--- /dev/null
+/*
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is the Netscape security libraries.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation. Portions created by Netscape are
+ * Copyright (C) 1994-2000 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable
+ * instead of those above. If you wish to allow use of your
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL. If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+
+/*
+ * CMS signedData methods.
+ */
+
+#include <Security/SecCmsSignedData.h>
+
+#include <Security/SecCmsContentInfo.h>
+#include <Security/SecCmsDigestContext.h>
+#include <Security/SecCmsSignerInfo.h>
+
+#include "cmslocal.h"
+
+#include "cert.h"
+#include "secitem.h"
+#include "secoid.h"
+#include "tsaTemplates.h"
+
+#include <security_asn1/secasn1.h>
+#include <security_asn1/secerr.h>
+#include <Security/SecBase.h>
+#include <CommonCrypto/CommonRandomSPI.h>
+#include <Security/SecPolicyPriv.h>
+#include <utilities/SecCFWrappers.h>
+
+#ifndef NDEBUG
+#define SIGDATA_DEBUG 1
+#endif
+
+#if SIGDATA_DEBUG
+#define dprintf(args...) printf(args)
+#else
+#define dprintf(args...)
+#endif
+
+SecCmsSignedDataRef
+SecCmsSignedDataCreate(SecCmsMessageRef cmsg)
+{
+ void *mark;
+ SecCmsSignedDataRef sigd;
+ PLArenaPool *poolp;
+
+ poolp = cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ sigd = (SecCmsSignedDataRef)PORT_ArenaZAlloc (poolp, sizeof(SecCmsSignedData));
+ if (sigd == NULL)
+ goto loser;
+
+ sigd->cmsg = cmsg;
+
+ /* signerInfos, certs, certlists, crls are all empty */
+ /* version is set in SecCmsSignedDataFinalize() */
+
+ PORT_ArenaUnmark(poolp, mark);
+ return sigd;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+void
+SecCmsSignedDataDestroy(SecCmsSignedDataRef sigd)
+{
+ SecCmsSignerInfoRef *signerinfos, si;
+
+ if (sigd == NULL)
+ return;
+
+ if (sigd->certs != NULL)
+ CFRelease(sigd->certs);
+
+ signerinfos = sigd->signerInfos;
+ if (signerinfos != NULL) {
+ while ((si = *signerinfos++) != NULL)
+ SecCmsSignerInfoDestroy(si);
+ }
+
+ /* everything's in a pool, so don't worry about the storage */
+ SecCmsContentInfoDestroy(&(sigd->contentInfo));
+}
+
+/*
+ * SecCmsSignedDataEncodeBeforeStart - do all the necessary things to a SignedData
+ * before start of encoding.
+ *
+ * In detail:
+ * - find out about the right value to put into sigd->version
+ * - come up with a list of digestAlgorithms (which should be the union of the algorithms
+ * in the signerinfos).
+ * If we happen to have a pre-set list of algorithms (and digest values!), we
+ * check if we have all the signerinfos' algorithms. If not, this is an error.
+ */
+OSStatus
+SecCmsSignedDataEncodeBeforeStart(SecCmsSignedDataRef sigd)
+{
+ SecCmsSignerInfoRef signerinfo;
+ SECOidTag digestalgtag;
+ CSSM_DATA_PTR dummy;
+ int version;
+ OSStatus rv;
+ Boolean haveDigests = PR_FALSE;
+ int n, i;
+ PLArenaPool *poolp;
+
+ poolp = sigd->cmsg->poolp;
+
+ /* we assume that we have precomputed digests if there is a list of algorithms, and */
+ /* a chunk of data for each of those algorithms */
+ if (sigd->digestAlgorithms != NULL && sigd->digests != NULL) {
+ for (i=0; sigd->digestAlgorithms[i] != NULL; i++) {
+ if (sigd->digests[i] == NULL)
+ break;
+ }
+ if (sigd->digestAlgorithms[i] == NULL) /* reached the end of the array? */
+ haveDigests = PR_TRUE; /* yes: we must have all the digests */
+ }
+
+ version = SEC_CMS_SIGNED_DATA_VERSION_BASIC;
+
+ /* RFC2630 5.1 "version is the syntax version number..." */
+ if (SecCmsContentInfoGetContentTypeTag(&(sigd->contentInfo)) != SEC_OID_PKCS7_DATA)
+ version = SEC_CMS_SIGNED_DATA_VERSION_EXT;
+
+ /* prepare all the SignerInfos (there may be none) */
+ for (i=0; i < SecCmsSignedDataSignerInfoCount(sigd); i++) {
+ signerinfo = SecCmsSignedDataGetSignerInfo(sigd, i);
+
+ /* RFC2630 5.1 "version is the syntax version number..." */
+ if (SecCmsSignerInfoGetVersion(signerinfo) != SEC_CMS_SIGNER_INFO_VERSION_ISSUERSN)
+ version = SEC_CMS_SIGNED_DATA_VERSION_EXT;
+
+ /* collect digestAlgorithms from SignerInfos */
