pk7_doit.c 36 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266
  1. /*
  2. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <openssl/rand.h>
  11. #include <openssl/objects.h>
  12. #include <openssl/x509.h>
  13. #include <openssl/x509v3.h>
  14. #include <openssl/err.h>
  15. #include "internal/cryptlib.h"
  16. #include "internal/sizes.h"
  17. #include "pk7_local.h"
  18. static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
  19. void *value);
  20. static ASN1_TYPE *get_attribute(const STACK_OF(X509_ATTRIBUTE) *sk, int nid);
  21. int PKCS7_type_is_other(PKCS7 *p7)
  22. {
  23. int isOther = 1;
  24. int nid = OBJ_obj2nid(p7->type);
  25. switch (nid) {
  26. case NID_pkcs7_data:
  27. case NID_pkcs7_signed:
  28. case NID_pkcs7_enveloped:
  29. case NID_pkcs7_signedAndEnveloped:
  30. case NID_pkcs7_digest:
  31. case NID_pkcs7_encrypted:
  32. isOther = 0;
  33. break;
  34. default:
  35. isOther = 1;
  36. }
  37. return isOther;
  38. }
  39. ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
  40. {
  41. if (PKCS7_type_is_data(p7))
  42. return p7->d.data;
  43. if (PKCS7_type_is_other(p7) && p7->d.other
  44. && (p7->d.other->type == V_ASN1_OCTET_STRING))
  45. return p7->d.other->value.octet_string;
  46. return NULL;
  47. }
  48. static int pkcs7_bio_add_digest(BIO **pbio, X509_ALGOR *alg,
  49. const PKCS7_CTX *ctx)
  50. {
  51. BIO *btmp;
  52. char name[OSSL_MAX_NAME_SIZE];
  53. EVP_MD *fetched = NULL;
  54. const EVP_MD *md;
  55. if ((btmp = BIO_new(BIO_f_md())) == NULL) {
  56. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  57. goto err;
  58. }
  59. OBJ_obj2txt(name, sizeof(name), alg->algorithm, 0);
  60. (void)ERR_set_mark();
  61. fetched = EVP_MD_fetch(ossl_pkcs7_ctx_get0_libctx(ctx), name,
  62. ossl_pkcs7_ctx_get0_propq(ctx));
  63. if (fetched != NULL)
  64. md = fetched;
  65. else
  66. md = EVP_get_digestbyname(name);
  67. if (md == NULL) {
  68. (void)ERR_clear_last_mark();
  69. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNKNOWN_DIGEST_TYPE);
  70. goto err;
  71. }
  72. (void)ERR_pop_to_mark();
  73. BIO_set_md(btmp, md);
  74. EVP_MD_free(fetched);
  75. if (*pbio == NULL)
  76. *pbio = btmp;
  77. else if (!BIO_push(*pbio, btmp)) {
  78. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  79. goto err;
  80. }
  81. btmp = NULL;
  82. return 1;
  83. err:
  84. BIO_free(btmp);
  85. return 0;
  86. }
  87. static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
  88. unsigned char *key, int keylen)
  89. {
  90. EVP_PKEY_CTX *pctx = NULL;
  91. EVP_PKEY *pkey = NULL;
  92. unsigned char *ek = NULL;
  93. int ret = 0;
  94. size_t eklen;
  95. const PKCS7_CTX *ctx = ri->ctx;
  96. pkey = X509_get0_pubkey(ri->cert);
  97. if (pkey == NULL)
  98. return 0;
  99. pctx = EVP_PKEY_CTX_new_from_pkey(ossl_pkcs7_ctx_get0_libctx(ctx), pkey,
  100. ossl_pkcs7_ctx_get0_propq(ctx));
  101. if (pctx == NULL)
  102. return 0;
  103. if (EVP_PKEY_encrypt_init(pctx) <= 0)
  104. goto err;
  105. if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
  106. goto err;
  107. ek = OPENSSL_malloc(eklen);
  108. if (ek == NULL) {
  109. ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
  110. goto err;
  111. }
  112. if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
  113. goto err;
  114. ASN1_STRING_set0(ri->enc_key, ek, eklen);
  115. ek = NULL;
  116. ret = 1;
  117. err:
  118. EVP_PKEY_CTX_free(pctx);
  119. OPENSSL_free(ek);
  120. return ret;
  121. }
  122. static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
  123. PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey,
  124. size_t fixlen)
  125. {
  126. EVP_PKEY_CTX *pctx = NULL;
  127. unsigned char *ek = NULL;
  128. size_t eklen;
  129. int ret = -1;
  130. const PKCS7_CTX *ctx = ri->ctx;
  131. pctx = EVP_PKEY_CTX_new_from_pkey(ossl_pkcs7_ctx_get0_libctx(ctx), pkey,
  132. ossl_pkcs7_ctx_get0_propq(ctx));
  133. if (pctx == NULL)
  134. return -1;
  135. if (EVP_PKEY_decrypt_init(pctx) <= 0)
  136. goto err;
