Mercurial > trustbridge
annotate common/binverify.c @ 608:81a44b93229e
Be more permissive with process names. Case insenstive and with suffix or not.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Wed, 18 Jun 2014 11:22:15 +0200 |
| parents | 26a18e3c3db4 |
| children | facb13c578f1 |
| rev | line source |
|---|---|
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
2 * Software engineering by Intevation GmbH |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
3 * |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=2) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
6 * See LICENSE.txt for details. |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
7 */ |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
9 #include "binverify.h" |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
10 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
11 #include "strhelp.h" |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
12 #include "logging.h" |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
13 |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
14 bin_verify_result |
|
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
15 verify_binary(const char *filename, size_t name_len) { |
|
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
16 #ifdef WIN32 |
|
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
17 return verify_binary_win(filename, name_len); |
|
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
18 #else |
|
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
19 /* TODO */ |
|
590
c93730ef2a3a
Fix Linux build (unused variables)
Andre Heinecke <aheinecke@intevation.de>
parents:
586
diff
changeset
|
20 if (filename && name_len) |
|
c93730ef2a3a
Fix Linux build (unused variables)
Andre Heinecke <aheinecke@intevation.de>
parents:
586
diff
changeset
|
21 return VerifyValid; |
|
c93730ef2a3a
Fix Linux build (unused variables)
Andre Heinecke <aheinecke@intevation.de>
parents:
586
diff
changeset
|
22 return VerifyUnknownError; |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
23 #endif |
|
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
24 } |
|
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
25 |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
26 #ifdef WIN32 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
27 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
28 #include <windows.h> |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
29 #include <wincrypt.h> |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
30 #include <wintrust.h> |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
31 #include <stdio.h> |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
32 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
33 bin_verify_result |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
34 verify_binary_win(const char *filename, size_t name_len) { |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
35 bin_verify_result retval = VerifyUnknownError; |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
36 WCHAR *filenameW = NULL; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
37 BOOL result = FALSE; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
38 DWORD dwEncoding = 0, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
39 dwContentType = 0, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
40 dwFormatType = 0, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
41 dwSignerInfoSize = 0; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
42 HCERTSTORE hStore = NULL; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
43 HCRYPTMSG hMsg = NULL; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
44 PCERT_INFO pSignerCert = NULL; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
45 PCCERT_CONTEXT pSignerCertContext = NULL; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
46 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
47 if (!filename || name_len > MAX_PATH || strlen(filename) != name_len) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
48 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
49 ERRORPRINTF ("Invalid parameters\n"); |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
50 return VerifyUnknownError; |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
51 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
52 |
|
591
26a18e3c3db4
Cleanups and coding style.
Andre Heinecke <aheinecke@intevation.de>
parents:
590
diff
changeset
|
53 filenameW = utf8_to_wchar(filename, name_len); |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
54 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
55 result = CryptQueryObject (CERT_QUERY_OBJECT_FILE, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
56 filenameW, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
57 CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
58 CERT_QUERY_FORMAT_FLAG_BINARY, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
59 0, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
60 &dwEncoding, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
61 &dwContentType, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
62 &dwFormatType, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
63 &hStore, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
64 &hMsg, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
65 NULL); |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
66 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
67 if (!result || !hMsg) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
68 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
69 PRINTLASTERROR ("Failed to query crypto object"); |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
70 retval = VerifyReadFailed; |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
71 goto done; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
72 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
73 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
74 /* Get the cert info so that we can look up the signer in the store later */ |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
75 if (CryptMsgGetParam(hMsg, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
76 CMSG_SIGNER_CERT_INFO_PARAM, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
77 0, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
78 NULL, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
79 &dwSignerInfoSize) && dwSignerInfoSize > 0) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
80 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
81 pSignerCert = xmalloc (dwSignerInfoSize); |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
82 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
83 else |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
84 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
85 ERRORPRINTF ("Failed to get signer cert size."); |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
86 retval = VerifyUnknownError; |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
87 goto done; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
88 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
89 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
90 if (!(CryptMsgGetParam(hMsg, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
91 CMSG_SIGNER_CERT_INFO_PARAM, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
92 0, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
93 pSignerCert, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
94 &dwSignerInfoSize))) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
95 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
96 ERRORPRINTF ("Failed to get signer cert."); |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
97 retval = VerifyUnknownError; |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
98 goto done; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
99 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
100 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
101 pSignerCertContext = CertGetSubjectCertificateFromStore( |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
102 hStore, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
103 PKCS_7_ASN_ENCODING | X509_ASN_ENCODING, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
104 pSignerCert); |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
105 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
106 if (!pSignerCertContext) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
107 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
108 ERRORPRINTF ("Failed to find signer cert in store."); |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
109 retval = VerifyUnknownError; |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
110 goto done; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
111 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
112 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
113 /* Verify that the signature is actually valid */ |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
114 if(CryptMsgControl(hMsg, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
115 0, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
116 CMSG_CTRL_VERIFY_SIGNATURE, |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
117 pSignerCertContext->pCertInfo)) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
118 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
119 DEBUGPRINTF ("Verify signature succeeded. \n"); |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
120 /* TODO pinning*/ |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
121 retval = VerifyValid; |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
122 } else { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
123 ERRORPRINTF ("The signature was not verified. \n"); |
|
586
ecfd77751daf
Disambiguate enumerator values and add portable wrapper.
Andre Heinecke <aheinecke@intevation.de>
parents:
579
diff
changeset
|
124 retval = VerifyInvalidSignature; |
|
579
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
125 goto done; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
126 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
127 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
128 done: |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
129 xfree(filenameW); |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
130 xfree(pSignerCert); |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
131 |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
132 if(pSignerCertContext) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
133 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
134 CertFreeCertificateContext(pSignerCertContext); |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
135 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
136 if (hStore) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
137 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
138 CertCloseStore(hStore, 0); |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
139 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
140 if (hMsg) |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
141 { |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
142 CryptMsgClose(hMsg); |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
143 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
144 return retval; |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
145 } |
|
f4ce4eef3b38
Implement PKCS#7 embedded signature verfification for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
146 #endif /* WIN32 */ |