micord/ervu-sign-module
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SUPPORT-8941. Добавлено получение названия и типа провайдера из конфигурационного файла (проверка ЭП маркера доступа)

Browse source
This commit is contained in:
alashkova 2025-02-24 16:17:45 +03:00
parent 2517eb1a34
commit 051b555c61
5 changed files with 42 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

28
src/utils/cryptopro.c
View file

@ -673,7 +673,7 @@ get_verify_error(char** verify_error)
}
int
cryptopro_verify(const str_t* cert_thumbprint, const str_t* alg, const str_t* data,
cryptopro_verify(cryptopro_context_t *ctx, const str_t* alg, const str_t* data,
const str_t* sign, bool* is_verified, char** verify_error)
{
int rc = -1;
@ -684,13 +684,10 @@ cryptopro_verify(const str_t* cert_thumbprint, const str_t* alg, const str_t* da
HCRYPTKEY hPubKey = 0;
str_t sign_reversed = str_t_null;
ALG_ID alg_id;
timer_context_t timer_ctx = {};
init_timers(&timer_ctx);
LOG_TRACE("cryptopro_verify enter");
timer_on_cryptopro_verify_enter(&timer_ctx);
timer_on_cryptopro_verify_enter(ctx->timer_ctx);
*is_verified = false;
@ -707,22 +704,25 @@ cryptopro_verify(const str_t* cert_thumbprint, const str_t* alg, const str_t* da
goto exit;
}
certificate = get_cert_by_thumbprint(hStoreHandle, cert_thumbprint);
certificate = get_cert_by_thumbprint(hStoreHandle, ctx->cert_thumbprint);
if (certificate == NULL) {
goto exit;
}
timer_on_verify_cert_chain_enter(&timer_ctx);
timer_on_verify_cert_chain_enter(ctx->timer_ctx);
if (!verify_cert_chain(certificate, &timer_ctx)) {
if (!verify_cert_chain(certificate, ctx->timer_ctx)) {
goto exit;
}
timer_on_verify_cert_chain_exit(&timer_ctx);
timer_on_verify_cert_chain_exit(ctx->timer_ctx);
if (!cp_function_list.CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_GOST_2012_256,
LOG_DEBUG("provider: '%s', prov_type: %u", ctx->provider, ctx->prov_type);
if (!cp_function_list.CryptAcquireContext(&hCryptProv, NULL, ctx->provider, ctx->prov_type,
CRYPT_VERIFYCONTEXT)) {
LOG_ERROR("CryptAcquireContext() failed");
LOG_ERROR("CryptAcquireContext() failed. provider: '%s', prov_type: %u",
ctx->provider, ctx->prov_type);
goto exit;
}
@ -757,7 +757,7 @@ cryptopro_verify(const str_t* cert_thumbprint, const str_t* alg, const str_t* da
goto exit;
}
LOG_WARN("%s, cert_thumbprint: %.*s", *verify_error,
(int) cert_thumbprint->len, cert_thumbprint->data);
(int) ctx->cert_thumbprint->len, ctx->cert_thumbprint->data);
}
exit:
@ -802,8 +802,8 @@ exit:
cp_function_list.GetLastError());
}
timer_on_cryptopro_verify_exit(&timer_ctx);
timer_log_verify(&timer_ctx);
timer_on_cryptopro_verify_exit(ctx->timer_ctx);
timer_log_verify(ctx->timer_ctx);
return rc;
}