nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-06 09:28:05 -05:00
Code Issues Projects Releases Wiki Activity

Whitespace/Indentation cleanup

Browse Source
This commit is contained in:
Per Allansson 2013-02-19 21:47:47 +01:00
parent 6aa4280d84
commit af82a27bff
2 changed files with 202 additions and 206 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README
View File

@ -141,5 +141,3 @@ converting between different formats and so on, *please*
spend a few minutes searching on google for your particular spend a few minutes searching on google for your particular
problem since many people probably already have had your problem since many people probably already have had your
problem and solved it as well. problem and solved it as well.

198
osslsigncode.c
View File

@ -86,7 +86,7 @@ static const char *rcsid = "$Id: osslsigncode.c,v 1.4 2011/08/12 11:08:12 mfive
/* /*
ASN.1 definitions (more or less from official MS Authenticode docs) ASN.1 definitions (more or less from official MS Authenticode docs)
*/ */
typedef struct { typedef struct {
@ -293,19 +293,19 @@ static size_t curl_write( void *ptr, size_t sz, size_t nmemb, void *stream)
.. and the blob has the following ASN1 structure: .. and the blob has the following ASN1 structure:
0:d=0 hl=4 l= 291 cons: SEQUENCE 0:d=0 hl=4 l= 291 cons: SEQUENCE
4:d=1 hl=2 l= 10 prim: OBJECT :1.3.6.1.4.1.311.3.2.1 4:d=1 hl=2 l= 10 prim: OBJECT :1.3.6.1.4.1.311.3.2.1
16:d=1 hl=4 l= 275 cons: SEQUENCE 16:d=1 hl=4 l= 275 cons: SEQUENCE
20:d=2 hl=2 l= 9 prim: OBJECT :pkcs7-data 20:d=2 hl=2 l= 9 prim: OBJECT :pkcs7-data
31:d=2 hl=4 l= 260 cons: cont [ 0 ] 31:d=2 hl=4 l= 260 cons: cont [ 0 ]
35:d=3 hl=4 l= 256 prim: OCTET STRING 35:d=3 hl=4 l= 256 prim: OCTET STRING
<signature> <signature>
.. and it returns a base64 encoded PKCS#7 structure. .. and it returns a base64 encoded PKCS#7 structure.
*/ */
static int add_timestamp(PKCS7 *sig, char *url, char *proxy) static int add_timestamp(PKCS7 *sig, char *url, char *proxy)
{ {
@ -317,19 +317,19 @@ static int add_timestamp(PKCS7 *sig, char *url, char *proxy)
int len; int len;
TimeStampRequest *req; TimeStampRequest *req;
PKCS7_SIGNER_INFO *si = PKCS7_SIGNER_INFO *si =
sk_PKCS7_SIGNER_INFO_value sk_PKCS7_SIGNER_INFO_value
(sig->d.sign->signer_info, 0); (sig->d.sign->signer_info, 0);
if (!url) return -1; if (!url) return -1;
curl = curl_easy_init(); curl = curl_easy_init();
if (proxy) { if (proxy) {
curl_easy_setopt(curl, CURLOPT_PROXY, proxy); curl_easy_setopt(curl, CURLOPT_PROXY, proxy);
if (!strncmp("http:", proxy, 5)) if (!strncmp("http:", proxy, 5))
curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
if (!strncmp("socks:", proxy, 6)) if (!strncmp("socks:", proxy, 6))
curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
} }
curl_easy_setopt(curl, CURLOPT_URL, url); curl_easy_setopt(curl, CURLOPT_URL, url);
@ -376,40 +376,40 @@ static int add_timestamp(PKCS7 *sig, char *url, char *proxy)
BIO_free_all(bout); BIO_free_all(bout);
if (c) { if (c) {
fprintf(stderr, "CURL failure: %s\n", curl_easy_strerror(c)); fprintf(stderr, "CURL failure: %s\n", curl_easy_strerror(c));
} else { } else {
PKCS7 *p7; PKCS7 *p7;
int i; int i;
PKCS7_SIGNER_INFO *info; PKCS7_SIGNER_INFO *info;
ASN1_STRING *astr; ASN1_STRING *astr;
(void)BIO_flush(bin); (void)BIO_flush(bin);
