pkcs7-verify.cpp revision 8cba79d647bd84eb8b7d9eb39ac77cc85ae247c5
94872a0e88ab4f38c786fcf617ddeb4b63a76957vboxsync * IPRT - Crypto - PKCS \#7, Verification
b0cec57d51e48736a3303366c728c3f025e8e81bvboxsync * Copyright (C) 2006-2014 Oracle Corporation
94872a0e88ab4f38c786fcf617ddeb4b63a76957vboxsync * This file is part of VirtualBox Open Source Edition (OSE), as
94872a0e88ab4f38c786fcf617ddeb4b63a76957vboxsync * available from http://www.virtualbox.org. This file is free software;
94872a0e88ab4f38c786fcf617ddeb4b63a76957vboxsync * you can redistribute it and/or modify it under the terms of the GNU
94872a0e88ab4f38c786fcf617ddeb4b63a76957vboxsync * General Public License (GPL) as published by the Free Software
94872a0e88ab4f38c786fcf617ddeb4b63a76957vboxsync * Foundation, in version 2 as it comes in the "COPYING" file of the
94872a0e88ab4f38c786fcf617ddeb4b63a76957vboxsync * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
94872a0e88ab4f38c786fcf617ddeb4b63a76957vboxsync * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
78a072e1b56619e3230735ae073668311232ec94vboxsync * The contents of this file may alternatively be used under the terms
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync * of the Common Development and Distribution License Version 1.0
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync * VirtualBox OSE distribution, in which case the provisions of the
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync * CDDL are applicable instead of those of the GPL.
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync * You may elect to license modified versions of this file under the
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync * terms and conditions of either the GPL or the CDDL or both.
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync/*******************************************************************************
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync* Header Files *
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync*******************************************************************************/
d0318084c32279bf313f47358242cd61ada858d6vboxsyncstatic int rtCrPkcs7VerifySignedDataUsingOpenSsl(PCRTCRPKCS7CONTENTINFO pContentInfo, uint32_t fFlags,
94c538a65fbdfa1ea06f4fe0a65599c1ab0fed58vboxsync RTCRSTORE hAdditionalCerts, RTCRSTORE hTrustedCerts,
d5d45608052fd506e4114bf112df6efae7fcd8a7vboxsync void const *pvContent, uint32_t cbContent, PRTERRINFO pErrInfo)
78a072e1b56619e3230735ae073668311232ec94vboxsync * Verify using OpenSSL.
78a072e1b56619e3230735ae073668311232ec94vboxsync unsigned char const *pbRawContent = RTASN1CORE_GET_RAW_ASN1_PTR(&pContentInfo->SeqCore.Asn1Core);
78a072e1b56619e3230735ae073668311232ec94vboxsync if (d2i_PKCS7(&pOsslPkcs7, &pbRawContent, RTASN1CORE_GET_RAW_ASN1_SIZE(&pContentInfo->SeqCore.Asn1Core)) == pOsslPkcs7)
78a072e1b56619e3230735ae073668311232ec94vboxsync rcOssl = RTCrStoreConvertToOpenSslCertStack(hAdditionalCerts, 0, (void **)&pAddCerts);
78a072e1b56619e3230735ae073668311232ec94vboxsync rcOssl = RT_LIKELY(pAddCerts != NULL) ? VINF_SUCCESS : VERR_NO_MEMORY;
78a072e1b56619e3230735ae073668311232ec94vboxsync for (uint32_t i = 0; i < pContentInfo->u.pSignedData->Certificates.cItems; i++)
2d86fd6bcfe35a4bb83bb8a4fe68090693cdce95vboxsync rtCrOpenSslAddX509CertToStack(pAddCerts, &pContentInfo->u.pSignedData->Certificates.paItems[i]);
2d86fd6bcfe35a4bb83bb8a4fe68090693cdce95vboxsync rcOssl = RTCrStoreConvertToOpenSslCertStore(hTrustedCerts, 0, (void **)&pTrustedCerts);
78a072e1b56619e3230735ae073668311232ec94vboxsync BIO *pBioContent = BIO_new_mem_buf((void *)pvContent, cbContent);
78a072e1b56619e3230735ae073668311232ec94vboxsync if (PKCS7_verify(pOsslPkcs7, pAddCerts, pTrustedCerts, pBioContent, NULL /*out*/, fOsslFlags))
78a072e1b56619e3230735ae073668311232ec94vboxsync rcOssl = RTErrInfoSet(pErrInfo, VERR_CR_PKCS7_OSSL_VERIFY_FAILED, "PKCS7_verify failed: ");
78a072e1b56619e3230735ae073668311232ec94vboxsync ERR_print_errors_cb(rtCrOpenSslErrInfoCallback, pErrInfo);
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync rcOssl = RTErrInfoSet(pErrInfo, rcOssl, "RTCrStoreConvertToOpenSslCertStack failed");
