2 * The contents of this file are subject to the Mozilla Public
3 * License Version 1.1 (the "License"); you may not use this file
4 * except in compliance with the License. You may obtain a copy of
5 * the License at http://www.mozilla.org/MPL/
7 * Software distributed under the License is distributed on an "AS
8 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9 * implied. See the License for the specific language governing
10 * rights and limitations under the License.
12 * The Original Code is the Netscape security libraries.
14 * The Initial Developer of the Original Code is Netscape
15 * Communications Corporation. Portions created by Netscape are
16 * Copyright (C) 1994-2000 Netscape Communications Corporation. All
21 * Alternatively, the contents of this file may be used under the
22 * terms of the GNU General Public License Version 2 or later (the
23 * "GPL"), in which case the provisions of the GPL are applicable
24 * instead of those above. If you wish to allow use of your
25 * version of this file only under the terms of the GPL and not to
26 * allow others to use your version of this file under the MPL,
27 * indicate your decision by deleting the provisions above and
28 * replace them with the notice and other provisions required by
29 * the GPL. If you do not delete the provisions above, a recipient
30 * may use your version of this file under either the MPL or the
35 * CMS signedData methods.
38 #include <Security/SecCmsSignedData.h>
40 #include <Security/SecCmsContentInfo.h>
41 #include <Security/SecCmsDigestContext.h>
42 #include <Security/SecCmsSignerInfo.h>
49 #include "tsaTemplates.h"
51 #include <security_asn1/secasn1.h>
52 #include <security_asn1/secerr.h>
53 #include <Security/SecBase.h>
54 #include <CommonCrypto/CommonRandomSPI.h>
55 #include <Security/SecPolicy.h>
56 #include <Security/SecPolicyPriv.h>
57 #include <utilities/SecCFWrappers.h>
61 #define SIGDATA_DEBUG 1
65 #define dprintf(args...) fprintf(stderr, args)
67 #define dprintf(args...)
71 SecCmsSignedDataCreate(SecCmsMessageRef cmsg
)
74 SecCmsSignedDataRef sigd
;
79 mark
= PORT_ArenaMark(poolp
);
81 sigd
= (SecCmsSignedDataRef
)PORT_ArenaZAlloc (poolp
, sizeof(SecCmsSignedData
));
87 /* signerInfos, certs, certlists, crls are all empty */
88 /* version is set in SecCmsSignedDataFinalize() */
90 PORT_ArenaUnmark(poolp
, mark
);
94 PORT_ArenaRelease(poolp
, mark
);
99 SecCmsSignedDataDestroy(SecCmsSignedDataRef sigd
)
101 SecCmsSignerInfoRef
*signerinfos
, si
;
106 if (sigd
->certs
!= NULL
)
107 CFRelease(sigd
->certs
);
109 signerinfos
= sigd
->signerInfos
;
110 if (signerinfos
!= NULL
) {
111 while ((si
= *signerinfos
++) != NULL
)
112 SecCmsSignerInfoDestroy(si
);
115 /* everything's in a pool, so don't worry about the storage */
116 SecCmsContentInfoDestroy(&(sigd
->contentInfo
));
120 * SecCmsSignedDataEncodeBeforeStart - do all the necessary things to a SignedData
121 * before start of encoding.
124 * - find out about the right value to put into sigd->version
125 * - come up with a list of digestAlgorithms (which should be the union of the algorithms
126 * in the signerinfos).
127 * If we happen to have a pre-set list of algorithms (and digest values!), we
128 * check if we have all the signerinfos' algorithms. If not, this is an error.
131 SecCmsSignedDataEncodeBeforeStart(SecCmsSignedDataRef sigd
)
133 SecCmsSignerInfoRef signerinfo
;
134 SECOidTag digestalgtag
;
138 Boolean haveDigests
= PR_FALSE
;
142 poolp
= sigd
->cmsg
->poolp
;
144 /* we assume that we have precomputed digests if there is a list of algorithms, and */
145 /* a chunk of data for each of those algorithms */
146 if (sigd
->digestAlgorithms
!= NULL
&& sigd
->digests
!= NULL
) {
147 for (i
=0; sigd
->digestAlgorithms
[i
] != NULL
; i
++) {
148 if (sigd
->digests
[i
] == NULL
)
151 if (sigd
->digestAlgorithms
[i
] == NULL
) /* reached the end of the array? */
152 haveDigests
= PR_TRUE
; /* yes: we must have all the digests */
155 version
= SEC_CMS_SIGNED_DATA_VERSION_BASIC
;
