2 * The contents of this file are subject to the Mozilla Public
3 * License Version 1.1 (the "License"); you may not use this file
4 * except in compliance with the License. You may obtain a copy of
5 * the License at http://www.mozilla.org/MPL/
7 * Software distributed under the License is distributed on an "AS
8 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9 * implied. See the License for the specific language governing
10 * rights and limitations under the License.
12 * The Original Code is the Netscape security libraries.
14 * The Initial Developer of the Original Code is Netscape
15 * Communications Corporation. Portions created by Netscape are
16 * Copyright (C) 1994-2000 Netscape Communications Corporation. All
21 * Alternatively, the contents of this file may be used under the
22 * terms of the GNU General Public License Version 2 or later (the
23 * "GPL"), in which case the provisions of the GPL are applicable
24 * instead of those above. If you wish to allow use of your
25 * version of this file only under the terms of the GPL and not to
26 * allow others to use your version of this file under the MPL,
27 * indicate your decision by deleting the provisions above and
28 * replace them with the notice and other provisions required by
29 * the GPL. If you do not delete the provisions above, a recipient
30 * may use your version of this file under either the MPL or the
35 * CMS signerInfo methods.
38 #include <Security/SecCmsSignerInfo.h>
39 #include "SecSMIMEPriv.h"
48 #include <security_asn1/secasn1.h>
49 #include <security_asn1/secerr.h>
50 #include <Security/SecKeychain.h>
51 #include <Security/SecIdentity.h>
52 #include <Security/SecCertificatePriv.h>
53 #include <Security/SecKeyPriv.h>
54 #include <CoreFoundation/CFTimeZone.h>
55 #include <utilities/SecCFWrappers.h>
56 #include <AssertMacros.h>
57 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
58 #include <Security/SecPolicyPriv.h>
59 #include <Security/SecItem.h>
61 #include "tsaSupport.h"
62 #include "tsaSupportPriv.h"
66 #define HIDIGIT(v) (((v) / 10) + '0')
67 #define LODIGIT(v) (((v) % 10) + '0')
69 #define ISDIGIT(dig) (((dig) >= '0') && ((dig) <= '9'))
70 #define CAPTURE(var,p,label) \
72 if (!ISDIGIT((p)[0]) || !ISDIGIT((p)[1])) goto label; \
73 (var) = ((p)[0] - '0') * 10 + ((p)[1] - '0'); \
77 #define SIGINFO_DEBUG 1
81 #define dprintf(args...) fprintf(stderr, args)
83 #define dprintf(args...)
87 #define dprintfRC(args...) dprintf(args)
89 #define dprintfRC(args...)
93 DER_UTCTimeToCFDate(const CSSM_DATA_PTR utcTime
, CFAbsoluteTime
*date
)
95 CFGregorianDate gdate
;
96 char *string
= (char *)utcTime
->Data
;
97 long year
, month
, mday
, hour
, minute
, second
, hourOff
, minOff
;
98 CFTimeZoneRef timeZone
;
100 /* Verify time is formatted properly and capture information */
104 CAPTURE(year
,string
+0,loser
);
106 /* ASSUME that year # is in the 2000's, not the 1900's */
109 CAPTURE(month
,string
+2,loser
);
110 if ((month
== 0) || (month
> 12)) goto loser
;
111 CAPTURE(mday
,string
+4,loser
);
112 if ((mday
== 0) || (mday
> 31)) goto loser
;
113 CAPTURE(hour
,string
+6,loser
);
114 if (hour
> 23) goto loser
;
115 CAPTURE(minute
,string
+8,loser
);
116 if (minute
> 59) goto loser
;
117 if (ISDIGIT(string
[10])) {
118 CAPTURE(second
,string
+10,loser
);
119 if (second
> 59) goto loser
;
122 if (string
[10] == '+') {
123 CAPTURE(hourOff
,string
+11,loser
);
124 if (hourOff
> 23) goto loser
;
125 CAPTURE(minOff
,string
+13,loser
);
126 if (minOff
> 59) goto loser
;
127 } else if (string
[10] == '-') {
128 CAPTURE(hourOff
,string
+11,loser
);
129 if (hourOff
> 23) goto loser
;
131 CAPTURE(minOff
,string
+13,loser
);
132 if (minOff
> 59) goto loser
;
134 } else if (string
[10] != 'Z') {
138 gdate
.year
= (SInt32
)(year
+ 1900);
142 gdate
.minute
= minute
;
143 gdate
.second
= second
;
145 if (hourOff
== 0 && minOff
== 0)
146 timeZone
= NULL
; /* GMT */
149 timeZone
= CFTimeZoneCreateWithTimeIntervalFromGMT(NULL
, (hourOff
* 60 + minOff
) * 60);
152 *date
= CFGregorianDateGetAbsoluteTime(gdate
, timeZone
);
163 DER_CFDateToUTCTime(CFAbsoluteTime date
, CSSM_DATA_PTR utcTime
)
165 CFGregorianDate gdate
= CFAbsoluteTimeGetGregorianDate(date
, NULL
/* GMT */);
169 utcTime
->Length
= 13;
170 utcTime
->Data
= d
= PORT_Alloc(13);
174 /* UTC time does not handle the years before 1950 */
175 if (gdate
.year
< 1950)
178 /* remove the century since it's added to the year by the
179 CFAbsoluteTimeGetGregorianDate routine, but is not needed for UTC time */
181 second
= gdate
.second
+ 0.5;
183 d
[0] = HIDIGIT(gdate
.year
);
184 d
[1] = LODIGIT(gdate
.year
);
185 d
[2] = HIDIGIT(gdate
.month
);
186 d
[3] = LODIGIT(gdate
.month
);
187 d
[4] = HIDIGIT(gdate
.day
);
188 d
[5] = LODIGIT(gdate
.day
);
189 d
[6] = HIDIGIT(gdate
.hour
);
190 d
[7] = LODIGIT(gdate
.hour
);
191 d
[8] = HIDIGIT(gdate
.minute
);
192 d
[9] = LODIGIT(gdate
.minute
);
193 d
[10] = HIDIGIT(second
);
194 d
[11] = LODIGIT(second
);
199 /* =============================================================================
203 nss_cmssignerinfo_create(SecCmsMessageRef cmsg
, SecCmsSignerIDSelector type
, SecCertificateRef cert
, CSSM_DATA_PTR subjKeyID
, SecPublicKeyRef pubKey
, SecPrivateKeyRef signingKey
, SECOidTag digestalgtag
);
206 SecCmsSignerInfoCreateWithSubjKeyID(SecCmsMessageRef cmsg
, CSSM_DATA_PTR subjKeyID
, SecPublicKeyRef pubKey
, SecPrivateKeyRef signingKey
, SECOidTag digestalgtag
)
208 return nss_cmssignerinfo_create(cmsg
, SecCmsSignerIDSubjectKeyID
, NULL
, subjKeyID
, pubKey
, signingKey
, digestalgtag
);
212 SecCmsSignerInfoCreate(SecCmsMessageRef cmsg