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync rcOssl = RTErrInfoSet(pErrInfo, rcOssl, "RTCrStoreConvertToOpenSslCertStack failed");
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync rcOssl = RTErrInfoSet(pErrInfo, VERR_CR_PKCS7_OSSL_D2I_FAILED, "d2i_PKCS7 failed");
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync#endif /* IPRT_WITH_OPENSSL */
67927207a2d6bb545eb655ef14cdb090b1957120vboxsyncstatic int rtCrPkcs7VerifyCertUsageTimstamping(PCRTCRX509CERTIFICATE pCert, PRTERRINFO pErrInfo)
c3d2b15ad840b405062f4c2c6b127d6fc107c7b2vboxsync if (!(pCert->TbsCertificate.T3.fFlags & RTCRX509TBSCERTIFICATE_F_PRESENT_EXT_KEY_USAGE))
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_KEY_USAGE_MISMATCH, "No extended key usage certificate attribute.");
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync if (!(pCert->TbsCertificate.T3.fExtKeyUsage & (RTCRX509CERT_EKU_F_TIMESTAMPING | RTCRX509CERT_EKU_F_MS_TIMESTAMP_SIGNING)))
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_KEY_USAGE_MISMATCH, "fExtKeyUsage=%#x, missing %#x (time stamping)",
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync RTCRX509CERT_EKU_F_TIMESTAMPING | RTCRX509CERT_EKU_F_MS_TIMESTAMP_SIGNING);
67927207a2d6bb545eb655ef14cdb090b1957120vboxsyncstatic int rtCrPkcs7VerifyCertUsageDigitalSignature(PCRTCRX509CERTIFICATE pCert, PRTERRINFO pErrInfo)
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync if ( (pCert->TbsCertificate.T3.fFlags & RTCRX509TBSCERTIFICATE_F_PRESENT_KEY_USAGE)
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync && !(pCert->TbsCertificate.T3.fKeyUsage & RTCRX509CERT_KEY_USAGE_F_DIGITAL_SIGNATURE))
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_KEY_USAGE_MISMATCH, "fKeyUsage=%#x, missing %#x",
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync pCert->TbsCertificate.T3.fKeyUsage, RTCRX509CERT_KEY_USAGE_F_DIGITAL_SIGNATURE);
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsync * @callback_method_impl{RTCRPKCS7VERIFYCERTCALLBACK,
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsync * Default implementation that checks for the DigitalSignature KeyUsage bit.}
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsyncRTDECL(int) RTCrPkcs7VerifyCertCallbackDefault(PCRTCRX509CERTIFICATE pCert, RTCRX509CERTPATHS hCertPaths, uint32_t fFlags,
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsync rc = rtCrPkcs7VerifyCertUsageDigitalSignature(pCert, pErrInfo);
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsync rc = rtCrPkcs7VerifyCertUsageTimstamping(pCert, pErrInfo);
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsync * @callback_method_impl{RTCRPKCS7VERIFYCERTCALLBACK,
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsync * Standard code signing. Use this for Microsoft SPC.}
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsyncRTDECL(int) RTCrPkcs7VerifyCertCallbackCodeSigning(PCRTCRX509CERTIFICATE pCert, RTCRX509CERTPATHS hCertPaths, uint32_t fFlags,
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsync * If KeyUsage is present it must include digital signature.
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsync rc = rtCrPkcs7VerifyCertUsageDigitalSignature(pCert, pErrInfo);
6804e4c1c12ab612ad6257a4922309c476c204e5vboxsync * The extended usage 'code signing' must be present.
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync if (!(pCert->TbsCertificate.T3.fFlags & RTCRX509TBSCERTIFICATE_F_PRESENT_EXT_KEY_USAGE))
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_KEY_USAGE_MISMATCH, "No extended key usage certificate attribute.");
78a072e1b56619e3230735ae073668311232ec94vboxsync if (!(pCert->TbsCertificate.T3.fExtKeyUsage & RTCRX509CERT_EKU_F_CODE_SIGNING))
78a072e1b56619e3230735ae073668311232ec94vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_KEY_USAGE_MISMATCH, "fExtKeyUsage=%#x, missing %#x",
78a072e1b56619e3230735ae073668311232ec94vboxsync pCert->TbsCertificate.T3.fExtKeyUsage, RTCRX509CERT_EKU_F_CODE_SIGNING);
78a072e1b56619e3230735ae073668311232ec94vboxsync * Timestamping too?
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = rtCrPkcs7VerifyCertUsageTimstamping(pCert, pErrInfo);
78a072e1b56619e3230735ae073668311232ec94vboxsync * Deals with authenticated attributes.
