Changeset 64883 in vbox for trunk/src/VBox/Runtime/common
- Timestamp:
- Dec 15, 2016 3:26:20 PM (8 years ago)
- Location:
- trunk/src/VBox/Runtime/common
- Files:
-
- 13 edited
-
asn1/asn1-basics.cpp (modified) (2 diffs)
-
asn1/asn1-cursor.cpp (modified) (1 diff)
-
asn1/asn1-default-allocator.cpp (modified) (1 diff)
-
asn1/asn1-efence-allocator.cpp (modified) (2 diffs)
-
crypto/pkcs7-core.cpp (modified) (11 diffs)
-
crypto/pkcs7-sanity.cpp (modified) (4 diffs)
-
crypto/pkcs7-verify.cpp (modified) (8 diffs)
-
crypto/spc-core.cpp (modified) (1 diff)
-
crypto/spc-sanity.cpp (modified) (2 diffs)
-
crypto/x509-certpaths.cpp (modified) (24 diffs)
-
crypto/x509-core.cpp (modified) (24 diffs)
-
crypto/x509-init.cpp (modified) (2 diffs)
-
crypto/x509-sanity.cpp (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Runtime/common/asn1/asn1-basics.cpp
r62564 r64883 75 75 76 76 77 78 RTDECL(int) RTAsn1MemGrowArray(PRTASN1ALLOCATION pAllocation, void **ppvArray, size_t cbEntry, 79 uint32_t cCurrent, uint32_t cNew) 77 RTDECL(int) RTAsn1MemResizeArray(PRTASN1ARRAYALLOCATION pAllocation, void ***ppapvArray, uint32_t cCurrent, uint32_t cNew) 80 78 { 81 79 AssertReturn(pAllocation->pAllocator != NULL, VERR_WRONG_ORDER); 82 AssertReturn(cbEntry > 0, VERR_INVALID_PARAMETER); 83 AssertReturn(cNew > cCurrent, VERR_INVALID_PARAMETER); 80 AssertReturn(pAllocation->cbEntry > 0, VERR_WRONG_ORDER); 81 AssertReturn(cCurrent <= pAllocation->cEntriesAllocated, VERR_INVALID_PARAMETER); 82 AssertReturn(cCurrent <= pAllocation->cPointersAllocated, VERR_INVALID_PARAMETER); 84 83 AssertReturn(cNew < _1M, VERR_OUT_OF_RANGE); 85 86 pAllocation->cReallocs++; 87 88 void *pvOld = *ppvArray; 89 90 /* Initial allocation? */ 91 if (cCurrent == 0) 92 { 93 AssertReturn(pvOld == NULL, VERR_INVALID_PARAMETER); 94 AssertReturn(cNew != 0, VERR_INVALID_PARAMETER); 95 return pAllocation->pAllocator->pfnAlloc(pAllocation->pAllocator, pAllocation, ppvArray, cNew * cbEntry); 96 } 97 98 /* Do we need to grow the allocation or did we already allocate sufficient memory in a previous call? */ 99 size_t cbNew = cNew * cbEntry; 100 if (pAllocation->cbAllocated < cbNew) 101 { 102 /* Need to grow. Adjust the new size according to how many times we've been called. */ 103 if (pAllocation->cReallocs > 2) 104 { 105 if (pAllocation->cReallocs > 8) 106 cNew += 8; 107 else if (pAllocation->cReallocs < 4) 108 cNew += 2; 109 else 110 cNew += 4; 111 cbNew += cNew * cbEntry; 112 } 113 114 int rc = pAllocation->pAllocator->pfnRealloc(pAllocation->pAllocator, pAllocation, pvOld, ppvArray, cbNew); 115 if (RT_FAILURE(rc)) 116 return rc; 117 Assert(pAllocation->cbAllocated >= cbNew); 118 119 /* Clear the memory. */ 120 size_t cbOld = cCurrent * cbEntry; 121 RT_BZERO((uint8_t *)*ppvArray + cbOld, pAllocation->cbAllocated - cbOld); 122 } 123 124 return VINF_SUCCESS; 84 Assert(pAllocation->cEntriesAllocated <= pAllocation->cPointersAllocated); 85 86 /* 87 * Is there sufficent space allocated already? 88 * 89 * We keep unused entires ZEROed, therefore we must always call the allocator 90 * when shrinking (this also helps with the electric fence allocator). 91 */ 92 if (cNew <= pAllocation->cEntriesAllocated) 93 { 94 if (cCurrent <= cNew) 95 return VINF_SUCCESS; 96 pAllocation->pAllocator->pfnShrinkArray(pAllocation->pAllocator, pAllocation, ppapvArray, cCurrent, cNew); 97 return VINF_SUCCESS; 98 } 99 100 /* 101 * Must grow (or do initial alloc). 102 */ 103 pAllocation->cResizeCalls++; 104 return pAllocation->pAllocator->pfnGrowArray(pAllocation->pAllocator, pAllocation, ppapvArray, cNew); 105 } 106 107 108 RTDECL(void) RTAsn1MemFreeArray(PRTASN1ARRAYALLOCATION pAllocation, void **papvArray) 109 { 110 Assert(pAllocation->pAllocator != NULL); 111 if (papvArray) 112 { 113 pAllocation->pAllocator->pfnFreeArray(pAllocation->pAllocator, pAllocation, papvArray); 114 Assert(pAllocation->cPointersAllocated == 0); 115 Assert(pAllocation->cEntriesAllocated == 0); 116 } 125 117 } 126 118 … … 171 163 pAllocation->uReserved0 = 0; 172 164 pAllocation->pAllocator = pAllocator; 165 return pAllocation; 166 } 167 168 169 RTDECL(PRTASN1ARRAYALLOCATION) RTAsn1MemInitArrayAllocation(PRTASN1ARRAYALLOCATION pAllocation, 170 PCRTASN1ALLOCATORVTABLE pAllocator, size_t cbEntry) 171 { 172 Assert(cbEntry >= sizeof(RTASN1CORE)); 173 Assert(cbEntry < _1M); 174 Assert(RT_ALIGN_Z(cbEntry, sizeof(void *)) == cbEntry); 175 pAllocation->cbEntry = (uint32_t)cbEntry; 176 pAllocation->cPointersAllocated = 0; 177 pAllocation->cEntriesAllocated = 0; 178 pAllocation->cResizeCalls = 0; 179 pAllocation->uReserved0 = 0; 180 pAllocation->pAllocator = pAllocator; 173 181 return pAllocation; 174 182 } -
trunk/src/VBox/Runtime/common/asn1/asn1-cursor.cpp
r63451 r64883 202 202 pAllocation->uReserved0 = 0; 203 203 pAllocation->pAllocator = pCursor->pPrimary->pAllocator; 204 return pAllocation; 205 } 206 207 208 RTDECL(PRTASN1ARRAYALLOCATION) RTAsn1CursorInitArrayAllocation(PRTASN1CURSOR pCursor, PRTASN1ARRAYALLOCATION pAllocation, 209 size_t cbEntry) 210 { 211 Assert(cbEntry >= sizeof(RTASN1CORE)); 212 Assert(cbEntry < _1M); 213 Assert(RT_ALIGN_Z(cbEntry, sizeof(void *)) == cbEntry); 214 pAllocation->cbEntry = (uint32_t)cbEntry; 215 pAllocation->cPointersAllocated = 0; 216 pAllocation->cEntriesAllocated = 0; 217 pAllocation->cResizeCalls = 0; 218 pAllocation->uReserved0 = 0; 219 pAllocation->pAllocator = pCursor->pPrimary->pAllocator; 204 220 return pAllocation; 205 221 } -
trunk/src/VBox/Runtime/common/asn1/asn1-default-allocator.cpp
r62564 r64883 100 100 101 101 102 /** @interface_method_impl{RTASN1ALLOCATORVTABLE, pfnFreeArray} */ 103 static DECLCALLBACK(void) rtAsn1DefaultAllocator_FreeArray(PCRTASN1ALLOCATORVTABLE pThis, PRTASN1ARRAYALLOCATION pAllocation, 104 void **papvArray) 105 { 106 RT_NOREF_PV(pThis); 107 Assert(papvArray); 108 Assert(pAllocation->cbEntry); 109 110 uint32_t i = pAllocation->cEntriesAllocated; 111 while (i-- > 0) 112 RTMemFree(papvArray[i]); 113 RTMemFree(papvArray); 114 115 pAllocation->cEntriesAllocated = 0; 116 pAllocation->cPointersAllocated = 0; 117 } 118 119 120 /** @interface_method_impl{RTASN1ALLOCATORVTABLE, pfnGrowArray} */ 121 static DECLCALLBACK(int) rtAsn1DefaultAllocator_GrowArray(PCRTASN1ALLOCATORVTABLE pThis, PRTASN1ARRAYALLOCATION pAllocation, 122 void ***ppapvArray, uint32_t cMinEntries) 123 { 124 RT_NOREF_PV(pThis); 125 126 /* 127 * Resize the pointer array. We do chunks of 64 bytes for now. 128 */ 129 void **papvArray = *ppapvArray; 130 uint32_t cPointers = RT_ALIGN_32(cMinEntries, 64 / sizeof(void *)); 131 if (cPointers > pAllocation->cPointersAllocated) 132 { 133 void *pvPointers = RTMemRealloc(papvArray, cPointers * sizeof(void *)); 134 if (pvPointers) 135 { /* likely */ } 136 else if (cMinEntries > pAllocation->cPointersAllocated) 137 { 138 cPointers = cMinEntries; 139 pvPointers = RTMemRealloc(*ppapvArray, cPointers * sizeof(void *)); 140 if (!pvPointers) 141 return VERR_NO_MEMORY; 142 } 143 else 144 { 145 cPointers = pAllocation->cPointersAllocated; 146 pvPointers = papvArray; 147 } 148 149 *ppapvArray = papvArray = (void **)pvPointers; 150 RT_BZERO(&papvArray[pAllocation->cPointersAllocated], (cPointers - pAllocation->cPointersAllocated) * sizeof(void *)); 151 pAllocation->cPointersAllocated = cPointers; 152 } 153 154 /* 155 * Add more entries. Do multiple as the array grows. 