parse subject key ids from signature

2021-08-27 08:36:52 +00:00 · 2021-08-27 08:36:52 +00:00 · 365bcca6ba
commit 365bcca6ba
parent 65278fbb33
1 changed files with 81 additions and 1 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -5,9 +5,86 @@ use std::env;

 use memmap2::MmapOptions;
 use byteorder::{BigEndian, ReadBytesExt};
+use der_parser::ber::{parse_ber_sequence, BerObjectContent};

 use osx::{Macho};

+fn parse_pkcs7_signed_data(data: &[u8]) -> Result<Vec<String>, Box<dyn Error>> {
+    let (_, root) = parse_ber_sequence(data)?;
+    let root = root.content.as_sequence()?;
+    let oid = root[0].content.as_oid()?;
+
+    // assert oid SignedData
+
+    let signed_data = {
+        if let BerObjectContent::Unknown(_, rest) = root[1].content {
+            Some(rest)
+        } else {
+            None
+        }
+    }
+    .and_then(|x| parse_ber_sequence(x).ok())
+    .map(|(_, x)| x)
+    .ok_or("cannot parse nested signed data")?;
+    let signed_data = signed_data.content.as_sequence()?;
+    // println!("signed data {:?}", signed_data);
+
+    let certificates = {
+        if let BerObjectContent::Unknown(_, rest) = signed_data[3].content {
+            Some(rest)
+        } else {
+            None
+        }
+    }.ok_or("cannot get certificate list")?;
+    let (rest, cert1) = parse_ber_sequence(certificates)?;
+    let (rest, cert2) = parse_ber_sequence(rest)?;
+    let (_, cert3) = parse_ber_sequence(rest)?;
+
+    let mut certificates = vec![];
+    certificates.push(&cert1);
+    certificates.push(&cert2);
+    certificates.push(&cert3);
+    let certificates = certificates
+        .iter()
+        .filter_map(|x| x.content.as_sequence().ok());
+
+    let subject_key_ids = certificates
+        .filter_map(|cert| {
+            let ext = &cert[0].as_sequence().ok()?;
+            if let BerObjectContent::Unknown(_, rest) = ext[ext.len() - 1].content {
+                Some(rest)
+            } else {
+                None
+            }
+            .and_then(|x| parse_ber_sequence(x).ok())
+            .map(|(_, x)| x)
+            .and_then(|extention_list| {
+                extention_list
+                    .content
+                    .as_sequence()
+                    .ok()?
+                    .iter()
+                    .find_map(|extension| {
+                        let content = extension.content.as_sequence().ok()?;
+                        let oid = content[0].as_oid().ok()?.to_id_string();
+                        if oid != "2.5.29.14" {
+                            return None
+                        }
+                        content[1]
+                            .as_slice()
+                            .ok()
+                            .map(|arr| arr[2..]
+                                    .iter()
+                                    .map(|x| format!("{:02x}", x))
+                                    .collect::<Vec<String>>()
+                                    .concat())
+                    })
+            })
+        })
+        .collect::<Vec<String>>();
+    Ok(subject_key_ids)
+}
+
 fn main() -> Result<(), Box<dyn Error>> {
    let args = env::args().collect::<Vec<String>>();
    let ref filename = args.get(1).ok_or("No argument specified")?;
@ -30,7 +107,7 @@ fn main() -> Result<(), Box<dyn Error>> {
        codedata
    };

-    let sig = {
+    let mut sig = {
        let mut file = Cursor::new(codedata);

        let magic = file.read_u32::<BigEndian>()?;
@ -66,5 +143,8 @@ fn main() -> Result<(), Box<dyn Error>> {
    // let mut sigfile = File::create("signature.p7b")?;
    // sigfile.write_all(&sig)?;

+    let subject_key_ids = parse_pkcs7_signed_data(&sig)?;
+    println!("{:?}", subject_key_ids);
+
    Ok(())
 }