+ /* (we need to know which algorithms we have when the content comes in) */
+ /* do not overwrite any existing digestAlgorithms (and digest) */
+ digestalgtag = SecCmsSignerInfoGetDigestAlgTag(signerinfo);
+
+ n = SecCmsAlgArrayGetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
+ if (n < 0 && haveDigests) {
+ /* oops, there is a digestalg we do not have a digest for */
+ /* but we were supposed to have all the digests already... */
+ goto loser;
+ } else if (n < 0) {
+ /* add the digestAlgorithm & a NULL digest */
+ rv = SecCmsSignedDataAddDigest((SecArenaPoolRef)poolp, sigd, digestalgtag, NULL);
+ if (rv != SECSuccess)
+ goto loser;
+ } else {
+ /* found it, nothing to do */
+ }
+ }
+
+ dummy = SEC_ASN1EncodeInteger(poolp, &(sigd->version), (long)version);
+ if (dummy == NULL)
+ return SECFailure;
+
+ /* this is a SET OF, so we need to sort them guys */
+ rv = SecCmsArraySortByDER((void **)sigd->digestAlgorithms,
+ SEC_ASN1_GET(SECOID_AlgorithmIDTemplate),
+ (void **)sigd->digests);
+ if (rv != SECSuccess)
+ return SECFailure;
+
+ return SECSuccess;
+
+loser:
+ return SECFailure;
+}
+
+OSStatus
+SecCmsSignedDataEncodeBeforeData(SecCmsSignedDataRef sigd)
+{
+ /* set up the digests */
+ if (sigd->digestAlgorithms != NULL) {
+ sigd->contentInfo.digcx = SecCmsDigestContextStartMultiple(sigd->digestAlgorithms);
+ if (sigd->contentInfo.digcx == NULL)
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+#include <AssertMacros.h>
+#include "tsaSupport.h"
+#include "tsaSupportPriv.h"
+#include "tsaTemplates.h"
+#include <security_keychain/tsaDERUtilities.h>
+
+extern const SecAsn1Template kSecAsn1TSATSTInfoTemplate;
+
+OSStatus createTSAMessageImprint(SecCmsSignedDataRef signedData, CSSM_DATA_PTR encDigest,
+ SecAsn1TSAMessageImprint *messageImprint)
+{
+ // Calculate hash of encDigest and put in messageImprint.hashedMessage
+ // We pass in encDigest, since in the verification case, it comes from a different signedData
+
+ OSStatus status = SECFailure;
+
+ require(signedData && messageImprint, xit);
+
+ SECAlgorithmID **digestAlgorithms = SecCmsSignedDataGetDigestAlgs(signedData);
+ require(digestAlgorithms, xit);
+
+ SecCmsDigestContextRef digcx = SecCmsDigestContextStartMultiple(digestAlgorithms);
+ require(digcx, xit);
+ require(encDigest, xit);
+
+ SecCmsSignerInfoRef signerinfo = SecCmsSignedDataGetSignerInfo(signedData, 0); // NB - assume 1 signer only!
+ messageImprint->hashAlgorithm = signerinfo->digestAlg;
+
+ SecCmsDigestContextUpdate(digcx, encDigest->Data, encDigest->Length);
+
+ require_noerr(SecCmsDigestContextFinishSingle(digcx, (SecArenaPoolRef)signedData->cmsg->poolp,
+ &messageImprint->hashedMessage), xit);
+
+ status = SECSuccess;
+xit:
+ return status;
+}
+
+#include <Security/SecAsn1Templates.h>
+
+#ifndef NDEBUG
+static OSStatus decodeDERUTF8String(const CSSM_DATA_PTR content, char *statusstr, size_t strsz)
+{
+ // The statusString should use kSecAsn1SequenceOfUTF8StringTemplate, but doesn't
+ OSStatus status = SECFailure;
+ SecAsn1CoderRef coder = NULL;
+ CSSM_DATA statusString;
+ size_t len = 0;
+
+ require(content && statusstr, xit);
+
+ require_noerr(SecAsn1CoderCreate(&coder), xit);
+ require_noerr(SecAsn1Decode(coder, content->Data, content->Length, kSecAsn1UTF8StringTemplate, &statusString), xit);
+ status = 0;
+ len = (statusString.Length < strsz)?(int)statusString.Length:strsz;
+ if (statusstr && statusString.Data)
+ strncpy(statusstr, (const char *)statusString.Data, len);
+
+xit:
+ if (coder)
+ SecAsn1CoderRelease(coder);
+ return status;
+}
+#endif
+
+static OSStatus validateTSAResponseAndAddTimeStamp(SecCmsSignerInfoRef signerinfo, CSSM_DATA_PTR tsaResponse,
+ uint64_t expectedNonce)
+{
+ OSStatus status = SECFailure;
+ SecAsn1CoderRef coder = NULL;
+ SecAsn1TimeStampRespDER respDER = {{{0}},};
+ SecAsn1TSAPKIStatusInfo *tsastatus = NULL;
+ int respstatus = -1;
+#ifndef NDEBUG
+ int failinfo = -1;
+#endif
+
+ require_action(tsaResponse && tsaResponse->Data && tsaResponse->Length, xit, status = errSecTimestampMissing);
