File: | src/lib/libcrypto/pkcs7/pk7_doit.c |
Warning: | line 1101, column 2 Value stored to 'ri' is never read |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: pk7_doit.c,v 1.46 2021/12/12 21:30:14 tb Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. |
4 | * |
5 | * This package is an SSL implementation written |
6 | * by Eric Young (eay@cryptsoft.com). |
7 | * The implementation was written so as to conform with Netscapes SSL. |
8 | * |
9 | * This library is free for commercial and non-commercial use as long as |
10 | * the following conditions are aheared to. The following conditions |
11 | * apply to all code found in this distribution, be it the RC4, RSA, |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
13 | * included with this distribution is covered by the same copyright terms |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
15 | * |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
17 | * the code are not to be removed. |
18 | * If this package is used in a product, Eric Young should be given attribution |
19 | * as the author of the parts of the library used. |
20 | * This can be in the form of a textual message at program startup or |
21 | * in documentation (online or textual) provided with the package. |
22 | * |
23 | * Redistribution and use in source and binary forms, with or without |
24 | * modification, are permitted provided that the following conditions |
25 | * are met: |
26 | * 1. Redistributions of source code must retain the copyright |
27 | * notice, this list of conditions and the following disclaimer. |
28 | * 2. Redistributions in binary form must reproduce the above copyright |
29 | * notice, this list of conditions and the following disclaimer in the |
30 | * documentation and/or other materials provided with the distribution. |
31 | * 3. All advertising materials mentioning features or use of this software |
32 | * must display the following acknowledgement: |
33 | * "This product includes cryptographic software written by |
34 | * Eric Young (eay@cryptsoft.com)" |
35 | * The word 'cryptographic' can be left out if the rouines from the library |
36 | * being used are not cryptographic related :-). |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
38 | * the apps directory (application code) you must include an acknowledgement: |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
40 | * |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
51 | * SUCH DAMAGE. |
52 | * |
53 | * The licence and distribution terms for any publically available version or |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
55 | * copied and put under another distribution licence |
56 | * [including the GNU Public Licence.] |
57 | */ |
58 | |
59 | #include <stdio.h> |
60 | #include <stdlib.h> |
61 | #include <string.h> |
62 | |
63 | #include <openssl/err.h> |
64 | #include <openssl/objects.h> |
65 | #include <openssl/x509.h> |
66 | #include <openssl/x509v3.h> |
67 | |
68 | #include "evp_locl.h" |
69 | #include "x509_lcl.h" |
70 | |
71 | static int add_attribute(STACK_OF(X509_ATTRIBUTE)struct stack_st_X509_ATTRIBUTE **sk, int nid, int atrtype, |
72 | void *value); |
73 | static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE)struct stack_st_X509_ATTRIBUTE *sk, int nid); |
74 | |
75 | static int |
76 | PKCS7_type_is_other(PKCS7* p7) |
77 | { |
78 | int isOther = 1; |
79 | |
80 | int nid = OBJ_obj2nid(p7->type); |
81 | |
82 | switch (nid ) { |
83 | case NID_pkcs7_data21: |
84 | case NID_pkcs7_signed22: |
85 | case NID_pkcs7_enveloped23: |
86 | case NID_pkcs7_signedAndEnveloped24: |
87 | case NID_pkcs7_digest25: |
88 | case NID_pkcs7_encrypted26: |
89 | isOther = 0; |
90 | break; |
91 | default: |
92 | isOther = 1; |
93 | } |
94 | |
95 | return isOther; |
96 | |
97 | } |
98 | |
99 | static ASN1_OCTET_STRING * |
100 | PKCS7_get_octet_string(PKCS7 *p7) |
101 | { |
102 | if (PKCS7_type_is_data(p7)(OBJ_obj2nid((p7)->type) == 21)) |
103 | return p7->d.data; |
104 | if (PKCS7_type_is_other(p7) && p7->d.other && |
105 | (p7->d.other->type == V_ASN1_OCTET_STRING4)) |
106 | return p7->d.other->value.octet_string; |
107 | return NULL((void*)0); |
108 | } |
109 | |
110 | static int |
111 | PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg) |
112 | { |
113 | BIO *btmp; |
114 | const EVP_MD *md; |
115 | if ((btmp = BIO_new(BIO_f_md())) == NULL((void*)0)) { |
116 | PKCS7error(ERR_R_BIO_LIB)ERR_put_error(33,(0xfff),(32),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,116); |
117 | goto err; |
118 | } |
119 | |
120 | md = EVP_get_digestbyobj(alg->algorithm)EVP_get_digestbyname(OBJ_nid2sn(OBJ_obj2nid(alg->algorithm ))); |
121 | if (md == NULL((void*)0)) { |
122 | PKCS7error(PKCS7_R_UNKNOWN_DIGEST_TYPE)ERR_put_error(33,(0xfff),(109),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,122); |
123 | goto err; |
124 | } |
125 | |
126 | BIO_set_md(btmp, md)BIO_ctrl(btmp,111,0,(char *)md); |
127 | if (*pbio == NULL((void*)0)) |
128 | *pbio = btmp; |
129 | else if (!BIO_push(*pbio, btmp)) { |
130 | PKCS7error(ERR_R_BIO_LIB)ERR_put_error(33,(0xfff),(32),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,130); |
131 | goto err; |
132 | } |
133 | btmp = NULL((void*)0); |
134 | |
135 | return 1; |
136 | |
137 | err: |
138 | BIO_free(btmp); |
139 | return 0; |
140 | |
141 | } |
142 | |
143 | static int |
144 | pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, unsigned char *key, int keylen) |
145 | { |
146 | EVP_PKEY_CTX *pctx = NULL((void*)0); |
147 | EVP_PKEY *pkey = NULL((void*)0); |
148 | unsigned char *ek = NULL((void*)0); |
149 | int ret = 0; |
150 | size_t eklen; |
151 | |
152 | pkey = X509_get_pubkey(ri->cert); |
153 | if (!pkey) |
154 | return 0; |
155 | |
156 | pctx = EVP_PKEY_CTX_new(pkey, NULL((void*)0)); |
157 | if (!pctx) |
158 | return 0; |
159 | |
160 | if (EVP_PKEY_encrypt_init(pctx) <= 0) |
161 | goto err; |
162 | |
163 | if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT(1<<8), |
164 | EVP_PKEY_CTRL_PKCS7_ENCRYPT3, 0, ri) <= 0) { |
165 | PKCS7error(PKCS7_R_CTRL_ERROR)ERR_put_error(33,(0xfff),(152),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,165); |
166 | goto err; |
167 | } |
168 | |
169 | if (EVP_PKEY_encrypt(pctx, NULL((void*)0), &eklen, key, keylen) <= 0) |
