isl_pkcs7sig.c
来自「Next BIOS Source code : Extensible Firmw」· C语言 代码 · 共 745 行 · 第 1/2 页
C
745 行
/*-----------------------------------------------------------------------
* File: pkcs7sig.c
*
Copyright (c) 1999 - 2002 Intel Corporation. All rights reserved
This software and associated documentation (if any) is furnished
under a license and may only be used or copied in accordance
with the terms of the license. Except as permitted by such
license, no part of this software or documentation may be
reproduced, stored in a retrieval system, or transmitted in any
form or by any means without the express written consent of
Intel Corporation.
*-----------------------------------------------------------------------
*/
/*
* INTEL CONFIDENTIAL
* This file, software, or program is supplied under the terms of a
* license agreement or nondisclosure agreement with Intel Corporation
* and may not be copied or disclosed except in accordance with the
* terms of that agreement. This file, software, or program contains
* copyrighted material and/or trade secret information of Intel
* Corporation, and must be treated as such. Intel reserves all rights
* in this material, except as the license agreement or nondisclosure
* agreement specifically indicate.
*/
/*
* WARNING: EXPORT RESTRICTED.
* This software is subject to the U.S. Export Administration Regulations
* and other U.S. law, and may not be exported or re-exported to certain
* countries (currently Afghanistan (Taliban-controlled areas), Cuba, Iran,
* Iraq, Libya, North Korea, Serbia (except Kosovo), Sudan and Syria) or to
* persons or entities prohibited from receiving U.S. exports (including Denied
* Parties, Specially Designated Nationals, and entities on the Bureau of
* Export Administration Entity List or involved with missile technology or
* nuclear, chemical or biological weapons).
*/
/*
* Implementation of ISL_SIGNATURE_METHODS class for the PKCS#7: Cryptographic
* Message Syntax Standard Version 1.5 Revised Novemeber 1, 1993
*
*/
#include "integapi.h"
#include "isl_internal.h"
#include "cssm.h"
#include "pkcs7oid.h"
extern ISL_SIG_SECTION_METHODS SignedListMethods;
extern ISL_SIGNATURE_METHODS PKCS7SignatureMethods;
extern ISL_CERTIFICATE_METHODS X509CertMethods;
extern ISL_SIG_SECTION_PROTECTED_METHODS SignedListProtectedMethods;
static unsigned char bernull [] = { BER_NULL, 0 };
static ISL_CONST_DATA defaultParameters = { sizeof(bernull), bernull };
static
ISL_STATUS
isl_InitializeSignerFromImage(
ISL_SIGNER_CONTEXT_PTR SignerPtr,
ISL_SIGNATURE_CONTEXT_PTR SigContextPtr,
ISL_CONST_DATA Image);
/* class methods */
/*-----------------------------------------------------------------------------
* Name: SizeofObject_isl_pkcs7sig
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*---------------------------------------------------------------------------*/
static ISL_SIZE SizeofObject_isl_pkcs7sig() /* returns sizeof object */
{
return sizeof(ISL_SIGNATURE_CONTEXT);
}
/* object methods */
/*-----------------------------------------------------------------------------
* Name: isl_InitializeSignatureFromImage
*
* Description: Initializes an ISL_SIGNATURE_CONTEXT from a PKCS#7 message
* loaded into memory.
