mixes hash and encryption/whatever.
+ */
+RTDECL(uint32_t) RTCrX509AlgorithmIdentifier_GetDigestSize(PCRTCRX509ALGORITHMIDENTIFIER pThis, bool fPureDigestsOnly);
+
+/**
+ * Tries to get the encryption OID from the algorithm.
+ *
+ * @returns The encryption (cipher) OID  on success, NULL on failure.
+ * @param   pThis               The IPRT representation of a X.509 algorithm
+ *                              identifier object.
+ * @param   fMustIncludeHash    Whether the algorithm ID represented by @a pThis
+ *                              must include a hash (true) or whether it is
+ *                              okay to accept pure encryption IDs as well
+ *                              (false).
+ */
+RTDECL(const char *) RTCrX509AlgorithmIdentifier_GetEncryptionOid(PCRTCRX509ALGORITHMIDENTIFIER pThis, bool fMustIncludeHash);
+
+/**
+ * Tries to get the encryption OID from the given algorithm OID string.
+ *
+ * @returns The encryption (cipher) OID  on success, NULL on failure.
+ * @param   pszAlgorithmOid     The IPRT representation of a X.509 algorithm
+ *                              identifier object.
+ * @param   fMustIncludeHash    Whether @a pszAlgorithmOid must include a hash
+ *                              (true) or whether it is okay to accept pure
+ *                              encryption IDs as well (false).
+ */
+RTDECL(const char *) RTCrX509AlgorithmIdentifier_GetEncryptionOidFromOid(const char *pszAlgorithmOid, bool fMustIncludeHash);
 
 RTDECL(int) RTCrX509AlgorithmIdentifier_CompareWithString(PCRTCRX509ALGORITHMIDENTIFIER pThis, const char *pszObjId);
@@ -155 +186 @@
 #define RTCRX509ALGORITHMIDENTIFIERID_MD4               "1.2.840.113549.2.4"
 #define RTCRX509ALGORITHMIDENTIFIERID_MD5               "1.2.840.113549.2.5"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA0              "1.3.14.3.2.18"
 #define RTCRX509ALGORITHMIDENTIFIERID_SHA1              "1.3.14.3.2.26"
 #define RTCRX509ALGORITHMIDENTIFIERID_SHA256            "2.16.840.1.101.3.4.2.1"
@@ -188 +220 @@
 #define RTCRX509ALGORITHMIDENTIFIERID_SHA3_384_WITH_RSA     "2.16.840.1.101.3.4.3.15"
 #define RTCRX509ALGORITHMIDENTIFIERID_SHA3_512_WITH_RSA     "2.16.840.1.101.3.4.3.16"
+#define RTCRX509ALGORITHMIDENTIFIERID_ECDSA                 "1.2.840.10045.2.1"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA1_WITH_ECDSA       "1.2.840.10045.4.1"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA224_WITH_ECDSA     "1.2.840.10045.4.3.1"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA256_WITH_ECDSA     "1.2.840.10045.4.3.2"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA384_WITH_ECDSA     "1.2.840.10045.4.3.3"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA512_WITH_ECDSA     "1.2.840.10045.4.3.4"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA3_224_WITH_ECDSA   "2.16.840.1.101.3.4.3.9"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA3_256_WITH_ECDSA   "2.16.840.1.101.3.4.3.10"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA3_384_WITH_ECDSA   "2.16.840.1.101.3.4.3.11"
+#define RTCRX509ALGORITHMIDENTIFIERID_SHA3_512_WITH_ECDSA   "2.16.840.1.101.3.4.3.12"
 /** @} */
 

trunk/include/iprt/err.h

@@ -2170 +2170 @@
 /** Expected RSA public key. */
 #define VERR_CR_PKIX_NOT_RSA_PUBLIC_KEY             (-23524)
+/** Expected ECDSA private key. */
+#define VERR_CR_PKIX_NOT_ECDSA_PRIVATE_KEY          (-23525)
+/** Expected ECDSA public key. */
+#define VERR_CR_PKIX_NOT_ECDSA_PUBLIC_KEY           (-23526)
+/** OpenSSL failed to decode the key parameters. */
+#define VERR_CR_PKIX_OSSL_D2I_KEY_PARAMS_FAILED     (-23527)
 /** @} */
 
@@ -2213 +2219 @@
 /** Failed to generate RSA key. */
 #define VERR_CR_KEY_GEN_FAILED_RSA                  (-23815)
+/** Key algorithm parameters not expected. */
+#define VERR_CR_KEY_ALGO_PARAMS_UNEXPECTED          (-23816)
+/** Key algorithm parameters are required but missing. */
+#define VERR_CR_KEY_ALGO_PARAMS_MISSING             (-23817)
+/** Key algorithm parameters are not known/supported. */
+#define VERR_CR_KEY_ALGO_PARAMS_UNKNOWN             (-23818)
+/** Algorithm parameters does not match the key. */
+#define VERR_CR_KEY_ALGO_PARAMS_MISMATCH            (-23819)
+
 /** @} */
 

trunk/include/iprt/mangling.h

@@ -3528 +3528 @@
 # define RTCrKeyQueryRsaModulus                         RT_MANGLER(RTCrKeyQueryRsaModulus)
 # define RTCrKeyQueryRsaPrivateExponent                 RT_MANGLER(RTCrKeyQueryRsaPrivateExponent)
+# define RTCrKeyVerifyParameterCompatibility            RT_MANGLER(RTCrKeyVerifyParameterCompatibility)
 # define RTCrRc4                                        RT_MANGLER(RTCrRc4)
 # define RTCrRc4SetKey                                  RT_MANGLER(RTCrRc4SetKey)
@@ -3709 +3710 @@
 # define RTCrPkixSignatureVerifyOctetString             RT_MANGLER(RTCrPkixSignatureVerifyOctetString)
 # define RTCrPkixGetCiperOidFromSignatureAlgorithm      RT_MANGLER(RTCrPkixGetCiperOidFromSignatureAlgorithm)
+# define RTCrPkixGetCiperOidFromSignatureAlgorithmOid   RT_MANGLER(RTCrPkixGetCiperOidFromSignatureAlgorithmOid)
 # define RTCrPkixPubKeySignDigest                       RT_MANGLER(RTCrPkixPubKeySignDigest)
 # define RTCrPkixPubKeyVerifySignature                  RT_MANGLER(RTCrPkixPubKeyVerifySignature)
@@ -3867 +3869 @@
 # define RTCrX509AlgorithmIdentifier_Delete             RT_MANGLER(RTCrX509AlgorithmIdentifier_Delete)
 # define RTCrX509AlgorithmIdentifier_Enum               RT_MANGLER(RTCrX509AlgorithmIdentifier_Enum)
-# define RTCrX509AlgorithmIdentifier_QueryDigestSize    RT_MANGLER(RTCrX509AlgorithmIdentifier_QueryDigestSize)
-# define RTCrX509AlgorithmIdentifier_QueryDigestType    RT_MANGLER(RTCrX509AlgorithmIdentifier_QueryDigestType)
+# define RTCrX509AlgorithmIdentifier_GetDigestSize      RT_MANGLER(RTCrX509AlgorithmIdentifier_GetDigestSize)
+# define RTCrX509AlgorithmIdentifier_GetDigestType      RT_MANGLER(RTCrX509AlgorithmIdentifier_GetDigestType)
+# define RTCrX509AlgorithmIdentifier_GetEncryptionOid   RT_MANGLER(RTCrX509AlgorithmIdentifier_GetEncryptionOid)
+# define RTCrX509AlgorithmIdentifier_GetEncryptionOidFromOid RT_MANGLER(RTCrX509AlgorithmIdentifier_GetEncryptionOidFromOid)
 # define RTCrX509AlgorithmIdentifiers_Compare           RT_MANGLER(RTCrX509AlgorithmIdentifiers_Compare)
 # define RTCrX509AlgorithmIdentifiers_Delete            RT_MANGLER(RTCrX509AlgorithmIdentifiers_Delete)

trunk/src/VBox/Runtime/Makefile.kmk

@@ -463 +463 @@
         common/crypto/pkix-signature-core.cpp \
         common/crypto/pkix-signature-rsa.cpp \
+        common/crypto/pkix-signature-ossl.cpp \
         common/crypto/pkix-util.cpp \
         common/crypto/pkix-verify.cpp \
@@ -2309 +2310 @@
         common/crypto/pkix-signature-core.cpp \
         common/crypto/pkix-signature-rsa.cpp \
+        common/crypto/pkix-signature-ossl.cpp \
         common/crypto/pkix-util.cpp \
         common/crypto/pkix-verify.cpp \

trunk/src/VBox/Runtime/common/asn1/oiddb.cfg

@@ -52 +52 @@
 1.2.840                         = usa
 1.2.840.10045                   = ansi-x962
+1.2.840.10045.2                 = ansi-x962-keyType
+1.2.840.10045.2.1               = ansi-x962-ecPublicKey
 1.2.840.10045.4                 = ansi-x962-signatures
 1.2.840.10045.4.1               = ecdsa-with-sha1
@@ -233 +235 @@
 1.3.14.3                        = oiw-ssig
 1.3.14.3.2                      = oiw-ssig-algorithms
-1.3.14.3.2.2                    = oiw-ssig-Md4WithRsa
-1.3.14.3.2.3                    = oiw-ssig-Md5WithRsa
-1.3.14.3.2.4                    = oiw-ssig-Md4WithRsaEncryption
-1.3.14.3.2.15                   = oiw-ssig-ShaWithRsaEncryption
-1.3.14.3.2.24                   = oiw-ssig-Md2WithRsaEncryption
-1.3.14.3.2.25                   = oiw-ssig-Md5WithRsaEncryption
-1.3.14.3.2.26                   = oiw-ssig-Sha1
-1.3.14.3.2.29                   = oiw-ssig-Sha1WithRsaEncryption
+1.3.14.3.2.2                    = oiw-ssig-md4WithRsa
+1.3.14.3.2.3                    = oiw-ssig-md5WithRsa
+1.3.14.3.2.4                    = oiw-ssig-md4WithRsaEncryption
+1.3.14.3.2.14                   = oiw-ssig-mdc2WithRsaSignature
+1.3.14.3.2.15                   = oiw-ssig-sha0WithRsaSignature
+1.3.14.3.2.18                   = oiw-ssig-sha0
+1.3.14.3.2.19                   = oiw-ssig-mdc2
+1.3.14.3.2.21                   = oiw-ssig-dsaCommonWithSha0
+1.3.14.3.2.24                   = oiw-ssig-md2WithRsaSignature
+1.3.14.3.2.25                   = oiw-ssig-md5WithRsaSignature
+1.3.14.3.2.26                   = oiw-ssig-sha1
+1.3.14.3.2.29                   = oiw-ssig-sha1WithRsaEncryption
 2                               = joint-iso/itu-t
 2.1                             = asn.1

trunk/src/VBox/Runtime/common/crypto/digest-builtin.cpp

@@ -261 +261 @@
     RTCR_PKCS1_SHA1_WITH_RSA_OID,
     "1.3.14.3.2.29" /* OIW sha1WithRSASignature */,
+    RTCR_X962_ECDSA_WITH_SHA1_OID,
     NULL
 };
@@ -315 +316 @@
 {
     RTCR_PKCS1_SHA256_WITH_RSA_OID,
+    RTCR_X962_ECDSA_WITH_SHA256_OID,
     NULL
 };
@@ -369 +371 @@
 {
     RTCR_PKCS1_SHA512_WITH_RSA_OID,
+    RTCR_X962_ECDSA_WITH_SHA512_OID,
     NULL
 };
@@ -423 +426 @@
 {
     RTCR_PKCS1_SHA224_WITH_RSA_OID,
+    RTCR_X962_ECDSA_WITH_SHA224_OID,
     NULL
 };
@@ -477 +481 @@
 {
     RTCR_PKCS1_SHA384_WITH_RSA_OID,
+    RTCR_X962_ECDSA_WITH_SHA384_OID,
     NULL
 };
@@ -659 +664 @@
 {
     "2.16.840.1.101.3.4.3.13",
+    RTCR_NIST_SHA3_224_WITH_ECDSA_OID,
     NULL
 };
@@ -728 +734 @@
 {
     "2.16.840.1.101.3.4.3.14",
+    RTCR_NIST_SHA3_256_WITH_ECDSA_OID,
     NULL
 };
@@ -797 +804 @@
 {
     "2.16.840.1.101.3.4.3.15",
+    RTCR_NIST_SHA3_384_WITH_ECDSA_OID,
     NULL
 };
@@ -866 +874 @@
 {
     "2.16.840.1.101.3.4.3.16",
+    RTCR_NIST_SHA3_512_WITH_ECDSA_OID,
     NULL
 };

trunk/src/VBox/Runtime/common/crypto/key-internal.h

@@ -84 +84 @@
             RTBIGNUM                Exponent;
         } RsaPublic;
+
+        /** RTCRKEYTYPE_ECDSA_PUBLIC. */
+        struct
+        {
+            /** The named curve. */
+            RTASN1OBJID             NamedCurve;
+            /** @todo ECPoint. */
+        } EcdsaPublic;
     } u;
 
