1 /* crypto/cms/cms_ess.c */ 2 /* Written by Dr Stephen N Henson (steve (at) openssl.org) for the OpenSSL 3 * project. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 2008 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing (at) OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 */ 53 54 #include "cryptlib.h" 55 #include <openssl/asn1t.h> 56 #include <openssl/pem.h> 57 #include <openssl/rand.h> 58 #include <openssl/x509v3.h> 59 #include <openssl/err.h> 60 #include <openssl/cms.h> 61 #include "cms_lcl.h" 62 63 DECLARE_ASN1_ITEM(CMS_ReceiptRequest) 64 DECLARE_ASN1_ITEM(CMS_Receipt) 65 66 IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest) 67 68 /* ESS services: for now just Signed Receipt related */ 69 70 int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr) 71 { 72 ASN1_STRING *str; 73 CMS_ReceiptRequest *rr = NULL; 74 if (prr) 75 *prr = NULL; 76 str = CMS_signed_get0_data_by_OBJ(si, 77 OBJ_nid2obj(NID_id_smime_aa_receiptRequest), 78 -3, V_ASN1_SEQUENCE); 79 if (!str) 80 return 0; 81 82 rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest)); 83 if (!rr) 84 return -1; 85 if (prr) 86 *prr = rr; 87 else 88 CMS_ReceiptRequest_free(rr); 89 return 1; 90 } 91 92 CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen, 93 int allorfirst, 94 STACK_OF(GENERAL_NAMES) *receiptList, 95 STACK_OF(GENERAL_NAMES) *receiptsTo) 96 { 97 CMS_ReceiptRequest *rr = NULL; 98 99 rr = CMS_ReceiptRequest_new(); 100 if (!rr) 101 goto merr; 102 if (id) 103 ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen); 104 else 105 { 106 if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32)) 107 goto merr; 108 if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32) 109 <= 0) 110 goto err; 111 } 112 113 sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free); 114 rr->receiptsTo = receiptsTo; 115 116 if (receiptList) 117 { 118 rr->receiptsFrom->type = 1; 119 rr->receiptsFrom->d.receiptList = receiptList; 120 } 121 else 122 { 123 rr->receiptsFrom->type = 0; 124 rr->receiptsFrom->d.allOrFirstTier = allorfirst; 125 } 126 127 return rr; 128 129 merr: 130 CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE); 131 132 err: 133 if (rr) 134 CMS_ReceiptRequest_free(rr); 135 136 return NULL; 137 138 } 139 140 int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr) 141 { 142 unsigned char *rrder = NULL; 143 int rrderlen, r = 0; 144 145 rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder); 146 if (rrderlen < 0) 147 goto merr; 148 149 if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest, 150 V_ASN1_SEQUENCE, rrder, rrderlen)) 151 goto merr; 152 153 r = 1; 154 155 merr: 156 if (!r) 157 CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE); 158 159 if (rrder) 160 OPENSSL_free(rrder); 161 162 return r; 163 164 } 165 166 void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, 167 ASN1_STRING **pcid, 168 int *pallorfirst, 169 STACK_OF(GENERAL_NAMES) **plist, 170 STACK_OF(GENERAL_NAMES) **prto) 171 { 172 if (pcid) 173 *pcid = rr->signedContentIdentifier; 174 if (rr->receiptsFrom->type == 0) 175 { 176 if (pallorfirst) 177 *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier; 178 if (plist) 179 *plist = NULL; 180 } 181 else 182 { 183 if (pallorfirst) 184 *pallorfirst = -1; 185 if (plist) 186 *plist = rr->receiptsFrom->d.receiptList; 187 } 188 if (prto) 189 *prto = rr->receiptsTo; 190 } 191 192 /* Digest a SignerInfo structure for msgSigDigest attribute processing */ 193 194 static int cms_msgSigDigest(CMS_SignerInfo *si, 195 unsigned char *dig, unsigned int *diglen) 196 { 197 const EVP_MD *md; 198 md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm); 199 if (md == NULL) 200 return 0; 201 if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md, 202 si->signedAttrs, dig, diglen)) 203 return 0; 204 return 1; 205 } 206 207 /* Add a msgSigDigest attribute to a SignerInfo */ 208 209 int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src) 210 { 211 unsigned char dig[EVP_MAX_MD_SIZE]; 212 unsigned int diglen; 213 if (!cms_msgSigDigest(src, dig, &diglen)) 214 { 215 CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR); 216 return 0; 217 } 218 if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest, 219 V_ASN1_OCTET_STRING, dig, diglen)) 220 { 221 CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE); 222 return 0; 223 } 224 return 1; 225 } 226 227 /* Verify signed receipt after it has already passed normal CMS verify */ 228 229 int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms) 