Changeset 52600 in vbox for trunk/src

Timestamp:

Sep 4, 2014 10:59:00 PM (11 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

95876

Message:

IPRT: Added support for microsoft timestamp counter signatures. This required making the PKCS #7 code accept some of the CMS (RFC-5652) stuff.

Location:

trunk/src/VBox

Files:

• HostDrivers/Support/Makefile.kmk (modified) (1 diff)
• HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp (modified) (1 diff)
• Runtime/Makefile.kmk (modified) (3 diffs)
• Runtime/common/asn1/asn1-cursor.cpp (modified) (2 diffs)
• Runtime/common/asn1/asn1-dump.cpp (modified) (1 diff)
• Runtime/common/asn1/asn1-ut-time-decode.cpp (modified) (1 diff)
• Runtime/common/crypto/pkcs7-asn1-decoder.cpp (modified) (3 diffs)
• Runtime/common/crypto/pkcs7-core.cpp (modified) (3 diffs)
• Runtime/common/crypto/pkcs7-sanity.cpp (modified) (5 diffs)
• Runtime/common/crypto/pkcs7-template.h (modified) (3 diffs)
• Runtime/common/crypto/pkcs7-verify.cpp (modified) (10 diffs)
• Runtime/common/crypto/tsp-asn1-decoder.cpp (added)
• Runtime/common/crypto/tsp-core.cpp (added)
• Runtime/common/crypto/tsp-init.cpp (added)
• Runtime/common/crypto/tsp-internal.h (added)
• Runtime/common/crypto/tsp-sanity.cpp (added)
• Runtime/common/crypto/tsp-template.h (added)
• Runtime/common/crypto/x509-certpaths.cpp (modified) (7 diffs)
• Runtime/tools/RTSignTool.cpp (modified) (2 diffs)

trunk/src/VBox/HostDrivers/Support/Makefile.kmk

@@ -281 +281 @@
         $(VBOX_PATH_RUNTIME_SRC)/common/crypto/taf-init.cpp \
         $(VBOX_PATH_RUNTIME_SRC)/common/crypto/taf-sanity.cpp \
+        $(VBOX_PATH_RUNTIME_SRC)/common/crypto/tsp-asn1-decoder.cpp \
+        $(VBOX_PATH_RUNTIME_SRC)/common/crypto/tsp-core.cpp \
+        $(VBOX_PATH_RUNTIME_SRC)/common/crypto/tsp-init.cpp \
+        $(VBOX_PATH_RUNTIME_SRC)/common/crypto/tsp-sanity.cpp \
         $(VBOX_PATH_RUNTIME_SRC)/common/checksum/alt-md2.cpp \
         $(VBOX_PATH_RUNTIME_SRC)/common/checksum/alt-md5.cpp \

trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp

@@ -1004 +1004 @@
 
     uint32_t fFlags = RTCRPKCS7VERIFY_SD_F_ALWAYS_USE_SIGNING_TIME_IF_PRESENT
+                    | RTCRPKCS7VERIFY_SD_F_ALWAYS_USE_MS_TIMESTAMP_IF_PRESENT
                     | RTCRPKCS7VERIFY_SD_F_COUNTER_SIGNATURE_SIGNING_TIME_ONLY;
 #ifndef IN_RING0
     if (!g_fHaveOtherRoots)
 #endif
-        fFlags |= RTCRPKCS7VERIFY_SD_F_USE_SIGNING_TIME_UNVERIFIED;
+        fFlags |= RTCRPKCS7VERIFY_SD_F_USE_SIGNING_TIME_UNVERIFIED | RTCRPKCS7VERIFY_SD_F_USE_MS_TIMESTAMP_UNVERIFIED;
     return RTCrPkcs7VerifySignedData(pContentInfo, fFlags, g_hSpcAndNtKernelSuppStore, g_hSpcAndNtKernelRootStore,
                                      &ValidationTime, supHardNtViCertVerifyCallback, pNtViRdr, pErrInfo);

trunk/src/VBox/Runtime/Makefile.kmk

@@ -359 +359 @@
         common/crypto/taf-init.cpp \
         common/crypto/taf-sanity.cpp \
+        common/crypto/tsp-asn1-decoder.cpp \
+        common/crypto/tsp-core.cpp \
+        common/crypto/tsp-init.cpp \
+        common/crypto/tsp-sanity.cpp \
         common/crypto/store.cpp \
         common/crypto/store-inmem.cpp \
@@ -1920 +1924 @@
         common/crypto/taf-init.cpp \
         common/crypto/taf-sanity.cpp \
+        common/crypto/tsp-asn1-decoder.cpp \
+        common/crypto/tsp-core.cpp \
+        common/crypto/tsp-init.cpp \
+        common/crypto/tsp-sanity.cpp \
         common/checksum/alt-md2.cpp \
         common/checksum/alt-sha1.cpp \
@@ -2734 +2742 @@
 spc-template.o spc-template.obj: spc-core.o spc-asn1-decoder.o spc-sanity.o spc-init.o
 taf-template.o taf-template.obj: taf-core.o taf-asn1-decoder.o taf-sanity.o taf-init.o
+tsp-template.o tsp-template.obj: tsp-core.o tsp-asn1-decoder.o tsp-sanity.o tsp-init.o
 x509-template.o x509-template.obj: x509-core.o x509-asn1-decoder.o x509-sanity.o x509-init.o
 pkcs7-template.o pkcs7-template.obj: pkcs7-core.o pkcs7-asn1-decoder.o pkcs7-sanity.o pkcs7-init.o