@@ -119 +127 @@
 DECLHIDDEN(int) rtCrKeyCreateRsaPrivate(PRTCRKEY phKey, const void *pvKeyBits, uint32_t cbKeyBits,
                                         PRTERRINFO pErrInfo, const char *pszErrorTag);
+DECLHIDDEN(int) rtCrKeyCreateEcdsaPublic(PRTCRKEY phKey, PCRTASN1DYNTYPE pParameters,
+                                         const void *pvKeyBits, uint32_t cbKeyBits, PRTERRINFO pErrInfo, const char *pszErrorTag);
 
 #endif /* !IPRT_INCLUDED_SRC_common_crypto_key_internal_h */

trunk/src/VBox/Runtime/common/crypto/key-openssl.cpp

@@ -39 +39 @@
 *   Header Files                                                                                                                 *
 *********************************************************************************************************************************/
+#define LOG_GROUP RTLOGGROUP_CRYPTO
 #include "internal/iprt.h"
 #include <iprt/crypto/key.h>
 
 #include <iprt/err.h>
+#include <iprt/log.h>
+#include <iprt/mem.h>
 #include <iprt/string.h>
 #include <iprt/crypto/digest.h>
@@ -61 +64 @@
 
 /**
+ * Helper that loads key parameters if present.
+ */
+static int rtCrKeyToOpenSslKeyLoadParams(RTCRKEY hKey, int idKeyType, EVP_PKEY **ppEvpNewKey, PRTERRINFO pErrInfo)
+{
+    int rc = VINF_SUCCESS;
+    if (   hKey->enmType == RTCRKEYTYPE_ECDSA_PUBLIC
+        || hKey->enmType == RTCRKEYTYPE_ECDSA_PRIVATE)
+    {
+        void          *pvFree = NULL;
+        const uint8_t *pbRaw  = NULL;
+        uint32_t       cbRaw  = 0;
+        if (hKey->enmType == RTCRKEYTYPE_ECDSA_PUBLIC)
+            rc = RTAsn1EncodeQueryRawBits(&hKey->u.EcdsaPublic.NamedCurve.Asn1Core, &pbRaw, &cbRaw, &pvFree, pErrInfo);
+        else
+            AssertFailedStmt(rc = VERR_NOT_IMPLEMENTED);
+        if (RT_SUCCESS(rc))
+        {
+            const unsigned char *puchParams = pbRaw;
+            EVP_PKEY *pRet = d2i_KeyParams(idKeyType, ppEvpNewKey, &puchParams, cbRaw);
+            if (pRet != NULL && pRet == *ppEvpNewKey)
+                rc = VINF_SUCCESS;
+            else
+                rc = RTERRINFO_LOG_SET(pErrInfo, VERR_CR_PKIX_OSSL_D2I_KEY_PARAMS_FAILED, "d2i_KeyParams failed");
+
+            RTMemTmpFree(pvFree);
+        }
+    }
+    return rc;
+}
+
+
+/**
+ * Helper that loads key bits.
+ */
+static int rtCrKeyToOpenSslKeyLoadKeyBits(RTCRKEY hKey, int idKeyType, EVP_PKEY **ppEvpNewKey,
+                                          bool fNeedPublic, PRTERRINFO pErrInfo)
+{
+    /*
+     * Load the key into the structure.
+     */
+    const unsigned char *puchPublicKey = hKey->pbEncoded;
+    EVP_PKEY *pRet;
+    if (fNeedPublic)
+        pRet = d2i_PublicKey(idKeyType, ppEvpNewKey, &puchPublicKey, hKey->cbEncoded);
+    else
+        pRet = d2i_PrivateKey(idKeyType, ppEvpNewKey, &puchPublicKey, hKey->cbEncoded);
+    if (pRet != NULL && pRet == *ppEvpNewKey)
+        return VINF_SUCCESS;
+
+    /* Bail out: */
+    if (fNeedPublic)
+        return RTERRINFO_LOG_SET(pErrInfo, VERR_CR_PKIX_OSSL_D2I_PUBLIC_KEY_FAILED, "d2i_PublicKey failed");
+    return RTERRINFO_LOG_SET(pErrInfo, VERR_CR_PKIX_OSSL_D2I_PRIVATE_KEY_FAILED, "d2i_PrivateKey failed");
+}
+
+
+/**
  * Creates an OpenSSL key for the given IPRT one, returning the message digest
  * algorithm if desired.
@@ -91 +151 @@
             idKeyType = EVP_PKEY_RSA;
             break;
+
+        case RTCRKEYTYPE_ECDSA_PUBLIC:
+        case RTCRKEYTYPE_ECDSA_PRIVATE:
+            idKeyType = EVP_PKEY_EC;
+            break;
+
         default:
             return RTErrInfoSetF(pErrInfo, VERR_NOT_SUPPORTED, "Unsupported key type: %d", hKey->enmType);
@@ -103 +169 @@
 
     /*
-     * Load the key into the structure.
-     */
-    const unsigned char *puchPublicKey = hKey->pbEncoded;
-    EVP_PKEY *pRet;
-    if (fNeedPublic)
-        *ppEvpKey = pRet = d2i_PublicKey(idKeyType, &pEvpNewKey, &puchPublicKey, hKey->cbEncoded);
-    else
-        *ppEvpKey = pRet = d2i_PrivateKey(idKeyType, &pEvpNewKey, &puchPublicKey, hKey->cbEncoded);
-    if (pRet != NULL && pRet == pEvpNewKey)
-        return VINF_SUCCESS;
-
-    /* Bail out: */
+     * Load key parameters and the key into the EVP structure.
+     */
+    int rc = rtCrKeyToOpenSslKeyLoadParams(hKey, idKeyType, &pEvpNewKey, pErrInfo);
+    if (RT_SUCCESS(rc))
+    {
+        rc = rtCrKeyToOpenSslKeyLoadKeyBits(hKey, idKeyType, &pEvpNewKey, fNeedPublic, pErrInfo);
+        if (RT_SUCCESS(rc))
+        {
+            *ppEvpKey = pEvpNewKey;
+            return rc;
+        }
+    }
     EVP_PKEY_free(pEvpNewKey);
-    return RTErrInfoSet(pErrInfo, VERR_CR_PKIX_OSSL_D2I_PUBLIC_KEY_FAILED,
-                        fNeedPublic ? "d2i_PublicKey failed" : "d2i_PrivateKey failed");
+    return rc;
 }
 
@@ -150 +215 @@
     int iAlgoNid = OBJ_txt2nid(pszAlgoObjId);
     if (iAlgoNid == NID_undef)
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN,
-                             "Unknown public key algorithm [OpenSSL]: %s", pszAlgoObjId);
+        return RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN,
+                                   "Unknown public key algorithm [OpenSSL]: %s", pszAlgoObjId);
     const char *pszAlgoSn = OBJ_nid2sn(iAlgoNid);
 
@@ -158 +223 @@
     int idAlgoMd = 0;
     if (!OBJ_find_sigid_algs(iAlgoNid, &idAlgoMd, &idAlgoPkey))
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
-                             "OBJ_find_sigid_algs failed on %u (%s, %s)", iAlgoNid, pszAlgoSn, pszAlgoObjId);
+        return RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
+                                   "OBJ_find_sigid_algs failed on %u (%s, %s)", iAlgoNid, pszAlgoSn, pszAlgoObjId);
     if (ppEvpMdType)
     {
         const EVP_MD *pEvpMdType = EVP_get_digestbynid(idAlgoMd);
         if (!pEvpMdType)
-            return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
-                                 "EVP_get_digestbynid failed on %d (%s, %s)", idAlgoMd, pszAlgoSn, pszAlgoObjId);
+            return RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
+                                       "EVP_get_digestbynid failed on %d (%s, %s)", idAlgoMd, pszAlgoSn, pszAlgoObjId);
         *ppEvpMdType = pEvpMdType;
     }
@@ -171 +236 @@
     const EVP_MD *pEvpMdType = EVP_get_digestbyname(pszAlgoSn);
     if (!pEvpMdType)
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
-                             "EVP_get_digestbyname failed on %s (%s)", pszAlgoSn, pszAlgoObjId);
+        return RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
+                                   "EVP_get_digestbyname failed on %s (%s)", pszAlgoSn, pszAlgoObjId);
     if (ppEvpMdType)
         *ppEvpMdType = pEvpMdType;
@@ -182 +247 @@
     EVP_PKEY *pEvpNewKey = EVP_PKEY_new();
     if (!pEvpNewKey)
-        return RTErrInfoSetF(pErrInfo, VERR_NO_MEMORY, "EVP_PKEY_new(%d) failed", iAlgoNid);
+        return RTERRINFO_LOG_SET_F(pErrInfo, VERR_NO_MEMORY, "EVP_PKEY_new(%d) failed", iAlgoNid);
 
     int rc;
@@ -196 +261 @@
         {
             /*
-             * Load the key into the structure.
+             * Load key parameters and the key into the EVP structure.
              */
-            const unsigned char *puchPublicKey = hKey->pbEncoded;
-            EVP_PKEY *pRet;
-            if (fNeedPublic)
-                *ppEvpKey = pRet = d2i_PublicKey(idKeyType, &pEvpNewKey, &puchPublicKey, hKey->cbEncoded);
-            else
-                *ppEvpKey = pRet = d2i_PrivateKey(idKeyType, &pEvpNewKey, &puchPublicKey, hKey->cbEncoded);
-            if (pRet != NULL && pRet == pEvpNewKey)
-                return VINF_SUCCESS;
-
-            /* Bail out: */
-            rc = RTErrInfoSet(pErrInfo, VERR_CR_PKIX_OSSL_D2I_PUBLIC_KEY_FAILED,
-                              fNeedPublic ? "d2i_PublicKey failed" : "d2i_PrivateKey failed");
+            rc = rtCrKeyToOpenSslKeyLoadParams(hKey, idKeyType, &pEvpNewKey, pErrInfo);
+            if (RT_SUCCESS(rc))
+            {
+                rc = rtCrKeyToOpenSslKeyLoadKeyBits(hKey, idKeyType, &pEvpNewKey, fNeedPublic, pErrInfo);
+                if (RT_SUCCESS(rc))
+                {
+                    *ppEvpKey = pEvpNewKey;
+                    return rc;
+                }
+            }
         }
         else
 # if OPENSSL_VERSION_NUMBER < 0x10001000 || defined(LIBRESSL_VERSION_NUMBER)
-            rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_type() failed");
+            rc = RTERRINFO_LOG_SET(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_type() failed");
 # else
-            rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_base_id() failed");
+            rc = RTERRINFO_LOG_SET(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_base_id() failed");
     }
     else
-        rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR,
-                           "EVP_PKEY_set_type(%u) failed (sig algo %s)", idAlgoPkey, pszAlgoSn);
+        rc = RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR,
+                                 "EVP_PKEY_set_type(%u) failed (sig algo %s)", idAlgoPkey, pszAlgoSn);
 # endif
 
     EVP_PKEY_free(pEvpNewKey);
+    *ppEvpKey = NULL;
     return rc;
 }

trunk/src/VBox/Runtime/common/crypto/key.cpp

@@ -39 +39 @@
 *   Header Files                                                                                                                 *
 *********************************************************************************************************************************/
+#define LOG_GROUP RTLOGGROUP_CRYPTO
 #include "internal/iprt.h"
 #include <iprt/crypto/key.h>
@@ -45 +46 @@
 #include <iprt/assert.h>
 #include <iprt/err.h>
+#include <iprt/log.h>
 #include <iprt/mem.h>
 #include <iprt/memsafer.h>
@@ -126 +128 @@
     if (RT_SUCCESS(rc))
     {
-       /*
-        * Create a key instance for it.
-        */
+        /*
+         * Create a key instance for it.
+         */
         PRTCRKEYINT pThis;
         rc = rtCrKeyCreateWorker(&pThis, RTCRKEYTYPE_RSA_PUBLIC, RTCRKEYINT_F_PUBLIC, pvKeyBits, cbKeyBits);
@@ -156 +158 @@
 