  137. if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
  138. ri->enc_key->data, ri->enc_key->length) <= 0)
  139. goto err;
  140. ek = OPENSSL_malloc(eklen);
  141. if (ek == NULL) {
  142. ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
  143. goto err;
  144. }
  145. if (EVP_PKEY_decrypt(pctx, ek, &eklen,
  146. ri->enc_key->data, ri->enc_key->length) <= 0
  147. || eklen == 0
  148. || (fixlen != 0 && eklen != fixlen)) {
  149. ret = 0;
  150. ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB);
  151. goto err;
  152. }
  153. ret = 1;
  154. OPENSSL_clear_free(*pek, *peklen);
  155. *pek = ek;
  156. *peklen = eklen;
  157. err:
  158. EVP_PKEY_CTX_free(pctx);
  159. if (!ret)
  160. OPENSSL_free(ek);
  161. return ret;
  162. }
  163. BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
  164. {
  165. int i;
  166. BIO *out = NULL, *btmp = NULL;
  167. X509_ALGOR *xa = NULL;
  168. EVP_CIPHER *fetched_cipher = NULL;
  169. const EVP_CIPHER *cipher;
  170. const EVP_CIPHER *evp_cipher = NULL;
  171. STACK_OF(X509_ALGOR) *md_sk = NULL;
  172. STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
  173. X509_ALGOR *xalg = NULL;
  174. PKCS7_RECIP_INFO *ri = NULL;
  175. ASN1_OCTET_STRING *os = NULL;
  176. const PKCS7_CTX *p7_ctx;
  177. OSSL_LIB_CTX *libctx;
  178. const char *propq;
  179. if (p7 == NULL) {
  180. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER);
  181. return NULL;
  182. }
  183. p7_ctx = ossl_pkcs7_get0_ctx(p7);
  184. libctx = ossl_pkcs7_ctx_get0_libctx(p7_ctx);
  185. propq = ossl_pkcs7_ctx_get0_propq(p7_ctx);
  186. /*
  187. * The content field in the PKCS7 ContentInfo is optional, but that really
  188. * only applies to inner content (precisely, detached signatures).
  189. *
  190. * When reading content, missing outer content is therefore treated as an
  191. * error.
  192. *
  193. * When creating content, PKCS7_content_new() must be called before
  194. * calling this method, so a NULL p7->d is always an error.
  195. */
  196. if (p7->d.ptr == NULL) {
  197. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  198. return NULL;
  199. }
  200. i = OBJ_obj2nid(p7->type);
  201. p7->state = PKCS7_S_HEADER;
  202. switch (i) {
  203. case NID_pkcs7_signed:
  204. md_sk = p7->d.sign->md_algs;
  205. os = PKCS7_get_octet_string(p7->d.sign->contents);
  206. break;
  207. case NID_pkcs7_signedAndEnveloped:
  208. rsk = p7->d.signed_and_enveloped->recipientinfo;
  209. md_sk = p7->d.signed_and_enveloped->md_algs;
  210. xalg = p7->d.signed_and_enveloped->enc_data->algorithm;
  211. evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher;
  212. if (evp_cipher == NULL) {
  213. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_CIPHER_NOT_INITIALIZED);
  214. goto err;
  215. }
  216. break;
  217. case NID_pkcs7_enveloped:
  218. rsk = p7->d.enveloped->recipientinfo;
  219. xalg = p7->d.enveloped->enc_data->algorithm;
  220. evp_cipher = p7->d.enveloped->enc_data->cipher;
  221. if (evp_cipher == NULL) {
  222. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_CIPHER_NOT_INITIALIZED);
  223. goto err;
  224. }
  225. break;
  226. case NID_pkcs7_digest:
  227. xa = p7->d.digest->md;
  228. os = PKCS7_get_octet_string(p7->d.digest->contents);
  229. break;
  230. case NID_pkcs7_data:
  231. break;
  232. default:
  233. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
  234. goto err;
  235. }
  236. for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
  237. if (!pkcs7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i), p7_ctx))
  238. goto err;
  239. if (xa && !pkcs7_bio_add_digest(&out, xa, p7_ctx))
  240. goto err;
  241. if (evp_cipher != NULL) {
  242. unsigned char key[EVP_MAX_KEY_LENGTH];
  243. unsigned char iv[EVP_MAX_IV_LENGTH];
  244. int keylen, ivlen;
  245. EVP_CIPHER_CTX *ctx;
  246. if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
  247. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  248. goto err;
  249. }
  250. BIO_get_cipher_ctx(btmp, &ctx);
