pk7_doit.c 37 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269
  1. /*
  2. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <openssl/rand.h>
  11. #include <openssl/objects.h>
  12. #include <openssl/x509.h>
  13. #include <openssl/x509v3.h>
  14. #include <openssl/err.h>
  15. #include "internal/cryptlib.h"
  16. #include "internal/sizes.h"
  17. #include "crypto/evp.h"
  18. #include "pk7_local.h"
  19. static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
  20. void *value);
  21. static ASN1_TYPE *get_attribute(const STACK_OF(X509_ATTRIBUTE) *sk, int nid);
  22. int PKCS7_type_is_other(PKCS7 *p7)
  23. {
  24. int isOther = 1;
  25. int nid = OBJ_obj2nid(p7->type);
  26. switch (nid) {
  27. case NID_pkcs7_data:
  28. case NID_pkcs7_signed:
  29. case NID_pkcs7_enveloped:
  30. case NID_pkcs7_signedAndEnveloped:
  31. case NID_pkcs7_digest:
  32. case NID_pkcs7_encrypted:
  33. isOther = 0;
  34. break;
  35. default:
  36. isOther = 1;
  37. }
  38. return isOther;
  39. }
  40. ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
  41. {
  42. if (PKCS7_type_is_data(p7))
  43. return p7->d.data;
  44. if (PKCS7_type_is_other(p7) && p7->d.other
  45. && (p7->d.other->type == V_ASN1_OCTET_STRING))
  46. return p7->d.other->value.octet_string;
  47. return NULL;
  48. }
  49. static int pkcs7_bio_add_digest(BIO **pbio, X509_ALGOR *alg,
  50. const PKCS7_CTX *ctx)
  51. {
  52. BIO *btmp;
  53. char name[OSSL_MAX_NAME_SIZE];
  54. EVP_MD *fetched = NULL;
  55. const EVP_MD *md;
  56. if ((btmp = BIO_new(BIO_f_md())) == NULL) {
  57. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  58. goto err;
  59. }
  60. OBJ_obj2txt(name, sizeof(name), alg->algorithm, 0);
  61. (void)ERR_set_mark();
  62. fetched = EVP_MD_fetch(ossl_pkcs7_ctx_get0_libctx(ctx), name,
  63. ossl_pkcs7_ctx_get0_propq(ctx));
  64. if (fetched != NULL)
  65. md = fetched;
  66. else
  67. md = EVP_get_digestbyname(name);
  68. if (md == NULL) {
  69. (void)ERR_clear_last_mark();
  70. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNKNOWN_DIGEST_TYPE);
  71. goto err;
  72. }
  73. (void)ERR_pop_to_mark();
  74. if (BIO_set_md(btmp, md) <= 0) {
  75. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  76. EVP_MD_free(fetched);
  77. goto err;
  78. }
  79. EVP_MD_free(fetched);
  80. if (*pbio == NULL)
  81. *pbio = btmp;
  82. else if (!BIO_push(*pbio, btmp)) {
  83. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  84. goto err;
  85. }
  86. btmp = NULL;
  87. return 1;
  88. err:
  89. BIO_free(btmp);
  90. return 0;
  91. }
  92. static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
  93. unsigned char *key, int keylen)
  94. {
  95. EVP_PKEY_CTX *pctx = NULL;
  96. EVP_PKEY *pkey = NULL;
  97. unsigned char *ek = NULL;
  98. int ret = 0;
  99. size_t eklen;
  100. const PKCS7_CTX *ctx = ri->ctx;
  101. pkey = X509_get0_pubkey(ri->cert);
  102. if (pkey == NULL)
  103. return 0;
  104. pctx = EVP_PKEY_CTX_new_from_pkey(ossl_pkcs7_ctx_get0_libctx(ctx), pkey,
  105. ossl_pkcs7_ctx_get0_propq(ctx));
  106. if (pctx == NULL)
  107. return 0;
  108. if (EVP_PKEY_encrypt_init(pctx) <= 0)
  109. goto err;
  110. if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
  111. goto err;
  112. ek = OPENSSL_malloc(eklen);
  113. if (ek == NULL)
  114. goto err;
  115. if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
  116. goto err;
  117. ASN1_STRING_set0(ri->enc_key, ek, eklen);
  118. ek = NULL;
  119. ret = 1;
  120. err:
  121. EVP_PKEY_CTX_free(pctx);
  122. OPENSSL_free(ek);
  123. return ret;
  124. }
  125. static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
  126. PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey,
  127. size_t fixlen)
  128. {
  129. EVP_PKEY_CTX *pctx = NULL;
  130. unsigned char *ek = NULL;
  131. size_t eklen;
  132. int ret = -1;
  133. const PKCS7_CTX *ctx = ri->ctx;
  134. pctx = EVP_PKEY_CTX_new_from_pkey(ossl_pkcs7_ctx_get0_libctx(ctx), pkey,
  135. ossl_pkcs7_ctx_get0_propq(ctx));
  136. if (pctx == NULL)
  137. return -1;