170 | goto err; |
171 | |
172 | ek = malloc(eklen); |
173 | |
174 | if (ek == NULL((void*)0)) { |
175 | PKCS7error(ERR_R_MALLOC_FAILURE)ERR_put_error(33,(0xfff),((1|64)),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,175); |
176 | goto err; |
177 | } |
178 | |
179 | if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0) |
180 | goto err; |
181 | |
182 | ASN1_STRING_set0(ri->enc_key, ek, eklen); |
183 | ek = NULL((void*)0); |
184 | |
185 | ret = 1; |
186 | |
187 | err: |
188 | EVP_PKEY_free(pkey); |
189 | EVP_PKEY_CTX_free(pctx); |
190 | free(ek); |
191 | return ret; |
192 | } |
193 | |
194 | |
195 | static int |
196 | pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, PKCS7_RECIP_INFO *ri, |
197 | EVP_PKEY *pkey, size_t fixlen) |
198 | { |
199 | EVP_PKEY_CTX *pctx = NULL((void*)0); |
200 | unsigned char *ek = NULL((void*)0); |
201 | size_t eklen; |
202 | |
203 | int ret = -1; |
204 | |
205 | pctx = EVP_PKEY_CTX_new(pkey, NULL((void*)0)); |
206 | if (!pctx) |
207 | return -1; |
208 | |
209 | if (EVP_PKEY_decrypt_init(pctx) <= 0) |
210 | goto err; |
211 | |
212 | if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT(1<<9), |
213 | EVP_PKEY_CTRL_PKCS7_DECRYPT4, 0, ri) <= 0) { |
214 | PKCS7error(PKCS7_R_CTRL_ERROR)ERR_put_error(33,(0xfff),(152),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,214); |
215 | goto err; |
216 | } |
217 | |
218 | if (EVP_PKEY_decrypt(pctx, NULL((void*)0), &eklen, |
219 | ri->enc_key->data, ri->enc_key->length) <= 0) |
220 | goto err; |
221 | |
222 | ek = malloc(eklen); |
223 | if (ek == NULL((void*)0)) { |
224 | PKCS7error(ERR_R_MALLOC_FAILURE)ERR_put_error(33,(0xfff),((1|64)),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,224); |
225 | goto err; |
226 | } |
227 | |
228 | if (EVP_PKEY_decrypt(pctx, ek, &eklen, ri->enc_key->data, |
229 | ri->enc_key->length) <= 0 || eklen == 0 || |
230 | (fixlen != 0 && eklen != fixlen)) { |
231 | ret = 0; |
232 | PKCS7error(ERR_R_EVP_LIB)ERR_put_error(33,(0xfff),(6),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,232); |
233 | goto err; |
234 | } |
235 | |
236 | ret = 1; |
237 | |
238 | freezero(*pek, *peklen); |
239 | |
240 | *pek = ek; |
241 | *peklen = eklen; |
242 | |
243 | err: |
244 | EVP_PKEY_CTX_free(pctx); |
245 | if (!ret && ek) |
246 | free(ek); |
247 | |
248 | return ret; |
249 | } |
250 | |
251 | BIO * |
252 | PKCS7_dataInit(PKCS7 *p7, BIO *bio) |
253 | { |
254 | int i; |
255 | BIO *out = NULL((void*)0), *btmp = NULL((void*)0); |
256 | X509_ALGOR *xa = NULL((void*)0); |
257 | const EVP_CIPHER *evp_cipher = NULL((void*)0); |
258 | STACK_OF(X509_ALGOR)struct stack_st_X509_ALGOR *md_sk = NULL((void*)0); |
259 | STACK_OF(PKCS7_RECIP_INFO)struct stack_st_PKCS7_RECIP_INFO *rsk = NULL((void*)0); |
260 | X509_ALGOR *xalg = NULL((void*)0); |
261 | PKCS7_RECIP_INFO *ri = NULL((void*)0); |
262 | ASN1_OCTET_STRING *os = NULL((void*)0); |
263 | |
264 | if (p7 == NULL((void*)0)) { |
265 | PKCS7error(PKCS7_R_INVALID_NULL_POINTER)ERR_put_error(33,(0xfff),(143),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,265); |
266 | return NULL((void*)0); |
267 | } |
268 | |
269 | /* |
270 | * The content field in the PKCS7 ContentInfo is optional, |
271 | * but that really only applies to inner content (precisely, |
272 | * detached signatures). |
273 | * |
274 | * When reading content, missing outer content is therefore |
275 | * treated as an error. |
276 | * |
277 | * When creating content, PKCS7_content_new() must be called |
278 | * before calling this method, so a NULL p7->d is always |
279 | * an error. |
280 | */ |
281 | if (p7->d.ptr == NULL((void*)0)) { |
282 | PKCS7error(PKCS7_R_NO_CONTENT)ERR_put_error(33,(0xfff),(122),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,282); |
283 | return NULL((void*)0); |
284 | } |
285 | |
286 | i = OBJ_obj2nid(p7->type); |
287 | p7->state = PKCS7_S_HEADER0; |
288 | |
289 | switch (i) { |
290 | case NID_pkcs7_signed22: |
291 | md_sk = p7->d.sign->md_algs; |
292 | os = PKCS7_get_octet_string(p7->d.sign->contents); |
293 | break; |
294 | case NID_pkcs7_signedAndEnveloped24: |
295 | rsk = p7->d.signed_and_enveloped->recipientinfo; |
296 | md_sk = p7->d.signed_and_enveloped->md_algs; |
297 | xalg = p7->d.signed_and_enveloped->enc_data->algorithm; |
298 | evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher; |
299 | if (evp_cipher == NULL((void*)0)) { |
300 | PKCS7error(PKCS7_R_CIPHER_NOT_INITIALIZED)ERR_put_error(33,(0xfff),(116),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,300); |
301 | goto err; |
302 | } |
303 | break; |
304 | case NID_pkcs7_enveloped23: |
305 | rsk = p7->d.enveloped->recipientinfo; |
306 | xalg = p7->d.enveloped->enc_data->algorithm; |
307 | evp_cipher = p7->d.enveloped->enc_data->cipher; |
308 | if (evp_cipher == NULL((void*)0)) { |
309 | PKCS7error(PKCS7_R_CIPHER_NOT_INITIALIZED)ERR_put_error(33,(0xfff),(116),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,309); |
310 | goto err; |
311 | } |
312 | break; |
313 | case NID_pkcs7_digest25: |
314 | xa = p7->d.digest->md; |
315 | os = PKCS7_get_octet_string(p7->d.digest->contents); |
316 | break; |
317 | case NID_pkcs7_data21: |
318 | break; |
319 | default: |
320 | PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE)ERR_put_error(33,(0xfff),(112),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,320); |
321 | goto err; |
322 | } |
323 | |
324 | for (i = 0; i < sk_X509_ALGOR_num(md_sk)sk_num(((_STACK*) (1 ? (md_sk) : (struct stack_st_X509_ALGOR* )0))); i++) |
325 | if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i)((X509_ALGOR *)sk_value(((_STACK*) (1 ? (md_sk) : (struct stack_st_X509_ALGOR *)0)), (i))))) |
326 | goto err; |
327 | |
328 | if (xa && !PKCS7_bio_add_digest(&out, xa)) |
329 | goto err; |
330 | |
331 | if (evp_cipher != NULL((void*)0)) { |
332 | unsigned char key[EVP_MAX_KEY_LENGTH64]; |
333 | unsigned char iv[EVP_MAX_IV_LENGTH16]; |
334 | int keylen, ivlen; |
335 | EVP_CIPHER_CTX *ctx; |
336 | |
337 | if ((btmp = BIO_new(BIO_f_cipher())) == NULL((void*)0)) { |
338 | PKCS7error(ERR_R_BIO_LIB)ERR_put_error(33,(0xfff),(32),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,338); |
339 | goto err; |
340 | } |