trunk/src/VBox/Runtime/common/asn1/asn1-cursor.cpp

@@ -28 +28 @@
 *   Header Files                                                               *
 *******************************************************************************/
+#define RT_STRICT
 #include "internal/iprt.h"
 #include <iprt/asn1.h>
@@ -47 +48 @@
  *
  * For reference, 'RTSignTool verify-exe RTSignTool.exe', requires a value of 15
- * to work without hitting the limit.
+ * to work without hitting the limit for signatures with simple timestamps, and
+ * 23 (amd64/rel = ~3KB) for the new microsoft timestamp counter signatures.
  */
 #ifdef IN_RING3

trunk/src/VBox/Runtime/common/asn1/asn1-dump.cpp

@@ -84 +84 @@
 static void rtAsn1DumpPrintIdent(PRTASN1DUMPDATA pData, uint32_t uDepth)
 {
-    uint32_t i = 0;
-    uDepth *= 2;
-    while (i < uDepth)
+    uint32_t cchLeft = uDepth * 2;
+    while (cchLeft > 0)
     {
         static char const s_szSpaces[] = "                                        ";
-        uint32_t cch = RT_MIN(uDepth, sizeof(s_szSpaces) - 1);
+        uint32_t cch = RT_MIN(cchLeft, sizeof(s_szSpaces) - 1);
         rtAsn1DumpPrintf(pData, &s_szSpaces[sizeof(s_szSpaces) - 1 - cch]);
-        i += cch;
+        cchLeft -= cch;
     }
 }

trunk/src/VBox/Runtime/common/asn1/asn1-ut-time-decode.cpp

@@ -178 +178 @@
      * Check the dot.
      */
-    if (*pchFraction == '.')
+    if (*pchFraction != '.')
         return RTAsn1CursorSetInfo(pCursor, VERR_ASN1_INVALID_GENERALIZED_TIME_ENCODING,
                                    "%s: Expected GeneralizedTime fraction dot, found: '%c' ('%.*s')",

trunk/src/VBox/Runtime/common/crypto/pkcs7-asn1-decoder.cpp

@@ -35 +35 @@
 #include <iprt/string.h>
 #include <iprt/crypto/spc.h>
+#include <iprt/crypto/tsp.h>
 
 #include "pkcs7-internal.h"
@@ -42 +43 @@
  * PKCS #7 ContentInfo
  */
+typedef enum RTCRPKCS7CONTENTINFOCHOICE
+{
+    RTCRPKCS7CONTENTINFOCHOICE_INVALID = 0,
+    RTCRPKCS7CONTENTINFOCHOICE_UNKNOWN,
+    RTCRPKCS7CONTENTINFOCHOICE_SIGNED_DATA,
+    RTCRPKCS7CONTENTINFOCHOICE_SPC_INDIRECT_DATA_CONTENT,
+    RTCRPKCS7CONTENTINFOCHOICE_TSP_TST_INFO,
+    RTCRPKCS7CONTENTINFOCHOICE_END,
+    RTCRPKCS7CONTENTINFOCHOICE_32BIT_HACK = 0x7fffffff
+} RTCRPKCS7CONTENTINFOCHOICE;
 
 static int rtCrPkcs7ContentInfo_DecodeExtra(PRTASN1CURSOR pCursor, uint32_t fFlags, PRTCRPKCS7CONTENTINFO pThis,
@@ -48 +59 @@
     pThis->u.pCore = NULL;
 
-    int             rc;
-    RTASN1CURSOR    ContentCursor;
+    /*
+     * Figure the type.
+     */
+    RTCRPKCS7CONTENTINFOCHOICE  enmChoice;
+    size_t                      cbContent = 0;
     if (RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRPKCS7SIGNEDDATA_OID) == 0)
     {
-        rc = RTAsn1MemAllocZ(&pThis->Content.EncapsulatedAllocation, (void **)&pThis->Content.pEncapsulated,
-                             sizeof(*pThis->u.pSignedData));
-        if (RT_SUCCESS(rc))
-        {
-            pThis->u.pCore = pThis->Content.pEncapsulated;
-            rc = RTAsn1CursorInitSubFromCore(pCursor, &pThis->Content.Asn1Core, &ContentCursor, "Content");
-            if (RT_SUCCESS(rc))
-                rc = RTCrPkcs7SignedData_DecodeAsn1(&ContentCursor, 0, pThis->u.pSignedData, "SignedData");
-        }
+        enmChoice = RTCRPKCS7CONTENTINFOCHOICE_SIGNED_DATA;
+        cbContent = sizeof(*pThis->u.pSignedData);
     }
     else if (RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRSPCINDIRECTDATACONTENT_OID) == 0)
     {
-        rc = RTAsn1MemAllocZ(&pThis->Content.EncapsulatedAllocation, (void **)&pThis->Content.pEncapsulated,
-                             sizeof(*pThis->u.pIndirectDataContent));
+        enmChoice = RTCRPKCS7CONTENTINFOCHOICE_SPC_INDIRECT_DATA_CONTENT;
+        cbContent = sizeof(*pThis->u.pIndirectDataContent);
+    }
+    else if (RTAsn1ObjId_CompareWithString(&pThis->ContentType, RTCRTSPTSTINFO_OID) == 0)
+    {
+        enmChoice = RTCRPKCS7CONTENTINFOCHOICE_TSP_TST_INFO;
+        cbContent = sizeof(*pThis->u.pTstInfo);
+    }
+    else
+    {
+        enmChoice = RTCRPKCS7CONTENTINFOCHOICE_UNKNOWN;
+        cbContent = 0;
+    }
+
+    int rc = VINF_SUCCESS;
+    if (enmChoice != RTCRPKCS7CONTENTINFOCHOICE_UNKNOWN)
+    {
+        /*
+         * Detect CMS octet string and open the content cursor.
+         * Current we don't have work with any contet which is octet string,
+         * they're all sequences, which make detection so much simpler.
+         */
+        PRTASN1OCTETSTRING  pOctetString = &pThis->Content;
+        RTASN1CURSOR        ContentCursor;
+        rc = RTAsn1CursorInitSubFromCore(pCursor, &pThis->Content.Asn1Core, &ContentCursor, "Content");
+        if (   RT_SUCCESS(rc)
+            && RTAsn1CursorIsNextEx(&ContentCursor, ASN1_TAG_OCTET_STRING, ASN1_TAGFLAG_PRIMITIVE | ASN1_TAGCLASS_UNIVERSAL))
+        {
+            rc = RTAsn1MemAllocZ(&pThis->Content.EncapsulatedAllocation, (void **)&pThis->Content.pEncapsulated,
+                                 sizeof(*pOctetString));
+            if (RT_SUCCESS(rc))
+            {
+                pThis->pCmsContent = pOctetString = (PRTASN1OCTETSTRING)pThis->Content.pEncapsulated;
+                rc = RTAsn1OctetString_DecodeAsn1(&ContentCursor, 0, pOctetString, "CmsContent");
+                if (RT_SUCCESS(rc))
+                    rc = RTAsn1CursorCheckEnd(&ContentCursor);
+                if (RT_SUCCESS(rc))
+                    rc = RTAsn1CursorInitSubFromCore(pCursor, &pOctetString->Asn1Core, &ContentCursor, "CmsContent");
+            }
+        }
         if (RT_SUCCESS(rc))
         {
-            pThis->u.pCore = pThis->Content.pEncapsulated;
-            rc = RTAsn1CursorInitSubFromCore(pCursor, &pThis->Content.Asn1Core, &ContentCursor, "Content");
+            /*
+             * Allocate memory for the decoded content.
+             */
+            rc = RTAsn1MemAllocZ(&pOctetString->EncapsulatedAllocation, (void **)&pOctetString->pEncapsulated, cbContent);
             if (RT_SUCCESS(rc))
-                rc = RTCrSpcIndirectDataContent_DecodeAsn1(&ContentCursor, 0, pThis->u.pIndirectDataContent, "IndirectDataContent");
+            {
+                pThis->u.pCore = pOctetString->pEncapsulated;
+
+                /*
+                 * Decode it.
+                 */
+                switch (enmChoice)
+                {
+                    case RTCRPKCS7CONTENTINFOCHOICE_SIGNED_DATA:
+                        rc = RTCrPkcs7SignedData_DecodeAsn1(&ContentCursor, 0, pThis->u.pSignedData, "SignedData");
+                        break;
+                    case RTCRPKCS7CONTENTINFOCHOICE_SPC_INDIRECT_DATA_CONTENT:
+                        rc = RTCrSpcIndirectDataContent_DecodeAsn1(&ContentCursor, 0, pThis->u.pIndirectDataContent,
+                                                                   "IndirectDataContent");
+                        break;
+                    case RTCRPKCS7CONTENTINFOCHOICE_TSP_TST_INFO:
+                        rc = RTCrTspTstInfo_DecodeAsn1(&ContentCursor, 0, pThis->u.pTstInfo, "TstInfo");
+                        break;
+                    default:
+                        AssertFailed();
+                        rc = VERR_IPE_NOT_REACHED_DEFAULT_CASE;
+                        break;
+                }
+                if (RT_SUCCESS(rc))
+                    rc = RTAsn1CursorCheckEnd(&ContentCursor);
+                if (RT_SUCCESS(rc))
+                    return VINF_SUCCESS;
+
+                RTAsn1MemFree(&pOctetString->EncapsulatedAllocation, pOctetString->pEncapsulated);
+                pOctetString->pEncapsulated = NULL;
+                pThis->u.pCore = NULL;
+            }
         }
     }
-    else
-        return VINF_SUCCESS;
-
-    if (RT_SUCCESS(rc))
-        rc = RTAsn1CursorCheckEnd(&ContentCursor);
-    if (RT_SUCCESS(rc))
-        return VINF_SUCCESS;
     return rc;
 }

trunk/src/VBox/Runtime/common/crypto/pkcs7-core.cpp

@@ -34 +34 @@
 #include <iprt/err.h>
 #include <iprt/string.h>
+#include <iprt/crypto/tsp.h>
 