  138. if (EVP_PKEY_decrypt_init(pctx) <= 0)
  139. goto err;
  140. if (EVP_PKEY_is_a(pkey, "RSA"))
  141. /* upper layer pkcs7 code incorrectly assumes that a successful RSA
  142. * decryption means that the key matches ciphertext (which never
  143. * was the case, implicit rejection or not), so to make it work
  144. * disable implicit rejection for RSA keys */
  145. EVP_PKEY_CTX_ctrl_str(pctx, "rsa_pkcs1_implicit_rejection", "0");
  146. ret = evp_pkey_decrypt_alloc(pctx, &ek, &eklen, fixlen,
  147. ri->enc_key->data, ri->enc_key->length);
  148. if (ret <= 0)
  149. goto err;
  150. ret = 1;
  151. OPENSSL_clear_free(*pek, *peklen);
  152. *pek = ek;
  153. *peklen = eklen;
  154. err:
  155. EVP_PKEY_CTX_free(pctx);
  156. if (!ret)
  157. OPENSSL_free(ek);
  158. return ret;
  159. }
  160. BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
  161. {
  162. int i;
  163. BIO *out = NULL, *btmp = NULL;
  164. X509_ALGOR *xa = NULL;
  165. EVP_CIPHER *fetched_cipher = NULL;
  166. const EVP_CIPHER *cipher;
  167. const EVP_CIPHER *evp_cipher = NULL;
  168. STACK_OF(X509_ALGOR) *md_sk = NULL;
  169. STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
  170. X509_ALGOR *xalg = NULL;
  171. PKCS7_RECIP_INFO *ri = NULL;
  172. ASN1_OCTET_STRING *os = NULL;
  173. const PKCS7_CTX *p7_ctx;
  174. OSSL_LIB_CTX *libctx;
  175. const char *propq;
  176. if (p7 == NULL) {
  177. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER);
  178. return NULL;
  179. }
  180. p7_ctx = ossl_pkcs7_get0_ctx(p7);
  181. libctx = ossl_pkcs7_ctx_get0_libctx(p7_ctx);
  182. propq = ossl_pkcs7_ctx_get0_propq(p7_ctx);
  183. /*
  184. * The content field in the PKCS7 ContentInfo is optional, but that really
  185. * only applies to inner content (precisely, detached signatures).
  186. *
  187. * When reading content, missing outer content is therefore treated as an
  188. * error.
  189. *
  190. * When creating content, PKCS7_content_new() must be called before
  191. * calling this method, so a NULL p7->d is always an error.
  192. */
  193. if (p7->d.ptr == NULL) {
  194. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  195. return NULL;
  196. }
  197. i = OBJ_obj2nid(p7->type);
  198. p7->state = PKCS7_S_HEADER;
  199. switch (i) {
  200. case NID_pkcs7_signed:
  201. md_sk = p7->d.sign->md_algs;
  202. os = PKCS7_get_octet_string(p7->d.sign->contents);
  203. break;
  204. case NID_pkcs7_signedAndEnveloped:
  205. rsk = p7->d.signed_and_enveloped->recipientinfo;
  206. md_sk = p7->d.signed_and_enveloped->md_algs;
  207. xalg = p7->d.signed_and_enveloped->enc_data->algorithm;
  208. evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher;
  209. if (evp_cipher == NULL) {
  210. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_CIPHER_NOT_INITIALIZED);
  211. goto err;
  212. }
  213. break;
  214. case NID_pkcs7_enveloped:
  215. rsk = p7->d.enveloped->recipientinfo;
  216. xalg = p7->d.enveloped->enc_data->algorithm;
  217. evp_cipher = p7->d.enveloped->enc_data->cipher;
  218. if (evp_cipher == NULL) {
  219. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_CIPHER_NOT_INITIALIZED);
  220. goto err;
  221. }
  222. break;
  223. case NID_pkcs7_digest:
  224. xa = p7->d.digest->md;
  225. os = PKCS7_get_octet_string(p7->d.digest->contents);
  226. break;
  227. case NID_pkcs7_data:
  228. break;
  229. default:
  230. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
  231. goto err;
  232. }
  233. for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
  234. if (!pkcs7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i), p7_ctx))
  235. goto err;
  236. if (xa && !pkcs7_bio_add_digest(&out, xa, p7_ctx))
  237. goto err;
  238. if (evp_cipher != NULL) {
  239. unsigned char key[EVP_MAX_KEY_LENGTH];
  240. unsigned char iv[EVP_MAX_IV_LENGTH];
  241. int keylen, ivlen;
  242. EVP_CIPHER_CTX *ctx;
  243. if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
  244. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  245. goto err;
  246. }
  247. BIO_get_cipher_ctx(btmp, &ctx);
