/** @file
* IPRT - Crypto - Microsoft SPC / Authenticode.
*/
/*
* Copyright (C) 2006-2014 Oracle Corporation
*
* This file is part of VirtualBox Open Source Edition (OSE), as
* available from http://www.virtualbox.org. This file is free software;
* General Public License (GPL) as published by the Free Software
* Foundation, in version 2 as it comes in the "COPYING" file of the
* VirtualBox OSE distribution. VirtualBox OSE is distributed in the
* hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
*
* The contents of this file may alternatively be used under the terms
* of the Common Development and Distribution License Version 1.0
* (CDDL) only, as it comes in the "COPYING.CDDL" file of the
* VirtualBox OSE distribution, in which case the provisions of the
* CDDL are applicable instead of those of the GPL.
*
* You may elect to license modified versions of this file under the
* terms and conditions of either the GPL or the CDDL or both.
*/
#ifndef ___iprt_crypto_spc_h
#define ___iprt_crypto_spc_h
/** @defgroup grp_rt_spc RTCrSpc - Microsoft Authenticode
* @ingroup grp_rt_crypto
* @{
*/
/**
* PE Image page hash table, generic union.
*
* @remarks This table isn't used by ldrPE.cpp, it walks the table in a generic
* fashion using the hash size. So, we can ditch it if we feel like it.
*/
typedef union RTCRSPCPEIMAGEPAGEHASHES
{
/** MD5 page hashes. */
struct
{
/** The file offset. */
/** The hash. */
/** SHA-1 page hashes. */
struct
{
/** The file offset. */
/** The hash. */
/** SHA-256 page hashes. */
struct
{
/** The file offset. */
/** The hash. */
/** SHA-512 page hashes. */
struct
{
/** The file offset. */
/** The hash. */
/** Pointer to a PE image page hash table union. */
/** Pointer to a const PE image page hash table union. */
/**
* Serialization wrapper for raw RTCRSPCPEIMAGEPAGEHASHES data.
*/
typedef struct RTCRSPCSERIALIZEDPAGEHASHES
{
/** The page hashes are within a set. Dunno if there could be multiple
* entries in this set, never seen it yet, so I doubt it. */
/** Octet string containing the raw data. */
/** Pointer to the hash data within that string.
* The hash algorithm is given by the object attribute type in
* RTCRSPCSERIALIZEDOBJECTATTRIBUTE. It is generally the same as for the
* whole image hash. */
/** Field the user can use to store the number of pages in pData. */
/** Pointer to a serialized wrapper for page hashes. */
/** Pointer to a const serialized wrapper for page hashes. */
RTASN1TYPE_STANDARD_PROTOTYPES(RTCRSPCSERIALIZEDPAGEHASHES, RTDECL, RTCrSpcSerializedPageHashes, SetCore.Asn1Core);
/**
* Data type selection for RTCRSPCSERIALIZEDOBJECTATTRIBUTE.
*/
typedef enum RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE
{
/** Invalid zero entry. */
/** Not present pro forma. */
/** Unknown object. */
/** SHA-1 page hashes (pPageHashes). */
/** SHA-256 page hashes (pPageHashes). */
/** End of valid values. */
/** Blow up the type to at least 32-bits. */
/**
* One serialized object attribute (PE image data).
*/
typedef struct RTCRSPCSERIALIZEDOBJECTATTRIBUTE
{
/** Sequence core. */
/** The attribute type. */
/** The allocation of the data type. */
/** Indicates the valid value in the union. */
/** Union with data format depending on the Type. */
union
{
/** The unknown value (RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE_UNKNOWN). */
/** Page hashes (RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE_PAGE_HASHES_V1 or
* RTCRSPCSERIALIZEDOBJECTATTRIBUTETYPE_PAGE_HASHES_V2). */
} u;
/** Pointer to a serialized object attribute. */
/** Pointer to a const serialized object attribute. */
RTASN1TYPE_STANDARD_PROTOTYPES(RTCRSPCSERIALIZEDOBJECTATTRIBUTE, RTDECL, RTCrSpcSerializedObjectAttribute, SeqCore.Asn1Core);
/** @name RTCRSPCSERIALIZEDOBJECTATTRIBUTE::Type values
* @{ */
/** Serialized object attribute type for page hashes version 1. */
/** Serialized object attribute type for page hashes version 2. */
/** @} */
/*
* Set of serialized object attributes (PE image data).
