Head

GCC Code Coverage Report

Directory:	./		Exec	Total	Coverage
File:	lib/libcrypto/crypto/../../libssl/src/crypto/pkcs7/pk7_smime.c	Lines:	136	269	50.6 %
Date:	2016-12-06	Branches:	106	220	48.2 %


/* $OpenBSD: pk7_smime.c,v 1.20 2015/02/07 14:21:41 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
/* ====================================================================
 * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@OpenSSL.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

/* Simple PKCS#7 processing functions */

#include <stdio.h>

#include <openssl/err.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>

static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);

PKCS7 *
PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data,
    int flags)
{
	PKCS7 *p7;
	int i;

	if (!(p7 = PKCS7_new())) {
		PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
		return NULL;
	}

	if (!PKCS7_set_type(p7, NID_pkcs7_signed))
		goto err;

	if (!PKCS7_content_new(p7, NID_pkcs7_data))
		goto err;

	if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) {
		PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNER_ERROR);
		goto err;
	}

	if (!(flags & PKCS7_NOCERTS)) {
		for (i = 0; i < sk_X509_num(certs); i++) {
			if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i)))
				goto err;
		}
	}

	if (flags & PKCS7_DETACHED)
		PKCS7_set_detached(p7, 1);

	if (flags & (PKCS7_STREAM|PKCS7_PARTIAL))
		return p7;

	if (PKCS7_final(p7, data, flags))
		return p7;

err:
	PKCS7_free(p7);
	return NULL;
}

int
PKCS7_final(PKCS7 *p7, BIO *data, int flags)
{
	BIO *p7bio;
	int ret = 0;

	if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
		PKCS7err(PKCS7_F_PKCS7_FINAL, ERR_R_MALLOC_FAILURE);
		return 0;
	}

	SMIME_crlf_copy(data, p7bio, flags);

	(void)BIO_flush(p7bio);

	if (!PKCS7_dataFinal(p7, p7bio)) {
		PKCS7err(PKCS7_F_PKCS7_FINAL, PKCS7_R_PKCS7_DATASIGN);
		goto err;
	}

	ret = 1;

err:
	BIO_free_all(p7bio);

	return ret;
}

/* Check to see if a cipher exists and if so add S/MIME capabilities */

static int
add_cipher_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
{
	if (EVP_get_cipherbynid(nid))
		return PKCS7_simple_smimecap(sk, nid, arg);
	return 1;
}

static int
add_digest_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
{
	if (EVP_get_digestbynid(nid))
		return PKCS7_simple_smimecap(sk, nid, arg);
	return 1;
}

PKCS7_SIGNER_INFO *
PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey,
    const EVP_MD *md, int flags)
{
	PKCS7_SIGNER_INFO *si = NULL;
	STACK_OF(X509_ALGOR) *smcap = NULL;

	if (!X509_check_private_key(signcert, pkey)) {
		PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
		    PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
		return NULL;
	}

	if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) {
		PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
		    PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
		return NULL;
	}

	if (!(flags & PKCS7_NOCERTS)) {
		if (!PKCS7_add_certificate(p7, signcert))
			goto err;
	}

	if (!(flags & PKCS7_NOATTR)) {
		if (!PKCS7_add_attrib_content_type(si, NULL))
			goto err;
		/* Add SMIMECapabilities */
		if (!(flags & PKCS7_NOSMIMECAP)) {
			if (!(smcap = sk_X509_ALGOR_new_null())) {
				PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
				    ERR_R_MALLOC_FAILURE);
				goto err;
			}
			if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1) ||
			    !add_digest_smcap(smcap, NID_id_GostR3411_94, -1) ||
			    !add_digest_smcap(smcap, NID_id_tc26_gost3411_2012_256, -1) ||
			    !add_digest_smcap(smcap, NID_id_tc26_gost3411_2012_512, -1) ||
			    !add_cipher_smcap(smcap, NID_id_Gost28147_89, -1) ||
			    !add_cipher_smcap(smcap, NID_aes_192_cbc, -1) ||
			    !add_cipher_smcap(smcap, NID_aes_128_cbc, -1) ||
			    !add_cipher_smcap(smcap, NID_des_ede3_cbc, -1) ||
			    !add_cipher_smcap(smcap, NID_rc2_cbc, 128) ||
			    !add_cipher_smcap(smcap, NID_rc2_cbc, 64) ||
			    !add_cipher_smcap(smcap, NID_des_cbc, -1) ||
			    !add_cipher_smcap(smcap, NID_rc2_cbc, 40) ||
			    !PKCS7_add_attrib_smimecap(si, smcap))
				goto err;
			sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
			smcap = NULL;
		}
		if (flags & PKCS7_REUSE_DIGEST) {
			if (!pkcs7_copy_existing_digest(p7, si))
				goto err;
			if (!(flags & PKCS7_PARTIAL) &&
			    !PKCS7_SIGNER_INFO_sign(si))
				goto err;
		}
	}
	return si;

err:
	if (smcap)
		sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
	return NULL;
}