78a072e1b56619e3230735ae073668311232ec94vboxsync * When authenticated attributes are present (checked by caller) we must:
78a072e1b56619e3230735ae073668311232ec94vboxsync * - fish out the content type and check it against the content inof,
78a072e1b56619e3230735ae073668311232ec94vboxsync * - fish out the message digest among and check it against *phDigest,
78a072e1b56619e3230735ae073668311232ec94vboxsync * - compute the message digest of the authenticated attributes and
78a072e1b56619e3230735ae073668311232ec94vboxsync * replace *phDigest with this for the signature verification.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @returns IPRT status code.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pSignerInfo The signer info being verified.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pSignedData The signed data.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param phDigest On input this is the digest of the content. On
78a072e1b56619e3230735ae073668311232ec94vboxsync * output it will (on success) be a reference to
78a072e1b56619e3230735ae073668311232ec94vboxsync * the message digest of the authenticated
78a072e1b56619e3230735ae073668311232ec94vboxsync * attributes. The input reference is consumed.
78a072e1b56619e3230735ae073668311232ec94vboxsync * The caller shall release the output reference.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param fFlags Flags.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pErrInfo Extended error info, optional.
78a072e1b56619e3230735ae073668311232ec94vboxsyncstatic int rtCrPkcs7VerifySignerInfoAuthAttribs(PCRTCRPKCS7SIGNERINFO pSignerInfo, PCRTCRPKCS7SIGNEDDATA pSignedData,
78a072e1b56619e3230735ae073668311232ec94vboxsync PRTCRDIGEST phDigest, uint32_t fFlags, PRTERRINFO pErrInfo)
1637773d6c473e4ab75812805ef00226f3a397c0vboxsync * Scan the attributes and validate the two required attributes
1637773d6c473e4ab75812805ef00226f3a397c0vboxsync * (RFC-2315, chapter 9.2, fourth bullet). Checking that we've got exactly
1637773d6c473e4ab75812805ef00226f3a397c0vboxsync * one of each of them is checked by the santiy checker function, so we'll
78a072e1b56619e3230735ae073668311232ec94vboxsync * just assert that it did it's job here.
78a072e1b56619e3230735ae073668311232ec94vboxsync uint32_t i = pSignerInfo->AuthenticatedAttributes.cItems;
78a072e1b56619e3230735ae073668311232ec94vboxsync while (i-- > 0)
78a072e1b56619e3230735ae073668311232ec94vboxsync PCRTCRPKCS7ATTRIBUTE pAttrib = &pSignerInfo->AuthenticatedAttributes.paItems[i];
c3d2b15ad840b405062f4c2c6b127d6fc107c7b2vboxsync if (RTAsn1ObjId_CompareWithString(&pAttrib->Type, RTCR_PKCS9_ID_CONTENT_TYPE_OID) == 0)
78a072e1b56619e3230735ae073668311232ec94vboxsync AssertReturn(!cContentTypes, VERR_CR_PKCS7_INTERNAL_ERROR);
78a072e1b56619e3230735ae073668311232ec94vboxsync AssertReturn(pAttrib->enmType == RTCRPKCS7ATTRIBUTETYPE_OBJ_IDS, VERR_CR_PKCS7_INTERNAL_ERROR);
78a072e1b56619e3230735ae073668311232ec94vboxsync AssertReturn(pAttrib->uValues.pObjIds->cItems == 1, VERR_CR_PKCS7_INTERNAL_ERROR);
78a072e1b56619e3230735ae073668311232ec94vboxsync if ( !(fFlags & RTCRPKCS7VERIFY_SD_F_COUNTER_SIGNATURE) /* See note about microsoft below. */
78a072e1b56619e3230735ae073668311232ec94vboxsync && RTAsn1ObjId_Compare(&pAttrib->uValues.pObjIds->paItems[0], &pSignedData->ContentInfo.ContentType) != 0)
78a072e1b56619e3230735ae073668311232ec94vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_CONTENT_TYPE_ATTRIB_MISMATCH,
78a072e1b56619e3230735ae073668311232ec94vboxsync "Expected content-type %s, found %s",
78a072e1b56619e3230735ae073668311232ec94vboxsync &pAttrib->uValues.pObjIds->paItems[0], pSignedData->ContentInfo.ContentType.szObjId);
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync else if (RTAsn1ObjId_CompareWithString(&pAttrib->Type, RTCR_PKCS9_ID_MESSAGE_DIGEST_OID) == 0)
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync AssertReturn(!cMessageDigests, VERR_CR_PKCS7_INTERNAL_ERROR);
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync AssertReturn(pAttrib->enmType == RTCRPKCS7ATTRIBUTETYPE_OCTET_STRINGS, VERR_CR_PKCS7_INTERNAL_ERROR);
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync AssertReturn(pAttrib->uValues.pOctetStrings->cItems == 1, VERR_CR_PKCS7_INTERNAL_ERROR);
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync pAttrib->uValues.pOctetStrings->paItems[0].Asn1Core.uData.pv,
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync pAttrib->uValues.pOctetStrings->paItems[0].Asn1Core.cb))
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync if (cbHash != pAttrib->uValues.pOctetStrings->paItems[0].Asn1Core.cb)
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_MESSAGE_DIGEST_ATTRIB_MISMATCH,
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync "Authenticated message-digest attribute mismatch: cbHash=%#zx cbValue=%#x",
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync cbHash, pAttrib->uValues.pOctetStrings->paItems[0].Asn1Core.cb);
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_MESSAGE_DIGEST_ATTRIB_MISMATCH,
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync "Authenticated message-digest attribute mismatch (cbHash=%#zx):\n"
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync "signed: %.*Rhxs\n"
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync "our: %.*Rhxs\n",
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync cbHash, pAttrib->uValues.pOctetStrings->paItems[0].Asn1Core.uData.pv,
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync * Full error reporting here as we don't currently extensively santiy check
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync * counter signatures.
