X509Parser.cpp 6.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151
  1. /*
  2. * Copyright (C) 2011-2017 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. #include "X509Parser.h"
  32. #include <cstddef>
  33. #include "X509_Parser/X509_Interface.h"
  34. #include <string.h>
  35. #include <stdlib.h>
  36. #include "byte_order.h"
  37. #include "le2be_macros.h"
  38. #ifdef DUMP_OCTETS
  39. void OutputOctets(const char* pMsg, const void* pData, size_t nData);
  40. #endif
  41. const int certWorkBufferLength = 8196;
  42. X509Parser::~X509Parser(void)
  43. {
  44. }
  45. UINT32 X509Parser::ParseGroupCertificate
  46. (
  47. /*in */ const EcDsaPubKey* pSerializedPublicKey,
  48. /*in */ const X509_GROUP_CERTIFICATE_VLR* pGroupCertVlr,
  49. /*out*/ UINT32* pGID,
  50. /*out*/ Epid11GroupPubKey* pGroupPubKey
  51. )
  52. {
  53. STATUS status = X509_GENERAL_ERROR;
  54. SessMgrCertificateFields* certificateFields = NULL;
  55. UINT8* certWorkBuffer = NULL;
  56. CertificateType certType = EpidGroupCertificate;
  57. do
  58. {
  59. if (NULL == pSerializedPublicKey ||
  60. NULL == pGroupCertVlr ||
  61. NULL == pGID || NULL == pGroupPubKey)
  62. break;
  63. certificateFields = (SessMgrCertificateFields*)calloc(1, sizeof(*certificateFields));
  64. certWorkBuffer = (UINT8*)calloc(1, certWorkBufferLength);
  65. if (NULL == certificateFields ||
  66. NULL == certWorkBuffer)
  67. break;
  68. // Inject the Public Key to X509_Parser through the global variable SerializedPublicKey
  69. SetPublicEcDsaKey(pSerializedPublicKey);
  70. UINT8* X509GroupCertificate = const_cast<UINT8*>(pGroupCertVlr->X509GroupCertData);
  71. if (
  72. //
  73. // this is "functional", not buffer overflow check
  74. //
  75. (pGroupCertVlr->VlrHeader.PaddedBytes > 3) ||
  76. //
  77. // buffer overflow check: Length can be anything, sizeof is a constant...
  78. //
  79. (pGroupCertVlr->VlrHeader.Length <= (sizeof(pGroupCertVlr->VlrHeader) + pGroupCertVlr->VlrHeader.PaddedBytes))
  80. ) {
  81. break;
  82. }
  83. UINT32 X509GroupCertificateSize = static_cast<UINT32>(pGroupCertVlr->VlrHeader.Length -
  84. sizeof(pGroupCertVlr->VlrHeader) - pGroupCertVlr->VlrHeader.PaddedBytes);
  85. #ifdef DUMP_OCTETS
  86. OutputOctets("X509GroupCertificate", X509GroupCertificate, X509GroupCertificateSize);
  87. #endif
  88. //typedef enum{
  89. // EpidGroupCertificate = 0,
  90. // VerifierCertificate,
  91. // OcspResponderCertificate,
  92. // Others, // OMA DRM
  93. //}CertificateType;
  94. ISSUER_INFO* pRootPublicKey = NULL;
  95. status = ParseCertificateChain(
  96. X509GroupCertificate, X509GroupCertificateSize,
  97. certificateFields, certWorkBuffer, certWorkBufferLength, pRootPublicKey, 0,
  98. NULL, certType, FALSE);
  99. if (X509_STATUS_SUCCESS != status)
  100. break;
  101. uint8_t gidArray[sizeof(GroupId)] = {0};
  102. if (certificateFields->serialNumber.length > sizeof(gidArray))
  103. break;
  104. int index = static_cast<int>(sizeof(gidArray)-certificateFields->serialNumber.length);
  105. memcpy(&gidArray[index], certificateFields->serialNumber.buffer, certificateFields->serialNumber.length);
  106. if(certificateFields->algorithmIdentifierForSubjectPublicKey != X509_intel_sigma_epidGroupPublicKey_epid11)//Only Epid Group Public Key Epid1.1 are permitted to be subject key
  107. break;
  108. SessMgrEpidGroupPublicKey* EpidKey = (SessMgrEpidGroupPublicKey*)certificateFields->subjectPublicKey.buffer;
  109. memset(pGroupPubKey, 0, sizeof(Epid11GroupPubKey));
  110. memcpy(&pGroupPubKey->gid, gidArray, sizeof(pGroupPubKey->gid));
  111. memcpy(&pGroupPubKey->h1.x, EpidKey->h1x, sizeof(pGroupPubKey->h1.x));
  112. memcpy(&pGroupPubKey->h1.y, EpidKey->h1y, sizeof(pGroupPubKey->h1.y));
  113. memcpy(&pGroupPubKey->h2.x, EpidKey->h2x, sizeof(pGroupPubKey->h2.x));
  114. memcpy(&pGroupPubKey->h2.y, EpidKey->h2y, sizeof(pGroupPubKey->h2.y));
  115. memcpy(&pGroupPubKey->w.x[0], EpidKey->wx0, sizeof(pGroupPubKey->w.x[0]));
  116. memcpy(&pGroupPubKey->w.x[1], EpidKey->wx1, sizeof(pGroupPubKey->w.x[1]));
  117. memcpy(&pGroupPubKey->w.x[2], EpidKey->wx2, sizeof(pGroupPubKey->w.x[2]));
  118. memcpy(&pGroupPubKey->w.y[0], EpidKey->wy0, sizeof(pGroupPubKey->w.y[0]));
  119. memcpy(&pGroupPubKey->w.y[1], EpidKey->wy1, sizeof(pGroupPubKey->w.y[1]));
  120. memcpy(&pGroupPubKey->w.y[2], EpidKey->wy2, sizeof(pGroupPubKey->w.y[2]));
  121. *pGID = lv_htonl(gidArray);
  122. status = X509_STATUS_SUCCESS;
  123. } while (false);
  124. if (NULL != certificateFields)
  125. free(certificateFields);
  126. if (NULL != certWorkBuffer)
  127. free(certWorkBuffer);
  128. return status;
  129. }