nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-04 17:00:11 -05:00
Code Issues Projects Releases Wiki Activity

Fix timestamping nested signatures (#266)

Browse Source
This commit is contained in:
yjh-styx 2023-05-14 23:32:56 +03:00 committed by GitHub
parent b61bcaac2e
commit 56e7a72e8a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 18 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
cab.c
View File

@ -493,16 +493,8 @@ static PKCS7 *cab_pkcs7_prepare(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
return NULL; /* FAILED */ return NULL; /* FAILED */
} }
} }
if (ctx->options->nest) { if (ctx->options->nest)
if (!cursig_set_nested(cursig, p7, ctx)) { ctx->options->prevsig = cursig;
printf("Unable to append the nested signature to the current signature\n");
PKCS7_free(p7);
PKCS7_free(cursig);
return NULL; /* FAILED */
}
PKCS7_free(p7);
return cursig;
}
return p7; return p7;
} }

12
msi.c
View File

@ -660,16 +660,8 @@ static PKCS7 *msi_pkcs7_prepare(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
return NULL; /* FAILED */ return NULL; /* FAILED */
} }
} }
if (ctx->options->nest) { if (ctx->options->nest)
if (!cursig_set_nested(cursig, p7, ctx)) { ctx->options->prevsig = cursig;
printf("Unable to append the nested signature to the current signature\n");
PKCS7_free(p7);
PKCS7_free(cursig);
return NULL; /* FAILED */
}
PKCS7_free(p7);
return cursig;
}
return p7; return p7;
} }

10
osslsigncode.c
View File

@ -2258,6 +2258,9 @@ static void free_options(GLOBAL_OPTIONS *options)
/* If X509 structure is NULL nothing is done */ /* If X509 structure is NULL nothing is done */
X509_free(options->cert); X509_free(options->cert);
options->cert = NULL; options->cert = NULL;
/* If PKCS7 structure is NULL nothing is done */
PKCS7_free(options->prevsig);
options->prevsig = NULL;
/* Free up all elements of sk structure and sk itself */ /* Free up all elements of sk structure and sk itself */
sk_X509_pop_free(options->certs, X509_free); sk_X509_pop_free(options->certs, X509_free);
options->certs = NULL; options->certs = NULL;
@ -3671,6 +3674,13 @@ int main(int argc, char **argv)
PKCS7_free(p7); PKCS7_free(p7);
DO_EXIT_0("Unable to set unauthenticated attributes\n"); DO_EXIT_0("Unable to set unauthenticated attributes\n");
} }
if (options.prevsig) {
if (!cursig_set_nested(options.prevsig, p7, ctx))
DO_EXIT_0("Unable to append the nested signature to the current signature\n");
PKCS7_free(p7);
p7 = options.prevsig;
options.prevsig = NULL;
}
if (ctx->format->append_pkcs7) { if (ctx->format->append_pkcs7) {
ret = ctx->format->append_pkcs7(ctx, outdata, p7); ret = ctx->format->append_pkcs7(ctx, outdata, p7);
if (ret) { if (ret) {

1
osslsigncode.h
View File

@ -277,6 +277,7 @@ typedef struct {
STACK_OF(X509_CRL) *crls; STACK_OF(X509_CRL) *crls;
cmd_type_t cmd; cmd_type_t cmd;
char *indata; char *indata;
PKCS7 *prevsig;
} GLOBAL_OPTIONS; } GLOBAL_OPTIONS;
/* /*

14
pe.c
View File

@ -421,7 +421,7 @@ static PKCS7 *pe_pkcs7_prepare(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
} }
if (ctx->options->cmd == CMD_ADD) if (ctx->options->cmd == CMD_ADD)
p7 = cursig; p7 = cursig;
} }
if (ctx->pe_ctx->sigpos > 0) { if (ctx->pe_ctx->sigpos > 0) {
/* Strip current signature */ /* Strip current signature */
ctx->pe_ctx->fileend = ctx->pe_ctx->sigpos; ctx->pe_ctx->fileend = ctx->pe_ctx->sigpos;
@ -451,16 +451,8 @@ static PKCS7 *pe_pkcs7_prepare(FILE_FORMAT_CTX *ctx, BIO *hash, BIO *outdata)
return NULL; /* FAILED */ return NULL; /* FAILED */
} }
} }
if (ctx->options->nest) { if (ctx->options->nest)
if (!cursig_set_nested(cursig, p7, ctx)) { ctx->options->prevsig = cursig;
printf("Unable to append the nested signature to the current signature\n");
PKCS7_free(p7);
PKCS7_free(cursig);
return NULL; /* FAILED */
}
PKCS7_free(p7);
return cursig;
}
return p7; return p7;
} }