+
+ require_noerr(SecAsn1CoderCreate(&coder), xit);
+ require_noerr(SecTSAResponseCopyDEREncoding(coder, tsaResponse, &respDER), xit);
+
+#ifndef NDEBUG
+ tsaWriteFileX("/tmp/tsa-timeStampToken.der", respDER.timeStampTokenDER.Data, respDER.timeStampTokenDER.Length);
+#endif
+
+ tsastatus = (SecAsn1TSAPKIStatusInfo *)&respDER.status;
+ require_action(tsastatus->status.Data, xit, status = errSecTimestampBadDataFormat);
+ respstatus = (int)tsaDER_ToInt(&tsastatus->status);
+
+#ifndef NDEBUG
+ char buf[80]={0,};
+ if (tsastatus->failInfo.Data) // e.g. FI_BadRequest
+ failinfo = (int)tsaDER_ToInt(&tsastatus->failInfo);
+
+ if (tsastatus->statusString.Data && tsastatus->statusString.Length)
+ {
+ OSStatus strrx = decodeDERUTF8String(&tsastatus->statusString, buf, sizeof(buf));
+ dprintf("decodeDERUTF8String status: %d\n", (int)strrx);
+ }
+
+ dprintf("validateTSAResponse: status: %d, failinfo: %d, %s\n", respstatus, failinfo, buf);
+#endif
+
+ switch (respstatus)
+ {
+ case PKIS_Granted:
+ case PKIS_GrantedWithMods: // Success
+ status = noErr;
+ break;
+ case PKIS_Rejection:
+ status = errSecTimestampRejection;
+ break;
+ case PKIS_Waiting:
+ status = errSecTimestampWaiting;
+ break;
+ case PKIS_RevocationWarning:
+ status = errSecTimestampRevocationWarning;
+ break;
+ case PKIS_RevocationNotification:
+ status = errSecTimestampRevocationNotification;
+ break;
+ default:
+ status = errSecTimestampSystemFailure;
+ break;
+ }
+ require_noerr(status, xit);
+
+ // If we succeeded, then we must have a TimeStampToken
+
+ require_action(respDER.timeStampTokenDER.Data && respDER.timeStampTokenDER.Length, xit, status = errSecTimestampBadDataFormat);
+
+ dprintf("timestamp full expected nonce: %lld\n", expectedNonce);
+
+ /*
+ The bytes in respDER are a full CMS message, which we need to check now for validity.
+ The code for this is essentially the same code taht is done during a timestamp
+ verify, except that we also need to check the nonce.
+ */
+ require_noerr(status = decodeTimeStampToken(signerinfo, &respDER.timeStampTokenDER, NULL, expectedNonce), xit);
+
+ status = SecCmsSignerInfoAddTimeStamp(signerinfo, &respDER.timeStampTokenDER);
+
+xit:
+ if (coder)
+ SecAsn1CoderRelease(coder);
+ return status;
+}
+
+static OSStatus getRandomNonce(uint64_t *nonce)
+{
+ return nonce ? CCRandomCopyBytes(kCCRandomDevRandom, (void *)nonce, sizeof(*nonce)) : SECFailure;
+}
+
+static OSStatus remapTimestampError(OSStatus inStatus)
+{
+ /*
+ Since communicating with the timestamp server is perhaps an unexpected
+ dependency on the network, map unknown errors into something to indicate
+ that signing without a timestamp may be a workaround. In particular, the
+ private CFURL errors (see CFNetworkErrorsPriv.i)
+
+ kCFURLErrorTimedOut = -1001,
+ kCFURLErrorNotConnectedToInternet = -1009,
+
+ are remapped to errSecTimestampServiceNotAvailable.
+ */
+
+ switch (inStatus)
+ {
+ case errSecTimestampMissing:
+ case errSecTimestampInvalid:
+ case errSecTimestampNotTrusted:
+ case errSecTimestampServiceNotAvailable:
+ case errSecTimestampBadAlg:
+ case errSecTimestampBadRequest:
+ case errSecTimestampBadDataFormat:
+ case errSecTimestampTimeNotAvailable:
+ case errSecTimestampUnacceptedPolicy:
+ case errSecTimestampUnacceptedExtension:
+ case errSecTimestampAddInfoNotAvailable:
+ case errSecTimestampSystemFailure:
+ case errSecSigningTimeMissing:
+ case errSecTimestampRejection:
+ case errSecTimestampWaiting:
+ case errSecTimestampRevocationWarning:
+ case errSecTimestampRevocationNotification:
+ return inStatus;
+ default:
+ return errSecTimestampServiceNotAvailable;
+ }
+ return errSecTimestampServiceNotAvailable;
+}
+
+/*
+ * SecCmsSignedDataEncodeAfterData - do all the necessary things to a SignedData
+ * after all the encapsulated data was passed through the encoder.
+ *
+ * In detail:
+ * - create the signatures in all the SignerInfos
+ *
+ * Please note that nothing is done to the Certificates and CRLs in the message - this
+ * is entirely the responsibility of our callers.
