Fixed counter signature implementation.

1. They no longer leak memory.
2. They made invalid assumptions about when memory was freed.
3. They are recursive. While unlikely, a counter signature of a counter signature should work.
4. Counter signatures are now graphs from a signature.

Author: vcsjones

AuthenticodeLint/AuthenticodeLint.csproj

@@ -57,6 +57,7 @@
     <Compile Include="CheckEngine.cs" />
     <Compile Include="CommandLineParser.cs" />
     <Compile Include="ConfigurationValidator.cs" />
+    <Compile Include="GraphBuilders.cs" />
     <Compile Include="Interop\CertStoreSafeHandle.cs" />
     <Compile Include="Interop\Crypt32.cs" />
     <Compile Include="Interop\CryptMsgSafeHandle.cs" />

AuthenticodeLint/GraphBuilders.cs

@@ -0,0 +1,70 @@
+using System.Collections.Generic;
+using System.Security.Cryptography;
+using System.Security.Cryptography.Pkcs;
+
+namespace AuthenticodeLint
+{
+    public static class GraphBuilder
+    {
+        public static Graph<Signature> ExplodeGraph(byte[] entireMessage, string nestedOidType) => WalkGraph(new List<byte[]> { entireMessage }, nestedOidType);
+
+        public static Graph<ICounterSignature> WalkCounterSignatures(Signature signature) => WalkCounterSignatures(signature.SignerInfo.UnsignedAttributes);
+
+        private static Graph<ICounterSignature> WalkCounterSignatures(CryptographicAttributeObjectCollection attributes)
+        {
+            var graphItems = new List<GraphItem<ICounterSignature>>();
+            foreach (var attribute in attributes)
+            {
+                foreach(var value in attribute.Values)
+                {
+                    ICounterSignature signature;
+                    if (attribute.Oid.Value == KnownOids.AuthenticodeCounterSignature)
+                    {
+                        signature = new AuthenticodeSignature(value);
+                    }
+                    else if (attribute.Oid.Value == KnownOids.Rfc3161CounterSignature)
+                    {
+                        signature = new Rfc3161Signature(value);
+                    }
+                    else
+                    {
+                        continue;
+                    }
+                    var childAttributes = new CryptographicAttributeObjectCollection();
+                    foreach(var childAttribute in signature.UnsignedAttributes)
+                    {
+                        childAttributes.Add(childAttribute);
+                    }
+                    graphItems.Add(new GraphItem<ICounterSignature>(signature, WalkCounterSignatures(childAttributes)));
+                }
+            }
+            return new Graph<ICounterSignature>(graphItems);
+        }
+
+        private static Graph<Signature> WalkGraph(IList<byte[]> cmsData, string nestedOidType)
+        {
+            var graphItems = new List<GraphItem<Signature>>();
+            foreach (var data in cmsData)
+            {
+                var cms = new SignedCms();
+                cms.Decode(data);
+                foreach (var signer in cms.SignerInfos)
+                {
+                    var childCms = new List<byte[]>();
+                    foreach (var attribute in signer.UnsignedAttributes)
+                    {
+                        if (attribute.Oid.Value == nestedOidType)
+                        {
+                            foreach (var value in attribute.Values)
+                            {
+                                childCms.Add(value.RawData);
+                            }
+                        }
+                    }
+                    graphItems.Add(new GraphItem<Signature>(new Signature(signer, cms.Certificates), WalkGraph(childCms, nestedOidType)));
+                }
+            }
+            return new Graph<Signature>(graphItems);
+        }
+    }
+}

AuthenticodeLint/Interop/Crypt32.cs

@@ -297,7 +297,7 @@ internal struct CRYPT_ALGORITHM_IDENTIFIER
         public CRYPTOAPI_BLOB Parameters;
     }
 
-    [type: StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
+    [type: StructLayout(LayoutKind.Sequential)]
     internal struct CMSG_SIGNER_INFO
     {
         public uint dwVersion;
@@ -370,4 +370,12 @@ internal struct CERT_CONTEXT
         public IntPtr pCertInfo;
         public IntPtr hCertStore;
     }
+
+    [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
+    internal struct CRYPT_ATTRIBUTE
+    {
+        public string pszObjId;
+        public uint cValue;
+        public IntPtr rgValue;
+    }
 }

