nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-05 17:08:05 -05:00
Code Issues Projects Releases Wiki Activity

Whitespace/Indentation cleanup

Browse Source
This commit is contained in:
Per Allansson 2013-02-19 21:47:47 +01:00
parent 6aa4280d84
commit af82a27bff
2 changed files with 202 additions and 206 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README
View File

@ -141,5 +141,3 @@ converting between different formats and so on, *please*
spend a few minutes searching on google for your particular
problem since many people probably already have had your
problem and solved it as well.

198
osslsigncode.c
View File

@ -86,7 +86,7 @@ static const char *rcsid = "$Id: osslsigncode.c,v 1.4 2011/08/12 11:08:12 mfive
/*
ASN.1 definitions (more or less from official MS Authenticode docs)
ASN.1 definitions (more or less from official MS Authenticode docs)
*/
typedef struct {
@ -293,19 +293,19 @@ static size_t curl_write( void *ptr, size_t sz, size_t nmemb, void *stream)
.. and the blob has the following ASN1 structure:
0:d=0 hl=4 l= 291 cons: SEQUENCE
4:d=1 hl=2 l= 10 prim: OBJECT :1.3.6.1.4.1.311.3.2.1
0:d=0 hl=4 l= 291 cons: SEQUENCE
4:d=1 hl=2 l= 10 prim: OBJECT :1.3.6.1.4.1.311.3.2.1
16:d=1 hl=4 l= 275 cons: SEQUENCE
20:d=2 hl=2 l= 9 prim: OBJECT :pkcs7-data
31:d=2 hl=4 l= 260 cons: cont [ 0 ]
35:d=3 hl=4 l= 256 prim: OCTET STRING
<signature>
<signature>
.. and it returns a base64 encoded PKCS#7 structure.
*/
*/
static int add_timestamp(PKCS7 *sig, char *url, char *proxy)
{
@ -317,19 +317,19 @@ static int add_timestamp(PKCS7 *sig, char *url, char *proxy)
int len;
TimeStampRequest *req;
PKCS7_SIGNER_INFO *si =
sk_PKCS7_SIGNER_INFO_value
(sig->d.sign->signer_info, 0);
sk_PKCS7_SIGNER_INFO_value
(sig->d.sign->signer_info, 0);
if (!url) return -1;
curl = curl_easy_init();
if (proxy) {
curl_easy_setopt(curl, CURLOPT_PROXY, proxy);
if (!strncmp("http:", proxy, 5))
curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
if (!strncmp("socks:", proxy, 6))
curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
curl_easy_setopt(curl, CURLOPT_PROXY, proxy);
if (!strncmp("http:", proxy, 5))
curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
if (!strncmp("socks:", proxy, 6))
curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
}
curl_easy_setopt(curl, CURLOPT_URL, url);
@ -376,40 +376,40 @@ static int add_timestamp(PKCS7 *sig, char *url, char *proxy)
BIO_free_all(bout);
if (c) {
fprintf(stderr, "CURL failure: %s\n", curl_easy_strerror(c));
fprintf(stderr, "CURL failure: %s\n", curl_easy_strerror(c));
} else {
PKCS7 *p7;
int i;
PKCS7_SIGNER_INFO *info;
ASN1_STRING *astr;
PKCS7 *p7;
int i;
PKCS7_SIGNER_INFO *info;
ASN1_STRING *astr;
(void)BIO_flush(bin);
b64 = BIO_new(BIO_f_base64());
bin = BIO_push(b64, bin);
p7 = d2i_PKCS7_bio(bin, NULL);
if (p7 == NULL) {
fprintf(stderr, "Failed to convert timestamp reply\n");
ERR_print_errors_fp(stderr);
return -1;
}
(void)BIO_flush(bin);
b64 = BIO_new(BIO_f_base64());
bin = BIO_push(b64, bin);
p7 = d2i_PKCS7_bio(bin, NULL);
if (p7 == NULL) {
fprintf(stderr, "Failed to convert timestamp reply\n");
ERR_print_errors_fp(stderr);
return -1;
}
for(i = sk_X509_num(p7->d.sign->cert)-1; i>=0; i--)
PKCS7_add_certificate(sig, sk_X509_value(p7->d.sign->cert, i));
for(i = sk_X509_num(p7->d.sign->cert)-1; i>=0; i--)
PKCS7_add_certificate(sig, sk_X509_value(p7->d.sign->cert, i));
info = sk_PKCS7_SIGNER_INFO_value(p7->d.sign->signer_info, 0);
if (((len = i2d_PKCS7_SIGNER_INFO(info, NULL)) <= 0) ||
(p = OPENSSL_malloc(len)) == NULL) {
fprintf(stderr, "Failed to convert signer info: %d\n", len);
ERR_print_errors_fp(stderr);
return -1;
}
len = i2d_PKCS7_SIGNER_INFO(info, &p);
p -= len;
astr = ASN1_STRING_new();
ASN1_STRING_set(astr, p, len);
PKCS7_add_attribute
