Fixed CERT_PKIXVerifyCert that can have a well hiden callback...

author: ptitSeb <sebastien.chev@gmail.com> 2022-07-30 14:56:46 +0200
committer: ptitSeb <sebastien.chev@gmail.com> 2022-07-30 14:56:46 +0200
commit: abb9ab1bb6cac81ff596f0fa596c3eaa15d9db08 (patch)
tree: a809bd810466d3c6f0c0c8c1d211090c88efd638 /src
parent: 8bc9baefd688945327e2b01d257f656d622f33f1 (diff)
download: box64-abb9ab1bb6cac81ff596f0fa596c3eaa15d9db08.tar.gz
box64-abb9ab1bb6cac81ff596f0fa596c3eaa15d9db08.zip
6 files changed, 86 insertions, 7 deletions
diff --git a/src/wrapped/generated/functions_list.txt b/src/wrapped/generated/functions_list.txt
index b5c488d9..5cdab0f5 100644
--- a/src/wrapped/generated/functions_list.txt
+++ b/src/wrapped/generated/functions_list.txt
@@ -1158,7 +1158,6 @@
 #() iFpippi
 #() iFpippW
 #() iFpippp
-#() iFpIppp
 #() iFpCCCC
 #() iFpuill
 #() iFpuipi
@@ -1424,6 +1423,7 @@
 #() iFEpiipV
 #() iFEpilpV
 #() iFEpippi
+#() iFEpIppp
 #() iFEpuppp
 #() iFEpUppp
 #() iFEppppp
@@ -3484,6 +3484,8 @@ wrappednss3:
   - PK11_SetPasswordFunc
 - iFpp:
   - CERT_RegisterAlternateOCSPAIAInfoCallBack
+- iFpIppp:
+  - CERT_PKIXVerifyCert
 wrappednssutil3:
 wrappedopenal:
 - vFv:
diff --git a/src/wrapped/generated/wrappednss3types.h b/src/wrapped/generated/wrappednss3types.h
index 640f7da6..b16a31e1 100644
--- a/src/wrapped/generated/wrappednss3types.h
+++ b/src/wrapped/generated/wrappednss3types.h
@@ -13,9 +13,11 @@
 
 typedef void (*vFp_t)(void*);
 typedef int64_t (*iFpp_t)(void*, void*);
+typedef int64_t (*iFpIppp_t)(void*, int64_t, void*, void*, void*);
 
 #define SUPER() ADDED_FUNCTIONS() \
 	GO(PK11_SetPasswordFunc, vFp_t) \
-	GO(CERT_RegisterAlternateOCSPAIAInfoCallBack, iFpp_t)
+	GO(CERT_RegisterAlternateOCSPAIAInfoCallBack, iFpp_t) \
+	GO(CERT_PKIXVerifyCert, iFpIppp_t)
 