156 * 157 * Note! We could possibly optimize this by allocating slabs of entries and 158 * slice them up. However, keep things as simple as possible for now. 159 */ 160 uint32_t cEntries = cMinEntries; 161 if (cEntries > 2) 162 { 163 if (cEntries > 8) 164 cEntries = RT_ALIGN_32(cEntries, 4); 165 else 166 cEntries = RT_ALIGN_32(cEntries, 2); 167 cEntries = RT_MIN(cEntries, cPointers); 168 Assert(cEntries >= cMinEntries); 169 } 170 Assert(cEntries <= pAllocation->cPointersAllocated); 171 172 while (pAllocation->cEntriesAllocated < cEntries) 173 { 174 void *pv; 175 papvArray[pAllocation->cEntriesAllocated] = pv = RTMemAllocZ(pAllocation->cbEntry); 176 if (pv) 177 pAllocation->cEntriesAllocated++; 178 else if (pAllocation->cEntriesAllocated >= cMinEntries) 179 break; 180 else 181 return VERR_NO_MEMORY; 182 } 183 184 return VINF_SUCCESS; 185 } 186 187 188 /** @interface_method_impl{RTASN1ALLOCATORVTABLE, pfnShrinkArray} */ 189 static DECLCALLBACK(void) rtAsn1DefaultAllocator_ShrinkArray(PCRTASN1ALLOCATORVTABLE pThis, PRTASN1ARRAYALLOCATION pAllocation, 190 void ***ppapvArray, uint32_t cNew, uint32_t cCurrent) 191 { 192 RT_NOREF_PV(pThis); 193 194 /* 195 * For now we only zero the entries being removed. 196 */ 197 void **papvArray = *ppapvArray; 198 while (cNew < cCurrent) 199 { 200 RT_BZERO(papvArray[cNew], pAllocation->cbEntry); 201 cNew++; 202 } 203 } 204 205 206 102 207 /** The default ASN.1 allocator. */ 208 #if 1 || !defined(IN_RING3) || defined(DOXYGEN_RUNNING) 103 209 RT_DECL_DATA_CONST(RTASN1ALLOCATORVTABLE const) g_RTAsn1DefaultAllocator = 210 #else 211 RT_DECL_DATA_CONST(RTASN1ALLOCATORVTABLE const) g_RTAsn1DefaultAllocatorDisabled = 212 #endif 104 213 { 105 214 rtAsn1DefaultAllocator_Free, 106 215 rtAsn1DefaultAllocator_Alloc, 107 rtAsn1DefaultAllocator_Realloc 216 rtAsn1DefaultAllocator_Realloc, 217 rtAsn1DefaultAllocator_FreeArray, 218 rtAsn1DefaultAllocator_GrowArray, 219 rtAsn1DefaultAllocator_ShrinkArray 108 220 }; 109 221 -
trunk/src/VBox/Runtime/common/asn1/asn1-efence-allocator.cpp
r62564 r64883 80 80 81 81 82 /** @interface_method_impl{RTASN1ALLOCATORVTABLE, pfnFreeArray} */ 83 static DECLCALLBACK(void) rtAsn1EFenceAllocator_FreeArray(PCRTASN1ALLOCATORVTABLE pThis, PRTASN1ARRAYALLOCATION pAllocation, 84 void **papvArray) 85 { 86 RT_NOREF_PV(pThis); 87 Assert(papvArray); 88 Assert(pAllocation->cbEntry); 89 Assert(pAllocation->cEntriesAllocated <= pAllocation->cPointersAllocated); 90 91 uint32_t i = pAllocation->cEntriesAllocated; 92 while (i-- > 0) 93 { 94 RTMemEfFreeNP(papvArray[i]); 95 papvArray[i] = NULL; 96 } 97 RTMemEfFreeNP(papvArray); 98 99 pAllocation->cEntriesAllocated = 0; 100 pAllocation->cPointersAllocated = 0; 101 } 102 103 104 /** @interface_method_impl{RTASN1ALLOCATORVTABLE, pfnGrowArray} */ 105 static DECLCALLBACK(int) rtAsn1EFenceAllocator_GrowArray(PCRTASN1ALLOCATORVTABLE pThis, PRTASN1ARRAYALLOCATION pAllocation, 106 void ***ppapvArray, uint32_t cMinEntries) 107 { 108 RT_NOREF_PV(pThis); 109 Assert(pAllocation->cbEntry); 110 Assert(pAllocation->cEntriesAllocated <= pAllocation->cPointersAllocated); 111 112 /* 113 * Resize the pointer array. 114 */ 115 void **papvArray = *ppapvArray; 116 void *pvPointers = RTMemEfReallocNP(papvArray, cMinEntries * sizeof(void *), RTMEM_TAG); 117 if (pvPointers) 118 { 119 *ppapvArray = papvArray = (void **)pvPointers; 120 if (cMinEntries > pAllocation->cPointersAllocated) /* possible on multiple shrink failures */ 121 RT_BZERO(&papvArray[pAllocation->cPointersAllocated], 122 (cMinEntries - pAllocation->cPointersAllocated) * sizeof(void *)); 123 else 124 AssertFailed(); 125 pAllocation->cPointersAllocated = cMinEntries; 126 } 127 else if (cMinEntries > pAllocation->cPointersAllocated) 128 return VERR_NO_MEMORY; 129 /* else: possible but unlikely */ 130 131 /* 132 * Add more entries. 133 */ 134 while (pAllocation->cEntriesAllocated < cMinEntries) 135 { 136 void *pv; 137 papvArray[pAllocation->cEntriesAllocated] = pv = RTMemEfAllocZNP(pAllocation->cbEntry, RTMEM_TAG); 138 if (pv) 139 pAllocation->cEntriesAllocated++; 140 else 141 return VERR_NO_MEMORY; 142 } 143 144 return VINF_SUCCESS; 145 } 146 147 148 /** @interface_method_impl{RTASN1ALLOCATORVTABLE, pfnShrinkArray} */ 149 static DECLCALLBACK(void) rtAsn1EFenceAllocator_ShrinkArray(PCRTASN1ALLOCATORVTABLE pThis, PRTASN1ARRAYALLOCATION pAllocation, 150 void ***ppapvArray, uint32_t cNew, uint32_t cCurrent) 151 { 152 RT_NOREF_PV(pThis); 153 Assert(pAllocation->cbEntry); 154 Assert(pAllocation->cEntriesAllocated <= pAllocation->cPointersAllocated); 155 156 /* 157 * We always free and resize. 158 */ 159 Assert(pAllocation->cEntriesAllocated == cCurrent); 160 Assert(cNew < cCurrent); 161 162 /* Free entries. */ 163 void **papvArray = *ppapvArray; 164 while (cCurrent-- > cNew) 165 { 166 RTMemEfFreeNP(papvArray[cCurrent]); 167 papvArray[cCurrent] = NULL; 168 } 169 pAllocation->cEntriesAllocated = cNew; 170 171 /* Try resize pointer array. Failure here is a genuine possibility since the 172 efence code will try allocate a new block. This causes extra fun in the 173 grow method above. */ 174 void *pvPointers = RTMemEfReallocNP(papvArray, cNew * sizeof(void *), RTMEM_TAG); 175 if (pvPointers) 176 { 177 *ppapvArray = (void **)pvPointers; 178 pAllocation->cPointersAllocated = cNew; 179 } 180 } 181 182 82 183 /** The Electric Fence ASN.1 allocator. */ 83 184 RT_DECL_DATA_CONST(RTASN1ALLOCATORVTABLE const) g_RTAsn1EFenceAllocator = … … 85 186 rtAsn1EFenceAllocator_Free, 86 187 rtAsn1EFenceAllocator_Alloc, 87 rtAsn1EFenceAllocator_Realloc 188 rtAsn1EFenceAllocator_Realloc, 189 rtAsn1EFenceAllocator_FreeArray, 190 rtAsn1EFenceAllocator_GrowArray, 191 rtAsn1EFenceAllocator_ShrinkArray 88 192 }; 89 193 194 #if 0 && defined(IN_RING3) /* for efence testing */ 195 RT_DECL_DATA_CONST(RTASN1ALLOCATORVTABLE const) g_RTAsn1DefaultAllocator = 196 { 197 rtAsn1EFenceAllocator_Free, 198 rtAsn1EFenceAllocator_Alloc, 199 rtAsn1EFenceAllocator_Realloc, 200 rtAsn1EFenceAllocator_FreeArray, 201 rtAsn1EFenceAllocator_GrowArray, 202 rtAsn1EFenceAllocator_ShrinkArray 203 }; 204 #endif 205 -
trunk/src/VBox/Runtime/common/crypto/pkcs7-core.cpp