b64 = BIO_new(BIO_f_base64()); b64 = BIO_new(BIO_f_base64());
bin = BIO_push(b64, bin); bin = BIO_push(b64, bin);
p7 = d2i_PKCS7_bio(bin, NULL); p7 = d2i_PKCS7_bio(bin, NULL);
if (p7 == NULL) { if (p7 == NULL) {
fprintf(stderr, "Failed to convert timestamp reply\n"); fprintf(stderr, "Failed to convert timestamp reply\n");
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);
return -1; return -1;
} }
for(i = sk_X509_num(p7->d.sign->cert)-1; i>=0; i--) for(i = sk_X509_num(p7->d.sign->cert)-1; i>=0; i--)
PKCS7_add_certificate(sig, sk_X509_value(p7->d.sign->cert, i)); PKCS7_add_certificate(sig, sk_X509_value(p7->d.sign->cert, i));
info = sk_PKCS7_SIGNER_INFO_value(p7->d.sign->signer_info, 0); info = sk_PKCS7_SIGNER_INFO_value(p7->d.sign->signer_info, 0);
if (((len = i2d_PKCS7_SIGNER_INFO(info, NULL)) <= 0) || if (((len = i2d_PKCS7_SIGNER_INFO(info, NULL)) <= 0) ||
(p = OPENSSL_malloc(len)) == NULL) { (p = OPENSSL_malloc(len)) == NULL) {
fprintf(stderr, "Failed to convert signer info: %d\n", len); fprintf(stderr, "Failed to convert signer info: %d\n", len);
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);
return -1; return -1;
} }
len = i2d_PKCS7_SIGNER_INFO(info, &p); len = i2d_PKCS7_SIGNER_INFO(info, &p);
p -= len; p -= len;
astr = ASN1_STRING_new(); astr = ASN1_STRING_new();
ASN1_STRING_set(astr, p, len); ASN1_STRING_set(astr, p, len);
PKCS7_add_attribute PKCS7_add_attribute
(si, NID_pkcs9_countersignature, (si, NID_pkcs9_countersignature,
V_ASN1_SEQUENCE, astr); V_ASN1_SEQUENCE, astr);
} }
BIO_free_all(bin); BIO_free_all(bin);
@ -430,9 +430,9 @@ static void usage(const char *argv0)
"\t[ -h {md5,sha1,sha2} ]\n" "\t[ -h {md5,sha1,sha2} ]\n"
"\t[ -n <desc> ] [ -i <url> ] [ -jp <level> ] [ -comm ]\n" "\t[ -n <desc> ] [ -i <url> ] [ -jp <level> ] [ -comm ]\n"
#ifdef ENABLE_CURL #ifdef ENABLE_CURL
"\t[ -t <timestampurl> [ -p <proxy> ]]\n" "\t[ -t <timestampurl> [ -p <proxy> ]]\n"
#endif #endif
"\t-in <infile> -out <outfile>\n", "\t-in <infile> -out <outfile>\n",
argv0); argv0);
exit(-1); exit(-1);
} }
@ -442,19 +442,19 @@ static void usage(const char *argv0)
#define GET_UINT16_LE(p) (((u_char*)(p))[0] | (((u_char*)(p))[1]<<8)) #define GET_UINT16_LE(p) (((u_char*)(p))[0] | (((u_char*)(p))[1]<<8))
#define GET_UINT32_LE(p) (((u_char*)(p))[0] | (((u_char*)(p))[1]<<8) | \ #define GET_UINT32_LE(p) (((u_char*)(p))[0] | (((u_char*)(p))[1]<<8) | \
(((u_char*)(p))[2]<<16) | (((u_char*)(p))[3]<<24)) (((u_char*)(p))[2]<<16) | (((u_char*)(p))[3]<<24))
#define PUT_UINT32_LE(i,p) \ #define PUT_UINT32_LE(i,p) \
((u_char*)(p))[0] = (i) & 0xff; \ ((u_char*)(p))[0] = (i) & 0xff; \
((u_char*)(p))[1] = ((i)>>8) & 0xff; \ ((u_char*)(p))[1] = ((i)>>8) & 0xff; \
((u_char*)(p))[2] = ((i)>>16) & 0xff; \ ((u_char*)(p))[2] = ((i)>>16) & 0xff; \
((u_char*)(p))[3] = ((i)>>24) & 0xff ((u_char*)(p))[3] = ((i)>>24) & 0xff
#ifdef HACK_OPENSSL #ifdef HACK_OPENSSL
ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid) ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
/* ARGSUSED */ /* ARGSUSED */
{ {
/* Ehhhm. Hack. The PKCS7 sign method adds NID_pkcs9_signingTime if /* Ehhhm. Hack. The PKCS7 sign method adds NID_pkcs9_signingTime if
it isn't there. But we don't want it since M$ barfs on it. it isn't there. But we don't want it since M$ barfs on it.