  248. keylen = EVP_CIPHER_get_key_length(evp_cipher);
  249. ivlen = EVP_CIPHER_get_iv_length(evp_cipher);
  250. xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_get_type(evp_cipher));
  251. if (ivlen > 0)
  252. if (RAND_bytes_ex(libctx, iv, ivlen, 0) <= 0)
  253. goto err;
  254. (void)ERR_set_mark();
  255. fetched_cipher = EVP_CIPHER_fetch(libctx,
  256. EVP_CIPHER_get0_name(evp_cipher),
  257. propq);
  258. (void)ERR_pop_to_mark();
  259. if (fetched_cipher != NULL)
  260. cipher = fetched_cipher;
  261. else
  262. cipher = evp_cipher;
  263. if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1) <= 0)
  264. goto err;
  265. EVP_CIPHER_free(fetched_cipher);
  266. fetched_cipher = NULL;
  267. if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
  268. goto err;
  269. if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
  270. goto err;
  271. if (ivlen > 0) {
  272. if (xalg->parameter == NULL) {
  273. xalg->parameter = ASN1_TYPE_new();
  274. if (xalg->parameter == NULL)
  275. goto err;
  276. }
  277. if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) <= 0)
  278. goto err;
  279. }
  280. /* Lets do the pub key stuff :-) */
  281. for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
  282. ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
  283. if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
  284. goto err;
  285. }
  286. OPENSSL_cleanse(key, keylen);
  287. if (out == NULL)
  288. out = btmp;
  289. else
  290. BIO_push(out, btmp);
  291. btmp = NULL;
  292. }
  293. if (bio == NULL) {
  294. if (PKCS7_is_detached(p7)) {
  295. bio = BIO_new(BIO_s_null());
  296. } else if (os && os->length > 0) {
  297. bio = BIO_new_mem_buf(os->data, os->length);
  298. } else {
  299. bio = BIO_new(BIO_s_mem());
  300. if (bio == NULL)
  301. goto err;
  302. BIO_set_mem_eof_return(bio, 0);
  303. }
  304. if (bio == NULL)
  305. goto err;
  306. }
  307. if (out)
  308. BIO_push(out, bio);
  309. else
  310. out = bio;
  311. return out;
  312. err:
  313. EVP_CIPHER_free(fetched_cipher);
  314. BIO_free_all(out);
  315. BIO_free_all(btmp);
  316. return NULL;
  317. }
  318. static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)
  319. {
  320. int ret;
  321. ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,
  322. X509_get_issuer_name(pcert));
  323. if (ret)
  324. return ret;
  325. return ASN1_INTEGER_cmp(X509_get0_serialNumber(pcert),
  326. ri->issuer_and_serial->serial);
  327. }
  328. /* int */
  329. BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
  330. {
  331. int i, len;
  332. BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;
  333. X509_ALGOR *xa;
  334. ASN1_OCTET_STRING *data_body = NULL;
  335. EVP_MD *evp_md = NULL;
  336. const EVP_MD *md;
  337. EVP_CIPHER *evp_cipher = NULL;
  338. const EVP_CIPHER *cipher = NULL;
  339. EVP_CIPHER_CTX *evp_ctx = NULL;
  340. X509_ALGOR *enc_alg = NULL;
  341. STACK_OF(X509_ALGOR) *md_sk = NULL;
  342. STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
  343. PKCS7_RECIP_INFO *ri = NULL;
  344. unsigned char *ek = NULL, *tkey = NULL;
  345. int eklen = 0, tkeylen = 0;
  346. char name[OSSL_MAX_NAME_SIZE];
  347. const PKCS7_CTX *p7_ctx;
  348. OSSL_LIB_CTX *libctx;
  349. const char *propq;
  350. if (p7 == NULL) {
  351. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER);
  352. return NULL;
  353. }
  354. p7_ctx = ossl_pkcs7_get0_ctx(p7);
  355. libctx = ossl_pkcs7_ctx_get0_libctx(p7_ctx);
  356. propq = ossl_pkcs7_ctx_get0_propq(p7_ctx);
  357. if (p7->d.ptr == NULL) {
  358. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  359. return NULL;
  360. }
  361. i = OBJ_obj2nid(p7->type);
  362. p7->state = PKCS7_S_HEADER;
  363. switch (i) {
  364. case NID_pkcs7_signed:
  365. /*
  366. * p7->d.sign->contents is a PKCS7 structure consisting of a contentType
  367. * field and optional content.
  368. * data_body is NULL if that structure has no (=detached) content
  369. * or if the contentType is wrong (i.e., not "data").