, SecIdentityRef identity
, SECOidTag digestalgtag
)
214 SecCmsSignerInfoRef signerInfo
= NULL
;
215 SecCertificateRef cert
= NULL
;
216 SecPrivateKeyRef signingKey
= NULL
;
217 CFDictionaryRef keyAttrs
= NULL
;
219 if (SecIdentityCopyCertificate(identity
, &cert
))
221 if (SecIdentityCopyPrivateKey(identity
, &signingKey
))
224 /* In some situations, the "Private Key" in the identity is actually a public key. */
225 keyAttrs
= SecKeyCopyAttributes(signingKey
);
228 CFTypeRef
class = CFDictionaryGetValue(keyAttrs
, kSecAttrKeyClass
);
229 if (!class || (CFGetTypeID(class) != CFStringGetTypeID()) || !CFEqual(class, kSecAttrKeyClassPrivate
))
233 signerInfo
= nss_cmssignerinfo_create(cmsg
, SecCmsSignerIDIssuerSN
, cert
, NULL
, NULL
, signingKey
, digestalgtag
);
239 CFRelease(signingKey
);
247 nss_cmssignerinfo_create(SecCmsMessageRef cmsg
, SecCmsSignerIDSelector type
, SecCertificateRef cert
, CSSM_DATA_PTR subjKeyID
, SecPublicKeyRef pubKey
, SecPrivateKeyRef signingKey
, SECOidTag digestalgtag
)
250 SecCmsSignerInfoRef signerinfo
;
256 mark
= PORT_ArenaMark(poolp
);
258 signerinfo
= (SecCmsSignerInfoRef
)PORT_ArenaZAlloc(poolp
, sizeof(SecCmsSignerInfo
));
259 if (signerinfo
== NULL
) {
260 PORT_ArenaRelease(poolp
, mark
);
265 signerinfo
->cmsg
= cmsg
;
268 case SecCmsSignerIDIssuerSN
:
269 signerinfo
->signerIdentifier
.identifierType
= SecCmsSignerIDIssuerSN
;
270 if ((signerinfo
->cert
= CERT_DupCertificate(cert
)) == NULL
)
272 if ((signerinfo
->signerIdentifier
.id
.issuerAndSN
= CERT_GetCertIssuerAndSN(poolp
, cert
)) == NULL
)
274 dprintfRC("nss_cmssignerinfo_create: SecCmsSignerIDIssuerSN: cert.rc %d\n",
275 (int)CFGetRetainCount(signerinfo
->cert
));
277 case SecCmsSignerIDSubjectKeyID
:
278 signerinfo
->signerIdentifier
.identifierType
= SecCmsSignerIDSubjectKeyID
;
279 PORT_Assert(subjKeyID
);
282 signerinfo
->signerIdentifier
.id
.subjectKeyID
= PORT_ArenaNew(poolp
, CSSM_DATA
);
283 if (SECITEM_CopyItem(poolp
, signerinfo
->signerIdentifier
.id
.subjectKeyID
,
287 signerinfo
->pubKey
= SECKEY_CopyPublicKey(pubKey
);
288 if (!signerinfo
->pubKey
)
298 signerinfo
->signingKey
= SECKEY_CopyPrivateKey(signingKey
);
299 if (!signerinfo
->signingKey
)
302 /* set version right now */
303 version
= SEC_CMS_SIGNER_INFO_VERSION_ISSUERSN
;
304 /* RFC2630 5.3 "version is the syntax version number. If the .... " */
305 if (signerinfo
->signerIdentifier
.identifierType
== SecCmsSignerIDSubjectKeyID
)
306 version
= SEC_CMS_SIGNER_INFO_VERSION_SUBJKEY
;
307 (void)SEC_ASN1EncodeInteger(poolp
, &(signerinfo
->version
), (long)version
);
309 if (SECOID_SetAlgorithmID(poolp
, &signerinfo
->digestAlg
, digestalgtag
, NULL
) != SECSuccess
)
312 PORT_ArenaUnmark(poolp
, mark
);
316 PORT_ArenaRelease(poolp
, mark
);
321 * SecCmsSignerInfoDestroy - destroy a SignerInfo data structure
324 SecCmsSignerInfoDestroy(SecCmsSignerInfoRef si
)
326 if (si
->cert
!= NULL
) {
327 dprintfRC("SecCmsSignerInfoDestroy top: certp %p cert.rc %d\n",
328 si
->cert
, (int)CFGetRetainCount(si
->cert
));
329 CERT_DestroyCertificate(si
->cert
);
331 if (si
->certList
!= NULL
) {
332 dprintfRC("SecCmsSignerInfoDestroy top: certList.rc %d\n",
333 (int)CFGetRetainCount(si
->certList
));
334 CFRelease(si
->certList
);
336 if (si
->timestampCertList
!= NULL
) {
337 dprintfRC("SecCmsSignerInfoDestroy top: timestampCertList.rc %d\n",
338 (int)CFGetRetainCount(si
->timestampCertList
));
339 CFRelease(si
->timestampCertList
);
341 if (si
->hashAgilityAttrValue
!= NULL
) {
342 dprintfRC("SecCmsSignerInfoDestroy top: hashAgilityAttrValue.rc %d\n",
343 (int)CFGetRetainCount(si
->hashAgilityAttrValue
));
344 CFRelease(si
->hashAgilityAttrValue
);
346 /* XXX storage ??? */
350 * SecCmsSignerInfoSign - sign something
354 SecCmsSignerInfoSign(SecCmsSignerInfoRef signerinfo
, CSSM_DATA_PTR digest
, CSSM_DATA_PTR contentType
)
356 SecCertificateRef cert
;
357 SecPrivateKeyRef privkey
= NULL
;
358 SECOidTag digestalgtag
;
359 SECOidTag pubkAlgTag
;
360 CSSM_DATA signature
= { 0 };
362 PLArenaPool
*poolp
, *tmppoolp
= NULL
;
363 const SECAlgorithmID
*algID
;
364 SECAlgorithmID freeAlgID
;
365 //CERTSubjectPublicKeyInfo *spki;
367 PORT_Assert (digest
!= NULL
);
369 poolp
= signerinfo
->cmsg
->poolp
;
371 switch (signerinfo
->signerIdentifier
.identifierType
) {
372 case SecCmsSignerIDIssuerSN
:
373 privkey
= signerinfo
->signingKey
;
374 signerinfo
->signingKey
= NULL
;
375 cert
= signerinfo
->cert
;
376 if (SecCertificateGetAlgorithmID(cert
,&algID
)) {
377 PORT_SetError(SEC_ERROR_INVALID_ALGORITHM
);
381 case SecCmsSignerIDSubjectKeyID
:
382 privkey
= signerinfo
->signingKey
;
383 signerinfo
->signingKey
= NULL
;
385 spki
= SECKEY_CreateSubjectPublicKeyInfo(signerinfo
->pubKey
);
386 SECKEY_DestroyPublicKey(signerinfo
->pubKey
);
387 signerinfo
->pubKey
= NULL
;
388 SECOID_CopyAlgorithmID(NULL
, &freeAlgID
, &spki
->algorithm
);
389 SECKEY_DestroySubjectPublicKeyInfo(spki
);
393 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE || TARGET_IPHONE_SIMULATOR))
394 if (SecKeyGetAlgorithmID(signerinfo
->pubKey
,&algID
)) {
396 /* TBD: Unify this code. Currently, iOS has an incompatible
397 * SecKeyGetAlgorithmID implementation. */
400 PORT_SetError(SEC_ERROR_INVALID_ALGORITHM
);
403 CFRelease(signerinfo
->pubKey
);
404 signerinfo
->pubKey
= NULL
;
408 PORT_SetError(SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE
);
411 digestalgtag
= SecCmsSignerInfoGetDigestAlgTag(signerinfo
);
413 * XXX I think there should be a cert-level interface for this,
414 * so that I do not have to know about subjectPublicKeyInfo...