AuthenticodeLint/Rfc3161Signature.cs

@@ -6,58 +6,82 @@
 
 namespace AuthenticodeLint
 {
-    public abstract class SignatureBase : IDisposable
+    public interface ICounterSignature
     {
-        internal CMSG_SIGNER_INFO _signerInfo;
-
-
-        protected SignatureBase(AsnEncodedData data)
+        Oid Oid { get; }
+        Oid DigestAlgorithm { get; }
+        Oid HashEncryptionAlgorithm { get; }
+        CryptographicAttributeObjectCollection UnsignedAttributes { get; }
+        CryptographicAttributeObjectCollection SignedAttributes { get; }
+    }
+    public abstract class CounterSignatureBase : ICounterSignature
+    {
+        
+        protected CounterSignatureBase(AsnEncodedData data)
         {
-
+            Oid = data.Oid;
         }
 
-        public Oid DigestAlgorithm => new Oid(_signerInfo.HashAlgorithm.pszObjId);
-        public Oid HashEncryptionAlgorithm => new Oid(_signerInfo.HashEncryptionAlgorithm.pszObjId);
-
-        public byte[] SerialNumber
-        {
-            get
-            {
-                var buffer = new byte[_signerInfo.SerialNumber.cbData];
-                Marshal.Copy(_signerInfo.SerialNumber.pbData, buffer, 0, buffer.Length);
-                return buffer;
-            }
-        }
+        public Oid Oid { get; }
 
-        public void Dispose()
-        {
-            Dispose(true);
-            GC.SuppressFinalize(this);
-        }
+        public abstract Oid DigestAlgorithm { get; }
+        public abstract Oid HashEncryptionAlgorithm { get; }
+        public abstract CryptographicAttributeObjectCollection UnsignedAttributes { get; }
+        public abstract CryptographicAttributeObjectCollection SignedAttributes { get; }
+        public abstract byte[] SerialNumber { get; }
 
-        public virtual void Dispose(bool disposing)
+        internal byte[] ReadBlob(CRYPTOAPI_BLOB blob)
         {
+            var buffer = new byte[blob.cbData];
+            Marshal.Copy(blob.pbData, buffer, 0, buffer.Length);
+            return buffer;
         }
 
-        ~SignatureBase()
+        internal unsafe CryptographicAttributeObjectCollection ReadAttributes(CRYPT_ATTRIBUTES attributes)
         {
-            Dispose(false);
+            var collection = new CryptographicAttributeObjectCollection();
+            var attributeSize = Marshal.SizeOf<CRYPT_ATTRIBUTE>();
+            var blobSize = Marshal.SizeOf<CRYPTOAPI_BLOB>();
+            for (var i = 0; i < attributes.cAttr; i++)
+            {
+                var structure = Marshal.PtrToStructure<CRYPT_ATTRIBUTE>(attributes.rgAttr + (i * attributeSize));
+                var asnValues = new AsnEncodedDataCollection();
+                for(var j = 0; j < structure.cValue; j++)
+                {
+                    var blob = Marshal.PtrToStructure<CRYPTOAPI_BLOB>(structure.rgValue + j * blobSize);
+                    asnValues.Add(new AsnEncodedData(structure.pszObjId, ReadBlob(blob)));
+                }
+                collection.Add(new CryptographicAttributeObject(new Oid(structure.pszObjId), asnValues));
+            }
+            return collection;
         }
     }
 