@ -491,7 +491,7 @@ static void get_indirect_data_blob(u_char **blob, int *len, const EVP_MD *md, in
idc->data->value->type = V_ASN1_SEQUENCE; idc->data->value->type = V_ASN1_SEQUENCE;
idc->data->value->value.sequence = ASN1_STRING_new(); idc->data->value->value.sequence = ASN1_STRING_new();
if (isjava) { if (isjava) {
l = i2d_SpcLink(link, NULL); l = i2d_SpcLink(link, NULL);
p = OPENSSL_malloc(l); p = OPENSSL_malloc(l);
i2d_SpcLink(link, &p); i2d_SpcLink(link, &p);
p -= l; p -= l;
@ -555,34 +555,34 @@ int main(int argc, char **argv)
0x30, 0x50, 0x30, 0x50,
0x30, 0x2c, 0x30, 0x2c,
0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x19, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x19,
0xa2, 0x1e, 0x80, 0x1c, 0xa2, 0x1e, 0x80, 0x1c,
0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x4f, 0x00, 0x62, 0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x4f, 0x00, 0x62, 0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65,
0x00, 0x74, 0x00, 0x65, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x74, 0x00, 0x65, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x3e,
0x30, 0x20, 0x30, 0x20,
0x30, 0x0c, 0x30, 0x0c,
0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05,
0x05, 0x00, 0x05, 0x00,
0x04, 0x10 /* + hash */ 0x04, 0x10 /* + hash */
}; };
static u_char spcIndirectDataContext_blob_pe[] = { static u_char spcIndirectDataContext_blob_pe[] = {
0x30, 0x57, 0x30, 0x57,
0x30, 0x33, 0x30, 0x33,
0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0f, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0f,
0x30, 0x25, 0x03, 0x01, 0x00, 0x30, 0x25, 0x03, 0x01, 0x00,
0xa0, 0x20, 0xa2, 0x1e, 0x80, 0x1c, 0xa0, 0x20, 0xa2, 0x1e, 0x80, 0x1c,
0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x4f, 0x00, 0x62, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x4f, 0x00, 0x62,
0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x74, 0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x74,
0x00, 0x65, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x65, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x3e,
0x30, 0x20, 0x30, 0x20,
0x30, 0x0c, 0x30, 0x0c,
0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05,
0x05, 0x00, 0x05, 0x00,
0x04, 0x10 /* + hash */ 0x04, 0x10 /* + hash */
}; };
#endif #endif
@ -608,10 +608,10 @@ int main(int argc, char **argv)
keyfile = *(++argv); keyfile = *(++argv);
} else if (!strcmp(*argv, "-pkcs12")) { } else if (!strcmp(*argv, "-pkcs12")) {
if (--argc < 1) usage(argv0); if (--argc < 1) usage(argv0);
pkcs12file = *(++argv); pkcs12file = *(++argv);
} else if (!strcmp(*argv, "-pass")) { } else if (!strcmp(*argv, "-pass")) {
if (--argc < 1) usage(argv0); if (--argc < 1) usage(argv0);
pass = *(++argv); pass = *(++argv);
} else if (!strcmp(*argv, "-comm")) { } else if (!strcmp(*argv, "-comm")) {
comm = 1; comm = 1;
} else if (!strcmp(*argv, "-n")) { } else if (!strcmp(*argv, "-n")) {
@ -669,7 +669,7 @@ int main(int argc, char **argv)
} else if (!strcmp(ap, "high")) { } else if (!strcmp(ap, "high")) {
jp = 2; jp = 2;
} }
if (jp != 0) usage(argv0); /* XXX */ if (jp != 0) usage(argv0); /* XXX */
} else { } else {
fprintf(stderr, "Unknown option: %s\n", *argv); fprintf(stderr, "Unknown option: %s\n", *argv);
usage(argv0); usage(argv0);
@ -795,22 +795,22 @@ int main(int argc, char **argv)
/* Write what's left */ /* Write what's left */
BIO_write(hash, indata+i, st.st_size-i); BIO_write(hash, indata+i, st.st_size-i);
} else { } else {
if (jp >= 0) if (jp >= 0)
fprintf(stderr, "Warning: -jp option is only valid " fprintf(stderr, "Warning: -jp option is only valid "
"for CAB files.\n"); "for CAB files.\n");
pe32plus = GET_UINT16_LE(indata + peheader + 24) == 0x20b ? 1 : 0; pe32plus = GET_UINT16_LE(indata + peheader + 24) == 0x20b ? 1 : 0;
/* If the file has been signed already, this will let us pretend the file we are signing is /* If the file has been signed already, this will let us pretend the file we are signing is
* only as big as the portion that exists before the signed data at the end of the file. * only as big as the portion that exists before the signed data at the end of the file.
