cms_att.c 9.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287
  1. /*
  2. * Copyright 2008-2024 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <openssl/asn1t.h>
  10. #include <openssl/pem.h>
  11. #include <openssl/x509v3.h>
  12. #include <openssl/err.h>
  13. #include <openssl/cms.h>
  14. #include "internal/nelem.h"
  15. #include "crypto/x509.h"
  16. #include "cms_local.h"
  17. /*-
  18. * Attribute flags.
  19. * CMS attribute restrictions are discussed in
  20. * - RFC 5652 Section 11.
  21. * ESS attribute restrictions are discussed in
  22. * - RFC 2634 Section 1.3.4 AND
  23. * - RFC 5035 Section 5.4
  24. */
  25. /* This is a signed attribute */
  26. #define CMS_ATTR_F_SIGNED 0x01
  27. /* This is an unsigned attribute */
  28. #define CMS_ATTR_F_UNSIGNED 0x02
  29. /* Must be present if there are any other attributes of the same type */
  30. #define CMS_ATTR_F_REQUIRED_COND 0x10
  31. /* There can only be one instance of this attribute */
  32. #define CMS_ATTR_F_ONLY_ONE 0x20
  33. /* The Attribute's value must have exactly one entry */
  34. #define CMS_ATTR_F_ONE_ATTR_VALUE 0x40
  35. /* Attributes rules for different attributes */
  36. static const struct {
  37. int nid; /* The attribute id */
  38. int flags;
  39. } cms_attribute_properties[] = {
  40. /* See RFC Section 11 */
  41. { NID_pkcs9_contentType, CMS_ATTR_F_SIGNED
  42. | CMS_ATTR_F_ONLY_ONE
  43. | CMS_ATTR_F_ONE_ATTR_VALUE
  44. | CMS_ATTR_F_REQUIRED_COND },
  45. { NID_pkcs9_messageDigest, CMS_ATTR_F_SIGNED
  46. | CMS_ATTR_F_ONLY_ONE
  47. | CMS_ATTR_F_ONE_ATTR_VALUE
  48. | CMS_ATTR_F_REQUIRED_COND },
  49. { NID_pkcs9_signingTime, CMS_ATTR_F_SIGNED
  50. | CMS_ATTR_F_ONLY_ONE
  51. | CMS_ATTR_F_ONE_ATTR_VALUE },
  52. { NID_pkcs9_countersignature, CMS_ATTR_F_UNSIGNED },
  53. /* ESS */
  54. { NID_id_smime_aa_signingCertificate, CMS_ATTR_F_SIGNED
  55. | CMS_ATTR_F_ONLY_ONE
  56. | CMS_ATTR_F_ONE_ATTR_VALUE },
  57. { NID_id_smime_aa_signingCertificateV2, CMS_ATTR_F_SIGNED
  58. | CMS_ATTR_F_ONLY_ONE
  59. | CMS_ATTR_F_ONE_ATTR_VALUE },
  60. { NID_id_smime_aa_receiptRequest, CMS_ATTR_F_SIGNED
  61. | CMS_ATTR_F_ONLY_ONE
  62. | CMS_ATTR_F_ONE_ATTR_VALUE }
  63. };
  64. /* CMS SignedData Attribute utilities */
  65. int CMS_signed_get_attr_count(const CMS_SignerInfo *si)
  66. {
  67. return X509at_get_attr_count(si->signedAttrs);
  68. }
  69. int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos)
  70. {
  71. return X509at_get_attr_by_NID(si->signedAttrs, nid, lastpos);
  72. }
  73. int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj,
  74. int lastpos)
  75. {
  76. return X509at_get_attr_by_OBJ(si->signedAttrs, obj, lastpos);
  77. }
  78. X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc)
  79. {
  80. return X509at_get_attr(si->signedAttrs, loc);
  81. }
  82. X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc)
  83. {
  84. return X509at_delete_attr(si->signedAttrs, loc);
  85. }
  86. int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
  87. {
  88. if (ossl_x509at_add1_attr(&si->signedAttrs, attr))
  89. return 1;
  90. return 0;
  91. }
  92. int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
  93. const ASN1_OBJECT *obj, int type,
  94. const void *bytes, int len)
  95. {
  96. if (ossl_x509at_add1_attr_by_OBJ(&si->signedAttrs, obj, type, bytes, len))
  97. return 1;
  98. return 0;
  99. }
  100. int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
  101. int nid, int type, const void *bytes, int len)
  102. {
  103. if (ossl_x509at_add1_attr_by_NID(&si->signedAttrs, nid, type, bytes, len))
  104. return 1;
  105. return 0;
  106. }
  107. int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
  108. const char *attrname, int type,
  109. const void *bytes, int len)
  110. {
  111. if (ossl_x509at_add1_attr_by_txt(&si->signedAttrs, attrname, type, bytes,
  112. len))
  113. return 1;
  114. return 0;
  115. }
  116. void *CMS_signed_get0_data_by_OBJ(const CMS_SignerInfo *si,
  117. const ASN1_OBJECT *oid,
  118. int lastpos, int type)
  119. {
  120. return X509at_get0_data_by_OBJ(si->signedAttrs, oid, lastpos, type);
  121. }
  122. int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si)
  123. {
  124. return X509at_get_attr_count(si->unsignedAttrs);
  125. }
  126. int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
  127. int lastpos)
  128. {
  129. return X509at_get_attr_by_NID(si->unsignedAttrs, nid, lastpos);
  130. }
  131. int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si,