*
* Parameters:
* memory (output) - memory allocated for this instance
* configContext (input) - my algorithm<->code extension configuration
* Archive (input) - archive which contains signature
* Name (input) - disk file of external representation
* Image (input) - image of the external representation
*
* Return value:
*
* Error Codes:
*
*---------------------------------------------------------------------------*/
STATIC
ISL_STATUS
isl_InitializeSignatureFromImage(
ISL_SIGNATURE_CONTEXT *memory,
ISL_CONFIG_PTR configContext,
ISL_MEMORY_CONTEXT *MemoryPtr,
ISL_CONST_DATA Name,
ISL_CONST_DATA Image)
{
ISL_PARSED_PKCS BerParsedImage;
ISL_CONST_DATA *pCertImage;
uint32 CertCount;
ISL_CONST_DATA_PTR pSignerImage;
uint32 SignerCount;
uint32 i;
if (memory == NULL ||
MemoryPtr == NULL ||
configContext == NULL ||
Name.Data == NULL ||
Image.Data == NULL)
{
return ISL_FAIL;
}
cssm_memset(memory, 0, sizeof(ISL_SIGNATURE_CONTEXT));
memory->Config = configContext;
memory->Memory = MemoryPtr;
// memory->Methods = &PKCS7SignatureMethods;
memory->Name.Length = Name.Length;
memory->Name.Data = isl_CopyMemory(MemoryPtr, (void*)Name.Data, Name.Length);
if (memory->Name.Data == NULL) {
return ISL_FAIL;
}
memory->Image.Length = Image.Length;
#ifndef CSSM_BIS
memory->Image.Data = isl_CopyMemory(MemoryPtr, (void*)Image.Data, Image.Length);
if (memory->Image.Data == NULL){
return ISL_FAIL;
}
#else
memory->Image.Data = Image.Data;
#endif
if (ISL_OK != isl_ParsePKCS7(MemoryPtr, memory->Image, &BerParsedImage))
{
return ISL_FAIL;
}
/* parse Certificates */
if (ISL_OK != isl_GetCertsFromPKCS(
MemoryPtr,
BerParsedImage,
&pCertImage,
&CertCount))
{
return ISL_FAIL;
}
if (CertCount != 0)
{
ISL_LIST_PTR EndListPtr = NULL;
for (i=0; i < CertCount; i++)
{
ISL_CERTIFICATE_PTR CertPtr;
ISL_LIST_PTR CertListPtr;
CertPtr = isl_AllocateMemory(
MemoryPtr,
sizeof(ISL_CERTIFICATE));
if (CertPtr == NULL) {
return ISL_FAIL;
}
CertListPtr = isl_AllocateMemory(
MemoryPtr,
sizeof(ISL_CERTIFICATE_LIST));
if (CertListPtr == NULL)
{
return ISL_FAIL;
}
if (ISL_OK != X509CertMethods.Initialize(
CertPtr,
MemoryPtr,
pCertImage[i]))
{
return ISL_FAIL;
}
CertListPtr->Node = CertPtr;
CertListPtr->Next = NULL;
if (memory->Certificates == NULL)
{
memory->Certificates = CertListPtr;
}
if (EndListPtr)
{
EndListPtr->Next = CertListPtr;
EndListPtr = CertListPtr;
}
else
{
EndListPtr = CertListPtr;
}
}
}
if (ISL_OK != isl_GetSignedContentFromPKCS(
BerParsedImage,
&memory->SignedImage))
{
return ISL_FAIL;
}
/* parse Signers */
if (ISL_OK != isl_GetSignersFromPKCS(
MemoryPtr,
BerParsedImage,
&pSignerImage,
&SignerCount))
{
return ISL_FAIL;
}
if (SignerCount != 0)
{
ISL_LIST_PTR EndListPtr = NULL;
for(i=0; i < SignerCount; i++)
{
ISL_SIGNER_CONTEXT_PTR SignerPtr;
ISL_LIST_PTR SignerNodePtr;
SignerPtr = isl_AllocateMemory(
MemoryPtr,
sizeof(ISL_SIGNER_CONTEXT));
if (SignerPtr == NULL) return ISL_FAIL;
SignerNodePtr = isl_AllocateMemory(
MemoryPtr,
sizeof(ISL_LIST));
if (SignerNodePtr == NULL) return ISL_FAIL;
SignerNodePtr->Node = SignerPtr;
if (ISL_OK != isl_InitializeSignerFromImage(
SignerPtr,
memory,
pSignerImage[i]))
{
return ISL_FAIL;
}
if (EndListPtr)
{