 #include "pkcs7-internal.h"
@@ -127 +128 @@
 
 
+RTDECL(PCRTASN1TIME) RTCrPkcs7SignerInfo_GetMsTimestamp(PCRTCRPKCS7SIGNERINFO pThis, PCRTCRPKCS7CONTENTINFO *ppContentInfo)
+{
+    /*
+     * Assume there is only one, so no need to enumerate anything here.
+     */
+    uint32_t             cAttrsLeft = pThis->UnauthenticatedAttributes.cItems;
+    PCRTCRPKCS7ATTRIBUTE pAttr      = pThis->UnauthenticatedAttributes.paItems;
+    while (cAttrsLeft-- > 0)
+    {
+        if (pAttr->enmType == RTCRPKCS7ATTRIBUTETYPE_MS_TIMESTAMP)
+        {
+            uint32_t                cLeft        = pAttr->uValues.pContentInfos->cItems;
+            PCRTCRPKCS7CONTENTINFO  pContentInfo = &pAttr->uValues.pContentInfos->paItems[0];
+            while (cLeft-- > 0)
+            {
+                if (RTAsn1ObjId_CompareWithString(&pContentInfo->ContentType, RTCRPKCS7SIGNEDDATA_OID) == 0)
+                {
+                    if (RTAsn1ObjId_CompareWithString(&pContentInfo->u.pSignedData->ContentInfo.ContentType,
+                                                      RTCRTSPTSTINFO_OID) == 0)
+                    {
+                        if (ppContentInfo)
+                            *ppContentInfo = pContentInfo;
+                        return &pContentInfo->u.pSignedData->ContentInfo.u.pTstInfo->GenTime;
+                    }
+                }
+
+                pContentInfo++;
+            }
+        }
+        pAttr++;
+    }
+
+    /*
+     * No signature was found.
+     */
+    if (ppContentInfo)
+        *ppContentInfo = NULL;
+
+    return NULL;
+}
+
+
 /*
  * PCKS #7 ContentInfo.
@@ -138 +181 @@
 
 /*
+ * Set of some kind of certificate supported by PKCS #7 or CMS.
+ */
+
+RTDECL(PCRTCRX509CERTIFICATE)
+RTCrPkcs7SetOfCerts_FindX509ByIssuerAndSerialNumber(PCRTCRPKCS7SETOFCERTS pCertificates,
+                                                    PCRTCRX509NAME pIssuer, PCRTASN1INTEGER pSerialNumber)
+{
+    for (uint32_t i = 0; i < pCertificates->cItems; i++)
+        if (   pCertificates->paItems[i].enmChoice == RTCRPKCS7CERTCHOICE_X509
+            && RTCrX509Certificate_MatchIssuerAndSerialNumber(pCertificates->paItems[i].u.pX509Cert, pIssuer, pSerialNumber))
+            return pCertificates->paItems[i].u.pX509Cert;
+    return NULL;
+}
+
+
+/*
  * Generate the standard core code.
  */

trunk/src/VBox/Runtime/common/crypto/pkcs7-sanity.cpp

@@ -47 +47 @@
     //RTAsn1Dump(&pSignedData->SeqCore.Asn1Core, 0, 0, RTAsn1DumpStrmPrintfV, g_pStdOut);
 
-    if (RTAsn1Integer_UnsignedCompareWithU32(&pSignedData->Version, RTCRPKCS7SIGNEDDATA_V1) != 0)
+    if (   RTAsn1Integer_UnsignedCompareWithU32(&pSignedData->Version, RTCRPKCS7SIGNEDDATA_V1) != 0
+        && RTAsn1Integer_UnsignedCompareWithU32(&pSignedData->Version, RTCRPKCS7SIGNEDDATA_V3) != 0
+        && RTAsn1Integer_UnsignedCompareWithU32(&pSignedData->Version, RTCRPKCS7SIGNEDDATA_V4) != 0
+        && RTAsn1Integer_UnsignedCompareWithU32(&pSignedData->Version, RTCRPKCS7SIGNEDDATA_V5) != 0)
         return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_SIGNED_DATA_VERSION, "SignedData version is %llu, expected %u",
                              pSignedData->Version.uValue.u, RTCRPKCS7SIGNEDDATA_V1);
@@ -82 +85 @@
                             "SignedData.Certifcates is empty, expected at least one certificate");
 
-    if (pSignedData->Certificates.cItems > 0)
-    {
-        int rc = RTCrX509Certificates_CheckSanity(&pSignedData->Certificates, 0, pErrInfo, "SignedData.T0.Certificates");
-        if (RT_FAILURE(rc))
-            return rc;
-    }
-
     /*
      * Crls.
@@ -127 +123 @@
 
         PCRTCRX509CERTIFICATE pCert;
-        pCert = RTCrX509Certificates_FindByIssuerAndSerialNumber(&pSignedData->Certificates,
-                                                                 &pSignerInfo->IssuerAndSerialNumber.Name,
-                                                                 &pSignerInfo->IssuerAndSerialNumber.SerialNumber);
+        pCert = RTCrPkcs7SetOfCerts_FindX509ByIssuerAndSerialNumber(&pSignedData->Certificates,
+                                                                    &pSignerInfo->IssuerAndSerialNumber.Name,
+                                                                    &pSignerInfo->IssuerAndSerialNumber.SerialNumber);
         if (!pCert && (fFlags & RTCRPKCS7SIGNEDDATA_SANITY_F_SIGNING_CERT_PRESENT))
             return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_SIGNER_CERT_NOT_SHIPPED,
@@ -146 +142 @@
 
         /* Digest encryption algorithm. */
+#if 0  /** @todo Unimportant: Seen timestamp signatures specifying pkcs1-Sha256WithRsaEncryption in SignerInfo and just RSA in the certificate.  Figure out how to compare the two. */
         if (   pCert
             && RTCrX509AlgorithmIdentifier_Compare(&pSignerInfo->DigestEncryptionAlgorithm,
@@ -153 +150 @@
                                  i, pSignerInfo->DigestEncryptionAlgorithm.Algorithm.szObjId,
                                  pCert->TbsCertificate.SubjectPublicKeyInfo.Algorithm.Algorithm.szObjId);
+#endif
 