78a072e1b56619e3230735ae073668311232ec94vboxsync * Note! Microsoft includes content info in their timestamp counter signatures,
78a072e1b56619e3230735ae073668311232ec94vboxsync * at least for vista, despite the RFC-3852 stating counter signatures
78a072e1b56619e3230735ae073668311232ec94vboxsync * "MUST NOT contain a content-type".
78a072e1b56619e3230735ae073668311232ec94vboxsync && !(fFlags & RTCRPKCS7VERIFY_SD_F_COUNTER_SIGNATURE)))
78a072e1b56619e3230735ae073668311232ec94vboxsync return RTErrInfoSet(pErrInfo, VERR_CR_PKCS7_MISSING_CONTENT_TYPE_ATTRIB,
78a072e1b56619e3230735ae073668311232ec94vboxsync "Missing authenticated content-type attribute.");
78a072e1b56619e3230735ae073668311232ec94vboxsync return RTErrInfoSet(pErrInfo, VERR_CR_PKCS7_MISSING_MESSAGE_DIGEST_ATTRIB,
78a072e1b56619e3230735ae073668311232ec94vboxsync "Missing authenticated message-digest attribute.");
78a072e1b56619e3230735ae073668311232ec94vboxsync * Calculate the digest of the the authenticated attributes for use in the
78a072e1b56619e3230735ae073668311232ec94vboxsync * signature validation.
78a072e1b56619e3230735ae073668311232ec94vboxsync if ( pSignerInfo->DigestAlgorithm.Parameters.enmType != RTASN1TYPE_NULL
78a072e1b56619e3230735ae073668311232ec94vboxsync && pSignerInfo->DigestAlgorithm.Parameters.enmType != RTASN1TYPE_NOT_PRESENT)
78a072e1b56619e3230735ae073668311232ec94vboxsync return RTErrInfoSet(pErrInfo, VERR_CR_PKCS7_DIGEST_PARAMS_NOT_IMPL, "Digest algorithm has unsupported parameters");
f001a45ec92f71f1e4c1015485fc1ddf84e8059cvboxsync int rc = RTCrDigestCreateByObjId(&hDigest, &pSignerInfo->DigestAlgorithm.Algorithm);
78a072e1b56619e3230735ae073668311232ec94vboxsync /* ASSUMES that the attributes are encoded according to DER. */
f001a45ec92f71f1e4c1015485fc1ddf84e8059cvboxsync uint8_t const *pbData = (uint8_t const *)RTASN1CORE_GET_RAW_ASN1_PTR(&pSignerInfo->AuthenticatedAttributes.SetCore.Asn1Core);
78a072e1b56619e3230735ae073668311232ec94vboxsync uint32_t cbData = RTASN1CORE_GET_RAW_ASN1_SIZE(&pSignerInfo->AuthenticatedAttributes.SetCore.Asn1Core);
78a072e1b56619e3230735ae073668311232ec94vboxsync uint8_t bSetOfTag = ASN1_TAG_SET | ASN1_TAGCLASS_UNIVERSAL | ASN1_TAGFLAG_CONSTRUCTED;
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTCrDigestUpdate(hDigest, &bSetOfTag, sizeof(bSetOfTag)); /* Replace the implict tag with a SET-OF tag. */
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTCrDigestUpdate(hDigest, pbData + sizeof(bSetOfTag), cbData - sizeof(bSetOfTag)); /* Skip the implicit tag. */
78a072e1b56619e3230735ae073668311232ec94vboxsync * Find the handle to the digest given by the specified SignerInfo.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @returns IPRT status code
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param phDigest Where to return a referenced digest handle on
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pSignedData The signed data structure.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pSignerInfo The signer info.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pahDigests Array of content digests that runs parallel to
78a072e1b56619e3230735ae073668311232ec94vboxsync * pSignedData->DigestAlgorithms.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pErrInfo Where to store additional error details,
78a072e1b56619e3230735ae073668311232ec94vboxsync * optional.