416 pubkAlgTag
= SECOID_GetAlgorithmTag(algID
);
417 if (signerinfo
->signerIdentifier
.identifierType
== SecCmsSignerIDSubjectKeyID
) {
418 SECOID_DestroyAlgorithmID(&freeAlgID
, PR_FALSE
);
423 /* Fortezza MISSI have weird signature formats.
424 * Map them to standard DSA formats
426 pubkAlgTag
= PK11_FortezzaMapSig(pubkAlgTag
);
429 if (signerinfo
->authAttr
!= NULL
) {
430 CSSM_DATA encoded_attrs
;
432 /* find and fill in the message digest attribute. */
433 rv
= SecCmsAttributeArraySetAttr(poolp
, &(signerinfo
->authAttr
),
434 SEC_OID_PKCS9_MESSAGE_DIGEST
, digest
, PR_FALSE
);
435 if (rv
!= SECSuccess
)
438 if (contentType
!= NULL
) {
439 /* if the caller wants us to, find and fill in the content type attribute. */
440 rv
= SecCmsAttributeArraySetAttr(poolp
, &(signerinfo
->authAttr
),
441 SEC_OID_PKCS9_CONTENT_TYPE
, contentType
, PR_FALSE
);
442 if (rv
!= SECSuccess
)
446 if ((tmppoolp
= PORT_NewArena (1024)) == NULL
) {
447 PORT_SetError(SEC_ERROR_NO_MEMORY
);
452 * Before encoding, reorder the attributes so that when they
453 * are encoded, they will be conforming DER, which is required
454 * to have a specific order and that is what must be used for
455 * the hash/signature. We do this here, rather than building
456 * it into EncodeAttributes, because we do not want to do
457 * such reordering on incoming messages (which also uses
458 * EncodeAttributes) or our old signatures (and other "broken"
459 * implementations) will not verify. So, we want to guarantee
460 * that we send out good DER encodings of attributes, but not
461 * to expect to receive them.
463 if (SecCmsAttributeArrayReorder(signerinfo
->authAttr
) != SECSuccess
)
466 encoded_attrs
.Data
= NULL
;
467 encoded_attrs
.Length
= 0;
468 if (SecCmsAttributeArrayEncode(tmppoolp
, &(signerinfo
->authAttr
),
469 &encoded_attrs
) == NULL
)
472 rv
= SEC_SignData(&signature
, encoded_attrs
.Data
, (int)encoded_attrs
.Length
,
473 privkey
, digestalgtag
, pubkAlgTag
);
474 PORT_FreeArena(tmppoolp
, PR_FALSE
); /* awkward memory management :-( */
477 rv
= SGN_Digest(privkey
, digestalgtag
, pubkAlgTag
, &signature
, digest
);
479 SECKEY_DestroyPrivateKey(privkey
);
482 if (rv
!= SECSuccess
)
485 if (SECITEM_CopyItem(poolp
, &(signerinfo
->encDigest
), &signature
)
489 SECITEM_FreeItem(&signature
, PR_FALSE
);
491 if(pubkAlgTag
== SEC_OID_EC_PUBLIC_KEY
) {
493 * RFC 3278 section section 2.1.1 states that the signatureAlgorithm
494 * field contains the full ecdsa-with-SHA1 OID, not plain old ecPublicKey
495 * as would appear in other forms of signed datas. However Microsoft doesn't
496 * do this, it puts ecPublicKey there, and if we put ecdsa-with-SHA1 there,
497 * MS can't verify - presumably because it takes the digest of the digest
498 * before feeding it to ECDSA.
499 * We handle this with a preference; default if it's not there is
500 * "Microsoft compatibility mode".
502 if(!SecCmsMsEcdsaCompatMode()) {
503 pubkAlgTag
= SEC_OID_ECDSA_WithSHA1
;
505 /* else violating the spec for compatibility */
508 if (SECOID_SetAlgorithmID(poolp
, &(signerinfo
->digestEncAlg
), pubkAlgTag
,
515 if (signature
.Length
!= 0)
516 SECITEM_FreeItem (&signature
, PR_FALSE
);
518 SECKEY_DestroyPrivateKey(privkey
);
520 PORT_FreeArena(tmppoolp
, PR_FALSE
);
525 SecCmsSignerInfoVerifyCertificate(SecCmsSignerInfoRef signerinfo
, SecKeychainRef keychainOrArray
,
526 CFTypeRef policies
, SecTrustRef
*trustRef
)
528 SecCertificateRef cert
;
529 CFAbsoluteTime stime
;
531 CSSM_DATA_PTR
*otherCerts
;
533 if ((cert
= SecCmsSignerInfoGetSigningCertificate(signerinfo
, keychainOrArray
)) == NULL
) {
534 dprintf("SecCmsSignerInfoVerifyCertificate: no signing cert\n");
535 signerinfo
->verificationStatus
= SecCmsVSSigningCertNotFound
;
540 * Get and convert the signing time; if available, it will be used
541 * both on the cert verification and for importing the sender
544 CFTypeRef timeStampPolicies
=SecPolicyCreateAppleTimeStampingAndRevocationPolicies(policies
);
545 if (SecCmsSignerInfoGetTimestampTimeWithPolicy(signerinfo
, timeStampPolicies
, &stime
) != SECSuccess
)
546 if (SecCmsSignerInfoGetSigningTime(signerinfo
, &stime
) != SECSuccess
)
547 stime
= CFAbsoluteTimeGetCurrent();
548 CFReleaseSafe(timeStampPolicies
);
550 rv
= SecCmsSignedDataRawCerts(signerinfo
->sigd
, &otherCerts
);
554 rv
= CERT_VerifyCert(keychainOrArray
, cert
, otherCerts
, policies
, stime
, trustRef
);
555 dprintfRC("SecCmsSignerInfoVerifyCertificate after vfy: certp %p cert.rc %d\n",
556 cert
, (int)CFGetRetainCount(cert
));
559 if (PORT_GetError() == SEC_ERROR_UNTRUSTED_CERT
)
561 /* Signature or digest level verificationStatus errors should supercede certificate level errors, so only change the verificationStatus if the status was GoodSignature. */
562 if (signerinfo
->verificationStatus
== SecCmsVSGoodSignature
)
563 signerinfo
->verificationStatus
= SecCmsVSSigningCertNotTrusted
;
566 /* FIXME isn't this leaking the cert? */
567 dprintf("SecCmsSignerInfoVerifyCertificate: CertVerify rtn %d\n", (int)rv
);
571 static void debugShowSigningCertificate(SecCmsSignerInfoRef signerinfo
)
574 CFStringRef cn
= SecCmsSignerInfoGetSignerCommonName(signerinfo
);
577 char *ccn
= cfStringToChar(cn
);
580 dprintf("SecCmsSignerInfoVerify: cn: %s\n", ccn
);
589 * SecCmsSignerInfoVerify - verify the signature of a single SignerInfo
591 * Just verifies the signature. The assumption is that verification of the certificate
