woodruffw/authenticode_digest.cpp

## 3 changes: 3 additions & 0 deletions authenticode_digest.cpp
@@ -0,0 +1,3 @@

    auto *md = indir_data->messageDigest;
auto *md = indir_data->messageDigest;

    auto nid = OBJ_obj2nid(md->digestAlgorithm->algorithm);
auto nid = OBJ_obj2nid(md->digestAlgorithm->algorithm);

    auto digest = std::vector<std::uint8_t>(md->digest->data, md->digest->data + md->digest->length);
auto digest = std::vector<std::uint8_t>(md->digest->data, md->digest->data + md->digest->length);

## 6 changes: 6 additions & 0 deletions cert_table.c
@@ -0,0 +1,6 @@

    struct win_certificate {
struct win_certificate {

        uint32_t length;                    /* dwLength */
    uint32_t length;                    /* dwLength */

        uint16_t revision;                  /* wRevision */
    uint16_t revision;                  /* wRevision */

        uint16_t certificate_type;          /* wCertificateType */
    uint16_t certificate_type;          /* wCertificateType */

        uint8_t  certificate[/* length */]; /* bCertificate */
    uint8_t  certificate[/* length */]; /* bCertificate */

    } __attribute__((aligned (8)));
} __attribute__((aligned (8)));

## 11 changes: 11 additions & 0 deletions page_hash.asn1
@@ -0,0 +1,11 @@

    SpcSerializedObject ::= SEQUENCE {
SpcSerializedObject ::= SEQUENCE {

      classId         SpcUuid,
  classId         SpcUuid,

      serializedData  Impl_SpcSerializedData
  serializedData  Impl_SpcSerializedData

    }
}


    Impl_SpcSerializedData ::= SET OF Impl_SpcPageHash
Impl_SpcSerializedData ::= SET OF Impl_SpcPageHash


    Impl_SpcPageHash ::= SEQUENCE {
Impl_SpcPageHash ::= SEQUENCE {

      type        OBJECT IDENTIFIER,
  type        OBJECT IDENTIFIER,

      pageHashes  OCTETSTRING
  pageHashes  OCTETSTRING

    }
}

## 9 changes: 9 additions & 0 deletions page_hash.c
@@ -0,0 +1,9 @@

    struct impl_page_hash {
struct impl_page_hash {

        /* page_offset corresponds to a real file offset within each section,
    /* page_offset corresponds to a real file offset within each section,

         * and should be aligned by page size.
     * and should be aligned by page size.

         */
     */

        uint32_t page_offset;
    uint32_t page_offset;

        uint8_t  page_hash[IMPL_PAGE_HASH_SIZE];
    uint8_t  page_hash[IMPL_PAGE_HASH_SIZE];

    } __attribute__((packed));
} __attribute__((packed));


    typedef impl_page_hash *impl_page_hashes;
typedef impl_page_hash *impl_page_hashes;

## 19 changes: 19 additions & 0 deletions spc_indirect.asn1
@@ -0,0 +1,19 @@

    SpcIndirectDataContent ::= SEQUENCE {
SpcIndirectDataContent ::= SEQUENCE {

        data                    SpcAttributeTypeAndOptionalValue,
    data                    SpcAttributeTypeAndOptionalValue,

        messageDigest           DigestInfo
    messageDigest           DigestInfo

    }
}


    SpcAttributeTypeAndOptionalValue ::= SEQUENCE {
SpcAttributeTypeAndOptionalValue ::= SEQUENCE {

        type                    OBJECT IDENTIFIER,
    type                    OBJECT IDENTIFIER,

        value                   [0] EXPLICIT ANY OPTIONAL
    value                   [0] EXPLICIT ANY OPTIONAL

    }
}


    DigestInfo ::= SEQUENCE {
DigestInfo ::= SEQUENCE {

        digestAlgorithm     AlgorithmIdentifier,
    digestAlgorithm     AlgorithmIdentifier,

        digest              OCTETSTRING
    digest              OCTETSTRING

    }
}


    AlgorithmIdentifier    ::=    SEQUENCE {
AlgorithmIdentifier    ::=    SEQUENCE {

        algorithm           OBJECT IDENTIFIER,
    algorithm           OBJECT IDENTIFIER,

        parameters          [0] EXPLICIT ANY OPTIONAL
    parameters          [0] EXPLICIT ANY OPTIONAL

