1 /* Copyright (c) 2014, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15 #include <openssl/pkcs7.h>
16
17 #include <openssl/bytestring.h>
18 #include <openssl/err.h>
19 #include <openssl/mem.h>
20 #include <openssl/pool.h>
21 #include <openssl/stack.h>
22
23 #include "internal.h"
24 #include "../bytestring/internal.h"
25
26
27 // 1.2.840.113549.1.7.1
28 static const uint8_t kPKCS7Data[] = {0x2a, 0x86, 0x48, 0x86, 0xf7,
29 0x0d, 0x01, 0x07, 0x01};
30
31 // 1.2.840.113549.1.7.2
32 static const uint8_t kPKCS7SignedData[] = {0x2a, 0x86, 0x48, 0x86, 0xf7,
33 0x0d, 0x01, 0x07, 0x02};
34
35 // pkcs7_parse_header reads the non-certificate/non-CRL prefix of a PKCS#7
36 // SignedData blob from |cbs| and sets |*out| to point to the rest of the
37 // input. If the input is in BER format, then |*der_bytes| will be set to a
38 // pointer that needs to be freed by the caller once they have finished
39 // processing |*out| (which will be pointing into |*der_bytes|).
40 //
41 // It returns one on success or zero on error. On error, |*der_bytes| is
42 // NULL.
pkcs7_parse_header(uint8_t ** der_bytes,CBS * out,CBS * cbs)43 int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs) {
44 CBS in, content_info, content_type, wrapped_signed_data, signed_data;
45 uint64_t version;
46
47 // The input may be in BER format.
48 *der_bytes = NULL;
49 if (!CBS_asn1_ber_to_der(cbs, &in, der_bytes) ||
50 // See https://tools.ietf.org/html/rfc2315#section-7
51 !CBS_get_asn1(&in, &content_info, CBS_ASN1_SEQUENCE) ||
52 !CBS_get_asn1(&content_info, &content_type, CBS_ASN1_OBJECT)) {
53 goto err;
54 }
55
56 if (!CBS_mem_equal(&content_type, kPKCS7SignedData,
57 sizeof(kPKCS7SignedData))) {
58 OPENSSL_PUT_ERROR(PKCS7, PKCS7_R_NOT_PKCS7_SIGNED_DATA);
59 goto err;
60 }
61
62 // See https://tools.ietf.org/html/rfc2315#section-9.1
63 if (!CBS_get_asn1(&content_info, &wrapped_signed_data,
64 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) ||
65 !CBS_get_asn1(&wrapped_signed_data, &signed_data, CBS_ASN1_SEQUENCE) ||
66 !CBS_get_asn1_uint64(&signed_data, &version) ||
67 !CBS_get_asn1(&signed_data, NULL /* digests */, CBS_ASN1_SET) ||
68 !CBS_get_asn1(&signed_data, NULL /* content */, CBS_ASN1_SEQUENCE)) {
69 goto err;
70 }
71
72 if (version < 1) {
73 OPENSSL_PUT_ERROR(PKCS7, PKCS7_R_BAD_PKCS7_VERSION);
74 goto err;
75 }
76
77 CBS_init(out, CBS_data(&signed_data), CBS_len(&signed_data));
78 return 1;
79
80 err:
81 OPENSSL_free(*der_bytes);
82 *der_bytes = NULL;
83 return 0;
84 }
85
PKCS7_get_raw_certificates(STACK_OF (CRYPTO_BUFFER)* out_certs,CBS * cbs,CRYPTO_BUFFER_POOL * pool)86 int PKCS7_get_raw_certificates(STACK_OF(CRYPTO_BUFFER) *out_certs, CBS *cbs,
87 CRYPTO_BUFFER_POOL *pool) {
88 CBS signed_data, certificates;
89 uint8_t *der_bytes = NULL;
90 int ret = 0, has_certificates;
91 const size_t initial_certs_len = sk_CRYPTO_BUFFER_num(out_certs);
92
93 // See https://tools.ietf.org/html/rfc2315#section-9.1
94 if (!pkcs7_parse_header(&der_bytes, &signed_data, cbs) ||
95 !CBS_get_optional_asn1(
96 &signed_data, &certificates, &has_certificates,
97 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) {
98 goto err;
99 }
100
101 if (!has_certificates) {
102 CBS_init(&certificates, NULL, 0);
103 }
104
105 while (CBS_len(&certificates) > 0) {
106 CBS cert;