595 SecCmsSignerInfoVerify(SecCmsSignerInfoRef signerinfo
, CSSM_DATA_PTR digest
, CSSM_DATA_PTR contentType
)
597 return SecCmsSignerInfoVerifyWithPolicy(signerinfo
,NULL
, digest
,contentType
);
601 SecCmsSignerInfoVerifyWithPolicy(SecCmsSignerInfoRef signerinfo
,CFTypeRef timeStampPolicy
, CSSM_DATA_PTR digest
, CSSM_DATA_PTR contentType
)
603 SecPublicKeyRef publickey
= NULL
;
604 SecCmsAttribute
*attr
= NULL
;
605 CSSM_DATA encoded_attrs
;
606 SecCertificateRef cert
= NULL
;
607 SecCmsVerificationStatus vs
= SecCmsVSUnverified
;
608 PLArenaPool
*poolp
= NULL
;
609 SECOidTag digestAlgTag
, digestEncAlgTag
;
611 if (signerinfo
== NULL
)
614 /* SecCmsSignerInfoGetSigningCertificate will fail if 2nd parm is NULL and */
615 /* cert has not been verified */
616 if ((cert
= SecCmsSignerInfoGetSigningCertificate(signerinfo
, NULL
)) == NULL
) {
617 dprintf("SecCmsSignerInfoVerify: no signing cert\n");
618 vs
= SecCmsVSSigningCertNotFound
;
622 dprintfRC("SecCmsSignerInfoVerify top: cert %p cert.rc %d\n", cert
, (int)CFGetRetainCount(cert
));
624 debugShowSigningCertificate(signerinfo
);
627 if ((status
= SecCertificateCopyPublicKey(cert
, &publickey
))) {
628 syslog(LOG_ERR
, "SecCmsSignerInfoVerifyWithPolicy: copy public key failed %d", (int)status
);
629 vs
= SecCmsVSProcessingError
;
633 digestAlgTag
= SECOID_GetAlgorithmTag(&(signerinfo
->digestAlg
));
634 digestEncAlgTag
= SECOID_GetAlgorithmTag(&(signerinfo
->digestEncAlg
));
637 * Gross hack necessitated by RFC 3278 section 2.1.1, which states
638 * that the signature algorithm (here, digestEncAlg) contains ecdsa_with-SHA1,
639 * *not* (as in all other algorithms) the raw signature algorithm, e.g.
640 * pkcs1RSAEncryption.
642 if(digestEncAlgTag
== SEC_OID_ECDSA_WithSHA1
) {
643 digestEncAlgTag
= SEC_OID_EC_PUBLIC_KEY
;
646 if (!SecCmsArrayIsEmpty((void **)signerinfo
->authAttr
)) {
651 * RFC2630 sez that if there are any authenticated attributes,
652 * then there must be one for content type which matches the
653 * content type of the content being signed, and there must
654 * be one for message digest which matches our message digest.
655 * So check these things first.
657 if ((attr
= SecCmsAttributeArrayFindAttrByOidTag(signerinfo
->authAttr
,
658 SEC_OID_PKCS9_CONTENT_TYPE
, PR_TRUE
)) == NULL
)
660 vs
= SecCmsVSMalformedSignature
;
664 if (SecCmsAttributeCompareValue(attr
, contentType
) == PR_FALSE
) {
665 vs
= SecCmsVSMalformedSignature
;
673 if ((attr
= SecCmsAttributeArrayFindAttrByOidTag(signerinfo
->authAttr
, SEC_OID_PKCS9_MESSAGE_DIGEST
, PR_TRUE
)) == NULL
)
675 vs
= SecCmsVSMalformedSignature
;
678 if (SecCmsAttributeCompareValue(attr
, digest
) == PR_FALSE
) {
679 vs
= SecCmsVSDigestMismatch
;
683 if ((poolp
= PORT_NewArena (1024)) == NULL
) {
684 vs
= SecCmsVSProcessingError
;
691 * The signature is based on a digest of the DER-encoded authenticated
692 * attributes. So, first we encode and then we digest/verify.
693 * we trust the decoder to have the attributes in the right (sorted) order
695 encoded_attrs
.Data
= NULL
;
696 encoded_attrs
.Length
= 0;
698 if (SecCmsAttributeArrayEncode(poolp
, &(signerinfo
->authAttr
), &encoded_attrs
) == NULL
||
699 encoded_attrs
.Data
== NULL
|| encoded_attrs
.Length
== 0)
701 vs
= SecCmsVSProcessingError
;
705 vs
= (VFY_VerifyData (encoded_attrs
.Data
, (int)encoded_attrs
.Length
,
706 publickey
, &(signerinfo
->encDigest
),
707 digestAlgTag
, digestEncAlgTag
,
708 signerinfo
->cmsg
->pwfn_arg
) != SECSuccess
) ? SecCmsVSBadSignature
: SecCmsVSGoodSignature
;
710 dprintf("VFY_VerifyData (authenticated attributes): %s\n",
711 (vs
== SecCmsVSGoodSignature
)?"SecCmsVSGoodSignature":"SecCmsVSBadSignature");
713 PORT_FreeArena(poolp
, PR_FALSE
); /* awkward memory management :-( */
718 /* No authenticated attributes. The signature is based on the plain message digest. */
719 sig
= &(signerinfo
->encDigest
);
720 if (sig
->Length
== 0)
723 vs
= (VFY_VerifyDigest(digest
, publickey
, sig
,
724 digestAlgTag
, digestEncAlgTag
,
725 signerinfo
->cmsg
->pwfn_arg
) != SECSuccess
) ? SecCmsVSBadSignature
: SecCmsVSGoodSignature
;
727 dprintf("VFY_VerifyData (plain message digest): %s\n",
728 (vs
== SecCmsVSGoodSignature
)?"SecCmsVSGoodSignature":"SecCmsVSBadSignature");
731 if (!SecCmsArrayIsEmpty((void **)signerinfo
->unAuthAttr
))
733 dprintf("found an unAuthAttr\n");
734 OSStatus rux
= SecCmsSignerInfoVerifyUnAuthAttrsWithPolicy(signerinfo
,timeStampPolicy
);
735 dprintf("SecCmsSignerInfoVerifyUnAuthAttrs Status: %ld\n", (long)rux
);
741 if (vs
== SecCmsVSBadSignature
) {
743 * XXX Change the generic error into our specific one, because
744 * in that case we get a better explanation out of the Security
745 * Advisor. This is really a bug in our error strings (the
746 * "generic" error has a lousy/wrong message associated with it
747 * which assumes the signature verification was done for the
748 * purposes of checking the issuer signature on a certificate)
749 * but this is at least an easy workaround and/or in the
750 * Security Advisor, which specifically checks for the error
751 * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation
752 * in that case but does not similarly check for
753 * SEC_ERROR_BAD_SIGNATURE. It probably should, but then would
754 * probably say the wrong thing in the case that it *was* the
755 * certificate signature check that failed during the cert
756 * verification done above. Our error handling is really a mess.
