MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-02-09 12:48:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merged all authenticode-js HTTP requests to a single location.

Browse Source
This commit is contained in:
Ylian Saint-Hilaire 2022-06-23 13:04:48 -07:00
parent 89c152027f
commit 156993666b
1 changed files with 169 additions and 202 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

131
authenticode.js
View File

@ -407,32 +407,15 @@ function createAuthenticodeHandler(path) {
const requestBody = Buffer.from(asn1.toDer(asn1obj).data, 'binary').toString('base64');
// Make an HTTP request
const http = require('http');
const timeServerUrl = new URL(args.time);
const options = {
protocol: timeServerUrl.protocol,
hostname: timeServerUrl.hostname,
path: timeServerUrl.pathname,
port: ((timeServerUrl.port == '') ? 80 : parseInt(timeServerUrl.port)),
method: 'POST',
headers: {
'accept': 'application/octet-stream',
'cache-control': 'no-cache',
'user-agent': 'Transport',
'content-type': 'application/octet-stream',
'content-length': Buffer.byteLength(requestBody)
}
};
const options = { url: args.time, proxy: args.proxy };
// Make a request to the time server
httpRequest(options, requestBody, function (err, data) {
if (err != null) { func(err); return; }
// Set up the request
var responseAccumulator = '';
var req = http.request(options, function (res) {
res.setEncoding('utf8');
res.on('data', function (chunk) { responseAccumulator += chunk; });
res.on('end', function () {
// Decode the timestamp signature block
var timepkcs7der = null;
try { timepkcs7der = forge.asn1.fromDer(forge.util.createBuffer(Buffer.from(responseAccumulator, 'base64').toString('binary'))); } catch (ex) { func('' + ex); return; }
try { timepkcs7der = forge.asn1.fromDer(forge.util.createBuffer(Buffer.from(data, 'base64').toString('binary'))); } catch (ex) { func('' + ex); return; }
// Decode the executable signature block
var pkcs7der = null;
@ -518,12 +501,6 @@ function createAuthenticodeHandler(path) {
// Indicate we are done
func(null);
});
});
// Post the data
req.on('error', function (err) { func('' + err); });
req.write(requestBody);
req.end();
}
// Read a resource table.
@ -1330,32 +1307,15 @@ function createAuthenticodeHandler(path) {
const requestBody = Buffer.from(asn1.toDer(asn1obj).data, 'binary').toString('base64');
// Make an HTTP request
const http = require('http');
const timeServerUrl = new URL(args.time);
const options = {
protocol: timeServerUrl.protocol,
hostname: timeServerUrl.hostname,
path: timeServerUrl.pathname,
port: ((timeServerUrl.port == '') ? 80 : parseInt(timeServerUrl.port)),
method: 'POST',
headers: {
'accept': 'application/octet-stream',
'cache-control': 'no-cache',
'user-agent': 'Transport',
'content-type': 'application/octet-stream',
'content-length': Buffer.byteLength(requestBody)
}
};
const options = { url: args.time, proxy: args.proxy };
// Make a request to the time server
httpRequest(options, requestBody, function (err, data) {
if (err != null) { func(err); return; }
// Set up the request
var responseAccumulator = '';
var req = http.request(options, function (res) {
res.setEncoding('utf8');
res.on('data', function (chunk) { responseAccumulator += chunk; });
res.on('end', function () {
// Decode the timestamp signature block
var timepkcs7der = null;
try { timepkcs7der = forge.asn1.fromDer(forge.util.createBuffer(Buffer.from(responseAccumulator, 'base64').toString('binary'))); } catch (ex) { func('' + ex); return; }
try { timepkcs7der = forge.asn1.fromDer(forge.util.createBuffer(Buffer.from(data, 'base64').toString('binary'))); } catch (ex) { func('' + ex); return; }
// Get the ASN1 certificates used to sign the timestamp and add them to the certs in the PKCS7 of the executable
// TODO: We could look to see if the certificate is already present in the executable
@ -1380,6 +1340,37 @@ function createAuthenticodeHandler(path) {
// Write the file with the signature block
signEx(args, p7signature, obj.filesize, func);
});
}
}
// Make a HTTP request, use a proxy if needed
function httpRequest(options, requestBody, func) {
// If needed, decode the URL
if (options.url) {
const timeServerUrl = new URL(options.url);
options.protocol = timeServerUrl.protocol;
options.hostname = timeServerUrl.hostname;
options.path = timeServerUrl.pathname;
options.port = ((timeServerUrl.port == '') ? 80 : parseInt(timeServerUrl.port));
delete options.url;
}
// Setup the options
options.method = 'POST';
options.headers = {
'accept': 'application/octet-stream',
'cache-control': 'no-cache',
'user-agent': 'Transport',
'content-type': 'application/octet-stream',
'content-length': Buffer.byteLength(requestBody)
};
// Set up the request
var responseAccumulator = '';
var req = require('http').request(options, function (res) {
res.setEncoding('utf8');
res.on('data', function (chunk) { responseAccumulator += chunk; });
res.on('end', function () { func(null, responseAccumulator); });
});
// Post the data
@ -1387,7 +1378,6 @@ function createAuthenticodeHandler(path) {
req.write(requestBody);
req.end();
}
}
function signEx(args, p7signature, filesize, func) {
// Open the output file
@ -1651,32 +1641,15 @@ function createAuthenticodeHandler(path) {
const requestBody = Buffer.from(asn1.toDer(asn1obj).data, 'binary').toString('base64');
// Make an HTTP request
const http = require('http');
const timeServerUrl = new URL(args.time);
const options = {
protocol: timeServerUrl.protocol,
hostname: timeServerUrl.hostname,
path: timeServerUrl.pathname,
port: ((timeServerUrl.port == '') ? 80 : parseInt(timeServerUrl.port)),
method: 'POST',
headers: {
'accept': 'application/octet-stream',
'cache-control': 'no-cache',
'user-agent': 'Transport',
'content-type': 'application/octet-stream',
'content-length': Buffer.byteLength(requestBody)
}
};
const options = { url: args.time, proxy: args.proxy };
// Make a request to the time server
httpRequest(options, requestBody, function (err, data) {
if (err != null) { func(err); return; }
// Set up the request
var responseAccumulator = '';
var req = http.request(options, function (res) {
res.setEncoding('utf8');
res.on('data', function (chunk) { responseAccumulator += chunk; });
res.on('end', function () {
// Decode the timestamp signature block
var timepkcs7der = null;
try { timepkcs7der = forge.asn1.fromDer(forge.util.createBuffer(Buffer.from(responseAccumulator, 'base64').toString('binary'))); } catch (ex) { func('' + ex); return; }
try { timepkcs7der = forge.asn1.fromDer(forge.util.createBuffer(Buffer.from(data, 'base64').toString('binary'))); } catch (ex) { func('' + ex); return; }
// Get the ASN1 certificates used to sign the timestamp and add them to the certs in the PKCS7 of the executable
// TODO: We could look to see if the certificate is already present in the executable
@ -1701,12 +1674,6 @@ function createAuthenticodeHandler(path) {
// Write the file with the signature block
writeExecutableEx(output, p7signature, written, func);
});
});
// Post the data
req.on('error', function (err) { func('' + err); });
req.write(requestBody);
req.end();
}
return;
}