 #endif // __wrappednss3TYPES_H_
diff --git a/src/wrapped/generated/wrapper.c b/src/wrapped/generated/wrapper.c
index 13b6fc80..14725e3a 100644
--- a/src/wrapped/generated/wrapper.c
+++ b/src/wrapped/generated/wrapper.c
@@ -1192,7 +1192,6 @@ typedef int64_t (*iFpipip_t)(void*, int64_t, void*, int64_t, void*);
 typedef int64_t (*iFpippi_t)(void*, int64_t, void*, void*, int64_t);
 typedef int64_t (*iFpippW_t)(void*, int64_t, void*, void*, uint16_t);
 typedef int64_t (*iFpippp_t)(void*, int64_t, void*, void*, void*);
-typedef int64_t (*iFpIppp_t)(void*, int64_t, void*, void*, void*);
 typedef int64_t (*iFpCCCC_t)(void*, uint8_t, uint8_t, uint8_t, uint8_t);
 typedef int64_t (*iFpuill_t)(void*, uint64_t, int64_t, intptr_t, intptr_t);
 typedef int64_t (*iFpuipi_t)(void*, uint64_t, int64_t, void*, int64_t);
@@ -1458,6 +1457,7 @@ typedef int64_t (*iFEpiipp_t)(x64emu_t*, void*, int64_t, int64_t, void*, void*);
 typedef int64_t (*iFEpiipV_t)(x64emu_t*, void*, int64_t, int64_t, void*, void*);
 typedef int64_t (*iFEpilpV_t)(x64emu_t*, void*, int64_t, intptr_t, void*, void*);
 typedef int64_t (*iFEpippi_t)(x64emu_t*, void*, int64_t, void*, void*, int64_t);
+typedef int64_t (*iFEpIppp_t)(x64emu_t*, void*, int64_t, void*, void*, void*);
 typedef int64_t (*iFEpuppp_t)(x64emu_t*, void*, uint64_t, void*, void*, void*);
 typedef int64_t (*iFEpUppp_t)(x64emu_t*, void*, uint64_t, void*, void*, void*);
 typedef int64_t (*iFEppppp_t)(x64emu_t*, void*, void*, void*, void*, void*);
@@ -3354,7 +3354,6 @@ void iFpipip(x64emu_t *emu, uintptr_t fcn) { iFpipip_t fn = (iFpipip_t)fcn; R_RA
 void iFpippi(x64emu_t *emu, uintptr_t fcn) { iFpippi_t fn = (iFpippi_t)fcn; R_RAX=(int64_t)fn((void*)R_RDI, (int64_t)R_RSI, (void*)R_RDX, (void*)R_RCX, (int64_t)R_R8); }
 void iFpippW(x64emu_t *emu, uintptr_t fcn) { iFpippW_t fn = (iFpippW_t)fcn; R_RAX=(int64_t)fn((void*)R_RDI, (int64_t)R_RSI, (void*)R_RDX, (void*)R_RCX, (uint16_t)R_R8); }
 void iFpippp(x64emu_t *emu, uintptr_t fcn) { iFpippp_t fn = (iFpippp_t)fcn; R_RAX=(int64_t)fn((void*)R_RDI, (int64_t)R_RSI, (void*)R_RDX, (void*)R_RCX, (void*)R_R8); }
-void iFpIppp(x64emu_t *emu, uintptr_t fcn) { iFpIppp_t fn = (iFpIppp_t)fcn; R_RAX=(int64_t)fn((void*)R_RDI, (int64_t)R_RSI, (void*)R_RDX, (void*)R_RCX, (void*)R_R8); }
 void iFpCCCC(x64emu_t *emu, uintptr_t fcn) { iFpCCCC_t fn = (iFpCCCC_t)fcn; R_RAX=(int64_t)fn((void*)R_RDI, (uint8_t)R_RSI, (uint8_t)R_RDX, (uint8_t)R_RCX, (uint8_t)R_R8); }
 void iFpuill(x64emu_t *emu, uintptr_t fcn) { iFpuill_t fn = (iFpuill_t)fcn; R_RAX=(int64_t)fn((void*)R_RDI, (uint64_t)R_RSI, (int64_t)R_RDX, (intptr_t)R_RCX, (intptr_t)R_R8); }
 void iFpuipi(x64emu_t *emu, uintptr_t fcn) { iFpuipi_t fn = (iFpuipi_t)fcn; R_RAX=(int64_t)fn((void*)R_RDI, (uint64_t)R_RSI, (int64_t)R_RDX, (void*)R_RCX, (int64_t)R_R8); }
@@ -3620,6 +3619,7 @@ void iFEpiipp(x64emu_t *emu, uintptr_t fcn) { iFEpiipp_t fn = (iFEpiipp_t)fcn; R
 void iFEpiipV(x64emu_t *emu, uintptr_t fcn) { iFEpiipV_t fn = (iFEpiipV_t)fcn; R_RAX=(int64_t)fn(emu, (void*)R_RDI, (int64_t)R_RSI, (int64_t)R_RDX, (void*)R_RCX, (void*)(R_RSP + 8)); }
 void iFEpilpV(x64emu_t *emu, uintptr_t fcn) { iFEpilpV_t fn = (iFEpilpV_t)fcn; R_RAX=(int64_t)fn(emu, (void*)R_RDI, (int64_t)R_RSI, (intptr_t)R_RDX, (void*)R_RCX, (void*)(R_RSP + 8)); }
 void iFEpippi(x64emu_t *emu, uintptr_t fcn) { iFEpippi_t fn = (iFEpippi_t)fcn; R_RAX=(int64_t)fn(emu, (void*)R_RDI, (int64_t)R_RSI, (void*)R_RDX, (void*)R_RCX, (int64_t)R_R8); }
+void iFEpIppp(x64emu_t *emu, uintptr_t fcn) { iFEpIppp_t fn = (iFEpIppp_t)fcn; R_RAX=(int64_t)fn(emu, (void*)R_RDI, (int64_t)R_RSI, (void*)R_RDX, (void*)R_RCX, (void*)R_R8); }