*/
RTASN1_IMPL_GEN_SET_OF_TYPEDEFS_AND_PROTOS(RTCRSPCSERIALIZEDOBJECTATTRIBUTES, RTCRSPCSERIALIZEDOBJECTATTRIBUTE, RTDECL,
/** The UUID found in RTCRSPCSERIALIZEDOBJECT::Uuid for
* RTCRSPCSERIALIZEDOBJECTATTRIBUTES. */
/**
* Decoded encapsulated data type selection in RTCRSPCSERIALIZEDOBJECT.
*/
typedef enum RTCRSPCSERIALIZEDOBJECTTYPE
{
/** Invalid zero value. */
/** Serialized object attributes (RTCRSPCSERIALIZEDOBJECT_UUID_STR / pAttribs). */
/** End of valid values. */
/** MAke sure the type is at least 32-bit wide. */
/**
* A serialized object (PE image data).
*/
typedef struct RTCRSPCSERIALIZEDOBJECT
{
/** Sequence core. */
/** The UUID of the data object. */
/** Serialized data object. */
/** Indicates the valid pointer in the union. */
/** Union of pointers shadowing SerializedData.pEncapsulated. */
union
{
/** Generic core pointer. */
/** Pointer to decoded data if Uuid is RTCRSPCSERIALIZEDOBJECT_UUID_STR. */
} u;
/** Pointer to a serialized object (PE image data). */
/** Pointer to a const serialized object (PE image data). */
RTASN1TYPE_STANDARD_PROTOTYPES(RTCRSPCSERIALIZEDOBJECT, RTDECL, RTCrSpcSerializedObject, SeqCore.Asn1Core);
/**
* RTCRSPCSTRING choices.
*/
typedef enum RTCRSPCSTRINGCHOICE
{
/** Invalid zero value. */
/** Not present. */
/** UCS-2 string (pUcs2). */
/** ASCII string (pAscii). */
/** End of valid values. */
/** Blow the type up to 32-bit. */
/**
* Stupid microsoft choosy string type.
*/
typedef struct RTCRSPCSTRING
{
/** Dummy core. */
/** Allocation of what the pointer below points to. */
/** Pointer choice.*/
/** Pointer union. */
union
{
/** Tag 0, implicit: UCS-2 (BMP) string. */
/** Tag 1, implicit: ASCII (IA5) string. */
} u;
/** Pointer to a stupid microsoft string choice. */
/** Pointer to a const stupid microsoft string choice. */
/**
* RTCRSPCSTRING choices.
*/
typedef enum RTCRSPCLINKCHOICE
{
/** Invalid zero value. */
/** Not present. */
/** URL (ASCII) string (pUrl). */
/** Serialized object (pMoniker). */
/** Filename (pT2). */
/** End of valid values. */
/** Blow the type up to 32-bit. */
/**
* PE image data link.
*/
typedef struct RTCRSPCLINK
{
/** Dummy core. */
/** Allocation of what the pointer below points to. */
/** Pointer choice.*/
/** Pointer union. */
union
{
/** Tag 0, implicit: An URL encoded as an IA5 STRING. */
/** Tag 1, implicit: A serialized object. */
/** Tag 2, explicit: The default, a file name.
* Documented to be set to "<<<Obsolete>>>" when used. */
struct
{
/** Context tag 2. */
/** The file name string. */
} *pT2;
} u;
} RTCRSPCLINK;
/** Poitner to a PE image data link. */
/** Poitner to a const PE image data link. */
#if 0 /** @todo Might not be the correct bit order. */
/**
* Flag values for RTCRSPCPEIMAGEDATA::Flags and RTCRSPCPEIMAGEDATA::fFlags.