/* Search for a digest matching SignerInfo digest type and if found
 * copy across.
 */

static int
pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
{
	int i;
	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
	PKCS7_SIGNER_INFO *sitmp;
	ASN1_OCTET_STRING *osdig = NULL;

	sinfos = PKCS7_get_signer_info(p7);
	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
		sitmp = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
		if (si == sitmp)
			break;
		if (sk_X509_ATTRIBUTE_num(sitmp->auth_attr) <= 0)
			continue;
		if (!OBJ_cmp(si->digest_alg->algorithm,
		    sitmp->digest_alg->algorithm)) {
			osdig = PKCS7_digest_from_attributes(sitmp->auth_attr);
			break;
		}

	}

	if (osdig)
		return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length);

	PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST,
	    PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND);
	return 0;
}

int
PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata,
    BIO *out, int flags)
{
	STACK_OF(X509) *signers;
	X509 *signer;
	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
	PKCS7_SIGNER_INFO *si;
	X509_STORE_CTX cert_ctx;
	char buf[4096];
	int i, j = 0, k, ret = 0;
	BIO *p7bio;
	BIO *tmpin, *tmpout;

	if (!p7) {
		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_INVALID_NULL_POINTER);
		return 0;
	}

	if (!PKCS7_type_is_signed(p7)) {
		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_WRONG_CONTENT_TYPE);
		return 0;
	}

	/* Check for no data and no content: no data to verify signature */
	if (PKCS7_get_detached(p7) && !indata) {
		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
		return 0;
	}

	/*
	 * Very old Netscape illegally included empty content with
	 * a detached signature.  Very old users should upgrade.
	 */
	/* Check for data and content: two sets of data */
	if (!PKCS7_get_detached(p7) && indata) {
		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
		return 0;
	}

	sinfos = PKCS7_get_signer_info(p7);

	if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_SIGNATURES_ON_DATA);
		return 0;
	}


	signers = PKCS7_get0_signers(p7, certs, flags);

	if (!signers)
		return 0;

	/* Now verify the certificates */

	if (!(flags & PKCS7_NOVERIFY))
		for (k = 0; k < sk_X509_num(signers); k++) {
			signer = sk_X509_value (signers, k);
			if  (!(flags & PKCS7_NOCHAIN)) {
				if (!X509_STORE_CTX_init(&cert_ctx, store,
				    signer, p7->d.sign->cert)) {
					PKCS7err(PKCS7_F_PKCS7_VERIFY,
					    ERR_R_X509_LIB);
					sk_X509_free(signers);
					return 0;
				}
				X509_STORE_CTX_set_default(&cert_ctx,
				    "smime_sign");
			} else if (!X509_STORE_CTX_init(&cert_ctx, store,
			    signer, NULL)) {
				PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
				sk_X509_free(signers);
				return 0;
			}
			if (!(flags & PKCS7_NOCRL))
				X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl);
			i = X509_verify_cert(&cert_ctx);
			if (i <= 0)
				j = X509_STORE_CTX_get_error(&cert_ctx);
			X509_STORE_CTX_cleanup(&cert_ctx);
			if (i <= 0) {
				PKCS7err(PKCS7_F_PKCS7_VERIFY,
				    PKCS7_R_CERTIFICATE_VERIFY_ERROR);
				ERR_asprintf_error_data("Verify error:%s",
				    X509_verify_cert_error_string(j));
				sk_X509_free(signers);
				return 0;
			}
			/* Check for revocation status here */
		}

