New function bio_hash_data()

msi.c

@@ -12,6 +12,7 @@
 
 #include <string.h>       /* memcmp */
 #include "msi.h"
+#include "osslsigncode.h"
 
 #define MIN(a,b) ((a) < (b) ? a : b)
 
@@ -735,8 +736,6 @@ out:
 /* Compute a simple sha1/sha256 message digest of the MSI file */
 int msi_calc_digest(char *indata, int mdtype, u_char *mdbuf, uint32_t fileend)
 {
-	uint32_t idx = 0, offset;
-	size_t written;
 	const EVP_MD *md = EVP_get_digestbynid(mdtype);
 	BIO *bhash = BIO_new(BIO_f_md());
 
@@ -746,18 +745,12 @@ int msi_calc_digest(char *indata, int mdtype, u_char *mdbuf, uint32_t fileend)
 		return 0;  /* FAILED */
 	}
 	BIO_push(bhash, BIO_new(BIO_s_null()));
-	offset = fileend;
-	while (idx < offset) {
-		uint32_t want = offset - idx;
-		if (want > SIZE_64K)
-			want = SIZE_64K;
-		if (!BIO_write_ex(bhash, indata + idx, want, &written)) {
-			BIO_free_all(bhash);
-			return 0; /* FAILED */
-		}
-		idx += (uint32_t)written;
+	if (!bio_hash_data(indata, bhash, 0, fileend)) {
+		printf("Unable to calculate digest\n");
+		BIO_free_all(bhash);
+		return 0;  /* FAILED */
 	}
-	BIO_gets(bhash, mdbuf, EVP_MD_size(md));
+	BIO_gets(bhash, (char *)mdbuf, EVP_MD_size(md));
 	return 1; /* OK */
 }
 

osslsigncode.c

@@ -118,6 +118,7 @@
 #endif /* OPENSSL_VERSION_NUMBER>=0x30000000L */
 
 #include "msi.h"
+#include "osslsigncode.h"
 
 #ifdef ENABLE_CURL
 #ifdef __CYGWIN__
@@ -795,6 +796,24 @@ static int is_content_type(PKCS7 *p7, const char *objid)
 	return retval;
 }
 
+int bio_hash_data(char *indata, BIO *hash, uint32_t idx, uint32_t fileend)
+{
+	size_t written;
+	uint32_t want;
+
+	while (idx < fileend) {
+		want = fileend - idx;
+		if (want > SIZE_64K)
+			want = SIZE_64K;
+		if (!BIO_write_ex(hash, indata + idx, want, &written)) {
+			BIO_free_all(hash);
+			return 0; /* FAILED */
+		}
+		idx += (uint32_t)written;
+	}
+	return 1; /* OK */
+}
+
 #ifdef ENABLE_CURL
 
 static int blob_has_nl = 0;
@@ -3444,7 +3463,7 @@ static int msi_calc_MsiDigitalSignatureEx(MSI_PARAMS *msiparams, const EVP_MD *m
 static int pe_calc_digest(char *indata, int mdtype, u_char *mdbuf, FILE_HEADER *header)
 {
 	size_t written;
-	uint32_t idx = 0, offset;
+	uint32_t idx = 0, fileend;
 	const EVP_MD *md = EVP_get_digestbynid(mdtype);
 	BIO *bhash = BIO_new(BIO_f_md());
 
@@ -3455,9 +3474,9 @@ static int pe_calc_digest(char *indata, int mdtype, u_char *mdbuf, FILE_HEADER *
 	}
 	BIO_push(bhash, BIO_new(BIO_s_null()));
 	if (header->sigpos)
-		offset = header->sigpos;
+		fileend = header->sigpos;
 	else
-		offset = header->fileend;
+		fileend = header->fileend;
 
 	/* header->header_size + 88 + 4 + 60 + header->pe32plus * 16 + 8 */
 	if (!BIO_write_ex(bhash, indata, header->header_size + 88, &written)
@@ -3472,17 +3491,11 @@ static int pe_calc_digest(char *indata, int mdtype, u_char *mdbuf, FILE_HEADER *
 		return 0; /* FAILED */
 	}
 	idx += (uint32_t)written + 8;
-	while (idx < offset) {
-		uint32_t want = offset - idx;
-		if (want > SIZE_64K)
-			want = SIZE_64K;
-		if (!BIO_write_ex(bhash, indata + idx, want, &written)) {
-			BIO_free_all(bhash);
-			return 0; /* FAILED */
-		}
-		idx += (uint32_t)written;
+	if (!bio_hash_data(indata, bhash, idx, fileend)) {
+		printf("Unable to calculate digest\n");
+		BIO_free_all(bhash);
+		return 0;  /* FAILED */
 	}
-
 	if (!header->sigpos) {
 		/* pad (with 0's) unsigned PE file to 8 byte boundary */
 		char *buf = OPENSSL_malloc(8);

osslsigncode.h

@@ -0,0 +1,9 @@
+/*
+ * osslsigncode support library
+ *
+ * Copyright (C) 2021 Michał Trojnara <Michal.Trojnara@stunnel.org>
+ * Author: Małgorzata Olszówka <Malgorzata.Olszowka@stunnel.org>
+ *
+ */
+
+int bio_hash_data(char *indata, BIO *hash, uint32_t idx, uint32_t fileend);