  132. const ASN1_OBJECT *obj, int lastpos)
  133. {
  134. return X509at_get_attr_by_OBJ(si->unsignedAttrs, obj, lastpos);
  135. }
  136. X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc)
  137. {
  138. return X509at_get_attr(si->unsignedAttrs, loc);
  139. }
  140. X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc)
  141. {
  142. return X509at_delete_attr(si->unsignedAttrs, loc);
  143. }
  144. int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
  145. {
  146. if (ossl_x509at_add1_attr(&si->unsignedAttrs, attr))
  147. return 1;
  148. return 0;
  149. }
  150. int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
  151. const ASN1_OBJECT *obj, int type,
  152. const void *bytes, int len)
  153. {
  154. if (ossl_x509at_add1_attr_by_OBJ(&si->unsignedAttrs, obj, type, bytes, len))
  155. return 1;
  156. return 0;
  157. }
  158. int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
  159. int nid, int type,
  160. const void *bytes, int len)
  161. {
  162. if (ossl_x509at_add1_attr_by_NID(&si->unsignedAttrs, nid, type, bytes, len))
  163. return 1;
  164. return 0;
  165. }
  166. int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
  167. const char *attrname, int type,
  168. const void *bytes, int len)
  169. {
  170. if (ossl_x509at_add1_attr_by_txt(&si->unsignedAttrs, attrname,
  171. type, bytes, len))
  172. return 1;
  173. return 0;
  174. }
  175. void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
  176. int lastpos, int type)
  177. {
  178. return X509at_get0_data_by_OBJ(si->unsignedAttrs, oid, lastpos, type);
  179. }
  180. /*
  181. * Retrieve an attribute by nid from a stack of attributes starting at index
  182. * *lastpos + 1.
  183. * Returns the attribute or NULL if there is no attribute.
  184. * If an attribute was found *lastpos returns the index of the found attribute.
  185. */
  186. static X509_ATTRIBUTE *cms_attrib_get(int nid,
  187. const STACK_OF(X509_ATTRIBUTE) *attrs,
  188. int *lastpos)
  189. {
  190. X509_ATTRIBUTE *at;
  191. int loc;
  192. loc = X509at_get_attr_by_NID(attrs, nid, *lastpos);
  193. if (loc < 0)
  194. return NULL;
  195. at = X509at_get_attr(attrs, loc);
  196. *lastpos = loc;
  197. return at;
  198. }
  199. static int cms_check_attribute(int nid, int flags, int type,
  200. const STACK_OF(X509_ATTRIBUTE) *attrs,
  201. int have_attrs)
  202. {
  203. int lastpos = -1;
  204. X509_ATTRIBUTE *at = cms_attrib_get(nid, attrs, &lastpos);
  205. if (at != NULL) {
  206. int count = X509_ATTRIBUTE_count(at);
  207. /* Is this attribute allowed? */
  208. if (((flags & type) == 0)
  209. /* check if multiple attributes of the same type are allowed */
  210. || (((flags & CMS_ATTR_F_ONLY_ONE) != 0)
  211. && cms_attrib_get(nid, attrs, &lastpos) != NULL)
  212. /* Check if attribute should have exactly one value in its set */
  213. || (((flags & CMS_ATTR_F_ONE_ATTR_VALUE) != 0)
  214. && count != 1)
  215. /* There should be at least one value */
  216. || count == 0)
  217. return 0;
  218. } else {
  219. /* fail if a required attribute is missing */
  220. if (have_attrs
  221. && ((flags & CMS_ATTR_F_REQUIRED_COND) != 0)
  222. && (flags & type) != 0)
  223. return 0;
  224. }
  225. return 1;
  226. }
  227. /*
  228. * Check that the signerinfo attributes obey the attribute rules which includes
  229. * the following checks
  230. * - If any signed attributes exist then there must be a Content Type
  231. * and Message Digest attribute in the signed attributes.
  232. * - The countersignature attribute is an optional unsigned attribute only.
  233. * - Content Type, Message Digest, and Signing time attributes are signed
  234. * attributes. Only one instance of each is allowed, with each of these
  235. * attributes containing a single attribute value in its set.
  236. */
  237. int ossl_cms_si_check_attributes(const CMS_SignerInfo *si)
  238. {
  239. int i;
  240. int have_signed_attrs = (CMS_signed_get_attr_count(si) > 0);
  241. int have_unsigned_attrs = (CMS_unsigned_get_attr_count(si) > 0);
  242. for (i = 0; i < (int)OSSL_NELEM(cms_attribute_properties); ++i) {
  243. int nid = cms_attribute_properties[i].nid;
  244. int flags = cms_attribute_properties[i].flags;
  245. if (!cms_check_attribute(nid, flags, CMS_ATTR_F_SIGNED,
  246. si->signedAttrs, have_signed_attrs)
  247. || !cms_check_attribute(nid, flags, CMS_ATTR_F_UNSIGNED,
  248. si->unsignedAttrs, have_unsigned_attrs)) {
  249. ERR_raise(ERR_LIB_CMS, CMS_R_ATTRIBUTE_ERROR);
  250. return 0;
  251. }
  252. }
  253. return 1;
  254. }