	/*
	 * Performance optimization: if the content is a memory BIO then
	 * store its contents in a temporary read only memory BIO. This
	 * avoids potentially large numbers of slow copies of data which will
	 * occur when reading from a read write memory BIO when signatures
	 * are calculated.
	 */
	if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) {
		char *ptr;
		long len;

		len = BIO_get_mem_data(indata, &ptr);
		tmpin = BIO_new_mem_buf(ptr, len);
		if (tmpin == NULL) {
			PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
			return 0;
		}
	} else
		tmpin = indata;


	if (!(p7bio = PKCS7_dataInit(p7, tmpin)))
		goto err;

	if (flags & PKCS7_TEXT) {
		if (!(tmpout = BIO_new(BIO_s_mem()))) {
			PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
			goto err;
		}
		BIO_set_mem_eof_return(tmpout, 0);
	} else
		tmpout = out;

	/* We now have to 'read' from p7bio to calculate digests etc. */
	for (;;) {
		i = BIO_read(p7bio, buf, sizeof(buf));
		if (i <= 0)
			break;
		if (tmpout)
			BIO_write(tmpout, buf, i);
	}

	if (flags & PKCS7_TEXT) {
		if (!SMIME_text(tmpout, out)) {
			PKCS7err(PKCS7_F_PKCS7_VERIFY,
			    PKCS7_R_SMIME_TEXT_ERROR);
			BIO_free(tmpout);
			goto err;
		}
		BIO_free(tmpout);
	}

	/* Now Verify All Signatures */
	if (!(flags & PKCS7_NOSIGS))
		for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
			si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
			signer = sk_X509_value (signers, i);
			j = PKCS7_signatureVerify(p7bio, p7, si, signer);
			if (j <= 0) {
				PKCS7err(PKCS7_F_PKCS7_VERIFY,
				    PKCS7_R_SIGNATURE_FAILURE);
				goto err;
			}
		}

	ret = 1;

err:
	if (tmpin == indata) {
		if (indata)
			BIO_pop(p7bio);
	}
	BIO_free_all(p7bio);
	sk_X509_free(signers);

	return ret;
}

STACK_OF(X509) *
PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
{
	STACK_OF(X509) *signers;
	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
	PKCS7_SIGNER_INFO *si;
	PKCS7_ISSUER_AND_SERIAL *ias;
	X509 *signer;
	int i;

	if (!p7) {
		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
		    PKCS7_R_INVALID_NULL_POINTER);
		return NULL;
	}

	if (!PKCS7_type_is_signed(p7)) {
		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
		    PKCS7_R_WRONG_CONTENT_TYPE);
		return NULL;
	}

	/* Collect all the signers together */
	sinfos = PKCS7_get_signer_info(p7);
	if (sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_NO_SIGNERS);
		return 0;
	}

	if (!(signers = sk_X509_new_null())) {
		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, ERR_R_MALLOC_FAILURE);
		return NULL;
	}

	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
		si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
		ias = si->issuer_and_serial;
		signer = NULL;
		/* If any certificates passed they take priority */
		if (certs)
			signer = X509_find_by_issuer_and_serial (certs,
			    ias->issuer, ias->serial);
		if (!signer && !(flags & PKCS7_NOINTERN) && p7->d.sign->cert)
			signer =
			    X509_find_by_issuer_and_serial(p7->d.sign->cert,
			      ias->issuer, ias->serial);
		if (!signer) {
			PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
			    PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
			sk_X509_free(signers);
			return 0;
		}

		if (!sk_X509_push(signers, signer)) {
			sk_X509_free(signers);
			return NULL;
		}
	}
	return signers;
}

/* Build a complete PKCS#7 enveloped data */

PKCS7 *
PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
    int flags)
{
	PKCS7 *p7;
	BIO *p7bio = NULL;
	int i;
	X509 *x509;

	if (!(p7 = PKCS7_new())) {
		PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE);
		return NULL;
	}

	if (!PKCS7_set_type(p7, NID_pkcs7_enveloped))
		goto err;
	if (!PKCS7_set_cipher(p7, cipher)) {
		PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_SETTING_CIPHER);
		goto err;
	}

	for (i = 0; i < sk_X509_num(certs); i++) {
		x509 = sk_X509_value(certs, i);
		if (!PKCS7_add_recipient(p7, x509)) {
			PKCS7err(PKCS7_F_PKCS7_ENCRYPT,
			    PKCS7_R_ERROR_ADDING_RECIPIENT);
			goto err;
		}
	}

	if (flags & PKCS7_STREAM)
		return p7;

	if (PKCS7_final(p7, in, flags))
		return p7;

err:
	BIO_free_all(p7bio);
	PKCS7_free(p7);
	return NULL;
}

int
PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
{
	BIO *tmpmem;
	int ret, i;
	char buf[4096];

	if (!p7) {
		PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_INVALID_NULL_POINTER);
		return 0;
	}

	if (!PKCS7_type_is_enveloped(p7)) {
		PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_WRONG_CONTENT_TYPE);
		return 0;
	}

	if (cert && !X509_check_private_key(cert, pkey)) {
		PKCS7err(PKCS7_F_PKCS7_DECRYPT,
		    PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
		return 0;
	}

	if (!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
		PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
		return 0;
	}

	if (flags & PKCS7_TEXT) {
		BIO *tmpbuf;

