darwin

Timestamp:

Oct 12, 2020 11:59:53 PM (4 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

140868

Message:

SUPHardNt,IPRT: If there are nested signatures (i.e. more than one signature), don't get grumpy if there are time or cert path issues with some of them, as long as one or more checks out perfectly. (Mind, all the signature data must check out, it's just the cert path or signing time we're relaxing here.) ticketref:19743 bugref:3103

File:

: 1 edited

trunk/src/VBox/HostDrivers/Support/darwin/SUPDrv-darwin.cpp (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/src/VBox/HostDrivers/Support/darwin/SUPDrv-darwin.cpp

-              r85172
+              r86549
  * @callback_method_impl{FNRTLDRVALIDATESIGNEDDATA}
  */
+static DECLCALLBACK(int) supdrvDarwinLdrOpenVerifyCallback(RTLDRMOD hLdrMod, RTLDRSIGNATURETYPE enmSignature,
+                                                           void const *pvSignature, size_t cbSignature,
+                                                           void const *pvExternalData, size_t cbExternalData,
+static DECLCALLBACK(int) supdrvDarwinLdrOpenVerifyCallback(RTLDRMOD hLdrMod, PCRTLDRSIGNATUREINFO pInfo,
                                                            PRTERRINFO pErrInfo, void *pvUser)
+{
     PSUPDRVDEVEXT pDevExt = (PSUPDRVDEVEXT)pvUser;
     RT_NOREF_PV(hLdrMod); RT_NOREF_PV(cbSignature);
     switch (enmSignature)
+    RT_NOREF_PV(hLdrMod);
+    switch (pInfo->enmType)
+    {
         case RTLDRSIGNATURETYPE_PKCS7_SIGNED_DATA:
             if (pvExternalData)
+            if (pInfo->pvExternalData)
+            {
                 PCRTCRPKCS7CONTENTINFO pContentInfo = (PCRTCRPKCS7CONTENTINFO)pvSignature;
+                PCRTCRPKCS7CONTENTINFO pContentInfo = (PCRTCRPKCS7CONTENTINFO)pInfo->pvSignature;
                 RTTIMESPEC             ValidationTime;
                 RTTimeNow(&ValidationTime);
 …
                                                                  pDevExt->hAdditionalStore, pDevExt->hRootStore, &ValidationTime,
                                                                  supdrvDarwinLdrOpenVerifyCertificatCallback, pDevExt,
                                                                  pvExternalData, cbExternalData, pErrInfo);
+                                                                 pInfo->pvExternalData, pInfo->cbExternalData, pErrInfo);
+            }
             return RTErrInfoSetF(pErrInfo, VERR_NOT_SUPPORTED, "Expected external data with signature!");
         default:
             return RTErrInfoSetF(pErrInfo, VERR_NOT_SUPPORTED, "Unsupported signature type: %d", enmSignature);
+            return RTErrInfoSetF(pErrInfo, VERR_NOT_SUPPORTED, "Unsupported signature type: %d", pInfo->enmType);
+    }
+}

Note: See TracChangeset for help on using the changeset viewer.

Changeset 86549 in vbox for trunk/src/VBox/HostDrivers/Support/darwin

Legend:

trunk/src/VBox/HostDrivers/Support/darwin/SUPDrv-darwin.cpp

Download in other formats: