cms_smime.c 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843
  1. /*
  2. * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "internal/cryptlib.h"
  10. #include <openssl/asn1t.h>
  11. #include <openssl/x509.h>
  12. #include <openssl/x509v3.h>
  13. #include <openssl/err.h>
  14. #include <openssl/cms.h>
  15. #include "cms_lcl.h"
  16. #include "internal/asn1_int.h"
  17. static BIO *cms_get_text_bio(BIO *out, unsigned int flags)
  18. {
  19. BIO *rbio;
  20. if (out == NULL)
  21. rbio = BIO_new(BIO_s_null());
  22. else if (flags & CMS_TEXT) {
  23. rbio = BIO_new(BIO_s_mem());
  24. BIO_set_mem_eof_return(rbio, 0);
  25. } else
  26. rbio = out;
  27. return rbio;
  28. }
  29. static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
  30. {
  31. unsigned char buf[4096];
  32. int r = 0, i;
  33. BIO *tmpout;
  34. tmpout = cms_get_text_bio(out, flags);
  35. if (tmpout == NULL) {
  36. CMSerr(CMS_F_CMS_COPY_CONTENT, ERR_R_MALLOC_FAILURE);
  37. goto err;
  38. }
  39. /* Read all content through chain to process digest, decrypt etc */
  40. for (;;) {
  41. i = BIO_read(in, buf, sizeof(buf));
  42. if (i <= 0) {
  43. if (BIO_method_type(in) == BIO_TYPE_CIPHER) {
  44. if (!BIO_get_cipher_status(in))
  45. goto err;
  46. }
  47. if (i < 0)
  48. goto err;
  49. break;
  50. }
  51. if (tmpout && (BIO_write(tmpout, buf, i) != i))
  52. goto err;
  53. }
  54. if (flags & CMS_TEXT) {
  55. if (!SMIME_text(tmpout, out)) {
  56. CMSerr(CMS_F_CMS_COPY_CONTENT, CMS_R_SMIME_TEXT_ERROR);
  57. goto err;
  58. }
  59. }
  60. r = 1;
  61. err:
  62. if (tmpout != out)
  63. BIO_free(tmpout);
  64. return r;
  65. }
  66. static int check_content(CMS_ContentInfo *cms)
  67. {
  68. ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
  69. if (!pos || !*pos) {
  70. CMSerr(CMS_F_CHECK_CONTENT, CMS_R_NO_CONTENT);
  71. return 0;
  72. }
  73. return 1;
  74. }
  75. static void do_free_upto(BIO *f, BIO *upto)
  76. {
  77. if (upto) {
  78. BIO *tbio;
  79. do {
  80. tbio = BIO_pop(f);
  81. BIO_free(f);
  82. f = tbio;
  83. }
  84. while (f && f != upto);
  85. } else
  86. BIO_free_all(f);
  87. }
  88. int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
  89. {
  90. BIO *cont;
  91. int r;
  92. if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) {
  93. CMSerr(CMS_F_CMS_DATA, CMS_R_TYPE_NOT_DATA);
  94. return 0;
  95. }
  96. cont = CMS_dataInit(cms, NULL);
  97. if (!cont)
  98. return 0;
  99. r = cms_copy_content(out, cont, flags);
  100. BIO_free_all(cont);
  101. return r;
  102. }
  103. CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags)
  104. {
  105. CMS_ContentInfo *cms;
  106. cms = cms_Data_create();
  107. if (!cms)
  108. return NULL;
  109. if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
  110. return cms;
  111. CMS_ContentInfo_free(cms);
  112. return NULL;
  113. }
  114. int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
  115. unsigned int flags)
  116. {
  117. BIO *cont;
  118. int r;
  119. if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) {
  120. CMSerr(CMS_F_CMS_DIGEST_VERIFY, CMS_R_TYPE_NOT_DIGESTED_DATA);
  121. return 0;
  122. }
  123. if (!dcont && !check_content(cms))
  124. return 0;
  125. cont = CMS_dataInit(cms, dcont);
  126. if (!cont)
  127. return 0;
  128. r = cms_copy_content(out, cont, flags);
  129. if (r)
  130. r = cms_DigestedData_do_final(cms, cont, 1);
  131. do_free_upto(cont, dcont);
  132. return r;
  133. }
  134. CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
  135. unsigned int flags)
  136. {
  137. CMS_ContentInfo *cms;
  138. if (!md)
  139. md = EVP_sha1();
  140. cms = cms_DigestedData_create(md);
  141. if (!cms)
  142. return NULL;
  143. if (!(flags & CMS_DETACHED))
  144. CMS_set_detached(cms, 0);