78a072e1b56619e3230735ae073668311232ec94vboxsyncstatic int rtCrPkcs7VerifyFindDigest(PRTCRDIGEST phDigest, PCRTCRPKCS7SIGNEDDATA pSignedData,
78a072e1b56619e3230735ae073668311232ec94vboxsync PCRTCRPKCS7SIGNERINFO pSignerInfo, PRTCRDIGEST pahDigests, PRTERRINFO pErrInfo)
78a072e1b56619e3230735ae073668311232ec94vboxsync uint32_t iDigest = pSignedData->DigestAlgorithms.cItems;
78a072e1b56619e3230735ae073668311232ec94vboxsync while (iDigest-- > 0)
78a072e1b56619e3230735ae073668311232ec94vboxsync if (RTCrX509AlgorithmIdentifier_Compare(&pSignedData->DigestAlgorithms.paItems[iDigest],
78a072e1b56619e3230735ae073668311232ec94vboxsync AssertReturn(cRefs != UINT32_MAX, VERR_CR_PKCS7_INTERNAL_ERROR);
78a072e1b56619e3230735ae073668311232ec94vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_DIGEST_ALGO_NOT_FOUND_IN_LIST,
78a072e1b56619e3230735ae073668311232ec94vboxsync "SignerInfo.DigestAlgorithm %s not found.",
78a072e1b56619e3230735ae073668311232ec94vboxsync * Verifies one signature on a PKCS \#7 SignedData.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @returns IPRT status code.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pSignerInfo The signature.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pSignedData The SignedData.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param hDigests The digest corresponding to
78a072e1b56619e3230735ae073668311232ec94vboxsync * pSignerInfo->DigestAlgorithm.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param fFlags Verficiation flags.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param hAdditionalCerts Store containing optional certificates,
78a072e1b56619e3230735ae073668311232ec94vboxsync * optional.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param hTrustedCerts Store containing trusted certificates, required.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pValidationTime The time we're supposed to validate the
78a072e1b56619e3230735ae073668311232ec94vboxsync * certificates chains at.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pfnVerifyCert Signing certificate verification callback.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param fVccFlags Signing certificate verification callback flags.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pvUser Callback parameter.
78a072e1b56619e3230735ae073668311232ec94vboxsync * @param pErrInfo Where to store additional error details,
78a072e1b56619e3230735ae073668311232ec94vboxsync * optional.
78a072e1b56619e3230735ae073668311232ec94vboxsyncstatic int rtCrPkcs7VerifySignerInfo(PCRTCRPKCS7SIGNERINFO pSignerInfo, PCRTCRPKCS7SIGNEDDATA pSignedData,
78a072e1b56619e3230735ae073668311232ec94vboxsync RTCRDIGEST hDigest, uint32_t fFlags, RTCRSTORE hAdditionalCerts, RTCRSTORE hTrustedCerts,
78a072e1b56619e3230735ae073668311232ec94vboxsync PCRTTIMESPEC pValidationTime, PFNRTCRPKCS7VERIFYCERTCALLBACK pfnVerifyCert,
78a072e1b56619e3230735ae073668311232ec94vboxsync uint32_t fVccFlags, void *pvUser, PRTERRINFO pErrInfo)
78a072e1b56619e3230735ae073668311232ec94vboxsync * Locate the certificate used for signing.
78a072e1b56619e3230735ae073668311232ec94vboxsync pSignerCertCtx = RTCrStoreCertByIssuerAndSerialNo(hSignerCertSrc, &pSignerInfo->IssuerAndSerialNumber.Name,
78a072e1b56619e3230735ae073668311232ec94vboxsync pSignerCertCtx = RTCrStoreCertByIssuerAndSerialNo(hSignerCertSrc, &pSignerInfo->IssuerAndSerialNumber.Name,
78a072e1b56619e3230735ae073668311232ec94vboxsync pSignerCert = RTCrX509Certificates_FindByIssuerAndSerialNumber(&pSignedData->Certificates,
78a072e1b56619e3230735ae073668311232ec94vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_SIGNED_DATA_CERT_NOT_FOUND,
78a072e1b56619e3230735ae073668311232ec94vboxsync "Certificate not found: serial=%.*Rhxs",
b0cec57d51e48736a3303366c728c3f025e8e81bvboxsync pSignerInfo->IssuerAndSerialNumber.SerialNumber.Asn1Core.cb,
78a072e1b56619e3230735ae073668311232ec94vboxsync pSignerInfo->IssuerAndSerialNumber.SerialNumber.Asn1Core.uData.pv);
78a072e1b56619e3230735ae073668311232ec94vboxsync * If not a trusted certificate, we'll have to build certificate paths
78a072e1b56619e3230735ae073668311232ec94vboxsync * and verify them. If no valid paths are found, this step will fail.
