Changeset 84212 in vbox for trunk/src/VBox/Frontends/VBoxManage
- Timestamp:
- May 8, 2020 1:08:21 PM (5 years ago)
- svn:sync-xref-src-repo-rev:
- 137820
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Frontends/VBoxManage/VBoxManageAppliance.cpp
r84208 r84212 1999 1999 * Performs the OVA signing, producing an in-memory cert-file. 2000 2000 */ 2001 static int doTheOvaSigning(PRTCRX509CERTIFICATE pCertificate, RTCRKEY hPrivateKey, 2001 static int doTheOvaSigning(PRTCRX509CERTIFICATE pCertificate, RTCRKEY hPrivateKey, RTDIGESTTYPE enmDigestType, 2002 2002 const char *pszManifestName, RTVFSFILE hVfsFileManifest, 2003 2003 bool fPkcs7, unsigned cIntermediateCerts, const char **papszIntermediateCerts, … … 2005 2005 { 2006 2006 /* 2007 * We currently hardcode the digest algorithm to SHA-256.2007 * Instantiate the digest algorithm. 2008 2008 */ 2009 /** @todo fall back on SHA-1 if the key is too small for SHA-256 .*/2009 /** @todo fall back on SHA-1 if the key is too small for SHA-256 or SHA-512? */ 2010 2010 PCRTASN1OBJID const pObjId = &pCertificate->TbsCertificate.SubjectPublicKeyInfo.Algorithm.Algorithm; 2011 2011 RTCRDIGEST hDigest = NIL_RTCRDIGEST; 2012 int rc = RTCrDigestCreateByType(&hDigest, RTDIGESTTYPE_SHA256);2012 int rc = RTCrDigestCreateByType(&hDigest, enmDigestType); 2013 2013 if (RT_FAILURE(rc)) 2014 2014 return RTMsgErrorRc(rc, "Failed to create digest for %s: %Rrc", pObjId->szObjId, rc); 2015 2015 2016 2016 /* Figure out the digest type name for the .cert file: */ 2017 RTDIGESTTYPE const enmDigestType = RTCrDigestGetType(hDigest); 2018 const char *pszDigestType; 2017 const char *pszDigestType; 2019 2018 switch (enmDigestType) 2020 2019 { … … 2135 2134 { "--private-key-password", 'p', RTGETOPT_REQ_STRING }, 2136 2135 { "--private-key-password-file",'P', RTGETOPT_REQ_STRING }, 2136 { "--digest-type", 'd', RTGETOPT_REQ_STRING }, 2137 2137 { "--pkcs7", '7', RTGETOPT_REQ_NOTHING }, 2138 2138 { "--no-pkcs7", 'n', RTGETOPT_REQ_NOTHING }, … … 2148 2148 AssertRCReturn(rc, RTEXITCODE_FAILURE); 2149 2149 2150 const char *pszOva = NULL;2151 const char *pszCertificate = NULL;2152 const char *pszPrivateKey = NULL;2153 Utf8Str strPrivateKeyPassword;2154 bool fPkcs7 = false;2155 unsigned cIntermediateCerts = 0;2156 const char *apszIntermediateCerts[32];2157 bool fReSign = false;2158 unsigned iVerbosity = 1;2159 2160 bool fDryRun = false;2150 const char *pszOva = NULL; 2151 const char *pszCertificate = NULL; 2152 const char *pszPrivateKey = NULL; 2153 Utf8Str strPrivateKeyPassword; 2154 RTDIGESTTYPE enmDigestType = RTDIGESTTYPE_SHA256; 2155 bool fPkcs7 = false; 2156 unsigned cIntermediateCerts = 0; 2157 const char *apszIntermediateCerts[32]; 2158 bool fReSign = false; 2159 unsigned iVerbosity = 1; 2160 bool fDryRun = false; 2161 2161 2162 2162 int c; … … 2189 2189 return rcExit; 2190 2190 } 2191 2192 case 'd': 2193 if ( RTStrICmp(ValueUnion.psz, "sha1") == 0 2194 || RTStrICmp(ValueUnion.psz, "sha-1") == 0) 2195 enmDigestType = RTDIGESTTYPE_SHA1; 2196 else if ( RTStrICmp(ValueUnion.psz, "sha256") == 0 2197 || RTStrICmp(ValueUnion.psz, "sha-256") == 0) 2198 enmDigestType = RTDIGESTTYPE_SHA256; 2199 else if ( RTStrICmp(ValueUnion.psz, "sha512") == 0 2200 || RTStrICmp(ValueUnion.psz, "sha-512") == 0) 2201 enmDigestType = RTDIGESTTYPE_SHA512; 2202 else 2203 return RTMsgErrorExitFailure("Unknown digest type: %s", ValueUnion.psz); 2204 break; 2191 2205 2192 2206 case '7': … … 2282 2296 */ 2283 2297 RTVFSFILE hVfsFileSignature = NIL_RTVFSFILE; 2284 rc = doTheOvaSigning(&Certificate, hPrivateKey, strManifestName.c_str(), hVfsFileManifest, 2285 fPkcs7, cIntermediateCerts, apszIntermediateCerts, 2286 &ErrInfo, &hVfsFileSignature); 2298 rc = doTheOvaSigning(&Certificate, hPrivateKey, enmDigestType, strManifestName.c_str(), hVfsFileManifest, 2299 fPkcs7, cIntermediateCerts, apszIntermediateCerts, &ErrInfo, &hVfsFileSignature); 2287 2300 2288 2301 /*
Note:
See TracChangeset
for help on using the changeset viewer.
