isl_pkcs7sig.c
来自「Next BIOS Source code : Extensible Firmw」· C语言 代码 · 共 745 行 · 第 1/2 页
C
745 行
*---------------------------------------------------------------------------*/
static ISL_STATUS GetSignerID_isl_pkcs7sig(
ISL_SIGNER_CONTEXT_PTR Context, /* signer context */
ISL_CONST_DATA *SignerID) /* updated issuer and serial number */
{
if (Context == NULL ||
SignerID == NULL)
return ISL_FAIL;
*SignerID = Context->SignerID;
return ISL_OK;
}
/*-----------------------------------------------------------------------------
* Name: VerifyUsingCert
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*---------------------------------------------------------------------------*/
static ISL_STATUS VerifyUsingCert_isl_pkcs7sig(
ISL_SIGNER_CONTEXT *Context, /* archive context */
const ISL_CERTIFICATE_METHODS *CertMethods, /* configuration methods for certificate format */
ISL_CERTIFICATE *Cert) /* the certificate */
{
ISL_KEY_BLOCK key;
CSSM_KEY_PTR KeyPtr;
CSSM_CSP_HANDLE hCSP;
CSSM_CC_HANDLE hCC;
CSSM_BOOL cssmstatus;
CSSM_DATA Signature;
CSSM_DATA Image;
if (Context == NULL ||
Context->Parent == NULL ||
Context->SignMethods == NULL ||
CertMethods == NULL ||
CertMethods->GetKey == NULL ||
Cert == NULL)
{
return ISL_FAIL;
}
Signature.Data = (uint8 *)Context->Signature.Data;
Signature.Length = Context->Signature.Length;
Image.Data = (uint8 *)Context->Parent->SignedImage.Data;
Image.Length = Context->Parent->SignedImage.Length;
if (ISL_OK != CertMethods->GetKey(Cert, &key)) return ISL_FAIL;
KeyPtr = (CSSM_KEY_PTR) key;
hCSP = Context->SignMethods->CSPHandle;
if (hCSP == 0) return ISL_FAIL;
hCC = CSSM_CSP_CreateSignatureContext(hCSP, CSSM_ALGID_SHA1WithDSA, NULL, KeyPtr);
if (hCC == 0) return ISL_FAIL;
cssmstatus = CSSM_VerifyData(hCC, &Image, 1, &Signature);
CSSM_DeleteContext(hCC);
if (cssmstatus != CSSM_TRUE) {
CSSM_ERROR_PTR ErrorPtr;
ErrorPtr = CSSM_GetError();
return ISL_FAIL; //FIXME:change error code;
}
return ISL_OK;
}
/*-----------------------------------------------------------------------------
* Name: FindSignerCertificate
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*---------------------------------------------------------------------------*/
static ISL_CERTIFICATE *FindSignerCertificate_isl_pkcs7sig( /* return found object or NULL */
ISL_SIGNER_CONTEXT *Context)
{
ISL_LIST_PTR pCertList = NULL;
ISL_CERTIFICATE *pCertificate = NULL;
if (!Context)
return NULL;
if (Context->CertChain)
{
/* the signer's cert is the first cert in the cert chain */
pCertificate = Context->CertChain->CertList->Cert;
}
else if (Context->Parent->Certificates) {
/* search through all certificates in the signature for signer's cert */
for(pCertList= Context->Parent->Certificates;
pCertList;
pCertList = pCertList->Next)
{
ISL_CERTIFICATE_PTR CurrCertPtr;
CurrCertPtr = pCertList->Node;
if (IS_EQUAL(CurrCertPtr->pkcs7id, Context->SignerID))
{
pCertificate = CurrCertPtr;
break;
}
}
}
return pCertificate;
}
/*-----------------------------------------------------------------------------
* Name: GetSignature
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*---------------------------------------------------------------------------*/
ISL_STATUS GetSignature_isl_pkcs7sig(
ISL_SIGNER_CONTEXT_PTR Context,
ISL_CONST_DATA *Signature)
{
if (Context == NULL ||
Signature == NULL)
{
return ISL_FAIL;
}
*Signature = Context->Signature;
return ISL_OK;
}
/*-----------------------------------------------------------------------------
* Name: FindSigner
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*---------------------------------------------------------------------------*/
static ISL_SIGNER_CONTEXT_PTR FindSigner_isl_pkcs7sig(
ISL_SIGNATURE_CONTEXT_PTR Context,
ISL_CERTIFICATE_PTR CertificatePtr)
{
ISL_LIST_PTR SignerNodePtr;
for(SignerNodePtr = Context->Signers;
SignerNodePtr != NULL;
SignerNodePtr = SignerNodePtr->Next)
{
ISL_SIGNER_CONTEXT_PTR SignerObjectPtr;
SignerObjectPtr = SignerNodePtr->Node;
if (SignerObjectPtr == NULL) return NULL;
if (IS_EQUAL(CertificatePtr->pkcs7id, SignerObjectPtr->SignerID))