		/* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
		if (!(tmpbuf = BIO_new(BIO_f_buffer()))) {
			PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
			BIO_free_all(tmpmem);
			return 0;
		}
		BIO_push(tmpbuf, tmpmem);
		ret = SMIME_text(tmpbuf, data);
		if (ret > 0 && BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) {
			if (!BIO_get_cipher_status(tmpmem))
				ret = 0;
		}
		BIO_free_all(tmpbuf);
		return ret;
	} else {
		for (;;) {
			i = BIO_read(tmpmem, buf, sizeof(buf));
			if (i <= 0) {
				ret = 1;
				if (BIO_method_type(tmpmem) ==
				    BIO_TYPE_CIPHER) {
					if (!BIO_get_cipher_status(tmpmem))
						ret = 0;
				}
				break;
			}
			if (BIO_write(data, buf, i) != i) {
				ret = 0;
				break;
			}
		}
		BIO_free_all(tmpmem);
		return ret;
	}
}


Generated by: GCOVR (Version 3.3)

Line	Branch	Exec	Source
1			/* $OpenBSD: pk7_smime.c,v 1.20 2015/02/07 14:21:41 doug Exp $ */
2			/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3			* project.
4			*/
5			/* ====================================================================
6			* Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
7			*
8			* Redistribution and use in source and binary forms, with or without
9			* modification, are permitted provided that the following conditions
10			* are met:
11			*
12			* 1. Redistributions of source code must retain the above copyright
13			* notice, this list of conditions and the following disclaimer.
14			*
15			* 2. Redistributions in binary form must reproduce the above copyright
16			* notice, this list of conditions and the following disclaimer in
17			* the documentation and/or other materials provided with the
18			* distribution.
19			*
20			* 3. All advertising materials mentioning features or use of this
21			* software must display the following acknowledgment:
22			* "This product includes software developed by the OpenSSL Project
23			* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24			*
25			* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26			* endorse or promote products derived from this software without
27			* prior written permission. For written permission, please contact
28			* licensing@OpenSSL.org.
29			*
30			* 5. Products derived from this software may not be called "OpenSSL"
31			* nor may "OpenSSL" appear in their names without prior written
32			* permission of the OpenSSL Project.
33			*
34			* 6. Redistributions of any form whatsoever must retain the following
35			* acknowledgment:
36			* "This product includes software developed by the OpenSSL Project
37			* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38			*
39			* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40			* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41			* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42			* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43			* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44			* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45			* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46			* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47			* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48			* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49			* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50			* OF THE POSSIBILITY OF SUCH DAMAGE.
51			* ====================================================================
52			*
53			* This product includes cryptographic software written by Eric Young
54			* (eay@cryptsoft.com). This product includes software written by Tim
55			* Hudson (tjh@cryptsoft.com).
56			*
57			*/
58
59			/* Simple PKCS#7 processing functions */
60
61			#include <stdio.h>
62
63			#include <openssl/err.h>
64			#include <openssl/x509.h>
65			#include <openssl/x509v3.h>
66
67			static int pkcs7_copy_existing_digest(PKCS7 p7, PKCS7_SIGNER_INFO si);