+ */
+OSStatus
+SecCmsSignedDataEncodeAfterData(SecCmsSignedDataRef sigd)
+{
+ SecCmsSignerInfoRef *signerinfos, signerinfo;
+ SecCmsContentInfoRef cinfo;
+ SECOidTag digestalgtag;
+ OSStatus ret = SECFailure;
+ OSStatus rv;
+ CSSM_DATA_PTR contentType;
+ int certcount;
+ int i, ci, n, rci, si;
+ PLArenaPool *poolp;
+ CFArrayRef certlist;
+ extern const SecAsn1Template SecCmsSignerInfoTemplate[];
+
+ poolp = sigd->cmsg->poolp;
+ cinfo = &(sigd->contentInfo);
+
+ /* did we have digest calculation going on? */
+ if (cinfo->digcx) {
+ rv = SecCmsDigestContextFinishMultiple(cinfo->digcx, (SecArenaPoolRef)poolp, &(sigd->digests));
+ if (rv != SECSuccess)
+ goto loser; /* error has been set by SecCmsDigestContextFinishMultiple */
+ cinfo->digcx = NULL;
+ }
+
+ signerinfos = sigd->signerInfos;
+ certcount = 0;
+
+ /* prepare all the SignerInfos (there may be none) */
+ for (i=0; i < SecCmsSignedDataSignerInfoCount(sigd); i++) {
+ signerinfo = SecCmsSignedDataGetSignerInfo(sigd, i);
+
+ /* find correct digest for this signerinfo */
+ digestalgtag = SecCmsSignerInfoGetDigestAlgTag(signerinfo);
+ n = SecCmsAlgArrayGetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
+ if (n < 0 || sigd->digests == NULL || sigd->digests[n] == NULL) {
+ /* oops - digest not found */
+ PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
+ goto loser;
+ }
+
+ /* XXX if our content is anything else but data, we need to force the
+ * presence of signed attributes (RFC2630 5.3 "signedAttributes is a
+ * collection...") */
+
+ /* pass contentType here as we want a contentType attribute */
+ if ((contentType = SecCmsContentInfoGetContentTypeOID(cinfo)) == NULL)
+ goto loser;
+
+ /* sign the thing */
+ rv = SecCmsSignerInfoSign(signerinfo, sigd->digests[n], contentType);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* while we're at it, count number of certs in certLists */
+ certlist = SecCmsSignerInfoGetCertList(signerinfo);
+ if (certlist)
+ certcount += CFArrayGetCount(certlist);
+ }
+
+ /* Now we can get a timestamp, since we have all the digests */
+
+ // We force the setting of a callback, since this is the most usual case
+ if (!sigd->cmsg->tsaCallback)
+ SecCmsMessageSetTSACallback(sigd->cmsg, (SecCmsTSACallback)SecCmsTSADefaultCallback);
+
+ if (sigd->cmsg->tsaCallback && sigd->cmsg->tsaContext)
+ {
+ CSSM_DATA tsaResponse = {0,};
+ SecAsn1TSAMessageImprint messageImprint = {{{0},},{0,}};
+ // <rdar://problem/11073466> Add nonce support for timestamping client
+
+ uint64_t nonce = 0;
+
+ require_noerr(getRandomNonce(&nonce), tsxit);
+ dprintf("SecCmsSignedDataSignerInfoCount: %d\n", SecCmsSignedDataSignerInfoCount(sigd));
+
+ // Calculate hash of encDigest and put in messageImprint.hashedMessage
+ SecCmsSignerInfoRef signerinfo = SecCmsSignedDataGetSignerInfo(sigd, 0); // NB - assume 1 signer only!
+ CSSM_DATA *encDigest = SecCmsSignerInfoGetEncDigest(signerinfo);
+ require_noerr(createTSAMessageImprint(sigd, encDigest, &messageImprint), tsxit);
+
+ // Callback to fire up XPC service to talk to TimeStamping server, etc.
+ require_noerr(rv =(*sigd->cmsg->tsaCallback)(sigd->cmsg->tsaContext, &messageImprint,
+ nonce, &tsaResponse), tsxit);
+
+ require_noerr(rv = validateTSAResponseAndAddTimeStamp(signerinfo, &tsaResponse, nonce), tsxit);
+
+ /*
+ It is likely that every occurrence of "goto loser" in this file should
+ also do a PORT_SetError. Since it is not clear what might depend on this
+ behavior, we just do this in the timestamping case.
+ */
+tsxit:
+ if (rv)
+ {
+ dprintf("Original timestamp error: %d\n", (int)rv);
+ rv = remapTimestampError(rv);
+ PORT_SetError(rv);
+ goto loser;
+ }
+ }
+
+ /* this is a SET OF, so we need to sort them guys */
+ rv = SecCmsArraySortByDER((void **)signerinfos, SecCmsSignerInfoTemplate, NULL);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /*
+ * now prepare certs & crls
+ */
+
+ /* count the rest of the certs */
+ if (sigd->certs != NULL)
+ certcount += CFArrayGetCount(sigd->certs);
+
+ if (certcount == 0) {
+ sigd->rawCerts = NULL;
+ } else {
+ /*
+ * Combine all of the certs and cert chains into rawcerts.
+ * Note: certcount is an upper bound; we may not need that many slots
+ * but we will allocate anyway to avoid having to do another pass.
+ * (The temporary space saving is not worth it.)
+ *
+ * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
+ * SetOfDERcertficates implementation
+ */
+ sigd->rawCerts = (CSSM_DATA_PTR *)PORT_ArenaAlloc(poolp, (certcount + 1) * sizeof(CSSM_DATA_PTR));
+ if (sigd->rawCerts == NULL)
+ return SECFailure;
+
+ /*
+ * XXX Want to check for duplicates and not add *any* cert that is
+ * already in the set. This will be more important when we start
+ * dealing with larger sets of certs, dual-key certs (signing and
+ * encryption), etc. For the time being we can slide by...