    }
}

## 32 changes: 32 additions & 0 deletions spc_indirect_macros.c
@@ -0,0 +1,32 @@

    typedef struct {
typedef struct {

      ASN1_OBJECT *type;
  ASN1_OBJECT *type;

      ASN1_TYPE *value;
  ASN1_TYPE *value;

    } Authenticode_SpcAttributeTypeAndOptionalValue;
} Authenticode_SpcAttributeTypeAndOptionalValue;


    typedef struct {
typedef struct {

      X509_ALGOR *digestAlgorithm;
  X509_ALGOR *digestAlgorithm;

      ASN1_OCTET_STRING *digest;
  ASN1_OCTET_STRING *digest;

    } Authenticode_DigestInfo;
} Authenticode_DigestInfo;


    typedef struct {
typedef struct {

      Authenticode_SpcAttributeTypeAndOptionalValue *data;
  Authenticode_SpcAttributeTypeAndOptionalValue *data;

      Authenticode_DigestInfo *messageDigest;
  Authenticode_DigestInfo *messageDigest;

    } Authenticode_SpcIndirectDataContent;
} Authenticode_SpcIndirectDataContent;


    ASN1_SEQUENCE(Authenticode_SpcAttributeTypeAndOptionalValue) = {
ASN1_SEQUENCE(Authenticode_SpcAttributeTypeAndOptionalValue) = {

      ASN1_SIMPLE(Authenticode_SpcAttributeTypeAndOptionalValue, type, ASN1_OBJECT),
  ASN1_SIMPLE(Authenticode_SpcAttributeTypeAndOptionalValue, type, ASN1_OBJECT),

      ASN1_OPT(Authenticode_SpcAttributeTypeAndOptionalValue, value, ASN1_ANY)
  ASN1_OPT(Authenticode_SpcAttributeTypeAndOptionalValue, value, ASN1_ANY)

    } ASN1_SEQUENCE_END(Authenticode_SpcAttributeTypeAndOptionalValue)
} ASN1_SEQUENCE_END(Authenticode_SpcAttributeTypeAndOptionalValue)

    IMPLEMENT_ASN1_FUNCTIONS(Authenticode_SpcAttributeTypeAndOptionalValue)
IMPLEMENT_ASN1_FUNCTIONS(Authenticode_SpcAttributeTypeAndOptionalValue)


    ASN1_SEQUENCE(Authenticode_DigestInfo) = {
ASN1_SEQUENCE(Authenticode_DigestInfo) = {

      ASN1_SIMPLE(Authenticode_DigestInfo, digestAlgorithm, X509_ALGOR),
  ASN1_SIMPLE(Authenticode_DigestInfo, digestAlgorithm, X509_ALGOR),

      ASN1_SIMPLE(Authenticode_DigestInfo, digest, ASN1_OCTET_STRING)
  ASN1_SIMPLE(Authenticode_DigestInfo, digest, ASN1_OCTET_STRING)

    } ASN1_SEQUENCE_END(Authenticode_DigestInfo)
} ASN1_SEQUENCE_END(Authenticode_DigestInfo)

    IMPLEMENT_ASN1_FUNCTIONS(Authenticode_DigestInfo)
IMPLEMENT_ASN1_FUNCTIONS(Authenticode_DigestInfo)


    ASN1_SEQUENCE(Authenticode_SpcIndirectDataContent) = {
ASN1_SEQUENCE(Authenticode_SpcIndirectDataContent) = {

      ASN1_SIMPLE(Authenticode_SpcIndirectDataContent, data, Authenticode_SpcAttributeTypeAndOptionalValue),
  ASN1_SIMPLE(Authenticode_SpcIndirectDataContent, data, Authenticode_SpcAttributeTypeAndOptionalValue),

      ASN1_SIMPLE(Authenticode_SpcIndirectDataContent, messageDigest, Authenticode_DigestInfo)
  ASN1_SIMPLE(Authenticode_SpcIndirectDataContent, messageDigest, Authenticode_DigestInfo)

    } ASN1_SEQUENCE_END(Authenticode_SpcIndirectDataContent)
} ASN1_SEQUENCE_END(Authenticode_SpcIndirectDataContent)

    IMPLEMENT_ASN1_FUNCTIONS(Authenticode_SpcIndirectDataContent)
IMPLEMENT_ASN1_FUNCTIONS(Authenticode_SpcIndirectDataContent)