68
69			PKCS7 *
70			PKCS7_sign(X509 signcert, EVP_PKEY pkey, STACK_OF(X509) certs, BIO data,
71			int flags)
72		2	{
73			PKCS7 *p7;
74			int i;
75
76	✗✓	2	if (!(p7 = PKCS7_new())) {
77			PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
78			return NULL;
79			}
80
81	✓✗	2	if (!PKCS7_set_type(p7, NID_pkcs7_signed))
82			goto err;
83
84	✗✓	2	if (!PKCS7_content_new(p7, NID_pkcs7_data))
85			goto err;
86
87	✓✓✗✓	2	if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) {
88			PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNER_ERROR);
89			goto err;
90			}
91
92	✓✗	2	if (!(flags & PKCS7_NOCERTS)) {
93	✓✓	3	for (i = 0; i < sk_X509_num(certs); i++) {
94	✗✓	1	if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i)))
95			goto err;
96			}
97			}
98
99	✓✓	2	if (flags & PKCS7_DETACHED)
100		1	PKCS7_set_detached(p7, 1);
101
102	✓✓	2	if (flags & (PKCS7_STREAM\|PKCS7_PARTIAL))
103		1	return p7;
104
105	✓✗	1	if (PKCS7_final(p7, data, flags))
106		1	return p7;
107
108			err:
109			PKCS7_free(p7);
110			return NULL;
111			}
112
113			int
114			PKCS7_final(PKCS7 p7, BIO data, int flags)
115		3	{
116			BIO *p7bio;
117		3	int ret = 0;
118
119	✗✓	3	if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
120			PKCS7err(PKCS7_F_PKCS7_FINAL, ERR_R_MALLOC_FAILURE);
121			return 0;
122			}
123
124		3	SMIME_crlf_copy(data, p7bio, flags);
125
126		3	(void)BIO_flush(p7bio);
127
128	✗✓	3	if (!PKCS7_dataFinal(p7, p7bio)) {
129			PKCS7err(PKCS7_F_PKCS7_FINAL, PKCS7_R_PKCS7_DATASIGN);
130			goto err;
131			}
132
133		3	ret = 1;
134
135		3	err:
136		3	BIO_free_all(p7bio);
137
138		3	return ret;
139			}
140
141			/* Check to see if a cipher exists and if so add S/MIME capabilities */
142
143			static int
144			add_cipher_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
145		18	{
146	✓✗	18	if (EVP_get_cipherbynid(nid))
147		18	return PKCS7_simple_smimecap(sk, nid, arg);
148			return 1;
149			}
150
151			static int
152			add_digest_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
153		6	{
154	✓✗	6	if (EVP_get_digestbynid(nid))
155		6	return PKCS7_simple_smimecap(sk, nid, arg);
156			return 1;
157			}
158
159			PKCS7_SIGNER_INFO *
160			PKCS7_sign_add_signer(PKCS7 p7, X509 signcert, EVP_PKEY *pkey,
161			const EVP_MD *md, int flags)
162		2	{
163		2	PKCS7_SIGNER_INFO *si = NULL;
164		2	STACK_OF(X509_ALGOR) *smcap = NULL;
165
166	✗✓	2	if (!X509_check_private_key(signcert, pkey)) {
167			PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
168			PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
169			return NULL;
170			}
171
172	✗✓	2	if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) {
173			PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
174			PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
175			return NULL;
176			}
177
178	✓✗	2	if (!(flags & PKCS7_NOCERTS)) {
179	✓✗	2	if (!PKCS7_add_certificate(p7, signcert))
180			goto err;
181			}
182
183	✓✗	2	if (!(flags & PKCS7_NOATTR)) {
184	✗✓	2	if (!PKCS7_add_attrib_content_type(si, NULL))
185			goto err;
186			/* Add SMIMECapabilities */
187	✓✗	2	if (!(flags & PKCS7_NOSMIMECAP)) {
188	✗✓	2	if (!(smcap = sk_X509_ALGOR_new_null())) {
189			PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
190			ERR_R_MALLOC_FAILURE);
191			goto err;
192			}
193	✓✗✓✗ ✓✗✓✗ ✓✗✓✗ ✓✗✓✗ ✓✗✓✗ ✓✗✓✗ ✓✗	2	if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1) \|\|
194			!add_digest_smcap(smcap, NID_id_GostR3411_94, -1) \|\|
195			!add_digest_smcap(smcap, NID_id_tc26_gost3411_2012_256, -1) \|\|
196			!add_digest_smcap(smcap, NID_id_tc26_gost3411_2012_512, -1) \|\|
197			!add_cipher_smcap(smcap, NID_id_Gost28147_89, -1) \|\|
198			!add_cipher_smcap(smcap, NID_aes_192_cbc, -1) \|\|
199			!add_cipher_smcap(smcap, NID_aes_128_cbc, -1) \|\|
200			!add_cipher_smcap(smcap, NID_des_ede3_cbc, -1) \|\|