  251. keylen = EVP_CIPHER_get_key_length(evp_cipher);
  252. ivlen = EVP_CIPHER_get_iv_length(evp_cipher);
  253. xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_get_type(evp_cipher));
  254. if (ivlen > 0)
  255. if (RAND_bytes_ex(libctx, iv, ivlen, 0) <= 0)
  256. goto err;
  257. (void)ERR_set_mark();
  258. fetched_cipher = EVP_CIPHER_fetch(libctx,
  259. EVP_CIPHER_get0_name(evp_cipher),
  260. propq);
  261. (void)ERR_pop_to_mark();
  262. if (fetched_cipher != NULL)
  263. cipher = fetched_cipher;
  264. else
  265. cipher = evp_cipher;
  266. if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1) <= 0)
  267. goto err;
  268. EVP_CIPHER_free(fetched_cipher);
  269. fetched_cipher = NULL;
  270. if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
  271. goto err;
  272. if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
  273. goto err;
  274. if (ivlen > 0) {
  275. if (xalg->parameter == NULL) {
  276. xalg->parameter = ASN1_TYPE_new();
  277. if (xalg->parameter == NULL)
  278. goto err;
  279. }
  280. if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
  281. goto err;
  282. }
  283. /* Lets do the pub key stuff :-) */
  284. for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
  285. ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
  286. if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
  287. goto err;
  288. }
  289. OPENSSL_cleanse(key, keylen);
  290. if (out == NULL)
  291. out = btmp;
  292. else
  293. BIO_push(out, btmp);
  294. btmp = NULL;
  295. }
  296. if (bio == NULL) {
  297. if (PKCS7_is_detached(p7)) {
  298. bio = BIO_new(BIO_s_null());
  299. } else if (os && os->length > 0) {
  300. bio = BIO_new_mem_buf(os->data, os->length);
  301. } else {
  302. bio = BIO_new(BIO_s_mem());
  303. if (bio == NULL)
  304. goto err;
  305. BIO_set_mem_eof_return(bio, 0);
  306. }
  307. if (bio == NULL)
  308. goto err;
  309. }
  310. if (out)
  311. BIO_push(out, bio);
  312. else
  313. out = bio;
  314. return out;
  315. err:
  316. EVP_CIPHER_free(fetched_cipher);
  317. BIO_free_all(out);
  318. BIO_free_all(btmp);
  319. return NULL;
  320. }
  321. static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)
  322. {
  323. int ret;
  324. ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,
  325. X509_get_issuer_name(pcert));
  326. if (ret)
  327. return ret;
  328. return ASN1_INTEGER_cmp(X509_get0_serialNumber(pcert),
  329. ri->issuer_and_serial->serial);
  330. }
  331. /* int */
  332. BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
  333. {
  334. int i, len;
  335. BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;
  336. X509_ALGOR *xa;
  337. ASN1_OCTET_STRING *data_body = NULL;
  338. EVP_MD *evp_md = NULL;
  339. const EVP_MD *md;
  340. EVP_CIPHER *evp_cipher = NULL;
  341. const EVP_CIPHER *cipher = NULL;
  342. EVP_CIPHER_CTX *evp_ctx = NULL;
  343. X509_ALGOR *enc_alg = NULL;
  344. STACK_OF(X509_ALGOR) *md_sk = NULL;
  345. STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
  346. PKCS7_RECIP_INFO *ri = NULL;
  347. unsigned char *ek = NULL, *tkey = NULL;
  348. int eklen = 0, tkeylen = 0;
  349. char name[OSSL_MAX_NAME_SIZE];
  350. const PKCS7_CTX *p7_ctx;
  351. OSSL_LIB_CTX *libctx;
  352. const char *propq;
  353. if (p7 == NULL) {
  354. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER);
  355. return NULL;
  356. }
  357. p7_ctx = ossl_pkcs7_get0_ctx(p7);
  358. libctx = ossl_pkcs7_ctx_get0_libctx(p7_ctx);
  359. propq = ossl_pkcs7_ctx_get0_propq(p7_ctx);
  360. if (p7->d.ptr == NULL) {
  361. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  362. return NULL;
  363. }
  364. i = OBJ_obj2nid(p7->type);
  365. p7->state = PKCS7_S_HEADER;
  366. switch (i) {
  367. case NID_pkcs7_signed:
  368. /*
  369. * p7->d.sign->contents is a PKCS7 structure consisting of a contentType
  370. * field and optional content.
  371. * data_body is NULL if that structure has no (=detached) content
  372. * or if the contentType is wrong (i.e., not "data").
