crypto/openssl/crypto/pkcs7/pk7_smime.c

   1 /* pk7_smime.c */
   2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
   3  * project.
   4  */
   5 /* ====================================================================
   6  * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in
  17  *    the documentation and/or other materials provided with the
  18  *    distribution.
  19  *
  20  * 3. All advertising materials mentioning features or use of this
  21  *    software must display the following acknowledgment:
  22  *    "This product includes software developed by the OpenSSL Project
  23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24  *
  25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26  *    endorse or promote products derived from this software without
  27  *    prior written permission. For written permission, please contact
  28  *    licensing@OpenSSL.org.
  29  *
  30  * 5. Products derived from this software may not be called "OpenSSL"
  31  *    nor may "OpenSSL" appear in their names without prior written
  32  *    permission of the OpenSSL Project.
  33  *
  34  * 6. Redistributions of any form whatsoever must retain the following
  35  *    acknowledgment:
  36  *    "This product includes software developed by the OpenSSL Project
  37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38  *
  39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50  * OF THE POSSIBILITY OF SUCH DAMAGE.
  51  * ====================================================================
  52  *
  53  * This product includes cryptographic software written by Eric Young
  54  * (eay@cryptsoft.com).  This product includes software written by Tim
  55  * Hudson (tjh@cryptsoft.com).
  56  *
  57  */
  58
  59 /* Simple PKCS#7 processing functions */
  60
  61 #include <stdio.h>
  62 #include "cryptlib.h"
  63 #include <openssl/x509.h>
  64 #include <openssl/x509v3.h>
  65
  66 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
  67                   BIO *data, int flags)
  68 {
  69         PKCS7 *p7 = NULL;
  70         PKCS7_SIGNER_INFO *si;
  71         BIO *p7bio = NULL;
  72         STACK_OF(X509_ALGOR) *smcap = NULL;
  73         int i;
  74
  75         if(!X509_check_private_key(signcert, pkey)) {
  76                 PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
  77                 return NULL;
  78         }
  79
  80         if(!(p7 = PKCS7_new())) {
  81                 PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
  82                 return NULL;
  83         }
  84
  85         if (!PKCS7_set_type(p7, NID_pkcs7_signed))
  86                 goto err;
  87
  88         if (!PKCS7_content_new(p7, NID_pkcs7_data))
  89                 goto err;
  90
  91         if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {
  92                 PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
  93                 goto err;
  94         }
  95
  96         if(!(flags & PKCS7_NOCERTS)) {
  97                 if (!PKCS7_add_certificate(p7, signcert))
  98                         goto err;
  99                 if(certs) for(i = 0; i < sk_X509_num(certs); i++)
 100                         if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i)))
 101                                 goto err;
 102         }
 103
 104         if(!(flags & PKCS7_NOATTR)) {
 105                 if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
 106                                 V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data)))
 107                         goto err;
 108                 /* Add SMIMECapabilities */
 109                 if(!(flags & PKCS7_NOSMIMECAP))
 110                 {
 111                 if(!(smcap = sk_X509_ALGOR_new_null())) {
 112                         PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
 113                         goto err;
 114                 }
 115 #ifndef OPENSSL_NO_DES
 116                 if (!PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1))
 117                         goto err;
 118 #endif
 119 #ifndef OPENSSL_NO_RC2
 120                 if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128))
 121                         goto err;
 122                 if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64))
 123                         goto err;
 124 #endif
 125 #ifndef OPENSSL_NO_DES
 126                 if (!PKCS7_simple_smimecap (smcap, NID_des_cbc, -1))
 127                         goto err;
 128 #endif
 129 #ifndef OPENSSL_NO_RC2
 130                 if (!PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40))
 131                         goto err;
 132 #endif
 133                 if (!PKCS7_add_attrib_smimecap (si, smcap))
 134                         goto err;
 135                 sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
 136                 smcap = NULL;
 137                 }
 138         }
 139
 140         if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1);
 141
 142         if (flags & PKCS7_STREAM)
 143                 return p7;
 144
 145
 146         if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
 147                 PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
 148                 goto err;
 149         }
 150
 151         SMIME_crlf_copy(data, p7bio, flags);
 152
 153
 154         if (!PKCS7_dataFinal(p7,p7bio)) {
 155                 PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN);
 156                 goto err;
 157         }
 158
 159         BIO_free_all(p7bio);
 160         return p7;
 161 err:
 162         sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
 163         BIO_free_all(p7bio);
 164         PKCS7_free(p7);
 165         return NULL;
 166 }
 167
 168 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 169                                         BIO *indata, BIO *out, int flags)
 170 {
 171         STACK_OF(X509) *signers;
 172         X509 *signer;
 173         STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
 174         PKCS7_SIGNER_INFO *si;
 175         X509_STORE_CTX cert_ctx;
 176         char buf[4096];
 177         int i, j=0, k, ret = 0;
 178         BIO *p7bio;
 179         BIO *tmpin, *tmpout;
 180
 181         if(!p7) {
 182                 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_INVALID_NULL_POINTER);
 183                 return 0;
 184         }
 185
 186         if(!PKCS7_type_is_signed(p7)) {
 187                 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_WRONG_CONTENT_TYPE);
 188                 return 0;
 189         }
 190
 191         /* Check for no data and no content: no data to verify signature */
 192         if(PKCS7_get_detached(p7) && !indata) {
 193                 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_CONTENT);
 194                 return 0;
 195         }
 196 #if 0
 197         /* NB: this test commented out because some versions of Netscape
 198          * illegally include zero length content when signing data.
