]> git.saurik.com Git - apple/security.git/blob - libsecurity_smime/lib/cmsenvdata.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.1.35.tar.gz
[apple/security.git] / libsecurity_smime / lib / cmsenvdata.c
1 /*
2 * The contents of this file are subject to the Mozilla Public
3 * License Version 1.1 (the "License"); you may not use this file
4 * except in compliance with the License. You may obtain a copy of
5 * the License at http://www.mozilla.org/MPL/
6 *
7 * Software distributed under the License is distributed on an "AS
8 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9 * implied. See the License for the specific language governing
10 * rights and limitations under the License.
11 *
12 * The Original Code is the Netscape security libraries.
13 *
14 * The Initial Developer of the Original Code is Netscape
15 * Communications Corporation. Portions created by Netscape are
16 * Copyright (C) 1994-2000 Netscape Communications Corporation. All
17 * Rights Reserved.
18 *
19 * Contributor(s):
20 *
21 * Alternatively, the contents of this file may be used under the
22 * terms of the GNU General Public License Version 2 or later (the
23 * "GPL"), in which case the provisions of the GPL are applicable
24 * instead of those above. If you wish to allow use of your
25 * version of this file only under the terms of the GPL and not to
26 * allow others to use your version of this file under the MPL,
27 * indicate your decision by deleting the provisions above and
28 * replace them with the notice and other provisions required by
29 * the GPL. If you do not delete the provisions above, a recipient
30 * may use your version of this file under either the MPL or the
31 * GPL.
32 */
33
34 /*
35 * CMS envelopedData methods.
36 */
37
38 #include <Security/SecCmsEnvelopedData.h>
39
40 #include <Security/SecCmsContentInfo.h>
41 #include <Security/SecCmsRecipientInfo.h>
42 #include <Security/SecRandom.h>
43
44 #include "cmslocal.h"
45
46 #include "SecAsn1Item.h"
47 #include "secoid.h"
48 #include "cryptohi.h"
49
50 #include <security_asn1/secasn1.h>
51 #include <security_asn1/secerr.h>
52 #include <security_asn1/secport.h>
53
54 #include <Security/SecKeyPriv.h>
55 #include <CommonCrypto/CommonCryptor.h>
56
57 #include <AssertMacros.h>
58
59 /*
60 * SecCmsEnvelopedDataCreate - create an enveloped data message
61 */
62 SecCmsEnvelopedDataRef
63 SecCmsEnvelopedDataCreate(SecCmsMessageRef cmsg, SECOidTag algorithm, int keysize)
64 {
65 void *mark;
66 SecCmsEnvelopedDataRef envd;
67 PLArenaPool *poolp;
68 OSStatus rv;
69
70 poolp = cmsg->poolp;
71
72 mark = PORT_ArenaMark(poolp);
73
74 envd = (SecCmsEnvelopedDataRef)PORT_ArenaZAlloc(poolp, sizeof(SecCmsEnvelopedData));
75 if (envd == NULL)
76 goto loser;
77
78 envd->contentInfo.cmsg = cmsg;
79
80 /* version is set in SecCmsEnvelopedDataEncodeBeforeStart() */
81
82 rv = SecCmsContentInfoSetContentEncAlg(&(envd->contentInfo), algorithm, NULL, keysize);
83 if (rv != SECSuccess)
84 goto loser;
85
86 PORT_ArenaUnmark(poolp, mark);
87 return envd;
88
89 loser:
90 PORT_ArenaRelease(poolp, mark);
91 return NULL;
92 }
93
94 /*
95 * SecCmsEnvelopedDataDestroy - destroy an enveloped data message
96 */
97 void
98 SecCmsEnvelopedDataDestroy(SecCmsEnvelopedDataRef edp)
99 {
100 SecCmsRecipientInfoRef *recipientinfos;
101 SecCmsRecipientInfoRef ri;
102
103 if (edp == NULL)
104 return;
105
106 recipientinfos = edp->recipientInfos;
107 if (recipientinfos == NULL)
108 return;
109
110 while ((ri = *recipientinfos++) != NULL)
111 SecCmsRecipientInfoDestroy(ri);
112
113 SecCmsContentInfoDestroy(&(edp->contentInfo));
114
115 }
116
117 /*
118 * SecCmsEnvelopedDataGetContentInfo - return pointer to this envelopedData's contentinfo
119 */
120 SecCmsContentInfoRef
121 SecCmsEnvelopedDataGetContentInfo(SecCmsEnvelopedDataRef envd)
122 {
123 return &(envd->contentInfo);
124 }
125
126 /*
127 * SecCmsEnvelopedDataAddRecipient - add a recipientinfo to the enveloped data msg
128 *
129 * rip must be created on the same pool as edp - this is not enforced, though.