  373. */
  374. data_body = PKCS7_get_octet_string(p7->d.sign->contents);
  375. if (!PKCS7_is_detached(p7) && data_body == NULL) {
  376. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_SIGNED_DATA_TYPE);
  377. goto err;
  378. }
  379. md_sk = p7->d.sign->md_algs;
  380. break;
  381. case NID_pkcs7_signedAndEnveloped:
  382. rsk = p7->d.signed_and_enveloped->recipientinfo;
  383. md_sk = p7->d.signed_and_enveloped->md_algs;
  384. /* data_body is NULL if the optional EncryptedContent is missing. */
  385. data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
  386. enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
  387. OBJ_obj2txt(name, sizeof(name), enc_alg->algorithm, 0);
  388. (void)ERR_set_mark();
  389. evp_cipher = EVP_CIPHER_fetch(libctx, name, propq);
  390. if (evp_cipher != NULL)
  391. cipher = evp_cipher;
  392. else
  393. cipher = EVP_get_cipherbyname(name);
  394. if (cipher == NULL) {
  395. (void)ERR_clear_last_mark();
  396. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
  397. goto err;
  398. }
  399. (void)ERR_pop_to_mark();
  400. break;
  401. case NID_pkcs7_enveloped:
  402. rsk = p7->d.enveloped->recipientinfo;
  403. enc_alg = p7->d.enveloped->enc_data->algorithm;
  404. /* data_body is NULL if the optional EncryptedContent is missing. */
  405. data_body = p7->d.enveloped->enc_data->enc_data;
  406. OBJ_obj2txt(name, sizeof(name), enc_alg->algorithm, 0);
  407. (void)ERR_set_mark();
  408. evp_cipher = EVP_CIPHER_fetch(libctx, name, propq);
  409. if (evp_cipher != NULL)
  410. cipher = evp_cipher;
  411. else
  412. cipher = EVP_get_cipherbyname(name);
  413. if (cipher == NULL) {
  414. (void)ERR_clear_last_mark();
  415. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
  416. goto err;
  417. }
  418. (void)ERR_pop_to_mark();
  419. break;
  420. default:
  421. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
  422. goto err;
  423. }
  424. /* Detached content must be supplied via in_bio instead. */
  425. if (data_body == NULL && in_bio == NULL) {
  426. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  427. goto err;
  428. }
  429. /* We will be checking the signature */
  430. if (md_sk != NULL) {
  431. for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
  432. xa = sk_X509_ALGOR_value(md_sk, i);
  433. if ((btmp = BIO_new(BIO_f_md())) == NULL) {
  434. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  435. goto err;
  436. }
  437. OBJ_obj2txt(name, sizeof(name), xa->algorithm, 0);
  438. (void)ERR_set_mark();
  439. evp_md = EVP_MD_fetch(libctx, name, propq);
  440. if (evp_md != NULL)
  441. md = evp_md;
  442. else
  443. md = EVP_get_digestbyname(name);
  444. if (md == NULL) {
  445. (void)ERR_clear_last_mark();
  446. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNKNOWN_DIGEST_TYPE);
  447. goto err;
  448. }
  449. (void)ERR_pop_to_mark();
  450. BIO_set_md(btmp, md);
  451. EVP_MD_free(evp_md);
  452. if (out == NULL)
  453. out = btmp;
  454. else
  455. BIO_push(out, btmp);
  456. btmp = NULL;
  457. }
  458. }
  459. if (cipher != NULL) {
  460. if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
  461. ERR_raise(ERR_LIB_PKCS7, ERR_R_BIO_LIB);
  462. goto err;
  463. }
  464. /*
  465. * It was encrypted, we need to decrypt the secret key with the
  466. * private key
  467. */
  468. /*
  469. * Find the recipientInfo which matches the passed certificate (if
  470. * any)
  471. */
  472. if (pcert) {
  473. for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
  474. ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
  475. if (!pkcs7_cmp_ri(ri, pcert))
  476. break;
  477. ri = NULL;
  478. }
  479. if (ri == NULL) {
  480. ERR_raise(ERR_LIB_PKCS7,
  481. PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
  482. goto err;
  483. }
  484. }
  485. /* If we haven't got a certificate try each ri in turn */
  486. if (pcert == NULL) {
  487. /*
  488. * Always attempt to decrypt all rinfo even after success as a
  489. * defence against MMA timing attacks.
  490. */
  491. for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
  492. ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
  493. ri->ctx = p7_ctx;
  494. if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey,
  495. EVP_CIPHER_get_key_length(cipher)) < 0)
  496. goto err;
  497. ERR_clear_error();
  498. }
  499. } else {
  500. ri->ctx = p7_ctx;
  501. /* Only exit on fatal errors, not decrypt failure */
  502. if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey, 0) < 0)
  503. goto err;
  504. ERR_clear_error();
  505. }
  506. evp_ctx = NULL;
  507. BIO_get_cipher_ctx(etmp, &evp_ctx);
  508. if (EVP_CipherInit_ex(evp_ctx, cipher, NULL, NULL, NULL, 0) <= 0)
  509. goto err;
  510. if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
  511. goto err;
  512. /* Generate random key as MMA defence */
  513. len = EVP_CIPHER_CTX_get_key_length(evp_ctx);
  514. if (len <= 0)
  515. goto err;
  516. tkeylen = (size_t)len;
  517. tkey = OPENSSL_malloc(tkeylen);
  518. if (tkey == NULL)
  519. goto err;
  520. if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
  521. goto err;
  522. if (ek == NULL) {
  523. ek = tkey;
  524. eklen = tkeylen;
  525. tkey = NULL;
  526. }
  527. if (eklen != EVP_CIPHER_CTX_get_key_length(evp_ctx)) {
  528. /*
  529. * Some S/MIME clients don't use the same key and effective key
  530. * length. The key length is determined by the size of the
  531. * decrypted RSA key.