 199          */
 200
 201         /* Check for data and content: two sets of data */
 202         if(!PKCS7_get_detached(p7) && indata) {
 203                                 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CONTENT_AND_DATA_PRESENT);
 204                 return 0;
 205         }
 206 #endif
 207
 208         sinfos = PKCS7_get_signer_info(p7);
 209
 210         if(!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
 211                 PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_SIGNATURES_ON_DATA);
 212                 return 0;
 213         }
 214
 215
 216         signers = PKCS7_get0_signers(p7, certs, flags);
 217
 218         if(!signers) return 0;
 219
 220         /* Now verify the certificates */
 221
 222         if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
 223                 signer = sk_X509_value (signers, k);
 224                 if (!(flags & PKCS7_NOCHAIN)) {
 225                         if(!X509_STORE_CTX_init(&cert_ctx, store, signer,
 226                                                         p7->d.sign->cert))
 227                                 {
 228                                 PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
 229                                 sk_X509_free(signers);
 230                                 return 0;
 231                                 }
 232                         X509_STORE_CTX_set_purpose(&cert_ctx,
 233                                                 X509_PURPOSE_SMIME_SIGN);
 234                 } else if(!X509_STORE_CTX_init (&cert_ctx, store, signer, NULL)) {
 235                         PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
 236                         sk_X509_free(signers);
 237                         return 0;
 238                 }
 239                 if (!(flags & PKCS7_NOCRL))
 240                         X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl);
 241                 i = X509_verify_cert(&cert_ctx);
 242                 if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx);
 243                 X509_STORE_CTX_cleanup(&cert_ctx);
 244                 if (i <= 0) {
 245                         PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CERTIFICATE_VERIFY_ERROR);
 246                         ERR_add_error_data(2, "Verify error:",
 247                                          X509_verify_cert_error_string(j));
 248                         sk_X509_free(signers);
 249                         return 0;
 250                 }
 251                 /* Check for revocation status here */
 252         }
 253
 254         /* Performance optimization: if the content is a memory BIO then
 255          * store its contents in a temporary read only memory BIO. This
 256          * avoids potentially large numbers of slow copies of data which will
 257          * occur when reading from a read write memory BIO when signatures
 258          * are calculated.
 259          */
 260
 261         if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM))
 262                 {
 263                 char *ptr;
 264                 long len;
 265                 len = BIO_get_mem_data(indata, &ptr);
 266                 tmpin = BIO_new_mem_buf(ptr, len);
 267                 if (tmpin == NULL)
 268                         {
 269                         PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE);
 270                         return 0;
 271                         }
 272                 }
 273         else
 274                 tmpin = indata;
 275
 276
 277         if (!(p7bio=PKCS7_dataInit(p7,tmpin)))
 278                 goto err;
 279
 280         if(flags & PKCS7_TEXT) {
 281                 if(!(tmpout = BIO_new(BIO_s_mem()))) {
 282                         PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE);
 283                         goto err;
 284                 }
 285                 BIO_set_mem_eof_return(tmpout, 0);
 286         } else tmpout = out;
 287
 288         /* We now have to 'read' from p7bio to calculate digests etc. */
 289         for (;;)
 290         {
 291                 i=BIO_read(p7bio,buf,sizeof(buf));
 292                 if (i <= 0) break;
 293                 if (tmpout) BIO_write(tmpout, buf, i);
 294         }
 295
 296         if(flags & PKCS7_TEXT) {
 297                 if(!SMIME_text(tmpout, out)) {
 298                         PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_SMIME_TEXT_ERROR);
 299                         BIO_free(tmpout);
 300                         goto err;
 301                 }
 302                 BIO_free(tmpout);
 303         }
 304
 305         /* Now Verify All Signatures */
 306         if (!(flags & PKCS7_NOSIGS))
 307             for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
 308                 {
 309                 si=sk_PKCS7_SIGNER_INFO_value(sinfos,i);
 310                 signer = sk_X509_value (signers, i);
 311                 j=PKCS7_signatureVerify(p7bio,p7,si, signer);
 312                 if (j <= 0) {
 313                         PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_SIGNATURE_FAILURE);
 314                         goto err;
 315                 }
 316         }
 317
 318         ret = 1;
 319
 320         err:
 321
 322         if (tmpin == indata)
 323                 {
 324                 if (indata) BIO_pop(p7bio);
 325                 }
 326         BIO_free_all(p7bio);
 327
 328         sk_X509_free(signers);
 329
 330         return ret;
 331 }
 332
 333 STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
 334 {
 335         STACK_OF(X509) *signers;
 336         STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
 337         PKCS7_SIGNER_INFO *si;
 338         PKCS7_ISSUER_AND_SERIAL *ias;
 339         X509 *signer;
 340         int i;
 341
 342         if(!p7) {
 343                 PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_INVALID_NULL_POINTER);