157 /* RFC2630 5.1 "version is the syntax version number..." */
158 if (SecCmsContentInfoGetContentTypeTag(&(sigd
->contentInfo
)) != SEC_OID_PKCS7_DATA
)
159 version
= SEC_CMS_SIGNED_DATA_VERSION_EXT
;
161 /* prepare all the SignerInfos (there may be none) */
162 for (i
=0; i
< SecCmsSignedDataSignerInfoCount(sigd
); i
++) {
163 signerinfo
= SecCmsSignedDataGetSignerInfo(sigd
, i
);
165 /* RFC2630 5.1 "version is the syntax version number..." */
166 if (SecCmsSignerInfoGetVersion(signerinfo
) != SEC_CMS_SIGNER_INFO_VERSION_ISSUERSN
)
167 version
= SEC_CMS_SIGNED_DATA_VERSION_EXT
;
169 /* collect digestAlgorithms from SignerInfos */
170 /* (we need to know which algorithms we have when the content comes in) */
171 /* do not overwrite any existing digestAlgorithms (and digest) */
172 digestalgtag
= SecCmsSignerInfoGetDigestAlgTag(signerinfo
);
174 n
= SecCmsAlgArrayGetIndexByAlgTag(sigd
->digestAlgorithms
, digestalgtag
);
175 if (n
< 0 && haveDigests
) {
176 /* oops, there is a digestalg we do not have a digest for */
177 /* but we were supposed to have all the digests already... */
180 /* add the digestAlgorithm & a NULL digest */
181 rv
= SecCmsSignedDataAddDigest((SecArenaPoolRef
)poolp
, sigd
, digestalgtag
, NULL
);
182 if (rv
!= SECSuccess
)
185 /* found it, nothing to do */
189 dummy
= SEC_ASN1EncodeInteger(poolp
, &(sigd
->version
), (long)version
);
193 /* this is a SET OF, so we need to sort them guys */
194 rv
= SecCmsArraySortByDER((void **)sigd
->digestAlgorithms
,
195 SEC_ASN1_GET(SECOID_AlgorithmIDTemplate
),
196 (void **)sigd
->digests
);
197 if (rv
!= SECSuccess
)
207 SecCmsSignedDataEncodeBeforeData(SecCmsSignedDataRef sigd
)
209 /* set up the digests */
210 if (sigd
->digestAlgorithms
!= NULL
) {
211 sigd
->contentInfo
.digcx
= SecCmsDigestContextStartMultiple(sigd
->digestAlgorithms
);
212 if (sigd
->contentInfo
.digcx
== NULL
)
218 #include <AssertMacros.h>
219 #include "tsaSupport.h"
220 #include "tsaSupportPriv.h"
221 #include "tsaTemplates.h"
222 #include <security_keychain/tsaDERUtilities.h>
224 extern const SecAsn1Template kSecAsn1TSATSTInfoTemplate
;
226 OSStatus
createTSAMessageImprint(SecCmsSignerInfoRef signerInfo
, SECAlgorithmID
*digestAlg
, CSSM_DATA_PTR encDigest
,
227 SecAsn1TSAMessageImprint
*messageImprint
)
229 // Calculate hash of encDigest and put in messageImprint.hashedMessage
230 // We pass in encDigest, since in the verification case, it comes from a different signedData
232 OSStatus status
= SECFailure
;
234 require(signerInfo
&& digestAlg
&& messageImprint
, xit
);
236 SecCmsDigestContextRef digcx
= SecCmsDigestContextStartSingle(digestAlg
);
238 require(encDigest
, xit
);
240 messageImprint
->hashAlgorithm
= *digestAlg
;
242 SecCmsDigestContextUpdate(digcx
, encDigest
->Data
, encDigest
->Length
);
244 require_noerr(SecCmsDigestContextFinishSingle(digcx
, (SecArenaPoolRef
)signerInfo
->cmsg
->poolp
,
245 &messageImprint
->hashedMessage
), xit
);
252 #include <Security/SecAsn1Templates.h>
255 static OSStatus
decodeDERUTF8String(const CSSM_DATA_PTR content
, char *statusstr
, size_t strsz
)
257 // The statusString should use kSecAsn1SequenceOfUTF8StringTemplate, but doesn't
258 OSStatus status
= SECFailure
;
259 SecAsn1CoderRef coder
= NULL
;
260 CSSM_DATA statusString
;
263 require(content
&& statusstr
, xit
);
265 require_noerr(SecAsn1CoderCreate(&coder
), xit
);
266 require_noerr(SecAsn1Decode(coder
, content
->Data
, content
->Length
, kSecAsn1UTF8StringTemplate
, &statusString
), xit
);
268 len
= (statusString
.Length
< strsz
)?(int)statusString
.Length
:strsz
;
269 if (statusstr
&& statusString
.Data
)
270 strncpy(statusstr
, (const char *)statusString
.Data
, len
);
274 SecAsn1CoderRelease(coder
);
279 static OSStatus
validateTSAResponseAndAddTimeStamp(SecCmsSignerInfoRef signerinfo
, CSSM_DATA_PTR tsaResponse
,
280 uint64_t expectedNonce
)
282 OSStatus status
= SECFailure
;
283 SecAsn1CoderRef coder
= NULL
;
284 SecAsn1TimeStampRespDER respDER
= {{{0}},};
285 SecAsn1TSAPKIStatusInfo