  532. */
  533. if (EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen) <= 0) {
  534. /* Use random key as MMA defence */
  535. OPENSSL_clear_free(ek, eklen);
  536. ek = tkey;
  537. eklen = tkeylen;
  538. tkey = NULL;
  539. }
  540. }
  541. /* Clear errors so we don't leak information useful in MMA */
  542. ERR_clear_error();
  543. if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
  544. goto err;
  545. OPENSSL_clear_free(ek, eklen);
  546. ek = NULL;
  547. OPENSSL_clear_free(tkey, tkeylen);
  548. tkey = NULL;
  549. if (out == NULL)
  550. out = etmp;
  551. else
  552. BIO_push(out, etmp);
  553. etmp = NULL;
  554. }
  555. if (in_bio != NULL) {
  556. bio = in_bio;
  557. } else {
  558. if (data_body->length > 0)
  559. bio = BIO_new_mem_buf(data_body->data, data_body->length);
  560. else {
  561. bio = BIO_new(BIO_s_mem());
  562. if (bio == NULL)
  563. goto err;
  564. BIO_set_mem_eof_return(bio, 0);
  565. }
  566. if (bio == NULL)
  567. goto err;
  568. }
  569. BIO_push(out, bio);
  570. bio = NULL;
  571. EVP_CIPHER_free(evp_cipher);
  572. return out;
  573. err:
  574. EVP_CIPHER_free(evp_cipher);
  575. OPENSSL_clear_free(ek, eklen);
  576. OPENSSL_clear_free(tkey, tkeylen);
  577. BIO_free_all(out);
  578. BIO_free_all(btmp);
  579. BIO_free_all(etmp);
  580. BIO_free_all(bio);
  581. return NULL;
  582. }
  583. static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
  584. {
  585. for (;;) {
  586. bio = BIO_find_type(bio, BIO_TYPE_MD);
  587. if (bio == NULL) {
  588. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
  589. return NULL;
  590. }
  591. BIO_get_md_ctx(bio, pmd);
  592. if (*pmd == NULL) {
  593. ERR_raise(ERR_LIB_PKCS7, ERR_R_INTERNAL_ERROR);
  594. return NULL;
  595. }
  596. if (EVP_MD_CTX_get_type(*pmd) == nid)
  597. return bio;
  598. bio = BIO_next(bio);
  599. }
  600. return NULL;
  601. }
  602. static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
  603. {
  604. unsigned char md_data[EVP_MAX_MD_SIZE];
  605. unsigned int md_len;
  606. /* Add signing time if not already present */
  607. if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
  608. if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
  609. ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
  610. return 0;
  611. }
  612. }
  613. /* Add digest */
  614. if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
  615. ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB);
  616. return 0;
  617. }
  618. if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
  619. ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
  620. return 0;
  621. }
  622. /* Now sign the attributes */
  623. if (!PKCS7_SIGNER_INFO_sign(si))
  624. return 0;
  625. return 1;
  626. }
  627. int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
  628. {
  629. int ret = 0;
  630. int i, j;
  631. BIO *btmp;
  632. PKCS7_SIGNER_INFO *si;
  633. EVP_MD_CTX *mdc, *ctx_tmp;
  634. STACK_OF(X509_ATTRIBUTE) *sk;
  635. STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
  636. ASN1_OCTET_STRING *os = NULL;
  637. const PKCS7_CTX *p7_ctx;
  638. if (p7 == NULL) {
  639. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER);
  640. return 0;
  641. }
  642. p7_ctx = ossl_pkcs7_get0_ctx(p7);
  643. if (p7->d.ptr == NULL) {
  644. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  645. return 0;
  646. }
  647. ctx_tmp = EVP_MD_CTX_new();
  648. if (ctx_tmp == NULL) {
  649. ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
  650. return 0;
  651. }
  652. i = OBJ_obj2nid(p7->type);
  653. p7->state = PKCS7_S_HEADER;
  654. switch (i) {
  655. case NID_pkcs7_data:
  656. os = p7->d.data;
  657. break;
  658. case NID_pkcs7_signedAndEnveloped:
  659. /* XXXXXXXXXXXXXXXX */
  660. si_sk = p7->d.signed_and_enveloped->signer_info;
  661. os = p7->d.signed_and_enveloped->enc_data->enc_data;
  662. if (os == NULL) {
  663. os = ASN1_OCTET_STRING_new();
  664. if (os == NULL) {
  665. ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
  666. goto err;
  667. }
  668. p7->d.signed_and_enveloped->enc_data->enc_data = os;
  669. }
  670. break;
  671. case NID_pkcs7_enveloped:
  672. /* XXXXXXXXXXXXXXXX */
  673. os = p7->d.enveloped->enc_data->enc_data;
  674. if (os == NULL) {
  675. os = ASN1_OCTET_STRING_new();
  676. if (os == NULL) {
  677. ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
  678. goto err;
  679. }
  680. p7->d.enveloped->enc_data->enc_data = os;
  681. }
  682. break;
  683. case NID_pkcs7_signed:
  684. si_sk = p7->d.sign->signer_info;
  685. os = PKCS7_get_octet_string(p7->d.sign->contents);
  686. /* If detached data then the content is excluded */
  687. if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
  688. ASN1_OCTET_STRING_free(os);
  689. os = NULL;
  690. p7->d.sign->contents->d.data = NULL;
  691. }
  692. break;
  693. case NID_pkcs7_digest:
  694. os = PKCS7_get_octet_string(p7->d.digest->contents);
  695. /* If detached data then the content is excluded */
  696. if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
  697. ASN1_OCTET_STRING_free(os);
  698. os = NULL;
  699. p7->d.digest->contents->d.data = NULL;
  700. }
  701. break;
  702. default:
  703. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
  704. goto err;
  705. }
  706. if (si_sk != NULL) {
  707. for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
  708. si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);
  709. if (si->pkey == NULL)
  710. continue;
  711. j = OBJ_obj2nid(si->digest_alg->algorithm);
  712. btmp = bio;
  713. btmp = PKCS7_find_digest(&mdc, btmp, j);
  714. if (btmp == NULL)
  715. goto err;
  716. /*
  717. * We now have the EVP_MD_CTX, lets do the signing.