  145. if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
  146. return cms;
  147. CMS_ContentInfo_free(cms);
  148. return NULL;
  149. }
  150. int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
  151. const unsigned char *key, size_t keylen,
  152. BIO *dcont, BIO *out, unsigned int flags)
  153. {
  154. BIO *cont;
  155. int r;
  156. if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) {
  157. CMSerr(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT,
  158. CMS_R_TYPE_NOT_ENCRYPTED_DATA);
  159. return 0;
  160. }
  161. if (!dcont && !check_content(cms))
  162. return 0;
  163. if (CMS_EncryptedData_set1_key(cms, NULL, key, keylen) <= 0)
  164. return 0;
  165. cont = CMS_dataInit(cms, dcont);
  166. if (!cont)
  167. return 0;
  168. r = cms_copy_content(out, cont, flags);
  169. do_free_upto(cont, dcont);
  170. return r;
  171. }
  172. CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
  173. const unsigned char *key,
  174. size_t keylen, unsigned int flags)
  175. {
  176. CMS_ContentInfo *cms;
  177. if (!cipher) {
  178. CMSerr(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, CMS_R_NO_CIPHER);
  179. return NULL;
  180. }
  181. cms = CMS_ContentInfo_new();
  182. if (cms == NULL)
  183. return NULL;
  184. if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
  185. return NULL;
  186. if (!(flags & CMS_DETACHED))
  187. CMS_set_detached(cms, 0);
  188. if ((flags & (CMS_STREAM | CMS_PARTIAL))
  189. || CMS_final(cms, in, NULL, flags))
  190. return cms;
  191. CMS_ContentInfo_free(cms);
  192. return NULL;
  193. }
  194. static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
  195. X509_STORE *store,
  196. STACK_OF(X509) *certs,
  197. STACK_OF(X509_CRL) *crls)
  198. {
  199. X509_STORE_CTX *ctx = X509_STORE_CTX_new();
  200. X509 *signer;
  201. int i, j, r = 0;
  202. if (ctx == NULL) {
  203. CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
  204. goto err;
  205. }
  206. CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
  207. if (!X509_STORE_CTX_init(ctx, store, signer, certs)) {
  208. CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, CMS_R_STORE_INIT_ERROR);
  209. goto err;
  210. }
  211. X509_STORE_CTX_set_default(ctx, "smime_sign");
  212. if (crls)
  213. X509_STORE_CTX_set0_crls(ctx, crls);
  214. i = X509_verify_cert(ctx);
  215. if (i <= 0) {
  216. j = X509_STORE_CTX_get_error(ctx);
  217. CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
  218. CMS_R_CERTIFICATE_VERIFY_ERROR);
  219. ERR_add_error_data(2, "Verify error:",
  220. X509_verify_cert_error_string(j));
  221. goto err;
  222. }
  223. r = 1;
  224. err:
  225. X509_STORE_CTX_free(ctx);
  226. return r;
  227. }
  228. int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
  229. X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags)
  230. {
  231. CMS_SignerInfo *si;
  232. STACK_OF(CMS_SignerInfo) *sinfos;
  233. STACK_OF(X509) *cms_certs = NULL;
  234. STACK_OF(X509_CRL) *crls = NULL;
  235. X509 *signer;
  236. int i, scount = 0, ret = 0;
  237. BIO *cmsbio = NULL, *tmpin = NULL, *tmpout = NULL;
  238. if (!dcont && !check_content(cms))
  239. return 0;
  240. if (dcont && !(flags & CMS_BINARY)) {
  241. const ASN1_OBJECT *coid = CMS_get0_eContentType(cms);
  242. if (OBJ_obj2nid(coid) == NID_id_ct_asciiTextWithCRLF)
  243. flags |= CMS_ASCIICRLF;
  244. }
  245. /* Attempt to find all signer certificates */
  246. sinfos = CMS_get0_SignerInfos(cms);
  247. if (sk_CMS_SignerInfo_num(sinfos) <= 0) {
  248. CMSerr(CMS_F_CMS_VERIFY, CMS_R_NO_SIGNERS);
  249. goto err;
  250. }
  251. for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
  252. si = sk_CMS_SignerInfo_value(sinfos, i);
  253. CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
  254. if (signer)