         /* Authenticated attributes we know. */

trunk/src/VBox/Runtime/common/crypto/pkcs7-template.h

@@ -59 +59 @@
 RTASN1TMPL_MEMBER_DYN(          uValues,    pSigningTime,   RTASN1SETOFTIMES,           RTAsn1SetOfTimes,           Allocation,
     enmType, RTCRPKCS7ATTRIBUTETYPE_SIGNING_TIME,   RTAsn1ObjId_CompareWithString(&pThis->Type, RTCR_PKCS9_ID_SIGNING_TIME_OID) == 0);
+RTASN1TMPL_MEMBER_DYN(          uValues,    pContentInfos,  RTCRPKCS7SETOFCONTENTINFOS, RTCrPkcs7SetOfContentInfos, Allocation,
+    enmType, RTCRPKCS7ATTRIBUTETYPE_MS_TIMESTAMP,   RTAsn1ObjId_CompareWithString(&pThis->Type, RTCR_PKCS9_ID_MS_TIMESTAMP) == 0);
 RTASN1TMPL_MEMBER_DYN_DEFAULT(  uValues,    pCores,         RTASN1SETOFCORES,           RTAsn1SetOfCores,           Allocation,
     enmType, RTCRPKCS7ATTRIBUTETYPE_UNKNOWN);
@@ -122 +124 @@
 RTASN1TMPL_MEMBER(              DigestAlgorithms,           RTCRX509ALGORITHMIDENTIFIERS,   RTCrX509AlgorithmIdentifiers);
 RTASN1TMPL_MEMBER(              ContentInfo,                RTCRPKCS7CONTENTINFO,           RTCrPkcs7ContentInfo);
-RTASN1TMPL_MEMBER_OPT_ITAG(     Certificates,               RTCRX509CERTIFICATES,           RTCrX509Certificates,   0);
+RTASN1TMPL_MEMBER_OPT_ITAG(     Certificates,               RTCRPKCS7SETOFCERTS,            RTCrPkcs7SetOfCerts,    0);
 RTASN1TMPL_MEMBER_OPT_ITAG(     Crls,                       RTASN1CORE,                     RTAsn1Core,             1);
 RTASN1TMPL_MEMBER(              SignerInfos,                RTCRPKCS7SIGNERINFOS,           RTCrPkcs7SignerInfos);
 RTASN1TMPL_EXEC_CHECK_SANITY(   rc = rtCrPkcs7SignedData_CheckSanityExtra(pThis, fFlags, pErrInfo, pszErrorTag) ) /* no ; */
 RTASN1TMPL_END_SEQCORE();
+#undef RTASN1TMPL_TYPE
+#undef RTASN1TMPL_EXT_NAME
+#undef RTASN1TMPL_INT_NAME
+
+
+/*
+ * Set of PCKS #7 SignedData.
+ */
+#define RTASN1TMPL_TYPE         RTCRPKCS7SETOFSIGNEDDATA
+#define RTASN1TMPL_EXT_NAME     RTCrPkcs7SetOfSignedData
+#define RTASN1TMPL_INT_NAME     rtCrPkcs7SetOfSignedData
+RTASN1TMPL_SET_OF(RTCRPKCS7SIGNEDDATA, RTCrPkcs7SignedData);
 #undef RTASN1TMPL_TYPE
 #undef RTASN1TMPL_EXT_NAME
@@ -163 +177 @@
 #undef RTASN1TMPL_INT_NAME
 
+
+/*
+ * Set of PCKS #7 ContentInfo.
+ */
+#define RTASN1TMPL_TYPE         RTCRPKCS7SETOFCONTENTINFOS
+#define RTASN1TMPL_EXT_NAME     RTCrPkcs7SetOfContentInfos
+#define RTASN1TMPL_INT_NAME     rtCrPkcs7SetOfContentInfos
+RTASN1TMPL_SET_OF(RTCRPKCS7CONTENTINFO, RTCrPkcs7ContentInfo);
+#undef RTASN1TMPL_TYPE
+#undef RTASN1TMPL_EXT_NAME
+#undef RTASN1TMPL_INT_NAME
+
+
+/*
+ * One PKCS #7 ExtendedCertificateOrCertificate or a CMS CertificateChoices (sic).
+ */
+#define RTASN1TMPL_TYPE         RTCRPKCS7CERT
+#define RTASN1TMPL_EXT_NAME     RTCrPkcs7Cert
+#define RTASN1TMPL_INT_NAME     rtCrPkcs7Cert
+RTASN1TMPL_BEGIN_PCHOICE();
+RTASN1TMPL_PCHOICE_ITAG_UC(     ASN1_TAG_SEQUENCE, RTCRPKCS7CERTCHOICE_X509, u.pX509Cert, X509Cert,     RTCRX509CERTIFICATE, RTCrX509Certificate);
+RTASN1TMPL_PCHOICE_ITAG(        0, RTCRPKCS7CERTCHOICE_EXTENDED_PKCS6, u.pExtendedCert,   ExtendedCert, RTASN1CORE, RTAsn1Core);
+RTASN1TMPL_PCHOICE_ITAG(        1, RTCRPKCS7CERTCHOICE_AC_V1,          u.pAcV1,           AcV1,         RTASN1CORE, RTAsn1Core);
+RTASN1TMPL_PCHOICE_ITAG(        2, RTCRPKCS7CERTCHOICE_AC_V2,          u.pAcV2,           AcV2,         RTASN1CORE, RTAsn1Core);
+RTASN1TMPL_PCHOICE_ITAG(        3, RTCRPKCS7CERTCHOICE_OTHER,          u.pOtherCert,      OtherCert,    RTASN1CORE, RTAsn1Core);
+RTASN1TMPL_END_PCHOICE();
+#undef RTASN1TMPL_TYPE
+#undef RTASN1TMPL_EXT_NAME
+#undef RTASN1TMPL_INT_NAME
+
+
+/*
+ * Set of PKCS #7 ExtendedCertificateOrCertificate or a CMS CertificateChoices.
+ */
+#define RTASN1TMPL_TYPE         RTCRPKCS7SETOFCERTS
+#define RTASN1TMPL_EXT_NAME     RTCrPkcs7SetOfCerts
+#define RTASN1TMPL_INT_NAME     rtCrPkcs7SetOfCerts
+RTASN1TMPL_SET_OF(RTCRPKCS7CERT, RTCrPkcs7Cert);
+#undef RTASN1TMPL_TYPE
+#undef RTASN1TMPL_EXT_NAME
+#undef RTASN1TMPL_INT_NAME
+