## 5 changes: 5 additions & 0 deletions timestamp.asn1
@@ -0,0 +1,5 @@

    TimeStampRequest ::= SEQUENCE {
TimeStampRequest ::= SEQUENCE {

       countersignatureType OBJECT IDENTIFIER,
   countersignatureType OBJECT IDENTIFIER,

       attributes Attributes OPTIONAL,
   attributes Attributes OPTIONAL,

       content  ContentInfo
   content  ContentInfo

    }
}

## 11 changes: 11 additions & 0 deletions uthenticode_example.cpp
@@ -0,0 +1,11 @@

    #include <uthenticode.h>
#include <uthenticode.h>


    #include <iostream>
#include <iostream>


    int main(int argc, char **argv) {
int main(int argc, char **argv) {

        auto *pe = peparse::ParsePEFromFile(argv[1]);
    auto *pe = peparse::ParsePEFromFile(argv[1]);


        std::cout << argv[1] << " has a "
    std::cout << argv[1] << " has a "

                  << (uthenticode::verify(pe) ? "valid" : "invalid")
              << (uthenticode::verify(pe) ? "valid" : "invalid")

                  << " signature!";
              << " signature!";

    }
}

## 8 changes: 8 additions & 0 deletions verify1.cpp
@@ -0,0 +1,8 @@

    /* Assuming that buf is an OpenSSL BIO* containing the DER-encoded PKCS#7 object */
/* Assuming that buf is an OpenSSL BIO* containing the DER-encoded PKCS#7 object */

    auto *p7 = d2i_PKCS7_bio(buf, nullptr);
auto *p7 = d2i_PKCS7_bio(buf, nullptr);

    auto *contents = p7->d.sign->contents;
auto *contents = p7->d.sign->contents;


    /* The d2i_ family increments the pointer passed to it, so we make a copy. */
/* The d2i_ family increments the pointer passed to it, so we make a copy. */

    auto *indir_data_inc_ptr = contents->d.other->value.sequence->data;
auto *indir_data_inc_ptr = contents->d.other->value.sequence->data;

    auto *indir_data = d2i_Authenticode_SpcIndirectDataContent(
auto *indir_data = d2i_Authenticode_SpcIndirectDataContent(

        nullptr, &indir_data_inc_ptr, contents->d.other->value.sequence->length);
    nullptr, &indir_data_inc_ptr, contents->d.other->value.sequence->length);

## 21 changes: 21 additions & 0 deletions verify2.cpp
@@ -0,0 +1,21 @@

    STACK_OF(X509) *certs = p7->d.sign->cert;
STACK_OF(X509) *certs = p7->d.sign->cert;


    /* Re-serialize the SpcIndirectDataContent to DER... */
/* Re-serialize the SpcIndirectDataContent to DER... */

    std::uint8_t indir_data_buf = nullptr;
std::uint8_t indir_data_buf = nullptr;

    i2d_Authenticode_SpcIndirectDataContent(indir_data, &indir_data_buf);
i2d_Authenticode_SpcIndirectDataContent(indir_data, &indir_data_buf);


    /* ...so that we can unwrap its sequence here. */
/* ...so that we can unwrap its sequence here. */

    const auto *signed_data_seq = indir_data_buf;
const auto *signed_data_seq = indir_data_buf;

    long length = 0;
long length = 0;

    int tag = 0, tag_class = 0;
int tag = 0, tag_class = 0;

    ASN1_get_object(&signed_data_seq, &length, &tag, &tag_class, buf_size);
ASN1_get_object(&signed_data_seq, &length, &tag, &tag_class, buf_size);

    assert(tag == V_ASN1_SEQUENCE);
assert(tag == V_ASN1_SEQUENCE);


    auto *signed_data = BIO_new_mem_buf(signed_data_seq, length);
auto *signed_data = BIO_new_mem_buf(signed_data_seq, length);


    /* Our stack of certs isn't guaranteed to include the root cert,
/* Our stack of certs isn't guaranteed to include the root cert,

     * so pass PKCS7_NOVERIFY.
 * so pass PKCS7_NOVERIFY.

     */
 */

    PKCS7_verify(p7, certs, nullptr, signed_data, nullptr, PKCS7_NOVERIFY);
PKCS7_verify(p7, certs, nullptr, signed_data, nullptr, PKCS7_NOVERIFY);


    assert(status == 1);
assert(status == 1);