-    public class AuthenticodeSignature : SignatureBase
+    public class AuthenticodeSignature : CounterSignatureBase
     {
+
+        public override Oid DigestAlgorithm { get; }
+        public override Oid HashEncryptionAlgorithm { get; }
+        public override CryptographicAttributeObjectCollection UnsignedAttributes { get; }
+        public override CryptographicAttributeObjectCollection SignedAttributes { get; }
+        public override byte[] SerialNumber { get; }
+
         public unsafe AuthenticodeSignature(AsnEncodedData data) : base(data)
         {
             fixed (byte* dataPtr = data.RawData)
             {
-                LocalBufferSafeHandle ptr;
                 uint size = 0;
-                if (Crypt32.CryptDecodeObjectEx(EncodingType.PKCS_7_ASN_ENCODING | EncodingType.X509_ASN_ENCODING, (IntPtr)500, new IntPtr(dataPtr), (uint)data.RawData.Length, CryptDecodeFlags.CRYPT_DECODE_ALLOC_FLAG, IntPtr.Zero, out ptr, ref size))
+                LocalBufferSafeHandle localBuffer;
+                if (Crypt32.CryptDecodeObjectEx(EncodingType.PKCS_7_ASN_ENCODING | EncodingType.X509_ASN_ENCODING, (IntPtr)500, new IntPtr(dataPtr), (uint)data.RawData.Length, CryptDecodeFlags.CRYPT_DECODE_ALLOC_FLAG, IntPtr.Zero, out localBuffer, ref size))
                 {
-                    using (ptr)
+                    using (localBuffer)
                     {
-                        _signerInfo = Marshal.PtrToStructure<CMSG_SIGNER_INFO>(ptr.DangerousGetHandle());
+                        var signerInfo = Marshal.PtrToStructure<CMSG_SIGNER_INFO>(localBuffer.DangerousGetHandle());
+                        DigestAlgorithm = new Oid(signerInfo.HashAlgorithm.pszObjId);
+                        HashEncryptionAlgorithm = new Oid(signerInfo.HashEncryptionAlgorithm.pszObjId);
+                        SerialNumber = ReadBlob(signerInfo.SerialNumber);
+                        UnsignedAttributes = ReadAttributes(signerInfo.UnauthAttrs);
+                        SignedAttributes = ReadAttributes(signerInfo.AuthAttrs);
                     }
                 }
                 else
@@ -68,10 +92,14 @@ public unsafe AuthenticodeSignature(AsnEncodedData data) : base(data)
         }
     }
 
-    public class Rfc3161Signature : SignatureBase
+    public class Rfc3161Signature : CounterSignatureBase
     {
-        private readonly X509Store _certificates;
-        private readonly CryptMsgSafeHandle _messageHandle;
+        public override Oid DigestAlgorithm { get; }
+        public override Oid HashEncryptionAlgorithm { get; }
+        public override CryptographicAttributeObjectCollection UnsignedAttributes { get; }
+        public override CryptographicAttributeObjectCollection SignedAttributes { get; }
+        public override byte[] SerialNumber { get; }
+        public X509Store Certificates { get; }
 
         public unsafe Rfc3161Signature(AsnEncodedData data) : base(data)
         {
@@ -111,39 +139,36 @@ public unsafe Rfc3161Signature(AsnEncodedData data) : base(data)
                 }
                 try
                 {
-                    _certificates = new X509Store(store.DangerousGetHandle());
-                    _messageHandle = msgHandle;
+                    Certificates = new X509Store(store.DangerousGetHandle());
                     var size = 0u;
-                    if (!Crypt32.CryptMsgGetParam(_messageHandle, CryptMsgParamType.CMSG_SIGNER_INFO_PARAM, 0, LocalBufferSafeHandle.Zero, ref size))
+                    if (!Crypt32.CryptMsgGetParam(msgHandle, CryptMsgParamType.CMSG_SIGNER_INFO_PARAM, 0, LocalBufferSafeHandle.Zero, ref size))
+                    {
+                        Certificates.Dispose();
+                        throw new InvalidOperationException("Unable to read signer information.");
+                    }
+                    var localBuffer = LocalBufferSafeHandle.Alloc(size);
+                    if (!Crypt32.CryptMsgGetParam(msgHandle, CryptMsgParamType.CMSG_SIGNER_INFO_PARAM, 0, localBuffer, ref size))
                     {
-                        _messageHandle.Dispose();
+                        Certificates.Dispose();
+                        localBuffer.Dispose();
                         throw new InvalidOperationException("Unable to read signer information.");
                     }
-                    using (var localBuffer = LocalBufferSafeHandle.Alloc(size))
+                    using (localBuffer)
                     {
-                        if (!Crypt32.CryptMsgGetParam(_messageHandle, CryptMsgParamType.CMSG_SIGNER_INFO_PARAM, 0, localBuffer, ref size))
-                        {
-                            _messageHandle.Dispose();
-                            throw new InvalidOperationException("Unable to read signer information.");
-                        }
-                        _signerInfo = Marshal.PtrToStructure<CMSG_SIGNER_INFO>(localBuffer.DangerousGetHandle());
+                        var signerInfo = Marshal.PtrToStructure<CMSG_SIGNER_INFO>(localBuffer.DangerousGetHandle());
+                        DigestAlgorithm = new Oid(signerInfo.HashAlgorithm.pszObjId);
+                        HashEncryptionAlgorithm = new Oid(signerInfo.HashEncryptionAlgorithm.pszObjId);
+                        SerialNumber = ReadBlob(signerInfo.SerialNumber);
+                        UnsignedAttributes = ReadAttributes(signerInfo.UnauthAttrs);
+                        SignedAttributes = ReadAttributes(signerInfo.AuthAttrs);
                     }
                 }
                 finally
                 {
+                    msgHandle.Dispose();
                     store.Dispose();
                 }
             }
         }
-
-
-        public override void Dispose(bool disposing)
-        {
-            if (disposing)
-            {
-                _messageHandle.Dispose();
-                _certificates.Dispose();
-            }
-        }
     }
 }