  370. */
  371. data_body = PKCS7_get_octet_string(p7->d.sign->contents);
  372. if (!PKCS7_is_detached(p7) && data_body == NULL) {
  373. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_SIGNED_DATA_TYPE);
  374. goto err;
  375. }
  376. md_sk = p7->d.sign->md_algs;
  377. break;
  378. case NID_pkcs7_signedAndEnveloped:
  379. rsk = p7->d.signed_and_enveloped->recipientinfo;
  380. md_sk = p7->d.signed_and_enveloped->md_algs;
  381. /* data_body is NULL if the optional EncryptedContent is missing. */
  382. data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
  383. enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
  384. OBJ_obj2txt(name, sizeof(name), enc_alg->algorithm, 0);
  385. (void)ERR_set_mark();
  386. evp_cipher = EVP_CIPHER_fetch(libctx, name, propq);
  387. if (evp_cipher != NULL)
  388. cipher = evp_cipher;
  389. else
  390. cipher = EVP_get_cipherbyname(name);
  391. if (cipher == NULL) {
  392. (void)ERR_clear_last_mark();
  393. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
  394. goto err;
  395. }
  396. (void)ERR_pop_to_mark();
  397. break;
  398. case NID_pkcs7_enveloped:
  399. rsk = p7->d.enveloped->recipientinfo;
  400. enc_alg = p7->d.enveloped->enc_data->algorithm;
  401. /* data_body is NULL if the optional EncryptedContent is missing. */
  402. data_body = p7->d.enveloped->enc_data->enc_data;
  403. OBJ_obj2txt(name, sizeof(name), enc_alg->algorithm, 0);
  404. (void)ERR_set_mark();
  405. evp_cipher = EVP_CIPHER_fetch(libctx, name, propq);
  406. if (evp_cipher != NULL)
  407. cipher = evp_cipher;
  408. else
  409. cipher = EVP_get_cipherbyname(name);
  410. if (cipher == NULL) {
  411. (void)ERR_clear_last_mark();
  412. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
  413. goto err;
  414. }
  415. (void)ERR_pop_to_mark();
  416. break;
  417. default:
  418. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
  419. goto err;
  420. }
  421. /* Detached content must be supplied via in_bio instead. */
  422. if (data_body == NULL && in_bio == NULL) {
  423. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  424. goto err;
  425. }
  426. /* We will be checking the signature */
  427. if (md_sk != NULL) {
  428. for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
  429. xa = sk_X509_ALGOR_value(md_sk, i);
  430. if ((btmp = BIO_new(BIO_f_md())) == NULL) {
  431. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  432. goto err;
  433. }
  434. OBJ_obj2txt(name, sizeof(name), xa->algorithm, 0);
  435. (void)ERR_set_mark();
  436. evp_md = EVP_MD_fetch(libctx, name, propq);
  437. if (evp_md != NULL)
  438. md = evp_md;
  439. else
  440. md = EVP_get_digestbyname(name);
  441. if (md == NULL) {
  442. (void)ERR_clear_last_mark();
  443. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNKNOWN_DIGEST_TYPE);
  444. goto err;
  445. }
  446. (void)ERR_pop_to_mark();
  447. if (BIO_set_md(btmp, md) <= 0) {
  448. EVP_MD_free(evp_md);
  449. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  450. goto err;
  451. }
  452. EVP_MD_free(evp_md);
  453. if (out == NULL)
  454. out = btmp;
  455. else
  456. BIO_push(out, btmp);
  457. btmp = NULL;
  458. }
  459. }
  460. if (cipher != NULL) {
  461. if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
  462. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  463. goto err;
  464. }
  465. /*
  466. * It was encrypted, we need to decrypt the secret key with the
  467. * private key
  468. */
  469. /*
  470. * Find the recipientInfo which matches the passed certificate (if
  471. * any)
  472. */
  473. if (pcert) {
  474. for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
  475. ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
  476. if (!pkcs7_cmp_ri(ri, pcert))
  477. break;
  478. ri = NULL;
  479. }
  480. if (ri == NULL) {
  481. ERR_raise(ERR_LIB_PKCS7,
  482. PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
  483. goto err;
  484. }
  485. }
  486. /* If we haven't got a certificate try each ri in turn */
  487. if (pcert == NULL) {
  488. /*
  489. * Always attempt to decrypt all rinfo even after success as a
  490. * defence against MMA timing attacks.
  491. */
  492. for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
  493. ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
  494. ri->ctx = p7_ctx;
  495. if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey,
  496. EVP_CIPHER_get_key_length(cipher)) < 0)
  497. goto err;
  498. ERR_clear_error();
  499. }
  500. } else {
  501. ri->ctx = p7_ctx;
  502. /* Only exit on fatal errors, not decrypt failure */
  503. if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey, 0) < 0)
  504. goto err;
  505. ERR_clear_error();
  506. }
  507. evp_ctx = NULL;
  508. BIO_get_cipher_ctx(etmp, &evp_ctx);
  509. if (EVP_CipherInit_ex(evp_ctx, cipher, NULL, NULL, NULL, 0) <= 0)
  510. goto err;
  511. if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) <= 0)
  512. goto err;
  513. /* Generate random key as MMA defence */
  514. len = EVP_CIPHER_CTX_get_key_length(evp_ctx);
  515. if (len <= 0)
  516. goto err;
  517. tkeylen = (size_t)len;
  518. tkey = OPENSSL_malloc(tkeylen);
  519. if (tkey == NULL)
  520. goto err;
  521. if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
  522. goto err;
  523. if (ek == NULL) {
  524. ek = tkey;
  525. eklen = tkeylen;
  526. tkey = NULL;
  527. }
  528. if (eklen != EVP_CIPHER_CTX_get_key_length(evp_ctx)) {
  529. /*
  530. * Some S/MIME clients don't use the same key and effective key
  531. * length. The key length is determined by the size of the
  532. * decrypted RSA key.