+ *
+ * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
+ * SetOfDERcertficates implementation
+ */
+ rci = 0;
+ if (signerinfos != NULL) {
+ for (si = 0; signerinfos[si] != NULL; si++) {
+ signerinfo = signerinfos[si];
+ for (ci = 0; ci < CFArrayGetCount(signerinfo->certList); ci++) {
+ sigd->rawCerts[rci] = PORT_ArenaZAlloc(poolp, sizeof(CSSM_DATA));
+ SecCertificateRef cert = (SecCertificateRef)CFArrayGetValueAtIndex(signerinfo->certList, ci);
+ SecCertificateGetData(cert, sigd->rawCerts[rci++]);
+ }
+ }
+ }
+
+ if (sigd->certs != NULL) {
+ for (ci = 0; ci < CFArrayGetCount(sigd->certs); ci++) {
+ sigd->rawCerts[rci] = PORT_ArenaZAlloc(poolp, sizeof(CSSM_DATA));
+ SecCertificateRef cert = (SecCertificateRef)CFArrayGetValueAtIndex(sigd->certs, ci);
+ SecCertificateGetData(cert, sigd->rawCerts[rci++]);
+ }
+ }
+
+ sigd->rawCerts[rci] = NULL;
+
+ /* this is a SET OF, so we need to sort them guys - we have the DER already, though */
+ SecCmsArraySort((void **)sigd->rawCerts, SecCmsUtilDERCompare, NULL, NULL);
+ }
+
+ ret = SECSuccess;
+
+loser:
+
+ dprintf("SecCmsSignedDataEncodeAfterData: ret: %ld, rv: %ld\n", (long)ret, (long)rv);
+ return ret;
+}
+
+OSStatus
+SecCmsSignedDataDecodeBeforeData(SecCmsSignedDataRef sigd)
+{
+ /* set up the digests */
+ if (sigd->digestAlgorithms != NULL && sigd->digests == NULL) {
+ /* if digests are already there, do nothing */
+ sigd->contentInfo.digcx = SecCmsDigestContextStartMultiple(sigd->digestAlgorithms);
+ if (sigd->contentInfo.digcx == NULL)
+ return SECFailure;
+ }
+ return SECSuccess;
+}
+
+/*
+ * SecCmsSignedDataDecodeAfterData - do all the necessary things to a SignedData
+ * after all the encapsulated data was passed through the decoder.
+ */
+OSStatus
+SecCmsSignedDataDecodeAfterData(SecCmsSignedDataRef sigd)
+{
+ /* did we have digest calculation going on? */
+ if (sigd->contentInfo.digcx) {
+ if (SecCmsDigestContextFinishMultiple(sigd->contentInfo.digcx, (SecArenaPoolRef)sigd->cmsg->poolp, &(sigd->digests)) != SECSuccess)
+ return SECFailure; /* error has been set by SecCmsDigestContextFinishMultiple */
+ sigd->contentInfo.digcx = NULL;
+ }
+ return SECSuccess;
+}
+
+/*
+ * SecCmsSignedDataDecodeAfterEnd - do all the necessary things to a SignedData
+ * after all decoding is finished.
+ */
+OSStatus
+SecCmsSignedDataDecodeAfterEnd(SecCmsSignedDataRef sigd)
+{
+ SecCmsSignerInfoRef *signerinfos;
+ int i;
+
+ signerinfos = sigd->signerInfos;
+
+ /* set cmsg and sigd backpointers for all the signerinfos */
+ if (signerinfos) {
+ for (i = 0; signerinfos[i] != NULL; i++) {
+ signerinfos[i]->cmsg = sigd->cmsg;
+ signerinfos[i]->sigd = sigd;
+ }
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * SecCmsSignedDataGetSignerInfos - retrieve the SignedData's signer list
+ */
+SecCmsSignerInfoRef *
+SecCmsSignedDataGetSignerInfos(SecCmsSignedDataRef sigd)
+{
+ return sigd->signerInfos;
+}
+
+int
+SecCmsSignedDataSignerInfoCount(SecCmsSignedDataRef sigd)
+{
+ return SecCmsArrayCount((void **)sigd->signerInfos);
+}
+
+SecCmsSignerInfoRef
+SecCmsSignedDataGetSignerInfo(SecCmsSignedDataRef sigd, int i)
+{
+ return sigd->signerInfos[i];
+}
+
+/*
+ * SecCmsSignedDataGetDigestAlgs - retrieve the SignedData's digest algorithm list
+ */
+SECAlgorithmID **
+SecCmsSignedDataGetDigestAlgs(SecCmsSignedDataRef sigd)
+{
+ return sigd->digestAlgorithms;
+}
+
+/*
+ * SecCmsSignedDataGetContentInfo - return pointer to this signedData's contentinfo
+ */
+SecCmsContentInfoRef
+SecCmsSignedDataGetContentInfo(SecCmsSignedDataRef sigd)
+{
+ return &(sigd->contentInfo);
+}
+
+/*
+ * SecCmsSignedDataGetCertificateList - retrieve the SignedData's certificate list
+ */
+CSSM_DATA_PTR *
+SecCmsSignedDataGetCertificateList(SecCmsSignedDataRef sigd)
+{
+ return sigd->rawCerts;
+}
+
+OSStatus
+SecCmsSignedDataImportCerts(SecCmsSignedDataRef sigd, SecKeychainRef keychain,
+ SECCertUsage certusage, Boolean keepcerts)
+{
+ int certcount;
+ OSStatus rv;
+ int i;
+
+ certcount = SecCmsArrayCount((void **)sigd->rawCerts);
+
+ rv = CERT_ImportCerts(keychain, certusage, certcount, sigd->rawCerts, NULL,
+ keepcerts, PR_FALSE, NULL);
+
+ /* XXX CRL handling */
+
+ if (sigd->signerInfos != NULL) {
+ /* fill in all signerinfo's certs */
+ for (i = 0; sigd->signerInfos[i] != NULL; i++)
+ (void)SecCmsSignerInfoGetSigningCertificate(sigd->signerInfos[i], keychain);
+ }
+
+ return rv;
+}
+
+/*
+ * XXX the digests need to be passed in BETWEEN the decoding and the verification in case
+ * of external signatures!