 
-RTDECL(int) RTCrKeyCreateFromPublicAlgorithmAndBits(PRTCRKEY phKey, PCRTASN1OBJID pAlgorithm, PCRTASN1BITSTRING pPublicKey,
-                                                    PRTERRINFO pErrInfo, const char *pszErrorTag)
+/**
+ * Creates an EC (ECDSA) public key from a DER encoded RTCRX50-PUBLICKEY blob.
+ *
+ * @returns IPRT status code.
+ * @param   phKey       Where to return the key handle.
+ * @param   pParameters The algorithm parameters, typically namedCurve OID.
+ * @param   pvKeyBits   The DER encoded RTCRRSAPUBLICKEY blob.
+ * @param   cbKeyBits   The size of the blob.
+ * @param   pErrInfo    Where to supply addition error details.  Optional.
+ * @param   pszErrorTag Error tag. Optional.
+ */
+DECLHIDDEN(int) rtCrKeyCreateEcdsaPublic(PRTCRKEY phKey, PCRTASN1DYNTYPE pParameters, const void *pvKeyBits, uint32_t cbKeyBits,
+                                         PRTERRINFO pErrInfo, const char *pszErrorTag)
+{
+#if 0
+    /*
+     * Decode the key data first since that's what's most likely to fail here.
+     */
+    RTASN1CURSORPRIMARY PrimaryCursor;
+    RTAsn1CursorInitPrimary(&PrimaryCursor, pvKeyBits, cbKeyBits, pErrInfo, &g_RTAsn1DefaultAllocator,
+                            RTASN1CURSOR_FLAGS_DER, pszErrorTag ? pszErrorTag : "rsa");
+    RTCRRSAPUBLICKEY PublicKey;
+    RT_ZERO(PublicKey);
+    int rc = RTCrRsaPublicKey_DecodeAsn1(&PrimaryCursor.Cursor, 0, &PublicKey, pszErrorTag ? pszErrorTag : "PublicKey");
+#else
+    RT_NOREF(pszErrorTag);
+    int rc = VINF_SUCCESS;
+#endif
+    if (RT_SUCCESS(rc))
+    {
+        /*
+         * Check the parameter (see RTC-5480, section 2.1.1).
+         */
+        if (   pParameters
+            && pParameters->enmType == RTASN1TYPE_OBJID
+            && RTAsn1ObjId_IsPresent(&pParameters->u.ObjId) /* paranoia */)
+        {
+            /*
+             * Create a key instance for it.
+             */
+            PRTCRKEYINT pThis;
+            rc = rtCrKeyCreateWorker(&pThis, RTCRKEYTYPE_ECDSA_PUBLIC, RTCRKEYINT_F_PUBLIC, pvKeyBits, cbKeyBits);
+            if (RT_SUCCESS(rc))
+            {
+                rc = RTAsn1ObjId_Clone(&pThis->u.EcdsaPublic.NamedCurve, &pParameters->u.ObjId, &g_RTAsn1DefaultAllocator);
+                if (RT_SUCCESS(rc))
+                {
+                    /* Done. */
+#if 0
+                    RTAsn1VtDelete(&PublicKey.SeqCore.Asn1Core);
+#endif
+                    *phKey = pThis;
+                    return VINF_SUCCESS;
+                }
+                RTCrKeyRelease(pThis);
+            }
+        }
+        else if (!pParameters || pParameters->enmType == RTASN1TYPE_NOT_PRESENT)
+            rc = RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_KEY_ALGO_PARAMS_MISSING,
+                                     "%s: ECDSA public key expected a namedCurve parameter", pszErrorTag);
+        else if (pParameters->enmType == RTASN1TYPE_NULL)
+            rc = RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_KEY_ALGO_PARAMS_UNKNOWN,
+                                     "%s: ECDSA public key expected a namedCurve parameter, found implicitCurve (NULL) instead",
+                                     pszErrorTag);
+        else
+            rc = RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_KEY_ALGO_PARAMS_UNKNOWN,
+                                     "%s: ECDSA public key expected namedCurve parameter, found %d",
+                                     pszErrorTag, pParameters->enmType);
+#if 0
+        RTAsn1VtDelete(&PublicKey.SeqCore.Asn1Core);
+#endif
+    }
+    *phKey = NIL_RTCRKEY;
+    return rc;
+}
+
+
+RTDECL(int) RTCrKeyCreateFromPublicAlgorithmAndBits(PRTCRKEY phKey, PCRTASN1OBJID pAlgorithm, PCRTASN1DYNTYPE pParameters,
+                                                    PCRTASN1BITSTRING pPublicKey, PRTERRINFO pErrInfo, const char *pszErrorTag)
 {
     /*
@@ -172 +251 @@
 
     /*
-     * Taking a weird shortcut here.
+     * Identify the key type from the algorithm ID
      */
-    PCRTCRPKIXSIGNATUREDESC pDesc = RTCrPkixSignatureFindByObjId(pAlgorithm, NULL);
-    if (pDesc && strcmp(pDesc->pszObjId, RTCRX509ALGORITHMIDENTIFIERID_RSA) == 0)
-        return rtCrKeyCreateRsaPublic(phKey,
-                                      RTASN1BITSTRING_GET_BIT0_PTR(pPublicKey),
-                                      RTASN1BITSTRING_GET_BYTE_SIZE(pPublicKey),
-                                      pErrInfo, pszErrorTag);
-    Assert(pDesc == NULL);
+    const char * const pszEncryptionOid = RTCrX509AlgorithmIdentifier_GetEncryptionOidFromOid(pAlgorithm->szObjId,
+                                                                                              false /*fMustIncludeHash*/);
+    if (pszEncryptionOid)
+    {
+        if (strcmp(pszEncryptionOid, RTCRX509ALGORITHMIDENTIFIERID_RSA) == 0)
+            return rtCrKeyCreateRsaPublic(phKey,
+                                          RTASN1BITSTRING_GET_BIT0_PTR(pPublicKey),
+                                          RTASN1BITSTRING_GET_BYTE_SIZE(pPublicKey),
+                                          pErrInfo, pszErrorTag);
+        if (strcmp(pszEncryptionOid, RTCRX509ALGORITHMIDENTIFIERID_ECDSA) == 0)
+            return rtCrKeyCreateEcdsaPublic(phKey,
+                                            pParameters,
+                                            RTASN1BITSTRING_GET_BIT0_PTR(pPublicKey),
+                                            RTASN1BITSTRING_GET_BYTE_SIZE(pPublicKey),
+                                            pErrInfo, pszErrorTag);
+    }
+    Assert(pszEncryptionOid == NULL);
     return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_NOT_KNOWN, "oid=%s", pAlgorithm->szObjId);
 }
@@ -190 +279 @@
     AssertPtrReturn(pSrc, VERR_INVALID_POINTER);
     AssertReturn(RTCrX509SubjectPublicKeyInfo_IsPresent(pSrc), VERR_INVALID_PARAMETER);
-    return RTCrKeyCreateFromPublicAlgorithmAndBits(phKey, &pSrc->Algorithm.Algorithm, &pSrc->SubjectPublicKey,
-                                                   pErrInfo, pszErrorTag);
+    return RTCrKeyCreateFromPublicAlgorithmAndBits(phKey, &pSrc->Algorithm.Algorithm, &pSrc->Algorithm.Parameters,
+                                                   &pSrc->SubjectPublicKey, pErrInfo, pszErrorTag);
 }
 
@@ -292 +381 @@
             break;
 
+        case RTCRKEYTYPE_ECDSA_PUBLIC:
+            RTAsn1ObjId_Delete(&pThis->u.EcdsaPublic.NamedCurve);
+            break;
+
+        case RTCRKEYTYPE_ECDSA_PRIVATE: /* not yet implemented */
         case RTCRKEYTYPE_INVALID:
         case RTCRKEYTYPE_END:
@@ -394 +488 @@
 }
 
+
+RTDECL(int) RTCrKeyVerifyParameterCompatibility(RTCRKEY hKey, PCRTASN1DYNTYPE pParameters, bool fForSignature,
+                                                PCRTASN1OBJID pAlgorithm, PRTERRINFO pErrInfo)
+{
+    PRTCRKEYINT pThis = hKey;
+    AssertPtrReturn(pThis, VERR_INVALID_HANDLE);
+    AssertReturn(pThis->u32Magic == RTCRKEYINT_MAGIC, VERR_INVALID_HANDLE);
+    RT_NOREF(pAlgorithm);
+
+    switch (pThis->enmType)
+    {
+        /*
+         * No parameters. Ignore NULL.
+         */
+        case RTCRKEYTYPE_RSA_PRIVATE:
+        case RTCRKEYTYPE_RSA_PUBLIC:
+            if (   !pParameters
+                || pParameters->enmType == RTASN1TYPE_NOT_PRESENT
+                || pParameters->enmType == RTASN1TYPE_NULL)
+                return VINF_SUCCESS;
+            return RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_KEY_ALGO_PARAMS_UNEXPECTED,
+                                       "RSA keys does not generally take parameters (enmType=%d)", pParameters->enmType);
+
+        /*
+         * ECDSA requires a parameter.  Currently only the named curve choice is supported.
+         * RFC-3279 section 2.2.3 states that for ecdsa-with-SHA1 the parameter MUST be
+         * omitted.  ASSUMING the same applies to the other ecdsa-with-xxxx variants.
+         */
+        case RTCRKEYTYPE_ECDSA_PUBLIC:
+            if (!fForSignature)
+            {
+                /* Key rules: Parameters required. */
+                if (pParameters)
+                {
+                    if (pParameters->enmType == RTASN1TYPE_OBJID)
+                    {
+                        if (RTAsn1ObjId_Compare(&pParameters->u.ObjId, &pThis->u.EcdsaPublic.NamedCurve) == 0)
+                            return VINF_SUCCESS;
+                        return RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_KEY_ALGO_PARAMS_MISMATCH,
+                                                   "ECDSA NamedCurve difference: %s, key uses %s",
+                                                   pParameters->u.ObjId.szObjId, pThis->u.EcdsaPublic.NamedCurve.szObjId);
+                    }
+                    /* We don't implement the other variants. */
+                    return RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_KEY_ALGO_PARAMS_UNKNOWN,
+                                               "Unexpected ECDSA parameter: enmType=%d", pParameters->enmType);
+                }
+                return RTERRINFO_LOG_SET(pErrInfo, VERR_CR_KEY_ALGO_PARAMS_MISSING, "ECDSA keys requires parameter(s)");
+            }
+
+            /* Hash+ecdsa parameter rules: No parameters */
+            if (   !pParameters
+                || pParameters->enmType == RTASN1TYPE_NOT_PRESENT
+                || pParameters->enmType == RTASN1TYPE_NULL)
+                return VINF_SUCCESS;
+            return RTERRINFO_LOG_SET_F(pErrInfo, VERR_CR_KEY_ALGO_PARAMS_UNEXPECTED,
+                                       "ECDSA signature should have no parameters (enmType=%d)", pParameters->enmType);
+
+        case RTCRKEYTYPE_ECDSA_PRIVATE:
+            AssertFailedReturn(VERR_NOT_IMPLEMENTED);
+
+        case RTCRKEYTYPE_INVALID:
+        case RTCRKEYTYPE_END:
+        case RTCRKEYTYPE_32BIT_HACK:
+            break;
+    }
+    AssertFailedReturn(VERR_INTERNAL_ERROR_5);
+}
+

trunk/src/VBox/Runtime/common/crypto/pkcs7-sanity.cpp

@@ -78 +78 @@
         for (uint32_t i = 0; i < pSignedData->DigestAlgorithms.cItems; i++)
         {
-            if (RTCrX509AlgorithmIdentifier_QueryDigestType(pSignedData->DigestAlgorithms.papItems[i]) == RTDIGESTTYPE_INVALID)
+            if (   RTCrX509AlgorithmIdentifier_GetDigestType(pSignedData->DigestAlgorithms.papItems[i],
+                                                             true /*fPureDigestsOnly*/)
+                == RTDIGESTTYPE_INVALID)
                 return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_UNKNOWN_DIGEST_ALGORITHM,
                                      "%s: SignedData.DigestAlgorithms[%i] is not known: %s",

trunk/src/VBox/Runtime/common/crypto/pkix-sign.cpp

@@ -140 +140 @@
     if (RT_FAILURE(rcIprt))
         return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_NOT_KNOWN,
-                             "Unknown private key algorithm [IPRT]: %s", pAlgorithm->szObjId);
+                             "Unknown private key algorithm [IPRT %Rrc]: %s", rcIprt, pAlgorithm->szObjId);
 
     rcIprt = RTCrPkixSignatureSign(hSignature, hDigest, pvSignature, pcbSignature);
@@ -154 +154 @@
   && (OPENSSL_VERSION_NUMBER > 0x10000000L) /* 0.9.8 doesn't seem to have EVP_PKEY_CTX_set_signature_md. */
 