  533. */
  534. if (EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen) <= 0) {
  535. /* Use random key as MMA defence */
  536. OPENSSL_clear_free(ek, eklen);
  537. ek = tkey;
  538. eklen = tkeylen;
  539. tkey = NULL;
  540. }
  541. }
  542. /* Clear errors so we don't leak information useful in MMA */
  543. ERR_clear_error();
  544. if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
  545. goto err;
  546. OPENSSL_clear_free(ek, eklen);
  547. ek = NULL;
  548. OPENSSL_clear_free(tkey, tkeylen);
  549. tkey = NULL;
  550. if (out == NULL)
  551. out = etmp;
  552. else
  553. BIO_push(out, etmp);
  554. etmp = NULL;
  555. }
  556. if (in_bio != NULL) {
  557. bio = in_bio;
  558. } else {
  559. if (data_body->length > 0)
  560. bio = BIO_new_mem_buf(data_body->data, data_body->length);
  561. else {
  562. bio = BIO_new(BIO_s_mem());
  563. if (bio == NULL)
  564. goto err;
  565. BIO_set_mem_eof_return(bio, 0);
  566. }
  567. if (bio == NULL)
  568. goto err;
  569. }
  570. BIO_push(out, bio);
  571. bio = NULL;
  572. EVP_CIPHER_free(evp_cipher);
  573. return out;
  574. err:
  575. EVP_CIPHER_free(evp_cipher);
  576. OPENSSL_clear_free(ek, eklen);
  577. OPENSSL_clear_free(tkey, tkeylen);
  578. BIO_free_all(out);
  579. BIO_free_all(btmp);
  580. BIO_free_all(etmp);
  581. BIO_free_all(bio);
  582. return NULL;
  583. }
  584. static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
  585. {
  586. for (;;) {
  587. bio = BIO_find_type(bio, BIO_TYPE_MD);
  588. if (bio == NULL) {
  589. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
  590. return NULL;
  591. }
  592. BIO_get_md_ctx(bio, pmd);
  593. if (*pmd == NULL) {
  594. ERR_raise(ERR_LIB_PKCS7, ERR_R_INTERNAL_ERROR);
  595. return NULL;
  596. }
  597. if (EVP_MD_CTX_get_type(*pmd) == nid)
  598. return bio;
  599. bio = BIO_next(bio);
  600. }
  601. return NULL;
  602. }
  603. static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
  604. {
  605. unsigned char md_data[EVP_MAX_MD_SIZE];
  606. unsigned int md_len;
  607. /* Add signing time if not already present */
  608. if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
  609. if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
  610. ERR_raise(ERR_LIB_PKCS7, ERR_R_PKCS7_LIB);
  611. return 0;
  612. }
  613. }
  614. /* Add digest */
  615. if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
  616. ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB);
  617. return 0;
  618. }
  619. if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
  620. ERR_raise(ERR_LIB_PKCS7, ERR_R_PKCS7_LIB);
  621. return 0;
  622. }
  623. /* Now sign the attributes */
  624. if (!PKCS7_SIGNER_INFO_sign(si))
  625. return 0;
  626. return 1;
  627. }
  628. int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
  629. {
  630. int ret = 0;
  631. int i, j;
  632. BIO *btmp;
  633. PKCS7_SIGNER_INFO *si;
  634. EVP_MD_CTX *mdc, *ctx_tmp;
  635. STACK_OF(X509_ATTRIBUTE) *sk;
  636. STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
  637. ASN1_OCTET_STRING *os = NULL;
  638. const PKCS7_CTX *p7_ctx;
  639. if (p7 == NULL) {
  640. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER);
  641. return 0;
  642. }
  643. p7_ctx = ossl_pkcs7_get0_ctx(p7);
  644. if (p7->d.ptr == NULL) {
  645. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  646. return 0;
  647. }
  648. ctx_tmp = EVP_MD_CTX_new();
  649. if (ctx_tmp == NULL) {
  650. ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB);
  651. return 0;
  652. }
  653. i = OBJ_obj2nid(p7->type);
  654. p7->state = PKCS7_S_HEADER;
  655. switch (i) {
  656. case NID_pkcs7_data:
  657. os = p7->d.data;
  658. break;
  659. case NID_pkcs7_signedAndEnveloped:
  660. /* XXXXXXXXXXXXXXXX */
  661. si_sk = p7->d.signed_and_enveloped->signer_info;
  662. os = p7->d.signed_and_enveloped->enc_data->enc_data;
  663. if (os == NULL) {
  664. os = ASN1_OCTET_STRING_new();
  665. if (os == NULL) {
  666. ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB);
  667. goto err;
  668. }
  669. p7->d.signed_and_enveloped->enc_data->enc_data = os;
  670. }
  671. break;
  672. case NID_pkcs7_enveloped:
  673. /* XXXXXXXXXXXXXXXX */
  674. os = p7->d.enveloped->enc_data->enc_data;
  675. if (os == NULL) {
  676. os = ASN1_OCTET_STRING_new();
  677. if (os == NULL) {
  678. ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB);
  679. goto err;
  680. }
  681. p7->d.enveloped->enc_data->enc_data = os;
  682. }
  683. break;
  684. case NID_pkcs7_signed:
  685. si_sk = p7->d.sign->signer_info;
  686. os = PKCS7_get_octet_string(p7->d.sign->contents);
  687. /* If detached data then the content is excluded */
  688. if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
  689. ASN1_OCTET_STRING_free(os);
  690. os = NULL;
  691. p7->d.sign->contents->d.data = NULL;
  692. }
  693. break;
  694. case NID_pkcs7_digest:
  695. os = PKCS7_get_octet_string(p7->d.digest->contents);
  696. /* If detached data then the content is excluded */
  697. if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
  698. ASN1_OCTET_STRING_free(os);
  699. os = NULL;
  700. p7->d.digest->contents->d.data = NULL;
  701. }
  702. break;
  703. default:
  704. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
  705. goto err;
  706. }
  707. if (si_sk != NULL) {
  708. for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
  709. si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);
  710. if (si->pkey == NULL)
  711. continue;
  712. j = OBJ_obj2nid(si->digest_alg->algorithm);
  713. btmp = bio;
  714. btmp = PKCS7_find_digest(&mdc, btmp, j);
  715. if (btmp == NULL)
  716. goto err;
  717. /*
  718. * We now have the EVP_MD_CTX, lets do the signing.