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTCrX509CertPathsCreate(&hCertPaths, pSignerCert);
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTCrX509CertPathsSetValidTimeSpec(hCertPaths, pValidationTime);
78a072e1b56619e3230735ae073668311232ec94vboxsync if (hTrustedCerts != NIL_RTCRSTORE && RT_SUCCESS(rc))
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTCrX509CertPathsSetTrustedStore(hCertPaths, hTrustedCerts);
78a072e1b56619e3230735ae073668311232ec94vboxsync if (hAdditionalCerts != NIL_RTCRSTORE && RT_SUCCESS(rc))
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTCrX509CertPathsSetUntrustedStore(hCertPaths, hAdditionalCerts);
78a072e1b56619e3230735ae073668311232ec94vboxsync if (pSignedData->Certificates.cItems > 0 && RT_SUCCESS(rc))
b0cec57d51e48736a3303366c728c3f025e8e81bvboxsync rc = RTCrX509CertPathsSetUntrustedArray(hCertPaths,
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTCrX509CertPathsValidateAll(hCertPaths, NULL, pErrInfo);
78a072e1b56619e3230735ae073668311232ec94vboxsync * Check that the certificate purpose and whatnot matches what
78a072e1b56619e3230735ae073668311232ec94vboxsync * is being signed.
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = pfnVerifyCert(pSignerCert, hCertPaths, fVccFlags, pvUser, pErrInfo);
78a072e1b56619e3230735ae073668311232ec94vboxsync RTErrInfoSetF(pErrInfo, rc, "Error configuring path builder: %Rrc", rc);
78a072e1b56619e3230735ae073668311232ec94vboxsync * Check that the certificate purpose matches what is signed.
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = pfnVerifyCert(pSignerCert, NIL_RTCRX509CERTPATHS, fVccFlags, pvUser, pErrInfo);
78a072e1b56619e3230735ae073668311232ec94vboxsync * Reference the digest so we can safely replace with one on the
78a072e1b56619e3230735ae073668311232ec94vboxsync * authenticated attributes below.
78a072e1b56619e3230735ae073668311232ec94vboxsync * If there are authenticated attributes, we've got more work before we
78a072e1b56619e3230735ae073668311232ec94vboxsync * can verify the signature.
78a072e1b56619e3230735ae073668311232ec94vboxsync && RTCrPkcs7Attributes_IsPresent(&pSignerInfo->AuthenticatedAttributes))
b0cec57d51e48736a3303366c728c3f025e8e81bvboxsync rc = rtCrPkcs7VerifySignerInfoAuthAttribs(pSignerInfo, pSignedData, &hDigest, fFlags, pErrInfo);
78a072e1b56619e3230735ae073668311232ec94vboxsync * Verify the signature.
78a072e1b56619e3230735ae073668311232ec94vboxsync &pSignerCert->TbsCertificate.SubjectPublicKeyInfo.Algorithm.Algorithm,
78a072e1b56619e3230735ae073668311232ec94vboxsync false /*fSigning*/,
78a072e1b56619e3230735ae073668311232ec94vboxsync &pSignerCert->TbsCertificate.SubjectPublicKeyInfo.SubjectPublicKey,
78a072e1b56619e3230735ae073668311232ec94vboxsync &pSignerInfo->DigestEncryptionAlgorithm.Parameters);
78a072e1b56619e3230735ae073668311232ec94vboxsync /** @todo Check that DigestEncryptionAlgorithm is compatible with hSignature
78a072e1b56619e3230735ae073668311232ec94vboxsync * (this is not vital). */
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTCrPkixSignatureVerifyOctetString(hSignature, hDigest, &pSignerInfo->EncryptedDigest);
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_SIGNATURE_VERIFICATION_FAILED,
78a072e1b56619e3230735ae073668311232ec94vboxsync rc = RTErrInfoSetF(pErrInfo, rc, "Failure to instantiate public key algorithm [IPRT]: %s (%s)",
78a072e1b56619e3230735ae073668311232ec94vboxsync pSignerCert->TbsCertificate.SubjectPublicKeyInfo.Algorithm.Algorithm.szObjId,
78a072e1b56619e3230735ae073668311232ec94vboxsync pSignerInfo->DigestEncryptionAlgorithm.Algorithm.szObjId);
67927207a2d6bb545eb655ef14cdb090b1957120vboxsync * Verifies a counter signature.
e3197fda68ad1e45cc3004f5b58a326a5270aa8fvboxsync * @returns IPRT status code.
e3197fda68ad1e45cc3004f5b58a326a5270aa8fvboxsync * @param pCounterSignerInfo The counter signature.
e3197fda68ad1e45cc3004f5b58a326a5270aa8fvboxsync * @param pPrimarySignerInfo The primary signature (can be a counter
b0cec57d51e48736a3303366c728c3f025e8e81bvboxsync * signature too if nested).
e3197fda68ad1e45cc3004f5b58a326a5270aa8fvboxsync * @param pSignedData The SignedData.