341 | BIO_get_cipher_ctx(btmp, &ctx)BIO_ctrl(btmp,129,0,(char *)&ctx); |
342 | keylen = EVP_CIPHER_key_length(evp_cipher); |
343 | ivlen = EVP_CIPHER_iv_length(evp_cipher); |
344 | xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher)); |
345 | if (ivlen > 0) |
346 | arc4random_buf(iv, ivlen); |
347 | if (EVP_CipherInit_ex(ctx, evp_cipher, NULL((void*)0), NULL((void*)0), |
348 | NULL((void*)0), 1) <= 0) |
349 | goto err; |
350 | if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) |
351 | goto err; |
352 | if (EVP_CipherInit_ex(ctx, NULL((void*)0), NULL((void*)0), key, iv, 1) <= 0) |
353 | goto err; |
354 | |
355 | if (ivlen > 0) { |
356 | if (xalg->parameter == NULL((void*)0)) { |
357 | xalg->parameter = ASN1_TYPE_new(); |
358 | if (xalg->parameter == NULL((void*)0)) |
359 | goto err; |
360 | } |
361 | if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0) |
362 | goto err; |
363 | } |
364 | |
365 | /* Lets do the pub key stuff :-) */ |
366 | for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk)sk_num(((_STACK*) (1 ? (rsk) : (struct stack_st_PKCS7_RECIP_INFO *)0))); i++) { |
367 | ri = sk_PKCS7_RECIP_INFO_value(rsk, i)((PKCS7_RECIP_INFO *)sk_value(((_STACK*) (1 ? (rsk) : (struct stack_st_PKCS7_RECIP_INFO*)0)), (i))); |
368 | if (pkcs7_encode_rinfo(ri, key, keylen) <= 0) |
369 | goto err; |
370 | } |
371 | explicit_bzero(key, keylen); |
372 | |
373 | if (out == NULL((void*)0)) |
374 | out = btmp; |
375 | else |
376 | BIO_push(out, btmp); |
377 | btmp = NULL((void*)0); |
378 | } |
379 | |
380 | if (bio == NULL((void*)0)) { |
381 | if (PKCS7_is_detached(p7)((OBJ_obj2nid((p7)->type) == 22) && PKCS7_ctrl(p7, 2,0,((void*)0)))) |
382 | bio = BIO_new(BIO_s_null()); |
383 | else if (os && os->length > 0) |
384 | bio = BIO_new_mem_buf(os->data, os->length); |
385 | if (bio == NULL((void*)0)) { |
386 | bio = BIO_new(BIO_s_mem()); |
387 | if (bio == NULL((void*)0)) |
388 | goto err; |
389 | BIO_set_mem_eof_return(bio, 0)BIO_ctrl(bio,130,0,((void*)0)); |
390 | } |
391 | } |
392 | if (out) |
393 | BIO_push(out, bio); |
394 | else |
395 | out = bio; |
396 | bio = NULL((void*)0); |
397 | if (0) { |
398 | err: |
399 | if (out != NULL((void*)0)) |
400 | BIO_free_all(out); |
401 | if (btmp != NULL((void*)0)) |
402 | BIO_free_all(btmp); |
403 | out = NULL((void*)0); |
404 | } |
405 | return (out); |
406 | } |
407 | |
408 | static int |
409 | pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert) |
410 | { |
411 | int ret; |
412 | |
413 | ret = X509_NAME_cmp(ri->issuer_and_serial->issuer, |
414 | pcert->cert_info->issuer); |
415 | if (ret) |
416 | return ret; |
417 | return ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, |
418 | ri->issuer_and_serial->serial); |
419 | } |
420 | |
421 | /* int */ |
422 | BIO * |
423 | PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) |
424 | { |
425 | int i, j; |
426 | BIO *out = NULL((void*)0), *btmp = NULL((void*)0), *etmp = NULL((void*)0), *bio = NULL((void*)0); |
427 | X509_ALGOR *xa; |
428 | ASN1_OCTET_STRING *data_body = NULL((void*)0); |
429 | const EVP_MD *evp_md; |
430 | const EVP_CIPHER *evp_cipher = NULL((void*)0); |
431 | EVP_CIPHER_CTX *evp_ctx = NULL((void*)0); |
432 | X509_ALGOR *enc_alg = NULL((void*)0); |
433 | STACK_OF(X509_ALGOR)struct stack_st_X509_ALGOR *md_sk = NULL((void*)0); |
434 | STACK_OF(PKCS7_RECIP_INFO)struct stack_st_PKCS7_RECIP_INFO *rsk = NULL((void*)0); |
435 | PKCS7_RECIP_INFO *ri = NULL((void*)0); |
436 | unsigned char *ek = NULL((void*)0), *tkey = NULL((void*)0); |
437 | int eklen = 0, tkeylen = 0; |
438 | |
439 | if (p7 == NULL((void*)0)) { |
440 | PKCS7error(PKCS7_R_INVALID_NULL_POINTER)ERR_put_error(33,(0xfff),(143),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,440); |
441 | return NULL((void*)0); |
442 | } |
443 | |
444 | if (p7->d.ptr == NULL((void*)0)) { |
445 | PKCS7error(PKCS7_R_NO_CONTENT)ERR_put_error(33,(0xfff),(122),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,445); |
446 | return NULL((void*)0); |
447 | } |
448 | |
449 | i = OBJ_obj2nid(p7->type); |
450 | p7->state = PKCS7_S_HEADER0; |
451 | |
452 | switch (i) { |
453 | case NID_pkcs7_signed22: |
454 | data_body = PKCS7_get_octet_string(p7->d.sign->contents); |
455 | md_sk = p7->d.sign->md_algs; |
456 | break; |
457 | case NID_pkcs7_signedAndEnveloped24: |
458 | rsk = p7->d.signed_and_enveloped->recipientinfo; |
459 | md_sk = p7->d.signed_and_enveloped->md_algs; |
460 | data_body = p7->d.signed_and_enveloped->enc_data->enc_data; |
461 | enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm; |
462 | evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm)EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm ))); |
463 | if (evp_cipher == NULL((void*)0)) { |
464 | PKCS7error(PKCS7_R_UNSUPPORTED_CIPHER_TYPE)ERR_put_error(33,(0xfff),(111),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,464); |
465 | goto err; |
466 | } |
467 | break; |
468 | case NID_pkcs7_enveloped23: |
469 | rsk = p7->d.enveloped->recipientinfo; |
470 | enc_alg = p7->d.enveloped->enc_data->algorithm; |
471 | data_body = p7->d.enveloped->enc_data->enc_data; |
472 | evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm)EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm ))); |
473 | if (evp_cipher == NULL((void*)0)) { |
474 | PKCS7error(PKCS7_R_UNSUPPORTED_CIPHER_TYPE)ERR_put_error(33,(0xfff),(111),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,474); |
475 | goto err; |
476 | } |
477 | break; |
478 | default: |
479 | PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE)ERR_put_error(33,(0xfff),(112),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,479); |
480 | goto err; |
481 | } |
482 | |
483 | /* We will be checking the signature */ |
484 | if (md_sk != NULL((void*)0)) { |
485 | for (i = 0; i < sk_X509_ALGOR_num(md_sk)sk_num(((_STACK*) (1 ? (md_sk) : (struct stack_st_X509_ALGOR* )0))); i++) { |
486 | xa = sk_X509_ALGOR_value(md_sk, i)((X509_ALGOR *)sk_value(((_STACK*) (1 ? (md_sk) : (struct stack_st_X509_ALGOR *)0)), (i))); |
487 | if ((btmp = BIO_new(BIO_f_md())) == NULL((void*)0)) { |
488 | PKCS7error(ERR_R_BIO_LIB)ERR_put_error(33,(0xfff),(32),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,488); |
489 | goto err; |
490 | } |
491 | |
492 | j = OBJ_obj2nid(xa->algorithm); |