  719. */
  720. if (!EVP_MD_CTX_copy_ex(ctx_tmp, mdc))
  721. goto err;
  722. sk = si->auth_attr;
  723. /*
  724. * If there are attributes, we add the digest attribute and only
  725. * sign the attributes
  726. */
  727. if (sk_X509_ATTRIBUTE_num(sk) > 0) {
  728. if (!do_pkcs7_signed_attrib(si, ctx_tmp))
  729. goto err;
  730. } else {
  731. unsigned char *abuf = NULL;
  732. unsigned int abuflen = EVP_PKEY_get_size(si->pkey);
  733. if (abuflen == 0 || (abuf = OPENSSL_malloc(abuflen)) == NULL)
  734. goto err;
  735. if (!EVP_SignFinal_ex(ctx_tmp, abuf, &abuflen, si->pkey,
  736. ossl_pkcs7_ctx_get0_libctx(p7_ctx),
  737. ossl_pkcs7_ctx_get0_propq(p7_ctx))) {
  738. OPENSSL_free(abuf);
  739. ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB);
  740. goto err;
  741. }
  742. ASN1_STRING_set0(si->enc_digest, abuf, abuflen);
  743. }
  744. }
  745. } else if (i == NID_pkcs7_digest) {
  746. unsigned char md_data[EVP_MAX_MD_SIZE];
  747. unsigned int md_len;
  748. if (!PKCS7_find_digest(&mdc, bio,
  749. OBJ_obj2nid(p7->d.digest->md->algorithm)))
  750. goto err;
  751. if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
  752. goto err;
  753. if (!ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len))
  754. goto err;
  755. }
  756. if (!PKCS7_is_detached(p7)) {
  757. /*
  758. * NOTE(emilia): I think we only reach os == NULL here because detached
  759. * digested data support is broken.
  760. */
  761. if (os == NULL)
  762. goto err;
  763. if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
  764. char *cont;
  765. long contlen;
  766. btmp = BIO_find_type(bio, BIO_TYPE_MEM);
  767. if (btmp == NULL) {
  768. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
  769. goto err;
  770. }
  771. contlen = BIO_get_mem_data(btmp, &cont);
  772. /*
  773. * Mark the BIO read only then we can use its copy of the data
  774. * instead of making an extra copy.
  775. */
  776. BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
  777. BIO_set_mem_eof_return(btmp, 0);
  778. ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
  779. }
  780. }
  781. ret = 1;
  782. err:
  783. EVP_MD_CTX_free(ctx_tmp);
  784. return ret;
  785. }
  786. int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
  787. {
  788. EVP_MD_CTX *mctx;
  789. EVP_PKEY_CTX *pctx = NULL;
  790. unsigned char *abuf = NULL;
  791. int alen;
  792. size_t siglen;
  793. const EVP_MD *md = NULL;
  794. const PKCS7_CTX *ctx = si->ctx;
  795. md = EVP_get_digestbyobj(si->digest_alg->algorithm);
  796. if (md == NULL)
  797. return 0;
  798. mctx = EVP_MD_CTX_new();
  799. if (mctx == NULL) {
  800. ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB);
  801. goto err;
  802. }
  803. if (EVP_DigestSignInit_ex(mctx, &pctx, EVP_MD_get0_name(md),
  804. ossl_pkcs7_ctx_get0_libctx(ctx),
  805. ossl_pkcs7_ctx_get0_propq(ctx), si->pkey,
  806. NULL) <= 0)
  807. goto err;
  808. alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,
  809. ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
  810. if (!abuf)
  811. goto err;
  812. if (EVP_DigestSignUpdate(mctx, abuf, alen) <= 0)
  813. goto err;
  814. OPENSSL_free(abuf);
  815. abuf = NULL;
  816. if (EVP_DigestSignFinal(mctx, NULL, &siglen) <= 0)
  817. goto err;
  818. abuf = OPENSSL_malloc(siglen);
  819. if (abuf == NULL)
  820. goto err;
  821. if (EVP_DigestSignFinal(mctx, abuf, &siglen) <= 0)
  822. goto err;
  823. EVP_MD_CTX_free(mctx);
  824. ASN1_STRING_set0(si->enc_digest, abuf, siglen);
  825. return 1;
  826. err:
  827. OPENSSL_free(abuf);
  828. EVP_MD_CTX_free(mctx);
  829. return 0;
  830. }
  831. /* This partly overlaps with PKCS7_verify(). It does not support flags. */
  832. int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
  833. PKCS7 *p7, PKCS7_SIGNER_INFO *si)
  834. {
  835. PKCS7_ISSUER_AND_SERIAL *ias;
  836. int ret = 0, i;
  837. STACK_OF(X509) *untrusted;
  838. STACK_OF(X509_CRL) *crls;
  839. X509 *signer;
  840. if (p7 == NULL) {
  841. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER);
  842. return 0;
  843. }
  844. if (p7->d.ptr == NULL) {
  845. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  846. return 0;
  847. }
  848. if (PKCS7_type_is_signed(p7)) {
  849. untrusted = p7->d.sign->cert;
  850. crls = p7->d.sign->crl;
  851. } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
  852. untrusted = p7->d.signed_and_enveloped->cert;