*tsastatus
= NULL
;
291 require_action(tsaResponse
&& tsaResponse
->Data
&& tsaResponse
->Length
, xit
, status
= errSecTimestampMissing
);
293 require_noerr(SecAsn1CoderCreate(&coder
), xit
);
294 require_noerr(SecTSAResponseCopyDEREncoding(coder
, tsaResponse
, &respDER
), xit
);
297 tsaWriteFileX("/tmp/tsa-timeStampToken.der", respDER
.timeStampTokenDER
.Data
, respDER
.timeStampTokenDER
.Length
);
300 tsastatus
= (SecAsn1TSAPKIStatusInfo
*)&respDER
.status
;
301 require_action(tsastatus
->status
.Data
, xit
, status
= errSecTimestampBadDataFormat
);
302 respstatus
= (int)tsaDER_ToInt(&tsastatus
->status
);
306 if (tsastatus
->failInfo
.Data
) // e.g. FI_BadRequest
307 failinfo
= (int)tsaDER_ToInt(&tsastatus
->failInfo
);
309 if (tsastatus
->statusString
.Data
&& tsastatus
->statusString
.Length
)
311 OSStatus strrx
= decodeDERUTF8String(&tsastatus
->statusString
, buf
, sizeof(buf
));
312 dprintf("decodeDERUTF8String status: %d\n", (int)strrx
);
315 dprintf("validateTSAResponse: status: %d, failinfo: %d, %s\n", respstatus
, failinfo
, buf
);
321 case PKIS_GrantedWithMods
: // Success
325 status
= errSecTimestampRejection
;
328 status
= errSecTimestampWaiting
;
330 case PKIS_RevocationWarning
:
331 status
= errSecTimestampRevocationWarning
;
333 case PKIS_RevocationNotification
:
334 status
= errSecTimestampRevocationNotification
;
337 status
= errSecTimestampSystemFailure
;
340 require_noerr(status
, xit
);
342 // If we succeeded, then we must have a TimeStampToken
344 require_action(respDER
.timeStampTokenDER
.Data
&& respDER
.timeStampTokenDER
.Length
, xit
, status
= errSecTimestampBadDataFormat
);
346 dprintf("timestamp full expected nonce: %lld\n", expectedNonce
);
349 The bytes in respDER are a full CMS message, which we need to check now for validity.
350 The code for this is essentially the same code taht is done during a timestamp
351 verify, except that we also need to check the nonce.
353 CSSM_DATA
*encDigest
= SecCmsSignerInfoGetEncDigest(signerinfo
);
354 require_noerr(status
= decodeTimeStampToken(signerinfo
, &respDER
.timeStampTokenDER
, encDigest
, expectedNonce
), xit
);
356 status
= SecCmsSignerInfoAddTimeStamp(signerinfo
, &respDER
.timeStampTokenDER
);
360 SecAsn1CoderRelease(coder
);
364 static OSStatus
getRandomNonce(uint64_t *nonce
)
366 return nonce
? CCRandomCopyBytes(kCCRandomDevRandom
, (void *)nonce
, sizeof(*nonce
)) : SECFailure
;
369 static OSStatus
remapTimestampError(OSStatus inStatus
)
372 Since communicating with the timestamp server is perhaps an unexpected
373 dependency on the network, map unknown errors into something to indicate
374 that signing without a timestamp may be a workaround. In particular, the
375 private CFURL errors (see CFNetworkErrorsPriv.i)
377 kCFURLErrorTimedOut = -1001,
378 kCFURLErrorNotConnectedToInternet = -1009,
380 are remapped to errSecTimestampServiceNotAvailable.
385 case errSecTimestampMissing
:
386 case errSecTimestampInvalid
:
387 case errSecTimestampNotTrusted
:
388 case errSecTimestampServiceNotAvailable
:
389 case errSecTimestampBadAlg
:
390 case errSecTimestampBadRequest
:
391 case errSecTimestampBadDataFormat
:
392 case errSecTimestampTimeNotAvailable
:
393 case errSecTimestampUnacceptedPolicy
:
394 case errSecTimestampUnacceptedExtension
:
395 case errSecTimestampAddInfoNotAvailable
:
396 case errSecTimestampSystemFailure
:
397 case errSecSigningTimeMissing
:
398 case errSecTimestampRejection
:
399 case errSecTimestampWaiting
:
400 case errSecTimestampRevocationWarning
:
401 case errSecTimestampRevocationNotification
:
404 return errSecTimestampServiceNotAvailable
;
406 return errSecTimestampServiceNotAvailable
;
410 * SecCmsSignedDataEncodeAfterData - do all the necessary things to a SignedData
411 * after all the encapsulated data was passed through the encoder.
414 * - create the signatures in all the SignerInfos
416 * Please note that nothing is done to the Certificates and CRLs in the message - this
417 * is entirely the responsibility of our callers.
