]> git.saurik.com Git - apple/security.git/blob - libsecurity_smime/lib/cmsenvdata.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57740.60.18.tar.gz
[apple/security.git] / libsecurity_smime / lib / cmsenvdata.c
1 /*
2 * The contents of this file are subject to the Mozilla Public
3 * License Version 1.1 (the "License"); you may not use this file
4 * except in compliance with the License. You may obtain a copy of
5 * the License at http://www.mozilla.org/MPL/
6 *
7 * Software distributed under the License is distributed on an "AS
8 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9 * implied. See the License for the specific language governing
10 * rights and limitations under the License.
11 *
12 * The Original Code is the Netscape security libraries.
13 *
14 * The Initial Developer of the Original Code is Netscape
15 * Communications Corporation. Portions created by Netscape are
16 * Copyright (C) 1994-2000 Netscape Communications Corporation. All
17 * Rights Reserved.
18 *
19 * Contributor(s):
20 *
21 * Alternatively, the contents of this file may be used under the
22 * terms of the GNU General Public License Version 2 or later (the
23 * "GPL"), in which case the provisions of the GPL are applicable
24 * instead of those above. If you wish to allow use of your
25 * version of this file only under the terms of the GPL and not to
26 * allow others to use your version of this file under the MPL,
27 * indicate your decision by deleting the provisions above and
28 * replace them with the notice and other provisions required by
29 * the GPL. If you do not delete the provisions above, a recipient
30 * may use your version of this file under either the MPL or the
31 * GPL.
32 */
33
34 /*
35 * CMS envelopedData methods.
36 */
37
38 #include <Security/SecCmsEnvelopedData.h>
39
40 #include <Security/SecCmsContentInfo.h>
41 #include <Security/SecCmsRecipientInfo.h>
42 #include <Security/SecRandom.h>
43
44 #include "cmslocal.h"
45
46 #include "SecAsn1Item.h"
47 #include "secoid.h"
48 #include "cryptohi.h"
49
50 #include <security_asn1/secasn1.h>
51 #include <security_asn1/secerr.h>
52 #include <security_asn1/secport.h>
53
54 #include <Security/SecKeyPriv.h>
55 #include <CommonCrypto/CommonCryptor.h>
56
57 #include <AssertMacros.h>
58
59 /*
60 * SecCmsEnvelopedDataCreate - create an enveloped data message
61 */
62 SecCmsEnvelopedDataRef
63 SecCmsEnvelopedDataCreate(SecCmsMessageRef cmsg, SECOidTag algorithm, int keysize)
64 {
65 void *mark;
66 SecCmsEnvelopedDataRef envd;
67 PLArenaPool *poolp;
68 OSStatus rv;
69
70 poolp = cmsg->poolp;
71
72 mark = PORT_ArenaMark(poolp);
73
74 envd = (SecCmsEnvelopedDataRef)PORT_ArenaZAlloc(poolp, sizeof(SecCmsEnvelopedData));
75 if (envd == NULL)
76 goto loser;
77
78 envd->contentInfo.cmsg = cmsg;
79
80 /* version is set in SecCmsEnvelopedDataEncodeBeforeStart() */
81
82 rv = SecCmsContentInfoSetContentEncAlg(&(envd->contentInfo), algorithm, NULL, keysize);
83 if (rv != SECSuccess)
84 goto loser;
85
86 PORT_ArenaUnmark(poolp, mark);
87 return envd;
88
89 loser:
90 PORT_ArenaRelease(poolp, mark);
91 return NULL;
92 }
93
94 /*
95 * SecCmsEnvelopedDataDestroy - destroy an enveloped data message
96 */
97 void
98 SecCmsEnvelopedDataDestroy(SecCmsEnvelopedDataRef edp)
99 {
100 SecCmsRecipientInfoRef *recipientinfos;
101 SecCmsRecipientInfoRef ri;
102
103 if (edp == NULL)
104 return;
105
106 recipientinfos = edp->recipientInfos;
107 if (recipientinfos == NULL)
108 return;
109
110 while ((ri = *recipientinfos++) != NULL)
111 SecCmsRecipientInfoDestroy(ri);
112
113 SecCmsContentInfoDestroy(&(edp->contentInfo));
114
115 }
116
117 /*
118 * SecCmsEnvelopedDataGetContentInfo - return pointer to this envelopedData's contentinfo
119 */
120 SecCmsContentInfoRef
121 SecCmsEnvelopedDataGetContentInfo(SecCmsEnvelopedDataRef envd)
122 {
123 return &(envd->contentInfo);
124 }
125
126 /*
127 * SecCmsEnvelopedDataAddRecipient - add a recipientinfo to the enveloped data msg
128 *
129 * rip must be created on the same pool as edp - this is not enforced, though.