 void iFEpuppp(x64emu_t *emu, uintptr_t fcn) { iFEpuppp_t fn = (iFEpuppp_t)fcn; R_RAX=(int64_t)fn(emu, (void*)R_RDI, (uint64_t)R_RSI, (void*)R_RDX, (void*)R_RCX, (void*)R_R8); }
 void iFEpUppp(x64emu_t *emu, uintptr_t fcn) { iFEpUppp_t fn = (iFEpUppp_t)fcn; R_RAX=(int64_t)fn(emu, (void*)R_RDI, (uint64_t)R_RSI, (void*)R_RDX, (void*)R_RCX, (void*)R_R8); }
 void iFEppppp(x64emu_t *emu, uintptr_t fcn) { iFEppppp_t fn = (iFEppppp_t)fcn; R_RAX=(int64_t)fn(emu, (void*)R_RDI, (void*)R_RSI, (void*)R_RDX, (void*)R_RCX, (void*)R_R8); }
@@ -5345,7 +5345,6 @@ int isSimpleWrapper(wrapper_t fun) {
 	if (fun == &iFpippi) return 1;
 	if (fun == &iFpippW) return 1;
 	if (fun == &iFpippp) return 1;
-	if (fun == &iFpIppp) return 1;
 	if (fun == &iFpCCCC) return 1;
 	if (fun == &iFpuill) return 1;
 	if (fun == &iFpuipi) return 1;
diff --git a/src/wrapped/generated/wrapper.h b/src/wrapped/generated/wrapper.h
index 9be2d94d..577ab144 100644
--- a/src/wrapped/generated/wrapper.h
+++ b/src/wrapped/generated/wrapper.h
@@ -1191,7 +1191,6 @@ void iFpipip(x64emu_t *emu, uintptr_t fnc);
 void iFpippi(x64emu_t *emu, uintptr_t fnc);
 void iFpippW(x64emu_t *emu, uintptr_t fnc);
 void iFpippp(x64emu_t *emu, uintptr_t fnc);
-void iFpIppp(x64emu_t *emu, uintptr_t fnc);
 void iFpCCCC(x64emu_t *emu, uintptr_t fnc);
 void iFpuill(x64emu_t *emu, uintptr_t fnc);
 void iFpuipi(x64emu_t *emu, uintptr_t fnc);
@@ -1457,6 +1456,7 @@ void iFEpiipp(x64emu_t *emu, uintptr_t fnc);
 void iFEpiipV(x64emu_t *emu, uintptr_t fnc);
 void iFEpilpV(x64emu_t *emu, uintptr_t fnc);
 void iFEpippi(x64emu_t *emu, uintptr_t fnc);
+void iFEpIppp(x64emu_t *emu, uintptr_t fnc);
 void iFEpuppp(x64emu_t *emu, uintptr_t fnc);
 void iFEpUppp(x64emu_t *emu, uintptr_t fnc);
 void iFEppppp(x64emu_t *emu, uintptr_t fnc);
diff --git a/src/wrapped/wrappednss3.c b/src/wrapped/wrappednss3.c
index 75ae1cc3..e2655aef 100755
--- a/src/wrapped/wrappednss3.c
+++ b/src/wrapped/wrappednss3.c
@@ -87,6 +87,38 @@ static void* reverse_CERT_StringFromCertFcn_Fct(library_t* lib, void* fct)
     #undef GO
     return (void*)AddBridge(lib->priv.w.bridge, pFp, fct, 0, NULL);
 }
+// CERTChainVerifyCallbackFunc ...
+#define GO(A)   \
+static uintptr_t my_CERTChainVerifyCallbackFunc_fct_##A = 0;                                    \
+static int my_CERTChainVerifyCallbackFunc_##A(void* a, void* b, void* c)                        \
+{                                                                                               \
+    return (int)RunFunction(my_context, my_CERTChainVerifyCallbackFunc_fct_##A, 3, a, b, c);    \
+}
+SUPER()
+#undef GO
+static void* find_CERTChainVerifyCallbackFunc_Fct(void* fct)
+{
+    if(!fct) return fct;
+    if(GetNativeFnc((uintptr_t)fct))  return GetNativeFnc((uintptr_t)fct);
+    #define GO(A) if(my_CERTChainVerifyCallbackFunc_fct_##A == (uintptr_t)fct) return my_CERTChainVerifyCallbackFunc_##A;
+    SUPER()
+    #undef GO
+    #define GO(A) if(my_CERTChainVerifyCallbackFunc_fct_##A == 0) {my_CERTChainVerifyCallbackFunc_fct_##A = (uintptr_t)fct; return my_CERTChainVerifyCallbackFunc_##A; }
+    SUPER()
+    #undef GO
+    printf_log(LOG_NONE, "Warning, no more slot for nss3 CERTChainVerifyCallbackFunc callback\n");
+    return NULL;
+}
+static void* reverse_CERTChainVerifyCallbackFunc_Fct(library_t* lib, void* fct)
+{
+    if(!fct) return fct;
+    if(CheckBridged(lib->priv.w.bridge, fct))
+        return (void*)CheckBridged(lib->priv.w.bridge, fct);
+    #define GO(A) if(my_CERTChainVerifyCallbackFunc_##A == fct) return (void*)my_CERTChainVerifyCallbackFunc_fct_##A;
+    SUPER()
+    #undef GO
+    return (void*)AddBridge(lib->priv.w.bridge, iFppp, fct, 0, NULL);
+}
 