230 { 231 int r = 0, i; 232 CMS_ReceiptRequest *rr = NULL; 233 CMS_Receipt *rct = NULL; 234 STACK_OF(CMS_SignerInfo) *sis, *osis; 235 CMS_SignerInfo *si, *osi = NULL; 236 ASN1_OCTET_STRING *msig, **pcont; 237 ASN1_OBJECT *octype; 238 unsigned char dig[EVP_MAX_MD_SIZE]; 239 unsigned int diglen; 240 241 /* Get SignerInfos, also checks SignedData content type */ 242 osis = CMS_get0_SignerInfos(req_cms); 243 sis = CMS_get0_SignerInfos(cms); 244 if (!osis || !sis) 245 goto err; 246 247 if (sk_CMS_SignerInfo_num(sis) != 1) 248 { 249 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER); 250 goto err; 251 } 252 253 /* Check receipt content type */ 254 if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) 255 { 256 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT); 257 goto err; 258 } 259 260 /* Extract and decode receipt content */ 261 pcont = CMS_get0_content(cms); 262 if (!pcont || !*pcont) 263 { 264 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT); 265 goto err; 266 } 267 268 rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt)); 269 270 if (!rct) 271 { 272 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR); 273 goto err; 274 } 275 276 /* Locate original request */ 277 278 for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) 279 { 280 osi = sk_CMS_SignerInfo_value(osis, i); 281 if (!ASN1_STRING_cmp(osi->signature, 282 rct->originatorSignatureValue)) 283 break; 284 } 285 286 if (i == sk_CMS_SignerInfo_num(osis)) 287 { 288 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE); 289 goto err; 290 } 291 292 si = sk_CMS_SignerInfo_value(sis, 0); 293 294 /* Get msgSigDigest value and compare */ 295 296 msig = CMS_signed_get0_data_by_OBJ(si, 297 OBJ_nid2obj(NID_id_smime_aa_msgSigDigest), 298 -3, V_ASN1_OCTET_STRING); 299 300 if (!msig) 301 { 302 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST); 303 goto err; 304 } 305 306 if (!cms_msgSigDigest(osi, dig, &diglen)) 307 { 308 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR); 309 goto err; 310 } 311 312 if (diglen != (unsigned int)msig->length) 313 { 314 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, 315 CMS_R_MSGSIGDIGEST_WRONG_LENGTH); 316 goto err; 317 } 318 319 if (memcmp(dig, msig->data, diglen)) 320 { 321 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, 322 CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE); 323 goto err; 324 } 325 326 /* Compare content types */ 327 328 octype = CMS_signed_get0_data_by_OBJ(osi, 329 OBJ_nid2obj(NID_pkcs9_contentType), 330 -3, V_ASN1_OBJECT); 331 if (!octype) 332 { 333 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE); 334 goto err; 335 } 336 337 /* Compare details in receipt request */ 338 339 if (OBJ_cmp(octype, rct->contentType)) 340 { 341 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH); 342 goto err; 343 } 344 345 /* Get original receipt request details */ 346 347 if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) 348 { 349 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST); 350 goto err; 351 } 352 353 if (ASN1_STRING_cmp(rr->signedContentIdentifier, 354 rct->signedContentIdentifier)) 355 { 356 CMSerr(CMS_F_CMS_RECEIPT_VERIFY, 357 CMS_R_CONTENTIDENTIFIER_MISMATCH); 358 goto err; 359 } 360 361 r = 1; 362 363 err: 364 if (rr) 365 CMS_ReceiptRequest_free(rr); 366 if (rct) 367 M_ASN1_free_of(rct, CMS_Receipt); 368 369 return r; 370 371 } 372 373 /* Encode a Receipt into an OCTET STRING read for including into content of 374 * a SignedData ContentInfo. 375 */ 376 377 ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si) 378 { 379 CMS_Receipt rct; 380 CMS_ReceiptRequest *rr = NULL; 381 ASN1_OBJECT *ctype; 382 ASN1_OCTET_STRING *os = NULL; 383 384 /* Get original receipt request */ 385 386 /* Get original receipt request details */ 387 388 if (CMS_get1_ReceiptRequest(si, &rr) <= 0) 389 { 390 CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST); 391 goto err; 392 } 393 394 /* Get original content type */ 395 396 ctype = CMS_signed_get0_data_by_OBJ(si, 397 OBJ_nid2obj(NID_pkcs9_contentType), 398 -3, V_ASN1_OBJECT); 399 if (!ctype) 400 { 401 CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE); 402 goto err; 403 } 404 405 rct.version = 1; 406 rct.contentType = ctype; 407 rct.signedContentIdentifier = rr->signedContentIdentifier; 408 rct.originatorSignatureValue = si->signature; 409 410 os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL); 411 412 err: 413 if (rr) 414 CMS_ReceiptRequest_free(rr); 415 416 return os; 417 418 } 419 420 421