r62477 r64883 49 49 * Note! We ASSUME a single signing time attribute, which simplifies the interface. 50 50 */ 51 uint32_t cAttrsLeft;52 P CRTCRPKCS7ATTRIBUTEpAttr;51 uint32_t cAttrsLeft; 52 PRTCRPKCS7ATTRIBUTE const *ppAttr; 53 53 if (!ppSignerInfo || *ppSignerInfo == NULL) 54 54 { 55 55 cAttrsLeft = pThis->AuthenticatedAttributes.cItems; 56 p Attr = pThis->AuthenticatedAttributes.paItems;56 ppAttr = pThis->AuthenticatedAttributes.papItems; 57 57 while (cAttrsLeft-- > 0) 58 58 { 59 PCRTCRPKCS7ATTRIBUTE pAttr = *ppAttr; 59 60 if ( pAttr->enmType == RTCRPKCS7ATTRIBUTETYPE_SIGNING_TIME 60 61 && pAttr->uValues.pSigningTime->cItems > 0) … … 62 63 if (ppSignerInfo) 63 64 *ppSignerInfo = pThis; 64 return &pAttr->uValues.pSigningTime->paItems[0];65 return pAttr->uValues.pSigningTime->papItems[0]; 65 66 } 66 p Attr++;67 ppAttr++; 67 68 } 68 69 } … … 74 75 */ 75 76 cAttrsLeft = pThis->UnauthenticatedAttributes.cItems; 76 p Attr = pThis->UnauthenticatedAttributes.paItems;77 ppAttr = pThis->UnauthenticatedAttributes.papItems; 77 78 while (cAttrsLeft-- > 0) 78 79 { 80 PCRTCRPKCS7ATTRIBUTE pAttr = *ppAttr; 79 81 if (pAttr->enmType == RTCRPKCS7ATTRIBUTETYPE_COUNTER_SIGNATURES) 80 82 { 81 uint32_t cSignatures = pAttr->uValues.pCounterSignatures->cItems;82 P CRTCRPKCS7SIGNERINFO pSignature = pAttr->uValues.pCounterSignatures->paItems;83 uint32_t cSignatures = pAttr->uValues.pCounterSignatures->cItems; 84 PRTCRPKCS7SIGNERINFO *ppSignature = pAttr->uValues.pCounterSignatures->papItems; 83 85 84 86 /* Skip past the previous counter signature. */ … … 87 89 { 88 90 cSignatures--; 89 if ( pSignature == *ppSignerInfo)91 if (*ppSignature == *ppSignerInfo) 90 92 { 91 93 *ppSignerInfo = NULL; 92 p Signature++;94 ppSignature++; 93 95 break; 94 96 } 95 p Signature++;97 ppSignature++; 96 98 } 97 99 … … 99 101 while (cSignatures-- > 0) 100 102 { 101 uint32_t cCounterAttrsLeft = pSignature->AuthenticatedAttributes.cItems; 102 PCRTCRPKCS7ATTRIBUTE pCounterAttr = pSignature->AuthenticatedAttributes.paItems; 103 PCRTCRPKCS7SIGNERINFO pSignature = *ppSignature; 104 uint32_t cCounterAttrsLeft = pSignature->AuthenticatedAttributes.cItems; 105 PRTCRPKCS7ATTRIBUTE const *ppCounterAttr = pSignature->AuthenticatedAttributes.papItems; 103 106 while (cCounterAttrsLeft-- > 0) 104 107 { 108 PCRTCRPKCS7ATTRIBUTE pCounterAttr = *ppCounterAttr; 105 109 if ( pCounterAttr->enmType == RTCRPKCS7ATTRIBUTETYPE_SIGNING_TIME 106 110 && pCounterAttr->uValues.pSigningTime->cItems > 0) … … 108 112 if (ppSignerInfo) 109 113 *ppSignerInfo = pSignature; 110 return &pCounterAttr->uValues.pSigningTime->paItems[0];114 return pCounterAttr->uValues.pSigningTime->papItems[0]; 111 115 } 112 p CounterAttr++;116 ppCounterAttr++; 113 117 } 114 p Signature++;118 ppSignature++; 115 119 } 116 120 } 117 p Attr++;121 ppAttr++; 118 122 } 119 123 … … 128 132 129 133 130 RTDECL(PCRTASN1TIME) RTCrPkcs7SignerInfo_GetMsTimestamp(PCRTCRPKCS7SIGNERINFO pThis, PCRTCRPKCS7CONTENTINFO *ppContentInfo )134 RTDECL(PCRTASN1TIME) RTCrPkcs7SignerInfo_GetMsTimestamp(PCRTCRPKCS7SIGNERINFO pThis, PCRTCRPKCS7CONTENTINFO *ppContentInfoRet) 131 135 { 132 136 /* 133 137 * Assume there is only one, so no need to enumerate anything here. 134 138 */ 135 uint32_t cAttrsLeft= pThis->UnauthenticatedAttributes.cItems;136 P CRTCRPKCS7ATTRIBUTE pAttr = pThis->UnauthenticatedAttributes.paItems;139 uint32_t cAttrsLeft = pThis->UnauthenticatedAttributes.cItems; 140 PRTCRPKCS7ATTRIBUTE const *ppAttr = pThis->UnauthenticatedAttributes.papItems; 137 141 while (cAttrsLeft-- > 0) 138 142 { 143 PCRTCRPKCS7ATTRIBUTE pAttr = *ppAttr; 139 144 if (pAttr->enmType == RTCRPKCS7ATTRIBUTETYPE_MS_TIMESTAMP) 140 145 { 141 uint32_t cLeft= pAttr->uValues.pContentInfos->cItems;142 P CRTCRPKCS7CONTENTINFO pContentInfo = &pAttr->uValues.pContentInfos->paItems[0];146 uint32_t cLeft = pAttr->uValues.pContentInfos->cItems; 147 PRTCRPKCS7CONTENTINFO const *ppContentInfo = pAttr->uValues.pContentInfos->papItems; 143 148 while (cLeft-- > 0) 144 149 { 150 PCRTCRPKCS7CONTENTINFO pContentInfo = *ppContentInfo; 145 151 if (RTAsn1ObjId_CompareWithString(&pContentInfo->ContentType, RTCRPKCS7SIGNEDDATA_OID) == 0) 146 152 { … … 148 154 RTCRTSPTSTINFO_OID) == 0) 149 155 { 150 if (ppContentInfo )151 *ppContentInfo = pContentInfo;156 if (ppContentInfoRet) 157 *ppContentInfoRet = pContentInfo; 152 158 return &pContentInfo->u.pSignedData->ContentInfo.u.pTstInfo->GenTime; 153 159 } … … 157 163 } 158 164 } 159 p Attr++;165 ppAttr++; 160 166 } 161 167 … … 163 169 * No signature was found. 164 170 */ 165 if (ppContentInfo )166 *ppContentInfo = NULL;171 if (ppContentInfoRet) 172 *ppContentInfoRet = NULL; 167 173 168 174 return NULL; … … 189 195 { 190 196 for (uint32_t i = 0; i < pCertificates->cItems; i++) 191 if ( pCertificates->paItems[i].enmChoice == RTCRPKCS7CERTCHOICE_X509 192 && RTCrX509Certificate_MatchIssuerAndSerialNumber(pCertificates->paItems[i].u.pX509Cert, pIssuer, pSerialNumber)) 193 return pCertificates->paItems[i].u.pX509Cert; 197 { 198 PCRTCRPKCS7CERT pCert = pCertificates->papItems[i]; 199 if ( pCert->enmChoice == RTCRPKCS7CERTCHOICE_X509 200 && RTCrX509Certificate_MatchIssuerAndSerialNumber(pCert->u.pX509Cert, pIssuer, pSerialNumber)) 201 return pCert->u.pX509Cert; 202 } 194 203 return NULL; 195 204 } -
trunk/src/VBox/Runtime/common/crypto/pkcs7-sanity.cpp
r62564 r64883 68 68 for (uint32_t i = 0; i < pSignedData->DigestAlgorithms.cItems; i++) 69 69 { 70 if (RTCrX509AlgorithmIdentifier_QueryDigestType( &pSignedData->DigestAlgorithms.paItems[i]) == RTDIGESTTYPE_INVALID)70 if (RTCrX509AlgorithmIdentifier_QueryDigestType(pSignedData->DigestAlgorithms.papItems[i]) == RTDIGESTTYPE_INVALID) 71 71 return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_UNKNOWN_DIGEST_ALGORITHM, 72 72 "%s: SignedData.DigestAlgorithms[%i] is not known: %s", 73 pszErrorTag, i, pSignedData->DigestAlgorithms.pa Items[i].Algorithm.szObjId);74 if (pSignedData->DigestAlgorithms.pa Items[i].Parameters.enmType != RTASN1TYPE_NULL)73 pszErrorTag, i, pSignedData->DigestAlgorithms.papItems[i]->Algorithm.szObjId); 74 if (pSignedData->DigestAlgorithms.papItems[i]->Parameters.enmType != RTASN1TYPE_NULL) 75 75 return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_DIGEST_PARAMS_NOT_IMPL, 76 76 "%s: SignedData.DigestAlgorithms[%i] has parameters: tag=%u", 77 pszErrorTag, i, pSignedData->DigestAlgorithms.pa Items[i].Parameters.u.Core.uTag);77 pszErrorTag, i, pSignedData->DigestAlgorithms.papItems[i]->Parameters.u.Core.uTag); 78 78 } 79 79 … … 106 106 for (uint32_t i = 0; i < pSignedData->SignerInfos.cItems; i++) 107 107 { 108 PCRTCRPKCS7SIGNERINFO pSignerInfo = &pSignedData->SignerInfos.paItems[i];108 PCRTCRPKCS7SIGNERINFO pSignerInfo = pSignedData->SignerInfos.papItems[i]; 109 109 110 110 if (RTAsn1Integer_UnsignedCompareWithU32(&pSignerInfo->Version, RTCRPKCS7SIGNERINFO_V1) != 0) … … 136 136 uint32_t j = 0; 137 137 while ( j < pSignedData->DigestAlgorithms.cItems 138 && RTCrX509AlgorithmIdentifier_Compare( &pSignedData->DigestAlgorithms.paItems[j],138 && RTCrX509AlgorithmIdentifier_Compare(pSignedData->DigestAlgorithms.papItems[j], 139 139 &pSignerInfo->DigestAlgorithm) != 0) 140 140 j++; … … 162 162 for (j = 0; j < pSignerInfo->AuthenticatedAttributes.cItems; j++) 163 163 { 164 PCRTCRPKCS7ATTRIBUTE pAttrib = &pSignerInfo->AuthenticatedAttributes.paItems[j];164 PCRTCRPKCS7ATTRIBUTE pAttrib = pSignerInfo->AuthenticatedAttributes.papItems[j]; 165 165 if (RTAsn1ObjId_CompareWithString(&pAttrib->Type, RTCR_PKCS9_ID_CONTENT_TYPE_OID) == 0) 166 166 { -
trunk/src/VBox/Runtime/common/crypto/pkcs7-verify.cpp
