c/minizip-ng
1
0
Fork 0
mirror of https://github.com/zlib-ng/minizip-ng synced 2025-03-28 21:13:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added option to require a signature during extracting.

Browse Source 
Added new sign error.
This commit is contained in:
Nathan Moinvaziri 2018-10-28 16:41:20 -07:00
parent 05e03cad8e
commit 703b3df3ef
5 changed files with 28 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
mz.h
View File

@ -47,6 +47,7 @@ extern "C" {
#define MZ_TELL_ERROR (-114)
#define MZ_READ_ERROR (-115)
#define MZ_WRITE_ERROR (-116)
#define MZ_SIGN_ERROR (-117)
// MZ_OPEN
#define MZ_OPEN_MODE_READ (0x01)

14
mz_crypt_openssl.c
View File

@ -467,7 +467,7 @@ int32_t mz_crypt_sign(uint8_t *message, int32_t message_size, const char *cert_p
if (err == MZ_OK)
{
if (mz_stream_os_read(cert_stream, cert_data, cert_size) != cert_size)
err = MZ_STREAM_ERROR;
err = MZ_READ_ERROR;
mz_stream_os_close(cert_stream);
}
mz_stream_os_delete(&cert_stream);
@ -475,7 +475,7 @@ int32_t mz_crypt_sign(uint8_t *message, int32_t message_size, const char *cert_p
cert_bio = BIO_new_mem_buf(cert_data, cert_size);
if (d2i_PKCS12_bio(cert_bio, &p12) == NULL)
err = MZ_CRYPT_ERROR;
err = MZ_SIGN_ERROR;
if (err == MZ_OK)
result = PKCS12_parse(p12, cert_pwd, &evp_pkey, &cert, &ca_stack);
if (result)
@ -485,7 +485,7 @@ int32_t mz_crypt_sign(uint8_t *message, int32_t message_size, const char *cert_p
signer_info = CMS_add1_signer(cms, cert, evp_pkey, EVP_sha256(), 0);
if (signer_info == NULL)
{
err = MZ_CRYPT_ERROR;
err = MZ_SIGN_ERROR;
}
else
{
@ -515,7 +515,7 @@ int32_t mz_crypt_sign(uint8_t *message, int32_t message_size, const char *cert_p
}
if (!result)
err = MZ_CRYPT_ERROR;
err = MZ_SIGN_ERROR;
if (cms)
CMS_ContentInfo_free(cms);
@ -552,7 +552,7 @@ int32_t mz_crypt_sign_verify(uint8_t *message, int32_t message_size, uint8_t *si
BIO *signature_bio = NULL;
BUF_MEM *buf_mem = NULL;
int32_t result = 0;
int32_t err = MZ_CRYPT_ERROR;
int32_t err = MZ_SIGN_ERROR;
if (message == NULL || message_size == 0 || signature == NULL || signature_size == 0)
@ -603,7 +603,7 @@ int32_t mz_crypt_sign_verify(uint8_t *message, int32_t message_size, uint8_t *si
if (result)
err = MZ_OK;
else
err = MZ_CRYPT_ERROR;
err = MZ_SIGN_ERROR;
if (store_ctx)
X509_STORE_CTX_free(store_ctx);
@ -617,7 +617,7 @@ int32_t mz_crypt_sign_verify(uint8_t *message, int32_t message_size, uint8_t *si
// Verify the message
if (((int32_t)buf_mem->length != message_size) ||
(memcmp(buf_mem->data, message, message_size) != 0))
err = MZ_CRYPT_ERROR;
err = MZ_SIGN_ERROR;
}
}

6
mz_crypt_win32.c
View File

@ -603,7 +603,7 @@ int32_t mz_crypt_sign(uint8_t *message, int32_t message_size, const char *cert_p
if (err == MZ_OK)
{
if (mz_stream_os_read(cert_stream, cert_data, cert_size) != cert_size)
err = MM_STREAM_ERROR;
err = MZ_READ_ERROR;
mz_stream_os_close(cert_stream);
}
mz_stream_os_delete(&cert_stream);
@ -696,7 +696,7 @@ int32_t mz_crypt_sign(uint8_t *message, int32_t message_size, const char *cert_p
*signature, signature_size);
if (!result)
err = MZ_CRYPT_ERROR;
err = MZ_SIGN_ERROR;
}
if (cert_context != NULL)
@ -712,7 +712,7 @@ int32_t mz_crypt_sign_verify(uint8_t *message, int32_t message_size, uint8_t *si
CRYPT_VERIFY_MESSAGE_PARA verify_params;
HCRYPTMSG crypt_msg = 0;
int32_t result = 0;
int32_t err = MZ_CRYPT_ERROR;
int32_t err = MZ_SIGN_ERROR;
uint8_t *decoded = NULL;
int32_t decoded_size = 0;

16
mz_zip_rw.c
View File

@ -65,6 +65,7 @@ typedef struct mz_zip_reader_s {
uint8_t raw;
uint8_t buffer[UINT16_MAX];
uint8_t legacy_encoding;
uint8_t sign_required;
} mz_zip_reader;
/***************************************************************************/
@ -410,8 +411,13 @@ int32_t mz_zip_reader_entry_open(void *handle)
if (err == MZ_OK)
mz_crypt_sha_begin(reader->hash);
#ifndef MZ_ZIP_NO_SIGNING
if ((err == MZ_OK) && (mz_zip_reader_entry_has_sign(handle) == MZ_OK))
err = mz_zip_reader_entry_sign_verify(handle);
if (err == MZ_OK)
{
if (mz_zip_reader_entry_has_sign(handle) == MZ_OK)
err = mz_zip_reader_entry_sign_verify(handle);
else if (reader->sign_required)
err = MZ_SIGN_ERROR;
}
#endif
}
#endif
@ -923,6 +929,12 @@ void mz_zip_reader_set_legacy_encoding(void *handle, uint8_t legacy_encoding)
reader->legacy_encoding = legacy_encoding;
}
void mz_zip_reader_set_sign_required(void *handle, uint8_t sign_required)
{
mz_zip_reader *reader = (mz_zip_reader *)handle;
reader->sign_required = sign_required;
}
void mz_zip_reader_set_overwrite_cb(void *handle, void *userdata, mz_zip_reader_overwrite_cb cb)
{
mz_zip_reader *reader = (mz_zip_reader *)handle;

3
mz_zip_rw.h
View File

@ -127,6 +127,9 @@ int32_t mz_zip_reader_get_raw(void *handle, uint8_t *raw);
void mz_zip_reader_set_legacy_encoding(void *handle, uint8_t legacy_encoding);
// Sets whether or not it should support cp437 in zip file names
void mz_zip_reader_set_sign_required(void *handle, uint8_t sign_required);
// Sets whether or not it a signature is required
void mz_zip_reader_set_overwrite_cb(void *handle, void *userdata, mz_zip_reader_overwrite_cb cb);
// Callback for what to do when a file is being overwritten