  853. crls = p7->d.signed_and_enveloped->crl;
  854. } else {
  855. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_WRONG_PKCS7_TYPE);
  856. goto err;
  857. }
  858. X509_STORE_CTX_set0_crls(ctx, crls);
  859. /* XXXXXXXXXXXXXXXXXXXXXXX */
  860. ias = si->issuer_and_serial;
  861. signer = X509_find_by_issuer_and_serial(untrusted, ias->issuer, ias->serial);
  862. /* Were we able to find the signer certificate in passed to us? */
  863. if (signer == NULL) {
  864. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
  865. goto err;
  866. }
  867. /* Lets verify */
  868. if (!X509_STORE_CTX_init(ctx, cert_store, signer, untrusted)) {
  869. ERR_raise(ERR_LIB_PKCS7, ERR_R_X509_LIB);
  870. goto err;
  871. }
  872. X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
  873. i = X509_verify_cert(ctx);
  874. if (i <= 0) {
  875. ERR_raise(ERR_LIB_PKCS7, ERR_R_X509_LIB);
  876. goto err;
  877. }
  878. return PKCS7_signatureVerify(bio, p7, si, signer);
  879. err:
  880. return ret;
  881. }
  882. int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
  883. X509 *signer)
  884. {
  885. ASN1_OCTET_STRING *os;
  886. EVP_MD_CTX *mdc_tmp, *mdc;
  887. const EVP_MD *md;
  888. EVP_MD *fetched_md = NULL;
  889. int ret = 0, i;
  890. int md_type;
  891. STACK_OF(X509_ATTRIBUTE) *sk;
  892. BIO *btmp;
  893. EVP_PKEY *pkey;
  894. const PKCS7_CTX *ctx = ossl_pkcs7_get0_ctx(p7);
  895. OSSL_LIB_CTX *libctx = ossl_pkcs7_ctx_get0_libctx(ctx);
  896. const char *propq = ossl_pkcs7_ctx_get0_propq(ctx);
  897. mdc_tmp = EVP_MD_CTX_new();
  898. if (mdc_tmp == NULL) {
  899. ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB);
  900. goto err;
  901. }
  902. if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) {
  903. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_WRONG_PKCS7_TYPE);
  904. goto err;
  905. }
  906. md_type = OBJ_obj2nid(si->digest_alg->algorithm);
  907. btmp = bio;
  908. for (;;) {
  909. if ((btmp == NULL) ||
  910. ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) {
  911. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
  912. goto err;
  913. }
  914. BIO_get_md_ctx(btmp, &mdc);
  915. if (mdc == NULL) {
  916. ERR_raise(ERR_LIB_PKCS7, ERR_R_INTERNAL_ERROR);
  917. goto err;
  918. }
  919. if (EVP_MD_CTX_get_type(mdc) == md_type)
  920. break;
  921. /*
  922. * Workaround for some broken clients that put the signature OID
  923. * instead of the digest OID in digest_alg->algorithm
  924. */
  925. if (EVP_MD_get_pkey_type(EVP_MD_CTX_get0_md(mdc)) == md_type)
  926. break;
  927. btmp = BIO_next(btmp);
  928. }
  929. /*
  930. * mdc is the digest ctx that we want, unless there are attributes, in
  931. * which case the digest is the signed attributes
  932. */
  933. if (!EVP_MD_CTX_copy_ex(mdc_tmp, mdc))
  934. goto err;
  935. sk = si->auth_attr;
  936. if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
  937. unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
  938. unsigned int md_len;
  939. int alen;
  940. ASN1_OCTET_STRING *message_digest;
  941. if (!EVP_DigestFinal_ex(mdc_tmp, md_dat, &md_len))
  942. goto err;
  943. message_digest = PKCS7_digest_from_attributes(sk);
  944. if (!message_digest) {
  945. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
  946. goto err;
  947. }
  948. if ((message_digest->length != (int)md_len) ||
  949. (memcmp(message_digest->data, md_dat, md_len))) {
  950. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_DIGEST_FAILURE);
  951. ret = -1;
  952. goto err;
  953. }
  954. (void)ERR_set_mark();
  955. fetched_md = EVP_MD_fetch(libctx, OBJ_nid2sn(md_type), propq);
  956. if (fetched_md != NULL)
  957. md = fetched_md;
  958. else
  959. md = EVP_get_digestbynid(md_type);
  960. if (md == NULL || !EVP_VerifyInit_ex(mdc_tmp, md, NULL)) {
  961. (void)ERR_clear_last_mark();
  962. goto err;
  963. }
  964. (void)ERR_pop_to_mark();
  965. alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
  966. ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
  967. if (alen <= 0) {
  968. ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB);
  969. ret = -1;
  970. goto err;
  971. }
  972. if (!EVP_VerifyUpdate(mdc_tmp, abuf, alen))
  973. goto err;
  974. OPENSSL_free(abuf);
  975. }
  976. os = si->enc_digest;
  977. pkey = X509_get0_pubkey(signer);
  978. if (pkey == NULL) {
  979. ret = -1;
  980. goto err;
  981. }
