- Timestamp:
- Jul 3, 2014 11:51:54 PM (11 years ago)
- Location:
- trunk/src/VBox/Runtime
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Runtime/Makefile.kmk
r51856 r51862 2851 2851 # 2852 2852 rsa-template.o rsa-template.obj: rsa-core.o rsa-asn1-decoder.o rsa-sanity.o rsa-init.o 2853 spc-template.o spc-template.obj: spc-core.o spc-asn1-decoder.o spc-sanity.o spc-init.o 2853 2854 taf-template.o taf-template.obj: taf-core.o taf-asn1-decoder.o taf-sanity.o taf-init.o 2854 2855 x509-template.o x509-template.obj: x509-core.o x509-asn1-decoder.o x509-sanity.o x509-init.o -
trunk/src/VBox/Runtime/common/crypto/spc-core.cpp
r51770 r51862 39 39 40 40 41 RTDECL(int) RTCrSpcSerializedPageHashes V2_UpdateDerivedData(PRTCRSPCSERIALIZEDPAGEHASHESV2pThis)41 RTDECL(int) RTCrSpcSerializedPageHashes_UpdateDerivedData(PRTCRSPCSERIALIZEDPAGEHASHES pThis) 42 42 { 43 pThis->pData = (PCRTCRSPCPEIMAGEPAGEHASHES V2)pThis->RawData.Asn1Core.uData.pv;43 pThis->pData = (PCRTCRSPCPEIMAGEPAGEHASHES)pThis->RawData.Asn1Core.uData.pv; 44 44 return VINF_SUCCESS; 45 45 } … … 50 50 */ 51 51 52 RTDECL(PCRTCRSPCSERIALIZEDOBJECTATTRIBUTE) RTCrSpcIndirectDataContent_GetPeImageHashesV2(PCRTCRSPCINDIRECTDATACONTENT pIndData) 52 RTDECL(PCRTCRSPCSERIALIZEDOBJECTATTRIBUTE) 53 RTCrSpcIndirectDataContent_GetPeImageObjAttrib(PCRTCRSPCINDIRECTDATACONTENT pThis, 54 RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE enmType) 53 55 { 54 if (p IndData->Data.enmType == RTCRSPCAAOVTYPE_PE_IMAGE_DATA)56 if (pThis->Data.enmType == RTCRSPCAAOVTYPE_PE_IMAGE_DATA) 55 57 { 56 Assert(RTAsn1ObjId_CompareWithString(&p IndData->Data.Type, RTCRSPCPEIMAGEDATA_OID) == 0);58 Assert(RTAsn1ObjId_CompareWithString(&pThis->Data.Type, RTCRSPCPEIMAGEDATA_OID) == 0); 57 59 58 if ( p IndData->Data.uValue.pPeImage59 && p IndData->Data.uValue.pPeImage->T0.File.enmChoice == RTCRSPCLINKCHOICE_MONIKER60 && RTCrSpcSerializedObject_IsPresent(p IndData->Data.uValue.pPeImage->T0.File.u.pMoniker) )60 if ( pThis->Data.uValue.pPeImage 61 && pThis->Data.uValue.pPeImage->T0.File.enmChoice == RTCRSPCLINKCHOICE_MONIKER 62 && RTCrSpcSerializedObject_IsPresent(pThis->Data.uValue.pPeImage->T0.File.u.pMoniker) ) 61 63 { 62 if (p IndData->Data.uValue.pPeImage->T0.File.u.pMoniker->enmType == RTCRSPCSERIALIZEDOBJECTTYPE_ATTRIBUTES)64 if (pThis->Data.uValue.pPeImage->T0.File.u.pMoniker->enmType == RTCRSPCSERIALIZEDOBJECTTYPE_ATTRIBUTES) 63 65 { 64 Assert(RTUuidCompareStr(p IndData->Data.uValue.pPeImage->T0.File.u.pMoniker->Uuid.Asn1Core.uData.pUuid,66 Assert(RTUuidCompareStr(pThis->Data.uValue.pPeImage->T0.File.u.pMoniker->Uuid.Asn1Core.uData.pUuid, 65 67 RTCRSPCSERIALIZEDOBJECT_UUID_STR) == 