420 SecCmsSignedDataEncodeAfterData(SecCmsSignedDataRef sigd
)
422 SecCmsSignerInfoRef
*signerinfos
, signerinfo
;
423 SecCmsContentInfoRef cinfo
;
424 SECOidTag digestalgtag
;
425 OSStatus ret
= SECFailure
;
427 CSSM_DATA_PTR contentType
;
429 int i
, ci
, n
, rci
, si
;
432 extern const SecAsn1Template SecCmsSignerInfoTemplate
[];
434 poolp
= sigd
->cmsg
->poolp
;
435 cinfo
= &(sigd
->contentInfo
);
437 /* did we have digest calculation going on? */
439 rv
= SecCmsDigestContextFinishMultiple(cinfo
->digcx
, (SecArenaPoolRef
)poolp
, &(sigd
->digests
));
441 if (rv
!= SECSuccess
)
442 goto loser
; /* error has been set by SecCmsDigestContextFinishMultiple */
445 signerinfos
= sigd
->signerInfos
;
448 /* prepare all the SignerInfos (there may be none) */
449 for (i
=0; i
< SecCmsSignedDataSignerInfoCount(sigd
); i
++) {
450 signerinfo
= SecCmsSignedDataGetSignerInfo(sigd
, i
);
452 /* find correct digest for this signerinfo */
453 digestalgtag
= SecCmsSignerInfoGetDigestAlgTag(signerinfo
);
454 n
= SecCmsAlgArrayGetIndexByAlgTag(sigd
->digestAlgorithms
, digestalgtag
);
455 if (n
< 0 || sigd
->digests
== NULL
|| sigd
->digests
[n
] == NULL
) {
456 /* oops - digest not found */
457 PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND
);
461 /* XXX if our content is anything else but data, we need to force the
462 * presence of signed attributes (RFC2630 5.3 "signedAttributes is a
465 /* pass contentType here as we want a contentType attribute */
466 if ((contentType
= SecCmsContentInfoGetContentTypeOID(cinfo
)) == NULL
)
470 rv
= SecCmsSignerInfoSign(signerinfo
, sigd
->digests
[n
], contentType
);
471 if (rv
!= SECSuccess
)
474 /* while we're at it, count number of certs in certLists */
475 certlist
= SecCmsSignerInfoGetCertList(signerinfo
);
477 certcount
+= CFArrayGetCount(certlist
);
480 /* Now we can get a timestamp, since we have all the digests */
482 // We force the setting of a callback, since this is the most usual case
483 if (!sigd
->cmsg
->tsaCallback
)
484 SecCmsMessageSetTSACallback(sigd
->cmsg
, (SecCmsTSACallback
)SecCmsTSADefaultCallback
);
486 if (sigd
->cmsg
->tsaCallback
&& sigd
->cmsg
->tsaContext
)
488 CSSM_DATA tsaResponse
= {0,};
489 SecAsn1TSAMessageImprint messageImprint
= {{{0},},{0,}};
490 // <rdar://problem/11073466> Add nonce support for timestamping client
494 require_noerr(getRandomNonce(&nonce
), tsxit
);
495 dprintf("SecCmsSignedDataSignerInfoCount: %d\n", SecCmsSignedDataSignerInfoCount(sigd
));
497 // Calculate hash of encDigest and put in messageImprint.hashedMessage
498 SecCmsSignerInfoRef signerinfo
= SecCmsSignedDataGetSignerInfo(sigd
, 0); // NB - assume 1 signer only!
499 CSSM_DATA
*encDigest
= SecCmsSignerInfoGetEncDigest(signerinfo
);
500 require_noerr(createTSAMessageImprint(signerinfo
, &signerinfo
->digestAlg
, encDigest
, &messageImprint
), tsxit
);
502 // Callback to fire up XPC service to talk to TimeStamping server, etc.
503 require_noerr(rv
=(*sigd
->cmsg
->tsaCallback
)(sigd
->cmsg
->tsaContext
, &messageImprint
,
504 nonce
, &tsaResponse
), tsxit
);
506 require_noerr(rv
= validateTSAResponseAndAddTimeStamp(signerinfo
, &tsaResponse
, nonce
), tsxit
);
509 It is likely that every occurrence of "goto loser" in this file should
510 also do a PORT_SetError. Since it is not clear what might depend on this
511 behavior, we just do this in the timestamping case.
516 dprintf("Original timestamp error: %d\n", (int)rv
);
517 rv
= remapTimestampError(rv
);
523 /* this is a SET OF, so we need to sort them guys */
524 rv
= SecCmsArraySortByDER((void **)signerinfos
, SecCmsSignerInfoTemplate
, NULL
);
525 if (rv
!= SECSuccess
)
529 * now prepare certs & crls
532 /* count the rest of the certs */
533 if (sigd
->certs
!= NULL
)
534 certcount
+= CFArrayGetCount(sigd
->certs
);
536 if (certcount
== 0) {
537 sigd
->rawCerts
= NULL
;
540 * Combine all of the certs and cert chains into rawcerts.
541 * Note: certcount is an upper bound; we may not need that many slots
542 * but we will allocate anyway to avoid having to do another pass.
543 * (The temporary space saving is not worth it.)
545 * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
546 * SetOfDERcertficates implementation
548 sigd
->rawCerts
= (CSSM_DATA_PTR
*)PORT_ArenaAlloc(poolp
, (certcount
+ 1) * sizeof(CSSM_DATA_PTR
));
549 if (sigd
->rawCerts
== NULL
)
553 * XXX Want to check for duplicates and not add *any* cert that is
554 * already in the set. This will be more important when we start
555 * dealing with larger sets of certs, dual-key certs (signing and
556 * encryption), etc. For the time being we can slide by...
