Changeset 59669 in vbox

Timestamp:

Feb 15, 2016 12:36:48 AM (9 years ago)

Author:

vboxsync

Message:

ApplianceImplImport.cpp: started on certificate validation.

Location:

trunk/src/VBox/Main

Files:

• include/ApplianceImplPrivate.h (modified) (3 diffs)
• src-server/ApplianceImplImport.cpp (modified) (3 diffs)

trunk/src/VBox/Main/include/ApplianceImplPrivate.h

@@ -69 +69 @@
       , hMemFileTheirManifest(NIL_RTVFSFILE)
       , fSignerCertLoaded(false)
+      , fCertificateValid(false)
       , fSignatureValid(false)
       , pbSignedDigest(NULL)
@@ -127 +128 @@
         enmSignedDigestType    = RTDIGESTTYPE_INVALID;
         fSignatureValid        = false;
+        fCertificateValid      = false;
         fDeterminedDigestTypes = false;
-        fDigestTypes           = RTMANIFEST_ATTR_SHA1 | RTMANIFEST_ATTR_SHA256;
+        fDigestTypes           = RTMANIFEST_ATTR_SHA1 | RTMANIFEST_ATTR_SHA256 | RTMANIFEST_ATTR_SHA512;
     }
 
@@ -165 +167 @@
     /** Set if the SignerCert member contains usable data. */
     bool                fSignerCertLoaded;
-    /** Set by read() if it found a certificate and the signature is fine. */
+    /** Set by read() when the SignerCert checked out fine. */
+    bool                fCertificateValid;
+    /** Set by read() if pbSignedDigest verified correctly against SignerCert. */
     bool                fSignatureValid;
     /** The signed digest of the manifest. */

trunk/src/VBox/Main/src-server/ApplianceImplImport.cpp

@@ -1667 +1667 @@
     else
         hrc = setErrorVrc(vrc, tr("Error reading the signer's certificate from '%s' for '%s' (%Rrc): %s"),
-                          pszSubFileNm, pTask->locInfo.strPath.c_str(), vrc, StaticErrInfo.szMsg);
+                          pszSubFileNm, pTask->locInfo.strPath.c_str(), vrc, StaticErrInfo.Core.pszMsg);
 
     RTVfsIoStrmReadAllFree(pvSignature, cbSignature);
@@ -1723 +1723 @@
                     vrc = RTCrPkixSignatureVerify(hSignature, hDigest, m->pbSignedDigest, m->cbSignedDigest);
                     if (RT_SUCCESS(vrc))
+                    {
+                        m->fSignatureValid = true;
                         hrc = S_OK;
+                    }
                     else if (vrc == VERR_CR_PKIX_SIGNATURE_MISMATCH)
                         hrc = setErrorVrc(vrc, tr("The manifest signature does not match"));
@@ -1741 +1744 @@
         if (SUCCEEDED(hrc))
         {
+            if (RTCrX509Certificate_IsSelfSigned(&m->SignerCert))
+            {
+                /* Not entirely sure if we care whether a self issued certificate is
+                   marked as CA. But let's be a little bit picky about it for now. */
+                if (   m->SignerCert.TbsCertificate.T3.pBasicConstraints
+                    && m->SignerCert.TbsCertificate.T3.pBasicConstraints->CA.fValue)
+                {
+                    RTERRINFOSTATIC StaticErrInfo;
+                    vrc = RTCrX509Certificate_VerifySignatureSelfSigned(&m->SignerCert, RTErrInfoInitStatic(&StaticErrInfo));
+                    if (RT_SUCCESS(vrc))
+                        hrc = S_OK;
+                    else
+                        hrc = setErrorVrc(vrc, tr("Verification of the self signed certificate used to sign '%s' failed (%Rrc): %s"),
+                                          pTask->locInfo.strPath.c_str(), vrc, StaticErrInfo.Core.pszMsg);
+                }
+                else
+                    hrc = setError(E_FAIL,
+                                   tr("Self signed certificate used to sign '%s' is not marked as certificate authority (CA)"),
+                                   pTask->locInfo.strPath.c_str());
+            }
+            else
+            {
+
+            }
+
             /** @todo certificate validation. */
         }
-
     }