r64531 r64883 75 75 PCRTCRPKCS7SETOFCERTS pCerts = &pContentInfo->u.pSignedData->Certificates; 76 76 for (uint32_t i = 0; i < pCerts->cItems; i++) 77 if (pCerts->pa Items[i].enmChoice == RTCRPKCS7CERTCHOICE_X509)78 rtCrOpenSslAddX509CertToStack(pAddCerts, pCerts->pa Items[i].u.pX509Cert);77 if (pCerts->papItems[i]->enmChoice == RTCRPKCS7CERTCHOICE_X509) 78 rtCrOpenSslAddX509CertToStack(pAddCerts, pCerts->papItems[i]->u.pX509Cert); 79 79 80 80 … … 238 238 while (i-- > 0) 239 239 { 240 PCRTCRPKCS7ATTRIBUTE pAttrib = &pSignerInfo->AuthenticatedAttributes.paItems[i];240 PCRTCRPKCS7ATTRIBUTE pAttrib = pSignerInfo->AuthenticatedAttributes.papItems[i]; 241 241 242 242 if (RTAsn1ObjId_CompareWithString(&pAttrib->Type, RTCR_PKCS9_ID_CONTENT_TYPE_OID) == 0) … … 247 247 248 248 if ( !(fFlags & RTCRPKCS7VERIFY_SD_F_COUNTER_SIGNATURE) /* See note about microsoft below. */ 249 && RTAsn1ObjId_Compare( &pAttrib->uValues.pObjIds->paItems[0], &pSignedData->ContentInfo.ContentType) != 0)249 && RTAsn1ObjId_Compare(pAttrib->uValues.pObjIds->papItems[0], &pSignedData->ContentInfo.ContentType) != 0) 250 250 return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_CONTENT_TYPE_ATTRIB_MISMATCH, 251 "Expected content-type %s, found %s", 252 &pAttrib->uValues.pObjIds->paItems[0],pSignedData->ContentInfo.ContentType.szObjId);251 "Expected content-type %s, found %s", pAttrib->uValues.pObjIds->papItems[0]->szObjId, 252 pSignedData->ContentInfo.ContentType.szObjId); 253 253 cContentTypes++; 254 254 } … … 260 260 261 261 if (!RTCrDigestMatch(*phDigest, 262 pAttrib->uValues.pOctetStrings->pa Items[0].Asn1Core.uData.pv,263 pAttrib->uValues.pOctetStrings->pa Items[0].Asn1Core.cb))262 pAttrib->uValues.pOctetStrings->papItems[0]->Asn1Core.uData.pv, 263 pAttrib->uValues.pOctetStrings->papItems[0]->Asn1Core.cb)) 264 264 { 265 265 size_t cbHash = RTCrDigestGetHashSize(*phDigest); 266 if (cbHash != pAttrib->uValues.pOctetStrings->pa Items[0].Asn1Core.cb)266 if (cbHash != pAttrib->uValues.pOctetStrings->papItems[0]->Asn1Core.cb) 267 267 return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_MESSAGE_DIGEST_ATTRIB_MISMATCH, 268 268 "Authenticated message-digest attribute mismatch: cbHash=%#zx cbValue=%#x", 269 cbHash, pAttrib->uValues.pOctetStrings->pa Items[0].Asn1Core.cb);269 cbHash, pAttrib->uValues.pOctetStrings->papItems[0]->Asn1Core.cb); 270 270 return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_MESSAGE_DIGEST_ATTRIB_MISMATCH, 271 271 "Authenticated message-digest attribute mismatch (cbHash=%#zx):\n" … … 273 273 "our: %.*Rhxs\n", 274 274 cbHash, 275 cbHash, pAttrib->uValues.pOctetStrings->pa Items[0].Asn1Core.uData.pv,275 cbHash, pAttrib->uValues.pOctetStrings->papItems[0]->Asn1Core.uData.pv, 276 276 cbHash, RTCrDigestGetHash(*phDigest)); 277 277 } … … 342 342 uint32_t iDigest = pSignedData->DigestAlgorithms.cItems; 343 343 while (iDigest-- > 0) 344 if (RTCrX509AlgorithmIdentifier_Compare( &pSignedData->DigestAlgorithms.paItems[iDigest],344 if (RTCrX509AlgorithmIdentifier_Compare(pSignedData->DigestAlgorithms.papItems[iDigest], 345 345 &pSignerInfo->DigestAlgorithm) == 0) 346 346 { … … 620 620 for (i = 0; i < cDigests; i++) 621 621 { 622 rc = RTCrDigestCreateByObjId(&ahDigests[i], &pSignedData->DigestAlgorithms.pa Items[i].Algorithm);622 rc = RTCrDigestCreateByObjId(&ahDigests[i], &pSignedData->DigestAlgorithms.papItems[i]->Algorithm); 623 623 if (RT_FAILURE(rc)) 624 624 { 625 625 rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_DIGEST_CREATE_ERROR, "Error creating digest for '%s': %Rrc", 626 pSignedData->DigestAlgorithms.pa Items[i].Algorithm.szObjId, rc);626 pSignedData->DigestAlgorithms.papItems[i]->Algorithm.szObjId, rc); 627 627 break; 628 628 } … … 647 647 for (i = 0; i < pSignedData->SignerInfos.cItems; i++) 648 648 { 649 PCRTCRPKCS7SIGNERINFO pSignerInfo = &pSignedData->SignerInfos.paItems[i];649 PCRTCRPKCS7SIGNERINFO pSignerInfo = pSignedData->SignerInfos.papItems[i]; 650 650 RTCRDIGEST hThisDigest = NIL_RTCRDIGEST; /* (gcc maybe incredible stupid.) */ 651 651 rc = rtCrPkcs7VerifyFindDigest(&hThisDigest, pSignedData, pSignerInfo, ahDigests, pErrInfo); -
trunk/src/VBox/Runtime/common/crypto/spc-core.cpp
r62477 r64883 69 69 if (pData) 70 70 for (uint32_t i = 0; i < pData->cItems; i++) 71 if (pData->pa Items[i].enmType == enmType)72 return &pData->paItems[i];71 if (pData->papItems[i]->enmType == enmType) 72 return pData->papItems[i]; 73 73 } 74 74 } -
trunk/src/VBox/Runtime/common/crypto/spc-sanity.cpp
r62477 r64883 57 57 58 58 if (RTCrX509AlgorithmIdentifier_Compare(&pIndData->DigestInfo.DigestAlgorithm, /** @todo not entirely sure about this check... */ 59 &pSignedData->SignerInfos.pa Items[0].DigestAlgorithm) != 0)59 &pSignedData->SignerInfos.papItems[0]->DigestAlgorithm) != 0) 60 60 return RTErrInfoSetF(pErrInfo, VERR_CR_SPC_SIGNED_IND_DATA_DIGEST_ALGO_MISMATCH, 61 61 "SpcIndirectDataContent DigestInfo and SignerInfos algorithms mismatch: %s vs %s", 62 62 pIndData->DigestInfo.DigestAlgorithm.Algorithm.szObjId, 63 pSignedData->SignerInfos.pa Items[0].DigestAlgorithm.Algorithm.szObjId);63 pSignedData->SignerInfos.papItems[0]->DigestAlgorithm.Algorithm.szObjId); 64 64 65 65 if (RTCrX509AlgorithmIdentifier_Compare(&pIndData->DigestInfo.DigestAlgorithm, 66 &pSignedData->DigestAlgorithms.paItems[0]) != 0)66 pSignedData->DigestAlgorithms.papItems[0]) != 0) 67 67 return RTErrInfoSetF(pErrInfo, VERR_CR_SPC_IND_DATA_DIGEST_ALGO_NOT_IN_DIGEST_ALGOS, 68 68 "SpcIndirectDataContent DigestInfo and SignedData.DigestAlgorithms[0] mismatch: %s vs %s", 69 69 pIndData->DigestInfo.DigestAlgorithm.Algorithm.szObjId, 70 pSignedData->DigestAlgorithms.pa Items[0].Algorithm.szObjId);70 pSignedData->DigestAlgorithms.papItems[0]->Algorithm.szObjId); 71 71 72 72 if (fFlags & RTCRSPCINDIRECTDATACONTENT_SANITY_F_ONLY_KNOWN_HASH) … … 126 126 for (uint32_t i = 0; i < pObj->u.pData->cItems; i++) 127 127 { 128 PCRTCRSPCSERIALIZEDOBJECTATTRIBUTE pAttr = &pObj->u.pData->paItems[i];128 PCRTCRSPCSERIALIZEDOBJECTATTRIBUTE pAttr = pObj->u.pData->papItems[i]; 129 129 if ( RTAsn1ObjId_CompareWithString(&pAttr->Type, RTCRSPC_PE_IMAGE_HASHES_V1_OID) == 0 130 130 || RTAsn1ObjId_CompareWithString(&pAttr->Type, RTCRSPC_PE_IMAGE_HASHES_V2_OID) == 0 ) -
trunk/src/VBox/Runtime/common/crypto/x509-certpaths.cpp
r64531 r64883 723 723 if (pThis->pUntrustedCertsSet) 724 724 { 725 uint32_t const cCerts= pThis->pUntrustedCertsSet->cItems;726 P CRTCRPKCS7CERT paCerts = pThis->pUntrustedCertsSet->paItems;725 uint32_t const cCerts = pThis->pUntrustedCertsSet->cItems; 726 PRTCRPKCS7CERT const *papCerts = pThis->pUntrustedCertsSet->papItems; 727 727 for (uint32_t i = 0; i < cCerts; i++) 728 if ( paCerts[i].enmChoice == RTCRPKCS7CERTCHOICE_X509 729 && RTCrX509Certificate_MatchSubjectOrAltSubjectByRfc5280(paCerts[i].u.pX509Cert, pIssuer)) 730 rtCrX509CertPathsAddIssuer(pThis, pNode, paCerts[i].u.pX509Cert, NULL, RTCRX509CERTPATHNODE_SRC_UNTRUSTED_SET); 728 { 729 PCRTCRPKCS7CERT pCert = papCerts[i]; 730 if ( pCert->enmChoice == RTCRPKCS7CERTCHOICE_X509 731 && RTCrX509Certificate_MatchSubjectOrAltSubjectByRfc5280(pCert->u.pX509Cert, pIssuer)) 732 rtCrX509CertPathsAddIssuer(pThis, pNode, pCert->u.pX509Cert, NULL, RTCRX509CERTPATHNODE_SRC_UNTRUSTED_SET); 733 } 731 734 } 732 735 } … … 1057 1060 { 1058 1061 for (uint32_t i = 0; i < pName->cItems; i++) 1059 for (uint32_t j = 0; j < pName->paItems[i].cItems; j++) 1060 { 1061 PRTCRX509ATTRIBUTETYPEANDVALUE pAttrib = &pName->paItems[i].paItems[j]; 1062 { 1063 PCRTCRX509RELATIVEDISTINGUISHEDNAME const pRdn = pName->papItems[i]; 1064 for (uint32_t j = 0; j < pRdn->cItems; j++) 1065 { 1066 PRTCRX509ATTRIBUTETYPEANDVALUE pAttrib = pRdn->papItems[j]; 1062 1067 1063 1068 const char *pszType = pAttrib->Type.szObjId; … … 1118 1123 rtDumpPrintf(pfnPrintfV, pvUser, "<not-string: uTag=%#x>", pAttrib->Value.u.Core.uTag); 1119 1124 } 1125 } 1120 1126 } 1121 1127 … … 1350 1356 * @param pThis The validator instance. 