201			!add_cipher_smcap(smcap, NID_rc2_cbc, 128) \|\|
202			!add_cipher_smcap(smcap, NID_rc2_cbc, 64) \|\|
203			!add_cipher_smcap(smcap, NID_des_cbc, -1) \|\|
204			!add_cipher_smcap(smcap, NID_rc2_cbc, 40) \|\|
205			!PKCS7_add_attrib_smimecap(si, smcap))
206			goto err;
207		2	sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
208		2	smcap = NULL;
209			}
210	✗✓	2	if (flags & PKCS7_REUSE_DIGEST) {
211			if (!pkcs7_copy_existing_digest(p7, si))
212			goto err;
213			if (!(flags & PKCS7_PARTIAL) &&
214			!PKCS7_SIGNER_INFO_sign(si))
215			goto err;
216			}
217			}
218		2	return si;
219
220			err:
221			if (smcap)
222			sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
223			return NULL;
224			}
225
226			/* Search for a digest matching SignerInfo digest type and if found
227			* copy across.
228			*/
229
230			static int
231			pkcs7_copy_existing_digest(PKCS7 p7, PKCS7_SIGNER_INFO si)
232			{
233			int i;
234			STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
235			PKCS7_SIGNER_INFO *sitmp;
236			ASN1_OCTET_STRING *osdig = NULL;
237
238			sinfos = PKCS7_get_signer_info(p7);
239			for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
240			sitmp = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
241			if (si == sitmp)
242			break;
243			if (sk_X509_ATTRIBUTE_num(sitmp->auth_attr) <= 0)
244			continue;
245			if (!OBJ_cmp(si->digest_alg->algorithm,
246			sitmp->digest_alg->algorithm)) {
247			osdig = PKCS7_digest_from_attributes(sitmp->auth_attr);
248			break;
249			}
250
251			}
252
253			if (osdig)
254			return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length);
255
256			PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST,
257			PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND);
258			return 0;
259			}
260
261			int
262			PKCS7_verify(PKCS7 p7, STACK_OF(X509) certs, X509_STORE store, BIO indata,
263			BIO *out, int flags)
264		2	{
265			STACK_OF(X509) *signers;
266			X509 *signer;
267			STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
268			PKCS7_SIGNER_INFO *si;
269			X509_STORE_CTX cert_ctx;
270			char buf[4096];
271		2	int i, j = 0, k, ret = 0;
272			BIO *p7bio;
273			BIO tmpin, tmpout;
274
275	✗✓	2	if (!p7) {
276			PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_INVALID_NULL_POINTER);
277			return 0;
278			}
279
280	✗✓	2	if (!PKCS7_type_is_signed(p7)) {
281			PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_WRONG_CONTENT_TYPE);
282			return 0;
283			}
284
285			/* Check for no data and no content: no data to verify signature */
286	✓✓✗✓	2	if (PKCS7_get_detached(p7) && !indata) {
287			PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
288			return 0;
289			}
290
291			/*
292			* Very old Netscape illegally included empty content with
293			* a detached signature. Very old users should upgrade.
294			*/
295			/* Check for data and content: two sets of data */
296	✓✓✗✓	2	if (!PKCS7_get_detached(p7) && indata) {
297			PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
298			return 0;
299			}
300
301		2	sinfos = PKCS7_get_signer_info(p7);
302
303	✓✗✗✓	2	if (!sinfos \|\| !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
304			PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_SIGNATURES_ON_DATA);
305			return 0;
306			}
307
308
309		2	signers = PKCS7_get0_signers(p7, certs, flags);
310
311	✗✓	2	if (!signers)
312			return 0;
313
314			/* Now verify the certificates */
315
316	✓✗	2	if (!(flags & PKCS7_NOVERIFY))
317	✓✓	4	for (k = 0; k < sk_X509_num(signers); k++) {
318		2	signer = sk_X509_value (signers, k);
319	✓✗	2	if (!(flags & PKCS7_NOCHAIN)) {
320	✗✓	2	if (!X509_STORE_CTX_init(&cert_ctx, store,
321			signer, p7->d.sign->cert)) {
322			PKCS7err(PKCS7_F_PKCS7_VERIFY,
323			ERR_R_X509_LIB);
324			sk_X509_free(signers);
325			return 0;
326			}
