Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/crypto/asymmetric_keys/mscode_parser.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0-or-later
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /* Parse a Microsoft Individual Code Signing blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * Written by David Howells (dhowells@redhat.com)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) #define pr_fmt(fmt) "MSCODE: "fmt
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) #include <linux/kernel.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) #include <linux/err.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) #include <linux/oid_registry.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <crypto/pkcs7.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) #include "verify_pefile.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) #include "mscode.asn1.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18)  * Parse a Microsoft Individual Code Signing blob
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) int mscode_parse(void *_ctx, const void *content_data, size_t data_len,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) 		 size_t asn1hdrlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) 	struct pefile_context *ctx = _ctx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) 	content_data -= asn1hdrlen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 	data_len += asn1hdrlen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) 	pr_devel("Data: %zu [%*ph]\n", data_len, (unsigned)(data_len),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 		 content_data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 	return asn1_ber_decoder(&mscode_decoder, ctx, content_data, data_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34)  * Check the content type OID
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) int mscode_note_content_type(void *context, size_t hdrlen,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 			     unsigned char tag,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 			     const void *value, size_t vlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 	enum OID oid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 	oid = look_up_OID(value, vlen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 	if (oid == OID__NR) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 		char buffer[50];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 		sprint_oid(value, vlen, buffer, sizeof(buffer));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 		pr_err("Unknown OID: %s\n", buffer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 		return -EBADMSG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 	 * pesign utility had a bug where it was putting
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 	 * OID_msIndividualSPKeyPurpose instead of OID_msPeImageDataObjId
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 	 * So allow both OIDs.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 	if (oid != OID_msPeImageDataObjId &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 	    oid != OID_msIndividualSPKeyPurpose) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 		pr_err("Unexpected content type OID %u\n", oid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 		return -EBADMSG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66)  * Note the digest algorithm OID
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) int mscode_note_digest_algo(void *context, size_t hdrlen,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 			    unsigned char tag,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 			    const void *value, size_t vlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	struct pefile_context *ctx = context;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 	char buffer[50];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 	enum OID oid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 	oid = look_up_OID(value, vlen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 	switch (oid) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 	case OID_md4:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 		ctx->digest_algo = "md4";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 	case OID_md5:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 		ctx->digest_algo = "md5";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 	case OID_sha1:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 		ctx->digest_algo = "sha1";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 	case OID_sha256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 		ctx->digest_algo = "sha256";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 	case OID_sha384:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 		ctx->digest_algo = "sha384";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 	case OID_sha512:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 		ctx->digest_algo = "sha512";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 	case OID_sha224:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 		ctx->digest_algo = "sha224";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 	case OID__NR:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 		sprint_oid(value, vlen, buffer, sizeof(buffer));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 		pr_err("Unknown OID: %s\n", buffer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) 		return -EBADMSG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 	default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 		pr_err("Unsupported content type: %u\n", oid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 		return -ENOPKG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114)  * Note the digest we're guaranteeing with this certificate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) int mscode_note_digest(void *context, size_t hdrlen,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 		       unsigned char tag,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 		       const void *value, size_t vlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 	struct pefile_context *ctx = context;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 	ctx->digest = kmemdup(value, vlen, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) 	if (!ctx->digest)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 		return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 	ctx->digest_len = vlen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) }
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.