-    /* Make sure the algorithm includes the digest and isn't just RSA.  */
-    const char *pszAlgObjId = pAlgorithm->szObjId;
-    if (!strcmp(pszAlgObjId, RTCRX509ALGORITHMIDENTIFIERID_RSA))
-    {
-        pszAlgObjId = RTCrX509AlgorithmIdentifier_CombineEncryptionOidAndDigestOid(pszAlgObjId,
-                                                                                   RTCrDigestGetAlgorithmOid(hDigest));
-        AssertMsgStmt(pszAlgObjId, ("enc=%s hash=%s\n", pAlgorithm->szObjId, RTCrDigestGetAlgorithmOid(hDigest)),
-                      pszAlgObjId = RTCrDigestGetAlgorithmOid(hDigest));
-    }
+    /* Make sure the algorithm includes the digest and isn't just RSA, ECDSA or similar.  */
+    const char *pszAlgObjId = RTCrX509AlgorithmIdentifier_CombineEncryptionOidAndDigestOid(pAlgorithm->szObjId,
+                                                                                           RTCrDigestGetAlgorithmOid(hDigest));
+    AssertMsgStmt(pszAlgObjId, ("enc=%s hash=%s\n", pAlgorithm->szObjId, RTCrDigestGetAlgorithmOid(hDigest)),
+                  pszAlgObjId = RTCrDigestGetAlgorithmOid(hDigest));
 
     /* Create an EVP private key. */

trunk/src/VBox/Runtime/common/crypto/pkix-signature-builtin.cpp

@@ -64 +64 @@
 {
     &g_rtCrPkixSigningHashWithRsaDesc,
+#ifdef IPRT_WITH_OPENSSL
+    &g_rtCrPkixSigningHashWithEcdsaDesc,
+#endif
 };
 

trunk/src/VBox/Runtime/common/crypto/pkix-signature-builtin.h

@@ -44 +44 @@
 
 extern DECL_HIDDEN_DATA(RTCRPKIXSIGNATUREDESC const) g_rtCrPkixSigningHashWithRsaDesc;
+#ifdef IPRT_WITH_OPENSSL
+extern DECL_HIDDEN_DATA(RTCRPKIXSIGNATUREDESC const) g_rtCrPkixSigningHashWithEcdsaDesc;
+#endif
 
 #endif /* !IPRT_INCLUDED_SRC_common_crypto_pkix_signature_builtin_h */

trunk/src/VBox/Runtime/common/crypto/pkix-signature-core.cpp

@@ -103 +103 @@
     AssertPtrReturn(phSignature, VERR_INVALID_POINTER);
     AssertPtrReturn(pDesc, VERR_INVALID_POINTER);
-    if (pParams)
-    {
-        AssertPtrReturn(pParams, VERR_INVALID_POINTER);
-        if (   pParams->enmType == RTASN1TYPE_NULL
-            || !RTASN1CORE_IS_PRESENT(&pParams->u.Core))
-            pParams = NULL;
-    }
     uint32_t cKeyRefs = RTCrKeyRetain(hKey);
     AssertReturn(cKeyRefs != UINT32_MAX, VERR_INVALID_HANDLE);
@@ -129 +122 @@
         if (pDesc->pfnInit)
             rc = pDesc->pfnInit(pDesc, pThis->abState, pvOpaque, fSigning, hKey, pParams);
+        else
+            rc = RTCrKeyVerifyParameterCompatibility(hKey, pParams, true /*fForSignature*/,
+                                                     NULL /*pAlgorithm*/, NULL /*pErrInfo*/);
         if (RT_SUCCESS(rc))
         {

trunk/src/VBox/Runtime/common/crypto/pkix-signature-rsa.cpp

@@ -179 +179 @@
     RT_NOREF_PV(pDesc); RT_NOREF_PV(pvState); RT_NOREF_PV(pvOpaque);
 
-    if (pParams)
+    if (   !pParams
+        || pParams->enmType == RTASN1TYPE_NULL
+        || pParams->enmType == RTASN1TYPE_NOT_PRESENT)
+    { /* likely */ }
+    else
         return VERR_CR_PKIX_SIGNATURE_TAKES_NO_PARAMETERS;
 
@@ -479 +483 @@
     RTCR_PKCS1_SHA512T224_WITH_RSA_OID,
     RTCR_PKCS1_SHA512T256_WITH_RSA_OID,
+    RTCR_NIST_SHA3_224_WITH_RSA_OID,
+    RTCR_NIST_SHA3_256_WITH_RSA_OID,
+    RTCR_NIST_SHA3_384_WITH_RSA_OID,
+    RTCR_NIST_SHA3_512_WITH_RSA_OID,
     /* Note: Note quite sure about these OIW oddballs. */
     "1.3.14.3.2.11" /* OIW rsaSignature */,

trunk/src/VBox/Runtime/common/crypto/pkix-util.cpp

@@ -45 +45 @@
 #include <iprt/assert.h>
 #include <iprt/err.h>
-#include <iprt/string.h>
 #include <iprt/crypto/rsa.h>
 
-#ifdef IPRT_WITH_OPENSSL
-# include "internal/iprt-openssl.h"
-# include "internal/openssl-pre.h"
-# include <openssl/evp.h>
-# include "internal/openssl-post.h"
-#endif
 
-
+RTDECL(const char *) RTCrPkixGetCiperOidFromSignatureAlgorithmOid(const char *pszSignatureOid)
+{
+    return RTCrX509AlgorithmIdentifier_GetEncryptionOidFromOid(pszSignatureOid, true /*fMustIncludeHash*/);
+}
 
 
 RTDECL(const char *) RTCrPkixGetCiperOidFromSignatureAlgorithm(PCRTASN1OBJID pAlgorithm)
 {
-    /*
-     * This is all hardcoded, at least for the time being.
-     */
-    if (RTAsn1ObjId_StartsWith(pAlgorithm, RTCR_PKCS1_OID))
-    {
-        if (RTAsn1ObjIdCountComponents(pAlgorithm) == 7)
-            switch (RTAsn1ObjIdGetLastComponentsAsUInt32(pAlgorithm))
-            {
-                case 2:
-                case 3:
-                case 4:
-                case 5:
-                case 11:
-                case 12:
-                case 13:
-                case 14:
-                    return RTCR_PKCS1_RSA_OID;
-                case 1: AssertFailed();
-                    RT_FALL_THRU();
-                default:
-                    return NULL;
-            }
-    }
-    /*
-     * OIW oddballs.
-     */
-    else if (RTAsn1ObjId_StartsWith(pAlgorithm, "1.3.14.3.2"))
-    {
-        if (RTAsn1ObjIdCountComponents(pAlgorithm) == 6)
-            switch (RTAsn1ObjIdGetLastComponentsAsUInt32(pAlgorithm))
-            {
-                case 11:
-                case 14:
-                case 15:
-                case 24:
-                case 25:
-                case 29:
-                    return RTCR_PKCS1_RSA_OID;
-                default:
-                    return NULL;
-            }
-    }
-
-
-    return NULL;
+    return RTCrX509AlgorithmIdentifier_GetEncryptionOidFromOid(pAlgorithm->szObjId, true /*fMustIncludeHash*/);
 }
 
@@ -138 +90 @@
         else
         {
+            /** @todo ECDSA when adding signing support.  */
             RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_NOT_KNOWN, "%s", pPublicKeyInfo->Algorithm.Algorithm.szObjId);
             AssertMsgFailed(("unknown key algorithm: %s\n", pPublicKeyInfo->Algorithm.Algorithm.szObjId));

trunk/src/VBox/Runtime/common/crypto/pkix-verify.cpp

@@ -69 +69 @@
     AssertReturn(RTAsn1ObjId_IsPresent(pAlgorithm), VERR_INVALID_POINTER);
 
-    if (pParameters)
-    {
-        AssertPtrReturn(pParameters, VERR_INVALID_POINTER);
-        if (pParameters->enmType == RTASN1TYPE_NULL)
-            pParameters = NULL;
-    }
-
     AssertPtrReturn(hPublicKey, VERR_INVALID_POINTER);
     Assert(RTCrKeyHasPublicPart(hPublicKey));
+    RTCRKEYTYPE const enmKeyType = RTCrKeyGetType(hPublicKey);
+    AssertReturn(enmKeyType != RTCRKEYTYPE_INVALID, VERR_INVALID_HANDLE);
 
     AssertPtrReturn(pSignatureValue, VERR_INVALID_POINTER);
@@ -86 +81 @@
 
     /*
-     * Parameters are not currently supported (openssl code path).
-     */
-    if (pParameters)
-        return RTErrInfoSet(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_PARAMS_NOT_IMPL,
-                            "Cipher algorithm parameters are not yet supported.");
+     * Verify that the parameters are compatible with the key.  We ASSUME the
+     * parameters are for a hash+cryption combination, like those found in
+     * RTCRX509TBSCERTIFICATE::Signature.  At present, these should NULL (or
+     * absent) for the two key types we support RSA & ECDSA, which is an
+     * ASSUMPTION by the OpenSSL code below.
+     */
+    int rcIprt = RTCrKeyVerifyParameterCompatibility(hPublicKey, pParameters, true /*fForSignature*/, pAlgorithm, pErrInfo);
+    AssertRCReturn(rcIprt, rcIprt);
 
     /*
@@ -96 +94 @@
      */
     RTCRPKIXSIGNATURE hSignature;
-    int rcIprt = RTCrPkixSignatureCreateByObjId(&hSignature, pAlgorithm, hPublicKey, pParameters, false /*fSigning*/);
+    rcIprt = RTCrPkixSignatureCreateByObjId(&hSignature, pAlgorithm, hPublicKey, pParameters, false /*fSigning*/);
     if (RT_FAILURE(rcIprt))
         return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_NOT_KNOWN,
-                             "Unknown public key algorithm [IPRT]: %s", pAlgorithm->szObjId);
+                             "Unknown public key algorithm [IPRT %Rrc]: %s", rcIprt, pAlgorithm->szObjId);
 
     RTCRDIGEST hDigest;
@@ -122 +120 @@
 
 #ifdef IPRT_WITH_OPENSSL
+    /* We don't implement digest+cipher parameters in OpenSSL (or at all),
+       RTCrKeyVerifyParameterCompatibility should ensure we don't get here
+       (ASSUMING only RSA and ECDSA keys). But, just in case, bail out if we do. */
+    AssertReturn(   !pParameters
+                 || pParameters->enmType == RTASN1TYPE_NULL
+                 || pParameters->enmType == RTASN1TYPE_NOT_PRESENT,
+                 VERR_CR_PKIX_CIPHER_ALGO_PARAMS_NOT_IMPL);
+
     /*
      * Validate using OpenSSL EVP.
@@ -187 +193 @@
     AssertReturn(RTAsn1ObjId_IsPresent(pAlgorithm), VERR_INVALID_POINTER);
 
-    if (pParameters)
-    {
-        AssertPtrReturn(pParameters, VERR_INVALID_POINTER);
-        if (pParameters->enmType == RTASN1TYPE_NULL)
-            pParameters = NULL;
-    }
-
     AssertPtrReturn(hPublicKey, VERR_INVALID_POINTER);
     Assert(RTCrKeyHasPublicPart(hPublicKey));
+    RTCRKEYTYPE const enmKeyType = RTCrKeyGetType(hPublicKey);
+    AssertReturn(enmKeyType != RTCRKEYTYPE_INVALID, VERR_INVALID_HANDLE);
 