130 */
131 OSStatus
132 SecCmsEnvelopedDataAddRecipient(SecCmsEnvelopedDataRef edp, SecCmsRecipientInfoRef rip)
133 {
134 void *mark;
135 OSStatus rv;
136
137 /* XXX compare pools, if not same, copy rip into edp's pool */
138
139 PR_ASSERT(edp != NULL);
140 PR_ASSERT(rip != NULL);
141
142 mark = PORT_ArenaMark(edp->contentInfo.cmsg->poolp);
143
144 rv = SecCmsArrayAdd(edp->contentInfo.cmsg->poolp, (void ***)&(edp->recipientInfos), (void *)rip);
145 if (rv != SECSuccess) {
146 PORT_ArenaRelease(edp->contentInfo.cmsg->poolp, mark);
147 return SECFailure;
148 }
149
150 PORT_ArenaUnmark (edp->contentInfo.cmsg->poolp, mark);
151 return SECSuccess;
152 }
153
154 /*
155 * SecCmsEnvelopedDataEncodeBeforeStart - prepare this envelopedData for encoding
156 *
157 * at this point, we need
158 * - recipientinfos set up with recipient's certificates
159 * - a content encryption algorithm (if none, 3DES will be used)
160 *
161 * this function will generate a random content encryption key (aka bulk key),
162 * initialize the recipientinfos with certificate identification and wrap the bulk key
163 * using the proper algorithm for every certificiate.
164 * it will finally set the bulk algorithm and key so that the encode step can find it.
165 */
166 OSStatus
167 SecCmsEnvelopedDataEncodeBeforeStart(SecCmsEnvelopedDataRef envd)
168 {
169 int version;
170 SecCmsRecipientInfoRef *recipientinfos;
171 SecCmsContentInfoRef cinfo;
172 SecSymmetricKeyRef bulkkey = NULL;
173 SECOidTag bulkalgtag;
174 //CK_MECHANISM_TYPE type;
175 //PK11SlotInfo *slot;
176 OSStatus rv;
177 SecAsn1Item * dummy;
178 PLArenaPool *poolp;
179 extern const SecAsn1Template SecCmsRecipientInfoTemplate[];
180 void *mark = NULL;
181 int i;
182
183 cinfo = &(envd->contentInfo);
184 poolp = cinfo->cmsg->poolp;
185
186 recipientinfos = envd->recipientInfos;
187 if (recipientinfos == NULL) {
188 PORT_SetError(SEC_ERROR_BAD_DATA);
189 goto loser;
190 }
191
192 version = SEC_CMS_ENVELOPED_DATA_VERSION_REG;
193 if (envd->originatorInfo != NULL || envd->unprotectedAttr != NULL) {
194 version = SEC_CMS_ENVELOPED_DATA_VERSION_ADV;
195 } else {
196 for (i = 0; recipientinfos[i] != NULL; i++) {
197 if (SecCmsRecipientInfoGetVersion(recipientinfos[i]) != 0) {
198 version = SEC_CMS_ENVELOPED_DATA_VERSION_ADV;
199 break;
200 }
201 }
202 }
203 dummy = SEC_ASN1EncodeInteger(poolp, &(envd->version), version);
204 if (dummy == NULL)
205 goto loser;
206
207 /* now we need to have a proper content encryption algorithm
208 * on the SMIME level, we would figure one out by looking at SMIME capabilities
209 * we cannot do that on our level, so if none is set already, we'll just go
210 * with one of the mandatory algorithms (3DES) */
211 if ((bulkalgtag = SecCmsContentInfoGetContentEncAlgTag(cinfo)) == SEC_OID_UNKNOWN) {
212 rv = SecCmsContentInfoSetContentEncAlg(cinfo, SEC_OID_DES_EDE3_CBC, NULL, 192);
213 if (rv != SECSuccess)
214 goto loser;
215 bulkalgtag = SEC_OID_DES_EDE3_CBC;
216 }
217
218 {
219 size_t keysize = (cinfo->keysize + 7)/8;
220 uint8_t key_material[keysize];
221 require_noerr(SecRandomCopyBytes(kSecRandomDefault, keysize, key_material), loser);
222 bulkkey = (SecSymmetricKeyRef)CFDataCreate(kCFAllocatorDefault, key_material, keysize);
223 }
224
225 mark = PORT_ArenaMark(poolp);
226
227 /* Encrypt the bulk key with the public key of each recipient. */
228 for (i = 0; recipientinfos[i] != NULL; i++) {
229 rv = SecCmsRecipientInfoWrapBulkKey(recipientinfos[i], bulkkey, bulkalgtag);