+ */
+
+/*
+ * SecCmsSignedDataVerifySignerInfo - check the signatures.
+ *
+ * The digests were either calculated during decoding (and are stored in the
+ * signedData itself) or set after decoding using SecCmsSignedDataSetDigests.
+ *
+ * The verification checks if the signing cert is valid and has a trusted chain
+ * for the purpose specified by "policies".
+ *
+ * If trustRef is NULL the cert chain is verified and the VerificationStatus is set accordingly.
+ * Otherwise a SecTrust object is returned for the caller to evaluate using SecTrustEvaluate().
+ */
+OSStatus
+SecCmsSignedDataVerifySignerInfo(SecCmsSignedDataRef sigd, int i,
+ SecKeychainRef keychainOrArray, CFTypeRef policies, SecTrustRef *trustRef)
+{
+ SecCmsSignerInfoRef signerinfo;
+ SecCmsContentInfoRef cinfo;
+ SECOidData *algiddata;
+ CSSM_DATA_PTR contentType, digest;
+ OSStatus status, status2;
+
+ cinfo = &(sigd->contentInfo);
+
+ signerinfo = sigd->signerInfos[i];
+
+ /* Signature or digest level verificationStatus errors should supercede
+ certificate level errors, so check the digest and signature first. */
+
+ /* Find digest and contentType for signerinfo */
+ algiddata = SecCmsSignerInfoGetDigestAlg(signerinfo);
+ if (algiddata == NULL) {
+ return errSecInternalError; // shouldn't have happened, this is likely due to corrupted data
+ }
+
+ digest = SecCmsSignedDataGetDigestByAlgTag(sigd, algiddata->offset);
+ if(digest == NULL) {
+ /*
+ * No digests; this probably had detached content the caller has to
+ * deal with.
+ * FIXME: need some error return for this (as well as many
+ * other places in this library).
+ */
+ return errSecDataNotAvailable;
+ }
+ contentType = SecCmsContentInfoGetContentTypeOID(cinfo);
+
+ /* verify signature */
+ CFTypeRef timeStampPolicies=SecPolicyCreateAppleTimeStampingAndRevocationPolicies(policies);
+ status = SecCmsSignerInfoVerifyWithPolicy(signerinfo, timeStampPolicies, digest, contentType);
+ CFReleaseSafe(timeStampPolicies);
+
+ /* Now verify the certificate. We do this even if the signature failed to verify so we can
+ return a trustRef to the caller for display purposes. */
+ status2 = SecCmsSignerInfoVerifyCertificate(signerinfo, keychainOrArray,
+ policies, trustRef);
+ dprintf("SecCmsSignedDataVerifySignerInfo: status %d status2 %d\n", (int) status, (int)status2);
+ /* The error from SecCmsSignerInfoVerify() supercedes error from SecCmsSignerInfoVerifyCertificate(). */
+ if (status)
+ return status;
+
+ return status2;
+}
+
+/*
+ * SecCmsSignedDataVerifyCertsOnly - verify the certs in a certs-only message
+ */
+OSStatus
+SecCmsSignedDataVerifyCertsOnly(SecCmsSignedDataRef sigd,
+ SecKeychainRef keychainOrArray,
+ CFTypeRef policies)
+{
+ SecCertificateRef cert;
+ OSStatus rv = SECSuccess;
+ int i;
+ int count;
+
+ if (!sigd || !keychainOrArray || !sigd->rawCerts) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ count = SecCmsArrayCount((void**)sigd->rawCerts);
+ for (i=0; i < count; i++) {
+ if (sigd->certs && CFArrayGetCount(sigd->certs) > i) {
+ cert = (SecCertificateRef)CFArrayGetValueAtIndex(sigd->certs, i);
+ CFRetain(cert);
+ } else {
+ cert = CERT_FindCertByDERCert(keychainOrArray, sigd->rawCerts[i]);
+ if (!cert) {
+ rv = SECFailure;
+ break;
+ }
+ }
+ rv |= CERT_VerifyCert(keychainOrArray, cert, sigd->rawCerts,
+ policies, CFAbsoluteTimeGetCurrent(), NULL);
+ CFRelease(cert);
+ }
+
+ return rv;
+}
+
+/*
+ * SecCmsSignedDataHasDigests - see if we have digests in place
+ */
+Boolean
+SecCmsSignedDataHasDigests(SecCmsSignedDataRef sigd)
+{
+ return (sigd->digests != NULL);
+}
+
+OSStatus
+SecCmsSignedDataAddCertList(SecCmsSignedDataRef sigd, CFArrayRef certlist)
+{
+ PORT_Assert(certlist != NULL);
+
+ if (certlist == NULL)
+ return SECFailure;
+
+ if (!sigd->certs)
+ sigd->certs = CFArrayCreateMutableCopy(NULL, 0, certlist);
+ else
+ {
+ CFRange certlistRange = { 0, CFArrayGetCount(certlist) };
+ CFArrayAppendArray(sigd->certs, certlist, certlistRange);
+ }
+
+ return SECSuccess;
+}
+
+/*
+ * SecCmsSignedDataAddCertChain - add cert and its entire chain to the set of certs
+ */
+OSStatus
+SecCmsSignedDataAddCertChain(SecCmsSignedDataRef sigd, SecCertificateRef cert)