(si, NID_pkcs9_countersignature,
V_ASN1_SEQUENCE, astr);
info = sk_PKCS7_SIGNER_INFO_value(p7->d.sign->signer_info, 0);
if (((len = i2d_PKCS7_SIGNER_INFO(info, NULL)) <= 0) ||
(p = OPENSSL_malloc(len)) == NULL) {
fprintf(stderr, "Failed to convert signer info: %d\n", len);
ERR_print_errors_fp(stderr);
return -1;
}
len = i2d_PKCS7_SIGNER_INFO(info, &p);
p -= len;
astr = ASN1_STRING_new();
ASN1_STRING_set(astr, p, len);
PKCS7_add_attribute
(si, NID_pkcs9_countersignature,
V_ASN1_SEQUENCE, astr);
}
BIO_free_all(bin);
@ -430,9 +430,9 @@ static void usage(const char *argv0)
"\t[ -h {md5,sha1,sha2} ]\n"
"\t[ -n <desc> ] [ -i <url> ] [ -jp <level> ] [ -comm ]\n"
#ifdef ENABLE_CURL
"\t[ -t <timestampurl> [ -p <proxy> ]]\n"
"\t[ -t <timestampurl> [ -p <proxy> ]]\n"
#endif
"\t-in <infile> -out <outfile>\n",
"\t-in <infile> -out <outfile>\n",
argv0);
exit(-1);
}
@ -442,19 +442,19 @@ static void usage(const char *argv0)
#define GET_UINT16_LE(p) (((u_char*)(p))[0] | (((u_char*)(p))[1]<<8))
#define GET_UINT32_LE(p) (((u_char*)(p))[0] | (((u_char*)(p))[1]<<8) | \
(((u_char*)(p))[2]<<16) | (((u_char*)(p))[3]<<24))
#define GET_UINT32_LE(p) (((u_char*)(p))[0] | (((u_char*)(p))[1]<<8) | \
(((u_char*)(p))[2]<<16) | (((u_char*)(p))[3]<<24))
#define PUT_UINT32_LE(i,p) \
((u_char*)(p))[0] = (i) & 0xff; \
((u_char*)(p))[1] = ((i)>>8) & 0xff; \
((u_char*)(p))[2] = ((i)>>16) & 0xff; \
((u_char*)(p))[3] = ((i)>>24) & 0xff
#define PUT_UINT32_LE(i,p) \
((u_char*)(p))[0] = (i) & 0xff; \
((u_char*)(p))[1] = ((i)>>8) & 0xff; \
((u_char*)(p))[2] = ((i)>>16) & 0xff; \
((u_char*)(p))[3] = ((i)>>24) & 0xff
#ifdef HACK_OPENSSL
ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
/* ARGSUSED */
/* ARGSUSED */
{
/* Ehhhm. Hack. The PKCS7 sign method adds NID_pkcs9_signingTime if
it isn't there. But we don't want it since M$ barfs on it.
@ -491,7 +491,7 @@ static void get_indirect_data_blob(u_char **blob, int *len, const EVP_MD *md, in
idc->data->value->type = V_ASN1_SEQUENCE;
idc->data->value->value.sequence = ASN1_STRING_new();
if (isjava) {
l = i2d_SpcLink(link, NULL);
l = i2d_SpcLink(link, NULL);
p = OPENSSL_malloc(l);
i2d_SpcLink(link, &p);
p -= l;
@ -555,34 +555,34 @@ int main(int argc, char **argv)
0x30, 0x50,
0x30, 0x2c,
0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x19,
0xa2, 0x1e, 0x80, 0x1c,
0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x4f, 0x00, 0x62, 0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65,
0x00, 0x74, 0x00, 0x65, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x3e,
0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x19,
0xa2, 0x1e, 0x80, 0x1c,
0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x4f, 0x00, 0x62, 0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65,
0x00, 0x74, 0x00, 0x65, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x3e,
0x30, 0x20,
0x30, 0x0c,
0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05,
0x05, 0x00,
0x04, 0x10 /* + hash */
0x30, 0x0c,
0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05,
0x05, 0x00,
0x04, 0x10 /* + hash */
};
static u_char spcIndirectDataContext_blob_pe[] = {
0x30, 0x57,
0x30, 0x33,
0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0f,
0x30, 0x25, 0x03, 0x01, 0x00,
0xa0, 0x20, 0xa2, 0x1e, 0x80, 0x1c,
0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x4f, 0x00, 0x62,
0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x74,
0x00, 0x65, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x3e,
0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0f,
0x30, 0x25, 0x03, 0x01, 0x00,
0xa0, 0x20, 0xa2, 0x1e, 0x80, 0x1c,
0x00, 0x3c, 0x00, 0x3c, 0x00, 0x3c, 0x00, 0x4f, 0x00, 0x62,
0x00, 0x73, 0x00, 0x6f, 0x00, 0x6c, 0x00, 0x65, 0x00, 0x74,
0x00, 0x65, 0x00, 0x3e, 0x00, 0x3e, 0x00, 0x3e,
0x30, 0x20,
0x30, 0x0c,