EndListPtr->Next = SignerNodePtr;
EndListPtr = SignerNodePtr;
}
else
{
memory->Signers = SignerNodePtr;
EndListPtr = SignerNodePtr;
}
}
}
return ISL_OK;
}
/*-----------------------------------------------------------------------------
* Name: isl_InitializeSignerFromImage
*
* Description: Decodes a SignerInfo block
*
* Parameters:
*
* Return value:
*
* Error Codes:
*---------------------------------------------------------------------------*/
static
ISL_STATUS
isl_InitializeSignerFromImage(
ISL_SIGNER_CONTEXT_PTR SignerPtr,
ISL_SIGNATURE_CONTEXT_PTR SigContextPtr,
ISL_CONST_DATA Image)
{
ISL_CONFIG *ConfigPtr;
sint32 ItemCount;
sint32 Count;
sint32 i;
ISL_CONST_DATA AlgID;
ISL_SERVICE_CLASS_METHODS *methods;
BER_PARSED_ITEM_PTR SignerInfoPtr; /* output: array of parsed items */
BER_PARSED_ITEM Digest;
BER_PARSED_ITEM Signature;
if (SigContextPtr == NULL) return ISL_FAIL;
cssm_memset(SignerPtr, 0, sizeof(ISL_SIGNER_CONTEXT));
ConfigPtr = SigContextPtr->Config;
SignerPtr->Parent = SigContextPtr;
ItemCount = BER_CountItems((uint8 *)Image.Data, Image.Length);
if (ItemCount <= 2) return ISL_FAIL;
SignerInfoPtr = isl_AllocateMemory(
SignerPtr->Parent->Memory,
sizeof(BER_PARSED_ITEM)*ItemCount);
if (SignerInfoPtr == NULL) {
return ISL_FAIL;
}
Count = BER_ExpandSequence( /* return count of items parsed */
Image.Data, /* input BER to parse */
Image.Length, /* length of BER to parse */
ItemCount, /* input number of components */
NULL, /* explicit tag choices for each field */
NULL, /* implicit context-specific tags */
NULL, /* original tags for each component */
NULL, /* default values */
SignerInfoPtr);
SignerPtr->Parent = SigContextPtr; /* signature that this signs */
/* issuer+s/n (see cert->SignerID()) */
SignerPtr->SignerID.Data = SignerInfoPtr[1].Tag;
SignerPtr->SignerID.Length = BER_SizeofObject(SignerPtr->SignerID.Data);
/* Decode Digest Algorithm Block */
Digest = SignerInfoPtr[2];
AlgID.Data = Digest.Content;
AlgID.Length = BER_SizeofObject(AlgID.Data);
methods = ArchiveConfigMethods.FindAlgorithm(ConfigPtr, AlgID);
SignerPtr->DigestMethods = (ISL_DIGEST_METHODS *)methods;
SignerPtr->DigestParameters.Data = Digest.Content + AlgID.Length;
SignerPtr->DigestParameters.Length = Digest.ContentLength - AlgID.Length;
/* Decode Signature Algorithm Block */
for (i= 3; i < Count; i++) {
if (SignerInfoPtr[i].Tag[0] == (BER_CONSTRUCTED | BER_SEQUENCE) )
break;
}
if (i == Count) return ISL_FAIL;
Signature = SignerInfoPtr[i];
AlgID.Data = Signature.Content;
AlgID.Length = BER_SizeofObject(AlgID.Data);
methods = ArchiveConfigMethods.FindAlgorithm(ConfigPtr, AlgID);
SignerPtr->SignMethods = (ISL_SIGN_VERIFY_METHODS *)methods;
SignerPtr->SignParameters.Data = Signature.Content + AlgID.Length;
SignerPtr->SignParameters.Length = Signature.ContentLength - AlgID.Length;
/* Decode Signature Block */
i++;
SignerPtr->Signature.Data = SignerInfoPtr[i].Content;
SignerPtr->Signature.Length = SignerInfoPtr[i].ContentLength;
SignerPtr->Image = Image;
return ISL_OK;
}
/*
** signer context methods
*/
/*-----------------------------------------------------------------------------
* Name: GetSignerID
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?