AuthenticodeLint/Rules/TimestampedRule.cs

@@ -16,26 +16,15 @@ public unsafe RuleResult Validate(Graph<Signature> graph, SignatureLogger verbos
             var pass = true;
             foreach (var signature in signatures)
             {
+                var counterSignaturesGraph = GraphBuilder.WalkCounterSignatures(signature);
                 var signatureInfo = signature.SignerInfo;
+                var counterSignatures = counterSignaturesGraph.VisitAll();
                 var isSigned = false;
                 var strongSign = false;
-                foreach (var attribute in signatureInfo.UnsignedAttributes)
+                foreach (var counterSignature in counterSignatures)
                 {
-                    SignatureBase timeStampCounterSign = null;
-                    if (attribute.Oid.Value == KnownOids.Rfc3161CounterSignature)
-                    {
-                        timeStampCounterSign = new Rfc3161Signature(attribute.Values[0]);
-                    }
-                    else if (attribute.Oid.Value == KnownOids.AuthenticodeCounterSignature)
-                    {
-                        timeStampCounterSign = new AuthenticodeSignature(attribute.Values[0]);
-                    }
-                    if (timeStampCounterSign == null)
-                    {
-                        continue;
-                    }
                     isSigned = true;
-                    if (timeStampCounterSign.DigestAlgorithm.Value == signatureInfo.DigestAlgorithm.Value)
+                    if (counterSignature.DigestAlgorithm.Value == signatureInfo.DigestAlgorithm.Value)
                     {
                         strongSign = true;
                         break;

AuthenticodeLint/SignatureExtractor.cs

@@ -50,38 +50,11 @@ private unsafe Graph<Signature> GetSignatures(CryptMsgSafeHandle messageHandle)
                 {
                     if (Crypt32.CryptMsgGetParam(messageHandle, CryptMsgParamType.CMSG_ENCODED_MESSAGE, 0, buf, ref size))
                     {
-                        return RecursiveSigner(new List<byte[]> { buffer });
+                        return GraphBuilder.ExplodeGraph(buffer, KnownOids.NestedSignatureOid);
                     }
                 }
             }
             return null;
         }
-
-
-        private static Graph<Signature> RecursiveSigner(IList<byte[]> cmsData)
-        {
-            var graphItems = new List<GraphItem<Signature>>();
-            foreach (var data in cmsData)
-            {
-                var cms = new SignedCms();
-                cms.Decode(data);
-                foreach (var signer in cms.SignerInfos)
-                {
-                    var childCms = new List<byte[]>();
-                    foreach (var attribute in signer.UnsignedAttributes)
-                    {
-                        if (attribute.Oid.Value == KnownOids.NestedSignatureOid)
-                        {
-                            foreach (var value in attribute.Values)
-                            {
-                                childCms.Add(value.RawData);
-                            }
-                        }
-                    }
-                    graphItems.Add(new GraphItem<Signature>(new Signature(signer, cms.Certificates), RecursiveSigner(childCms)));
-                }
-            }
-            return new Graph<Signature>(graphItems);
-        }
     }
 }