758 if (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE
)
759 PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE
);
762 if (publickey
!= NULL
)
763 CFRelease(publickey
);
765 signerinfo
->verificationStatus
= vs
;
766 dprintfRC("SecCmsSignerInfoVerify end: cerp %p cert.rc %d\n",
767 cert
, (int)CFGetRetainCount(cert
));
769 dprintf("verificationStatus: %d\n", vs
);
771 return (vs
== SecCmsVSGoodSignature
) ? SECSuccess
: SECFailure
;
774 if (publickey
!= NULL
)
775 SECKEY_DestroyPublicKey (publickey
);
777 dprintf("verificationStatus2: %d\n", vs
);
778 signerinfo
->verificationStatus
= vs
;
780 PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE
);
785 SecCmsSignerInfoVerifyUnAuthAttrs(SecCmsSignerInfoRef signerinfo
) {
786 return SecCmsSignerInfoVerifyUnAuthAttrsWithPolicy(signerinfo
, NULL
);
790 SecCmsSignerInfoVerifyUnAuthAttrsWithPolicy(SecCmsSignerInfoRef signerinfo
,CFTypeRef timeStampPolicy
)
793 unAuthAttr is an array of attributes; we expect to
794 see just one: the timestamp blob. If we have an unAuthAttr,
795 but don't see a timestamp, return an error since we have
796 no other cases where this would be present.
799 SecCmsAttribute
*attr
= NULL
;
800 OSStatus status
= SECFailure
;
802 require(signerinfo
, xit
);
803 attr
= SecCmsAttributeArrayFindAttrByOidTag(signerinfo
->unAuthAttr
,
804 SEC_OID_PKCS9_TIMESTAMP_TOKEN
, PR_TRUE
);
807 status
= errSecTimestampMissing
;
811 dprintf("found an id-ct-TSTInfo\n");
812 // Don't check the nonce in this case
813 status
= decodeTimeStampTokenWithPolicy(signerinfo
, timeStampPolicy
, (attr
->values
)[0], &signerinfo
->encDigest
, 0);
819 SecCmsSignerInfoGetEncDigest(SecCmsSignerInfoRef signerinfo
)
821 return &signerinfo
->encDigest
;
824 SecCmsVerificationStatus
825 SecCmsSignerInfoGetVerificationStatus(SecCmsSignerInfoRef signerinfo
)
827 return signerinfo
->verificationStatus
;
831 SecCmsSignerInfoGetDigestAlg(SecCmsSignerInfoRef signerinfo
)
833 return SECOID_FindOID (&(signerinfo
->digestAlg
.algorithm
));
837 SecCmsSignerInfoGetDigestAlgTag(SecCmsSignerInfoRef signerinfo
)
841 algdata
= SECOID_FindOID (&(signerinfo
->digestAlg
.algorithm
));
843 return algdata
->offset
;
845 return SEC_OID_UNKNOWN
;
849 SecCmsSignerInfoGetCertList(SecCmsSignerInfoRef signerinfo
)
851 dprintfRC("SecCmsSignerInfoGetCertList: certList.rc %d\n",
852 (int)CFGetRetainCount(signerinfo
->certList
));
853 return signerinfo
->certList
;
857 SecCmsSignerInfoGetTimestampCertList(SecCmsSignerInfoRef signerinfo
)
859 dprintfRC("SecCmsSignerInfoGetCertList: timestampCertList.rc %d\n",
860 (int)CFGetRetainCount(signerinfo
->timestampCertList
));
861 return signerinfo
->timestampCertList
;
867 SecCmsSignerInfoGetVersion(SecCmsSignerInfoRef signerinfo
)
869 unsigned long version
;
871 /* always take apart the CSSM_DATA */
872 if (SEC_ASN1DecodeInteger(&(signerinfo
->version
), &version
) != SECSuccess
)
879 * SecCmsSignerInfoGetSigningTime - return the signing time,
880 * in UTCTime format, of a CMS signerInfo.
882 * sinfo - signerInfo data for this signer
884 * Returns a pointer to XXXX (what?)
885 * A return value of NULL is an error.
888 SecCmsSignerInfoGetSigningTime(SecCmsSignerInfoRef sinfo
, CFAbsoluteTime
*stime
)
890 SecCmsAttribute
*attr
;
896 if (sinfo
->signingTime
!= 0) {
897 *stime
= sinfo
->signingTime
; /* cached copy */
901 attr
= SecCmsAttributeArrayFindAttrByOidTag(sinfo
->authAttr
, SEC_OID_PKCS9_SIGNING_TIME
, PR_TRUE
);
902 /* XXXX multi-valued attributes NIH */
903 if (attr
== NULL
|| (value
= SecCmsAttributeGetValue(attr
)) == NULL
)
904 return errSecSigningTimeMissing
;
905 if (DER_UTCTimeToCFDate(value
, stime
) != SECSuccess
)
906 return errSecSigningTimeMissing
;
907 sinfo
->signingTime
= *stime
; /* make cached copy */
912 SecCmsSignerInfoGetTimestampTime(SecCmsSignerInfoRef sinfo
, CFAbsoluteTime
*stime
)
914 return SecCmsSignerInfoGetTimestampTimeWithPolicy(sinfo
, NULL
, stime
);
918 SecCmsSignerInfoGetTimestampTimeWithPolicy(SecCmsSignerInfoRef sinfo
, CFTypeRef timeStampPolicy
, CFAbsoluteTime
*stime
)
920 OSStatus status
= paramErr
;
922 require(sinfo
&& stime
, xit
);
924 if (sinfo
->timestampTime
!= 0)
926 *stime
= sinfo
->timestampTime
; /* cached copy */
930 // A bit heavyweight if haven't already called verify
931 status
= SecCmsSignerInfoVerifyUnAuthAttrsWithPolicy(sinfo
,timeStampPolicy
);
932 *stime
= sinfo
->timestampTime
;
939 @abstract Return the data in the signed Codesigning Hash Agility attribute.
940 @param sinfo SignerInfo data for this signer, pointer to a CFDataRef for attribute value
941 @discussion Returns a CFDataRef containing the value of the attribute
942 @result A return value of errSecInternal is an error trying to look up the oid.
943 A status value of success with null result data indicates the attribute was not present.
946 SecCmsSignerInfoGetAppleCodesigningHashAgility(SecCmsSignerInfoRef sinfo
, CFDataRef
*sdata
)
948 SecCmsAttribute
*attr
;
951 if (sinfo
== NULL
|| sdata
== NULL
)
956 if (sinfo
->hashAgilityAttrValue
!= NULL
) {
957 *sdata
= sinfo
->hashAgilityAttrValue
; /* cached copy */
961 attr
= SecCmsAttributeArrayFindAttrByOidTag(sinfo
->authAttr
, SEC_OID_APPLE_HASH_AGILITY
, PR_TRUE
);
963 /* attribute not found */
964 if (attr
== NULL
|| (value
= SecCmsAttributeGetValue(attr
)) == NULL
)
967 sinfo
->hashAgilityAttrValue
= CFDataCreate(NULL
, value
->Data
, value
->Length
); /* make cached copy */
968 if (sinfo
->hashAgilityAttrValue
) {
969 *sdata
= sinfo
->hashAgilityAttrValue
;
972 return errSecAllocate
;
976 * Return the signing cert of a CMS signerInfo.