     AssertPtrReturn(pvSignedDigest, VERR_INVALID_POINTER);
@@ -203 +204 @@
 
     /*
-     * Parameters are not currently supported (openssl code path).
-     */
-    if (pParameters)
-        return RTErrInfoSet(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_PARAMS_NOT_IMPL,
-                            "Cipher algorithm parameters are not yet supported.");
+     * Verify that the parameters are compatible with the key.  We ASSUME the
+     * parameters are for a hash+cryption combination, like those found in
+     * RTCRX509TBSCERTIFICATE::Signature.  At present, these should NULL (or
+     * absent) for the two key types we support RSA & ECDSA, which is an
+     * ASSUMPTION by the OpenSSL code below.
+     */
+    int rcIprt = RTCrKeyVerifyParameterCompatibility(hPublicKey, pParameters, true /*fForSignature*/, pAlgorithm, pErrInfo);
+    AssertRCReturn(rcIprt, rcIprt);
 
     /*
@@ -213 +217 @@
      */
     RTCRPKIXSIGNATURE hSignature;
-    int rcIprt = RTCrPkixSignatureCreateByObjId(&hSignature, pAlgorithm, hPublicKey, pParameters, false /*fSigning*/);
+    rcIprt = RTCrPkixSignatureCreateByObjId(&hSignature, pAlgorithm, hPublicKey, pParameters, false /*fSigning*/);
     if (RT_FAILURE(rcIprt))
         return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_NOT_KNOWN,
-                             "Unknown public key algorithm [IPRT]: %s", pAlgorithm->szObjId);
+                             "Unknown public key algorithm [IPRT %Rrc]: %s", rcIprt, pAlgorithm->szObjId);
 
     rcIprt = RTCrPkixSignatureVerify(hSignature, hDigest, pvSignedDigest, cbSignedDigest);
@@ -229 +233 @@
      * Validate using OpenSSL EVP.
      */
-    /* Combine encryption and digest if the algorithm doesn't specify the digest type. */
-    const char *pszAlgObjId = pAlgorithm->szObjId;
-    if (!strcmp(pszAlgObjId, RTCRX509ALGORITHMIDENTIFIERID_RSA))
-    {
-        pszAlgObjId = RTCrX509AlgorithmIdentifier_CombineEncryptionOidAndDigestOid(pszAlgObjId,
-                                                                                   RTCrDigestGetAlgorithmOid(hDigest));
-        AssertMsgStmt(pszAlgObjId, ("enc=%s hash=%s\n", pAlgorithm->szObjId, RTCrDigestGetAlgorithmOid(hDigest)),
-                      pszAlgObjId = RTCrDigestGetAlgorithmOid(hDigest));
-    }
+    /* Make sure the algorithm includes the digest and isn't just RSA, ECDSA or similar.  */
+    const char *pszAlgObjId = RTCrX509AlgorithmIdentifier_CombineEncryptionOidAndDigestOid(pAlgorithm->szObjId,
+                                                                                           RTCrDigestGetAlgorithmOid(hDigest));
+    AssertMsgStmt(pszAlgObjId, ("enc=%s hash=%s\n", pAlgorithm->szObjId, RTCrDigestGetAlgorithmOid(hDigest)),
+                  pszAlgObjId = RTCrDigestGetAlgorithmOid(hDigest));
+
+    /* We don't implement digest+cipher parameters in OpenSSL (or at all),
+       RTCrKeyVerifyParameterCompatibility should ensure we don't get here
+       (ASSUMING only RSA and ECDSA keys). But, just in case, bail out if we do. */
+    AssertReturn(   !pParameters
+                 || pParameters->enmType == RTASN1TYPE_NULL
+                 || pParameters->enmType == RTASN1TYPE_NOT_PRESENT,
+                 VERR_CR_PKIX_CIPHER_ALGO_PARAMS_NOT_IMPL);
 
     /* Create an EVP public key. */
@@ -305 +313 @@
     RTCRKEY hPublicKey;
     int rc = RTCrKeyCreateFromPublicAlgorithmAndBits(&hPublicKey, &pCertPubKeyInfo->Algorithm.Algorithm,
+                                                     &pCertPubKeyInfo->Algorithm.Parameters,
                                                      &pCertPubKeyInfo->SubjectPublicKey, pErrInfo, NULL);
     if (RT_SUCCESS(rc))
     {
-        rc = RTCrPkixPubKeyVerifySignedDigest(&pCertPubKeyInfo->Algorithm.Algorithm, hPublicKey,
-                                              &pCertPubKeyInfo->Algorithm.Parameters, pvSignedDigest, cbSignedDigest,
-                                              hDigest, pErrInfo);
+        /** @todo r=bird (2023-07-06): This ASSUMES no digest+cipher parameters, which
+         *        is the case for RSA and ECDSA. */
+        rc = RTCrPkixPubKeyVerifySignedDigest(&pCertPubKeyInfo->Algorithm.Algorithm, hPublicKey, NULL,
+                                              pvSignedDigest, cbSignedDigest, hDigest, pErrInfo);
 
         uint32_t cRefs = RTCrKeyRelease(hPublicKey);

trunk/src/VBox/Runtime/common/crypto/spc-sanity.cpp

@@ -82 +82 @@
     if (fFlags & RTCRSPCINDIRECTDATACONTENT_SANITY_F_ONLY_KNOWN_HASH)
     {
-        if (RTCrX509AlgorithmIdentifier_QueryDigestType(&pIndData->DigestInfo.DigestAlgorithm) == RTDIGESTTYPE_INVALID)
+        if (   RTCrX509AlgorithmIdentifier_GetDigestType(&pIndData->DigestInfo.DigestAlgorithm, true /*fPureDigestsOnly*/)
+            == RTDIGESTTYPE_INVALID)
             return RTErrInfoSetF(pErrInfo, VERR_CR_SPC_UNKNOWN_DIGEST_ALGO,
                                  "SpcIndirectDataContent DigestAlgortihm is not known: %s",
@@ -88 +89 @@
     }
 
-    uint32_t cbDigest = RTCrX509AlgorithmIdentifier_QueryDigestSize(&pIndData->DigestInfo.DigestAlgorithm);
+    uint32_t cbDigest = RTCrX509AlgorithmIdentifier_GetDigestSize(&pIndData->DigestInfo.DigestAlgorithm,
+                                                                  true /*fPureDigestsOnly*/);
     if (   pIndData->DigestInfo.Digest.Asn1Core.cb != cbDigest
         && (cbDigest != UINT32_MAX || (fFlags & RTCRSPCINDIRECTDATACONTENT_SANITY_F_ONLY_KNOWN_HASH)))

trunk/src/VBox/Runtime/common/crypto/x509-core.cpp

@@ -45 +45 @@
 #include <iprt/string.h>
 #include <iprt/uni.h>
+#include <iprt/crypto/pkix.h>
+#ifdef RT_STRICT
+# include <iprt/crypto/digest.h>
+#endif
 
 #include "x509-internal.h"
+
+
+/*********************************************************************************************************************************
+*   Internal Functions                                                                                                           *
+*********************************************************************************************************************************/
+#ifdef RT_STRICT
+static void rtCrX509AlgorithmIdentifier_AssertTableSanityAndMore(void);
+#endif
 