327		2	X509_STORE_CTX_set_default(&cert_ctx,
328			"smime_sign");
329			} else if (!X509_STORE_CTX_init(&cert_ctx, store,
330			signer, NULL)) {
331			PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
332			sk_X509_free(signers);
333			return 0;
334			}
335	✓✗	2	if (!(flags & PKCS7_NOCRL))
336		2	X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl);
337		2	i = X509_verify_cert(&cert_ctx);
338	✗✓	2	if (i <= 0)
339			j = X509_STORE_CTX_get_error(&cert_ctx);
340		2	X509_STORE_CTX_cleanup(&cert_ctx);
341	✗✓	2	if (i <= 0) {
342			PKCS7err(PKCS7_F_PKCS7_VERIFY,
343			PKCS7_R_CERTIFICATE_VERIFY_ERROR);
344			ERR_asprintf_error_data("Verify error:%s",
345			X509_verify_cert_error_string(j));
346			sk_X509_free(signers);
347			return 0;
348			}
349			/* Check for revocation status here */
350			}
351
352			/*
353			* Performance optimization: if the content is a memory BIO then
354			* store its contents in a temporary read only memory BIO. This
355			* avoids potentially large numbers of slow copies of data which will
356			* occur when reading from a read write memory BIO when signatures
357			* are calculated.
358			*/
359	✓✓✓✗	2	if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) {
360			char *ptr;
361			long len;
362
363		1	len = BIO_get_mem_data(indata, &ptr);
364		1	tmpin = BIO_new_mem_buf(ptr, len);
365	✗✓	1	if (tmpin == NULL) {
366			PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
367			return 0;
368			}
369			} else
370		1	tmpin = indata;
371
372
373	✗✓	2	if (!(p7bio = PKCS7_dataInit(p7, tmpin)))
374			goto err;
375
376	✗✓	2	if (flags & PKCS7_TEXT) {
377			if (!(tmpout = BIO_new(BIO_s_mem()))) {
378			PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
379			goto err;
380			}
381			BIO_set_mem_eof_return(tmpout, 0);
382			} else
383		2	tmpout = out;
384
385			/* We now have to 'read' from p7bio to calculate digests etc. */
386			for (;;) {
387		4	i = BIO_read(p7bio, buf, sizeof(buf));
388	✓✓	4	if (i <= 0)
389		2	break;
390	✗✓	2	if (tmpout)
391		2	BIO_write(tmpout, buf, i);
392			}
393
394	✗✓	2	if (flags & PKCS7_TEXT) {
395			if (!SMIME_text(tmpout, out)) {
396			PKCS7err(PKCS7_F_PKCS7_VERIFY,
397			PKCS7_R_SMIME_TEXT_ERROR);
398			BIO_free(tmpout);
399			goto err;
400			}
401			BIO_free(tmpout);
402			}
403
404			/* Now Verify All Signatures */
405	✓✗	2	if (!(flags & PKCS7_NOSIGS))
406	✓✓	4	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
407		2	si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
408		2	signer = sk_X509_value (signers, i);
409		2	j = PKCS7_signatureVerify(p7bio, p7, si, signer);
410	✗✓	2	if (j <= 0) {
411			PKCS7err(PKCS7_F_PKCS7_VERIFY,
412			PKCS7_R_SIGNATURE_FAILURE);
413			goto err;
414			}
415			}
416
417		2	ret = 1;
418
419		2	err:
420	✓✓	2	if (tmpin == indata) {
421	✗✓	1	if (indata)
422			BIO_pop(p7bio);
423			}
424		2	BIO_free_all(p7bio);
425		2	sk_X509_free(signers);
426
427		2	return ret;
428			}
429
430			STACK_OF(X509) *
431			PKCS7_get0_signers(PKCS7 p7, STACK_OF(X509) certs, int flags)
432		2	{
433			STACK_OF(X509) *signers;
434			STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
435			PKCS7_SIGNER_INFO *si;
436			PKCS7_ISSUER_AND_SERIAL *ias;
437			X509 *signer;
438			int i;
439
440	✗✓	2	if (!p7) {
441			PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
442			PKCS7_R_INVALID_NULL_POINTER);
443			return NULL;
444			}
445
446	✗✓	2	if (!PKCS7_type_is_signed(p7)) {
447			PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
448			PKCS7_R_WRONG_CONTENT_TYPE);
449			return NULL;
450			}
451
452			/* Collect all the signers together */
453		2	sinfos = PKCS7_get_signer_info(p7);
454	✗✓	2	if (sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
455			PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_NO_SIGNERS);
456			return 0;
457			}
458
459	✗✓	2	if (!(signers = sk_X509_new_null())) {
