Skip to content

Commit

Permalink
Updated authenticode-parser to the latest version
Browse files Browse the repository at this point in the history
  • Loading branch information
metthal committed Jan 31, 2024
1 parent 153690d commit 094a373
Show file tree
Hide file tree
Showing 6 changed files with 347 additions and 52 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -106,8 +106,8 @@ typedef struct {
char* key_alg; /* Name of the key algorithm */
char* sig_alg; /* Name of the signature algorithm */
char* sig_alg_oid; /* OID of the signature algorithm */
time_t not_before; /* NotBefore validity */
time_t not_after; /* NotAfter validity */
int64_t not_before; /* NotBefore validity */
int64_t not_after; /* NotAfter validity */
char* key; /* PEM encoded public key */
Attributes issuer_attrs; /* Parsed X509 Attributes of Issuer */
Attributes subject_attrs; /* Parsed X509 Attributes of Subject */
Expand All @@ -120,7 +120,7 @@ typedef struct {

typedef struct {
int verify_flags; /* COUNTERISGNATURE_VFY_ flag */
time_t sign_time; /* Signing time of the timestamp countersignature */
int64_t sign_time; /* Signing time of the timestamp countersignature */
char* digest_alg; /* Name of the digest algorithm used */
ByteArray digest; /* Stored message digest */
CertificateArray* chain; /* Certificate chain of the signer */
Expand Down Expand Up @@ -190,7 +190,7 @@ AuthenticodeArray* parse_authenticode(const uint8_t* pe_data, uint64_t pe_len);
* @param len
* @return AuthenticodeArray*
*/
AuthenticodeArray* authenticode_new(const uint8_t* data, long len);
AuthenticodeArray* authenticode_new(const uint8_t* data, int32_t len);

/**
* @brief Deallocates AuthenticodeArray and all it's allocated members
Expand Down
13 changes: 8 additions & 5 deletions deps/authenticode-parser/src/authenticode.c
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ SOFTWARE.
#include <openssl/asn1.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/opensslv.h>
#include <openssl/ossl_typ.h>
#include <openssl/pkcs7.h>
#include <openssl/safestack.h>
Expand Down Expand Up @@ -274,7 +275,8 @@ static bool authenticode_verify(PKCS7* p7, PKCS7_SIGNER_INFO* si, X509* signCert
}

/* Creates all the Authenticode objects so we can parse them with OpenSSL, is not thread-safe, needs
* to be called once before any multi-threading environmentt - https://github.com/openssl/openssl/issues/13524 */
* to be called once before any multi-threading environmentt -
* https://github.com/openssl/openssl/issues/13524 */
void initialize_authenticode_parser()
{
OBJ_create("1.3.6.1.4.1.311.2.1.12", "spcSpOpusInfo", "SPC_SP_OPUS_INFO_OBJID");
Expand All @@ -285,9 +287,9 @@ void initialize_authenticode_parser()

/* Return array of Authenticode signatures stored in the data, there can be multiple
* of signatures as Authenticode signatures are often nested through unauth attributes */
AuthenticodeArray* authenticode_new(const uint8_t* data, long len)
AuthenticodeArray* authenticode_new(const uint8_t* data, int32_t len)
{
if (!data || len == 0)
if (!data || len <= 0)
return NULL;

AuthenticodeArray* result = (AuthenticodeArray*)calloc(1, sizeof(*result));
Expand Down Expand Up @@ -318,7 +320,7 @@ AuthenticodeArray* authenticode_new(const uint8_t* data, long len)
}

/* We expect SignedData type of PKCS7 */
if (!PKCS7_type_is_signed(p7)) {
if (!PKCS7_type_is_signed(p7) || !p7->d.sign) {
auth->verify_flags = AUTHENTICODE_VFY_WRONG_PKCS7_TYPE;
goto end;
}
Expand Down Expand Up @@ -567,7 +569,8 @@ AuthenticodeArray* parse_authenticode(const uint8_t* pe_data, uint64_t pe_len)
uint32_t dwLength = letoh32(*(uint32_t*)(pe_data + cert_addr));
if (pe_len < cert_addr + dwLength)
return NULL;
/* dwLength = offsetof(WIN_CERTIFICATE, bCertificate) + (size of the variable-length binary array contained within bCertificate) */
/* dwLength = offsetof(WIN_CERTIFICATE, bCertificate) + (size of the variable-length binary
* array contained within bCertificate) */
AuthenticodeArray* auth_array = authenticode_new(pe_data + cert_addr + 0x8, dwLength - 0x8);
if (!auth_array)
return NULL;
Expand Down
5 changes: 3 additions & 2 deletions deps/authenticode-parser/src/certificate.c
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ SOFTWARE.
#include <openssl/asn1.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/opensslv.h>
#include <openssl/sha.h>
#include <openssl/x509.h>
#include <string.h>
Expand Down Expand Up @@ -308,8 +309,8 @@ Certificate* certificate_new(X509* x509)

result->version = X509_get_version(x509);
result->serial = integer_to_serial(X509_get_serialNumber(x509));
result->not_after = ASN1_TIME_to_time_t(X509_get0_notAfter(x509));
result->not_before = ASN1_TIME_to_time_t(X509_get0_notBefore(x509));
result->not_after = ASN1_TIME_to_int64_t(X509_get0_notAfter(x509));
result->not_before = ASN1_TIME_to_int64_t(X509_get0_notBefore(x509));
int sig_nid = X509_get_signature_nid(x509);
result->sig_alg = strdup(OBJ_nid2ln(sig_nid));

Expand Down
Loading

0 comments on commit 094a373

Please sign in to comment.