 
@@ -73 +85 @@
  */
 
-RTDECL(RTDIGESTTYPE) RTCrX509AlgorithmIdentifier_QueryDigestType(PCRTCRX509ALGORITHMIDENTIFIER pThis)
+/**
+ * String table with the encryption OIDs (used by g_aSignatureOidInfo).
+ */
+static const char * const g_apszEncryptionOids[] =
+{
+    NULL,
+#define IDX_ENCRYPTION_NIL      0
+    RTCR_X962_ECDSA_OID,
+#define IDX_ENCRYPTION_ECDSA    1
+    RTCR_PKCS1_RSA_OID,
+#define IDX_ENCRYPTION_RSA      2
+};
+
+/**
+ * Information about an algorithm identifier.
+ */
+typedef struct RTCRX509ALGORITHIDENTIFIERINTERNALINFO
+{
+    /** The signature OID. */
+    const char     *pszSignatureOid;
+    /** Index into g_apszEncryptionOids of the encryption ODI.
+     * This is IDX_ENCRYPTION_NIL for hashes. */
+    uint8_t         idxEncryption;
+    /** The message digest type specified by the OID.
+     * This is set to RTDIGESTTYPE_INVALID in two cases:
+     *      1. Pure encryption algorithm OID (cBitsDigest also zero).
+     *      2. The hash is so esoteric that IPRT doesn't support it. */
+    uint8_t         enmDigestType;
+    /** The digest size in bits.
+     * This is ZERO if the OID does not include an hash. */
+    uint16_t        cBitsDigest;
+} RTCRX509ALGORITHIDENTIFIERINTERNALINFO;
+typedef RTCRX509ALGORITHIDENTIFIERINTERNALINFO const *PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO;
+
+/**
+ * Signature to encryption OID.
+ *
+ * @note This is sorted to allow binary searching.
+ * @note This origins in pkix-utils.cpp, which is why it uses the other set of
+ *       OID defines.
+ */
+static RTCRX509ALGORITHIDENTIFIERINTERNALINFO const g_aSignatureOidInfo[] =
+{
+    { /*1.0.10118.3.0.55*/     RTCRX509ALGORITHMIDENTIFIERID_WHIRLPOOL, IDX_ENCRYPTION_NIL,   RTDIGESTTYPE_INVALID,    512, },
+
+    { /*1.2.840.10045.2.1    */     RTCR_X962_ECDSA_OID,                IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_INVALID,    0, },
+    { /*1.2.840.10045.4.1    */     RTCR_X962_ECDSA_WITH_SHA1_OID,      IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_SHA1,       160, },
+    { /*1.2.840.10045.4.3.1  */     RTCR_X962_ECDSA_WITH_SHA224_OID,    IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_SHA224,     224, },
+    { /*1.2.840.10045.4.3.2  */     RTCR_X962_ECDSA_WITH_SHA256_OID,    IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_SHA256,     256, },
+    { /*1.2.840.10045.4.3.3  */     RTCR_X962_ECDSA_WITH_SHA384_OID,    IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_SHA384,     384, },
+    { /*1.2.840.10045.4.3.4  */     RTCR_X962_ECDSA_WITH_SHA512_OID,    IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_SHA512,     512, },
+
+    { /*1.2.840.113549.1.1.1 */     RTCR_PKCS1_RSA_OID,                 IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_INVALID,    0, },
+    { /*1.2.840.113549.1.1.11*/     RTCR_PKCS1_SHA256_WITH_RSA_OID,     IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA256,     256, },
+    { /*1.2.840.113549.1.1.12*/     RTCR_PKCS1_SHA384_WITH_RSA_OID,     IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA384,     384, },
+    { /*1.2.840.113549.1.1.13*/     RTCR_PKCS1_SHA512_WITH_RSA_OID,     IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA512,     512, },
+    { /*1.2.840.113549.1.1.14*/     RTCR_PKCS1_SHA224_WITH_RSA_OID,     IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA224,     224, },
+    { /*1.2.840.113549.1.1.15*/     RTCR_PKCS1_SHA512T224_WITH_RSA_OID, IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA512T224, 224, },
+    { /*1.2.840.113549.1.1.16*/     RTCR_PKCS1_SHA512T256_WITH_RSA_OID, IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA512T256, 256, },
+    { /*1.2.840.113549.1.1.2*/      RTCR_PKCS1_MD2_WITH_RSA_OID,        IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_MD2,        128, },
+    { /*1.2.840.113549.1.1.3*/      RTCR_PKCS1_MD4_WITH_RSA_OID,        IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_MD4,        128, },
+    { /*1.2.840.113549.1.1.4*/      RTCR_PKCS1_MD5_WITH_RSA_OID,        IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_MD5,        128, },
+    { /*1.2.840.113549.1.1.5*/      RTCR_PKCS1_SHA1_WITH_RSA_OID,       IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA1,       160, },
+
+    { /*1.2.840.113549.2.2*/        RTCRX509ALGORITHMIDENTIFIERID_MD2,  IDX_ENCRYPTION_NIL,   RTDIGESTTYPE_MD2,        128, },
+    { /*1.2.840.113549.2.4*/        RTCRX509ALGORITHMIDENTIFIERID_MD4,  IDX_ENCRYPTION_NIL,   RTDIGESTTYPE_MD4,        128, },
+    { /*1.2.840.113549.2.5*/        RTCRX509ALGORITHMIDENTIFIERID_MD5,  IDX_ENCRYPTION_NIL,   RTDIGESTTYPE_MD5,        128, },
+
+    /* oddballs for which we don't support the padding (skip?): */
+  //{  "1.3.14.3.2.11"                                /*rsaSignature*/, IDX_ENCRYPTION_RSA/*?*/, RTDIGESTTYPE_INVALID, 0, },
+    {  "1.3.14.3.2.14"      /*mdc2WithRSASignature w/ 9796-2 padding*/, IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_INVALID,    0, },
+  //{  "1.3.14.3.2.15"      /*sha0WithRSASignature w/ 9796-2 padding*/, IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_INVALID,    160, },
+    {  "1.3.14.3.2.24"       /*md2WithRSASignature w/ 9796-2 padding*/, IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_MD2,        128, },
+    {  "1.3.14.3.2.25"       /*md5WithRSASignature w/ 9796-2 padding*/, IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_MD5,        128, },
+    { /*1.3.14.3.2.26*/             RTCRX509ALGORITHMIDENTIFIERID_SHA1, IDX_ENCRYPTION_NIL,   RTDIGESTTYPE_SHA1,       160, },
+    {  "1.3.14.3.2.29"           /*sha1WithRSAEncryption (obsolete?)*/, IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA1,       160, },
+
+    { /*2.16.840.1.101.3.4.2.1*/  RTCRX509ALGORITHMIDENTIFIERID_SHA256, IDX_ENCRYPTION_NIL,   RTDIGESTTYPE_SHA256,     256, },
+    { /*2.16.840.1.101.3.4.2.10*/ RTCRX509ALGORITHMIDENTIFIERID_SHA3_512, IDX_ENCRYPTION_NIL, RTDIGESTTYPE_SHA3_512,   512, },
+    { /*2.16.840.1.101.3.4.2.2*/  RTCRX509ALGORITHMIDENTIFIERID_SHA384, IDX_ENCRYPTION_NIL,   RTDIGESTTYPE_SHA384,     384, },
+    { /*2.16.840.1.101.3.4.2.3*/  RTCRX509ALGORITHMIDENTIFIERID_SHA512, IDX_ENCRYPTION_NIL,   RTDIGESTTYPE_SHA512,     512, },
+    { /*2.16.840.1.101.3.4.2.4*/  RTCRX509ALGORITHMIDENTIFIERID_SHA224, IDX_ENCRYPTION_NIL,   RTDIGESTTYPE_SHA224,     224, },
+    { /*2.16.840.1.101.3.4.2.5*/ RTCRX509ALGORITHMIDENTIFIERID_SHA512T224,IDX_ENCRYPTION_NIL, RTDIGESTTYPE_SHA512T224, 224, },
+    { /*2.16.840.1.101.3.4.2.6*/ RTCRX509ALGORITHMIDENTIFIERID_SHA512T256,IDX_ENCRYPTION_NIL, RTDIGESTTYPE_SHA512T256, 256, },
+    { /*2.16.840.1.101.3.4.2.7*/  RTCRX509ALGORITHMIDENTIFIERID_SHA3_224, IDX_ENCRYPTION_NIL, RTDIGESTTYPE_SHA3_224,   224, },
+    { /*2.16.840.1.101.3.4.2.8*/  RTCRX509ALGORITHMIDENTIFIERID_SHA3_256, IDX_ENCRYPTION_NIL, RTDIGESTTYPE_SHA3_256,   256, },
+    { /*2.16.840.1.101.3.4.2.9*/  RTCRX509ALGORITHMIDENTIFIERID_SHA3_384, IDX_ENCRYPTION_NIL, RTDIGESTTYPE_SHA3_384,   384, },
+
+    { /*2.16.840.1.101.3.4.3.10*/   RTCR_NIST_SHA3_256_WITH_ECDSA_OID,  IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_SHA3_256,   256, },
+    { /*2.16.840.1.101.3.4.3.11*/   RTCR_NIST_SHA3_384_WITH_ECDSA_OID,  IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_SHA3_384,   384, },
+    { /*2.16.840.1.101.3.4.3.12*/   RTCR_NIST_SHA3_512_WITH_ECDSA_OID,  IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_SHA3_512,   512, },
+    { /*2.16.840.1.101.3.4.3.13*/   RTCR_NIST_SHA3_224_WITH_RSA_OID,    IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA3_224,   224, },
+    { /*2.16.840.1.101.3.4.3.14*/   RTCR_NIST_SHA3_256_WITH_RSA_OID,    IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA3_256,   256, },
+    { /*2.16.840.1.101.3.4.3.15*/   RTCR_NIST_SHA3_384_WITH_RSA_OID,    IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA3_384,   384, },
+    { /*2.16.840.1.101.3.4.3.16*/   RTCR_NIST_SHA3_512_WITH_RSA_OID,    IDX_ENCRYPTION_RSA,   RTDIGESTTYPE_SHA3_512,   512, },
+    { /*2.16.840.1.101.3.4.3.9*/    RTCR_NIST_SHA3_224_WITH_ECDSA_OID,  IDX_ENCRYPTION_ECDSA, RTDIGESTTYPE_SHA3_224,   224, },
+};
+
+/**
+ * Encryption and digest combining.
+ *
+ * This is a subset of g_aSignatureOidInfo.
+ * @todo Organize this more efficiently...
+ */
+typedef struct RTCRX509ALGORITHIDENTIFIERCOMBINING
+{
+    const char *pszDigestOid;
+    const char *pszEncryptedDigestOid;
+} RTCRX509ALGORITHIDENTIFIERCOMBINING;
+typedef RTCRX509ALGORITHIDENTIFIERCOMBINING const *PCRTCRX509ALGORITHIDENTIFIERCOMBINING;
+
+#undef MY_COMBINE
+#define MY_COMBINE(a_Encrypt, a_Digest) \
+        { RTCRX509ALGORITHMIDENTIFIERID_ ## a_Digest, \
+          RTCRX509ALGORITHMIDENTIFIERID_ ## a_Digest ## _WITH_ ## a_Encrypt }
+
+/** Digest and encryption combinations for ECDSA. */
+static RTCRX509ALGORITHIDENTIFIERCOMBINING const g_aDigestAndEncryptionEcdsa[] =
+{
+    MY_COMBINE(ECDSA, SHA1),
+    MY_COMBINE(ECDSA, SHA224),
+    MY_COMBINE(ECDSA, SHA256),
+    MY_COMBINE(ECDSA, SHA384),
+    MY_COMBINE(ECDSA, SHA512),
+    MY_COMBINE(ECDSA, SHA3_224),
+    MY_COMBINE(ECDSA, SHA3_256),
+    MY_COMBINE(ECDSA, SHA3_384),
+    MY_COMBINE(ECDSA, SHA3_512),
+};
+
+/** Digest and encryption combinations for RSA. */
+static RTCRX509ALGORITHIDENTIFIERCOMBINING const g_aDigestAndEncryptionRsa[] =
+{
+    MY_COMBINE(RSA, SHA1),
+    MY_COMBINE(RSA, SHA256),
+    MY_COMBINE(RSA, SHA512),
+    MY_COMBINE(RSA, SHA384),
+    MY_COMBINE(RSA, MD5),
+    MY_COMBINE(RSA, MD2),
+    MY_COMBINE(RSA, MD4),
+    MY_COMBINE(RSA, SHA224),
+    MY_COMBINE(RSA, SHA512T224),
+    MY_COMBINE(RSA, SHA512T256),
+    MY_COMBINE(RSA, SHA3_224),
+    MY_COMBINE(RSA, SHA3_256),
+    MY_COMBINE(RSA, SHA3_384),
+    MY_COMBINE(RSA, SHA3_512),
+};
+
+#undef MY_COMBINE
+
+/**
+ * Table running parallel to g_apszEncryptionOids.
+ */
+static struct
+{
+    PCRTCRX509ALGORITHIDENTIFIERCOMBINING   paCombinations;
+    size_t                                  cCombinations;
+} const g_aDigestAndEncryption[] =
+{
+    /* [IDX_ENCRYPTION_NIL]   = */ { NULL, 0 },
+    /* [IDX_ENCRYPTION_ECDSA] = */ { &g_aDigestAndEncryptionEcdsa[0], RT_ELEMENTS(g_aDigestAndEncryptionEcdsa) },
+    /* [IDX_ENCRYPTION_RSA]   = */ { &g_aDigestAndEncryptionRsa[0],   RT_ELEMENTS(g_aDigestAndEncryptionRsa) },
+};
+AssertCompile(IDX_ENCRYPTION_NIL == 0 && IDX_ENCRYPTION_ECDSA == 1 && IDX_ENCRYPTION_RSA == 2);
+
+
+/**
+ * Looks up info we've got on a algorithm identifier.
+ */
+static PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO rtCrX509AlgorithmIdentifier_LookupInfoByOid(const char *pszSignatureOid)
+{
+#ifdef RT_STRICT
+    /*
+     * Do internal santiy checking on first call.
+     */
+    static bool volatile s_fChecked = false;
+    if (RT_LIKELY(s_fChecked))
+    { /* likely */ }
+    else
+    {
+        s_fChecked = true; /* Must be set before the call, as the callee will calls us again. */
+        rtCrX509AlgorithmIdentifier_AssertTableSanityAndMore();
+    }
+#endif
+
+    /*
+     * Do a binary search of g_aSignatureOidInfo.
+     */
+    size_t iFirst = 0;
+    size_t iEnd   = RT_ELEMENTS(g_aSignatureOidInfo);
+    for (;;)
+    {
+        size_t const i     = iFirst + (iEnd - iFirst) / 2;
+        int const    iDiff = strcmp(pszSignatureOid, g_aSignatureOidInfo[i].pszSignatureOid);
+        if (iDiff < 0)
+        {
+            if (i > iFirst)
+                iEnd = i;
+            else
+                return NULL;
+        }
+        else if (iDiff > 0)
+        {
+            if (i + 1 < iEnd)
+                iFirst = i + 1;
+            else
+                return NULL;
+        }
+        else
+            return &g_aSignatureOidInfo[i];
+    }
+}
+
+#ifdef RT_STRICT
+/**
+ * Check that the g_aSignatureOidInfo and g_aDigestAndEncryption makes sense and
+ * matches up with one another and other IPRT information sources.
+ */
+static void rtCrX509AlgorithmIdentifier_AssertTableSanityAndMore(void)
+{
+    /* Check that binary searching work and that digest info matches up: */
+    for (size_t i = 1; i < RT_ELEMENTS(g_aSignatureOidInfo); i++)
+        Assert(strcmp(g_aSignatureOidInfo[i].pszSignatureOid, g_aSignatureOidInfo[i - 1].pszSignatureOid) > 0);
+    for (size_t i = 0; i < RT_ELEMENTS(g_aSignatureOidInfo); i++)
+    {
+        PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pInfo
+            = rtCrX509AlgorithmIdentifier_LookupInfoByOid(g_aSignatureOidInfo[i].pszSignatureOid);
+        Assert(pInfo && pInfo->pszSignatureOid == g_aSignatureOidInfo[i].pszSignatureOid);
+
+        /* If the digest type is RTDIGESTTYPE_INVALID, we must have an pure encryption entry or an obscure hash function. */
+        if (g_aSignatureOidInfo[i].enmDigestType != RTDIGESTTYPE_INVALID)
+            Assert(   RTCrDigestTypeToHashSize((RTDIGESTTYPE)g_aSignatureOidInfo[i].enmDigestType) * 8
+                   == g_aSignatureOidInfo[i].cBitsDigest);
+        else
+            Assert(g_aSignatureOidInfo[i].cBitsDigest == 0 || g_aSignatureOidInfo[i].idxEncryption == IDX_ENCRYPTION_NIL);
+
+# ifdef IN_RING3
+        /* Check with the RTCrDigestFindByObjIdString API: */
+        RTDIGESTTYPE enmDigestType2 = (RTDIGESTTYPE)g_aSignatureOidInfo[i].enmDigestType;
+#  if defined(IPRT_WITHOUT_DIGEST_MD2) || defined(IPRT_WITHOUT_DIGEST_MD4) || defined(IPRT_WITHOUT_DIGEST_MD5) \
+|| defined(IPRT_WITHOUT_SHA512T224) || defined(IPRT_WITHOUT_SHA512T256) || defined(IPRT_WITHOUT_SHA3)
+        switch (enmDigestType2)
+        {
+            default: break;
+#   ifdef IPRT_WITHOUT_DIGEST_MD2
+            case RTDIGESTTYPE_MD2:
+#   endif
+#   ifdef IPRT_WITHOUT_DIGEST_MD4
+            case RTDIGESTTYPE_MD4:
+#   endif
+#   ifdef IPRT_WITHOUT_DIGEST_MD5
+            case RTDIGESTTYPE_MD5:
+#   endif
+#   ifdef IPRT_WITHOUT_SHA512T224
+            case RTDIGESTTYPE_SHA512T224:
+#   endif
+#   ifdef IPRT_WITHOUT_SHA512T256
+            case RTDIGESTTYPE_SHA512T256:
+#   endif
+#   ifdef IPRT_WITHOUT_SHA3
+            case RTDIGESTTYPE_SHA3_224:
+            case RTDIGESTTYPE_SHA3_256:
+            case RTDIGESTTYPE_SHA3_384:
+            case RTDIGESTTYPE_SHA3_512:
+#   endif
+                enmDigestType2 = RTDIGESTTYPE_INVALID;
+                break;
+        }
+#  endif
+        PCRTCRDIGESTDESC const pDigestDesc = RTCrDigestFindByObjIdString(g_aSignatureOidInfo[i].pszSignatureOid,
+                                                                         NULL /*ppvOpaque*/);
+        if (pDigestDesc)
+        {
+            AssertMsg(pDigestDesc->enmType == enmDigestType2,
+                      ("%s pDigestDesc=%s enmDigestType2=%s\n",  g_aSignatureOidInfo[i].pszSignatureOid,
+                       RTCrDigestTypeToName(pDigestDesc->enmType), RTCrDigestTypeToName(enmDigestType2)));
+            Assert(pDigestDesc->cbHash * 8 == g_aSignatureOidInfo[i].cBitsDigest);
+        }
+        else
+            AssertMsg(enmDigestType2 == RTDIGESTTYPE_INVALID,
+                      ("%s enmDigestType2=%s\n", g_aSignatureOidInfo[i].pszSignatureOid, RTCrDigestTypeToName(enmDigestType2)));
+# endif /* IN_RING3 */
+
+
+# ifdef IN_RING3
+        /* Look it up the encryption descriptor. */
+        const char * const pszCheckEncryptId = g_apszEncryptionOids[g_aSignatureOidInfo[i].idxEncryption];
+        PCRTCRPKIXSIGNATUREDESC const pSigDesc = RTCrPkixSignatureFindByObjIdString(g_aSignatureOidInfo[i].pszSignatureOid,
+                                                                                    NULL /*ppvOpaque*/);
+        if (pSigDesc)
+            Assert(pszCheckEncryptId && strcmp(pSigDesc->pszObjId, pszCheckEncryptId) == 0);
+#  ifdef IPRT_WITH_OPENSSL /* No ECDSA implementation w/o OpenSSL at the moment. */
+        else
+            AssertMsg(!pSigDesc && pInfo->idxEncryption == IDX_ENCRYPTION_NIL, ("%s\n", g_aSignatureOidInfo[i].pszSignatureOid));
+#  endif
+# endif /* IN_RING3 */
+    }
+
+    /*
+     * Check that everything in g_aDigestAndEncryption is resolvable here and that the info matches up.
+     */
+    for (size_t idxEncryption = IDX_ENCRYPTION_NIL; idxEncryption < RT_ELEMENTS(g_aDigestAndEncryption); idxEncryption++)
+    {
+        PCRTCRX509ALGORITHIDENTIFIERCOMBINING const paCombinations = g_aDigestAndEncryption[idxEncryption].paCombinations;
+        size_t const                                cCombinations  = g_aDigestAndEncryption[idxEncryption].cCombinations;
+        for (size_t i = 0; i < cCombinations; i++)
+        {
+            PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pInfo
+                = rtCrX509AlgorithmIdentifier_LookupInfoByOid(paCombinations[i].pszEncryptedDigestOid);
+            AssertContinue(pInfo);
+            Assert(strcmp(paCombinations[i].pszEncryptedDigestOid, pInfo->pszSignatureOid) == 0);
+            Assert(pInfo->idxEncryption == idxEncryption);
+            Assert(strcmp(paCombinations[i].pszDigestOid,
+                          RTCrDigestTypeToAlgorithmOid((RTDIGESTTYPE)pInfo->enmDigestType)) == 0);
+        }
+    }
+}
+#endif /* RT_STRICT */
+
+
+RTDECL(RTDIGESTTYPE) RTCrX509AlgorithmIdentifier_GetDigestType(PCRTCRX509ALGORITHMIDENTIFIER pThis, bool fPureDigestsOnly)
 {
     AssertPtrReturn(pThis, RTDIGESTTYPE_INVALID);
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_MD5))
-        return RTDIGESTTYPE_MD5;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA1))
-        return RTDIGESTTYPE_SHA1;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA256))
-        return RTDIGESTTYPE_SHA256;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA512))
-        return RTDIGESTTYPE_SHA512;
-
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA384))
-        return RTDIGESTTYPE_SHA384;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA224))
-        return RTDIGESTTYPE_SHA224;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA512T224))
-        return RTDIGESTTYPE_SHA512T224;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA512T256))
-        return RTDIGESTTYPE_SHA512T256;
-
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA3_224))
-        return RTDIGESTTYPE_SHA3_224;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA3_256))
-        return RTDIGESTTYPE_SHA3_256;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA3_384))
-        return RTDIGESTTYPE_SHA3_384;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA3_512))
-        return RTDIGESTTYPE_SHA3_512;
-    return RTDIGESTTYPE_INVALID;
-}
-
-
-RTDECL(uint32_t) RTCrX509AlgorithmIdentifier_QueryDigestSize(PCRTCRX509ALGORITHMIDENTIFIER pThis)
+    PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pInfo = rtCrX509AlgorithmIdentifier_LookupInfoByOid(pThis->Algorithm.szObjId);
+    return pInfo && (!fPureDigestsOnly || pInfo->idxEncryption == IDX_ENCRYPTION_NIL)
+         ? (RTDIGESTTYPE)pInfo->enmDigestType : RTDIGESTTYPE_INVALID;
+}
+
+
+RTDECL(uint32_t) RTCrX509AlgorithmIdentifier_GetDigestSize(PCRTCRX509ALGORITHMIDENTIFIER pThis, bool fPureDigestsOnly)
 {
     AssertPtrReturn(pThis, UINT32_MAX);
-
-    /* common */
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_MD5))
-        return 128 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA1))
-        return 160 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA256))
-        return 256 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA512))
-        return 512 / 8;
-
-    /* Less common. */
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_MD2))
-        return 128 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_MD4))
-        return 128 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA384))
-        return 384 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA224))
-        return 224 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA512T224))
-        return 224 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA512T256))
-        return 256 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA3_224))
-        return 224 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA3_256))
-        return 256 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA3_384))
-        return 384 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_SHA3_512))
-        return 512 / 8;
-    if (!strcmp(pThis->Algorithm.szObjId, RTCRX509ALGORITHMIDENTIFIERID_WHIRLPOOL))
-        return 512 / 8;
-
-    return UINT32_MAX;
+    PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pInfo = rtCrX509AlgorithmIdentifier_LookupInfoByOid(pThis->Algorithm.szObjId);
+    return pInfo && (!fPureDigestsOnly || pInfo->idxEncryption == IDX_ENCRYPTION_NIL)
+         ? pInfo->cBitsDigest / 8 : UINT32_MAX;
 }
 