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * @param fFlags Verficiation flags.
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * @param hAdditionalCerts Store containing optional certificates,
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * optional.
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * @param hTrustedCerts Store containing trusted certificates, required.
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * @param pValidationTime The time we're supposed to validate the
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * certificates chains at.
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * @param pfnVerifyCert Signing certificate verification callback.
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * @param fVccFlags Signing certificate verification callback flags.
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * @param pvUser Callback parameter.
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * @param pErrInfo Where to store additional error details,
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync * optional.
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsyncstatic int rtCrPkcs7VerifyCounterSignerInfo(PCRTCRPKCS7SIGNERINFO pCounterSignerInfo, PCRTCRPKCS7SIGNERINFO pPrimarySignerInfo,
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync PCRTCRPKCS7SIGNEDDATA pSignedData, uint32_t fFlags,
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync RTCRSTORE hAdditionalCerts, RTCRSTORE hTrustedCerts, PCRTTIMESPEC pValidationTime,
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync PFNRTCRPKCS7VERIFYCERTCALLBACK pfnVerifyCert, uint32_t fVccFlags,
60a6d709c252770b3830c85deac9c493625e3f52vboxsync * Calculate the digest we need to verify.
60a6d709c252770b3830c85deac9c493625e3f52vboxsync int rc = RTCrDigestCreateByObjId(&hDigest, &pCounterSignerInfo->DigestAlgorithm.Algorithm);
f06e830c9fdbc3d9e89867d4429404c5446bc513vboxsync pPrimarySignerInfo->EncryptedDigest.Asn1Core.uData.pv,
3f6d4775faa373634b2f3fc2a90fc517733f6fd6vboxsync * Pass it on to the common SignerInfo verifier function.
40fa6228bd9ab763bc67b51fe6290802e954eb8cvboxsync rc = rtCrPkcs7VerifySignerInfo(pCounterSignerInfo, pSignedData, hDigest,
40fa6228bd9ab763bc67b51fe6290802e954eb8cvboxsync rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_DIGEST_CALC_ERROR,
40fa6228bd9ab763bc67b51fe6290802e954eb8cvboxsync "Hashing for counter signature failed unexpectedly: %Rrc", rc);
40fa6228bd9ab763bc67b51fe6290802e954eb8cvboxsync rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_DIGEST_CREATE_ERROR, "Error creating digest for '%s': %Rrc",
40fa6228bd9ab763bc67b51fe6290802e954eb8cvboxsync pCounterSignerInfo->DigestAlgorithm.Algorithm.szObjId, rc);
40fa6228bd9ab763bc67b51fe6290802e954eb8cvboxsyncRTDECL(int) RTCrPkcs7VerifySignedData(PCRTCRPKCS7CONTENTINFO pContentInfo, uint32_t fFlags,
40fa6228bd9ab763bc67b51fe6290802e954eb8cvboxsync RTCRSTORE hAdditionalCerts, RTCRSTORE hTrustedCerts,
40fa6228bd9ab763bc67b51fe6290802e954eb8cvboxsync PCRTTIMESPEC pValidationTime, PFNRTCRPKCS7VERIFYCERTCALLBACK pfnVerifyCert, void *pvUser,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync * Check the input.
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync AssertPtrReturn(pfnVerifyCert, VERR_INVALID_POINTER);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync pfnVerifyCert = RTCrPkcs7VerifyCertCallbackDefault;
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync if (!RTCrPkcs7ContentInfo_IsSignedData(pContentInfo))
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync return RTErrInfoSet(pErrInfo, VERR_CR_PKCS7_NOT_SIGNED_DATA, "Not PKCS #7 SignedData.");
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync PCRTCRPKCS7SIGNEDDATA pSignedData = pContentInfo->u.pSignedData;
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync int rc = RTCrPkcs7SignedData_CheckSanity(pSignedData, 0, pErrInfo, "");
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync AssertReturn(!(fFlags & RTCRPKCS7VERIFY_SD_F_COUNTER_SIGNATURE), VERR_INVALID_FLAGS);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync * Hash the content info.