1351 1357 * @param cSubtrees The number of sub-trees to add. 1352 * @param paSubtrees Array of sub-trees to add. 1353 */ 1354 static bool rtCrX509CpvAddPermittedSubtrees(PRTCRX509CERTPATHSINT pThis, uint32_t cSubtrees, PCRTCRX509GENERALSUBTREE paSubtrees) 1358 * @param papSubtrees Array of sub-trees to add. 1359 */ 1360 static bool rtCrX509CpvAddPermittedSubtrees(PRTCRX509CERTPATHSINT pThis, uint32_t cSubtrees, 1361 PRTCRX509GENERALSUBTREE const *papSubtrees) 1355 1362 { 1356 1363 /* … … 1375 1382 for (uint32_t iSrc = 0; iSrc < cSubtrees; iSrc++) 1376 1383 { 1377 if (!rtCrX509CpvCheckSubtreeValidity(pThis, &paSubtrees[iSrc]))1384 if (!rtCrX509CpvCheckSubtreeValidity(pThis, papSubtrees[iSrc])) 1378 1385 return false; 1379 pThis->v.papPermittedSubtrees[iDst] = &paSubtrees[iSrc];1386 pThis->v.papPermittedSubtrees[iDst] = papSubtrees[iSrc]; 1380 1387 iDst++; 1381 1388 } … … 1383 1390 1384 1391 return true; 1392 } 1393 1394 1395 /** 1396 * Adds a one permitted sub-tree. 1397 * 1398 * We store reference to each individual sub-tree because we must support 1399 * intersection calculation. 1400 * 1401 * @returns success indiciator. 1402 * @param pThis The validator instance. 1403 * @param pSubtree Array of sub-trees to add. 1404 */ 1405 static bool rtCrX509CpvAddPermittedSubtree(PRTCRX509CERTPATHSINT pThis, PCRTCRX509GENERALSUBTREE pSubtree) 1406 { 1407 return rtCrX509CpvAddPermittedSubtrees(pThis, 1, (PRTCRX509GENERALSUBTREE const *)&pSubtree); 1385 1408 } 1386 1409 … … 1405 1428 } 1406 1429 1407 uint32_t cRight= pSubtrees->cItems;1408 P CRTCRX509GENERALSUBTREE paRight = pSubtrees->paItems;1430 uint32_t cRight = pSubtrees->cItems; 1431 PRTCRX509GENERALSUBTREE const *papRight = pSubtrees->papItems; 1409 1432 if (cRight == 0) 1410 1433 { … … 1417 1440 PCRTCRX509GENERALSUBTREE *papLeft = pThis->v.papPermittedSubtrees; 1418 1441 if (!cLeft) /* first name constraint, no initial constraint */ 1419 return rtCrX509CpvAddPermittedSubtrees(pThis, cRight, pa Right);1442 return rtCrX509CpvAddPermittedSubtrees(pThis, cRight, papRight); 1420 1443 1421 1444 /* … … 1431 1454 for (uint32_t iRight = 0; iRight < cRight; iRight++) 1432 1455 { 1433 if (!rtCrX509CpvCheckSubtreeValidity(pThis, &paRight[iRight]))1456 if (!rtCrX509CpvCheckSubtreeValidity(pThis, papRight[iRight])) 1434 1457 return false; 1435 1458 1436 RTCRX509GENERALNAMECHOICE const enmRightChoice = pa Right[iRight].Base.enmChoice;1459 RTCRX509GENERALNAMECHOICE const enmRightChoice = papRight[iRight]->Base.enmChoice; 1437 1460 afRightTags[enmRightChoice] = true; 1438 1461 … … 1441 1464 if (papLeft[iLeft]->Base.enmChoice == enmRightChoice) 1442 1465 { 1443 if (RTCrX509GeneralSubtree_Compare(papLeft[iLeft], &paRight[iRight]) == 0)1466 if (RTCrX509GeneralSubtree_Compare(papLeft[iLeft], papRight[iRight]) == 0) 1444 1467 { 1445 1468 if (!fHaveRight) 1446 1469 { 1447 1470 fHaveRight = true; 1448 rtCrX509CpvAddPermittedSubtree s(pThis, 1, papLeft[iLeft]);1471 rtCrX509CpvAddPermittedSubtree(pThis, papLeft[iLeft]); 1449 1472 } 1450 1473 } 1451 else if (RTCrX509GeneralSubtree_ConstraintMatch(papLeft[iLeft], &paRight[iRight]))1474 else if (RTCrX509GeneralSubtree_ConstraintMatch(papLeft[iLeft], papRight[iRight])) 1452 1475 { 1453 1476 if (!fHaveRight) 1454 1477 { 1455 1478 fHaveRight = true; 1456 rtCrX509CpvAddPermittedSubtree s(pThis, 1, &paRight[iRight]);1479 rtCrX509CpvAddPermittedSubtree(pThis, papRight[iRight]); 1457 1480 } 1458 1481 } 1459 else if (RTCrX509GeneralSubtree_ConstraintMatch( &paRight[iRight], papLeft[iLeft]))1460 rtCrX509CpvAddPermittedSubtree s(pThis, 1, papLeft[iLeft]);1482 else if (RTCrX509GeneralSubtree_ConstraintMatch(papRight[iRight], papLeft[iLeft])) 1483 rtCrX509CpvAddPermittedSubtree(pThis, papLeft[iLeft]); 1461 1484 } 1462 1485 } … … 1467 1490 for (uint32_t iLeft = 0; iLeft < cLeft; iLeft++) 1468 1491 if (!afRightTags[papLeft[iLeft]->Base.enmChoice]) 1469 rtCrX509CpvAddPermittedSubtree s(pThis, 1, papLeft[iLeft]);1492 rtCrX509CpvAddPermittedSubtree(pThis, papLeft[iLeft]); 1470 1493 1471 1494 /* … … 1541 1564 uint32_t j = pSubTrees->cItems; 1542 1565 while (j-- > 0) 1543 if ( RTCRX509GENERALNAME_IS_DIRECTORY_NAME(&pSubTrees->paItems[j].Base) 1544 && RTCrX509Name_ConstraintMatch(&pSubTrees->paItems[j].Base.u.pT4->DirectoryName, pName)) 1566 { 1567 PCRTCRX509GENERALSUBTREE const pSubTree = pSubTrees->papItems[j]; 1568 if ( RTCRX509GENERALNAME_IS_DIRECTORY_NAME(&pSubTree->Base) 1569 && RTCrX509Name_ConstraintMatch(&pSubTree->Base.u.pT4->DirectoryName, pName)) 1545 1570 return true; 1571 } 1546 1572 } 1547 1573 return false; … … 1566 1592 uint32_t j = pSubTrees->cItems; 1567 1593 while (j-- > 0) 1568 if (RTCrX509GeneralName_ConstraintMatch(&pSubTrees->pa Items[j].Base, pGeneralName))1594 if (RTCrX509GeneralName_ConstraintMatch(&pSubTrees->papItems[j]->Base, pGeneralName)) 1569 1595 return true; 1570 1596 } … … 1951 1977 if (pThis->pInitialPermittedSubtrees) 1952 1978 rtCrX509CpvAddPermittedSubtrees(pThis, pThis->pInitialPermittedSubtrees->cItems, 1953 pThis->pInitialPermittedSubtrees->pa Items);1979 pThis->pInitialPermittedSubtrees->papItems); 1954 1980 if (pThis->pInitialExcludedSubtrees) 1955 1981 rtCrX509CpvAddExcludedSubtrees(pThis, pThis->pInitialExcludedSubtrees); … … 2053 2079 uint32_t i = pAltSubjectName->cItems; 2054 2080 while (i-- > 0) 2055 if ( !rtCrX509CpvIsGeneralNamePermitted(pThis, &pAltSubjectName->paItems[i])2056 || rtCrX509CpvIsGeneralNameExcluded(pThis, &pAltSubjectName->paItems[i]))2081 if ( !rtCrX509CpvIsGeneralNamePermitted(pThis, pAltSubjectName->papItems[i]) 2082 || rtCrX509CpvIsGeneralNameExcluded(pThis, pAltSubjectName->papItems[i])) 2057 2083 return rtCrX509CpvFailed(pThis, VERR_CR_X509_CPV_ALT_NAME_NOT_PERMITTED, 2058 2084 "Alternative name #%u is is not permitted by current name constraints", i); … … 2081 2107 while (i-- > 0) 2082 2108 { 2083 PCRTCRX509POLICYQUALIFIERINFOS const pQualifiers = &pPolicies->pa Items[i].PolicyQualifiers;2084 PCRTASN1OBJID const pIdP = &pPolicies->pa Items[i].PolicyIdentifier;2109 PCRTCRX509POLICYQUALIFIERINFOS const pQualifiers = &pPolicies->papItems[i]->PolicyQualifiers; 2110 PCRTASN1OBJID const pIdP = &pPolicies->papItems[i]->PolicyIdentifier; 2085 2111 if (RTAsn1ObjId_CompareWithString(pIdP, RTCRX509_ID_CE_CP_ANY_POLICY_OID) == 0) 2086 2112 { … … 2132 2158 || (pNode->pParent && fSelfIssued) ) ) 2133 2159 { 2134 PCRTCRX509POLICYQUALIFIERINFOS pApQ = &pPolicies->pa Items[iAnyPolicy].PolicyQualifiers;2160 PCRTCRX509POLICYQUALIFIERINFOS pApQ = &pPolicies->papItems[iAnyPolicy]->PolicyQualifiers; 2135 2161 RTListForEach(pListAbove, pCur, RTCRX509CERTPATHSPOLICYNODE, DepthEntry) 2136 2162 { … … 2183 2209 while (i-- > 0) 2184 2210 { 2185 if (RTAsn1ObjId_CompareWithString(&pPolicyMappings->paItems[i].IssuerDomainPolicy, RTCRX509_ID_CE_CP_ANY_POLICY_OID) == 0) 2211 PCRTCRX509POLICYMAPPING const pOne = pPolicyMappings->papItems[i]; 2212 if (RTAsn1ObjId_CompareWithString(&pOne->IssuerDomainPolicy, RTCRX509_ID_CE_CP_ANY_POLICY_OID) == 0) 2186 2213 return rtCrX509CpvFailed(pThis, VERR_CR_X509_CPV_INVALID_POLICY_MAPPING, 2187 2214 "Invalid policy mapping %#u: IssuerDomainPolicy is anyPolicy.", i); 2188 2215 2189 if (RTAsn1ObjId_CompareWithString(&p