107 if (!CBS_get_asn1_element(&certificates, &cert, CBS_ASN1_SEQUENCE)) {
108 goto err;
109 }
110
111 CRYPTO_BUFFER *buf = CRYPTO_BUFFER_new_from_CBS(&cert, pool);
112 if (buf == NULL ||
113 !sk_CRYPTO_BUFFER_push(out_certs, buf)) {
114 CRYPTO_BUFFER_free(buf);
115 goto err;
116 }
117 }
118
119 ret = 1;
120
121 err:
122 OPENSSL_free(der_bytes);
123
124 if (!ret) {
125 while (sk_CRYPTO_BUFFER_num(out_certs) != initial_certs_len) {
126 CRYPTO_BUFFER *buf = sk_CRYPTO_BUFFER_pop(out_certs);
127 CRYPTO_BUFFER_free(buf);
128 }
129 }
130
131 return ret;
132 }
133
pkcs7_bundle_raw_certificates_cb(CBB * out,const void * arg)134 static int pkcs7_bundle_raw_certificates_cb(CBB *out, const void *arg) {
135 const STACK_OF(CRYPTO_BUFFER) *certs = arg;
136 CBB certificates;
137
138 // See https://tools.ietf.org/html/rfc2315#section-9.1
139 if (!CBB_add_asn1(out, &certificates,
140 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) {
141 return 0;
142 }
143
144 for (size_t i = 0; i < sk_CRYPTO_BUFFER_num(certs); i++) {
145 CRYPTO_BUFFER *cert = sk_CRYPTO_BUFFER_value(certs, i);
146 if (!CBB_add_bytes(&certificates, CRYPTO_BUFFER_data(cert),
147 CRYPTO_BUFFER_len(cert))) {
148 return 0;
149 }
150 }
151
152 // |certificates| is a implicitly-tagged SET OF.
153 return CBB_flush_asn1_set_of(&certificates) && CBB_flush(out);
154 }
155
PKCS7_bundle_raw_certificates(CBB * out,const STACK_OF (CRYPTO_BUFFER)* certs)156 int PKCS7_bundle_raw_certificates(CBB *out,
157 const STACK_OF(CRYPTO_BUFFER) *certs) {
158 return pkcs7_add_signed_data(out, /*digest_algos_cb=*/NULL,
159 pkcs7_bundle_raw_certificates_cb,
160 /*signer_infos_cb=*/NULL, certs);
161 }
162
pkcs7_add_signed_data(CBB * out,int (* digest_algos_cb)(CBB * out,const void * arg),int (* cert_crl_cb)(CBB * out,const void * arg),int (* signer_infos_cb)(CBB * out,const void * arg),const void * arg)163 int pkcs7_add_signed_data(CBB *out,
164 int (*digest_algos_cb)(CBB *out, const void *arg),
165 int (*cert_crl_cb)(CBB *out, const void *arg),
166 int (*signer_infos_cb)(CBB *out, const void *arg),
167 const void *arg) {
168 CBB outer_seq, oid, wrapped_seq, seq, version_bytes, digest_algos_set,
169 content_info, signer_infos;
170
171 // See https://tools.ietf.org/html/rfc2315#section-7
172 if (!CBB_add_asn1(out, &outer_seq, CBS_ASN1_SEQUENCE) ||
173 !CBB_add_asn1(&outer_seq, &oid, CBS_ASN1_OBJECT) ||
174 !CBB_add_bytes(&oid, kPKCS7SignedData, sizeof(kPKCS7SignedData)) ||
175 !CBB_add_asn1(&outer_seq, &wrapped_seq,
176 CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) ||
177 // See https://tools.ietf.org/html/rfc2315#section-9.1
178 !CBB_add_asn1(&wrapped_seq, &seq, CBS_ASN1_SEQUENCE) ||
179 !CBB_add_asn1(&seq, &version_bytes, CBS_ASN1_INTEGER) ||
180 !CBB_add_u8(&version_bytes, 1) ||
181 !CBB_add_asn1(&seq, &digest_algos_set, CBS_ASN1_SET) ||
182 (digest_algos_cb != NULL && !digest_algos_cb(&digest_algos_set, arg)) ||
183 !CBB_add_asn1(&seq, &content_info, CBS_ASN1_SEQUENCE) ||
184 !CBB_add_asn1(&content_info, &oid, CBS_ASN1_OBJECT) ||
185 !CBB_add_bytes(&oid, kPKCS7Data, sizeof(kPKCS7Data)) ||
186 (cert_crl_cb != NULL && !cert_crl_cb(&seq, arg)) ||
187 !CBB_add_asn1(&seq, &signer_infos, CBS_ASN1_SET) ||
188 (signer_infos_cb != NULL && !signer_infos_cb(&signer_infos, arg))) {
189 return 0;
190 }
191
192 return CBB_flush(out);
193 }
194