  718. */
  719. if (!EVP_MD_CTX_copy_ex(ctx_tmp, mdc))
  720. goto err;
  721. sk = si->auth_attr;
  722. /*
  723. * If there are attributes, we add the digest attribute and only
  724. * sign the attributes
  725. */
  726. if (sk_X509_ATTRIBUTE_num(sk) > 0) {
  727. if (!do_pkcs7_signed_attrib(si, ctx_tmp))
  728. goto err;
  729. } else {
  730. unsigned char *abuf = NULL;
  731. unsigned int abuflen;
  732. abuflen = EVP_PKEY_get_size(si->pkey);
  733. abuf = OPENSSL_malloc(abuflen);
  734. if (abuf == NULL)
  735. goto err;
  736. if (!EVP_SignFinal_ex(ctx_tmp, abuf, &abuflen, si->pkey,
  737. ossl_pkcs7_ctx_get0_libctx(p7_ctx),
  738. ossl_pkcs7_ctx_get0_propq(p7_ctx))) {
  739. OPENSSL_free(abuf);
  740. ERR_raise(ERR_LIB_PKCS7, ERR_R_EVP_LIB);
  741. goto err;
  742. }
  743. ASN1_STRING_set0(si->enc_digest, abuf, abuflen);
  744. }
  745. }
  746. } else if (i == NID_pkcs7_digest) {
  747. unsigned char md_data[EVP_MAX_MD_SIZE];
  748. unsigned int md_len;
  749. if (!PKCS7_find_digest(&mdc, bio,
  750. OBJ_obj2nid(p7->d.digest->md->algorithm)))
  751. goto err;
  752. if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
  753. goto err;
  754. if (!ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len))
  755. goto err;
  756. }
  757. if (!PKCS7_is_detached(p7)) {
  758. /*
  759. * NOTE(emilia): I think we only reach os == NULL here because detached
  760. * digested data support is broken.
  761. */
  762. if (os == NULL)
  763. goto err;
  764. if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
  765. char *cont;
  766. long contlen;
  767. btmp = BIO_find_type(bio, BIO_TYPE_MEM);
  768. if (btmp == NULL) {
  769. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
  770. goto err;
  771. }
  772. contlen = BIO_get_mem_data(btmp, &cont);
  773. /*
  774. * Mark the BIO read only then we can use its copy of the data
  775. * instead of making an extra copy.
  776. */
  777. BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
  778. BIO_set_mem_eof_return(btmp, 0);
  779. ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
  780. }
  781. }
  782. ret = 1;
  783. err:
  784. EVP_MD_CTX_free(ctx_tmp);
  785. return ret;
  786. }
  787. int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
  788. {
  789. EVP_MD_CTX *mctx;
  790. EVP_PKEY_CTX *pctx = NULL;
  791. unsigned char *abuf = NULL;
  792. int alen;
  793. size_t siglen;
  794. const EVP_MD *md = NULL;
  795. const PKCS7_CTX *ctx = si->ctx;
  796. md = EVP_get_digestbyobj(si->digest_alg->algorithm);
  797. if (md == NULL)
  798. return 0;
  799. mctx = EVP_MD_CTX_new();
  800. if (mctx == NULL) {
  801. ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
  802. goto err;
  803. }
  804. if (EVP_DigestSignInit_ex(mctx, &pctx, EVP_MD_get0_name(md),
  805. ossl_pkcs7_ctx_get0_libctx(ctx),
  806. ossl_pkcs7_ctx_get0_propq(ctx), si->pkey,
  807. NULL) <= 0)
  808. goto err;
  809. alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,
  810. ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
  811. if (!abuf)
  812. goto err;
  813. if (EVP_DigestSignUpdate(mctx, abuf, alen) <= 0)
  814. goto err;
  815. OPENSSL_free(abuf);
  816. abuf = NULL;
  817. if (EVP_DigestSignFinal(mctx, NULL, &siglen) <= 0)
  818. goto err;
  819. abuf = OPENSSL_malloc(siglen);
  820. if (abuf == NULL)
  821. goto err;
  822. if (EVP_DigestSignFinal(mctx, abuf, &siglen) <= 0)
  823. goto err;
  824. EVP_MD_CTX_free(mctx);
  825. ASN1_STRING_set0(si->enc_digest, abuf, siglen);
  826. return 1;
  827. err:
  828. OPENSSL_free(abuf);
  829. EVP_MD_CTX_free(mctx);
  830. return 0;
  831. }
  832. int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
  833. PKCS7 *p7, PKCS7_SIGNER_INFO *si)
  834. {
  835. PKCS7_ISSUER_AND_SERIAL *ias;
  836. int ret = 0, i;
  837. STACK_OF(X509) *cert;
  838. X509 *x509;
  839. if (p7 == NULL) {
  840. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_INVALID_NULL_POINTER);
  841. return 0;
  842. }
  843. if (p7->d.ptr == NULL) {
  844. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT);
  845. return 0;
  846. }
  847. if (PKCS7_type_is_signed(p7)) {
  848. cert = p7->d.sign->cert;
  849. } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
  850. cert = p7->d.signed_and_enveloped->cert;
  851. } else {