PolicyMappings->paItems[i].SubjectDomainPolicy, RTCRX509_ID_CE_CP_ANY_POLICY_OID) == 0)2216 if (RTAsn1ObjId_CompareWithString(&pOne->SubjectDomainPolicy, RTCRX509_ID_CE_CP_ANY_POLICY_OID) == 0) 2190 2217 return rtCrX509CpvFailed(pThis, VERR_CR_X509_CPV_INVALID_POLICY_MAPPING, 2191 2218 "Invalid policy mapping %#u: SubjectDomainPolicy is anyPolicy.", i); … … 2201 2228 while (i-- > 0) 2202 2229 { 2230 PCRTCRX509POLICYMAPPING const pOne = pPolicyMappings->papItems[i]; 2231 2203 2232 uint32_t cFound = 0; 2204 2233 RTListForEach(&pThis->v.paValidPolicyDepthLists[iDepth], pCur, RTCRX509CERTPATHSPOLICYNODE, DepthEntry) 2205 2234 { 2206 if (RTAsn1ObjId_Compare(pCur->pValidPolicy, &p PolicyMappings->paItems[i].IssuerDomainPolicy))2235 if (RTAsn1ObjId_Compare(pCur->pValidPolicy, &pOne->IssuerDomainPolicy)) 2207 2236 { 2208 2237 if (!pCur->fAlreadyMapped) 2209 2238 { 2210 2239 pCur->fAlreadyMapped = true; 2211 pCur->pExpectedPolicyFirst = &p PolicyMappings->paItems[i].SubjectDomainPolicy;2240 pCur->pExpectedPolicyFirst = &pOne->SubjectDomainPolicy; 2212 2241 } 2213 2242 else … … 2221 2250 pCur->cMoreExpectedPolicySet, iDepth); 2222 2251 pCur->papMoreExpectedPolicySet = (PCRTASN1OBJID *)pvNew; 2223 pCur->papMoreExpectedPolicySet[iExpected] = &p PolicyMappings->paItems[i].SubjectDomainPolicy;2252 pCur->papMoreExpectedPolicySet[iExpected] = &pOne->SubjectDomainPolicy; 2224 2253 pCur->cMoreExpectedPolicySet = iExpected + 1; 2225 2254 } … … 2238 2267 { 2239 2268 if (!rtCrX509CpvPolicyTreeInsertNew(pThis, pCur->pParent, iDepth, 2240 &p PolicyMappings->paItems[i].IssuerDomainPolicy,2269 &pOne->IssuerDomainPolicy, 2241 2270 pCur->pPolicyQualifiers, 2242 &p PolicyMappings->paItems[i].SubjectDomainPolicy))2271 &pOne->SubjectDomainPolicy)) 2243 2272 return false; 2244 2273 break; … … 2258 2287 while (i-- > 0) 2259 2288 { 2289 PCRTCRX509POLICYMAPPING const pOne = pPolicyMappings->papItems[i]; 2260 2290 RTListForEachSafe(&pThis->v.paValidPolicyDepthLists[iDepth], pCur, pNext, RTCRX509CERTPATHSPOLICYNODE, DepthEntry) 2261 2291 { 2262 if (RTAsn1ObjId_Compare(pCur->pValidPolicy, &p PolicyMappings->paItems[i].IssuerDomainPolicy))2292 if (RTAsn1ObjId_Compare(pCur->pValidPolicy, &pOne->IssuerDomainPolicy)) 2263 2293 { 2264 2294 rtCrX509CpvPolicyTreeDestroyNode(pThis, pCur); … … 2410 2440 static bool rtCrX509CpvCheckCriticalExtensions(PRTCRX509CERTPATHSINT pThis, PRTCRX509CERTPATHNODE pNode) 2411 2441 { 2412 uint32_t cLeft = pNode->pCert->TbsCertificate.T3.Extensions.cItems;2413 P CRTCRX509EXTENSION pCur = pNode->pCert->TbsCertificate.T3.Extensions.paItems;2442 uint32_t cLeft = pNode->pCert->TbsCertificate.T3.Extensions.cItems; 2443 PRTCRX509EXTENSION const *ppCur = pNode->pCert->TbsCertificate.T3.Extensions.papItems; 2414 2444 while (cLeft-- > 0) 2415 2445 { 2446 PCRTCRX509EXTENSION const pCur = *ppCur; 2416 2447 if (pCur->Critical.fValue) 2417 2448 { … … 2431 2462 } 2432 2463 2433 p Cur++;2464 ppCur++; 2434 2465 } 2435 2466 -
trunk/src/VBox/Runtime/common/crypto/x509-core.cpp
r62477 r64883 608 608 for (uint32_t iLeft = 0; iLeft < cItems; iLeft++) 609 609 { 610 PCRTCRX509ATTRIBUTETYPEANDVALUE pLeftAttr = &pLeft->paItems[iLeft];610 PCRTCRX509ATTRIBUTETYPEANDVALUE pLeftAttr = pLeft->papItems[iLeft]; 611 611 bool fFound = false; 612 612 for (uint32_t iRight = 0; iRight < cItems; iRight++) 613 if (RTCrX509AttributeTypeAndValue_MatchAsRdnByRfc5280(pLeftAttr, &pRight->paItems[iRight]))613 if (RTCrX509AttributeTypeAndValue_MatchAsRdnByRfc5280(pLeftAttr, pRight->papItems[iRight])) 614 614 { 615 615 fFound = true; … … 637 637 /* Require exact order. */ 638 638 for (uint32_t iRdn = 0; iRdn < cItems; iRdn++) 639 if (!RTCrX509RelativeDistinguishedName_MatchByRfc5280( &pLeft->paItems[iRdn], &pRight->paItems[iRdn]))639 if (!RTCrX509RelativeDistinguishedName_MatchByRfc5280(pLeft->papItems[iRdn], pRight->papItems[iRdn])) 640 640 return false; 641 641 return true; … … 658 658 for (uint32_t i = 0; pConstraint->cItems; i++) 659 659 { 660 PCRTCRX509RELATIVEDISTINGUISHEDNAME pConstrRdns = &pConstraint->paItems[i];661 PCRTCRX509RELATIVEDISTINGUISHEDNAME pNameRdns = &pName->paItems[i];660 PCRTCRX509RELATIVEDISTINGUISHEDNAME pConstrRdns = pConstraint->papItems[i]; 661 PCRTCRX509RELATIVEDISTINGUISHEDNAME pNameRdns = pName->papItems[i]; 662 662 663 663 /* … … 666 666 for (uint32_t iConstrAttrib = 0; iConstrAttrib < pConstrRdns->cItems; iConstrAttrib++) 667 667 { 668 PCRTCRX509ATTRIBUTETYPEANDVALUE pConstrAttrib = &pConstrRdns->paItems[iConstrAttrib];668 PCRTCRX509ATTRIBUTETYPEANDVALUE pConstrAttrib = pConstrRdns->papItems[iConstrAttrib]; 669 669 670 670 /* … … 673 673 bool fFound = false; 674 674 for (uint32_t iNameAttrib = 0; iNameAttrib < pNameRdns->cItems; iNameAttrib++) 675 if (RTCrX509AttributeTypeAndValue_MatchAsRdnByRfc5280(pConstrAttrib, &pNameRdns->paItems[iNameAttrib]))675 if (RTCrX509AttributeTypeAndValue_MatchAsRdnByRfc5280(pConstrAttrib, pNameRdns->papItems[iNameAttrib])) 676 676 { 677 677 fFound = true; … … 737 737 for (uint32_t i = 0; i < pThis->cItems; i++) 738 738 { 739 PCRTCRX509RELATIVEDISTINGUISHEDNAME pRdn = &pThis->paItems[i];739 PCRTCRX509RELATIVEDISTINGUISHEDNAME pRdn = pThis->papItems[i]; 740 740 for (uint32_t j = 0; j < pRdn->cItems; j++) 741 741 { 742 PCRTCRX509ATTRIBUTETYPEANDVALUE pComponent = &pRdn->paItems[j];742 PCRTCRX509ATTRIBUTETYPEANDVALUE pComponent = pRdn->papItems[j]; 743 743 744 744 /* … … 816 816 for (uint32_t i = 0; i < pThis->cItems; i++) 817 817 { 818 PCRTCRX509RELATIVEDISTINGUISHEDNAME pRdn = &pThis->paItems[i];818 PCRTCRX509RELATIVEDISTINGUISHEDNAME pRdn = pThis->papItems[i]; 819 819 for (uint32_t j = 0; j < pRdn->cItems; j++) 820 820 { 821 PCRTCRX509ATTRIBUTETYPEANDVALUE pComponent = &pRdn->paItems[j];821 PCRTCRX509ATTRIBUTETYPEANDVALUE pComponent = pRdn->papItems[j]; 822 822 823 823 /* … … 1332 1332 { 1333 1333 1334 if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_ANY_EXTENDED_KEY_USAGE_OID) == 0)1334 if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_ANY_EXTENDED_KEY_USAGE_OID) == 0) 1335 1335 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_ANY; 1336 else if (RTAsn1ObjId_StartsWith( &pObjIds->paItems[i], RTCRX509_ID_KP_OID))1337 { 1338 if (RTAsn1ObjIdCountComponents( &pObjIds->paItems[i]) == 9)1339 switch (RTAsn1ObjIdGetLastComponentsAsUInt32( &pObjIds->paItems[i]))1336 else if (RTAsn1ObjId_StartsWith(pObjIds->papItems[i], RTCRX509_ID_KP_OID)) 1337 { 1338 if (RTAsn1ObjIdCountComponents(pObjIds->papItems[i]) == 9) 1339 switch (RTAsn1ObjIdGetLastComponentsAsUInt32(pObjIds->papItems[i])) 1340 1340 { 1341 1341 case 1: pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_SERVER_AUTH; break; … … 1357 1357 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_OTHER; 1358 1358 } 1359 else if (RTAsn1ObjId_StartsWith( &pObjIds->paItems[i], RTCRX509_APPLE_EKU_APPLE_EXTENDED_KEY_USAGE_OID))1360 { 1361 if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_APPLE_EKU_CODE_SIGNING_OID) == 0)1359 else if (RTAsn1ObjId_StartsWith(pObjIds->papItems[i], RTCRX509_APPLE_EKU_APPLE_EXTENDED_KEY_USAGE_OID)) 1360 { 1361 if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_APPLE_EKU_CODE_SIGNING_OID) == 0) 1362 1362 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_APPLE_CODE_SIGNING; 1363 