+{
+ CFArrayRef certlist;
+ SECCertUsage usage;
+ OSStatus rv;
+
+ usage = certUsageEmailSigner;
+
+ /* do not include root */
+ certlist = CERT_CertChainFromCert(cert, usage, PR_FALSE);
+ if (certlist == NULL)
+ return SECFailure;
+
+ rv = SecCmsSignedDataAddCertList(sigd, certlist);
+ CFRelease(certlist);
+
+ return rv;
+}
+
+OSStatus
+SecCmsSignedDataAddCertificate(SecCmsSignedDataRef sigd, SecCertificateRef cert)
+{
+ PORT_Assert(cert != NULL);
+
+ if (cert == NULL)
+ return SECFailure;
+
+ if (!sigd->certs)
+ sigd->certs = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
+
+ CFArrayAppendValue(sigd->certs, cert);
+
+ return SECSuccess;
+}
+
+Boolean
+SecCmsSignedDataContainsCertsOrCrls(SecCmsSignedDataRef sigd)
+{
+ if (sigd->rawCerts != NULL && sigd->rawCerts[0] != NULL)
+ return PR_TRUE;
+ else if (sigd->rawCrls != NULL && sigd->rawCrls[0] != NULL)
+ return PR_TRUE;
+ else
+ return PR_FALSE;
+}
+
+OSStatus
+SecCmsSignedDataAddSignerInfo(SecCmsSignedDataRef sigd,
+ SecCmsSignerInfoRef signerinfo)
+{
+ void *mark;
+ OSStatus rv;
+ SECOidTag digestalgtag;
+ PLArenaPool *poolp;
+
+ poolp = sigd->cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+ /* add signerinfo */
+ rv = SecCmsArrayAdd(poolp, (void ***)&(sigd->signerInfos), (void *)signerinfo);
+ if (rv != SECSuccess)
+ goto loser;
+
+ signerinfo->sigd = sigd;
+
+ /*
+ * add empty digest
+ * Empty because we don't have it yet. Either it gets created during encoding
+ * (if the data is present) or has to be set externally.
+ * XXX maybe pass it in optionally?
+ */
+ digestalgtag = SecCmsSignerInfoGetDigestAlgTag(signerinfo);
+ rv = SecCmsSignedDataSetDigestValue(sigd, digestalgtag, NULL);
+ if (rv != SECSuccess)
+ goto loser;
+
+ /*
+ * The last thing to get consistency would be adding the digest.
+ */
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease (poolp, mark);
+ return SECFailure;
+}
+
+CSSM_DATA_PTR
+SecCmsSignedDataGetDigestByAlgTag(SecCmsSignedDataRef sigd, SECOidTag algtag)
+{
+ int idx;
+
+ if(sigd->digests == NULL) {
+ return NULL;
+ }
+ idx = SecCmsAlgArrayGetIndexByAlgTag(sigd->digestAlgorithms, algtag);
+ return sigd->digests[idx];
+}
+
+/*
+ * SecCmsSignedDataSetDigests - set a signedData's digests member
+ *
+ * "digestalgs" - array of digest algorithm IDs
+ * "digests" - array of digests corresponding to the digest algorithms
+ */
+OSStatus
+SecCmsSignedDataSetDigests(SecCmsSignedDataRef sigd,
+ SECAlgorithmID **digestalgs,
+ CSSM_DATA_PTR *digests)
+{
+ int cnt, i, idx;
+
+ if (sigd->digestAlgorithms == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ /* we assume that the digests array is just not there yet */
+ PORT_Assert(sigd->digests == NULL);
+ if (sigd->digests != NULL) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ /* now allocate one (same size as digestAlgorithms) */
+ cnt = SecCmsArrayCount((void **)sigd->digestAlgorithms);
+ sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(CSSM_DATA_PTR));
+ if (sigd->digests == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+
+ for (i = 0; sigd->digestAlgorithms[i] != NULL; i++) {
+ /* try to find the sigd's i'th digest algorithm in the array we passed in */
+ idx = SecCmsAlgArrayGetIndexByAlgID(digestalgs, sigd->digestAlgorithms[i]);
+ if (idx < 0) {
+ PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
+ return SECFailure;
+ }
+
+ /* found it - now set it */
+ if ((sigd->digests[i] = SECITEM_AllocItem(sigd->cmsg->poolp, NULL, 0)) == NULL ||
+ SECITEM_CopyItem(sigd->cmsg->poolp, sigd->digests[i], digests[idx]) != SECSuccess)
+ {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ }
+ return SECSuccess;
+}
+
+OSStatus
+SecCmsSignedDataSetDigestValue(SecCmsSignedDataRef sigd,
+ SECOidTag digestalgtag,
+ CSSM_DATA_PTR digestdata)
+{
+ CSSM_DATA_PTR digest = NULL;
+ PLArenaPool *poolp;
+ void *mark;
+ int n, cnt;
+
+ poolp = sigd->cmsg->poolp;
+
+ mark = PORT_ArenaMark(poolp);
+
+
+ if (digestdata) {
+ digest = (CSSM_DATA_PTR) PORT_ArenaZAlloc(poolp,sizeof(CSSM_DATA));
+
+ /* copy digestdata item to arena (in case we have it and are not only making room) */
+ if (SECITEM_CopyItem(poolp, digest, digestdata) != SECSuccess)