trunk/src/VBox/Runtime/common/crypto/pkcs7-verify.cpp

@@ -71 +71 @@
         if (RT_SUCCESS(rcOssl))
         {
-            for (uint32_t i = 0; i < pContentInfo->u.pSignedData->Certificates.cItems; i++)
-                rtCrOpenSslAddX509CertToStack(pAddCerts, &pContentInfo->u.pSignedData->Certificates.paItems[i]);
+            PCRTCRPKCS7SETOFCERTS pCerts = &pContentInfo->u.pSignedData->Certificates;
+            for (uint32_t i = 0; i < pCerts->cItems; i++)
+                if (pCerts->paItems[i].enmChoice == RTCRPKCS7CERTCHOICE_X509)
+                    rtCrOpenSslAddX509CertToStack(pAddCerts, pCerts->paItems[i].u.pX509Cert);
 
 
@@ -398 +400 @@
     {
         hSignerCertSrc = NULL;
-        pSignerCert = RTCrX509Certificates_FindByIssuerAndSerialNumber(&pSignedData->Certificates,
-                                                                       &pSignerInfo->IssuerAndSerialNumber.Name,
-                                                                       &pSignerInfo->IssuerAndSerialNumber.SerialNumber);
+        pSignerCert = RTCrPkcs7SetOfCerts_FindX509ByIssuerAndSerialNumber(&pSignedData->Certificates,
+                                                                          &pSignerInfo->IssuerAndSerialNumber.Name,
+                                                                          &pSignerInfo->IssuerAndSerialNumber.SerialNumber);
         if (!pSignerCert)
             return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_SIGNED_DATA_CERT_NOT_FOUND,
@@ -426 +428 @@
                 rc = RTCrX509CertPathsSetUntrustedStore(hCertPaths, hAdditionalCerts);
             if (pSignedData->Certificates.cItems > 0 && RT_SUCCESS(rc))
-                rc = RTCrX509CertPathsSetUntrustedArray(hCertPaths,
-                                                        pSignedData->Certificates.paItems,
-                                                        pSignedData->Certificates.cItems);
+                rc = RTCrX509CertPathsSetUntrustedSet(hCertPaths, &pSignedData->Certificates);
             if (RT_SUCCESS(rc))
             {
@@ -586 +586 @@
         return rc;
 
-    AssertReturn(!(fFlags & RTCRPKCS7VERIFY_SD_F_COUNTER_SIGNATURE), VERR_INVALID_FLAGS);
-
     /*
      * Hash the content info.
@@ -640 +638 @@
              * Validate the signed infos.
              */
+            uint32_t fPrimaryVccFlags = !(fFlags & RTCRPKCS7VERIFY_SD_F_USAGE_TIMESTAMPING)
+                                      ? RTCRPKCS7VCC_F_SIGNED_DATA : RTCRPKCS7VCC_F_TIMESTAMP;
             rc = VERR_CR_PKCS7_NO_SIGNER_INFOS;
             for (i = 0; i < pSignedData->SignerInfos.cItems; i++)
@@ -651 +651 @@
                 /*
                  * See if we can find a trusted signing time.
+                 * (Note that while it would make sense splitting up this function,
+                 * we need to carry a lot of arguments around, so better not.)
                  */
                 bool                    fDone              = false;
@@ -667 +669 @@
                             rc = rtCrPkcs7VerifySignerInfo(pSignerInfo, pSignedData, hThisDigest, fFlags,
                                                            hAdditionalCerts, hTrustedCerts, &ThisValidationTime,
-                                                           pfnVerifyCert, RTCRPKCS7VCC_F_SIGNED_DATA | RTCRPKCS7VCC_F_TIMESTAMP,
+                                                           pfnVerifyCert, fPrimaryVccFlags | RTCRPKCS7VCC_F_TIMESTAMP,
                                                            pvUser, pErrInfo);
                         }
@@ -680 +682 @@
                                 rc = rtCrPkcs7VerifySignerInfo(pSignerInfo, pSignedData, hThisDigest, fFlags, hAdditionalCerts,
                                                                hTrustedCerts, &ThisValidationTime,
-                                                               pfnVerifyCert, RTCRPKCS7VCC_F_SIGNED_DATA, pvUser, pErrInfo);
+                                                               pfnVerifyCert, fPrimaryVccFlags, pvUser, pErrInfo);
                         }
                         fDone = RT_SUCCESS(rc)
@@ -693 +695 @@
 