230 if (rv != SECSuccess)
231 goto loser; /* error has been set by SecCmsRecipientInfoEncryptBulkKey */
232 /* could be: alg not supported etc. */
233 }
234
235 /* the recipientinfos are all finished. now sort them by DER for SET OF encoding */
236 rv = SecCmsArraySortByDER((void **)envd->recipientInfos, SecCmsRecipientInfoTemplate, NULL);
237 if (rv != SECSuccess)
238 goto loser; /* error has been set by SecCmsArraySortByDER */
239
240 /* store the bulk key in the contentInfo so that the encoder can find it */
241 SecCmsContentInfoSetBulkKey(cinfo, bulkkey);
242
243 PORT_ArenaUnmark(poolp, mark);
244
245 CFRelease(bulkkey);
246
247 return SECSuccess;
248
249 loser:
250 if (mark != NULL)
251 PORT_ArenaRelease (poolp, mark);
252 if (bulkkey)
253 CFRelease(bulkkey);
254
255 return SECFailure;
256 }
257
258 /*
259 * SecCmsEnvelopedDataEncodeBeforeData - set up encryption
260 *
261 * it is essential that this is called before the contentEncAlg is encoded, because
262 * setting up the encryption may generate IVs and thus change it!
263 */
264 OSStatus
265 SecCmsEnvelopedDataEncodeBeforeData(SecCmsEnvelopedDataRef envd)
266 {
267 SecCmsContentInfoRef cinfo;
268 SecSymmetricKeyRef bulkkey;
269 SECAlgorithmID *algid;
270
271 cinfo = &(envd->contentInfo);
272
273 /* find bulkkey and algorithm - must have been set by SecCmsEnvelopedDataEncodeBeforeStart */
274 bulkkey = SecCmsContentInfoGetBulkKey(cinfo);
275 if (bulkkey == NULL)
276 return SECFailure;
277 algid = SecCmsContentInfoGetContentEncAlg(cinfo);
278 if (algid == NULL)
279 return SECFailure;
280
281 /* this may modify algid (with IVs generated in a token).
282 * it is essential that algid is a pointer to the contentEncAlg data, not a
283 * pointer to a copy! */
284 cinfo->ciphcx = SecCmsCipherContextStartEncrypt(cinfo->cmsg->poolp, bulkkey, algid);
285 CFRelease(bulkkey);
286 if (cinfo->ciphcx == NULL)
287 return SECFailure;
288
289 return SECSuccess;
290 }
291
292 /*
293 * SecCmsEnvelopedDataEncodeAfterData - finalize this envelopedData for encoding
294 */
295 OSStatus
296 SecCmsEnvelopedDataEncodeAfterData(SecCmsEnvelopedDataRef envd)
297 {
298 if (envd->contentInfo.ciphcx) {
299 SecCmsCipherContextDestroy(envd->contentInfo.ciphcx);
300 envd->contentInfo.ciphcx = NULL;
301 }
302
303 /* nothing else to do after data */
304 return SECSuccess;
305 }
306
307 /*
308 * SecCmsEnvelopedDataDecodeBeforeData - find our recipientinfo,
309 * derive bulk key & set up our contentinfo
310 */
311 OSStatus
312 SecCmsEnvelopedDataDecodeBeforeData(SecCmsEnvelopedDataRef envd)
313 {
314 SecCmsRecipientInfoRef ri;
315 SecSymmetricKeyRef bulkkey = NULL;
316 SECOidTag bulkalgtag;
317 SECAlgorithmID *bulkalg;
318 OSStatus rv = SECFailure;
319 SecCmsContentInfoRef cinfo;
320 SecCmsRecipient **recipient_list = NULL;
321 SecCmsRecipient *recipient;
322 int rlIndex;
323
324 if (SecCmsArrayCount((void **)envd->recipientInfos) == 0) {
325 PORT_SetError(SEC_ERROR_BAD_DATA);
326 #if 0
327 PORT_SetErrorString("No recipient data in envelope.");
328 #endif
329 goto loser;
330 }
331
332 /* look if one of OUR cert's issuerSN is on the list of recipients, and if so, */
333 /* get the cert and private key for it right away */
334 recipient_list = nss_cms_recipient_list_create(envd->recipientInfos);
335 if (recipient_list == NULL)
336 goto loser;
337
338 cinfo = &(envd->contentInfo);
339 /* what about multiple recipientInfos that match?