 344                 return NULL;
 345         }
 346
 347         if(!PKCS7_type_is_signed(p7)) {
 348                 PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_WRONG_CONTENT_TYPE);
 349                 return NULL;
 350         }
 351
 352         /* Collect all the signers together */
 353
 354         sinfos = PKCS7_get_signer_info(p7);
 355
 356         if(sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
 357                 PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_NO_SIGNERS);
 358                 return NULL;
 359         }
 360
 361         if(!(signers = sk_X509_new_null())) {
 362                 PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,ERR_R_MALLOC_FAILURE);
 363                 return NULL;
 364         }
 365
 366         for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
 367         {
 368             si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
 369             ias = si->issuer_and_serial;
 370             signer = NULL;
 371                 /* If any certificates passed they take priority */
 372             if (certs) signer = X509_find_by_issuer_and_serial (certs,
 373                                                 ias->issuer, ias->serial);
 374             if (!signer && !(flags & PKCS7_NOINTERN)
 375                         && p7->d.sign->cert) signer =
 376                               X509_find_by_issuer_and_serial (p7->d.sign->cert,
 377                                                 ias->issuer, ias->serial);
 378             if (!signer) {
 379                         PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
 380                         sk_X509_free(signers);
 381                         return NULL;
 382             }
 383
 384             if (!sk_X509_push(signers, signer)) {
 385                         sk_X509_free(signers);
 386                         return NULL;
 387             }
 388         }
 389         return signers;
 390 }
 391
 392
 393 /* Build a complete PKCS#7 enveloped data */
 394
 395 PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
 396                                                                 int flags)
 397 {
 398         PKCS7 *p7;
 399         BIO *p7bio = NULL;
 400         int i;
 401         X509 *x509;
 402         if(!(p7 = PKCS7_new())) {
 403                 PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE);
 404                 return NULL;
 405         }
 406
 407         if (!PKCS7_set_type(p7, NID_pkcs7_enveloped))
 408                 goto err;
 409         if(!PKCS7_set_cipher(p7, cipher)) {
 410                 PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER);
 411                 goto err;
 412         }
 413
 414         for(i = 0; i < sk_X509_num(certs); i++) {
 415                 x509 = sk_X509_value(certs, i);
 416                 if(!PKCS7_add_recipient(p7, x509)) {
 417                         PKCS7err(PKCS7_F_PKCS7_ENCRYPT,
 418                                         PKCS7_R_ERROR_ADDING_RECIPIENT);
 419                         goto err;
 420                 }
 421         }
 422
 423         if(!(p7bio = PKCS7_dataInit(p7, NULL))) {
 424                 PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE);
 425                 goto err;
 426         }
 427
 428         SMIME_crlf_copy(in, p7bio, flags);
 429
 430         (void)BIO_flush(p7bio);
 431
 432         if (!PKCS7_dataFinal(p7,p7bio)) {
 433                 PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR);
 434                 goto err;
 435         }
 436         BIO_free_all(p7bio);
 437
 438         return p7;
 439
 440         err:
 441
 442         BIO_free_all(p7bio);
 443         PKCS7_free(p7);
 444         return NULL;
 445
 446 }
 447
 448 int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
 449 {
 450         BIO *tmpmem;
 451         int ret, i;
 452         char buf[4096];
 453
 454         if(!p7) {
 455                 PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_INVALID_NULL_POINTER);
 456                 return 0;
 457         }
 458
 459         if(!PKCS7_type_is_enveloped(p7)) {
 460                 PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_WRONG_CONTENT_TYPE);
 461                 return 0;
 462         }
 463
 464         if(cert && !X509_check_private_key(cert, pkey)) {
 465                 PKCS7err(PKCS7_F_PKCS7_DECRYPT,
 466                                 PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
 467                 return 0;
 468         }
 469
 470         if(!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
 471                 PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
 472                 return 0;
 473         }
 474
 475         if (flags & PKCS7_TEXT) {
 476                 BIO *tmpbuf, *bread;
 477                 /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
 478                 if(!(tmpbuf = BIO_new(BIO_f_buffer()))) {
 479                         PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
 480                         BIO_free_all(tmpmem);
 481                         return 0;
 482                 }
 483                 if(!(bread = BIO_push(tmpbuf, tmpmem))) {
 484                         PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
 485                         BIO_free_all(tmpbuf);
 486                         BIO_free_all(tmpmem);
 487                         return 0;
 488                 }
 489                 ret = SMIME_text(bread, data);
 490                 BIO_free_all(bread);
 491                 return ret;
 492         } else {
 493                 for(;;) {
 494                         i = BIO_read(tmpmem, buf, sizeof(buf));
 495                         if(i <= 0) break;
 496                         BIO_write(data, buf, i);
 497                 }
 498                 BIO_free_all(tmpmem);
 499                 return 1;
 500         }
 501 }