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync /* Exactly what the content is, for some stupid reason unnecessarily
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync complicated. Figure it out here as we'll need it for the OpenSSL code
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync path as well. */
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync void const *pvContent = pSignedData->ContentInfo.Content.Asn1Core.uData.pv;
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync uint32_t cbContent = pSignedData->ContentInfo.Content.Asn1Core.cb;
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync if (pSignedData->ContentInfo.Content.pEncapsulated)
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync pvContent = pSignedData->ContentInfo.Content.pEncapsulated->uData.pv;
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync cbContent = pSignedData->ContentInfo.Content.pEncapsulated->cb;
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync /* Check that there aren't too many or too few hash algorithms for our
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync implementation and purposes. */
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync uint32_t const cDigests = pSignedData->DigestAlgorithms.cItems;
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync if (!cDigests) /** @todo we might have to support this... */
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_NO_DIGEST_ALGORITHMS, "No digest algorithms");
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync return RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_TOO_MANY_DIGEST_ALGORITHMS,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync "Too many digest algorithm: cAlgorithms=%u", cDigests);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync /* Create the message digest calculators. */
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync for (i = 0; i < cDigests; i++)
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = RTCrDigestCreateByObjId(&ahDigests[i], &pSignedData->DigestAlgorithms.paItems[i].Algorithm);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_DIGEST_CREATE_ERROR, "Error creating digest for '%s': %Rrc",
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync pSignedData->DigestAlgorithms.paItems[i].Algorithm.szObjId, rc);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync /* Hash the content. */
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = RTCrDigestUpdate(ahDigests[i], pvContent, cbContent);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync * Validate the signed infos.
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync for (i = 0; i < pSignedData->SignerInfos.cItems; i++)
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync PCRTCRPKCS7SIGNERINFO pSignerInfo = &pSignedData->SignerInfos.paItems[i];
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = rtCrPkcs7VerifyFindDigest(&hThisDigest, pSignedData, pSignerInfo, ahDigests, pErrInfo);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync * See if we can find a trusted signing time.
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync bool fDone = false;
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync && (pSignedTime = RTCrPkcs7SignerInfo_GetSigningTime(pSignerInfo, &pSigningTimeSigner)) != NULL)
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync if (RT_LIKELY(RTTimeImplode(&ThisValidationTime, &pSignedTime->Time)))
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync if (fFlags & RTCRPKCS7VERIFY_SD_F_COUNTER_SIGNATURE_SIGNING_TIME_ONLY)
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = rtCrPkcs7VerifySignerInfo(pSignerInfo, pSignedData, hThisDigest, fFlags,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync hAdditionalCerts, hTrustedCerts, &ThisValidationTime,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync pfnVerifyCert, RTCRPKCS7VCC_F_SIGNED_DATA | RTCRPKCS7VCC_F_TIMESTAMP,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync if (!(fFlags & RTCRPKCS7VERIFY_SD_F_USE_SIGNING_TIME_UNVERIFIED))
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = rtCrPkcs7VerifyCounterSignerInfo(pSigningTimeSigner, pSignerInfo, pSignedData, fFlags,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync hAdditionalCerts, hTrustedCerts, &ThisValidationTime,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync pfnVerifyCert, RTCRPKCS7VCC_F_TIMESTAMP, pvUser, pErrInfo);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = rtCrPkcs7VerifySignerInfo(pSignerInfo, pSignedData, hThisDigest, fFlags, hAdditionalCerts,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync pfnVerifyCert, RTCRPKCS7VCC_F_SIGNED_DATA, pvUser, pErrInfo);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync || (fFlags & RTCRPKCS7VERIFY_SD_F_ALWAYS_USE_SIGNING_TIME_IF_PRESENT);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = RTErrInfoSet(pErrInfo, VERR_INTERNAL_ERROR_3, "RTTimeImplode failed");
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync * No valid signing time found, use the one specified instead.
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = rtCrPkcs7VerifySignerInfo(pSignerInfo, pSignedData, hThisDigest, fFlags, hAdditionalCerts, hTrustedCerts,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync pValidationTime, pfnVerifyCert, RTCRPKCS7VCC_F_SIGNED_DATA, pvUser, pErrInfo);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_DIGEST_CALC_ERROR,
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync "Hashing content failed unexpectedly (i=%u): %Rrc", i, rc);
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync /* Clean up digests. */
22ecc39cb2e9aeb958d702b60fd677e8df0cdc70vboxsync while (i-- > 0)
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync * Verify using OpenSSL and combine the results (should be identical).
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync int rcOssl = rtCrPkcs7VerifySignedDataUsingOpenSsl(pContentInfo, fFlags, hAdditionalCerts, hTrustedCerts,
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync pvContent, cbContent, RT_SUCCESS(rc) ? pErrInfo : NULL);
5142b6456c5cec38e0ee291e235201d4ac73f10bvboxsync// AssertMsg(RT_FAILURE_NP(rcOssl) && RT_FAILURE_NP(rc), ("%Rrc, %Rrc\n", rcOssl, rc));