340 * especially if, for some reason, we could not produce a bulk key with the first match?!
341 * we could loop & feed partial recipient_list to PK11_FindCertAndKeyByRecipientList...
342 * maybe later... */
343 rlIndex = nss_cms_FindCertAndKeyByRecipientList(recipient_list, cinfo->cmsg->pwfn_arg);
344
345 /* if that fails, then we're not an intended recipient and cannot decrypt */
346 if (rlIndex < 0) {
347 PORT_SetError(SEC_ERROR_NOT_A_RECIPIENT);
348 #if 0
349 PORT_SetErrorString("Cannot decrypt data because proper key cannot be found.");
350 #endif
351 goto loser;
352 }
353
354 recipient = recipient_list[rlIndex];
355 if (!recipient->cert || !recipient->privkey) {
356 /* XXX should set an error code ?!? */
357 goto loser;
358 }
359 /* get a pointer to "our" recipientinfo */
360 ri = envd->recipientInfos[recipient->riIndex];
361
362 bulkalgtag = SecCmsContentInfoGetContentEncAlgTag(cinfo);
363 if (bulkalgtag == SEC_OID_UNKNOWN) {
364 PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
365 } else
366 bulkkey = SecCmsRecipientInfoUnwrapBulkKey(ri,recipient->subIndex,
367 recipient->cert,
368 recipient->privkey,
369 bulkalgtag);
370 if (bulkkey == NULL) {
371 /* no success finding a bulk key */
372 goto loser;
373 }
374
375 SecCmsContentInfoSetBulkKey(cinfo, bulkkey);
376 // @@@ See 3401088 for details. We need to CFRelease cinfo->bulkkey before recipient->privkey gets CFReleased. It's created with SecKeyCreate which is not safe currently. If the private key's SecKeyRef from which we extracted the CSP gets CFRelease before the builkkey does we crash. We should really fix SecKeyCreate which is a huge hack currently. To work around this we add recipient->privkey to the cinfo so it gets when cinfo is destroyed.
377 CFRetain(recipient->privkey);
378 cinfo->privkey = recipient->privkey;
379
380 bulkalg = SecCmsContentInfoGetContentEncAlg(cinfo);
381
382 cinfo->ciphcx = SecCmsCipherContextStartDecrypt(bulkkey, bulkalg);
383 if (cinfo->ciphcx == NULL)
384 goto loser; /* error has been set by SecCmsCipherContextStartDecrypt */
385
386 #if 1
387 // @@@ Fix me
388 #else
389 /*
390 * HACK ALERT!!
391 * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
392 * structure. Therefore, we need to set the bulkkey to the actual key
393 * prior to freeing it.
394 */
395 if (SEC_PKCS5IsAlgorithmPBEAlg(bulkalg)) {
396 SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
397 bulkkey = keyPwd->key;
398 }
399 #endif
400
401 rv = SECSuccess;
402
403 loser:
404 if (bulkkey)
405 CFRelease(bulkkey);
406 if (recipient_list != NULL)
407 nss_cms_recipient_list_destroy(recipient_list);
408 return rv;
409 }
410
411 /*
412 * SecCmsEnvelopedDataDecodeAfterData - finish decrypting this envelopedData's content
413 */
414 OSStatus
415 SecCmsEnvelopedDataDecodeAfterData(SecCmsEnvelopedDataRef envd)
416 {
417 if (envd && envd->contentInfo.ciphcx) {
418 SecCmsCipherContextDestroy(envd->contentInfo.ciphcx);
419 envd->contentInfo.ciphcx = NULL;
420 }
421
422 return SECSuccess;
423 }
424
425 /*
426 * SecCmsEnvelopedDataDecodeAfterEnd - finish decoding this envelopedData
427 */
428 OSStatus
429 SecCmsEnvelopedDataDecodeAfterEnd(SecCmsEnvelopedDataRef envd)
430 {
431 /* apply final touches */
432 return SECSuccess;
433 }
434
mirror of Security