978 * the certs in the enclosing SignedData must have been imported already
981 SecCmsSignerInfoGetSigningCertificate(SecCmsSignerInfoRef signerinfo
, SecKeychainRef keychainOrArray
)
983 SecCertificateRef cert
;
984 SecCmsSignerIdentifier
*sid
;
986 CSSM_DATA_PTR
*rawCerts
;
988 if (signerinfo
->cert
!= NULL
) {
989 dprintfRC("SecCmsSignerInfoGetSigningCertificate top: cert %p cert.rc %d\n",
990 signerinfo
->cert
, (int)CFGetRetainCount(signerinfo
->cert
));
991 return signerinfo
->cert
;
993 ortn
= SecCmsSignedDataRawCerts(signerinfo
->sigd
, &rawCerts
);
997 dprintf("SecCmsSignerInfoGetSigningCertificate: numRawCerts %d\n",
998 SecCmsArrayCount((void **)rawCerts
));
1001 * This cert will also need to be freed, but since we save it
1002 * in signerinfo for later, we do not want to destroy it when
1003 * we leave this function -- we let the clean-up of the entire
1004 * cinfo structure later do the destroy of this cert.
1006 sid
= &signerinfo
->signerIdentifier
;
1007 switch (sid
->identifierType
) {
1008 case SecCmsSignerIDIssuerSN
:
1009 cert
= CERT_FindCertByIssuerAndSN(keychainOrArray
, rawCerts
, signerinfo
->sigd
->certs
, signerinfo
->cmsg
->poolp
,
1010 sid
->id
.issuerAndSN
);
1012 case SecCmsSignerIDSubjectKeyID
:
1013 cert
= CERT_FindCertBySubjectKeyID(keychainOrArray
, rawCerts
, signerinfo
->sigd
->certs
, sid
->id
.subjectKeyID
);
1020 /* cert can be NULL at that point */
1021 signerinfo
->cert
= cert
; /* earmark it */
1022 dprintfRC("SecCmsSignerInfoGetSigningCertificate end: certp %p cert.rc %d\n",
1023 signerinfo
->cert
, (int)CFGetRetainCount(signerinfo
->cert
));
1029 * SecCmsSignerInfoGetSignerCommonName - return the common name of the signer
1031 * sinfo - signerInfo data for this signer
1033 * Returns a CFStringRef containing the common name of the signer.
1034 * A return value of NULL is an error.
1037 SecCmsSignerInfoGetSignerCommonName(SecCmsSignerInfoRef sinfo
)
1039 SecCertificateRef signercert
;
1040 CFStringRef commonName
= NULL
;
1042 /* will fail if cert is not verified */
1043 if ((signercert
= SecCmsSignerInfoGetSigningCertificate(sinfo
, NULL
)) == NULL
)
1046 if (errSecSuccess
!= SecCertificateCopyCommonName(signercert
, &commonName
)) {
1054 * SecCmsSignerInfoGetSignerEmailAddress - return the email address of the signer
1056 * sinfo - signerInfo data for this signer
1058 * Returns a CFStringRef containing the name of the signer.
1059 * A return value of NULL is an error.
1062 SecCmsSignerInfoGetSignerEmailAddress(SecCmsSignerInfoRef sinfo
)
1064 SecCertificateRef signercert
;
1065 CFStringRef emailAddress
= NULL
;
1067 if ((signercert
= SecCmsSignerInfoGetSigningCertificate(sinfo
, NULL
)) == NULL
)
1070 SecCertificateGetEmailAddress(signercert
, &emailAddress
);
1072 return emailAddress
;
1077 * SecCmsSignerInfoAddAuthAttr - add an attribute to the
1078 * authenticated (i.e. signed) attributes of "signerinfo".
1081 SecCmsSignerInfoAddAuthAttr(SecCmsSignerInfoRef signerinfo
, SecCmsAttribute
*attr
)
1083 return SecCmsAttributeArrayAddAttr(signerinfo
->cmsg
->poolp
, &(signerinfo
->authAttr
), attr
);
1087 * SecCmsSignerInfoAddUnauthAttr - add an attribute to the
1088 * unauthenticated attributes of "signerinfo".
1091 SecCmsSignerInfoAddUnauthAttr(SecCmsSignerInfoRef signerinfo
, SecCmsAttribute
*attr
)
1093 return SecCmsAttributeArrayAddAttr(signerinfo
->cmsg
->poolp
, &(signerinfo
->unAuthAttr
), attr
);
1097 * SecCmsSignerInfoAddSigningTime - add the signing time to the
1098 * authenticated (i.e. signed) attributes of "signerinfo".
1100 * This is expected to be included in outgoing signed
1101 * messages for email (S/MIME) but is likely useful in other situations.
1103 * This should only be added once; a second call will do nothing.
1105 * XXX This will probably just shove the current time into "signerinfo"
1106 * but it will not actually get signed until the entire item is
1107 * processed for encoding. Is this (expected to be small) delay okay?
1110 SecCmsSignerInfoAddSigningTime(SecCmsSignerInfoRef signerinfo
, CFAbsoluteTime t
)
1112 SecCmsAttribute
*attr
;
1117 poolp
= signerinfo
->cmsg
->poolp
;
1119 mark
= PORT_ArenaMark(poolp
);
1121 /* create new signing time attribute */
1122 if (DER_CFDateToUTCTime(t
, &stime
) != SECSuccess
)
1125 if ((attr
= SecCmsAttributeCreate(poolp
, SEC_OID_PKCS9_SIGNING_TIME
, &stime
, PR_FALSE
)) == NULL
) {
1126 SECITEM_FreeItem (&stime
, PR_FALSE
);
1130 SECITEM_FreeItem (&stime
, PR_FALSE
);
1132 if (SecCmsSignerInfoAddAuthAttr(signerinfo
, attr
) != SECSuccess
)
1135 PORT_ArenaUnmark (poolp
, mark
);
1140 PORT_ArenaRelease (poolp
, mark
);
1145 * SecCmsSignerInfoAddSMIMECaps - add a SMIMECapabilities attribute to the
1146 * authenticated (i.e. signed) attributes of "signerinfo".
1148 * This is expected to be included in outgoing signed
1149 * messages for email (S/MIME).
1152 SecCmsSignerInfoAddSMIMECaps(SecCmsSignerInfoRef signerinfo
)
1154 SecCmsAttribute
*attr
;
1155 CSSM_DATA_PTR smimecaps
= NULL
;
1159 poolp
= signerinfo
->cmsg
->poolp
;
1161 mark
= PORT_ArenaMark(poolp
);
1163 smimecaps
= SECITEM_AllocItem(poolp
, NULL
, 0);
1164 if (smimecaps
== NULL
)
1167 /* create new signing time attribute */
1169 // @@@ We don't do Fortezza yet.