130 */
131 OSStatus
132 SecCmsEnvelopedDataAddRecipient(SecCmsEnvelopedDataRef edp, SecCmsRecipientInfoRef rip)
133 {
134 void *mark;
135 OSStatus rv;
136
137 /* XXX compare pools, if not same, copy rip into edp's pool */
138
139 PR_ASSERT(edp != NULL);
140 PR_ASSERT(rip != NULL);
141
142 mark = PORT_ArenaMark(edp->contentInfo.cmsg->poolp);
143
144 rv = SecCmsArrayAdd(edp->contentInfo.cmsg->poolp, (void ***)&(edp->recipientInfos), (void *)rip);
145 if (rv != SECSuccess) {
146 PORT_ArenaRelease(edp->contentInfo.cmsg->poolp, mark);
147 return SECFailure;
148 }
149
150 PORT_ArenaUnmark (edp->contentInfo.cmsg->poolp, mark);
151 return SECSuccess;
152 }
153
154 /*
155 * SecCmsEnvelopedDataEncodeBeforeStart - prepare this envelopedData for encoding
156 *
157 * at this point, we need
158 * - recipientinfos set up with recipient's certificates
159 * - a content encryption algorithm (if none, 3DES will be used)
160 *
161 * this function will generate a random content encryption key (aka bulk key),
162 * initialize the recipientinfos with certificate identification and wrap the bulk key
163 * using the proper algorithm for every certificiate.
164 * it will finally set the bulk algorithm and key so that the encode step can find it.
165 */
166 OSStatus
167 SecCmsEnvelopedDataEncodeBeforeStart(SecCmsEnvelopedDataRef envd)
168 {
169 int version;
170 SecCmsRecipientInfoRef *recipientinfos;
171 SecCmsContentInfoRef cinfo;
172 SecSymmetricKeyRef bulkkey = NULL;
173 #if USE_CDSA_CRYPTO
174 SecAsn1AlgId algorithm;
175 #endif
176 SECOidTag bulkalgtag;
177 //CK_MECHANISM_TYPE type;
178 //PK11SlotInfo *slot;
179 OSStatus rv;
180 SecAsn1Item * dummy;
181 PLArenaPool *poolp;
182 extern const SecAsn1Template SecCmsRecipientInfoTemplate[];
183 void *mark = NULL;
184 int i;
185
186 cinfo = &(envd->contentInfo);
187 poolp = cinfo->cmsg->poolp;
188
189 recipientinfos = envd->recipientInfos;
190 if (recipientinfos == NULL) {
191 PORT_SetError(SEC_ERROR_BAD_DATA);
192 #if 0
193 PORT_SetErrorString("Cannot find recipientinfos to encode.");
194 #endif
195 goto loser;
196 }
197
198 version = SEC_CMS_ENVELOPED_DATA_VERSION_REG;
199 if (envd->originatorInfo != NULL || envd->unprotectedAttr != NULL) {
200 version = SEC_CMS_ENVELOPED_DATA_VERSION_ADV;
201 } else {
202 for (i = 0; recipientinfos[i] != NULL; i++) {
203 if (SecCmsRecipientInfoGetVersion(recipientinfos[i]) != 0) {
204 version = SEC_CMS_ENVELOPED_DATA_VERSION_ADV;
205 break;
206 }
207 }
208 }
209 dummy = SEC_ASN1EncodeInteger(poolp, &(envd->version), version);
210 if (dummy == NULL)
211 goto loser;
212
213 /* now we need to have a proper content encryption algorithm
214 * on the SMIME level, we would figure one out by looking at SMIME capabilities
215 * we cannot do that on our level, so if none is set already, we'll just go
216 * with one of the mandatory algorithms (3DES) */
217 if ((bulkalgtag = SecCmsContentInfoGetContentEncAlgTag(cinfo)) == SEC_OID_UNKNOWN) {
218 rv = SecCmsContentInfoSetContentEncAlg(cinfo, SEC_OID_DES_EDE3_CBC, NULL, 192);
219 if (rv != SECSuccess)
220 goto loser;
221 bulkalgtag = SEC_OID_DES_EDE3_CBC;
222 }
223
224 #if USE_CDSA_CRYPTO
225 algorithm = SECOID_FindyCssmAlgorithmByTag(bulkalgtag);
226 if (!algorithm)
227 goto loser;
228 rv = SecKeyGenerate(NULL, /* keychainRef */
229 algorithm,
230 SecCmsContentInfoGetBulkKeySize(cinfo),
231 0, /* contextHandle */
232 CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_DECRYPT,
233 CSSM_KEYATTR_EXTRACTABLE,
234 NULL, /* initialAccess */
235 &bulkkey);
236 if (rv)
237 goto loser;
238 #else
239 {
240 size_t keysize = (cinfo->keysize + 7)/8;
241 uint8_t key_material[keysize];
242 require_noerr(SecRandomCopyBytes(kSecRandomDefault, keysize, key_material), loser);