@@ -157 +433 @@
                                                                               const char *pszEncryptedDigestOid)
 {
-    /* common */
-    if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD5))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD5_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA1))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA1_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA256))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA256_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512_WITH_RSA))
-            return 0;
-    }
-    /* Less common. */
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD2))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD2_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD4))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD4_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA384))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA384_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA224))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA224_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512T224))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512T224_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512T256))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512T256_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_224))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_224_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_256))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_256_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_384))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_384_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_512))
-    {
-        if (!strcmp(pszEncryptedDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_512_WITH_RSA))
-            return 0;
-    }
-    else if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_WHIRLPOOL))
-    {
-        /* ?? */
-    }
-    else
-        return -1;
-    return 1;
+    /*
+     * Lookup the digest and encrypted digest OIDs.
+     */
+    PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pDigest  = rtCrX509AlgorithmIdentifier_LookupInfoByOid(pszDigestOid);
+    AssertMsgReturn(pDigest,                                      ("pszDigestOid=%s\n", pszDigestOid), -1);
+    AssertMsgReturn(pDigest->idxEncryption == IDX_ENCRYPTION_NIL, ("pszDigestOid=%s\n", pszDigestOid), -1);
+    AssertMsgReturn(pDigest->cBitsDigest   != 0,                  ("pszDigestOid=%s\n", pszDigestOid), -1);
+
+    PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pEncrypt = rtCrX509AlgorithmIdentifier_LookupInfoByOid(pszEncryptedDigestOid);
+    AssertMsgReturn(pEncrypt,                                        ("pszEncryptedDigestOid=%s\n", pszEncryptedDigestOid), 1);
+    AssertMsgReturn(pEncrypt->idxEncryption != IDX_ENCRYPTION_NIL,   ("pszEncryptedDigestOid=%s\n", pszEncryptedDigestOid), 1);
+    AssertMsgReturn(pEncrypt->enmDigestType != RTDIGESTTYPE_INVALID, ("pszEncryptedDigestOid=%s\n", pszEncryptedDigestOid), 1);
+
+    return pDigest->enmDigestType == pEncrypt->enmDigestType ? 0 : 1;
 }
 