0); 66 PCRTCRSPCSERIALIZEDOBJECTATTRIBUTES pData = p IndData->Data.uValue.pPeImage->T0.File.u.pMoniker->u.pData;68 PCRTCRSPCSERIALIZEDOBJECTATTRIBUTES pData = pThis->Data.uValue.pPeImage->T0.File.u.pMoniker->u.pData; 67 69 if (pData) 68 {69 70 for (uint32_t i = 0; i < pData->cItems; i++) 70 { 71 if (pData->paItems[i].enmType == RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE_PAGE_HASHES_V2) 72 { 73 Assert(RTAsn1ObjId_CompareWithString(&pData->paItems[i].Type, RTCRSPC_PE_IMAGE_HASHES_V2_OID) == 0); 71 if (pData->paItems[i].enmType == enmType) 74 72 return &pData->paItems[i]; 75 }76 }77 }78 73 } 79 74 } -
trunk/src/VBox/Runtime/common/crypto/spc-sanity.cpp
r51770 r51862 123 123 "SpcIndirectDataContent...pMoniker->pData is NULL."); 124 124 125 uint32_t cPageHashV1 = 0; 126 uint32_t cPageHashV2 = 0; 125 uint32_t cPageHashTabs = 0; 127 126 for (uint32_t i = 0; i < pObj->u.pData->cItems; i++) 128 127 { 129 128 PCRTCRSPCSERIALIZEDOBJECTATTRIBUTE pAttr = &pObj->u.pData->paItems[i]; 130 if (RTAsn1ObjId_CompareWithString(&pAttr->Type, RTCRSPC_PE_IMAGE_HASHES_V2_OID) == 0) 129 if ( RTAsn1ObjId_CompareWithString(&pAttr->Type, RTCRSPC_PE_IMAGE_HASHES_V1_OID) == 0 130 || RTAsn1ObjId_CompareWithString(&pAttr->Type, RTCRSPC_PE_IMAGE_HASHES_V2_OID) == 0 ) 131 131 { 132 if (cPageHashV2 > 0) 133 return RTErrInfoSetF(pErrInfo, VERR_CR_SPC_PEIMAGE_MULTIPLE_V2_HASH_TABS, 134 "SpcIndirectDataContent...MonikerT1 multiple page hash v2 attributes (%u).", i); 135 cPageHashV2++; 136 AssertPtr(pAttr->u.pPageHashesV2->pData); 137 } 138 else if (RTAsn1ObjId_CompareWithString(&pAttr->Type, RTCRSPC_PE_IMAGE_HASHES_V1_OID) == 0) 139 { 140 #if 1 141 return RTErrInfoSetF(pErrInfo, VERR_CR_SPC_PEIMAGE_V1_HASH_TABS_NOT_IMPL, 142 "SpcIndirectDataContent...MonikerT1 implement page hash v1 attributes (%u).", i); 143 #else 144 if (cPageHashV1 > 0) 145 return RTErrInfoSetF(pErrInfo, VERR_CR_SPC_PEIMAGE_MULTIPLE_V1_HASH_TABS, 146 "SpcIndirectDataContent...MonikerT1 multiple page hash v1 attributes (%u).", i); 147 cPageHashV1++; 148 #endif 132 cPageHashTabs++; 133 AssertPtr(pAttr->u.pPageHashes->pData); 149 134 } 150 135 else … … 153 138 i, pAttr->Type.szObjId); 154 139 } 140 if (cPageHashTabs > 0) 141 return RTErrInfoSetF(pErrInfo, VERR_CR_SPC_PEIMAGE_MULTIPLE_HASH_TABS, 142 "SpcIndirectDataContent...MonikerT1 multiple page hash attributes (%u).", cPageHashTabs); 143 155 144 } 156 145 else if ( pIndData->Data.uValue.pPeImage->T0.File.enmChoice == RTCRSPCLINKCHOICE_FILE -
trunk/src/VBox/Runtime/common/crypto/spc-template.h