0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05,
0x05, 0x00,
0x04, 0x10 /* + hash */
0x30, 0x0c,
0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05,
0x05, 0x00,
0x04, 0x10 /* + hash */
};
#endif
@ -608,10 +608,10 @@ int main(int argc, char **argv)
keyfile = *(++argv);
} else if (!strcmp(*argv, "-pkcs12")) {
if (--argc < 1) usage(argv0);
pkcs12file = *(++argv);
pkcs12file = *(++argv);
} else if (!strcmp(*argv, "-pass")) {
if (--argc < 1) usage(argv0);
pass = *(++argv);
pass = *(++argv);
} else if (!strcmp(*argv, "-comm")) {
comm = 1;
} else if (!strcmp(*argv, "-n")) {
@ -669,7 +669,7 @@ int main(int argc, char **argv)
} else if (!strcmp(ap, "high")) {
jp = 2;
}
if (jp != 0) usage(argv0); /* XXX */
if (jp != 0) usage(argv0); /* XXX */
} else {
fprintf(stderr, "Unknown option: %s\n", *argv);
usage(argv0);
@ -795,22 +795,22 @@ int main(int argc, char **argv)
/* Write what's left */
BIO_write(hash, indata+i, st.st_size-i);
} else {
if (jp >= 0)
fprintf(stderr, "Warning: -jp option is only valid "
"for CAB files.\n");
if (jp >= 0)
fprintf(stderr, "Warning: -jp option is only valid "
"for CAB files.\n");
pe32plus = GET_UINT16_LE(indata + peheader + 24) == 0x20b ? 1 : 0;
pe32plus = GET_UINT16_LE(indata + peheader + 24) == 0x20b ? 1 : 0;
/* If the file has been signed already, this will let us pretend the file we are signing is
* only as big as the portion that exists before the signed data at the end of the file.
* This prevents adding more and more data to the end of the file with each signing.
*/
i = GET_UINT32_LE(indata + peheader + 152 + pe32plus*16);
if( i > 0 ) st.st_size = i;
/* If the file has been signed already, this will let us pretend the file we are signing is
* only as big as the portion that exists before the signed data at the end of the file.
* This prevents adding more and more data to the end of the file with each signing.
*/
i = GET_UINT32_LE(indata + peheader + 152 + pe32plus*16);
if( i > 0 ) st.st_size = i;
BIO_write(hash, indata, peheader + 88);
i = peheader + 88;
memset(buf, 0, 4);
memset(buf, 0, 4);
BIO_write(outdata, buf, 4); /* zero out checksum */
i += 4;
BIO_write(hash, indata + i, 60+pe32plus*16);
@ -820,13 +820,13 @@ int main(int argc, char **argv)
BIO_write(hash, indata + i, st.st_size - i);
/* pad (with 0's) pe file to 8 byte boundary */
len = 8 - st.st_size % 8;
if (len > 0 && len != 8) {
memset(buf, 0, len);
BIO_write(hash, buf, len);
st.st_size += len;
}
/* pad (with 0's) pe file to 8 byte boundary */
len = 8 - st.st_size % 8;
if (len > 0 && len != 8) {
memset(buf, 0, len);
BIO_write(hash, buf, len);
st.st_size += len;
}
}
sig = PKCS7_new();
PKCS7_set_type(sig, NID_pkcs7_signed);
@ -853,8 +853,8 @@ int main(int argc, char **argv)
DO_EXIT_0("Failed to add objects\n");
PKCS7_add_signed_attribute
(si, NID_pkcs9_contentType,
V_ASN1_OBJECT, OBJ_txt2obj(SPC_INDIRECT_DATA_OBJID, 1));
(si, NID_pkcs9_contentType,
V_ASN1_OBJECT, OBJ_txt2obj(SPC_INDIRECT_DATA_OBJID, 1));
if (is_cabinet && jp >= 0) {
const u_char *attrs = NULL;
@ -879,8 +879,8 @@ int main(int argc, char **argv)
astr = ASN1_STRING_new();
ASN1_STRING_set(astr, attrs, len);
PKCS7_add_signed_attribute
(si, OBJ_txt2nid(SPC_MS_JAVA_SOMETHING),
V_ASN1_SEQUENCE, astr);
(si, OBJ_txt2nid(SPC_MS_JAVA_SOMETHING),
V_ASN1_SEQUENCE, astr);
}
}
@ -943,7 +943,7 @@ int main(int argc, char **argv)
#ifdef ENABLE_CURL
/* add counter-signature/timestamp */
if (turl && add_timestamp(sig, turl, proxy))
DO_EXIT_0("timestamping failed\n");
DO_EXIT_0("timestamping failed\n");
#endif
#if 0
@ -995,7 +995,7 @@ int main(int argc, char **argv)
return 0;
err_cleanup:
err_cleanup:
ERR_print_errors_fp(stderr);
if (hash != NULL)
BIO_free_all(hash);
@ -1003,5 +1003,3 @@ int main(int argc, char **argv)
fprintf(stderr, "\nFailed\n");
return -1;
}