493 | evp_md = EVP_get_digestbynid(j)EVP_get_digestbyname(OBJ_nid2sn(j)); |
494 | if (evp_md == NULL((void*)0)) { |
495 | PKCS7error(PKCS7_R_UNKNOWN_DIGEST_TYPE)ERR_put_error(33,(0xfff),(109),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,495); |
496 | goto err; |
497 | } |
498 | |
499 | BIO_set_md(btmp, evp_md)BIO_ctrl(btmp,111,0,(char *)evp_md); |
500 | if (out == NULL((void*)0)) |
501 | out = btmp; |
502 | else |
503 | BIO_push(out, btmp); |
504 | btmp = NULL((void*)0); |
505 | } |
506 | } |
507 | |
508 | if (evp_cipher != NULL((void*)0)) { |
509 | if ((etmp = BIO_new(BIO_f_cipher())) == NULL((void*)0)) { |
510 | PKCS7error(ERR_R_BIO_LIB)ERR_put_error(33,(0xfff),(32),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,510); |
511 | goto err; |
512 | } |
513 | |
514 | /* It was encrypted, we need to decrypt the secret key |
515 | * with the private key */ |
516 | |
517 | /* Find the recipientInfo which matches the passed certificate |
518 | * (if any) |
519 | */ |
520 | if (pcert) { |
521 | for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk)sk_num(((_STACK*) (1 ? (rsk) : (struct stack_st_PKCS7_RECIP_INFO *)0))); i++) { |
522 | ri = sk_PKCS7_RECIP_INFO_value(rsk, i)((PKCS7_RECIP_INFO *)sk_value(((_STACK*) (1 ? (rsk) : (struct stack_st_PKCS7_RECIP_INFO*)0)), (i))); |
523 | if (!pkcs7_cmp_ri(ri, pcert)) |
524 | break; |
525 | ri = NULL((void*)0); |
526 | } |
527 | if (ri == NULL((void*)0)) { |
528 | PKCS7error(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE)ERR_put_error(33,(0xfff),(115),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,528); |
529 | goto err; |
530 | } |
531 | } |
532 | |
533 | /* If we haven't got a certificate try each ri in turn */ |
534 | if (pcert == NULL((void*)0)) { |
535 | /* Always attempt to decrypt all rinfo even |
536 | * after sucess as a defence against MMA timing |
537 | * attacks. |
538 | */ |
539 | for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk)sk_num(((_STACK*) (1 ? (rsk) : (struct stack_st_PKCS7_RECIP_INFO *)0))); i++) { |
540 | ri = sk_PKCS7_RECIP_INFO_value(rsk, i)((PKCS7_RECIP_INFO *)sk_value(((_STACK*) (1 ? (rsk) : (struct stack_st_PKCS7_RECIP_INFO*)0)), (i))); |
541 | |
542 | if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey, |
543 | EVP_CIPHER_key_length(evp_cipher)) < 0) |
544 | goto err; |
545 | ERR_clear_error(); |
546 | } |
547 | } else { |
548 | /* Only exit on fatal errors, not decrypt failure */ |
549 | if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey, 0) < 0) |
550 | goto err; |
551 | ERR_clear_error(); |
552 | } |
553 | |
554 | evp_ctx = NULL((void*)0); |
555 | BIO_get_cipher_ctx(etmp, &evp_ctx)BIO_ctrl(etmp,129,0,(char *)&evp_ctx); |
556 | if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL((void*)0), NULL((void*)0), |
557 | NULL((void*)0), 0) <= 0) |
558 | goto err; |
559 | if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0) |
560 | goto err; |
561 | /* Generate random key as MMA defence */ |
562 | tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx); |
563 | tkey = malloc(tkeylen); |
564 | if (!tkey) |
565 | goto err; |
566 | if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0) |
567 | goto err; |
568 | if (ek == NULL((void*)0)) { |
569 | ek = tkey; |
570 | eklen = tkeylen; |
571 | tkey = NULL((void*)0); |
572 | } |
573 | |
574 | if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) { |
575 | /* Some S/MIME clients don't use the same key |
576 | * and effective key length. The key length is |
577 | * determined by the size of the decrypted RSA key. |
578 | */ |
579 | if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) { |
580 | /* Use random key as MMA defence */ |
581 | freezero(ek, eklen); |
582 | ek = tkey; |
583 | eklen = tkeylen; |
584 | tkey = NULL((void*)0); |
585 | } |
586 | } |
587 | /* Clear errors so we don't leak information useful in MMA */ |
588 | ERR_clear_error(); |
589 | if (EVP_CipherInit_ex(evp_ctx, NULL((void*)0), NULL((void*)0), ek, NULL((void*)0), 0) <= 0) |
590 | goto err; |
591 | |
592 | freezero(ek, eklen); |
593 | ek = NULL((void*)0); |
594 | freezero(tkey, tkeylen); |
595 | tkey = NULL((void*)0); |
596 | |
597 | if (out == NULL((void*)0)) |
598 | out = etmp; |
599 | else |
600 | BIO_push(out, etmp); |
601 | etmp = NULL((void*)0); |
602 | } |
603 | |
604 | if (PKCS7_is_detached(p7)((OBJ_obj2nid((p7)->type) == 22) && PKCS7_ctrl(p7, 2,0,((void*)0))) || (in_bio != NULL((void*)0))) { |
605 | bio = in_bio; |
606 | } else { |
607 | if (data_body != NULL((void*)0) && data_body->length > 0) |
608 | bio = BIO_new_mem_buf(data_body->data, data_body->length); |
609 | else { |
610 | bio = BIO_new(BIO_s_mem()); |
611 | BIO_set_mem_eof_return(bio, 0)BIO_ctrl(bio,130,0,((void*)0)); |
612 | } |
613 | if (bio == NULL((void*)0)) |
614 | goto err; |
615 | } |
616 | BIO_push(out, bio); |
617 | |
618 | if (0) { |
619 | err: |
620 | freezero(ek, eklen); |
621 | freezero(tkey, tkeylen); |
622 | if (out != NULL((void*)0)) |
623 | BIO_free_all(out); |
624 | if (btmp != NULL((void*)0)) |
625 | BIO_free_all(btmp); |
626 | if (etmp != NULL((void*)0)) |
627 | BIO_free_all(etmp); |
628 | out = NULL((void*)0); |
629 | } |
630 | return (out); |
631 | } |
632 | |
633 | static BIO * |
634 | PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid) |
635 | { |
636 | for (;;) { |
637 | bio = BIO_find_type(bio, BIO_TYPE_MD(8|0x0200)); |
638 | if (bio == NULL((void*)0)) { |
639 | PKCS7error(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST)ERR_put_error(33,(0xfff),(108),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,639); |
640 | return NULL((void*)0); |
641 | } |
642 | BIO_get_md_ctx(bio, pmd)BIO_ctrl(bio,120,0,(char *)pmd); |
643 | if (*pmd == NULL((void*)0)) { |
644 | PKCS7error(ERR_R_INTERNAL_ERROR)ERR_put_error(33,(0xfff),((4|64)),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,644); |
645 | return NULL((void*)0); |
646 | } |
647 | if (EVP_MD_CTX_type(*pmd)EVP_MD_type(EVP_MD_CTX_md(*pmd)) == nid) |
648 | return bio; |
649 | bio = BIO_next(bio); |
650 | } |
651 | return NULL((void*)0); |
652 | } |
653 | |
654 | static int |
655 | do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx) |
656 | { |
657 | unsigned char md_data[EVP_MAX_MD_SIZE64]; |
658 | unsigned int md_len; |
