cms_ess.c 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420
  1. /* crypto/cms/cms_ess.c */
  2. /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  3. * project.
  4. */
  5. /* ====================================================================
  6. * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
  7. *
  8. * Redistribution and use in source and binary forms, with or without
  9. * modification, are permitted provided that the following conditions
  10. * are met:
  11. *
  12. * 1. Redistributions of source code must retain the above copyright
  13. * notice, this list of conditions and the following disclaimer.
  14. *
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in
  17. * the documentation and/or other materials provided with the
  18. * distribution.
  19. *
  20. * 3. All advertising materials mentioning features or use of this
  21. * software must display the following acknowledgment:
  22. * "This product includes software developed by the OpenSSL Project
  23. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24. *
  25. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26. * endorse or promote products derived from this software without
  27. * prior written permission. For written permission, please contact
  28. * licensing@OpenSSL.org.
  29. *
  30. * 5. Products derived from this software may not be called "OpenSSL"
  31. * nor may "OpenSSL" appear in their names without prior written
  32. * permission of the OpenSSL Project.
  33. *
  34. * 6. Redistributions of any form whatsoever must retain the following
  35. * acknowledgment:
  36. * "This product includes software developed by the OpenSSL Project
  37. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38. *
  39. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50. * OF THE POSSIBILITY OF SUCH DAMAGE.
  51. * ====================================================================
  52. */
  53. #include "cryptlib.h"
  54. #include <openssl/asn1t.h>
  55. #include <openssl/pem.h>
  56. #include <openssl/rand.h>
  57. #include <openssl/x509v3.h>
  58. #include <openssl/err.h>
  59. #include <openssl/cms.h>
  60. #include "cms_lcl.h"
  61. DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
  62. DECLARE_ASN1_ITEM(CMS_Receipt)
  63. IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
  64. /* ESS services: for now just Signed Receipt related */
  65. int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
  66. {
  67. ASN1_STRING *str;
  68. CMS_ReceiptRequest *rr = NULL;
  69. if (prr)
  70. *prr = NULL;
  71. str = CMS_signed_get0_data_by_OBJ(si,
  72. OBJ_nid2obj(NID_id_smime_aa_receiptRequest),
  73. -3, V_ASN1_SEQUENCE);
  74. if (!str)
  75. return 0;
  76. rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
  77. if (!rr)
  78. return -1;
  79. if (prr)
  80. *prr = rr;
  81. else
  82. CMS_ReceiptRequest_free(rr);
  83. return 1;
  84. }
  85. CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
  86. int allorfirst,
  87. STACK_OF(GENERAL_NAMES) *receiptList,
  88. STACK_OF(GENERAL_NAMES) *receiptsTo)
  89. {
  90. CMS_ReceiptRequest *rr = NULL;
  91. rr = CMS_ReceiptRequest_new();
  92. if (!rr)
  93. goto merr;
  94. if (id)
  95. ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
  96. else
  97. {
  98. if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
  99. goto merr;
  100. if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)
  101. <= 0)
  102. goto err;
  103. }
  104. sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
  105. rr->receiptsTo = receiptsTo;
  106. if (receiptList)
  107. {
  108. rr->receiptsFrom->type = 1;
  109. rr->receiptsFrom->d.receiptList = receiptList;
  110. }
  111. else
  112. {
  113. rr->receiptsFrom->type = 0;
  114. rr->receiptsFrom->d.allOrFirstTier = allorfirst;
  115. }
  116. return rr;
  117. merr:
  118. CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
  119. err:
  120. if (rr)
  121. CMS_ReceiptRequest_free(rr);
  122. return NULL;
  123. }
  124. int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
  125. {
  126. unsigned char *rrder = NULL;
  127. int rrderlen, r = 0;
  128. rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
  129. if (rrderlen < 0)
  130. goto merr;
  131. if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
  132. V_ASN1_SEQUENCE, rrder, rrderlen))
  133. goto merr;
  134. r = 1;
  135. merr:
  136. if (!r)
  137. CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
  138. if (rrder)
  139. OPENSSL_free(rrder);
  140. return r;
  141. }
  142. void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
  143. ASN1_STRING **pcid,
  144. int *pallorfirst,
  145. STACK_OF(GENERAL_NAMES) **plist,
  146. STACK_OF(GENERAL_NAMES) **prto)
  147. {
  148. if (pcid)
  149. *pcid = rr->signedContentIdentifier;
  150. if (rr->receiptsFrom->type == 0)
  151. {
  152. if (pallorfirst)
  153. *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
  154. if (plist)
  155. *plist = NULL;
  156. }
  157. else
  158. {
  159. if (pallorfirst)
  160. *pallorfirst = -1;
  161. if (plist)
  162. *plist = rr->receiptsFrom->d.receiptList;
  163. }
  164. if (prto)
  165. *prto = rr->receiptsTo;
  166. }
  167. /* Digest a SignerInfo structure for msgSigDigest attribute processing */
  168. static int cms_msgSigDigest(CMS_SignerInfo *si,
  169. unsigned char *dig, unsigned int *diglen)
  170. {
  171. const EVP_MD *md;
  172. md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
  173. if (md == NULL)
  174. return 0;
  175. if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
