cms_ess.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406
  1. /*
  2. * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "internal/cryptlib.h"
  10. #include <openssl/asn1t.h>
  11. #include <openssl/pem.h>
  12. #include <openssl/rand.h>
  13. #include <openssl/x509v3.h>
  14. #include <openssl/err.h>
  15. #include <openssl/cms.h>
  16. #include <openssl/ess.h>
  17. #include "cms_lcl.h"
  18. #include "internal/ess_int.h"
  19. IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
  20. /* ESS services */
  21. int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
  22. {
  23. ASN1_STRING *str;
  24. CMS_ReceiptRequest *rr = NULL;
  25. if (prr)
  26. *prr = NULL;
  27. str = CMS_signed_get0_data_by_OBJ(si,
  28. OBJ_nid2obj
  29. (NID_id_smime_aa_receiptRequest), -3,
  30. V_ASN1_SEQUENCE);
  31. if (!str)
  32. return 0;
  33. rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
  34. if (!rr)
  35. return -1;
  36. if (prr)
  37. *prr = rr;
  38. else
  39. CMS_ReceiptRequest_free(rr);
  40. return 1;
  41. }
  42. CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
  43. int allorfirst,
  44. STACK_OF(GENERAL_NAMES)
  45. *receiptList, STACK_OF(GENERAL_NAMES)
  46. *receiptsTo)
  47. {
  48. CMS_ReceiptRequest *rr = NULL;
  49. rr = CMS_ReceiptRequest_new();
  50. if (rr == NULL)
  51. goto merr;
  52. if (id)
  53. ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
  54. else {
  55. if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
  56. goto merr;
  57. if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
  58. goto err;
  59. }
  60. sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
  61. rr->receiptsTo = receiptsTo;
  62. if (receiptList) {
  63. rr->receiptsFrom->type = 1;
  64. rr->receiptsFrom->d.receiptList = receiptList;
  65. } else {
  66. rr->receiptsFrom->type = 0;
  67. rr->receiptsFrom->d.allOrFirstTier = allorfirst;
  68. }
  69. return rr;
  70. merr:
  71. CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
  72. err:
  73. CMS_ReceiptRequest_free(rr);
  74. return NULL;
  75. }
  76. int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
  77. {
  78. unsigned char *rrder = NULL;
  79. int rrderlen, r = 0;
  80. rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
  81. if (rrderlen < 0)
  82. goto merr;
  83. if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
  84. V_ASN1_SEQUENCE, rrder, rrderlen))
  85. goto merr;
  86. r = 1;
  87. merr:
  88. if (!r)
  89. CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
  90. OPENSSL_free(rrder);
  91. return r;
  92. }
  93. void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
  94. ASN1_STRING **pcid,
  95. int *pallorfirst,
  96. STACK_OF(GENERAL_NAMES) **plist,
  97. STACK_OF(GENERAL_NAMES) **prto)
  98. {
  99. if (pcid)
  100. *pcid = rr->signedContentIdentifier;
  101. if (rr->receiptsFrom->type == 0) {
  102. if (pallorfirst)
  103. *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
  104. if (plist)
  105. *plist = NULL;
  106. } else {
  107. if (pallorfirst)
  108. *pallorfirst = -1;
  109. if (plist)
  110. *plist = rr->receiptsFrom->d.receiptList;
  111. }
  112. if (prto)
  113. *prto = rr->receiptsTo;
  114. }
  115. /* Digest a SignerInfo structure for msgSigDigest attribute processing */
  116. static int cms_msgSigDigest(CMS_SignerInfo *si,
  117. unsigned char *dig, unsigned int *diglen)
  118. {
  119. const EVP_MD *md;
  120. md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
  121. if (md == NULL)
  122. return 0;
  123. if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
  124. si->signedAttrs, dig, diglen))
  125. return 0;
  126. return 1;
  127. }
  128. /* Add a msgSigDigest attribute to a SignerInfo */
  129. int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
  130. {
  131. unsigned char dig[EVP_MAX_MD_SIZE];
  132. unsigned int diglen;
  133. if (!cms_msgSigDigest(src, dig, &diglen)) {
  134. CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
  135. return 0;
  136. }
  137. if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
  138. V_ASN1_OCTET_STRING, dig, diglen)) {
  139. CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
  140. return 0;
  141. }
  142. return 1;
  143. }
  144. /* Verify signed receipt after it has already passed normal CMS verify */
  145. int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
  146. {
  147. int r = 0, i;
  148. CMS_ReceiptRequest *rr = NULL;
  149. CMS_Receipt *rct = NULL;
  150. STACK_OF(CMS_SignerInfo) *sis, *osis;
  151. CMS_SignerInfo *si, *osi = NULL;
  152. ASN1_OCTET_STRING *msig, **pcont;
  153. ASN1_OBJECT *octype;
  154. unsigned char dig[EVP_MAX_MD_SIZE];
  155. unsigned int diglen;
  156. /* Get SignerInfos, also checks SignedData content type */
  157. osis = CMS_get0_SignerInfos(req_cms);
  158. sis = CMS_get0_SignerInfos(cms);
  159. if (!osis || !sis)
  160. goto err;
  161. if (sk_CMS_SignerInfo_num(sis) != 1) {
  162. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
  163. goto err;
  164. }
  165. /* Check receipt content type */
  166. if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
  167. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
  168. goto err;
  169. }
  170. /* Extract and decode receipt content */
  171. pcont = CMS_get0_content(cms);
  172. if (!pcont || !*pcont) {
  173. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
  174. goto err;