558 * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
559 * SetOfDERcertficates implementation
562 if (signerinfos
!= NULL
) {
563 for (si
= 0; signerinfos
[si
] != NULL
; si
++) {
564 signerinfo
= signerinfos
[si
];
565 for (ci
= 0; ci
< CFArrayGetCount(signerinfo
->certList
); ci
++) {
566 sigd
->rawCerts
[rci
] = PORT_ArenaZAlloc(poolp
, sizeof(CSSM_DATA
));
567 SecCertificateRef cert
= (SecCertificateRef
)CFArrayGetValueAtIndex(signerinfo
->certList
, ci
);
568 SecCertificateGetData(cert
, sigd
->rawCerts
[rci
++]);
573 if (sigd
->certs
!= NULL
) {
574 for (ci
= 0; ci
< CFArrayGetCount(sigd
->certs
); ci
++) {
575 sigd
->rawCerts
[rci
] = PORT_ArenaZAlloc(poolp
, sizeof(CSSM_DATA
));
576 SecCertificateRef cert
= (SecCertificateRef
)CFArrayGetValueAtIndex(sigd
->certs
, ci
);
577 SecCertificateGetData(cert
, sigd
->rawCerts
[rci
++]);
581 sigd
->rawCerts
[rci
] = NULL
;
583 /* this is a SET OF, so we need to sort them guys - we have the DER already, though */
584 SecCmsArraySort((void **)sigd
->rawCerts
, SecCmsUtilDERCompare
, NULL
, NULL
);
591 dprintf("SecCmsSignedDataEncodeAfterData: ret: %ld, rv: %ld\n", (long)ret
, (long)rv
);
596 SecCmsSignedDataDecodeBeforeData(SecCmsSignedDataRef sigd
)
598 /* set up the digests */
599 if (sigd
->digestAlgorithms
!= NULL
&& sigd
->digests
== NULL
) {
600 /* if digests are already there, do nothing */
601 sigd
->contentInfo
.digcx
= SecCmsDigestContextStartMultiple(sigd
->digestAlgorithms
);
602 if (sigd
->contentInfo
.digcx
== NULL
)
609 * SecCmsSignedDataDecodeAfterData - do all the necessary things to a SignedData
610 * after all the encapsulated data was passed through the decoder.
613 SecCmsSignedDataDecodeAfterData(SecCmsSignedDataRef sigd
)
615 /* did we have digest calculation going on? */
616 if (sigd
->contentInfo
.digcx
) {
617 if (SecCmsDigestContextFinishMultiple(sigd
->contentInfo
.digcx
, (SecArenaPoolRef
)sigd
->cmsg
->poolp
, &(sigd
->digests
)) != SECSuccess
) {
618 sigd
->contentInfo
.digcx
= NULL
;
619 return SECFailure
; /* error has been set by SecCmsDigestContextFinishMultiple */
621 sigd
->contentInfo
.digcx
= NULL
;
627 * SecCmsSignedDataDecodeAfterEnd - do all the necessary things to a SignedData
628 * after all decoding is finished.
631 SecCmsSignedDataDecodeAfterEnd(SecCmsSignedDataRef sigd
)
633 SecCmsSignerInfoRef
*signerinfos
;
640 signerinfos
= sigd
->signerInfos
;
642 /* set cmsg and sigd backpointers for all the signerinfos */
644 for (i
= 0; signerinfos
[i
] != NULL
; i
++) {
645 signerinfos
[i
]->cmsg
= sigd
->cmsg
;
646 signerinfos
[i
]->sigd
= sigd
;
654 * SecCmsSignedDataGetSignerInfos - retrieve the SignedData's signer list
656 SecCmsSignerInfoRef
*
657 SecCmsSignedDataGetSignerInfos(SecCmsSignedDataRef sigd
)
659 return sigd
->signerInfos
;
663 SecCmsSignedDataSignerInfoCount(SecCmsSignedDataRef sigd
)
665 return SecCmsArrayCount((void **)sigd
->signerInfos
);
669 SecCmsSignedDataGetSignerInfo(SecCmsSignedDataRef sigd
, int i
)
671 return sigd
->signerInfos
[i
];
675 * SecCmsSignedDataGetDigestAlgs - retrieve the SignedData's digest algorithm list
678 SecCmsSignedDataGetDigestAlgs(SecCmsSignedDataRef sigd
)
680 return sigd
->digestAlgorithms
;
684 * SecCmsSignedDataGetContentInfo - return pointer to this signedData's contentinfo
687 SecCmsSignedDataGetContentInfo(SecCmsSignedDataRef sigd
)
689 return &(sigd
->contentInfo
);
693 * SecCmsSignedDataGetCertificateList - retrieve the SignedData's certificate list
696 SecCmsSignedDataGetCertificateList(SecCmsSignedDataRef sigd
)
698 return sigd
->rawCerts
;
702 SecCmsSignedDataImportCerts(SecCmsSignedDataRef sigd
, SecKeychainRef keychain
,
703 SECCertUsage certusage
, Boolean keepcerts
)
709 certcount
= SecCmsArrayCount((void **)sigd
->rawCerts
);
711 rv
= CERT_ImportCerts(keychain
, certusage
, certcount
, sigd
->rawCerts
, NULL
,
712 keepcerts
, PR_FALSE
, NULL
);
714 /* XXX CRL handling */
716 if (sigd
->signerInfos
!= NULL
) {
717 /* fill in all signerinfo's certs */
718 for (i
= 0; sigd
->signerInfos
[i
] != NULL
; i
++)
719 (void)SecCmsSignerInfoGetSigningCertificate(sigd
->signerInfos
[i
], keychain
);
726 * XXX the digests need to be passed in BETWEEN the decoding and the verification in case
727 * of external signatures!