659 | |
660 | /* Add signing time if not already present */ |
661 | if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime52)) { |
662 | if (!PKCS7_add0_attrib_signing_time(si, NULL((void*)0))) { |
663 | PKCS7error(ERR_R_MALLOC_FAILURE)ERR_put_error(33,(0xfff),((1|64)),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,663); |
664 | return 0; |
665 | } |
666 | } |
667 | |
668 | /* Add digest */ |
669 | if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) { |
670 | PKCS7error(ERR_R_EVP_LIB)ERR_put_error(33,(0xfff),(6),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,670); |
671 | return 0; |
672 | } |
673 | if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) { |
674 | PKCS7error(ERR_R_MALLOC_FAILURE)ERR_put_error(33,(0xfff),((1|64)),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,674); |
675 | return 0; |
676 | } |
677 | |
678 | /* Now sign the attributes */ |
679 | if (!PKCS7_SIGNER_INFO_sign(si)) |
680 | return 0; |
681 | |
682 | return 1; |
683 | } |
684 | |
685 | |
686 | int |
687 | PKCS7_dataFinal(PKCS7 *p7, BIO *bio) |
688 | { |
689 | int ret = 0; |
690 | int i, j; |
691 | BIO *btmp; |
692 | PKCS7_SIGNER_INFO *si; |
693 | EVP_MD_CTX *mdc, ctx_tmp; |
694 | STACK_OF(X509_ATTRIBUTE)struct stack_st_X509_ATTRIBUTE *sk; |
695 | STACK_OF(PKCS7_SIGNER_INFO)struct stack_st_PKCS7_SIGNER_INFO *si_sk = NULL((void*)0); |
696 | ASN1_OCTET_STRING *os = NULL((void*)0); |
697 | |
698 | if (p7 == NULL((void*)0)) { |
699 | PKCS7error(PKCS7_R_INVALID_NULL_POINTER)ERR_put_error(33,(0xfff),(143),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,699); |
700 | return 0; |
701 | } |
702 | |
703 | if (p7->d.ptr == NULL((void*)0)) { |
704 | PKCS7error(PKCS7_R_NO_CONTENT)ERR_put_error(33,(0xfff),(122),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,704); |
705 | return 0; |
706 | } |
707 | |
708 | EVP_MD_CTX_init(&ctx_tmp); |
709 | i = OBJ_obj2nid(p7->type); |
710 | p7->state = PKCS7_S_HEADER0; |
711 | |
712 | switch (i) { |
713 | case NID_pkcs7_data21: |
714 | os = p7->d.data; |
715 | break; |
716 | case NID_pkcs7_signedAndEnveloped24: |
717 | /* XXX */ |
718 | si_sk = p7->d.signed_and_enveloped->signer_info; |
719 | os = p7->d.signed_and_enveloped->enc_data->enc_data; |
720 | if (!os) { |
721 | os = ASN1_OCTET_STRING_new(); |
722 | if (!os) { |
723 | PKCS7error(ERR_R_MALLOC_FAILURE)ERR_put_error(33,(0xfff),((1|64)),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,723); |
724 | goto err; |
725 | } |
726 | p7->d.signed_and_enveloped->enc_data->enc_data = os; |
727 | } |
728 | break; |
729 | case NID_pkcs7_enveloped23: |
730 | /* XXX */ |
731 | os = p7->d.enveloped->enc_data->enc_data; |
732 | if (!os) { |
733 | os = ASN1_OCTET_STRING_new(); |
734 | if (!os) { |
735 | PKCS7error(ERR_R_MALLOC_FAILURE)ERR_put_error(33,(0xfff),((1|64)),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,735); |
736 | goto err; |
737 | } |
738 | p7->d.enveloped->enc_data->enc_data = os; |
739 | } |
740 | break; |
741 | case NID_pkcs7_signed22: |
742 | si_sk = p7->d.sign->signer_info; |
743 | os = PKCS7_get_octet_string(p7->d.sign->contents); |
744 | if (!PKCS7_is_detached(p7)((OBJ_obj2nid((p7)->type) == 22) && PKCS7_ctrl(p7, 2,0,((void*)0))) && os == NULL((void*)0)) { |
745 | PKCS7error(PKCS7_R_DECODE_ERROR)ERR_put_error(33,(0xfff),(130),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,745); |
746 | goto err; |
747 | } |
748 | /* If detached data then the content is excluded */ |
749 | if (PKCS7_type_is_data(p7->d.sign->contents)(OBJ_obj2nid((p7->d.sign->contents)->type) == 21) && p7->detached) { |
750 | ASN1_OCTET_STRING_free(os); |
751 | os = NULL((void*)0); |
752 | p7->d.sign->contents->d.data = NULL((void*)0); |
753 | } |
754 | break; |
755 | |
756 | case NID_pkcs7_digest25: |
757 | os = PKCS7_get_octet_string(p7->d.digest->contents); |
758 | if (os == NULL((void*)0)) { |
759 | PKCS7error(PKCS7_R_DECODE_ERROR)ERR_put_error(33,(0xfff),(130),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,759); |
760 | goto err; |
761 | } |
762 | /* If detached data then the content is excluded */ |
763 | if (PKCS7_type_is_data(p7->d.digest->contents)(OBJ_obj2nid((p7->d.digest->contents)->type) == 21) && |
764 | p7->detached) { |
765 | ASN1_OCTET_STRING_free(os); |
766 | os = NULL((void*)0); |
767 | p7->d.digest->contents->d.data = NULL((void*)0); |
768 | } |
769 | break; |
770 | |
771 | default: |
772 | PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE)ERR_put_error(33,(0xfff),(112),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,772); |
773 | goto err; |
774 | } |
775 | |
776 | if (si_sk != NULL((void*)0)) { |
777 | for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk)sk_num(((_STACK*) (1 ? (si_sk) : (struct stack_st_PKCS7_SIGNER_INFO *)0))); i++) { |
778 | si = sk_PKCS7_SIGNER_INFO_value(si_sk, i)((PKCS7_SIGNER_INFO *)sk_value(((_STACK*) (1 ? (si_sk) : (struct stack_st_PKCS7_SIGNER_INFO*)0)), (i))); |
779 | if (si->pkey == NULL((void*)0)) |
780 | continue; |
781 | |
782 | j = OBJ_obj2nid(si->digest_alg->algorithm); |
783 | |
784 | if ((btmp = PKCS7_find_digest(&mdc, bio, j)) == NULL((void*)0)) |
785 | goto err; |
786 | |
787 | /* We now have the EVP_MD_CTX, lets do the |
788 | * signing. */ |
789 | if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc)) |
790 | goto err; |
791 | |
792 | sk = si->auth_attr; |
793 | |
794 | /* If there are attributes, we add the digest |
795 | * attribute and only sign the attributes */ |
796 | if (sk_X509_ATTRIBUTE_num(sk)sk_num(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0))) > 0) { |
797 | if (!do_pkcs7_signed_attrib(si, &ctx_tmp)) |
798 | goto err; |
799 | } else { |
800 | unsigned char *abuf = NULL((void*)0); |
801 | unsigned int abuflen; |
802 | abuflen = EVP_PKEY_size(si->pkey); |
803 | abuf = malloc(abuflen); |
804 | if (!abuf) |
805 | goto err; |
806 | |
807 | if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, |
808 | si->pkey)) { |
809 | PKCS7error(ERR_R_EVP_LIB)ERR_put_error(33,(0xfff),(6),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,809); |
810 | goto err; |
811 | } |
812 | ASN1_STRING_set0(si->enc_digest, abuf, abuflen); |
813 | } |
814 | } |
815 | } else if (i == NID_pkcs7_digest25) { |