 #undef SUPER
 
@@ -103,6 +135,50 @@ EXPORT int my_CERT_RegisterAlternateOCSPAIAInfoCallBack(x64emu_t* emu, void* f,
     return ret;
 }
 
+typedef int (*my_CERTChainVerifyCallbackFunc)(void *isChainValidArg, void *currentChain, void* chainOK);
+typedef struct my_CERTChainVerifyCallback_s {
+    my_CERTChainVerifyCallbackFunc isChainValid;
+    void *isChainValidArg;
+} my_CERTChainVerifyCallback_t;
+
+typedef struct my_CERTValParamInValueStr_t {
+    union {
+        uint64_t ul;
+    } scalar;
+    union {
+        void*    p;
+        my_CERTChainVerifyCallback_t *chainVerifyCallback;
+    } pointer;
+    union {
+        uint64_t *pul;
+    } array;
+    int arraySize;
+} my_CERTValParamInValue_t;
+
+typedef struct my_CERTValInParam_s {
+    int type;
+    my_CERTValParamInValue_t value;
+} my_CERTValInParam_t;
+
+EXPORT int my_CERT_PKIXVerifyCert(x64emu_t* emu, void* cert, int64_t usages, my_CERTValInParam_t* pin, void* pout, void* wincx)
+{
+    //cert_pi_chainVerifyCallback = 13
+    int i = 0;
+    while(pin[i].type) {
+        if(pin[i].type == 13)
+            pin[i].value.pointer.chainVerifyCallback->isChainValid = find_CERTChainVerifyCallbackFunc_Fct(pin[i].value.pointer.chainVerifyCallback->isChainValid);
+        ++i;
+    }
+    int ret = my->CERT_PKIXVerifyCert(cert, usages, pin, pout, wincx);
+    /*while(pin[i].type) {
+        if(pin[i].type == 13)
+            pin[i].value.pointer.p = reverse_CERTChainVerifyCallbackFunc_Fct(my_lib, pin[i].value.pointer.p);
+        ++i;
+    }*/
+
+    return ret;
+}
+
 #define CUSTOM_INIT \
     getMy(lib);
 
diff --git a/src/wrapped/wrappednss3_private.h b/src/wrapped/wrappednss3_private.h
index e213bdfd..adc078bb 100755
--- a/src/wrapped/wrappednss3_private.h
+++ b/src/wrapped/wrappednss3_private.h
@@ -216,7 +216,7 @@ GO(CERT_NewTempCertificate, pFpppii)
 //GO(CERT_NicknameStringsFromCertList, 
 //GO(CERT_OCSPCacheSettings, 
 //GO(CERT_OpenCertDBFilename, 
-GO(CERT_PKIXVerifyCert, iFpIppp)
+GOM(CERT_PKIXVerifyCert, iFEpIppp)
 //GO(CERT_PostOCSPRequest, 
 GOM(CERT_RegisterAlternateOCSPAIAInfoCallBack, iFEpp)
 //GO(CERT_RemoveCertListNode,
author	ptitSeb <sebastien.chev@gmail.com>	2022-07-30 14:56:46 +0200
committer	ptitSeb <sebastien.chev@gmail.com>	2022-07-30 14:56:46 +0200
commit	abb9ab1bb6cac81ff596f0fa596c3eaa15d9db08 (patch)
tree	a809bd810466d3c6f0c0c8c1d211090c88efd638 /src
parent	8bc9baefd688945327e2b01d257f656d622f33f1 (diff)
download	box64-abb9ab1bb6cac81ff596f0fa596c3eaa15d9db08.tar.gz box64-abb9ab1bb6cac81ff596f0fa596c3eaa15d9db08.zip