731 * SecCmsSignedDataVerifySignerInfo - check the signatures.
733 * The digests were either calculated during decoding (and are stored in the
734 * signedData itself) or set after decoding using SecCmsSignedDataSetDigests.
736 * The verification checks if the signing cert is valid and has a trusted chain
737 * for the purpose specified by "policies".
739 * If trustRef is NULL the cert chain is verified and the VerificationStatus is set accordingly.
740 * Otherwise a SecTrust object is returned for the caller to evaluate using SecTrustEvaluate().
743 SecCmsSignedDataVerifySignerInfo(SecCmsSignedDataRef sigd
, int i
,
744 SecKeychainRef keychainOrArray
, CFTypeRef policies
, SecTrustRef
*trustRef
)
746 SecCmsSignerInfoRef signerinfo
;
747 SecCmsContentInfoRef cinfo
;
748 SECOidData
*algiddata
;
749 CSSM_DATA_PTR contentType
, digest
;
750 OSStatus status
, status2
;
752 cinfo
= &(sigd
->contentInfo
);
754 signerinfo
= sigd
->signerInfos
[i
];
756 /* Signature or digest level verificationStatus errors should supercede
757 certificate level errors, so check the digest and signature first. */
759 /* Find digest and contentType for signerinfo */
760 algiddata
= SecCmsSignerInfoGetDigestAlg(signerinfo
);
761 if (algiddata
== NULL
) {
762 return errSecInternalError
; // shouldn't have happened, this is likely due to corrupted data
765 digest
= SecCmsSignedDataGetDigestByAlgTag(sigd
, algiddata
->offset
);
768 * No digests; this probably had detached content the caller has to
770 * FIXME: need some error return for this (as well as many
771 * other places in this library).
773 return errSecDataNotAvailable
;
775 contentType
= SecCmsContentInfoGetContentTypeOID(cinfo
);
777 /* verify signature */
778 CFTypeRef timeStampPolicies
=SecPolicyCreateAppleTimeStampingAndRevocationPolicies(policies
);
779 status
= SecCmsSignerInfoVerifyWithPolicy(signerinfo
, timeStampPolicies
, digest
, contentType
);
780 CFReleaseSafe(timeStampPolicies
);
782 /* Now verify the certificate. We do this even if the signature failed to verify so we can
783 return a trustRef to the caller for display purposes. */
784 status2
= SecCmsSignerInfoVerifyCertificate(signerinfo
, keychainOrArray
,
786 dprintf("SecCmsSignedDataVerifySignerInfo: status %d status2 %d\n", (int) status
, (int)status2
);
787 /* The error from SecCmsSignerInfoVerify() supercedes error from SecCmsSignerInfoVerifyCertificate(). */
795 * SecCmsSignedDataVerifyCertsOnly - verify the certs in a certs-only message
798 SecCmsSignedDataVerifyCertsOnly(SecCmsSignedDataRef sigd
,
799 SecKeychainRef keychainOrArray
,
802 SecCertificateRef cert
;
803 OSStatus rv
= SECSuccess
;
807 if (!sigd
|| !keychainOrArray
|| !sigd
->rawCerts
) {
808 PORT_SetError(SEC_ERROR_INVALID_ARGS
);
812 count
= SecCmsArrayCount((void**)sigd
->rawCerts
);
813 for (i
=0; i
< count
; i
++) {
814 if (sigd
->certs
&& CFArrayGetCount(sigd
->certs
) > i
) {
815 cert
= (SecCertificateRef
)CFArrayGetValueAtIndex(sigd
->certs
, i
);
818 cert
= CERT_FindCertByDERCert(keychainOrArray
, sigd
->rawCerts
[i
]);
824 rv
|= CERT_VerifyCert(keychainOrArray
, cert
, sigd
->rawCerts
,
825 policies
, CFAbsoluteTimeGetCurrent(), NULL
);
833 * SecCmsSignedDataHasDigests - see if we have digests in place
836 SecCmsSignedDataHasDigests(SecCmsSignedDataRef sigd
)
838 return (sigd
->digests
!= NULL
);
842 SecCmsSignedDataAddCertList(SecCmsSignedDataRef sigd
, CFArrayRef certlist
)
844 PORT_Assert(certlist
!= NULL
);
846 if (certlist
== NULL
)
850 sigd
->certs
= CFArrayCreateMutableCopy(NULL
, 0, certlist
);
853 CFRange certlistRange
= { 0, CFArrayGetCount(certlist
) };
854 CFArrayAppendArray(sigd
->certs
, certlist
, certlistRange
);
861 * SecCmsSignedDataAddCertChain - add cert and its entire chain to the set of certs
864 SecCmsSignedDataAddCertChain(SecCmsSignedDataRef sigd
, SecCertificateRef cert
)
870 usage
= certUsageEmailSigner
;
872 /* do not include root */
873 certlist
= CERT_CertChainFromCert(cert
, usage
, PR_FALSE
);
874 if (certlist
== NULL
)
877 rv
= SecCmsSignedDataAddCertList(sigd
, certlist
);
884 SecCmsSignedDataAddCertificate(SecCmsSignedDataRef sigd
, SecCertificateRef cert
)
886 PORT_Assert(cert
!= NULL
);
892 sigd
->certs
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
894 CFArrayAppendValue(sigd
->certs
, cert
);
900 SecCmsSignedDataContainsCertsOrCrls(SecCmsSignedDataRef sigd
)
902 if (sigd
->rawCerts
!= NULL
&& sigd
->rawCerts
[0] != NULL
)
904 else if (sigd
->rawCrls
!= NULL
&& sigd
->rawCrls
[0] != NULL
)
911 SecCmsSignedDataAddSignerInfo(SecCmsSignedDataRef sigd
,
912 SecCmsSignerInfoRef signerinfo
)
916 SECOidTag digestalgtag
;
919 poolp
= sigd
->cmsg
->poolp
;
921 mark
= PORT_ArenaMark(poolp
);
924 rv
= SecCmsArrayAdd(poolp
, (void ***)&(sigd
->signerInfos
), (void *)signerinfo
);
925 if (rv
!= SECSuccess
)
928 signerinfo
->sigd
= sigd
;
932 * Empty because we don't have it yet. Either it gets created during encoding
933 * (if the data is present) or has to be set externally.
