Changeset 52537 in vbox for trunk/src/VBox/HostDrivers

Timestamp:

Aug 31, 2014 7:28:17 PM (10 years ago)

Author:

vboxsync

Message:

IPRT,SUP: First part of timestamp counter signatures support.

File:

• trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp (modified) (3 diffs)

trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp

@@ -874 +874 @@
  */
 static DECLCALLBACK(int) supHardNtViCertVerifyCallback(PCRTCRX509CERTIFICATE pCert, RTCRX509CERTPATHS hCertPaths,
-                                                       void *pvUser, PRTERRINFO pErrInfo)
+                                                       uint32_t fFlags, void *pvUser, PRTERRINFO pErrInfo)
 {
     PSUPHNTVIRDR pNtViRdr = (PSUPHNTVIRDR)pvUser;
@@ -894 +894 @@
      * Standard code signing capabilites required.
      */
-    int rc = RTCrPkcs7VerifyCertCallbackCodeSigning(pCert, hCertPaths, NULL, pErrInfo);
-    if (RT_SUCCESS(rc))
+    int rc = RTCrPkcs7VerifyCertCallbackCodeSigning(pCert, hCertPaths, fFlags, NULL, pErrInfo);
+    if (   RT_SUCCESS(rc)
+        && (fFlags & RTCRPKCS7VCC_F_SIGNED_DATA))
     {
         /*
@@ -992 +993 @@
 
     /*
-     * Verify the signature.
+     * Verify the signature.  We instruct the verifier to use the signing time
+     * counter signature present when present, falling back on the timestamp
+     * planted by the linker when absent.  In ring-0 we don't have all the
+     * necessary timestamp server root certificate info, so we have to allow
+     * using counter signatures unverified there.
      */
     RTTIMESPEC ValidationTime;
     RTTimeSpecSetSeconds(&ValidationTime, pNtViRdr->uTimestamp);
 
-    return RTCrPkcs7VerifySignedData(pContentInfo, 0, g_hSpcAndNtKernelSuppStore, g_hSpcAndNtKernelRootStore, &ValidationTime,
-                                     supHardNtViCertVerifyCallback, pNtViRdr, pErrInfo);
+    uint32_t fFlags = RTCRPKCS7VERIFY_SD_F_ALWAYS_USE_SIGNING_TIME_IF_PRESENT
+                    | RTCRPKCS7VERIFY_SD_F_COUNTER_SIGNATURE_SIGNING_TIME_ONLY;
+#ifdef IN_RING0
+    fFlags |= RTCRPKCS7VERIFY_SD_F_USE_SIGNING_TIME_UNVERIFIED;
+#endif
+    return RTCrPkcs7VerifySignedData(pContentInfo, fFlags, g_hSpcAndNtKernelSuppStore, g_hSpcAndNtKernelRootStore,
+                                     &ValidationTime, supHardNtViCertVerifyCallback, pNtViRdr, pErrInfo);
 }