243 bulkkey = (SecSymmetricKeyRef)CFDataCreate(kCFAllocatorDefault, key_material, keysize);
244 }
245 #endif
246
247 mark = PORT_ArenaMark(poolp);
248
249 /* Encrypt the bulk key with the public key of each recipient. */
250 for (i = 0; recipientinfos[i] != NULL; i++) {
251 rv = SecCmsRecipientInfoWrapBulkKey(recipientinfos[i], bulkkey, bulkalgtag);
252 if (rv != SECSuccess)
253 goto loser; /* error has been set by SecCmsRecipientInfoEncryptBulkKey */
254 /* could be: alg not supported etc. */
255 }
256
257 /* the recipientinfos are all finished. now sort them by DER for SET OF encoding */
258 rv = SecCmsArraySortByDER((void **)envd->recipientInfos, SecCmsRecipientInfoTemplate, NULL);
259 if (rv != SECSuccess)
260 goto loser; /* error has been set by SecCmsArraySortByDER */
261
262 /* store the bulk key in the contentInfo so that the encoder can find it */
263 SecCmsContentInfoSetBulkKey(cinfo, bulkkey);
264
265 PORT_ArenaUnmark(poolp, mark);
266
267 CFRelease(bulkkey);
268
269 return SECSuccess;
270
271 loser:
272 if (mark != NULL)
273 PORT_ArenaRelease (poolp, mark);
274 if (bulkkey)
275 CFRelease(bulkkey);
276
277 return SECFailure;
278 }
279
280 /*
281 * SecCmsEnvelopedDataEncodeBeforeData - set up encryption
282 *
283 * it is essential that this is called before the contentEncAlg is encoded, because
284 * setting up the encryption may generate IVs and thus change it!
285 */
286 OSStatus
287 SecCmsEnvelopedDataEncodeBeforeData(SecCmsEnvelopedDataRef envd)
288 {
289 SecCmsContentInfoRef cinfo;
290 SecSymmetricKeyRef bulkkey;
291 SECAlgorithmID *algid;
292
293 cinfo = &(envd->contentInfo);
294
295 /* find bulkkey and algorithm - must have been set by SecCmsEnvelopedDataEncodeBeforeStart */
296 bulkkey = SecCmsContentInfoGetBulkKey(cinfo);
297 if (bulkkey == NULL)
298 return SECFailure;
299 algid = SecCmsContentInfoGetContentEncAlg(cinfo);
300 if (algid == NULL)
301 return SECFailure;
302
303 /* this may modify algid (with IVs generated in a token).
304 * it is essential that algid is a pointer to the contentEncAlg data, not a
305 * pointer to a copy! */
306 cinfo->ciphcx = SecCmsCipherContextStartEncrypt(cinfo->cmsg->poolp, bulkkey, algid);
307 CFRelease(bulkkey);
308 if (cinfo->ciphcx == NULL)
309 return SECFailure;
310
311 return SECSuccess;
312 }
313
314 /*
315 * SecCmsEnvelopedDataEncodeAfterData - finalize this envelopedData for encoding
316 */
317 OSStatus
318 SecCmsEnvelopedDataEncodeAfterData(SecCmsEnvelopedDataRef envd)
319 {
320 if (envd->contentInfo.ciphcx) {
321 SecCmsCipherContextDestroy(envd->contentInfo.ciphcx);
322 envd->contentInfo.ciphcx = NULL;
323 }
324
325 /* nothing else to do after data */
326 return SECSuccess;
327 }
328
329 /*
330 * SecCmsEnvelopedDataDecodeBeforeData - find our recipientinfo,
331 * derive bulk key & set up our contentinfo
332 */
333 OSStatus
334 SecCmsEnvelopedDataDecodeBeforeData(SecCmsEnvelopedDataRef envd)
335 {
336 SecCmsRecipientInfoRef ri;
337 SecSymmetricKeyRef bulkkey = NULL;
338 SECOidTag bulkalgtag;
339 SECAlgorithmID *bulkalg;
340 OSStatus rv = SECFailure;
341 SecCmsContentInfoRef cinfo;
342 SecCmsRecipient **recipient_list = NULL;
343 SecCmsRecipient *recipient;
344 int rlIndex;
345
346 if (SecCmsArrayCount((void **)envd->recipientInfos) == 0) {
347 PORT_SetError(SEC_ERROR_BAD_DATA);
348 #if 0
349 PORT_SetErrorString("No recipient data in envelope.");
350 #endif
351 goto loser;
352 }
353
354 /* look if one of OUR cert's issuerSN is on the list of recipients, and if so, */
355 /* get the cert and private key for it right away */
356 recipient_list = nss_cms_recipient_list_create(envd->recipientInfos);
357 if (recipient_list == NULL)
358 goto loser;
359
360 cinfo = &(envd->contentInfo);
361 /* what about multiple recipientInfos that match?