934 * XXX maybe pass it in optionally?
936 digestalgtag
= SecCmsSignerInfoGetDigestAlgTag(signerinfo
);
937 rv
= SecCmsSignedDataSetDigestValue(sigd
, digestalgtag
, NULL
);
938 if (rv
!= SECSuccess
)
942 * The last thing to get consistency would be adding the digest.
945 PORT_ArenaUnmark(poolp
, mark
);
949 PORT_ArenaRelease (poolp
, mark
);
954 SecCmsSignedDataGetDigestByAlgTag(SecCmsSignedDataRef sigd
, SECOidTag algtag
)
958 if(sigd
== NULL
|| sigd
->digests
== NULL
) {
961 idx
= SecCmsAlgArrayGetIndexByAlgTag(sigd
->digestAlgorithms
, algtag
);
962 return (idx
>= 0) ? sigd
->digests
[idx
] : NULL
;
966 * SecCmsSignedDataSetDigests - set a signedData's digests member
968 * "digestalgs" - array of digest algorithm IDs
969 * "digests" - array of digests corresponding to the digest algorithms
972 SecCmsSignedDataSetDigests(SecCmsSignedDataRef sigd
,
973 SECAlgorithmID
**digestalgs
,
974 CSSM_DATA_PTR
*digests
)
978 /* Check input structure and items in structure */
979 if (sigd
== NULL
|| sigd
->digestAlgorithms
== NULL
|| sigd
->cmsg
== NULL
|| sigd
->cmsg
->poolp
== NULL
) {
980 PORT_SetError(SEC_ERROR_INVALID_ARGS
);
984 /* we assume that the digests array is just not there yet */
985 PORT_Assert(sigd
->digests
== NULL
);
986 if (sigd
->digests
!= NULL
) {
987 PORT_SetError(SEC_ERROR_LIBRARY_FAILURE
);
991 /* now allocate one (same size as digestAlgorithms) */
992 cnt
= SecCmsArrayCount((void **)sigd
->digestAlgorithms
);
993 sigd
->digests
= PORT_ArenaZAlloc(sigd
->cmsg
->poolp
, (cnt
+ 1) * sizeof(CSSM_DATA_PTR
));
994 if (sigd
->digests
== NULL
) {
995 PORT_SetError(SEC_ERROR_NO_MEMORY
);
999 for (i
= 0; sigd
->digestAlgorithms
[i
] != NULL
; i
++) {
1000 /* try to find the sigd's i'th digest algorithm in the array we passed in */
1001 idx
= SecCmsAlgArrayGetIndexByAlgID(digestalgs
, sigd
->digestAlgorithms
[i
]);
1003 PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND
);
1007 /* found it - now set it */
1008 if ((sigd
->digests
[i
] = SECITEM_AllocItem(sigd
->cmsg
->poolp
, NULL
, 0)) == NULL
||
1009 SECITEM_CopyItem(sigd
->cmsg
->poolp
, sigd
->digests
[i
], digests
[idx
]) != SECSuccess
)
1011 PORT_SetError(SEC_ERROR_NO_MEMORY
);
1019 SecCmsSignedDataSetDigestValue(SecCmsSignedDataRef sigd
,
1020 SECOidTag digestalgtag
,
1021 CSSM_DATA_PTR digestdata
)
1023 CSSM_DATA_PTR digest
= NULL
;
1028 poolp
= sigd
->cmsg
->poolp
;
1030 mark
= PORT_ArenaMark(poolp
);
1034 digest
= (CSSM_DATA_PTR
) PORT_ArenaZAlloc(poolp
,sizeof(CSSM_DATA
));
1036 /* copy digestdata item to arena (in case we have it and are not only making room) */
1037 if (SECITEM_CopyItem(poolp
, digest
, digestdata
) != SECSuccess
)
1041 /* now allocate one (same size as digestAlgorithms) */
1042 if (sigd
->digests
== NULL
) {
1043 cnt
= SecCmsArrayCount((void **)sigd
->digestAlgorithms
);
1044 sigd
->digests
= PORT_ArenaZAlloc(sigd
->cmsg
->poolp
, (cnt
+ 1) * sizeof(CSSM_DATA_PTR
));
1045 if (sigd
->digests
== NULL
) {
1046 PORT_SetError(SEC_ERROR_NO_MEMORY
);
1052 if (sigd
->digestAlgorithms
!= NULL
)
1053 n
= SecCmsAlgArrayGetIndexByAlgTag(sigd
->digestAlgorithms
, digestalgtag
);
1055 /* if not found, add a digest */
1057 if (SecCmsSignedDataAddDigest((SecArenaPoolRef