1170 if (SecSMIMECreateSMIMECapabilities((SecArenaPoolRef
)poolp
, smimecaps
, PR_FALSE
) != SECSuccess
)
1172 if (SecSMIMECreateSMIMECapabilities(poolp
, smimecaps
,
1173 PK11_FortezzaHasKEA(signerinfo
->cert
)) != SECSuccess
)
1177 if ((attr
= SecCmsAttributeCreate(poolp
, SEC_OID_PKCS9_SMIME_CAPABILITIES
, smimecaps
, PR_TRUE
)) == NULL
)
1180 if (SecCmsSignerInfoAddAuthAttr(signerinfo
, attr
) != SECSuccess
)
1183 PORT_ArenaUnmark (poolp
, mark
);
1187 PORT_ArenaRelease (poolp
, mark
);
1192 * SecCmsSignerInfoAddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
1193 * authenticated (i.e. signed) attributes of "signerinfo".
1195 * This is expected to be included in outgoing signed messages for email (S/MIME).
1198 SecCmsSignerInfoAddSMIMEEncKeyPrefs(SecCmsSignerInfoRef signerinfo
, SecCertificateRef cert
, SecKeychainRef keychainOrArray
)
1200 SecCmsAttribute
*attr
;
1201 CSSM_DATA_PTR smimeekp
= NULL
;
1208 /* verify this cert for encryption */
1209 policy
= CERT_PolicyForCertUsage(certUsageEmailRecipient
);
1210 if (CERT_VerifyCert(keychainOrArray
, cert
, policy
, CFAbsoluteTimeGetCurrent(), NULL
) != SECSuccess
) {
1217 poolp
= signerinfo
->cmsg
->poolp
;
1218 mark
= PORT_ArenaMark(poolp
);
1220 smimeekp
= SECITEM_AllocItem(poolp
, NULL
, 0);
1221 if (smimeekp
== NULL
)
1224 /* create new signing time attribute */
1225 if (SecSMIMECreateSMIMEEncKeyPrefs((SecArenaPoolRef
)poolp
, smimeekp
, cert
) != SECSuccess
)
1228 if ((attr
= SecCmsAttributeCreate(poolp
, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE
, smimeekp
, PR_TRUE
)) == NULL
)
1231 if (SecCmsSignerInfoAddAuthAttr(signerinfo
, attr
) != SECSuccess
)
1234 PORT_ArenaUnmark (poolp
, mark
);
1238 PORT_ArenaRelease (poolp
, mark
);
1243 * SecCmsSignerInfoAddMSSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
1244 * authenticated (i.e. signed) attributes of "signerinfo", using the OID prefered by Microsoft.
1246 * This is expected to be included in outgoing signed messages for email (S/MIME),
1247 * if compatibility with Microsoft mail clients is wanted.
1250 SecCmsSignerInfoAddMSSMIMEEncKeyPrefs(SecCmsSignerInfoRef signerinfo
, SecCertificateRef cert
, SecKeychainRef keychainOrArray
)
1252 SecCmsAttribute
*attr
;
1253 CSSM_DATA_PTR smimeekp
= NULL
;
1260 /* verify this cert for encryption */
1261 policy
= CERT_PolicyForCertUsage(certUsageEmailRecipient
);
1262 if (CERT_VerifyCert(keychainOrArray
, cert
, policy
, CFAbsoluteTimeGetCurrent(), NULL
) != SECSuccess
) {
1269 poolp
= signerinfo
->cmsg
->poolp
;
1270 mark
= PORT_ArenaMark(poolp
);
1272 smimeekp
= SECITEM_AllocItem(poolp
, NULL
, 0);
1273 if (smimeekp
== NULL
)
1276 /* create new signing time attribute */
1277 if (SecSMIMECreateMSSMIMEEncKeyPrefs((SecArenaPoolRef
)poolp
, smimeekp
, cert
) != SECSuccess
)
1280 if ((attr
= SecCmsAttributeCreate(poolp
, SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE
, smimeekp
, PR_TRUE
)) == NULL
)
1283 if (SecCmsSignerInfoAddAuthAttr(signerinfo
, attr
) != SECSuccess
)
1286 PORT_ArenaUnmark (poolp
, mark
);
1290 PORT_ArenaRelease (poolp
, mark
);
1295 * SecCmsSignerInfoAddTimeStamp - add time stamp to the
1296 * unauthenticated (i.e. unsigned) attributes of "signerinfo".
1298 * This will initially be used for time stamping signed applications
1299 * by using a Time Stamping Authority. It may also be included in outgoing signed
1300 * messages for email (S/MIME), and may be useful in other situations.
1302 * This should only be added once; a second call will do nothing.
1307 Countersignature attribute values have ASN.1 type Countersignature:
1308 Countersignature ::= SignerInfo
1309 Countersignature values have the same meaning as SignerInfo values
1310 for ordinary signatures, except that:
1311 1. The signedAttributes field MUST NOT contain a content-type
1312 attribute; there is no content type for countersignatures.
1313 2. The signedAttributes field MUST contain a message-digest
1314 attribute if it contains any other attributes.
1315 3. The input to the message-digesting process is the contents octets
1316 of the DER encoding of the signatureValue field of the SignerInfo
1317 value with which the attribute is associated.
1322 @abstract Create a timestamp unsigned attribute with a TimeStampToken.
1326 SecCmsSignerInfoAddTimeStamp(SecCmsSignerInfoRef signerinfo
, CSSM_DATA
*tstoken
)
1328 SecCmsAttribute
*attr
;
1329 PLArenaPool
*poolp
= signerinfo
->cmsg
->poolp
;
1330 void *mark
= PORT_ArenaMark(poolp
);
1332 // We have already encoded this ourselves, so last param is PR_TRUE
1333 if ((attr
= SecCmsAttributeCreate(poolp
, SEC_OID_PKCS9_TIMESTAMP_TOKEN
, tstoken
, PR_TRUE
)) == NULL
)
1336 if (SecCmsSignerInfoAddUnauthAttr(signerinfo
, attr
) != SECSuccess
)
1339 PORT_ArenaUnmark (poolp
, mark
);
1344 PORT_ArenaRelease (poolp
, mark
);
1349 * SecCmsSignerInfoAddCounterSignature - countersign a signerinfo
1351 * 1. digest the DER-encoded signature value of the original signerinfo
1352 * 2. create new signerinfo with correct version, sid, digestAlg
1353 * 3. add message-digest authAttr, but NO content-type
1354 * 4. sign the authAttrs
1355 * 5. DER-encode the new signerInfo
1356 * 6. add the whole thing to original signerInfo's unAuthAttrs
1357 * as a SEC_OID_PKCS9_COUNTER_SIGNATURE attribute
1359 * XXXX give back the new signerinfo?
1362 SecCmsSignerInfoAddCounterSignature(SecCmsSignerInfoRef signerinfo
,
1363 SECOidTag digestalg
, SecIdentityRef identity
)
1371 @abstract Add the Apple Codesigning Hash Agility attribute to the authenticated (i.e. signed) attributes of "signerinfo".
1372 @discussion This is expected to be included in outgoing signed Apple code signatures.