816 | unsigned char md_data[EVP_MAX_MD_SIZE64]; |
817 | unsigned int md_len; |
818 | |
819 | if (!PKCS7_find_digest(&mdc, bio, |
820 | OBJ_obj2nid(p7->d.digest->md->algorithm))) |
821 | goto err; |
822 | if (!EVP_DigestFinal_ex(mdc, md_data, &md_len)) |
823 | goto err; |
824 | if (ASN1_STRING_set(p7->d.digest->digest, md_data, |
825 | md_len) == 0) |
826 | goto err; |
827 | } |
828 | |
829 | if (!PKCS7_is_detached(p7)((OBJ_obj2nid((p7)->type) == 22) && PKCS7_ctrl(p7, 2,0,((void*)0)))) { |
830 | /* |
831 | * NOTE: only reach os == NULL here because detached |
832 | * digested data support is broken? |
833 | */ |
834 | if (os == NULL((void*)0)) |
835 | goto err; |
836 | if (!(os->flags & ASN1_STRING_FLAG_NDEF0x010)) { |
837 | char *cont; |
838 | long contlen; |
839 | |
840 | btmp = BIO_find_type(bio, BIO_TYPE_MEM(1|0x0400)); |
841 | if (btmp == NULL((void*)0)) { |
842 | PKCS7error(PKCS7_R_UNABLE_TO_FIND_MEM_BIO)ERR_put_error(33,(0xfff),(107),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,842); |
843 | goto err; |
844 | } |
845 | contlen = BIO_get_mem_data(btmp, &cont)BIO_ctrl(btmp,3,0,(char *)&cont); |
846 | /* |
847 | * Mark the BIO read only then we can use its copy |
848 | * of the data instead of making an extra copy. |
849 | */ |
850 | BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY0x200); |
851 | BIO_set_mem_eof_return(btmp, 0)BIO_ctrl(btmp,130,0,((void*)0)); |
852 | ASN1_STRING_set0(os, (unsigned char *)cont, contlen); |
853 | } |
854 | } |
855 | ret = 1; |
856 | err: |
857 | EVP_MD_CTX_cleanup(&ctx_tmp); |
858 | return (ret); |
859 | } |
860 | |
861 | int |
862 | PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) |
863 | { |
864 | EVP_MD_CTX mctx; |
865 | EVP_PKEY_CTX *pctx; |
866 | unsigned char *abuf = NULL((void*)0); |
867 | int alen; |
868 | size_t siglen; |
869 | const EVP_MD *md = NULL((void*)0); |
870 | |
871 | md = EVP_get_digestbyobj(si->digest_alg->algorithm)EVP_get_digestbyname(OBJ_nid2sn(OBJ_obj2nid(si->digest_alg ->algorithm))); |
872 | if (md == NULL((void*)0)) |
873 | return 0; |
874 | |
875 | EVP_MD_CTX_init(&mctx); |
876 | if (EVP_DigestSignInit(&mctx, &pctx, md, NULL((void*)0), si->pkey) <= 0) |
877 | goto err; |
878 | |
879 | if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN(1<<3), |
880 | EVP_PKEY_CTRL_PKCS7_SIGN5, 0, si) <= 0) { |
881 | PKCS7error(PKCS7_R_CTRL_ERROR)ERR_put_error(33,(0xfff),(152),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,881); |
882 | goto err; |
883 | } |
884 | |
885 | alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf, |
886 | &PKCS7_ATTR_SIGN_it); |
887 | if (!abuf) |
888 | goto err; |
889 | if (EVP_DigestSignUpdate(&mctx, abuf, alen)EVP_DigestUpdate(&mctx,abuf,alen) <= 0) |
890 | goto err; |
891 | free(abuf); |
892 | abuf = NULL((void*)0); |
893 | if (EVP_DigestSignFinal(&mctx, NULL((void*)0), &siglen) <= 0) |
894 | goto err; |
895 | abuf = malloc(siglen); |
896 | if (!abuf) |
897 | goto err; |
898 | if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0) |
899 | goto err; |
900 | |
901 | if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN(1<<3), |
902 | EVP_PKEY_CTRL_PKCS7_SIGN5, 1, si) <= 0) { |
903 | PKCS7error(PKCS7_R_CTRL_ERROR)ERR_put_error(33,(0xfff),(152),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,903); |
904 | goto err; |
905 | } |
906 | |
907 | EVP_MD_CTX_cleanup(&mctx); |
908 | |
909 | ASN1_STRING_set0(si->enc_digest, abuf, siglen); |
910 | |
911 | return 1; |
912 | |
913 | err: |
914 | free(abuf); |
915 | EVP_MD_CTX_cleanup(&mctx); |
916 | return 0; |
917 | } |
918 | |
919 | int |
920 | PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio, |
921 | PKCS7 *p7, PKCS7_SIGNER_INFO *si) |
922 | { |
923 | PKCS7_ISSUER_AND_SERIAL *ias; |
924 | int ret = 0, i; |
925 | STACK_OF(X509)struct stack_st_X509 *cert; |
926 | X509 *x509; |
927 | |
928 | if (p7 == NULL((void*)0)) { |
929 | PKCS7error(PKCS7_R_INVALID_NULL_POINTER)ERR_put_error(33,(0xfff),(143),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,929); |
930 | return 0; |
931 | } |
932 | |
933 | if (p7->d.ptr == NULL((void*)0)) { |
934 | PKCS7error(PKCS7_R_NO_CONTENT)ERR_put_error(33,(0xfff),(122),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,934); |
935 | return 0; |
936 | } |
937 | |
938 | if (PKCS7_type_is_signed(p7)(OBJ_obj2nid((p7)->type) == 22)) { |
939 | cert = p7->d.sign->cert; |
940 | } else if (PKCS7_type_is_signedAndEnveloped(p7)(OBJ_obj2nid((p7)->type) == 24)) { |
941 | cert = p7->d.signed_and_enveloped->cert; |
942 | } else { |
943 | PKCS7error(PKCS7_R_WRONG_PKCS7_TYPE)ERR_put_error(33,(0xfff),(114),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,943); |
944 | goto err; |
945 | } |
946 | /* XXXX */ |
947 | ias = si->issuer_and_serial; |
948 | |
949 | x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial); |
950 | |
951 | /* were we able to find the cert in passed to us */ |
952 | if (x509 == NULL((void*)0)) { |
953 | PKCS7error(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE)ERR_put_error(33,(0xfff),(106),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,953); |
954 | goto err; |
955 | } |
956 | |
957 | /* Lets verify */ |
958 | if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) { |
959 | PKCS7error(ERR_R_X509_LIB)ERR_put_error(33,(0xfff),(11),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,959); |
960 | goto err; |
961 | } |
962 | if (X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN4) == 0) { |
963 | X509_STORE_CTX_cleanup(ctx); |
964 | goto err; |
965 | } |
966 | i = X509_verify_cert(ctx); |
967 | if (i <= 0) { |
968 | PKCS7error(ERR_R_X509_LIB)ERR_put_error(33,(0xfff),(11),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,968); |
969 | X509_STORE_CTX_cleanup(ctx); |
970 | goto err; |
971 | } |
972 | X509_STORE_CTX_cleanup(ctx); |
973 | |
974 | return PKCS7_signatureVerify(bio, p7, si, x509); |
975 | err: |
976 | |
977 | return ret; |
978 | } |
979 | |
980 | int |
981 | PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, X509 *x509) |
982 | { |
983 | ASN1_OCTET_STRING *os; |
984 | EVP_MD_CTX mdc_tmp, *mdc; |
985 | int ret = 0, i; |
986 | int md_type; |
987 | STACK_OF(X509_ATTRIBUTE)struct stack_st_X509_ATTRIBUTE *sk; |
988 | BIO *btmp; |
989 | EVP_PKEY *pkey; |
990 | |
991 | EVP_MD_CTX_init(&mdc_tmp); |