+ goto loser;
+ }
+
+ /* now allocate one (same size as digestAlgorithms) */
+ if (sigd->digests == NULL) {
+ cnt = SecCmsArrayCount((void **)sigd->digestAlgorithms);
+ sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(CSSM_DATA_PTR));
+ if (sigd->digests == NULL) {
+ PORT_SetError(SEC_ERROR_NO_MEMORY);
+ return SECFailure;
+ }
+ }
+
+ n = -1;
+ if (sigd->digestAlgorithms != NULL)
+ n = SecCmsAlgArrayGetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
+
+ /* if not found, add a digest */
+ if (n < 0) {
+ if (SecCmsSignedDataAddDigest((SecArenaPoolRef)poolp, sigd, digestalgtag, digest) != SECSuccess)
+ goto loser;
+ } else {
+ /* replace NULL pointer with digest item (and leak previous value) */
+ sigd->digests[n] = digest;
+ }
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+OSStatus
+SecCmsSignedDataAddDigest(SecArenaPoolRef pool,
+ SecCmsSignedDataRef sigd,
+ SECOidTag digestalgtag,
+ CSSM_DATA_PTR digest)
+{
+ PRArenaPool *poolp = (PRArenaPool *)pool;
+ SECAlgorithmID *digestalg;
+ void *mark;
+
+ mark = PORT_ArenaMark(poolp);
+
+ digestalg = PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
+ if (digestalg == NULL)
+ goto loser;
+
+ if (SECOID_SetAlgorithmID (poolp, digestalg, digestalgtag, NULL) != SECSuccess) /* no params */
+ goto loser;
+
+ if (SecCmsArrayAdd(poolp, (void ***)&(sigd->digestAlgorithms), (void *)digestalg) != SECSuccess ||
+ /* even if digest is NULL, add dummy to have same-size array */
+ SecCmsArrayAdd(poolp, (void ***)&(sigd->digests), (void *)digest) != SECSuccess)
+ {
+ goto loser;
+ }
+
+ PORT_ArenaUnmark(poolp, mark);
+ return SECSuccess;
+
+loser:
+ PORT_ArenaRelease(poolp, mark);
+ return SECFailure;
+}
+
+CSSM_DATA_PTR
+SecCmsSignedDataGetDigestValue(SecCmsSignedDataRef sigd, SECOidTag digestalgtag)
+{
+ int n;
+
+ if (sigd->digestAlgorithms == NULL)
+ return NULL;
+
+ n = SecCmsAlgArrayGetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
+
+ return (n < 0) ? NULL : sigd->digests[n];
+}
+
+/* =============================================================================
+ * Misc. utility functions
+ */
+
+/*
+ * SecCmsSignedDataCreateCertsOnly - create a certs-only SignedData.
+ *
+ * cert - base certificates that will be included
+ * include_chain - if true, include the complete cert chain for cert
+ *
+ * More certs and chains can be added via AddCertificate and AddCertChain.
+ *
+ * An error results in a return value of NULL and an error set.
+ *
+ * XXXX CRLs
+ */
+SecCmsSignedDataRef
+SecCmsSignedDataCreateCertsOnly(SecCmsMessageRef cmsg, SecCertificateRef cert, Boolean include_chain)
+{
+ SecCmsSignedDataRef sigd;
+ void *mark;
+ PLArenaPool *poolp;
+ OSStatus rv;
+
+ poolp = cmsg->poolp;
+ mark = PORT_ArenaMark(poolp);
+
+ sigd = SecCmsSignedDataCreate(cmsg);
+ if (sigd == NULL)
+ goto loser;
+
+ /* no signerinfos, thus no digestAlgorithms */
+
+ /* but certs */
+ if (include_chain) {
+ rv = SecCmsSignedDataAddCertChain(sigd, cert);
+ } else {
+ rv = SecCmsSignedDataAddCertificate(sigd, cert);
+ }
+ if (rv != SECSuccess)
+ goto loser;
+
+ /* RFC2630 5.2 sez:
+ * In the degenerate case where there are no signers, the
+ * EncapsulatedContentInfo value being "signed" is irrelevant. In this
+ * case, the content type within the EncapsulatedContentInfo value being
+ * "signed" should be id-data (as defined in section 4), and the content
+ * field of the EncapsulatedContentInfo value should be omitted.
+ */
+ rv = SecCmsContentInfoSetContentData(cmsg, &(sigd->contentInfo), NULL, PR_TRUE);
+ if (rv != SECSuccess)
+ goto loser;
+
+ PORT_ArenaUnmark(poolp, mark);
+ return sigd;
+
+loser:
+ if (sigd)
+ SecCmsSignedDataDestroy(sigd);
+ PORT_ArenaRelease(poolp, mark);
+ return NULL;
+}
+
+/*
+ * Get SecCmsSignedDataRawCerts - obtain raw certs as a NULL_terminated array
+ * of pointers.
+ */
+extern OSStatus SecCmsSignedDataRawCerts(SecCmsSignedDataRef sigd,
+ CSSM_DATA_PTR **rawCerts)
+{
+ *rawCerts = sigd->rawCerts;
+ return noErr;
+}
+
+/* TODO:
+ * SecCmsSignerInfoGetReceiptRequest()
+ * SecCmsSignedDataHasReceiptRequest()
+ * easy way to iterate over signers
+ */
+
projects / apple / security.git / blobdiff