  175. }
  176. rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
  177. if (!rct) {
  178. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
  179. goto err;
  180. }
  181. /* Locate original request */
  182. for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
  183. osi = sk_CMS_SignerInfo_value(osis, i);
  184. if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue))
  185. break;
  186. }
  187. if (i == sk_CMS_SignerInfo_num(osis)) {
  188. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
  189. goto err;
  190. }
  191. si = sk_CMS_SignerInfo_value(sis, 0);
  192. /* Get msgSigDigest value and compare */
  193. msig = CMS_signed_get0_data_by_OBJ(si,
  194. OBJ_nid2obj
  195. (NID_id_smime_aa_msgSigDigest), -3,
  196. V_ASN1_OCTET_STRING);
  197. if (!msig) {
  198. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
  199. goto err;
  200. }
  201. if (!cms_msgSigDigest(osi, dig, &diglen)) {
  202. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
  203. goto err;
  204. }
  205. if (diglen != (unsigned int)msig->length) {
  206. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
  207. goto err;
  208. }
  209. if (memcmp(dig, msig->data, diglen)) {
  210. CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
  211. CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
  212. goto err;
  213. }
  214. /* Compare content types */
  215. octype = CMS_signed_get0_data_by_OBJ(osi,
  216. OBJ_nid2obj(NID_pkcs9_contentType),
  217. -3, V_ASN1_OBJECT);
  218. if (!octype) {
  219. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
  220. goto err;
  221. }
  222. /* Compare details in receipt request */
  223. if (OBJ_cmp(octype, rct->contentType)) {
  224. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
  225. goto err;
  226. }
  227. /* Get original receipt request details */
  228. if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
  229. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
  230. goto err;
  231. }
  232. if (ASN1_STRING_cmp(rr->signedContentIdentifier,
  233. rct->signedContentIdentifier)) {
  234. CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH);
  235. goto err;
  236. }
  237. r = 1;
  238. err:
  239. CMS_ReceiptRequest_free(rr);
  240. M_ASN1_free_of(rct, CMS_Receipt);
  241. return r;
  242. }
  243. /*
  244. * Encode a Receipt into an OCTET STRING read for including into content of a
  245. * SignedData ContentInfo.
  246. */
  247. ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
  248. {
  249. CMS_Receipt rct;
  250. CMS_ReceiptRequest *rr = NULL;
  251. ASN1_OBJECT *ctype;
  252. ASN1_OCTET_STRING *os = NULL;
  253. /* Get original receipt request */
  254. /* Get original receipt request details */
  255. if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
  256. CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
  257. goto err;
  258. }
  259. /* Get original content type */
  260. ctype = CMS_signed_get0_data_by_OBJ(si,
  261. OBJ_nid2obj(NID_pkcs9_contentType),
  262. -3, V_ASN1_OBJECT);
  263. if (!ctype) {
  264. CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
  265. goto err;
  266. }
  267. rct.version = 1;
  268. rct.contentType = ctype;
  269. rct.signedContentIdentifier = rr->signedContentIdentifier;
  270. rct.originatorSignatureValue = si->signature;
  271. os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
  272. err:
  273. CMS_ReceiptRequest_free(rr);
  274. return os;
  275. }
  276. /*
  277. * Add signer certificate's V2 digest to a SignerInfo
  278. * structure
  279. */
  280. int CMS_add1_signing_cert_v2(CMS_SignerInfo *si,
  281. ESS_SIGNING_CERT_V2 *sc)
  282. {
  283. ASN1_STRING *seq = NULL;
  284. unsigned char *p, *pp;
  285. int len;
  286. /* Add SigningCertificateV2 signed attribute to the signer info. */
  287. len = i2d_ESS_SIGNING_CERT_V2(sc, NULL);
  288. if ((pp = OPENSSL_malloc(len)) == NULL)
  289. goto err;
  290. p = pp;
  291. i2d_ESS_SIGNING_CERT_V2(sc, &p);
  292. if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len))
  293. goto err;
  294. OPENSSL_free(pp);
  295. pp = NULL;
  296. if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_signingCertificateV2,
  297. V_ASN1_SEQUENCE, seq, -1))
  298. goto err;
  299. ASN1_STRING_free(seq);
  300. return 1;
  301. err:
  302. CMSerr(CMS_F_CMS_ADD1_SIGNING_CERT_V2, ERR_R_MALLOC_FAILURE);
  303. ASN1_STRING_free(seq);
  304. OPENSSL_free(pp);
  305. return 0;
  306. }
  307. /*
  308. * Add signer certificate's digest to a SignerInfo
  309. * structure
  310. */
  311. int CMS_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc)
  312. {
  313. ASN1_STRING *seq = NULL;
  314. unsigned char *p, *pp;
  315. int len;
  316. /* Add SigningCertificate signed attribute to the signer info. */
  317. len = i2d_ESS_SIGNING_CERT(sc, NULL);
  318. if ((pp = OPENSSL_malloc(len)) == NULL)
  319. goto err;
  320. p = pp;
  321. i2d_ESS_SIGNING_CERT(sc, &p);
  322. if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len))
  323. goto err;
  324. OPENSSL_free(pp);
  325. pp = NULL;
  326. if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_signingCertificate,
  327. V_ASN1_SEQUENCE, seq, -1))
  328. goto err;
  329. ASN1_STRING_free(seq);
  330. return 1;
  331. err:
  332. CMSerr(CMS_F_CMS_ADD1_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
  333. ASN1_STRING_free(seq);
  334. OPENSSL_free(pp);
  335. return 0;
  336. }