  176. si->signedAttrs, dig, diglen))
  177. return 0;
  178. return 1;
  179. }
  180. /* Add a msgSigDigest attribute to a SignerInfo */
  181. int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
  182. {
  183. unsigned char dig[EVP_MAX_MD_SIZE];
  184. unsigned int diglen;
  185. if (!cms_msgSigDigest(src, dig, &diglen))
  186. {
  187. CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
  188. return 0;
  189. }
  190. if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
  191. V_ASN1_OCTET_STRING, dig, diglen))
  192. {
  193. CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
  194. return 0;
  195. }
  196. return 1;
  197. }
  198. /* Verify signed receipt after it has already passed normal CMS verify */
  199. int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
  200. {
  201. int r = 0, i;
  202. CMS_ReceiptRequest *rr = NULL;
  203. CMS_Receipt *rct = NULL;
  204. STACK_OF(CMS_SignerInfo) *sis, *osis;
  205. CMS_SignerInfo *si, *osi = NULL;
  206. ASN1_OCTET_STRING *msig, **pcont;
  207. ASN1_OBJECT *octype;
  208. unsigned char dig[EVP_MAX_MD_SIZE];
  209. unsigned int diglen;
  210. /* Get SignerInfos, also checks SignedData content type */
  211. osis = CMS_get0_SignerInfos(req_cms);
  212. sis = CMS_get0_SignerInfos(cms);
  213. if (!osis || !sis)
  214. goto err;
  215. if (sk_CMS_SignerInfo_num(sis) != 1)
  216. {
  217. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
  218. goto err;
  219. }
  220. /* Check receipt content type */
  221. if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt)
  222. {
  223. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
  224. goto err;
  225. }
  226. /* Extract and decode receipt content */
  227. pcont = CMS_get0_content(cms);
  228. if (!pcont || !*pcont)
  229. {
  230. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
  231. goto err;
  232. }
  233. rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
  234. if (!rct)
  235. {
  236. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
  237. goto err;
  238. }
  239. /* Locate original request */
  240. for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++)
  241. {
  242. osi = sk_CMS_SignerInfo_value(osis, i);
  243. if (!ASN1_STRING_cmp(osi->signature,
  244. rct->originatorSignatureValue))
  245. break;
  246. }
  247. if (i == sk_CMS_SignerInfo_num(osis))
  248. {
  249. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
  250. goto err;
  251. }
  252. si = sk_CMS_SignerInfo_value(sis, 0);
  253. /* Get msgSigDigest value and compare */
  254. msig = CMS_signed_get0_data_by_OBJ(si,
  255. OBJ_nid2obj(NID_id_smime_aa_msgSigDigest),
  256. -3, V_ASN1_OCTET_STRING);
  257. if (!msig)
  258. {
  259. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
  260. goto err;
  261. }
  262. if (!cms_msgSigDigest(osi, dig, &diglen))
  263. {
  264. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
  265. goto err;
  266. }
  267. if (diglen != (unsigned int)msig->length)
  268. {
  269. CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
  270. CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
  271. goto err;
  272. }
  273. if (memcmp(dig, msig->data, diglen))
  274. {
  275. CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
  276. CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
  277. goto err;
  278. }
  279. /* Compare content types */
  280. octype = CMS_signed_get0_data_by_OBJ(osi,
  281. OBJ_nid2obj(NID_pkcs9_contentType),
  282. -3, V_ASN1_OBJECT);
  283. if (!octype)
  284. {
  285. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
  286. goto err;
  287. }
  288. /* Compare details in receipt request */
  289. if (OBJ_cmp(octype, rct->contentType))
  290. {
  291. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
  292. goto err;
  293. }
  294. /* Get original receipt request details */
  295. if (CMS_get1_ReceiptRequest(osi, &rr) <= 0)
  296. {
  297. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
  298. goto err;
  299. }
  300. if (ASN1_STRING_cmp(rr->signedContentIdentifier,
  301. rct->signedContentIdentifier))
  302. {
  303. CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
  304. CMS_R_CONTENTIDENTIFIER_MISMATCH);
  305. goto err;
  306. }
  307. r = 1;
  308. err:
  309. if (rr)
  310. CMS_ReceiptRequest_free(rr);
  311. if (rct)
  312. M_ASN1_free_of(rct, CMS_Receipt);
  313. return r;
  314. }
  315. /* Encode a Receipt into an OCTET STRING read for including into content of
  316. * a SignedData ContentInfo.
  317. */
  318. ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
  319. {
  320. CMS_Receipt rct;
  321. CMS_ReceiptRequest *rr = NULL;
  322. ASN1_OBJECT *ctype;
  323. ASN1_OCTET_STRING *os = NULL;
  324. /* Get original receipt request */
  325. /* Get original receipt request details */
  326. if (CMS_get1_ReceiptRequest(si, &rr) <= 0)
  327. {
  328. CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
  329. goto err;
  330. }
  331. /* Get original content type */
  332. ctype = CMS_signed_get0_data_by_OBJ(si,
  333. OBJ_nid2obj(NID_pkcs9_contentType),
  334. -3, V_ASN1_OBJECT);
  335. if (!ctype)
  336. {
  337. CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
  338. goto err;
  339. }
  340. rct.version = 1;
  341. rct.contentType = ctype;
  342. rct.signedContentIdentifier = rr->signedContentIdentifier;
  343. rct.originatorSignatureValue = si->signature;
  344. os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
  345. err:
  346. if (rr)
  347. CMS_ReceiptRequest_free(rr);
  348. return os;
  349. }