*/
typedef enum RTCRSPCPEIMAGEFLAGS
{
#endif
/**
* Authenticode PE Image data.
*/
typedef struct RTCRSPCPEIMAGEDATA
{
/** Sequence core. */
/** One of the RTCRSPCPEIMAGEFLAGS value, default is
* RTCRSPCPEIMAGEFLAGS_INCLUDE_RESOURCES. Obsolete with v2 page hashes? */
/** Tag 0, explicit: Link to the data. */
struct
{
/** Context tag 0. */
/** Link to the data. */
} T0;
/** Pointer to a authenticode PE image data representation. */
/** Pointer to a const authenticode PE image data representation. */
/** The object ID for SpcPeImageData. */
/**
* Data type selection for RTCRSPCATTRIBUTETYPEANDOPTIONALVALUE.
*/
typedef enum RTCRSPCAAOVTYPE
{
/** Invalid zero entry. */
/** Not present (pro forma). */
/** Unknown object. */
/** PE image data (pPeImage). */
/** End of valid values. */
/** Blow up the type to at least 32-bits. */
/**
* Authenticode attribute type and optional value.
*
* Note! Spec says the value should be explicitly tagged, but in real life
* it isn't. So, not very optional?
*/
typedef struct RTCRSPCATTRIBUTETYPEANDOPTIONALVALUE
{
/** Sequence core. */
/** An object ID indicating the type of the value. */
/** Allocation of the optional data value. */
/** The valid pointer. */
/** The value part depends on the Type. */
union
{
/** RTCRSPCAAOVTYPE_UNKNOWN / Generic. */
/** RTCRSPCAAOVTYPE_PE_IMAGE_DATA / RTCRSPCPEIMAGEDATA_OID. */
} uValue;
/** Pointer to a authentication attribute type and optional value
* representation. */
/** Pointer to a const authentication attribute type and optional value
* representation. */
RTASN1TYPE_STANDARD_PROTOTYPES(RTCRSPCATTRIBUTETYPEANDOPTIONALVALUE, RTDECL, RTCrSpcAttributeTypeAndOptionalValue, SeqCore.Asn1Core);
/**
* Authenticode indirect data content.
*/
typedef struct RTCRSPCINDIRECTDATACONTENT
{
/** Sequence core. */
/** Additional data. */
/** The whole image digest. */
/** Pointer to a authenticode indirect data content representation. */
/** Pointer to a const authenticode indirect data content representation. */
RTASN1TYPE_STANDARD_PROTOTYPES(RTCRSPCINDIRECTDATACONTENT, RTDECL, RTCrSpcIndirectDataContent, SeqCore.Asn1Core);
/** The object ID for SpcIndirectDataContent. */
/**
* Check the sanity of an Authenticode SPCIndirectDataContent object.
*
* @returns IPRT status code
* @param pIndData The Authenticode SPCIndirectDataContent to
* check.
* @param pSignedData The related signed data object.
* @param fFlags RTCRSPCINDIRECTDATACONTENT_SANITY_F_XXX.
* @param pErrInfo Optional error info.
*/
RTDECL(int) RTCrSpcIndirectDataContent_CheckSanityEx(PCRTCRSPCINDIRECTDATACONTENT pIndData, PCRTCRPKCS7SIGNEDDATA pSignedData,
/** @name RTCRSPCINDIRECTDATACONTENT_SANITY_F_XXX for RTCrSpcIndirectDataContent_CheckSanityEx.
* @{ */
/** The digest hash algorithm must be known to IPRT. */
/** PE image signing, check expectations of the spec. */
/** @} */
/**
* Gets the first SPC serialized object attribute in a SPC PE image.
*
* @returns Pointer to the attribute with the given type, NULL if not found.
* @param pThis The Authenticode SpcIndirectDataContent.
*/
/** @} */
#endif