  852. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_WRONG_PKCS7_TYPE);
  853. goto err;
  854. }
  855. /* XXXXXXXXXXXXXXXXXXXXXXX */
  856. ias = si->issuer_and_serial;
  857. x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial);
  858. /* were we able to find the cert in passed to us */
  859. if (x509 == NULL) {
  860. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
  861. goto err;
  862. }
  863. /* Lets verify */
  864. if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) {
  865. ERR_raise(ERR_LIB_PKCS7, ERR_R_X509_LIB);
  866. goto err;
  867. }
  868. X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
  869. i = X509_verify_cert(ctx);
  870. if (i <= 0) {
  871. ERR_raise(ERR_LIB_PKCS7, ERR_R_X509_LIB);
  872. goto err;
  873. }
  874. return PKCS7_signatureVerify(bio, p7, si, x509);
  875. err:
  876. return ret;
  877. }
  878. int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
  879. X509 *x509)
  880. {
  881. ASN1_OCTET_STRING *os;
  882. EVP_MD_CTX *mdc_tmp, *mdc;
  883. const EVP_MD *md;
  884. EVP_MD *fetched_md = NULL;
  885. int ret = 0, i;
  886. int md_type;
  887. STACK_OF(X509_ATTRIBUTE) *sk;
  888. BIO *btmp;
  889. EVP_PKEY *pkey;
  890. const PKCS7_CTX *ctx = ossl_pkcs7_get0_ctx(p7);
  891. OSSL_LIB_CTX *libctx = ossl_pkcs7_ctx_get0_libctx(ctx);
  892. const char *propq = ossl_pkcs7_ctx_get0_propq(ctx);
  893. mdc_tmp = EVP_MD_CTX_new();
  894. if (mdc_tmp == NULL) {
  895. ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
  896. goto err;
  897. }
  898. if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) {
  899. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_WRONG_PKCS7_TYPE);
  900. goto err;
  901. }
  902. md_type = OBJ_obj2nid(si->digest_alg->algorithm);
  903. btmp = bio;
  904. for (;;) {
  905. if ((btmp == NULL) ||
  906. ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) {
  907. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
  908. goto err;
  909. }
  910. BIO_get_md_ctx(btmp, &mdc);
  911. if (mdc == NULL) {
  912. ERR_raise(ERR_LIB_PKCS7, ERR_R_INTERNAL_ERROR);
  913. goto err;
  914. }
  915. if (EVP_MD_CTX_get_type(mdc) == md_type)
  916. break;
  917. /*
  918. * Workaround for some broken clients that put the signature OID
  919. * instead of the digest OID in digest_alg->algorithm
  920. */
  921. if (EVP_MD_get_pkey_type(EVP_MD_CTX_get0_md(mdc)) == md_type)
  922. break;
  923. btmp = BIO_next(btmp);
  924. }
  925. /*
  926. * mdc is the digest ctx that we want, unless there are attributes, in
  927. * which case the digest is the signed attributes
  928. */
  929. if (!EVP_MD_CTX_copy_ex(mdc_tmp, mdc))
  930. goto err;
  931. sk = si->auth_attr;
  932. if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
  933. unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
  934. unsigned int md_len;
  935. int alen;
  936. ASN1_OCTET_STRING *message_digest;
  937. if (!EVP_DigestFinal_ex(mdc_tmp, md_dat, &md_len))
  938. goto err;
  939. message_digest = PKCS7_digest_from_attributes(sk);
  940. if (!message_digest) {
  941. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
  942. goto err;
  943. }
  944. if ((message_digest->length != (int)md_len) ||
  945. (memcmp(message_digest->data, md_dat, md_len))) {
  946. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_DIGEST_FAILURE);
  947. ret = -1;
  948. goto err;
  949. }
  950. (void)ERR_set_mark();
  951. fetched_md = EVP_MD_fetch(libctx, OBJ_nid2sn(md_type), propq);
  952. if (fetched_md != NULL)
  953. md = fetched_md;
  954. else
  955. md = EVP_get_digestbynid(md_type);
  956. if (md == NULL || !EVP_VerifyInit_ex(mdc_tmp, md, NULL)) {
  957. (void)ERR_clear_last_mark();
  958. goto err;
  959. }
  960. (void)ERR_pop_to_mark();
  961. alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
  962. ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
  963. if (alen <= 0) {
  964. ERR_raise(ERR_LIB_PKCS7, ERR_R_ASN1_LIB);
  965. ret = -1;
  966. goto err;
  967. }
  968. if (!EVP_VerifyUpdate(mdc_tmp, abuf, alen))
  969. goto err;
  970. OPENSSL_free(abuf);
  971. }
  972. os = si->enc_digest;
  973. pkey = X509_get0_pubkey(x509);
  974. if (pkey == NULL) {
  975. ret = -1;
  976. goto err;
  977. }
  978. i = EVP_VerifyFinal_ex(mdc_tmp, os->data, os->length, pkey, libctx, propq);
  979. if (i <= 0) {