@@ -249 +460 @@
                                                                                   const char *pszDigestOid)
 {
-    /* RSA: */
-    if (!strcmp(pszEncryptionOid, RTCRX509ALGORITHMIDENTIFIERID_RSA))
-    {
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD5)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD5_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_MD5_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA1)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA1_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA1_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA256)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA256_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA256_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA512_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD2)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD2_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_MD2_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD4)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_MD4_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_MD4_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA384)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA384_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA384_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA224)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA224_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA224_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512T224)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512T224_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA512T224_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512T256)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA512T256_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA512T256_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_224)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_224_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA3_224_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_256)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_256_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA3_256_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_384)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_384_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA3_384_WITH_RSA;
-        if (   !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_512)
-            || !strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_SHA3_512_WITH_RSA))
-            return RTCRX509ALGORITHMIDENTIFIERID_SHA3_512_WITH_RSA;
-
-        /* if (!strcmp(pszDigestOid, RTCRX509ALGORITHMIDENTIFIERID_WHIRLPOOL))
-            return ???; */
-    }
-    else if (RTCrX509AlgorithmIdentifier_CompareDigestOidAndEncryptedDigestOid(pszDigestOid, pszEncryptionOid) == 0)
-        return pszEncryptionOid;
-
-    AssertMsgFailed(("enc=%s hash=%s\n", pszEncryptionOid, pszDigestOid));
+    /*
+     * We can look up the two OIDs and see what they actually are.
+     */
+    /* The digest OID should be a pure hash algorithm, however we also accept
+       the already combined algorithm. */
+    PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pDigest  = rtCrX509AlgorithmIdentifier_LookupInfoByOid(pszDigestOid);
+    AssertReturn(pDigest, NULL);
+    AssertReturn(pDigest->enmDigestType != RTDIGESTTYPE_INVALID, NULL);
+
+    /* The encryption OID should be a pure encryption algorithm, however we
+       also accept the already combined algorithm. */
+    PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pEncrypt = rtCrX509AlgorithmIdentifier_LookupInfoByOid(pszEncryptionOid);
+    AssertReturn(pEncrypt, NULL);
+    uint8_t const idxEncryption = pEncrypt->idxEncryption;
+    AssertReturn(idxEncryption != IDX_ENCRYPTION_NIL, NULL);
+    Assert(idxEncryption < RT_ELEMENTS(g_aDigestAndEncryption));
+
+    /* Is the encryption OID purely encryption? */
+    if (pEncrypt->cBitsDigest == 0)
+    {
+        Assert(pEncrypt->enmDigestType == RTDIGESTTYPE_INVALID);
+
+        /* Identify the slice of the table related to this encryption OID: */
+        PCRTCRX509ALGORITHIDENTIFIERCOMBINING const paCombinations = g_aDigestAndEncryption[idxEncryption].paCombinations;
+        size_t                                const cCombinations  = g_aDigestAndEncryption[idxEncryption].cCombinations;
+
+        /* Is the digest OID purely a digest? */
+        if (pDigest->idxEncryption == IDX_ENCRYPTION_NIL)
+        {
+            for (size_t i = 0; i < cCombinations; i++)
+                if (!strcmp(pszDigestOid, paCombinations[i].pszDigestOid))
+                    return paCombinations[i].pszEncryptedDigestOid;
+            AssertMsgFailed(("enc=%s hash=%s\n", pszEncryptionOid, pszDigestOid));
+        }
+        else
+        {
+            /* No, it's a combined one. */
+            for (size_t i = 0; i < cCombinations; i++)
+                if (!strcmp(pszDigestOid, paCombinations[i].pszEncryptedDigestOid))
+                    return paCombinations[i].pszEncryptedDigestOid;
+            AssertMsgFailed(("enc=%s hash+enc=%s\n", pszEncryptionOid, pszDigestOid));
+        }
+    }
+    /* The digest OID purely a digest? */
+    else if (pDigest->idxEncryption == IDX_ENCRYPTION_NIL)
+    {
+        /* Check that it's for the same hash before returning it. */
+        Assert(pEncrypt->enmDigestType != RTDIGESTTYPE_INVALID);
+        if (pEncrypt->enmDigestType == pDigest->enmDigestType)
+            return pEncrypt->pszSignatureOid;
+        AssertMsgFailed(("enc+hash=%s hash=%s\n", pszEncryptionOid, pszDigestOid));
+    }
+    /* Both the digest and encryption OIDs are combined ones, so they have to
+       be the same entry then or they cannot be combined. */
+    else if (pDigest == pEncrypt)
+        return pEncrypt->pszSignatureOid;
+    else
+        AssertMsgFailed(("enc+hash=%s hash+enc=%s\n", pszEncryptionOid, pszDigestOid));
+
     return NULL;
 }
@@ -311 +528 @@
     return RTCrX509AlgorithmIdentifier_CombineEncryptionOidAndDigestOid(pEncryption->Algorithm.szObjId,
                                                                         pDigest->Algorithm.szObjId);
+}
+
+
+RTDECL(const char *) RTCrX509AlgorithmIdentifier_GetEncryptionOid(PCRTCRX509ALGORITHMIDENTIFIER pThis, bool fMustIncludeHash)
+{
+    AssertPtrReturn(pThis, NULL);
+    PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pInfo = rtCrX509AlgorithmIdentifier_LookupInfoByOid(pThis->Algorithm.szObjId);
+    if (pInfo && (!fMustIncludeHash || pInfo->enmDigestType != RTDIGESTTYPE_INVALID))
+        return g_apszEncryptionOids[pInfo->idxEncryption];
+    return NULL;
+}
+
+
+RTDECL(const char *) RTCrX509AlgorithmIdentifier_GetEncryptionOidFromOid(const char *pszAlgorithmOid, bool fMustIncludeHash)
+{
+    AssertPtrReturn(pszAlgorithmOid, NULL);
+    PCRTCRX509ALGORITHIDENTIFIERINTERNALINFO const pInfo = rtCrX509AlgorithmIdentifier_LookupInfoByOid(pszAlgorithmOid);
+    if (pInfo && (!fMustIncludeHash || pInfo->enmDigestType != RTDIGESTTYPE_INVALID))
+        return g_apszEncryptionOids[pInfo->idxEncryption];
+    return NULL;
 }
 

trunk/src/VBox/Runtime/common/crypto/x509-verify.cpp

@@ -62 +62 @@
     AssertReturn(RTAsn1ObjId_IsPresent(pAlgorithm), VERR_INVALID_POINTER);
 
-    if (pParameters)
-    {
-        AssertPtrReturn(pParameters, VERR_INVALID_POINTER);
-        if (pParameters->enmType == RTASN1TYPE_NULL)
-            pParameters = NULL;
-    }
-
     AssertPtrReturn(pPublicKey, VERR_INVALID_POINTER);
     AssertReturn(RTAsn1BitString_IsPresent(pPublicKey), VERR_INVALID_POINTER);
@@ -75 +68 @@
      * Check if the algorithm matches.
      */
-    const char *pszCipherOid = RTCrPkixGetCiperOidFromSignatureAlgorithm(&pThis->SignatureAlgorithm.Algorithm);
+    const char * const pszCipherOid = RTCrX509AlgorithmIdentifier_GetEncryptionOid(&pThis->SignatureAlgorithm,
+                                                                                   true /*fMustIncludeHash*/);
     if (!pszCipherOid)
         return RTErrInfoSetF(pErrInfo, VERR_CR_X509_UNKNOWN_CERT_SIGN_ALGO,
@@ -90 +84 @@
      */
     RTCRKEY hPubKey;
-    int rc = RTCrKeyCreateFromPublicAlgorithmAndBits(&hPubKey, pAlgorithm, pPublicKey, pErrInfo, NULL);
+    int rc = RTCrKeyCreateFromPublicAlgorithmAndBits(&hPubKey, pAlgorithm, pParameters, pPublicKey, pErrInfo, NULL);
     if (RT_FAILURE(rc))
         return rc;
@@ -105 +99 @@
     if (RT_SUCCESS(rc))
     {
-        rc = RTCrPkixPubKeyVerifySignature(&pThis->SignatureAlgorithm.Algorithm, hPubKey, pParameters, &pThis->SignatureValue,
-                                           pbRaw, cbRaw, pErrInfo);
+        rc = RTCrPkixPubKeyVerifySignature(&pThis->SignatureAlgorithm.Algorithm, hPubKey, &pThis->SignatureAlgorithm.Parameters,
+                                           &pThis->SignatureValue, pbRaw, cbRaw, pErrInfo);
         RTMemTmpFree(pvFree);
     }
@@ -127 +121 @@
 
     /*
-     * Assemble parameters for the generic verification call.
+     * Call generic verification function.
      */
-    PCRTCRX509TBSCERTIFICATE const pTbsCert    = &pThis->TbsCertificate;
-    PCRTASN1DYNTYPE                pParameters = NULL;
-    if (   RTASN1CORE_IS_PRESENT(&pTbsCert->SubjectPublicKeyInfo.Algorithm.Parameters.u.Core)
-        && pTbsCert->SubjectPublicKeyInfo.Algorithm.Parameters.enmType != RTASN1TYPE_NULL)
-        pParameters = &pTbsCert->SubjectPublicKeyInfo.Algorithm.Parameters;
-    return RTCrX509Certificate_VerifySignature(pThis, &pTbsCert->SubjectPublicKeyInfo.Algorithm.Algorithm, pParameters,
+    PCRTCRX509TBSCERTIFICATE const pTbsCert = &pThis->TbsCertificate;
+    return RTCrX509Certificate_VerifySignature(pThis,
+                                               &pTbsCert->SubjectPublicKeyInfo.Algorithm.Algorithm,
+                                               &pTbsCert->SubjectPublicKeyInfo.Algorithm.Parameters,
                                                &pTbsCert->SubjectPublicKeyInfo.SubjectPublicKey, pErrInfo);
 }

trunk/src/VBox/Runtime/common/ldr/ldrPE.cpp

@@ -2940 +2940 @@
                     {
                         PCRTCRX509ALGORITHMIDENTIFIER pDigestAlgorithm = &pInfo->pIndData->DigestInfo.DigestAlgorithm;
-                        pInfo->enmDigest = RTCrX509AlgorithmIdentifier_QueryDigestType(pDigestAlgorithm);
+                        pInfo->enmDigest = RTCrX509AlgorithmIdentifier_GetDigestType(pDigestAlgorithm,
+                                                                                     true /*fPureDigestsOnly*/);
                         AssertReturn(pInfo->enmDigest != RTDIGESTTYPE_INVALID, VERR_INTERNAL_ERROR_4); /* Checked above! */
                     }
@@ -3011 +3012 @@
                 {
                     PCRTCRX509ALGORITHMIDENTIFIER pDigestAlgorithm = &pInfo->pIndData->DigestInfo.DigestAlgorithm;
-                    pInfo->enmDigest = RTCrX509AlgorithmIdentifier_QueryDigestType(pDigestAlgorithm);
+                    pInfo->enmDigest = RTCrX509AlgorithmIdentifier_GetDigestType(pDigestAlgorithm, true /*fPureDigestsOnly*/);
                     AssertReturn(pInfo->enmDigest != RTDIGESTTYPE_INVALID, VERR_INTERNAL_ERROR_4); /* Checked above! */
 

trunk/src/VBox/Runtime/r3/memsafer-r3.cpp

@@ -511 +511 @@
     if (pv)
     {
-        void *pvKey = rtMemSaferScramblePointer(pv);
-        RTCritSectRwEnterShared(&g_MemSaferCritSect);
-        PRTMEMSAFERNODE pThis = (PRTMEMSAFERNODE)RTAvlPVGet(&g_pMemSaferTree, pvKey);
-        if (pThis)
-            cbRet = pThis->cbUser;
-        RTCritSectRwLeaveShared(&g_MemSaferCritSect);
+        /*
+         * We use this API for testing whether pv is a safer allocation or not,
+         * so we may be called before the allocators.  Thus, it's prudent to
+         * make sure initialization has taken place before attempting to enter
+         * the critical section and such.
+         */
+        int rc = RTOnceEx(&g_MemSaferOnce, rtMemSaferOnceInit, rtMemSaferOnceTerm, NULL);
+        if (RT_SUCCESS(rc))
+        {
+            void *pvKey = rtMemSaferScramblePointer(pv);
+            RTCritSectRwEnterShared(&g_MemSaferCritSect);
+            PRTMEMSAFERNODE pThis = (PRTMEMSAFERNODE)RTAvlPVGet(&g_pMemSaferTree, pvKey);
+            if (pThis)
+                cbRet = pThis->cbUser;
+            RTCritSectRwLeaveShared(&g_MemSaferCritSect);
+        }
     }
     return cbRet;

trunk/src/VBox/Runtime/tools/Makefile.kmk

@@ -99 +99 @@
    bldRTSignTool_SOURCES  += \
         ../common/crypto/pkix-signature-builtin.cpp \
+        ../common/crypto/pkix-signature-ossl.cpp \
         ../common/crypto/store.cpp \
         ../common/crypto/digest-builtin.cpp \

trunk/src/VBox/Runtime/tools/RTSignTool.cpp

@@ -5318 +5318 @@
     RTPrintf("%s                     Issuer: %s\n", pThis->szPrefix, pThis->szTmp);
 
-    const char *pszType = RTCrDigestTypeToName(RTCrX509AlgorithmIdentifier_QueryDigestType(&pSignerInfo->DigestAlgorithm));
+    const char *pszType = RTCrDigestTypeToName(RTCrX509AlgorithmIdentifier_GetDigestType(&pSignerInfo->DigestAlgorithm,
+                                                                                         true /*fPureDigestsOnly*/));
     if (!pszType)
         pszType = pSignerInfo->DigestAlgorithm.Algorithm.szObjId;
@@ -5381 +5382 @@
      * The image hash.
      */
-    RTDIGESTTYPE const enmDigestType = RTCrX509AlgorithmIdentifier_QueryDigestType(&pIndData->DigestInfo.DigestAlgorithm);
+    RTDIGESTTYPE const enmDigestType = RTCrX509AlgorithmIdentifier_GetDigestType(&pIndData->DigestInfo.DigestAlgorithm,
+                                                                                 true /*fPureDigestsOnly*/);
     const char        *pszDigestType = RTCrDigestTypeToName(enmDigestType);
     RTPrintf("%s Digest Type: %s", pThis->szPrefix, pszDigestType);
@@ -5589 +5591 @@
     {
         PCRTCRX509ALGORITHMIDENTIFIER pAlgoId = pSignedData->DigestAlgorithms.papItems[i];
-        const char *pszDigestType = RTCrDigestTypeToName(RTCrX509AlgorithmIdentifier_QueryDigestType(pAlgoId));
+        const char *pszDigestType = RTCrDigestTypeToName(RTCrX509AlgorithmIdentifier_GetDigestType(pAlgoId,
+                                                                                                   true /*fPureDigestsOnly*/));
         if (!pszDigestType)
             pszDigestType = pAlgoId->Algorithm.szObjId;

trunk/src/libs/openssl-3.0.7/crypto/asn1/Makefile.kmk

@@ -64 +64 @@
         bio_asn1.c \
         bio_ndef.c \
+        d2i_param.c \
         d2i_pr.c \
         d2i_pu.c \