)poolp
, sigd
, digestalgtag
, digest
) != SECSuccess
)
1060 /* replace NULL pointer with digest item (and leak previous value) */
1061 sigd
->digests
[n
] = digest
;
1064 PORT_ArenaUnmark(poolp
, mark
);
1068 PORT_ArenaRelease(poolp
, mark
);
1073 SecCmsSignedDataAddDigest(SecArenaPoolRef pool
,
1074 SecCmsSignedDataRef sigd
,
1075 SECOidTag digestalgtag
,
1076 CSSM_DATA_PTR digest
)
1078 PRArenaPool
*poolp
= (PRArenaPool
*)pool
;
1079 SECAlgorithmID
*digestalg
;
1082 mark
= PORT_ArenaMark(poolp
);
1084 digestalg
= PORT_ArenaZAlloc(poolp
, sizeof(SECAlgorithmID
));
1085 if (digestalg
== NULL
)
1088 if (SECOID_SetAlgorithmID (poolp
, digestalg
, digestalgtag
, NULL
) != SECSuccess
) /* no params */
1091 if (SecCmsArrayAdd(poolp
, (void ***)&(sigd
->digestAlgorithms
), (void *)digestalg
) != SECSuccess
||
1092 /* even if digest is NULL, add dummy to have same-size array */
1093 SecCmsArrayAdd(poolp
, (void ***)&(sigd
->digests
), (void *)digest
) != SECSuccess
)
1098 PORT_ArenaUnmark(poolp
, mark
);
1102 PORT_ArenaRelease(poolp
, mark
);
1107 SecCmsSignedDataGetDigestValue(SecCmsSignedDataRef sigd
, SECOidTag digestalgtag
)
1111 if (sigd
->digestAlgorithms
== NULL
)
1114 n
= SecCmsAlgArrayGetIndexByAlgTag(sigd
->digestAlgorithms
, digestalgtag
);
1116 return (n
< 0) ? NULL
: sigd
->digests
[n
];
1119 /* =============================================================================
1120 * Misc. utility functions
1124 * SecCmsSignedDataCreateCertsOnly - create a certs-only SignedData.
1126 * cert - base certificates that will be included
1127 * include_chain - if true, include the complete cert chain for cert
1129 * More certs and chains can be added via AddCertificate and AddCertChain.
1131 * An error results in a return value of NULL and an error set.
1136 SecCmsSignedDataCreateCertsOnly(SecCmsMessageRef cmsg
, SecCertificateRef cert
, Boolean include_chain
)
1138 SecCmsSignedDataRef sigd
;
1143 poolp
= cmsg
->poolp
;
1144 mark
= PORT_ArenaMark(poolp
);
1146 sigd
= SecCmsSignedDataCreate(cmsg
);
1150 /* no signerinfos, thus no digestAlgorithms */
1153 if (include_chain
) {
1154 rv
= SecCmsSignedDataAddCertChain(sigd
, cert
);
1156 rv
= SecCmsSignedDataAddCertificate(sigd
, cert
);
1158 if (rv
!= SECSuccess
)
1162 * In the degenerate case where there are no signers, the
1163 * EncapsulatedContentInfo value being "signed" is irrelevant. In this
1164 * case, the content type within the EncapsulatedContentInfo value being
1165 * "signed" should be id-data (as defined in section 4), and the content
1166 * field of the EncapsulatedContentInfo value should be omitted.
1168 rv
= SecCmsContentInfoSetContentData(cmsg
, &(sigd
->contentInfo
), NULL
, PR_TRUE
);
1169 if (rv
!= SECSuccess
)
1172 PORT_ArenaUnmark(poolp
, mark
);
1177 SecCmsSignedDataDestroy(sigd
);
1178 PORT_ArenaRelease(poolp
, mark
);
1183 * Get SecCmsSignedDataRawCerts - obtain raw certs as a NULL_terminated array
1186 extern OSStatus
SecCmsSignedDataRawCerts(SecCmsSignedDataRef sigd
,
1187 CSSM_DATA_PTR
**rawCerts
)
1189 *rawCerts
= sigd
->rawCerts
;
1194 * SecCmsSignerInfoGetReceiptRequest()
1195 * SecCmsSignedDataHasReceiptRequest()
1196 * easy way to iterate over signers