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_APPLE_EKU_CODE_SIGNING_DEVELOPMENT_OID) == 0)1363 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_APPLE_EKU_CODE_SIGNING_DEVELOPMENT_OID) == 0) 1364 1364 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_APPLE_CODE_SIGNING_DEVELOPMENT; 1365 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_APPLE_EKU_SOFTWARE_UPDATE_SIGNING_OID) == 0)1365 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_APPLE_EKU_SOFTWARE_UPDATE_SIGNING_OID) == 0) 1366 1366 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_APPLE_SOFTWARE_UPDATE_SIGNING; 1367 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_APPLE_EKU_CODE_SIGNING_THRID_PARTY_OID) == 0)1367 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_APPLE_EKU_CODE_SIGNING_THRID_PARTY_OID) == 0) 1368 1368 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_APPLE_CODE_SIGNING_THIRD_PARTY; 1369 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_APPLE_EKU_RESOURCE_SIGNING_OID) == 0)1369 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_APPLE_EKU_RESOURCE_SIGNING_OID) == 0) 1370 1370 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_APPLE_RESOURCE_SIGNING; 1371 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_APPLE_EKU_SYSTEM_IDENTITY_OID) == 0)1371 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_APPLE_EKU_SYSTEM_IDENTITY_OID) == 0) 1372 1372 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_APPLE_SYSTEM_IDENTITY; 1373 1373 else 1374 1374 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_OTHER; 1375 1375 } 1376 else if (RTAsn1ObjId_StartsWith( &pObjIds->paItems[i], "1.3.6.1.4.1.311"))1377 { 1378 if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_MS_EKU_TIMESTAMP_SIGNING_OID) == 0)1376 else if (RTAsn1ObjId_StartsWith(pObjIds->papItems[i], "1.3.6.1.4.1.311")) 1377 { 1378 if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_MS_EKU_TIMESTAMP_SIGNING_OID) == 0) 1379 1379 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_MS_TIMESTAMP_SIGNING; 1380 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_MS_EKU_NT5_CRYPTO_OID) == 0)1380 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_MS_EKU_NT5_CRYPTO_OID) == 0) 1381 1381 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_MS_NT5_CRYPTO; 1382 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_MS_EKU_OEM_WHQL_CRYPTO_OID) == 0)1382 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_MS_EKU_OEM_WHQL_CRYPTO_OID) == 0) 1383 1383 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_MS_OEM_WHQL_CRYPTO; 1384 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_MS_EKU_EMBEDDED_NT_CRYPTO_OID) == 0)1384 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_MS_EKU_EMBEDDED_NT_CRYPTO_OID) == 0) 1385 1385 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_MS_EMBEDDED_NT_CRYPTO; 1386 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_MS_EKU_KERNEL_MODE_CODE_SIGNING_OID) == 0)1386 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_MS_EKU_KERNEL_MODE_CODE_SIGNING_OID) == 0) 1387 1387 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_MS_KERNEL_MODE_CODE_SIGNING; 1388 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_MS_EKU_LIFETIME_SIGNING_OID) == 0)1388 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_MS_EKU_LIFETIME_SIGNING_OID) == 0) 1389 1389 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_MS_LIFETIME_SIGNING; 1390 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_MS_EKU_DRM_OID) == 0)1390 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_MS_EKU_DRM_OID) == 0) 1391 1391 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_MS_DRM; 1392 else if (RTAsn1ObjId_CompareWithString( &pObjIds->paItems[i], RTCRX509_MS_EKU_DRM_INDIVIDUALIZATION_OID) == 0)1392 else if (RTAsn1ObjId_CompareWithString(pObjIds->papItems[i], RTCRX509_MS_EKU_DRM_INDIVIDUALIZATION_OID) == 0) 1393 1393 pThis->T3.fExtKeyUsage |= RTCRX509CERT_EKU_F_MS_DRM_INDIVIDUALIZATION; 1394 1394 else … … 1443 1443 for (uint32_t i = 0; i < pThis->T3.Extensions.cItems; i++) 1444 1444 { 1445 PCRTASN1OBJID pExtnId = &pThis->T3.Extensions.pa Items[i].ExtnId;1446 PCRTASN1OCTETSTRING pExtValue = &pThis->T3.Extensions.pa Items[i].ExtnValue;1445 PCRTASN1OBJID pExtnId = &pThis->T3.Extensions.papItems[i]->ExtnId; 1446 PCRTASN1OCTETSTRING pExtValue = &pThis->T3.Extensions.papItems[i]->ExtnValue; 1447 1447 if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_KEY_USAGE_OID) == 0) 1448 1448 { 1449 1449 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_KEY_USAGE); 1450 rtCrx509TbsCertificate_AddKeyUsageFlags(pThis, &pThis->T3.Extensions.paItems[i]);1451 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_BIT_STRING);1450 rtCrx509TbsCertificate_AddKeyUsageFlags(pThis, pThis->T3.Extensions.papItems[i]); 1451 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_BIT_STRING); 1452 1452 } 1453 1453 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_EXT_KEY_USAGE_OID) == 0) 1454 1454 { 1455 1455 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_EXT_KEY_USAGE); 1456 rtCrx509TbsCertificate_AddExtKeyUsageFlags(pThis, &pThis->T3.Extensions.paItems[i]);1457 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_SEQ_OF_OBJ_IDS);1456 rtCrx509TbsCertificate_AddExtKeyUsageFlags(pThis, pThis->T3.Extensions.papItems[i]); 1457 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_SEQ_OF_OBJ_IDS); 1458 1458 } 1459 1459 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_AUTHORITY_KEY_IDENTIFIER_OID) == 0) … … 1461 1461 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_AUTHORITY_KEY_IDENTIFIER); 1462 1462 pThis->T3.pAuthorityKeyIdentifier = (PCRTCRX509AUTHORITYKEYIDENTIFIER)pExtValue->pEncapsulated; 1463 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_AUTHORITY_KEY_IDENTIFIER);1463 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_AUTHORITY_KEY_IDENTIFIER); 1464 1464 } 1465 1465 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_OLD_AUTHORITY_KEY_IDENTIFIER_OID) == 0) … … 1467 1467 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_OLD_AUTHORITY_KEY_IDENTIFIER); 1468 1468 pThis->T3.pOldAuthorityKeyIdentifier = (PCRTCRX509OLDAUTHORITYKEYIDENTIFIER)pExtValue->pEncapsulated; 1469 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_OLD_AUTHORITY_KEY_IDENTIFIER);1469 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_OLD_AUTHORITY_KEY_IDENTIFIER); 1470 1470 } 1471 1471 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_SUBJECT_KEY_IDENTIFIER_OID) == 0) … … 1473 1473 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_SUBJECT_KEY_IDENTIFIER); 1474 1474 pThis->T3.pSubjectKeyIdentifier = (PCRTASN1OCTETSTRING)pExtValue->pEncapsulated; 1475 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_OCTET_STRING);1475 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_OCTET_STRING); 1476 1476 } 1477 1477 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_SUBJECT_ALT_NAME_OID) == 0) … … 1479 1479 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_SUBJECT_ALT_NAME); 1480 1480 pThis->T3.pAltSubjectName = (PCRTCRX509GENERALNAMES)pExtValue->pEncapsulated; 1481 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_GENERAL_NAMES);1481 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_GENERAL_NAMES); 1482 1482 } 1483 1483 