  255. scount++;
  256. }
  257. if (scount != sk_CMS_SignerInfo_num(sinfos))
  258. scount += CMS_set1_signers_certs(cms, certs, flags);
  259. if (scount != sk_CMS_SignerInfo_num(sinfos)) {
  260. CMSerr(CMS_F_CMS_VERIFY, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND);
  261. goto err;
  262. }
  263. /* Attempt to verify all signers certs */
  264. if (!(flags & CMS_NO_SIGNER_CERT_VERIFY)) {
  265. cms_certs = CMS_get1_certs(cms);
  266. if (!(flags & CMS_NOCRL))
  267. crls = CMS_get1_crls(cms);
  268. for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
  269. si = sk_CMS_SignerInfo_value(sinfos, i);
  270. if (!cms_signerinfo_verify_cert(si, store, cms_certs, crls))
  271. goto err;
  272. }
  273. }
  274. /* Attempt to verify all SignerInfo signed attribute signatures */
  275. if (!(flags & CMS_NO_ATTR_VERIFY)) {
  276. for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
  277. si = sk_CMS_SignerInfo_value(sinfos, i);
  278. if (CMS_signed_get_attr_count(si) < 0)
  279. continue;
  280. if (CMS_SignerInfo_verify(si) <= 0)
  281. goto err;
  282. }
  283. }
  284. /*
  285. * Performance optimization: if the content is a memory BIO then store
  286. * its contents in a temporary read only memory BIO. This avoids
  287. * potentially large numbers of slow copies of data which will occur when
  288. * reading from a read write memory BIO when signatures are calculated.
  289. */
  290. if (dcont && (BIO_method_type(dcont) == BIO_TYPE_MEM)) {
  291. char *ptr;
  292. long len;
  293. len = BIO_get_mem_data(dcont, &ptr);
  294. tmpin = BIO_new_mem_buf(ptr, len);
  295. if (tmpin == NULL) {
  296. CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
  297. goto err2;
  298. }
  299. } else
  300. tmpin = dcont;
  301. /*
  302. * If not binary mode and detached generate digests by *writing* through
  303. * the BIO. That makes it possible to canonicalise the input.
  304. */
  305. if (!(flags & SMIME_BINARY) && dcont) {
  306. /*
  307. * Create output BIO so we can either handle text or to ensure
  308. * included content doesn't override detached content.
  309. */
  310. tmpout = cms_get_text_bio(out, flags);
  311. if (!tmpout) {
  312. CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
  313. goto err;
  314. }
  315. cmsbio = CMS_dataInit(cms, tmpout);
  316. if (!cmsbio)
  317. goto err;
  318. /*
  319. * Don't use SMIME_TEXT for verify: it adds headers and we want to
  320. * remove them.
  321. */
  322. SMIME_crlf_copy(dcont, cmsbio, flags & ~SMIME_TEXT);
  323. if (flags & CMS_TEXT) {
  324. if (!SMIME_text(tmpout, out)) {
  325. CMSerr(CMS_F_CMS_VERIFY, CMS_R_SMIME_TEXT_ERROR);
  326. goto err;
  327. }
  328. }
  329. } else {
  330. cmsbio = CMS_dataInit(cms, tmpin);
  331. if (!cmsbio)
  332. goto err;
  333. if (!cms_copy_content(out, cmsbio, flags))
  334. goto err;
  335. }
  336. if (!(flags & CMS_NO_CONTENT_VERIFY)) {
  337. for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
  338. si = sk_CMS_SignerInfo_value(sinfos, i);
  339. if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) {
  340. CMSerr(CMS_F_CMS_VERIFY, CMS_R_CONTENT_VERIFY_ERROR);
  341. goto err;
  342. }
  343. }
  344. }
  345. ret = 1;
  346. err:
  347. if (!(flags & SMIME_BINARY) && dcont) {
  348. do_free_upto(cmsbio, tmpout);
  349. if (tmpin != dcont)
  350. BIO_free(tmpin);
  351. } else {
  352. if (dcont && (tmpin == dcont))
  353. do_free_upto(cmsbio, dcont);
  354. else
  355. BIO_free_all(cmsbio);
  356. }
  357. if (out != tmpout)
  358. BIO_free_all(tmpout);
  359. err2:
  360. sk_X509_pop_free(cms_certs, X509_free);
  361. sk_X509_CRL_pop_free(crls, X509_CRL_free);
  362. return ret;
  363. }
  364. int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
  365. STACK_OF(X509) *certs,