992 | |
993 | if (!PKCS7_type_is_signed(p7)(OBJ_obj2nid((p7)->type) == 22) && |
994 | !PKCS7_type_is_signedAndEnveloped(p7)(OBJ_obj2nid((p7)->type) == 24)) { |
995 | PKCS7error(PKCS7_R_WRONG_PKCS7_TYPE)ERR_put_error(33,(0xfff),(114),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,995); |
996 | goto err; |
997 | } |
998 | |
999 | md_type = OBJ_obj2nid(si->digest_alg->algorithm); |
1000 | |
1001 | btmp = bio; |
1002 | for (;;) { |
1003 | if ((btmp == NULL((void*)0)) || |
1004 | ((btmp = BIO_find_type(btmp, BIO_TYPE_MD(8|0x0200))) == NULL((void*)0))) { |
1005 | PKCS7error(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST)ERR_put_error(33,(0xfff),(108),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,1005); |
1006 | goto err; |
1007 | } |
1008 | BIO_get_md_ctx(btmp, &mdc)BIO_ctrl(btmp,120,0,(char *)&mdc); |
1009 | if (mdc == NULL((void*)0)) { |
1010 | PKCS7error(ERR_R_INTERNAL_ERROR)ERR_put_error(33,(0xfff),((4|64)),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,1010); |
1011 | goto err; |
1012 | } |
1013 | if (EVP_MD_CTX_type(mdc)EVP_MD_type(EVP_MD_CTX_md(mdc)) == md_type) |
1014 | break; |
1015 | /* Workaround for some broken clients that put the signature |
1016 | * OID instead of the digest OID in digest_alg->algorithm |
1017 | */ |
1018 | if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type) |
1019 | break; |
1020 | btmp = BIO_next(btmp); |
1021 | } |
1022 | |
1023 | /* mdc is the digest ctx that we want, unless there are attributes, |
1024 | * in which case the digest is the signed attributes */ |
1025 | if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc)) |
1026 | goto err; |
1027 | |
1028 | sk = si->auth_attr; |
1029 | if ((sk != NULL((void*)0)) && (sk_X509_ATTRIBUTE_num(sk)sk_num(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0))) != 0)) { |
1030 | unsigned char md_dat[EVP_MAX_MD_SIZE64], *abuf = NULL((void*)0); |
1031 | unsigned int md_len; |
1032 | int alen; |
1033 | ASN1_OCTET_STRING *message_digest; |
1034 | |
1035 | if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len)) |
1036 | goto err; |
1037 | message_digest = PKCS7_digest_from_attributes(sk); |
1038 | if (!message_digest) { |
1039 | PKCS7error(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST)ERR_put_error(33,(0xfff),(108),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,1039); |
1040 | goto err; |
1041 | } |
1042 | if ((message_digest->length != (int)md_len) || |
1043 | (memcmp(message_digest->data, md_dat, md_len))) { |
1044 | PKCS7error(PKCS7_R_DIGEST_FAILURE)ERR_put_error(33,(0xfff),(101),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,1044); |
1045 | ret = -1; |
1046 | goto err; |
1047 | } |
1048 | |
1049 | if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type),EVP_DigestInit_ex(&mdc_tmp,EVP_get_digestbyname(OBJ_nid2sn (md_type)),((void*)0)) |
1050 | NULL)EVP_DigestInit_ex(&mdc_tmp,EVP_get_digestbyname(OBJ_nid2sn (md_type)),((void*)0))) |
1051 | goto err; |
1052 | |
1053 | alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf, |
1054 | &PKCS7_ATTR_VERIFY_it); |
1055 | if (alen <= 0) { |
1056 | PKCS7error(ERR_R_ASN1_LIB)ERR_put_error(33,(0xfff),(13),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,1056); |
1057 | ret = -1; |
1058 | goto err; |
1059 | } |
1060 | if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen)EVP_DigestUpdate(&mdc_tmp,abuf,alen)) |
1061 | goto err; |
1062 | |
1063 | free(abuf); |
1064 | } |
1065 | |
1066 | os = si->enc_digest; |
1067 | pkey = X509_get_pubkey(x509); |
1068 | if (!pkey) { |
1069 | ret = -1; |
1070 | goto err; |
1071 | } |
1072 | |
1073 | i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey); |
1074 | EVP_PKEY_free(pkey); |
1075 | if (i <= 0) { |
1076 | PKCS7error(PKCS7_R_SIGNATURE_FAILURE)ERR_put_error(33,(0xfff),(105),"/usr/src/lib/libcrypto/pkcs7/pk7_doit.c" ,1076); |
1077 | ret = -1; |
1078 | goto err; |
1079 | } else |
1080 | ret = 1; |
1081 | err: |
1082 | EVP_MD_CTX_cleanup(&mdc_tmp); |
1083 | return (ret); |
1084 | } |
1085 | |
1086 | PKCS7_ISSUER_AND_SERIAL * |
1087 | PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx) |
1088 | { |
1089 | STACK_OF(PKCS7_RECIP_INFO)struct stack_st_PKCS7_RECIP_INFO *rsk; |
1090 | PKCS7_RECIP_INFO *ri; |
1091 | int i; |
1092 | |
1093 | i = OBJ_obj2nid(p7->type); |
1094 | if (i != NID_pkcs7_signedAndEnveloped24) |
1095 | return NULL((void*)0); |
1096 | if (p7->d.signed_and_enveloped == NULL((void*)0)) |
1097 | return NULL((void*)0); |
1098 | rsk = p7->d.signed_and_enveloped->recipientinfo; |
1099 | if (rsk == NULL((void*)0)) |
1100 | return NULL((void*)0); |
1101 | ri = sk_PKCS7_RECIP_INFO_value(rsk, 0)((PKCS7_RECIP_INFO *)sk_value(((_STACK*) (1 ? (rsk) : (struct stack_st_PKCS7_RECIP_INFO*)0)), (0))); |
Value stored to 'ri' is never read | |
1102 | if (sk_PKCS7_RECIP_INFO_num(rsk)sk_num(((_STACK*) (1 ? (rsk) : (struct stack_st_PKCS7_RECIP_INFO *)0))) <= idx) |
1103 | return (NULL((void*)0)); |
1104 | ri = sk_PKCS7_RECIP_INFO_value(rsk, idx)((PKCS7_RECIP_INFO *)sk_value(((_STACK*) (1 ? (rsk) : (struct stack_st_PKCS7_RECIP_INFO*)0)), (idx))); |
1105 | return (ri->issuer_and_serial); |
1106 | } |
1107 | |
1108 | ASN1_TYPE * |
1109 | PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid) |
1110 | { |
1111 | return (get_attribute(si->auth_attr, nid)); |
1112 | } |
1113 | |
1114 | ASN1_TYPE * |
1115 | PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid) |
1116 | { |
1117 | return (get_attribute(si->unauth_attr, nid)); |
1118 | } |
1119 | |
1120 | static ASN1_TYPE * |
1121 | get_attribute(STACK_OF(X509_ATTRIBUTE)struct stack_st_X509_ATTRIBUTE *sk, int nid) |
1122 | { |
1123 | int i; |
1124 | X509_ATTRIBUTE *xa; |
1125 | ASN1_OBJECT *o; |
1126 | |
1127 | o = OBJ_nid2obj(nid); |
1128 | if (!o || !sk) |
1129 | return (NULL((void*)0)); |
1130 | for (i = 0; i < sk_X509_ATTRIBUTE_num(sk)sk_num(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0))); i++) { |
1131 | xa = sk_X509_ATTRIBUTE_value(sk, i)((X509_ATTRIBUTE *)sk_value(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0)), (i))); |
1132 | if (OBJ_cmp(xa->object, o) == 0) { |
1133 | if (!xa->single && sk_ASN1_TYPE_num(xa->value.set)sk_num(((_STACK*) (1 ? (xa->value.set) : (struct stack_st_ASN1_TYPE *)0)))) |