  980. ERR_raise(ERR_LIB_PKCS7, PKCS7_R_SIGNATURE_FAILURE);
  981. ret = -1;
  982. goto err;
  983. }
  984. ret = 1;
  985. err:
  986. EVP_MD_CTX_free(mdc_tmp);
  987. EVP_MD_free(fetched_md);
  988. return ret;
  989. }
  990. PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
  991. {
  992. STACK_OF(PKCS7_RECIP_INFO) *rsk;
  993. PKCS7_RECIP_INFO *ri;
  994. int i;
  995. i = OBJ_obj2nid(p7->type);
  996. if (i != NID_pkcs7_signedAndEnveloped)
  997. return NULL;
  998. if (p7->d.signed_and_enveloped == NULL)
  999. return NULL;
  1000. rsk = p7->d.signed_and_enveloped->recipientinfo;
  1001. if (rsk == NULL)
  1002. return NULL;
  1003. if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx)
  1004. return NULL;
  1005. ri = sk_PKCS7_RECIP_INFO_value(rsk, idx);
  1006. return ri->issuer_and_serial;
  1007. }
  1008. ASN1_TYPE *PKCS7_get_signed_attribute(const PKCS7_SIGNER_INFO *si, int nid)
  1009. {
  1010. return get_attribute(si->auth_attr, nid);
  1011. }
  1012. ASN1_TYPE *PKCS7_get_attribute(const PKCS7_SIGNER_INFO *si, int nid)
  1013. {
  1014. return get_attribute(si->unauth_attr, nid);
  1015. }
  1016. static ASN1_TYPE *get_attribute(const STACK_OF(X509_ATTRIBUTE) *sk, int nid)
  1017. {
  1018. int idx;
  1019. X509_ATTRIBUTE *xa;
  1020. idx = X509at_get_attr_by_NID(sk, nid, -1);
  1021. xa = X509at_get_attr(sk, idx);
  1022. return X509_ATTRIBUTE_get0_type(xa, 0);
  1023. }
  1024. ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
  1025. {
  1026. ASN1_TYPE *astype;
  1027. if ((astype = get_attribute(sk, NID_pkcs9_messageDigest)) == NULL)
  1028. return NULL;
  1029. return astype->value.octet_string;
  1030. }
  1031. int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
  1032. STACK_OF(X509_ATTRIBUTE) *sk)
  1033. {
  1034. int i;
  1035. sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
  1036. p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);
  1037. if (p7si->auth_attr == NULL)
  1038. return 0;
  1039. for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
  1040. if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,
  1041. X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
  1042. (sk, i))))
  1043. == NULL)
  1044. return 0;
  1045. }
  1046. return 1;
  1047. }
  1048. int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
  1049. STACK_OF(X509_ATTRIBUTE) *sk)
  1050. {
  1051. int i;
  1052. sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
  1053. p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);
  1054. if (p7si->unauth_attr == NULL)
  1055. return 0;
  1056. for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
  1057. if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,
  1058. X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
  1059. (sk, i))))
  1060. == NULL)
  1061. return 0;
  1062. }
  1063. return 1;
  1064. }
  1065. int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
  1066. void *value)
  1067. {
  1068. return add_attribute(&(p7si->auth_attr), nid, atrtype, value);
  1069. }
  1070. int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
  1071. void *value)
  1072. {
  1073. return add_attribute(&(p7si->unauth_attr), nid, atrtype, value);
  1074. }
  1075. static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
  1076. void *value)
  1077. {
  1078. X509_ATTRIBUTE *attr = NULL;
  1079. if (*sk == NULL) {
  1080. if ((*sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
  1081. return 0;
  1082. new_attrib:
  1083. if ((attr = X509_ATTRIBUTE_create(nid, atrtype, value)) == NULL)
  1084. return 0;
  1085. if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
  1086. X509_ATTRIBUTE_free(attr);
  1087. return 0;
  1088. }
  1089. } else {
  1090. int i;
  1091. for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) {
  1092. attr = sk_X509_ATTRIBUTE_value(*sk, i);
  1093. if (OBJ_obj2nid(X509_ATTRIBUTE_get0_object(attr)) == nid) {
  1094. X509_ATTRIBUTE_free(attr);
  1095. attr = X509_ATTRIBUTE_create(nid, atrtype, value);
  1096. if (attr == NULL)
  1097. return 0;
  1098. if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) {
  1099. X509_ATTRIBUTE_free(attr);
  1100. return 0;
  1101. }
  1102. goto end;
  1103. }
  1104. }
  1105. goto new_attrib;
  1106. }
  1107. end:
  1108. return 1;
  1109. }