r51770 r51862 31 31 * One SPC Serialized Page Hashes V2 Object. 32 32 */ 33 #define RTASN1TMPL_TYPE RTCRSPCSERIALIZEDPAGEHASHES V234 #define RTASN1TMPL_EXT_NAME RTCrSpcSerializedPageHashes V235 #define RTASN1TMPL_INT_NAME rtCrSpcSerializedPageHashes V233 #define RTASN1TMPL_TYPE RTCRSPCSERIALIZEDPAGEHASHES 34 #define RTASN1TMPL_EXT_NAME RTCrSpcSerializedPageHashes 35 #define RTASN1TMPL_INT_NAME rtCrSpcSerializedPageHashes 36 36 RTASN1TMPL_BEGIN_SETCORE(); 37 37 RTASN1TMPL_MEMBER( RawData, RTASN1OCTETSTRING, RTAsn1OctetString); 38 RTASN1TMPL_EXEC_DECODE( rc = RTCrSpcSerializedPageHashes V2_UpdateDerivedData(pThis) ) /* no ; */39 RTASN1TMPL_EXEC_CLONE( rc = RTCrSpcSerializedPageHashes V2_UpdateDerivedData(pThis) ) /* no ; */38 RTASN1TMPL_EXEC_DECODE( rc = RTCrSpcSerializedPageHashes_UpdateDerivedData(pThis) ) /* no ; */ 39 RTASN1TMPL_EXEC_CLONE( rc = RTCrSpcSerializedPageHashes_UpdateDerivedData(pThis) ) /* no ; */ 40 40 RTASN1TMPL_END_SETCORE(); 41 41 #undef RTASN1TMPL_TYPE … … 53 53 RTASN1TMPL_MEMBER( Type, RTASN1OBJID, RTAsn1ObjId); 54 54 RTASN1TMPL_MEMBER_DYN_BEGIN( RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE, enmType, Allocation); 55 RTASN1TMPL_MEMBER_DYN( u, pPageHashesV2, RTCRSPCSERIALIZEDPAGEHASHESV2, RTCrSpcSerializedPageHashesV2, Allocation, enmType, 55 RTASN1TMPL_MEMBER_DYN( u, pPageHashes, RTCRSPCSERIALIZEDPAGEHASHES, RTCrSpcSerializedPageHashes, Allocation, enmType, 56 RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE_PAGE_HASHES_V1, RTAsn1ObjId_CompareWithString(&pThis->Type, RTCRSPC_PE_IMAGE_HASHES_V1_OID) == 0); 57 RTASN1TMPL_MEMBER_DYN( u, pPageHashes, RTCRSPCSERIALIZEDPAGEHASHES, RTCrSpcSerializedPageHashes, Allocation, enmType, 56 58 RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE_PAGE_HASHES_V2, RTAsn1ObjId_CompareWithString(&pThis->Type, RTCRSPC_PE_IMAGE_HASHES_V2_OID) == 0); 57 59 RTASN1TMPL_MEMBER_DYN_DEFAULT( u, pCore, RTASN1CORE, RTAsn1Core, Allocation, enmType, RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE_UNKNOWN); -
trunk/src/VBox/Runtime/common/ldr/ldrPE.cpp
r51837 r51862 2136 2136 2137 2137 2138 static int rtldrPE_VerifyAllPageHashes V2(PRTLDRMODPE pModPe, PCRTCRSPCSERIALIZEDOBJECTATTRIBUTE pAttrib, RTDIGESTTYPE enmDigest,2139 2138 static int rtldrPE_VerifyAllPageHashes(PRTLDRMODPE pModPe, PCRTCRSPCSERIALIZEDOBJECTATTRIBUTE pAttrib, RTDIGESTTYPE enmDigest, 2139 void *pvScratch, size_t cbScratch, PRTERRINFO pErrInfo) 2140 2140 { 2141 2141 AssertReturn(cbScratch >= _4K, VERR_INTERNAL_ERROR_3); … … 2144 2144 * Calculate the special places. 