annotate common/binverify.c @ 592:778f74d0706f

Verify the binary directly without relying on settings (which might differ)
author Andre Heinecke <aheinecke@intevation.de>
date Wed, 28 May 2014 08:36:05 +0000
parents 26a18e3c3db4
children facb13c578f1
rev   line source
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
2 * Software engineering by Intevation GmbH
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
3 *
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
6 * See LICENSE.txt for details.
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
7 */
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
8
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
9 #include "binverify.h"
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
10
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
11 #include "strhelp.h"
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
12 #include "logging.h"
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
13
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
14 bin_verify_result
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
15 verify_binary(const char *filename, size_t name_len) {
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
16 #ifdef WIN32
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
17 return verify_binary_win(filename, name_len);
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
18 #else
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
19 /* TODO */
590
c93730ef2a3a Fix Linux build (unused variables)
Andre Heinecke <aheinecke@intevation.de>
parents: 586
diff changeset
20 if (filename && name_len)
c93730ef2a3a Fix Linux build (unused variables)
Andre Heinecke <aheinecke@intevation.de>
parents: 586
diff changeset
21 return VerifyValid;
c93730ef2a3a Fix Linux build (unused variables)
Andre Heinecke <aheinecke@intevation.de>
parents: 586
diff changeset
22 return VerifyUnknownError;
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
23 #endif
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
24 }
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
25
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
26 #ifdef WIN32
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
27
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
28 #include <windows.h>
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
29 #include <wincrypt.h>
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
30 #include <wintrust.h>
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
31 #include <stdio.h>
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
32
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
33 bin_verify_result
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
34 verify_binary_win(const char *filename, size_t name_len) {
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
35 bin_verify_result retval = VerifyUnknownError;
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
36 WCHAR *filenameW = NULL;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
37 BOOL result = FALSE;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
38 DWORD dwEncoding = 0,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
39 dwContentType = 0,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
40 dwFormatType = 0,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
41 dwSignerInfoSize = 0;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
42 HCERTSTORE hStore = NULL;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
43 HCRYPTMSG hMsg = NULL;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
44 PCERT_INFO pSignerCert = NULL;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
45 PCCERT_CONTEXT pSignerCertContext = NULL;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
46
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
47 if (!filename || name_len > MAX_PATH || strlen(filename) != name_len)
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
48 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
49 ERRORPRINTF ("Invalid parameters\n");
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
50 return VerifyUnknownError;
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
51 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
52
591
26a18e3c3db4 Cleanups and coding style.
Andre Heinecke <aheinecke@intevation.de>
parents: 590
diff changeset
53 filenameW = utf8_to_wchar(filename, name_len);
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
54
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
55 result = CryptQueryObject (CERT_QUERY_OBJECT_FILE,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
56 filenameW,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
57 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
58 CERT_QUERY_FORMAT_FLAG_BINARY,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
59 0,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
60 &dwEncoding,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
61 &dwContentType,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
62 &dwFormatType,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
63 &hStore,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
64 &hMsg,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
65 NULL);
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
66
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
67 if (!result || !hMsg)
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
68 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
69 PRINTLASTERROR ("Failed to query crypto object");
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
70 retval = VerifyReadFailed;
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
71 goto done;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
72 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
73
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
74 /* Get the cert info so that we can look up the signer in the store later */
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
75 if (CryptMsgGetParam(hMsg,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
76 CMSG_SIGNER_CERT_INFO_PARAM,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
77 0,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
78 NULL,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
79 &dwSignerInfoSize) && dwSignerInfoSize > 0)
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
80 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
81 pSignerCert = xmalloc (dwSignerInfoSize);
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
82 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
83 else
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
84 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
85 ERRORPRINTF ("Failed to get signer cert size.");
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
86 retval = VerifyUnknownError;
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
87 goto done;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
88 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
89
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
90 if (!(CryptMsgGetParam(hMsg,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
91 CMSG_SIGNER_CERT_INFO_PARAM,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
92 0,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
93 pSignerCert,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
94 &dwSignerInfoSize)))
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
95 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
96 ERRORPRINTF ("Failed to get signer cert.");
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
97 retval = VerifyUnknownError;
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
98 goto done;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
99 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
100
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
101 pSignerCertContext = CertGetSubjectCertificateFromStore(
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
102 hStore,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
103 PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
104 pSignerCert);
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
105
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
106 if (!pSignerCertContext)
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
107 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
108 ERRORPRINTF ("Failed to find signer cert in store.");
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
109 retval = VerifyUnknownError;
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
110 goto done;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
111 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
112
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
113 /* Verify that the signature is actually valid */
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
114 if(CryptMsgControl(hMsg,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
115 0,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
116 CMSG_CTRL_VERIFY_SIGNATURE,
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
117 pSignerCertContext->pCertInfo))
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
118 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
119 DEBUGPRINTF ("Verify signature succeeded. \n");
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
120 /* TODO pinning*/
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
121 retval = VerifyValid;
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
122 } else {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
123 ERRORPRINTF ("The signature was not verified. \n");
586
ecfd77751daf Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents: 579
diff changeset
124 retval = VerifyInvalidSignature;
579
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
125 goto done;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
126 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
127
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
128 done:
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
129 xfree(filenameW);
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
130 xfree(pSignerCert);
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
131
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
132 if(pSignerCertContext)
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
133 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
134 CertFreeCertificateContext(pSignerCertContext);
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
135 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
136 if (hStore)
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
137 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
138 CertCloseStore(hStore, 0);
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
139 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
140 if (hMsg)
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
141 {
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
142 CryptMsgClose(hMsg);
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
143 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
144 return retval;
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
145 }
f4ce4eef3b38 Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
146 #endif /* WIN32 */

http://wald.intevation.org/projects/trustbridge/