{
return SignerObjectPtr;
}
}
return NULL;
}
#define gsDSA "DSA"
/*-----------------------------------------------------------------------------
* Name: id_isl_pkcs7sig
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*---------------------------------------------------------------------------*/
static void id_isl_pkcs7sig(
ISL_SERVICE_CLASS *algClass,
ISL_CONST_DATA *algID,
ISL_CONST_DATA *serviceName)
{
*algClass = ISL_ServiceParseSignature;
algID->Data = (const uint8 *)gsDSA;
algID->Length = sizeof(gsDSA) - 1;
serviceName->Data = (const uint8 *)gsDSA;
serviceName->Length = sizeof(gsDSA) -1;
}
/*-----------------------------------------------------------------------------
* Name: GetSignerGroup
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*---------------------------------------------------------------------------*/
static
ISL_SIGNER_GROUP_PTR
GetSignerGroup_isl_pkcs7sig(
ISL_SIGNATURE_CONTEXT *Context)
{
ISL_SIGNER_GROUP_PTR SignerGrpPtr = NULL;
if (Context == NULL) return NULL;
{
ISL_SIGNER_CONTEXT_PTR *SignerObjectPtr;
ISL_LIST_PTR SignerNodePtr;
uint32 NumberOfSigners;
SignerGrpPtr = isl_AllocateMemory(
Context->Memory,
sizeof(ISL_SIGNER_GROUP));
if (SignerGrpPtr == NULL) goto FAIL;
NumberOfSigners = isl_CountItemsInList(Context->Signers);
if (NumberOfSigners == 0) return SignerGrpPtr;
SignerGrpPtr->NumberOfSigners = NumberOfSigners;
SignerObjectPtr = isl_AllocateMemory(
Context->Memory,
sizeof(ISL_SIGNER_CONTEXT_PTR) * NumberOfSigners);
if (SignerObjectPtr == NULL) goto FAIL;
SignerGrpPtr->Signers = SignerObjectPtr;
for(SignerNodePtr = Context->Signers;
SignerNodePtr != NULL;
SignerNodePtr = SignerNodePtr->Next)
{
*SignerObjectPtr = SignerNodePtr->Node;
SignerObjectPtr++;
}
return SignerGrpPtr;
}
FAIL:
{
if (SignerGrpPtr)
{
isl_FreeMemory(
Context->Memory,
SignerGrpPtr->Signers);
}
isl_FreeMemory(
Context->Memory,
SignerGrpPtr);
return NULL;
}
}
/*-----------------------------------------------------------------------------
* Name: FreeSignerGroup
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*---------------------------------------------------------------------------*/
static
ISL_STATUS
FreeSignerGroup_isl_pkcs7sig(
ISL_SIGNATURE_CONTEXT *Context,
ISL_SIGNER_GROUP_PTR SignerGrpPtr)
{
if (Context == NULL) return ISL_FAIL;
if (SignerGrpPtr)
{
isl_FreeMemory(
Context->Memory,
SignerGrpPtr->Signers);
}
isl_FreeMemory(
Context->Memory,
SignerGrpPtr);
return ISL_OK;
}
/*-----------------------------------------------------------------------------
* Name: GetCertificateGroup
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*
* Notes:
* Use FreeCertificateGroup to free ISL_CERTIFICATE_GROUP_PTR
*---------------------------------------------------------------------------*/
static
ISL_CERTIFICATE_GROUP_PTR
GetCertificateGroup_isl_pkcs7sig(
ISL_SIGNATURE_CONTEXT *Context)
{
if (Context == NULL) return NULL;
return isl_BuildCertificateGroup(
Context->Certificates,
Context->Memory);
}
/*-----------------------------------------------------------------------------
* Name: FreeCertificateGroup
*
* Description:
*
* Parameters:
*
* Return value:
*
* Error Codes:
*
*---------------------------------------------------------------------------*/
static
ISL_STATUS
FreeCertificateGroup_isl_pkcs7sig(
ISL_SIGNATURE_CONTEXT *Context,
ISL_CERTIFICATE_GROUP_PTR CertificateGrpPtr)
{
if (Context == NULL) return ISL_FAIL;
return isl_FreeCertificateGroup(
CertificateGrpPtr,
Context->Memory);
}
/*
** export vector of methods
*/
ISL_SIGNATURE_METHODS PKCS7SignatureMethods = {
{id_isl_pkcs7sig,0},
SizeofObject_isl_pkcs7sig, //synonym
isl_InitializeSignatureFromImage,
FindSigner_isl_pkcs7sig,
GetSignerGroup_isl_pkcs7sig,
FreeSignerGroup_isl_pkcs7sig,
GetCertificateGroup_isl_pkcs7sig,
FreeCertificateGroup_isl_pkcs7sig
};
ISL_SIGNER_METHODS PKCS7SignerMethods = {
{0, 0},
GetSignerID_isl_pkcs7sig,
VerifyUsingCert_isl_pkcs7sig,
FindSignerCertificate_isl_pkcs7sig,
GetSignature_isl_pkcs7sig
};
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?