  366. X509_STORE *store, unsigned int flags)
  367. {
  368. int r;
  369. flags &= ~(CMS_DETACHED | CMS_TEXT);
  370. r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
  371. if (r <= 0)
  372. return r;
  373. return cms_Receipt_verify(rcms, ocms);
  374. }
  375. CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
  376. STACK_OF(X509) *certs, BIO *data,
  377. unsigned int flags)
  378. {
  379. CMS_ContentInfo *cms;
  380. int i;
  381. cms = CMS_ContentInfo_new();
  382. if (cms == NULL || !CMS_SignedData_init(cms))
  383. goto merr;
  384. if (flags & CMS_ASCIICRLF
  385. && !CMS_set1_eContentType(cms,
  386. OBJ_nid2obj(NID_id_ct_asciiTextWithCRLF)))
  387. goto err;
  388. if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) {
  389. CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR);
  390. goto err;
  391. }
  392. for (i = 0; i < sk_X509_num(certs); i++) {
  393. X509 *x = sk_X509_value(certs, i);
  394. if (!CMS_add1_cert(cms, x))
  395. goto merr;
  396. }
  397. if (!(flags & CMS_DETACHED))
  398. CMS_set_detached(cms, 0);
  399. if ((flags & (CMS_STREAM | CMS_PARTIAL))
  400. || CMS_final(cms, data, NULL, flags))
  401. return cms;
  402. else
  403. goto err;
  404. merr:
  405. CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE);
  406. err:
  407. CMS_ContentInfo_free(cms);
  408. return NULL;
  409. }
  410. CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
  411. X509 *signcert, EVP_PKEY *pkey,
  412. STACK_OF(X509) *certs, unsigned int flags)
  413. {
  414. CMS_SignerInfo *rct_si;
  415. CMS_ContentInfo *cms = NULL;
  416. ASN1_OCTET_STRING **pos, *os;
  417. BIO *rct_cont = NULL;
  418. int r = 0;
  419. flags &= ~(CMS_STREAM | CMS_TEXT);
  420. /* Not really detached but avoids content being allocated */
  421. flags |= CMS_PARTIAL | CMS_BINARY | CMS_DETACHED;
  422. if (!pkey || !signcert) {
  423. CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_NO_KEY_OR_CERT);
  424. return NULL;
  425. }
  426. /* Initialize signed data */
  427. cms = CMS_sign(NULL, NULL, certs, NULL, flags);
  428. if (!cms)
  429. goto err;
  430. /* Set inner content type to signed receipt */
  431. if (!CMS_set1_eContentType(cms, OBJ_nid2obj(NID_id_smime_ct_receipt)))
  432. goto err;
  433. rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags);
  434. if (!rct_si) {
  435. CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_ADD_SIGNER_ERROR);
  436. goto err;
  437. }
  438. os = cms_encode_Receipt(si);
  439. if (!os)
  440. goto err;
  441. /* Set content to digest */
  442. rct_cont = BIO_new_mem_buf(os->data, os->length);
  443. if (!rct_cont)
  444. goto err;
  445. /* Add msgSigDigest attribute */
  446. if (!cms_msgSigDigest_add1(rct_si, si))
  447. goto err;
  448. /* Finalize structure */
  449. if (!CMS_final(cms, rct_cont, NULL, flags))
  450. goto err;
  451. /* Set embedded content */
  452. pos = CMS_get0_content(cms);
  453. *pos = os;
  454. r = 1;
  455. err:
  456. BIO_free(rct_cont);
  457. if (r)
  458. return cms;
  459. CMS_ContentInfo_free(cms);
  460. return NULL;
  461. }
  462. CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
  463. const EVP_CIPHER *cipher, unsigned int flags)
  464. {
  465. CMS_ContentInfo *cms;
  466. int i;
  467. X509 *recip;
  468. cms = CMS_EnvelopedData_create(cipher);
  469. if (!cms)
  470. goto merr;
  471. for (i = 0; i < sk_X509_num(certs); i++) {
  472. recip = sk_X509_value(certs, i);
  473. if (!CMS_add1_recipient_cert(cms, recip, flags)) {
  474. CMSerr(CMS_F_CMS_ENCRYPT, CMS_R_RECIPIENT_ERROR);
  475. goto err;
  476. }
  477. }
  478. if (!(flags & CMS_DETACHED))
  479. CMS_set_detached(cms, 0);
  480. if ((flags & (CMS_STREAM | CMS_PARTIAL))
  481. || CMS_final(cms, data, NULL, flags))
  482. return cms;
  483. else
  484. goto err;