                 /*
+                 * If not luck, check for microsoft timestamp counter signatures.
+                 */
+                if (!fDone && !(fFlags & RTCRPKCS7VERIFY_SD_F_IGNORE_MS_TIMESTAMP))
+                {
+                    PCRTCRPKCS7CONTENTINFO pSignedTimestamp = NULL;
+                    pSignedTime = RTCrPkcs7SignerInfo_GetMsTimestamp(pSignerInfo, &pSignedTimestamp);
+                    if (pSignedTime)
+                    {
+                        RTTIMESPEC ThisValidationTime;
+                        if (RT_LIKELY(RTTimeImplode(&ThisValidationTime, &pSignedTime->Time)))
+                        {
+                            rc = VINF_SUCCESS;
+                            if (!(fFlags & RTCRPKCS7VERIFY_SD_F_USE_MS_TIMESTAMP_UNVERIFIED))
+                                rc = RTCrPkcs7VerifySignedData(pSignedTimestamp,
+                                                               fFlags | RTCRPKCS7VERIFY_SD_F_IGNORE_MS_TIMESTAMP
+                                                               | RTCRPKCS7VERIFY_SD_F_USAGE_TIMESTAMPING,
+                                                               hAdditionalCerts, hTrustedCerts, &ThisValidationTime,
+                                                               pfnVerifyCert, pvUser, pErrInfo);
+
+                            if (RT_SUCCESS(rc))
+                                rc = rtCrPkcs7VerifySignerInfo(pSignerInfo, pSignedData, hThisDigest, fFlags, hAdditionalCerts,
+                                                               hTrustedCerts, &ThisValidationTime,
+                                                               pfnVerifyCert, fPrimaryVccFlags, pvUser, pErrInfo);
+                            fDone = RT_SUCCESS(rc)
+                                 || (fFlags & RTCRPKCS7VERIFY_SD_F_ALWAYS_USE_MS_TIMESTAMP_IF_PRESENT);
+                        }
+                        else
+                        {
+                            rc = RTErrInfoSet(pErrInfo, VERR_INTERNAL_ERROR_3, "RTTimeImplode failed");
+                            fDone = true;
+                        }
+
+                    }
+                }
+
+                /*
                  * No valid signing time found, use the one specified instead.
                  */
                 if (!fDone)
                     rc = rtCrPkcs7VerifySignerInfo(pSignerInfo, pSignedData, hThisDigest, fFlags, hAdditionalCerts, hTrustedCerts,
-                                                   pValidationTime, pfnVerifyCert, RTCRPKCS7VCC_F_SIGNED_DATA, pvUser, pErrInfo);
+                                                   pValidationTime, pfnVerifyCert, fPrimaryVccFlags, pvUser, pErrInfo);
                 RTCrDigestRelease(hThisDigest);
                 if (RT_FAILURE(rc))
@@ -721 +759 @@
      * Verify using OpenSSL and combine the results (should be identical).
      */
+    /** @todo figure out how to verify MS timstamp signatures using OpenSSL. */
+    if (fFlags & RTCRPKCS7VERIFY_SD_F_USAGE_TIMESTAMPING)
+        return rc;
     int rcOssl = rtCrPkcs7VerifySignedDataUsingOpenSsl(pContentInfo, fFlags, hAdditionalCerts, hTrustedCerts,
                                                        pvContent, cbContent, RT_SUCCESS(rc) ? pErrInfo : NULL);

trunk/src/VBox/Runtime/common/crypto/x509-certpaths.cpp

@@ -39 +39 @@
 #include <iprt/list.h>
 #include <iprt/time.h>
+#include <iprt/crypto/pkcs7.h> /* PCRTCRPKCS7SETOFCERTS */
 #include <iprt/crypto/store.h>
 
@@ -92 +93 @@
 #define RTCRX509CERTPATHNODE_SRC_NONE               0
 #define RTCRX509CERTPATHNODE_SRC_TARGET             1
-#define RTCRX509CERTPATHNODE_SRC_UNTRUSTED_ARRAY    2
-#define RTCRX509CERTPATHNODE_SRC_UNTRUSTED_STORE    3
-#define RTCRX509CERTPATHNODE_SRC_TRUSTED_STORE      4
-#define RTCRX509CERTPATHNODE_SRC_TRUSTED_CERT       5
+#define RTCRX509CERTPATHNODE_SRC_UNTRUSTED_SET      2
+#define RTCRX509CERTPATHNODE_SRC_UNTRUSTED_ARRAY    3
+#define RTCRX509CERTPATHNODE_SRC_UNTRUSTED_STORE    4
+#define RTCRX509CERTPATHNODE_SRC_TRUSTED_STORE      5
+#define RTCRX509CERTPATHNODE_SRC_TRUSTED_CERT       6
 #define RTCRX509CERTPATHNODE_SRC_IS_TRUSTED(uSrc)   ((uSrc) >= RTCRX509CERTPATHNODE_SRC_TRUSTED_STORE)
 /** @} */
@@ -164 +166 @@
     /** Store of untrusted certificates. */
     RTCRSTORE                       hUntrustedStore;
-    /** Array of untrusted certificates, typically from the protocol (like the
-     *  certificates member of PKCS \#7 SignedData). */
+    /** Array of untrusted certificates, typically from the protocol. */
     PCRTCRX509CERTIFICATE           paUntrustedCerts;
     /** Number of entries in paUntrusted. */
     uint32_t                        cUntrustedCerts;
+    /** Set of untrusted PKCS \#7 / CMS certificatess. */
+    PCRTCRPKCS7SETOFCERTS           pUntrustedCertsSet;
 