1375 SecCmsSignerInfoAddAppleCodesigningHashAgility(SecCmsSignerInfoRef signerinfo
, CFDataRef attrValue
)
1377 SecCmsAttribute
*attr
;
1378 PLArenaPool
*poolp
= signerinfo
->cmsg
->poolp
;
1379 void *mark
= PORT_ArenaMark(poolp
);
1380 OSStatus status
= SECFailure
;
1382 /* The value is required for this attribute. */
1384 status
= errSecParam
;
1389 * SecCmsAttributeCreate makes a copy of the data in value, so
1390 * we don't need to copy into the CSSM_DATA struct.
1393 value
.Length
= CFDataGetLength(attrValue
);
1394 value
.Data
= (uint8_t *)CFDataGetBytePtr(attrValue
);
1396 if ((attr
= SecCmsAttributeCreate(poolp
,
1397 SEC_OID_APPLE_HASH_AGILITY
,
1399 PR_FALSE
)) == NULL
) {
1400 status
= errSecAllocate
;
1404 if (SecCmsSignerInfoAddAuthAttr(signerinfo
, attr
) != SECSuccess
) {
1405 status
= errSecInternalError
;
1409 PORT_ArenaUnmark(poolp
, mark
);
1413 PORT_ArenaRelease(poolp
, mark
);
1417 SecCertificateRef
SecCmsSignerInfoCopyCertFromEncryptionKeyPreference(SecCmsSignerInfoRef signerinfo
) {
1418 SecCertificateRef cert
= NULL
;
1419 SecCmsAttribute
*attr
;
1421 SecKeychainRef keychainOrArray
;
1423 (void)SecKeychainCopyDefault(&keychainOrArray
);
1425 /* sanity check - see if verification status is ok (unverified does not count...) */
1426 if (signerinfo
->verificationStatus
!= SecCmsVSGoodSignature
)
1429 /* find preferred encryption cert */
1430 if (!SecCmsArrayIsEmpty((void **)signerinfo
->authAttr
) &&
1431 (attr
= SecCmsAttributeArrayFindAttrByOidTag(signerinfo
->authAttr
,
1432 SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE
, PR_TRUE
)) != NULL
)
1433 { /* we have a SMIME_ENCRYPTION_KEY_PREFERENCE attribute! Find the cert. */
1434 ekp
= SecCmsAttributeGetValue(attr
);
1438 CSSM_DATA_PTR
*rawCerts
= NULL
;
1439 if (signerinfo
->sigd
) {
1440 rawCerts
= signerinfo
->sigd
->rawCerts
;
1442 cert
= SecSMIMEGetCertFromEncryptionKeyPreference(keychainOrArray
, rawCerts
, ekp
);
1448 * XXXX the following needs to be done in the S/MIME layer code
1449 * after signature of a signerinfo is verified
1452 SecCmsSignerInfoSaveSMIMEProfile(SecCmsSignerInfoRef signerinfo
)
1454 SecCertificateRef cert
= NULL
;
1455 CSSM_DATA_PTR profile
= NULL
;
1456 SecCmsAttribute
*attr
;
1457 CSSM_DATA_PTR utc_stime
= NULL
;
1461 Boolean must_free_cert
= PR_FALSE
;
1463 SecKeychainRef keychainOrArray
;
1465 status
= SecKeychainCopyDefault(&keychainOrArray
);
1467 /* sanity check - see if verification status is ok (unverified does not count...) */
1468 if (signerinfo
->verificationStatus
!= SecCmsVSGoodSignature
)
1471 /* find preferred encryption cert */
1472 if (!SecCmsArrayIsEmpty((void **)signerinfo
->authAttr
) &&
1473 (attr
= SecCmsAttributeArrayFindAttrByOidTag(signerinfo
->authAttr
,
1474 SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE
, PR_TRUE
)) != NULL
)
1475 { /* we have a SMIME_ENCRYPTION_KEY_PREFERENCE attribute! */
1476 ekp
= SecCmsAttributeGetValue(attr
);
1480 /* we assume that all certs coming with the message have been imported to the */
1481 /* temporary database */
1482 cert
= SecSMIMEGetCertFromEncryptionKeyPreference(keychainOrArray
, NULL
, ekp
);
1485 must_free_cert
= PR_TRUE
;
1489 /* no preferred cert found?
1490 * find the cert the signerinfo is signed with instead */
1491 CFStringRef emailAddress
=NULL
;
1493 cert
= SecCmsSignerInfoGetSigningCertificate(signerinfo
, keychainOrArray
);
1496 if (SecCertificateGetEmailAddress(cert
,&emailAddress
))
1500 /* verify this cert for encryption (has been verified for signing so far) */ /* don't verify this cert for encryption. It may just be a signing cert.
1501 * that's OK, we can still save the S/MIME profile. The encryption cert
1502 * should have already been saved */
1504 if (CERT_VerifyCert(keychainOrArray
, cert
, certUsageEmailRecipient
, CFAbsoluteTimeGetCurrent(), NULL
) != SECSuccess
) {
1506 CERT_DestroyCertificate(cert
);
1511 /* XXX store encryption cert permanently? */
1514 * Remember the current error set because we do not care about
1515 * anything set by the functions we are about to call.
1517 save_error
= PORT_GetError();
1519 if (!SecCmsArrayIsEmpty((void **)signerinfo
->authAttr
)) {
1520 attr
= SecCmsAttributeArrayFindAttrByOidTag(signerinfo
->authAttr
,
1521 SEC_OID_PKCS9_SMIME_CAPABILITIES
,
1523 profile
= SecCmsAttributeGetValue(attr
);
1524 attr
= SecCmsAttributeArrayFindAttrByOidTag(signerinfo
->authAttr
,
1525 SEC_OID_PKCS9_SIGNING_TIME
,
1527 utc_stime
= SecCmsAttributeGetValue(attr
);
1530 rv
= CERT_SaveSMimeProfile (cert
, profile
, utc_stime
);
1532 CERT_DestroyCertificate(cert
);
1535 * Restore the saved error in case the calls above set a new
1536 * one that we do not actually care about.
1538 PORT_SetError (save_error
);
1544 * SecCmsSignerInfoIncludeCerts - set cert chain inclusion mode for this signer
1547 SecCmsSignerInfoIncludeCerts(SecCmsSignerInfoRef signerinfo
, SecCmsCertChainMode cm
, SECCertUsage usage
)
1549 if (signerinfo
->cert
== NULL
)
1552 /* don't leak if we get called twice */
1553 if (signerinfo
->certList
!= NULL
) {
1554 CFRelease(signerinfo
->certList
);
1555 signerinfo
->certList
= NULL
;
1560 signerinfo
->certList
= NULL
;
1562 case SecCmsCMCertOnly
:
1563 signerinfo
->certList
= CERT_CertListFromCert(signerinfo
->cert
);
1565 case SecCmsCMCertChain
:
1566 signerinfo
->certList
= CERT_CertChainFromCert(signerinfo
->cert
, usage
, PR_FALSE
);
1568 case SecCmsCMCertChainWithRoot
:
1569 signerinfo
->certList
= CERT_CertChainFromCert(signerinfo
->cert
, usage
, PR_TRUE
);
1573 if (cm
!= SecCmsCMNone
&& signerinfo
->certList
== NULL
)