  982. i = EVP_VerifyFinal_ex(mdc_tmp, os->data, os->length, pkey, libctx, propq);
  983. if (i <= 0) {
  984. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_SIGNATURE_FAILURE);
  985. ret = -1;
  986. goto err;
  987. }
  988. ret = 1;
  989. err:
  990. EVP_MD_CTX_free(mdc_tmp);
  991. EVP_MD_free(fetched_md);
  992. return ret;
  993. }
  994. PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
  995. {
  996. STACK_OF(PKCS7_RECIP_INFO) *rsk;
  997. PKCS7_RECIP_INFO *ri;
  998. int i;
  999. i = OBJ_obj2nid(p7->type);
  1000. if (i != NID_pkcs7_signedAndEnveloped)
  1001. return NULL;
  1002. if (p7->d.signed_and_enveloped == NULL)
  1003. return NULL;
  1004. rsk = p7->d.signed_and_enveloped->recipientinfo;
  1005. if (rsk == NULL)
  1006. return NULL;
  1007. if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx)
  1008. return NULL;
  1009. ri = sk_PKCS7_RECIP_INFO_value(rsk, idx);
  1010. return ri->issuer_and_serial;
  1011. }
  1012. ASN1_TYPE *PKCS7_get_signed_attribute(const PKCS7_SIGNER_INFO *si, int nid)
  1013. {
  1014. return get_attribute(si->auth_attr, nid);
  1015. }
  1016. ASN1_TYPE *PKCS7_get_attribute(const PKCS7_SIGNER_INFO *si, int nid)
  1017. {
  1018. return get_attribute(si->unauth_attr, nid);
  1019. }
  1020. static ASN1_TYPE *get_attribute(const STACK_OF(X509_ATTRIBUTE) *sk, int nid)
  1021. {
  1022. int idx = X509at_get_attr_by_NID(sk, nid, -1);
  1023. if (idx < 0)
  1024. return NULL;
  1025. return X509_ATTRIBUTE_get0_type(X509at_get_attr(sk, idx), 0);
  1026. }
  1027. ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
  1028. {
  1029. ASN1_TYPE *astype;
  1030. if ((astype = get_attribute(sk, NID_pkcs9_messageDigest)) == NULL)
  1031. return NULL;
  1032. return astype->value.octet_string;
  1033. }
  1034. int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
  1035. STACK_OF(X509_ATTRIBUTE) *sk)
  1036. {
  1037. int i;
  1038. sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
  1039. p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);
  1040. if (p7si->auth_attr == NULL)
  1041. return 0;
  1042. for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
  1043. if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,
  1044. X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
  1045. (sk, i))))
  1046. == NULL)
  1047. return 0;
  1048. }
  1049. return 1;
  1050. }
  1051. int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
  1052. STACK_OF(X509_ATTRIBUTE) *sk)
  1053. {
  1054. int i;
  1055. sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
  1056. p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);
  1057. if (p7si->unauth_attr == NULL)
  1058. return 0;
  1059. for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
  1060. if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,
  1061. X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
  1062. (sk, i))))
  1063. == NULL)
  1064. return 0;
  1065. }
  1066. return 1;
  1067. }
  1068. int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
  1069. void *value)
  1070. {
  1071. return add_attribute(&(p7si->auth_attr), nid, atrtype, value);
  1072. }
  1073. int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
  1074. void *value)
  1075. {
  1076. return add_attribute(&(p7si->unauth_attr), nid, atrtype, value);
  1077. }
  1078. static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
  1079. void *value)
  1080. {
  1081. X509_ATTRIBUTE *attr = NULL;
  1082. if (*sk == NULL) {
  1083. if ((*sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
  1084. return 0;
  1085. new_attrib:
  1086. if ((attr = X509_ATTRIBUTE_create(nid, atrtype, value)) == NULL)
  1087. return 0;
  1088. if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
  1089. X509_ATTRIBUTE_free(attr);
  1090. return 0;
  1091. }
  1092. } else {
  1093. int i;
  1094. for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) {
  1095. attr = sk_X509_ATTRIBUTE_value(*sk, i);
  1096. if (OBJ_obj2nid(X509_ATTRIBUTE_get0_object(attr)) == nid) {
  1097. X509_ATTRIBUTE_free(attr);
  1098. attr = X509_ATTRIBUTE_create(nid, atrtype, value);
  1099. if (attr == NULL)
  1100. return 0;
  1101. if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) {
  1102. X509_ATTRIBUTE_free(attr);
  1103. return 0;
  1104. }
  1105. goto end;
  1106. }
  1107. }
  1108. goto new_attrib;
  1109. }
  1110. end:
  1111. return 1;
  1112. }