nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-05 09:08:04 -05:00
Code Issues Projects Releases Wiki Activity

verify the content blob with the type set to OCTET STRING

Browse Source
This commit is contained in:
olszomal 2021-05-13 11:32:09 +02:00 committed by Michał Trojnara
parent 1c175c4339
commit d2aa35a7f6
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
osslsigncode.c
View File

@ -755,7 +755,8 @@ static int is_content_type(PKCS7 *p7, const char *objid)
indir_objid = OBJ_txt2obj(objid, 1); indir_objid = OBJ_txt2obj(objid, 1);
retval = p7 && PKCS7_type_is_signed(p7) && retval = p7 && PKCS7_type_is_signed(p7) &&
!OBJ_cmp(p7->d.sign->contents->type, indir_objid) && !OBJ_cmp(p7->d.sign->contents->type, indir_objid) &&
p7->d.sign->contents->d.other->type == V_ASN1_SEQUENCE; (p7->d.sign->contents->d.other->type == V_ASN1_SEQUENCE ||
p7->d.sign->contents->d.other->type == V_ASN1_OCTET_STRING);
ASN1_OBJECT_free(indir_objid); ASN1_OBJECT_free(indir_objid);
return retval; return retval;
} }
@ -2715,7 +2716,7 @@ static int verify_authenticode(SIGNATURE *signature, GLOBAL_OPTIONS *options, X5
{ {
X509_STORE *store; X509_STORE *store;
STACK_OF(X509_CRL) *crls; STACK_OF(X509_CRL) *crls;
size_t seqhdrlen; size_t seqhdrlen = 0;
BIO *bio = NULL; BIO *bio = NULL;
int verok = 0; int verok = 0;
@ -2734,8 +2735,10 @@ static int verify_authenticode(SIGNATURE *signature, GLOBAL_OPTIONS *options, X5
} }
/* verify a PKCS#7 signedData structure */ /* verify a PKCS#7 signedData structure */
if (signature->p7->d.sign->contents->d.other->type == V_ASN1_SEQUENCE) {
seqhdrlen = asn1_simple_hdr_len(signature->p7->d.sign->contents->d.other->value.sequence->data, seqhdrlen = asn1_simple_hdr_len(signature->p7->d.sign->contents->d.other->value.sequence->data,
signature->p7->d.sign->contents->d.other->value.sequence->length); signature->p7->d.sign->contents->d.other->value.sequence->length);
}
bio = BIO_new_mem_buf(signature->p7->d.sign->contents->d.other->value.sequence->data + seqhdrlen, bio = BIO_new_mem_buf(signature->p7->d.sign->contents->d.other->value.sequence->data + seqhdrlen,
signature->p7->d.sign->contents->d.other->value.sequence->length - seqhdrlen); signature->p7->d.sign->contents->d.other->value.sequence->length - seqhdrlen);
if (!PKCS7_verify(signature->p7, NULL, store, bio, NULL, 0)) { if (!PKCS7_verify(signature->p7, NULL, store, bio, NULL, 0)) {