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_ISSUER_ALT_NAME_OID) == 0) … … 1485 1485 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_ISSUER_ALT_NAME); 1486 1486 pThis->T3.pAltIssuerName = (PCRTCRX509GENERALNAMES)pExtValue->pEncapsulated; 1487 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_GENERAL_NAMES);1487 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_GENERAL_NAMES); 1488 1488 } 1489 1489 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_CERTIFICATE_POLICIES_OID) == 0) … … 1491 1491 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_CERTIFICATE_POLICIES); 1492 1492 pThis->T3.pCertificatePolicies = (PCRTCRX509CERTIFICATEPOLICIES)pExtValue->pEncapsulated; 1493 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_CERTIFICATE_POLICIES);1493 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_CERTIFICATE_POLICIES); 1494 1494 } 1495 1495 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_POLICY_MAPPINGS_OID) == 0) … … 1497 1497 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_POLICY_MAPPINGS); 1498 1498 pThis->T3.pPolicyMappings = (PCRTCRX509POLICYMAPPINGS)pExtValue->pEncapsulated; 1499 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_POLICY_MAPPINGS);1499 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_POLICY_MAPPINGS); 1500 1500 } 1501 1501 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_BASIC_CONSTRAINTS_OID) == 0) … … 1503 1503 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_BASIC_CONSTRAINTS); 1504 1504 pThis->T3.pBasicConstraints = (PCRTCRX509BASICCONSTRAINTS)pExtValue->pEncapsulated; 1505 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_BASIC_CONSTRAINTS);1505 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_BASIC_CONSTRAINTS); 1506 1506 } 1507 1507 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_NAME_CONSTRAINTS_OID) == 0) … … 1509 1509 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_NAME_CONSTRAINTS); 1510 1510 pThis->T3.pNameConstraints = (PCRTCRX509NAMECONSTRAINTS)pExtValue->pEncapsulated; 1511 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_NAME_CONSTRAINTS);1511 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_NAME_CONSTRAINTS); 1512 1512 } 1513 1513 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_POLICY_CONSTRAINTS_OID) == 0) … … 1515 1515 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_POLICY_CONSTRAINTS); 1516 1516 pThis->T3.pPolicyConstraints = (PCRTCRX509POLICYCONSTRAINTS)pExtValue->pEncapsulated; 1517 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_POLICY_CONSTRAINTS);1517 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_POLICY_CONSTRAINTS); 1518 1518 } 1519 1519 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_INHIBIT_ANY_POLICY_OID) == 0) … … 1521 1521 CHECK_SET_PRESENT_RET_ON_DUP(pThis, pErrInfo, RTCRX509TBSCERTIFICATE_F_PRESENT_INHIBIT_ANY_POLICY); 1522 1522 pThis->T3.pInhibitAnyPolicy = (PCRTASN1INTEGER)pExtValue->pEncapsulated; 1523 Assert(pThis->T3.Extensions.pa Items[i].enmValue == RTCRX509EXTENSIONVALUE_INTEGER);1523 Assert(pThis->T3.Extensions.papItems[i]->enmValue == RTCRX509EXTENSIONVALUE_INTEGER); 1524 1524 } 1525 1525 else if (RTAsn1ObjId_CompareWithString(pExtnId, RTCRX509_ID_CE_ACCEPTABLE_CERT_POLICIES_OID) == 0) … … 1560 1560 for (uint32_t i = 0; i < pThis->TbsCertificate.T3.Extensions.cItems; i++) 1561 1561 { 1562 PCRTCRX509EXTENSION pExt = &pThis->TbsCertificate.T3.Extensions.paItems[i];1562 PCRTCRX509EXTENSION pExt = pThis->TbsCertificate.T3.Extensions.papItems[i]; 1563 1563 if ( pExt->enmValue == RTCRX509EXTENSIONVALUE_GENERAL_NAMES 1564 1564 && RTAsn1ObjId_CompareWithString(&pExt->ExtnId, RTCRX509_ID_CE_SUBJECT_ALT_NAME_OID)) … … 1566 1566 PCRTCRX509GENERALNAMES pGeneralNames = (PCRTCRX509GENERALNAMES)pExt->ExtnValue.pEncapsulated; 1567 1567 for (uint32_t j = 0; j < pGeneralNames->cItems; j++) 1568 if ( RTCRX509GENERALNAME_IS_DIRECTORY_NAME( &pGeneralNames->paItems[j])1569 && RTCrX509Name_MatchByRfc5280(&pGeneralNames->pa Items[j].u.pT4->DirectoryName, pName))1568 if ( RTCRX509GENERALNAME_IS_DIRECTORY_NAME(pGeneralNames->papItems[j]) 1569 && RTCrX509Name_MatchByRfc5280(&pGeneralNames->papItems[j]->u.pT4->DirectoryName, pName)) 1570 1570 return true; 1571 1571 } … … 1595 1595 { 1596 1596 for (uint32_t i = 0; i < pCertificates->cItems; i++) 1597 if (RTCrX509Certificate_MatchIssuerAndSerialNumber( &pCertificates->paItems[i], pIssuer, pSerialNumber))1598 return &pCertificates->paItems[i];1597 if (RTCrX509Certificate_MatchIssuerAndSerialNumber(pCertificates->papItems[i], pIssuer, pSerialNumber)) 1598 return pCertificates->papItems[i]; 1599 1599 return NULL; 1600 1600 } -
trunk/src/VBox/Runtime/common/crypto/x509-init.cpp
r62477 r64883 49 49 { 50 50 uint32_t cRdns = pThis->cItems; 51 PRTCRX509RELATIVEDISTINGUISHEDNAME pRdn = &pThis->paItems[0];51 PRTCRX509RELATIVEDISTINGUISHEDNAME *ppRdn = pThis->papItems; 52 52 while (cRdns-- > 0) 53 53 { 54 uint32_t cAttribs = pRdn->cItems; 55 PRTCRX509ATTRIBUTETYPEANDVALUE pAttrib = &pRdn->paItems[0]; 54 PRTCRX509RELATIVEDISTINGUISHEDNAME const pRdn = *ppRdn; 55 uint32_t cAttribs = pRdn->cItems; 56 PRTCRX509ATTRIBUTETYPEANDVALUE *ppAttrib = pRdn->papItems; 56 57 while (cAttribs-- > 0) 57 58 { 59 PRTCRX509ATTRIBUTETYPEANDVALUE const pAttrib = *ppAttrib; 58 60 if (pAttrib->Value.enmType == RTASN1TYPE_STRING) 59 61 { … … 62 64 return rc; 63 65 } 64 p Attrib++;66 ppAttrib++; 65 67 } 66 p Rdn++;68 ppRdn++; 67 69 } 68 70 return VINF_SUCCESS; -
trunk/src/VBox/Runtime/common/crypto/x509-sanity.cpp
r62564 r64883 59 59 for (uint32_t i = 0; i < pThis->cItems; i++) 60 60 { 61 if (pThis->cItems == 0) 61 PCRTCRX509RELATIVEDISTINGUISHEDNAME const pRdn = pThis->papItems[i]; 62 if (pRdn->cItems == 0) 62 63 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_NAME_EMPTY_SUB_SET, 63 64 "%s: Items[%u] has no sub components.", pszErrorTag, i); 64 65 65 for (uint32_t j = 0; j < p This->paItems[i].cItems; j++)66 for (uint32_t j = 0; j < pRdn->cItems; j++) 66 67 { 67 if (pThis->paItems[i].paItems[j].Value.enmType != RTASN1TYPE_STRING) 68 PCRTCRX509ATTRIBUTETYPEANDVALUE const pAttr = pRdn->papItems[j]; 69 70 if (pAttr->Value.enmType != RTASN1TYPE_STRING) 68 71 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_NAME_NOT_STRING, 69 72 "%s: Items[%u].paItems[%u].enmType is %d instead of string (%d).", 70 pszErrorTag, i, j, p This->paItems[i].paItems[j].Value.enmType, RTASN1TYPE_STRING);71 if (p This->paItems[i].paItems[j].Value.u.String.Asn1Core.cb == 0)73 pszErrorTag, i, j, pAttr->Value.enmType, RTASN1TYPE_STRING); 74 if (pAttr->Value.u.String.Asn1Core.cb == 0) 72 75 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_NAME_EMPTY_STRING, 73 76 "%s: Items[%u].paItems[%u] is an empty string", pszErrorTag, i, j); 74 switch (p This->paItems[i].paItems[j].Value.u.String.Asn1Core.uTag)77 switch (pAttr->Value.u.String.Asn1Core.uTag) 75 78 { 76 79 case ASN1_TAG_PRINTABLE_STRING: … … 86 89 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_INVALID_NAME_STRING_TAG, 87 90 "%s: Items[%u].paItems[%u] invalid string type: %u", pszErrorTag, i, j, 88 p This->paItems[i].paItems[j].Value.u.String.Asn1Core.uTag);91 pAttr->Value.u.String.Asn1Core.uTag); 89 92 } 90 93 }
Note:
See TracChangeset
for help on using the changeset viewer.