  485. merr:
  486. CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE);
  487. err:
  488. CMS_ContentInfo_free(cms);
  489. return NULL;
  490. }
  491. static int cms_kari_set1_pkey(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
  492. EVP_PKEY *pk, X509 *cert)
  493. {
  494. int i;
  495. STACK_OF(CMS_RecipientEncryptedKey) *reks;
  496. CMS_RecipientEncryptedKey *rek;
  497. reks = CMS_RecipientInfo_kari_get0_reks(ri);
  498. for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {
  499. int rv;
  500. rek = sk_CMS_RecipientEncryptedKey_value(reks, i);
  501. if (cert != NULL && CMS_RecipientEncryptedKey_cert_cmp(rek, cert))
  502. continue;
  503. CMS_RecipientInfo_kari_set0_pkey(ri, pk);
  504. rv = CMS_RecipientInfo_kari_decrypt(cms, ri, rek);
  505. CMS_RecipientInfo_kari_set0_pkey(ri, NULL);
  506. if (rv > 0)
  507. return 1;
  508. return cert == NULL ? 0 : -1;
  509. }
  510. return 0;
  511. }
  512. int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
  513. {
  514. STACK_OF(CMS_RecipientInfo) *ris;
  515. CMS_RecipientInfo *ri;
  516. int i, r, ri_type;
  517. int debug = 0, match_ri = 0;
  518. ris = CMS_get0_RecipientInfos(cms);
  519. if (ris)
  520. debug = cms->d.envelopedData->encryptedContentInfo->debug;
  521. ri_type = cms_pkey_get_ri_type(pk);
  522. if (ri_type == CMS_RECIPINFO_NONE) {
  523. CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY,
  524. CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
  525. return 0;
  526. }
  527. for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
  528. ri = sk_CMS_RecipientInfo_value(ris, i);
  529. if (CMS_RecipientInfo_type(ri) != ri_type)
  530. continue;
  531. match_ri = 1;
  532. if (ri_type == CMS_RECIPINFO_AGREE) {
  533. r = cms_kari_set1_pkey(cms, ri, pk, cert);
  534. if (r > 0)
  535. return 1;
  536. if (r < 0)
  537. return 0;
  538. }
  539. /*
  540. * If we have a cert try matching RecipientInfo otherwise try them
  541. * all.
  542. */
  543. else if (!cert || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) {
  544. EVP_PKEY_up_ref(pk);
  545. CMS_RecipientInfo_set0_pkey(ri, pk);
  546. r = CMS_RecipientInfo_decrypt(cms, ri);
  547. CMS_RecipientInfo_set0_pkey(ri, NULL);
  548. if (cert) {
  549. /*
  550. * If not debugging clear any error and return success to
  551. * avoid leaking of information useful to MMA
  552. */
  553. if (!debug) {
  554. ERR_clear_error();
  555. return 1;
  556. }
  557. if (r > 0)
  558. return 1;
  559. CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_DECRYPT_ERROR);
  560. return 0;
  561. }
  562. /*
  563. * If no cert and not debugging don't leave loop after first
  564. * successful decrypt. Always attempt to decrypt all recipients
  565. * to avoid leaking timing of a successful decrypt.
  566. */
  567. else if (r > 0 && debug)
  568. return 1;
  569. }
  570. }
  571. /* If no cert, key transport and not debugging always return success */
  572. if (cert == NULL && ri_type == CMS_RECIPINFO_TRANS && match_ri && !debug) {
  573. ERR_clear_error();
  574. return 1;
  575. }
  576. CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_NO_MATCHING_RECIPIENT);
  577. return 0;
  578. }
  579. int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
  580. unsigned char *key, size_t keylen,
  581. const unsigned char *id, size_t idlen)
  582. {
  583. STACK_OF(CMS_RecipientInfo) *ris;
  584. CMS_RecipientInfo *ri;
  585. int i, r;
  586. ris = CMS_get0_RecipientInfos(cms);
  587. for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
  588. ri = sk_CMS_RecipientInfo_value(ris, i);
  589. if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_KEK)
  590. continue;
  591. /*
  592. * If we have an id try matching RecipientInfo otherwise try them
  593. * all.