* This prevents adding more and more data to the end of the file with each signing. * This prevents adding more and more data to the end of the file with each signing.
*/ */
i = GET_UINT32_LE(indata + peheader + 152 + pe32plus*16); i = GET_UINT32_LE(indata + peheader + 152 + pe32plus*16);
if( i > 0 ) st.st_size = i; if( i > 0 ) st.st_size = i;
BIO_write(hash, indata, peheader + 88); BIO_write(hash, indata, peheader + 88);
i = peheader + 88; i = peheader + 88;
memset(buf, 0, 4); memset(buf, 0, 4);
BIO_write(outdata, buf, 4); /* zero out checksum */ BIO_write(outdata, buf, 4); /* zero out checksum */
i += 4; i += 4;
BIO_write(hash, indata + i, 60+pe32plus*16); BIO_write(hash, indata + i, 60+pe32plus*16);
@ -820,13 +820,13 @@ int main(int argc, char **argv)
BIO_write(hash, indata + i, st.st_size - i); BIO_write(hash, indata + i, st.st_size - i);
/* pad (with 0's) pe file to 8 byte boundary */ /* pad (with 0's) pe file to 8 byte boundary */
len = 8 - st.st_size % 8; len = 8 - st.st_size % 8;
if (len > 0 && len != 8) { if (len > 0 && len != 8) {
memset(buf, 0, len); memset(buf, 0, len);
BIO_write(hash, buf, len); BIO_write(hash, buf, len);
st.st_size += len; st.st_size += len;
} }
} }
sig = PKCS7_new(); sig = PKCS7_new();
PKCS7_set_type(sig, NID_pkcs7_signed); PKCS7_set_type(sig, NID_pkcs7_signed);
@ -853,8 +853,8 @@ int main(int argc, char **argv)
DO_EXIT_0("Failed to add objects\n"); DO_EXIT_0("Failed to add objects\n");
PKCS7_add_signed_attribute PKCS7_add_signed_attribute
(si, NID_pkcs9_contentType, (si, NID_pkcs9_contentType,
V_ASN1_OBJECT, OBJ_txt2obj(SPC_INDIRECT_DATA_OBJID, 1)); V_ASN1_OBJECT, OBJ_txt2obj(SPC_INDIRECT_DATA_OBJID, 1));
if (is_cabinet && jp >= 0) { if (is_cabinet && jp >= 0) {
const u_char *attrs = NULL; const u_char *attrs = NULL;
@ -879,8 +879,8 @@ int main(int argc, char **argv)
astr = ASN1_STRING_new(); astr = ASN1_STRING_new();
ASN1_STRING_set(astr, attrs, len); ASN1_STRING_set(astr, attrs, len);
PKCS7_add_signed_attribute PKCS7_add_signed_attribute
(si, OBJ_txt2nid(SPC_MS_JAVA_SOMETHING), (si, OBJ_txt2nid(SPC_MS_JAVA_SOMETHING),
V_ASN1_SEQUENCE, astr); V_ASN1_SEQUENCE, astr);
} }
} }
@ -943,7 +943,7 @@ int main(int argc, char **argv)
#ifdef ENABLE_CURL #ifdef ENABLE_CURL
/* add counter-signature/timestamp */ /* add counter-signature/timestamp */
if (turl && add_timestamp(sig, turl, proxy)) if (turl && add_timestamp(sig, turl, proxy))
DO_EXIT_0("timestamping failed\n"); DO_EXIT_0("timestamping failed\n");
#endif #endif
#if 0 #if 0
@ -995,7 +995,7 @@ int main(int argc, char **argv)
return 0; return 0;
err_cleanup: err_cleanup:
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);
if (hash != NULL) if (hash != NULL)
BIO_free_all(hash); BIO_free_all(hash);
@ -1003,5 +1003,3 @@ int main(int argc, char **argv)
fprintf(stderr, "\nFailed\n"); fprintf(stderr, "\nFailed\n");
return -1; return -1;
} }