parse subject key ids from signature
This commit is contained in:
parent
65278fbb33
commit
365bcca6ba
82
src/main.rs
82
src/main.rs
@ -5,9 +5,86 @@ use std::env;
|
|||||||
|
|
||||||
use memmap2::MmapOptions;
|
use memmap2::MmapOptions;
|
||||||
use byteorder::{BigEndian, ReadBytesExt};
|
use byteorder::{BigEndian, ReadBytesExt};
|
||||||
|
use der_parser::ber::{parse_ber_sequence, BerObjectContent};
|
||||||
|
|
||||||
use osx::{Macho};
|
use osx::{Macho};
|
||||||
|
|
||||||
|
fn parse_pkcs7_signed_data(data: &[u8]) -> Result<Vec<String>, Box<dyn Error>> {
|
||||||
|
let (_, root) = parse_ber_sequence(data)?;
|
||||||
|
let root = root.content.as_sequence()?;
|
||||||
|
let oid = root[0].content.as_oid()?;
|
||||||
|
|
||||||
|
// assert oid SignedData
|
||||||
|
|
||||||
|
let signed_data = {
|
||||||
|
if let BerObjectContent::Unknown(_, rest) = root[1].content {
|
||||||
|
Some(rest)
|
||||||
|
} else {
|
||||||
|
None
|
||||||
|
}
|
||||||
|
}
|
||||||
|
.and_then(|x| parse_ber_sequence(x).ok())
|
||||||
|
.map(|(_, x)| x)
|
||||||
|
.ok_or("cannot parse nested signed data")?;
|
||||||
|
let signed_data = signed_data.content.as_sequence()?;
|
||||||
|
// println!("signed data {:?}", signed_data);
|
||||||
|
|
||||||
|
let certificates = {
|
||||||
|
if let BerObjectContent::Unknown(_, rest) = signed_data[3].content {
|
||||||
|
Some(rest)
|
||||||
|
} else {
|
||||||
|
None
|
||||||
|
}
|
||||||
|
}.ok_or("cannot get certificate list")?;
|
||||||
|
let (rest, cert1) = parse_ber_sequence(certificates)?;
|
||||||
|
let (rest, cert2) = parse_ber_sequence(rest)?;
|
||||||
|
let (_, cert3) = parse_ber_sequence(rest)?;
|
||||||
|
|
||||||
|
let mut certificates = vec![];
|
||||||
|
certificates.push(&cert1);
|
||||||
|
certificates.push(&cert2);
|
||||||
|
certificates.push(&cert3);
|
||||||
|
let certificates = certificates
|
||||||
|
.iter()
|
||||||
|
.filter_map(|x| x.content.as_sequence().ok());
|
||||||
|
|
||||||
|
let subject_key_ids = certificates
|
||||||
|
.filter_map(|cert| {
|
||||||
|
let ext = &cert[0].as_sequence().ok()?;
|
||||||
|
if let BerObjectContent::Unknown(_, rest) = ext[ext.len() - 1].content {
|
||||||
|
Some(rest)
|
||||||
|
} else {
|
||||||
|
None
|
||||||
|
}
|
||||||
|
.and_then(|x| parse_ber_sequence(x).ok())
|
||||||
|
.map(|(_, x)| x)
|
||||||
|
.and_then(|extention_list| {
|
||||||
|
extention_list
|
||||||
|
.content
|
||||||
|
.as_sequence()
|
||||||
|
.ok()?
|
||||||
|
.iter()
|
||||||
|
.find_map(|extension| {
|
||||||
|
let content = extension.content.as_sequence().ok()?;
|
||||||
|
let oid = content[0].as_oid().ok()?.to_id_string();
|
||||||
|
if oid != "2.5.29.14" {
|
||||||
|
return None
|
||||||
|
}
|
||||||
|
content[1]
|
||||||
|
.as_slice()
|
||||||
|
.ok()
|
||||||
|
.map(|arr| arr[2..]
|
||||||
|
.iter()
|
||||||
|
.map(|x| format!("{:02x}", x))
|
||||||
|
.collect::<Vec<String>>()
|
||||||
|
.concat())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
||||||
|
.collect::<Vec<String>>();
|
||||||
|
Ok(subject_key_ids)
|
||||||
|
}
|
||||||
|
|
||||||
fn main() -> Result<(), Box<dyn Error>> {
|
fn main() -> Result<(), Box<dyn Error>> {
|
||||||
let args = env::args().collect::<Vec<String>>();
|
let args = env::args().collect::<Vec<String>>();
|
||||||
let ref filename = args.get(1).ok_or("No argument specified")?;
|
let ref filename = args.get(1).ok_or("No argument specified")?;
|
||||||
@ -30,7 +107,7 @@ fn main() -> Result<(), Box<dyn Error>> {
|
|||||||
codedata
|
codedata
|
||||||
};
|
};
|
||||||
|
|
||||||
let sig = {
|
let mut sig = {
|
||||||
let mut file = Cursor::new(codedata);
|
let mut file = Cursor::new(codedata);
|
||||||
|
|
||||||
let magic = file.read_u32::<BigEndian>()?;
|
let magic = file.read_u32::<BigEndian>()?;
|
||||||
@ -66,5 +143,8 @@ fn main() -> Result<(), Box<dyn Error>> {
|
|||||||
// let mut sigfile = File::create("signature.p7b")?;
|
// let mut sigfile = File::create("signature.p7b")?;
|
||||||
// sigfile.write_all(&sig)?;
|
// sigfile.write_all(&sig)?;
|
||||||
|
|
||||||
|
let subject_key_ids = parse_pkcs7_signed_data(&sig)?;
|
||||||
|
println!("{:?}", subject_key_ids);
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user