  594. */
  595. if (!id || (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0)) {
  596. CMS_RecipientInfo_set0_key(ri, key, keylen);
  597. r = CMS_RecipientInfo_decrypt(cms, ri);
  598. CMS_RecipientInfo_set0_key(ri, NULL, 0);
  599. if (r > 0)
  600. return 1;
  601. if (id) {
  602. CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_DECRYPT_ERROR);
  603. return 0;
  604. }
  605. ERR_clear_error();
  606. }
  607. }
  608. CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_NO_MATCHING_RECIPIENT);
  609. return 0;
  610. }
  611. int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
  612. unsigned char *pass, ossl_ssize_t passlen)
  613. {
  614. STACK_OF(CMS_RecipientInfo) *ris;
  615. CMS_RecipientInfo *ri;
  616. int i, r;
  617. ris = CMS_get0_RecipientInfos(cms);
  618. for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
  619. ri = sk_CMS_RecipientInfo_value(ris, i);
  620. if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS)
  621. continue;
  622. CMS_RecipientInfo_set0_password(ri, pass, passlen);
  623. r = CMS_RecipientInfo_decrypt(cms, ri);
  624. CMS_RecipientInfo_set0_password(ri, NULL, 0);
  625. if (r > 0)
  626. return 1;
  627. }
  628. CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT);
  629. return 0;
  630. }
  631. int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
  632. BIO *dcont, BIO *out, unsigned int flags)
  633. {
  634. int r;
  635. BIO *cont;
  636. if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped) {
  637. CMSerr(CMS_F_CMS_DECRYPT, CMS_R_TYPE_NOT_ENVELOPED_DATA);
  638. return 0;
  639. }
  640. if (!dcont && !check_content(cms))
  641. return 0;
  642. if (flags & CMS_DEBUG_DECRYPT)
  643. cms->d.envelopedData->encryptedContentInfo->debug = 1;
  644. else
  645. cms->d.envelopedData->encryptedContentInfo->debug = 0;
  646. if (!pk && !cert && !dcont && !out)
  647. return 1;
  648. if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert))
  649. return 0;
  650. cont = CMS_dataInit(cms, dcont);
  651. if (!cont)
  652. return 0;
  653. r = cms_copy_content(out, cont, flags);
  654. do_free_upto(cont, dcont);
  655. return r;
  656. }
  657. int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
  658. {
  659. BIO *cmsbio;
  660. int ret = 0;
  661. if ((cmsbio = CMS_dataInit(cms, dcont)) == NULL) {
  662. CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_LIB);
  663. return 0;
  664. }
  665. SMIME_crlf_copy(data, cmsbio, flags);
  666. (void)BIO_flush(cmsbio);
  667. if (!CMS_dataFinal(cms, cmsbio)) {
  668. CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_DATAFINAL_ERROR);
  669. goto err;
  670. }
  671. ret = 1;
  672. err:
  673. do_free_upto(cmsbio, dcont);
  674. return ret;
  675. }
  676. #ifdef ZLIB
  677. int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
  678. unsigned int flags)
  679. {
  680. BIO *cont;
  681. int r;
  682. if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData) {
  683. CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_TYPE_NOT_COMPRESSED_DATA);
  684. return 0;
  685. }
  686. if (!dcont && !check_content(cms))
  687. return 0;
  688. cont = CMS_dataInit(cms, dcont);
  689. if (!cont)
  690. return 0;
  691. r = cms_copy_content(out, cont, flags);
  692. do_free_upto(cont, dcont);
  693. return r;
  694. }
  695. CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
  696. {
  697. CMS_ContentInfo *cms;
  698. if (comp_nid <= 0)
  699. comp_nid = NID_zlib_compression;
  700. cms = cms_CompressedData_create(comp_nid);
  701. if (!cms)
  702. return NULL;
  703. if (!(flags & CMS_DETACHED))
  704. CMS_set_detached(cms, 0);
  705. if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
  706. return cms;
  707. CMS_ContentInfo_free(cms);
  708. return NULL;
  709. }
  710. #else
  711. int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
  712. unsigned int flags)
  713. {
  714. CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
  715. return 0;
  716. }
  717. CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
  718. {
  719. CMSerr(CMS_F_CMS_COMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
  720. return NULL;
  721. }
  722. #endif