2145 2145 */ 2146 RTLDRPEHASHSPECIALS SpecialPlaces ;2146 RTLDRPEHASHSPECIALS SpecialPlaces = { 0, 0, 0, 0, 0, 0 }; /* shut up gcc */ 2147 2147 int rc = rtldrPe_CalcSpecialHashPlaces(pModPe, &SpecialPlaces, pErrInfo); 2148 2148 if (RT_FAILURE(rc)) … … 2150 2150 2151 2151 uint32_t const cbHash = rtLdrPE_HashGetHashSize(enmDigest); 2152 uint32_t const cPages = pAttrib->u.pPageHashes V2->RawData.Asn1Core.cb / (cbHash + 4);2153 if (cPages * (cbHash + 4) != pAttrib->u.pPageHashes V2->RawData.Asn1Core.cb)2152 uint32_t const cPages = pAttrib->u.pPageHashes->RawData.Asn1Core.cb / (cbHash + 4); 2153 if (cPages * (cbHash + 4) != pAttrib->u.pPageHashes->RawData.Asn1Core.cb) 2154 2154 return RTErrInfoSetF(pErrInfo, VERR_LDRVI_PAGE_HASH_TAB_SIZE_OVERFLOW, 2155 2155 "Page Hashes V2 size issue: cb=%#x cbHash=%#x", 2156 pAttrib->u.pPageHashes V2->RawData.Asn1Core.cb, cbHash);2156 pAttrib->u.pPageHashes->RawData.Asn1Core.cb, cbHash); 2157 2157 2158 2158 /* … … 2166 2166 uint32_t offSectEnd = pModPe->cbHeaders; 2167 2167 uint32_t iSh = UINT32_MAX; 2168 uint8_t const *pbHashTab = pAttrib->u.pPageHashes V2->RawData.Asn1Core.uData.pu8;2168 uint8_t const *pbHashTab = pAttrib->u.pPageHashes->RawData.Asn1Core.uData.pu8; 2169 2169 for (uint32_t iPage = 0; iPage < cPages; iPage++) 2170 2170 { … … 2357 2357 /* 2358 2358 * Compare the page hashes if present. 2359 * 2360 * Seems the difference between V1 and V2 page hash attributes is 2361 * that v1 uses SHA-1 while v2 uses SHA-256. The data structures to 2362 * be identical otherwise. Initially we assumed the digest 2363 * algorithm was supposed to be RTCRSPCINDIRECTDATACONTENT::DigestInfo, 2364 * i.e. the same as for the whole image hash. The initial approach 2365 * worked just fine, but this makes more sense. 2366 * 2367 * (See also comments in osslsigncode.c (google it).) 2359 2368 */ 2360 PCRTCRSPCSERIALIZEDOBJECTATTRIBUTE pAttrib = RTCrSpcIndirectDataContent_GetPeImageHashesV2(pSignature->pIndData); 2369 PCRTCRSPCSERIALIZEDOBJECTATTRIBUTE pAttrib; 2370 pAttrib = RTCrSpcIndirectDataContent_GetPeImageObjAttrib(pSignature->pIndData, 2371 RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE_PAGE_HASHES_V2); 2361 2372 if (pAttrib) 2362 rc = rtldrPE_VerifyAllPageHashesV2(pModPe, pAttrib, pSignature->enmDigest, pvScratch, cbScratch, pErrInfo); 2363 2373 rc = rtldrPE_VerifyAllPageHashes(pModPe, pAttrib, RTDIGESTTYPE_SHA256, pvScratch, cbScratch, pErrInfo); 2374 else 2375 { 2376 pAttrib = RTCrSpcIndirectDataContent_GetPeImageObjAttrib(pSignature->pIndData, 2377 RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE_PAGE_HASHES_V1); 2378 if (pAttrib) 2379 rc = rtldrPE_VerifyAllPageHashes(pModPe, pAttrib, RTDIGESTTYPE_SHA1, pvScratch, cbScratch, pErrInfo); 2380 } 2364 2381 return rc; 2365 2382 }
Note:
See TracChangeset
for help on using the changeset viewer.