     /** UTC time we're going to validate the path at, requires
@@ -364 +367 @@
             pThis->hUntrustedStore              = NIL_RTCRSTORE;
             pThis->paUntrustedCerts             = NULL; /* Referencing user memory. */
+            pThis->pUntrustedCertsSet           = NULL; /* Referencing user memory. */
             pThis->papInitialUserPolicySet      = NULL; /* Referencing user memory. */
             pThis->pInitialPermittedSubtrees    = NULL; /* Referencing user memory. */
@@ -438 +442 @@
     pThis->paUntrustedCerts = paCerts;
     pThis->cUntrustedCerts  = cCerts;
+    return VINF_SUCCESS;
+}
+
+
+RTDECL(int) RTCrX509CertPathsSetUntrustedSet(RTCRX509CERTPATHS hCertPaths, PCRTCRPKCS7SETOFCERTS pSetOfCerts)
+{
+    PRTCRX509CERTPATHSINT pThis = hCertPaths;
+    AssertPtrReturn(pThis, VERR_INVALID_HANDLE);
+    AssertReturn(pThis->u32Magic == RTCRX509CERTPATHSINT_MAGIC, VERR_INVALID_HANDLE);
+
+    pThis->pUntrustedCertsSet = pSetOfCerts;
     return VINF_SUCCESS;
 }
@@ -694 +709 @@
             if (RTCrX509Certificate_MatchSubjectOrAltSubjectByRfc5280(&pThis->paUntrustedCerts[i], pIssuer))
                 rtCrX509CertPathsAddIssuer(pThis, pNode, &pThis->paUntrustedCerts[i], NULL,
-                                                 RTCRX509CERTPATHNODE_SRC_UNTRUSTED_ARRAY);
+                                           RTCRX509CERTPATHNODE_SRC_UNTRUSTED_ARRAY);
+
+    /** @todo Rainy day: Should abstract the untrusted array and set so we don't get
+     *        unnecessary PKCS7/CMS header dependencies. */
+
+    /*
+     * Untrusted set.
+     */
+    if (pThis->pUntrustedCertsSet)
+    {
+        uint32_t const  cCerts  = pThis->pUntrustedCertsSet->cItems;
+        PCRTCRPKCS7CERT paCerts = pThis->pUntrustedCertsSet->paItems;
+        for (uint32_t i = 0; i < cCerts; i++)
+            if (   paCerts[i].enmChoice == RTCRPKCS7CERTCHOICE_X509
+                && RTCrX509Certificate_MatchSubjectOrAltSubjectByRfc5280(paCerts[i].u.pX509Cert, pIssuer))
+                rtCrX509CertPathsAddIssuer(pThis, pNode, paCerts[i].u.pX509Cert, NULL, RTCRX509CERTPATHNODE_SRC_UNTRUSTED_SET);
+    }
 }
 
@@ -1084 +1115 @@
     {
         case RTCRX509CERTPATHNODE_SRC_TARGET:           return "target";
+        case RTCRX509CERTPATHNODE_SRC_UNTRUSTED_SET:    return "untrusted_set";
         case RTCRX509CERTPATHNODE_SRC_UNTRUSTED_ARRAY:  return "untrusted_array";
         case RTCRX509CERTPATHNODE_SRC_UNTRUSTED_STORE:  return "untrusted_store";

trunk/src/VBox/Runtime/tools/RTSignTool.cpp

@@ -183 +183 @@
                     PCRTCRPKCS7ISSUERANDSERIALNUMBER pISN = &pSd->SignerInfos.paItems[0].IssuerAndSerialNumber;
                     PCRTCRX509CERTIFICATE pCert;
-                    pCert = RTCrX509Certificates_FindByIssuerAndSerialNumber(&pSd->Certificates,
-                                                                            &pISN->Name, &pISN->SerialNumber);
+                    pCert = RTCrPkcs7SetOfCerts_FindX509ByIssuerAndSerialNumber(&pSd->Certificates,
+                                                                                &pISN->Name, &pISN->SerialNumber);
                     if (pCert)
                     {
@@ -404 +404 @@
             return RTCrPkcs7VerifySignedData(pContentInfo,
                                              RTCRPKCS7VERIFY_SD_F_COUNTER_SIGNATURE_SIGNING_TIME_ONLY
-                                             | RTCRPKCS7VERIFY_SD_F_ALWAYS_USE_SIGNING_TIME_IF_PRESENT,
+                                             | RTCRPKCS7VERIFY_SD_F_ALWAYS_USE_SIGNING_TIME_IF_PRESENT
+                                             | RTCRPKCS7VERIFY_SD_F_ALWAYS_USE_MS_TIMESTAMP_IF_PRESENT,
                                              pState->hAdditionalStore, pState->hRootStore, &ValidationTime,
                                              VerifyExecCertVerifyCallback, pState, pErrInfo);