1134 | return (sk_ASN1_TYPE_value(xa->value.set, 0)((ASN1_TYPE *)sk_value(((_STACK*) (1 ? (xa->value.set) : ( struct stack_st_ASN1_TYPE*)0)), (0)))); |
1135 | else |
1136 | return (NULL((void*)0)); |
1137 | } |
1138 | } |
1139 | return (NULL((void*)0)); |
1140 | } |
1141 | |
1142 | ASN1_OCTET_STRING * |
1143 | PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE)struct stack_st_X509_ATTRIBUTE *sk) |
1144 | { |
1145 | ASN1_TYPE *astype; |
1146 | |
1147 | if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest51))) |
1148 | return NULL((void*)0); |
1149 | if (astype->type != V_ASN1_OCTET_STRING4) |
1150 | return NULL((void*)0); |
1151 | return astype->value.octet_string; |
1152 | } |
1153 | |
1154 | int |
1155 | PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, |
1156 | STACK_OF(X509_ATTRIBUTE)struct stack_st_X509_ATTRIBUTE *sk) |
1157 | { |
1158 | int i; |
1159 | |
1160 | if (p7si->auth_attr != NULL((void*)0)) |
1161 | sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,sk_pop_free(((_STACK*) (1 ? (p7si->auth_attr) : (struct stack_st_X509_ATTRIBUTE *)0)), ((void (*)(void *)) ((1 ? (X509_ATTRIBUTE_free) : (void (*)(X509_ATTRIBUTE *))0)))) |
1162 | X509_ATTRIBUTE_free)sk_pop_free(((_STACK*) (1 ? (p7si->auth_attr) : (struct stack_st_X509_ATTRIBUTE *)0)), ((void (*)(void *)) ((1 ? (X509_ATTRIBUTE_free) : (void (*)(X509_ATTRIBUTE *))0)))); |
1163 | p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk)(struct stack_st_X509_ATTRIBUTE *)sk_dup(((_STACK*) (1 ? sk : (struct stack_st_X509_ATTRIBUTE*)0))); |
1164 | if (p7si->auth_attr == NULL((void*)0)) |
1165 | return 0; |
1166 | for (i = 0; i < sk_X509_ATTRIBUTE_num(sk)sk_num(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0))); i++) { |
1167 | if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,sk_set(((_STACK*) (1 ? (p7si->auth_attr) : (struct stack_st_X509_ATTRIBUTE *)0)), (i), ((void*) (1 ? (X509_ATTRIBUTE_dup(((X509_ATTRIBUTE *)sk_value(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0)), (i))))) : (X509_ATTRIBUTE*)0))) |
1168 | X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk, i)))sk_set(((_STACK*) (1 ? (p7si->auth_attr) : (struct stack_st_X509_ATTRIBUTE *)0)), (i), ((void*) (1 ? (X509_ATTRIBUTE_dup(((X509_ATTRIBUTE *)sk_value(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0)), (i))))) : (X509_ATTRIBUTE*)0)))) |
1169 | == NULL((void*)0)) |
1170 | return (0); |
1171 | } |
1172 | return (1); |
1173 | } |
1174 | |
1175 | int |
1176 | PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE)struct stack_st_X509_ATTRIBUTE *sk) |
1177 | { |
1178 | int i; |
1179 | |
1180 | if (p7si->unauth_attr != NULL((void*)0)) |
1181 | sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr,sk_pop_free(((_STACK*) (1 ? (p7si->unauth_attr) : (struct stack_st_X509_ATTRIBUTE *)0)), ((void (*)(void *)) ((1 ? (X509_ATTRIBUTE_free) : (void (*)(X509_ATTRIBUTE *))0)))) |
1182 | X509_ATTRIBUTE_free)sk_pop_free(((_STACK*) (1 ? (p7si->unauth_attr) : (struct stack_st_X509_ATTRIBUTE *)0)), ((void (*)(void *)) ((1 ? (X509_ATTRIBUTE_free) : (void (*)(X509_ATTRIBUTE *))0)))); |
1183 | p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk)(struct stack_st_X509_ATTRIBUTE *)sk_dup(((_STACK*) (1 ? sk : (struct stack_st_X509_ATTRIBUTE*)0))); |
1184 | if (p7si->unauth_attr == NULL((void*)0)) |
1185 | return 0; |
1186 | for (i = 0; i < sk_X509_ATTRIBUTE_num(sk)sk_num(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0))); i++) { |
1187 | if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,sk_set(((_STACK*) (1 ? (p7si->unauth_attr) : (struct stack_st_X509_ATTRIBUTE *)0)), (i), ((void*) (1 ? (X509_ATTRIBUTE_dup(((X509_ATTRIBUTE *)sk_value(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0)), (i))))) : (X509_ATTRIBUTE*)0))) |
1188 | X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk, i)))sk_set(((_STACK*) (1 ? (p7si->unauth_attr) : (struct stack_st_X509_ATTRIBUTE *)0)), (i), ((void*) (1 ? (X509_ATTRIBUTE_dup(((X509_ATTRIBUTE *)sk_value(((_STACK*) (1 ? (sk) : (struct stack_st_X509_ATTRIBUTE *)0)), (i))))) : (X509_ATTRIBUTE*)0)))) |
1189 | == NULL((void*)0)) |
1190 | return (0); |
1191 | } |
1192 | return (1); |
1193 | } |
1194 | |
1195 | int |
1196 | PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, |
1197 | void *value) |
1198 | { |
1199 | return (add_attribute(&(p7si->auth_attr), nid, atrtype, value)); |
1200 | } |
1201 | |
1202 | int |
1203 | PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, void *value) |
1204 | { |
1205 | return (add_attribute(&(p7si->unauth_attr), nid, atrtype, value)); |
1206 | } |
1207 | |
1208 | static int |
1209 | add_attribute(STACK_OF(X509_ATTRIBUTE)struct stack_st_X509_ATTRIBUTE **sk, int nid, int atrtype, void *value) |
1210 | { |
1211 | X509_ATTRIBUTE *attr = NULL((void*)0); |
1212 | |
1213 | if (*sk == NULL((void*)0)) { |
1214 | *sk = sk_X509_ATTRIBUTE_new_null()((struct stack_st_X509_ATTRIBUTE *)sk_new_null()); |
1215 | if (*sk == NULL((void*)0)) |
1216 | return 0; |
1217 | new_attrib: |
1218 | if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value))) |
1219 | return 0; |
1220 | if (!sk_X509_ATTRIBUTE_push(*sk, attr)sk_push(((_STACK*) (1 ? (*sk) : (struct stack_st_X509_ATTRIBUTE *)0)), ((void*) (1 ? (attr) : (X509_ATTRIBUTE*)0)))) { |
1221 | X509_ATTRIBUTE_free(attr); |
1222 | return 0; |
1223 | } |
1224 | } else { |
1225 | int i; |
1226 | |
1227 | for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk)sk_num(((_STACK*) (1 ? (*sk) : (struct stack_st_X509_ATTRIBUTE *)0))); i++) { |
1228 | attr = sk_X509_ATTRIBUTE_value(*sk, i)((X509_ATTRIBUTE *)sk_value(((_STACK*) (1 ? (*sk) : (struct stack_st_X509_ATTRIBUTE *)0)), (i))); |
1229 | if (OBJ_obj2nid(attr->object) == nid) { |
1230 | X509_ATTRIBUTE_free(attr); |
1231 | attr = X509_ATTRIBUTE_create(nid, atrtype, |
1232 | value); |
1233 | if (attr == NULL((void*)0)) |
1234 | return 0; |
1235 | if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)sk_set(((_STACK*) (1 ? (*sk) : (struct stack_st_X509_ATTRIBUTE *)0)), (i), ((void*) (1 ? (attr) : (X509_ATTRIBUTE*)0)))) { |
1236 | X509_ATTRIBUTE_free(attr); |
1237 | return 0; |
1238 | } |
1239 | goto end; |
1240 | } |
1241 | } |
1242 | goto new_attrib; |
1243 | } |
1244 | end: |
1245 | return (1); |
1246 | } |