460			PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, ERR_R_MALLOC_FAILURE);
461			return NULL;
462			}
463
464	✓✓	4	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
465		2	si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
466		2	ias = si->issuer_and_serial;
467		2	signer = NULL;
468			/* If any certificates passed they take priority */
469	✓✗	2	if (certs)
470		2	signer = X509_find_by_issuer_and_serial (certs,
471			ias->issuer, ias->serial);
472	✗✓✗✗ ✗✗	2	if (!signer && !(flags & PKCS7_NOINTERN) && p7->d.sign->cert)
473			signer =
474			X509_find_by_issuer_and_serial(p7->d.sign->cert,
475			ias->issuer, ias->serial);
476	✗✓	2	if (!signer) {
477			PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
478			PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
479			sk_X509_free(signers);
480			return 0;
481			}
482
483	✗✓	2	if (!sk_X509_push(signers, signer)) {
484			sk_X509_free(signers);
485			return NULL;
486			}
487			}
488		2	return signers;
489			}
490
491			/* Build a complete PKCS#7 enveloped data */
492
493			PKCS7 *
494			PKCS7_encrypt(STACK_OF(X509) certs, BIO in, const EVP_CIPHER *cipher,
495			int flags)
496		1	{
497			PKCS7 *p7;
498		1	BIO *p7bio = NULL;
499			int i;
500			X509 *x509;
501
502	✗✓	1	if (!(p7 = PKCS7_new())) {
503			PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE);
504			return NULL;
505			}
506
507	✓✗	1	if (!PKCS7_set_type(p7, NID_pkcs7_enveloped))
508			goto err;
509	✗✓	1	if (!PKCS7_set_cipher(p7, cipher)) {
510			PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_SETTING_CIPHER);
511			goto err;
512			}
513
514	✓✓	2	for (i = 0; i < sk_X509_num(certs); i++) {
515		1	x509 = sk_X509_value(certs, i);
516	✗✓	1	if (!PKCS7_add_recipient(p7, x509)) {
517			PKCS7err(PKCS7_F_PKCS7_ENCRYPT,
518			PKCS7_R_ERROR_ADDING_RECIPIENT);
519			goto err;
520			}
521			}
522
523	✗✓	1	if (flags & PKCS7_STREAM)
524			return p7;
525
526	✓✗	1	if (PKCS7_final(p7, in, flags))
527		1	return p7;
528
529			err:
530			BIO_free_all(p7bio);
531			PKCS7_free(p7);
532			return NULL;
533			}
534
535			int
536			PKCS7_decrypt(PKCS7 p7, EVP_PKEY pkey, X509 cert, BIO data, int flags)
537		1	{
538			BIO *tmpmem;
539			int ret, i;
540			char buf[4096];
541
542	✗✓	1	if (!p7) {
543			PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_INVALID_NULL_POINTER);
544			return 0;
545			}
546
547	✗✓	1	if (!PKCS7_type_is_enveloped(p7)) {
548			PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_WRONG_CONTENT_TYPE);
549			return 0;
550			}
551
552	✓✗✗✓	1	if (cert && !X509_check_private_key(cert, pkey)) {
553			PKCS7err(PKCS7_F_PKCS7_DECRYPT,
554			PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
555			return 0;
556			}
557
558	✗✓	1	if (!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
559			PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
560			return 0;
561			}
562
563	✗✓	1	if (flags & PKCS7_TEXT) {
564			BIO *tmpbuf;
565
566			/* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
567			if (!(tmpbuf = BIO_new(BIO_f_buffer()))) {
568			PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
569			BIO_free_all(tmpmem);
570			return 0;
571			}
572			BIO_push(tmpbuf, tmpmem);
573			ret = SMIME_text(tmpbuf, data);
574			if (ret > 0 && BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) {
575			if (!BIO_get_cipher_status(tmpmem))
576			ret = 0;
577			}
578			BIO_free_all(tmpbuf);
579			return ret;
580			} else {
581			for (;;) {
582		2	i = BIO_read(tmpmem, buf, sizeof(buf));
583	✓✓	2	if (i <= 0) {
584		1	ret = 1;
585	✓✗	1	if (BIO_method_type(tmpmem) ==
586			BIO_TYPE_CIPHER) {
587	✗✓	1	if (!BIO_get_cipher_status(tmpmem))
588			ret = 0;
589			}
590			break;
591			}
592	✓✗	1	if (BIO_write(data, buf, i) != i) {
593			ret = 0;
594			break;
595			}
596			}
597		1	BIO_free_all(tmpmem);
598		1	return ret;
599			}
600			}