362 * especially if, for some reason, we could not produce a bulk key with the first match?!
363 * we could loop & feed partial recipient_list to PK11_FindCertAndKeyByRecipientList...
364 * maybe later... */
365 rlIndex = nss_cms_FindCertAndKeyByRecipientList(recipient_list, cinfo->cmsg->pwfn_arg);
366
367 /* if that fails, then we're not an intended recipient and cannot decrypt */
368 if (rlIndex < 0) {
369 PORT_SetError(SEC_ERROR_NOT_A_RECIPIENT);
370 #if 0
371 PORT_SetErrorString("Cannot decrypt data because proper key cannot be found.");
372 #endif
373 goto loser;
374 }
375
376 recipient = recipient_list[rlIndex];
377 if (!recipient->cert || !recipient->privkey) {
378 /* XXX should set an error code ?!? */
379 goto loser;
380 }
381 /* get a pointer to "our" recipientinfo */
382 ri = envd->recipientInfos[recipient->riIndex];
383
384 bulkalgtag = SecCmsContentInfoGetContentEncAlgTag(cinfo);
385 if (bulkalgtag == SEC_OID_UNKNOWN) {
386 PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
387 } else
388 bulkkey = SecCmsRecipientInfoUnwrapBulkKey(ri,recipient->subIndex,
389 recipient->cert,
390 recipient->privkey,
391 bulkalgtag);
392 if (bulkkey == NULL) {
393 /* no success finding a bulk key */
394 goto loser;
395 }
396
397 SecCmsContentInfoSetBulkKey(cinfo, bulkkey);
398 // @@@ See 3401088 for details. We need to CFRelease cinfo->bulkkey before recipient->privkey gets CFReleased. It's created with SecKeyCreate which is not safe currently. If the private key's SecKeyRef from which we extracted the CSP gets CFRelease before the builkkey does we crash. We should really fix SecKeyCreate which is a huge hack currently. To work around this we add recipient->privkey to the cinfo so it gets when cinfo is destroyed.
399 CFRetain(recipient->privkey);
400 cinfo->privkey = recipient->privkey;
401
402 bulkalg = SecCmsContentInfoGetContentEncAlg(cinfo);
403
404 cinfo->ciphcx = SecCmsCipherContextStartDecrypt(bulkkey, bulkalg);
405 if (cinfo->ciphcx == NULL)
406 goto loser; /* error has been set by SecCmsCipherContextStartDecrypt */
407
408 #if 1
409 // @@@ Fix me
410 #else
411 /*
412 * HACK ALERT!!
413 * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
414 * structure. Therefore, we need to set the bulkkey to the actual key
415 * prior to freeing it.
416 */
417 if (SEC_PKCS5IsAlgorithmPBEAlg(bulkalg)) {
418 SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
419 bulkkey = keyPwd->key;
420 }
421 #endif
422
423 rv = SECSuccess;
424
425 loser:
426 if (bulkkey)
427 CFRelease(bulkkey);
428 if (recipient_list != NULL)
429 nss_cms_recipient_list_destroy(recipient_list);
430 return rv;
431 }
432
433 /*
434 * SecCmsEnvelopedDataDecodeAfterData - finish decrypting this envelopedData's content
435 */
436 OSStatus
437 SecCmsEnvelopedDataDecodeAfterData(SecCmsEnvelopedDataRef envd)
438 {
439 if (envd && envd->contentInfo.ciphcx) {
440 SecCmsCipherContextDestroy(envd->contentInfo.ciphcx);
441 envd->contentInfo.ciphcx = NULL;
442 }
443
444 return SECSuccess;
445 }
446
447 /*
448 * SecCmsEnvelopedDataDecodeAfterEnd - finish decoding this envelopedData
449 */
450 OSStatus
451 SecCmsEnvelopedDataDecodeAfterEnd(SecCmsEnvelopedDataRef envd)
452 {
453 /* apply final touches */
454 return SECSuccess;
455 }
456
mirror of Security