nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-04 17:00:11 -05:00
Code Issues Projects Releases Wiki Activity

Fixed validation of supported command

Browse Source
This commit is contained in:
Maxim Bagryantsev 2023-06-18 16:02:31 +04:00 committed by Michał Trojnara
parent 29eedf9059
commit f2f3a8891c
1 changed files with 38 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
osslsigncode.c
View File

@ -2002,6 +2002,12 @@ static int verify_member(FILE_FORMAT_CTX *ctx, CatalogAuthAttr *attribute)
printf("Failed to extract current message digest\n\n");
return 1; /* FAILED */
}
if(!ctx->format->digest_calc) {
printf("Unsupported command\n");
return 1; /* Failed */
}
md = EVP_get_digestbynid(mdtype);
cmdbuf = ctx->format->digest_calc(ctx, md);
if (!cmdbuf) {
@ -2219,9 +2225,13 @@ static int verify_signed_file(FILE_FORMAT_CTX *ctx, GLOBAL_OPTIONS *options)
PKCS7 *p7;
STACK_OF(PKCS7) *signatures;
int detached = options->catalog ? 1 : 0;
if(!ctx->format->check_file) {
printf("Unsupported command\n");
return 1; /* Failed */
}
if (!ctx->format->check_file(ctx, detached))
return 1; /* FAILED */
return 1; /* Failed */
if (detached) {
GLOBAL_OPTIONS *cat_options;
@ -2238,10 +2248,21 @@ static int verify_signed_file(FILE_FORMAT_CTX *ctx, GLOBAL_OPTIONS *options)
printf("CAT file initialization error\n");
return 1; /* Failed */
}
if(!cat_ctx->format->pkcs7_extract) {
printf("Unsupported command\n");
return 1; /* Failed */
}
p7 = cat_ctx->format->pkcs7_extract(cat_ctx);
cat_ctx->format->ctx_cleanup(cat_ctx, NULL, NULL);
OPENSSL_free(cat_options);
} else {
if(!ctx->format->pkcs7_extract) {
printf("Unsupported command\n");
return 1; /* Failed */
}
p7 = ctx->format->pkcs7_extract(ctx);
}
if (!p7) {
@ -2262,9 +2283,14 @@ static int verify_signed_file(FILE_FORMAT_CTX *ctx, GLOBAL_OPTIONS *options)
} else {
printf("Catalog verification: failed\n\n");
}
} else if (ctx->format->verify_digests(ctx, sig)) {
printf("Signature Index: %d %s\n", i, i==0 ? " (Primary Signature)" : "");
ret &= verify_signature(ctx, sig);
} else if (ctx->format->verify_digests) {
if(ctx->format->verify_digests(ctx, sig)) {
printf("Signature Index: %d %s\n", i, i==0 ? " (Primary Signature)" : "");
ret &= verify_signature(ctx, sig);
}
} else {
printf("Unsupported command\n");
return 1; /* Failed */
}
}
printf("Number of verified signatures: %d\n", i);
@ -3744,7 +3770,10 @@ int main(int argc, char **argv)
if (options.cmd == CMD_VERIFY) {
ret = verify_signed_file(ctx, &options);
goto skip_signing;
} else if (options.cmd == CMD_EXTRACT && ctx->format->pkcs7_extract) {
} else if (options.cmd == CMD_EXTRACT) {
if(!ctx->format->pkcs7_extract) {
DO_EXIT_0("Unsupported command\n");
}
p7 = ctx->format->pkcs7_extract(ctx);
if (!p7) {
DO_EXIT_0("Unable to extract existing signature\n");
@ -3752,7 +3781,10 @@ int main(int argc, char **argv)
ret = save_extracted_pkcs7(ctx, outdata, p7);
PKCS7_free(p7);
goto skip_signing;
} else if (options.cmd == CMD_REMOVE && ctx->format->remove_pkcs7) {
} else if (options.cmd == CMD_REMOVE) {
if(!ctx->format->remove_pkcs7) {
DO_EXIT_0("Unsupported command\n");
}
ret = ctx->format->remove_pkcs7(ctx, hash, outdata);
if (ctx->format->update_data_size) {
ctx->format->update_data_size(ctx, outdata, NULL);