/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/*
* PKCS7 creation.
*/
#include "p7local.h"
#include "cert.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
#include "pk11func.h"
#include "prtime.h"
#include "secerr.h"
#include "secder.h"
#include "secpkcs5.h"
const int NSS_PBE_DEFAULT_ITERATION_COUNT =
/* used in p12e.c too */
#ifdef DEBUG
10000
#else
600000
#endif
;
static SECStatus
sec_pkcs7_init_content_info(SEC_PKCS7ContentInfo *cinfo, PLArenaPool *poolp,
SECOidTag kind, PRBool detached)
{
void *thing;
int version;
SECItem *versionp;
SECStatus rv;
PORT_Assert(cinfo != NULL && poolp != NULL);
if (cinfo == NULL || poolp == NULL)
return SECFailure;
cinfo->contentTypeTag = SECOID_FindOIDByTag(kind);
PORT_Assert(cinfo->contentTypeTag && cinfo->contentTypeTag->offset == kind);
rv = SECITEM_CopyItem(poolp, &(cinfo->contentType),
&(cinfo->contentTypeTag->oid));
if (rv != SECSuccess)
return rv;
if (detached)
return SECSuccess;
switch (kind) {
default:
case SEC_OID_PKCS7_DATA:
thing = PORT_ArenaZAlloc(poolp,
sizeof(SECItem));
cinfo->content.data = (SECItem *)thing;
versionp = NULL;
version = -1;
break;
case SEC_OID_PKCS7_DIGESTED_DATA:
thing = PORT_ArenaZAlloc(poolp,
sizeof(SEC_PKCS7DigestedData));
cinfo->content.digestedData = (SEC_PKCS7DigestedData *)thing;
versionp = &(cinfo->content.digestedData->version);
version = SEC_PKCS7_DIGESTED_DATA_VERSION;
break;
case SEC_OID_PKCS7_ENCRYPTED_DATA:
thing = PORT_ArenaZAlloc(poolp,
sizeof(SEC_PKCS7EncryptedData));
cinfo->content.encryptedData = (SEC_PKCS7EncryptedData *)thing;
versionp = &(cinfo->content.encryptedData->version);
version = SEC_PKCS7_ENCRYPTED_DATA_VERSION;
break;
case SEC_OID_PKCS7_ENVELOPED_DATA:
thing = PORT_ArenaZAlloc(poolp,
sizeof(SEC_PKCS7EnvelopedData));
cinfo->content.envelopedData =
(SEC_PKCS7EnvelopedData *)thing;
versionp = &(cinfo->content.envelopedData->version);
version = SEC_PKCS7_ENVELOPED_DATA_VERSION;
break;
case SEC_OID_PKCS7_SIGNED_DATA:
thing = PORT_ArenaZAlloc(poolp,
sizeof(SEC_PKCS7SignedData));
cinfo->content.signedData =
(SEC_PKCS7SignedData *)thing;
versionp = &(cinfo->content.signedData->version);
version = SEC_PKCS7_SIGNED_DATA_VERSION;
break;
case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
thing = PORT_ArenaZAlloc(poolp,
sizeof(SEC_PKCS7SignedAndEnvelopedData));
cinfo->content.signedAndEnvelopedData =
(SEC_PKCS7SignedAndEnvelopedData *)thing;
versionp = &(cinfo->content.signedAndEnvelopedData->version);
version = SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION;
break;
}
if (thing == NULL)
return SECFailure;
if (versionp != NULL) {
SECItem *dummy;
PORT_Assert(version >= 0);
dummy = SEC_ASN1EncodeInteger(poolp, versionp, version);
if (dummy == NULL)
return SECFailure;
PORT_Assert(dummy == versionp);
}
return SECSuccess;
}
static SEC_PKCS7ContentInfo *
sec_pkcs7_create_content_info(SECOidTag kind, PRBool detached,
SECKEYGetPasswordKey pwfn,
void *pwfn_arg)
{
SEC_PKCS7ContentInfo *cinfo;
PLArenaPool *poolp;
SECStatus rv;
poolp = PORT_NewArena(1024);
/* XXX what is right value? */
if (poolp == NULL)
return NULL;
cinfo = (SEC_PKCS7ContentInfo *)PORT_ArenaZAlloc(poolp,
sizeof(*cinfo));
if (cinfo == NULL) {
PORT_FreeArena(poolp, PR_FALSE);
return NULL;
}
cinfo->poolp = poolp;
cinfo->pwfn = pwfn;
cinfo->pwfn_arg = pwfn_arg;
cinfo->created = PR_TRUE;
cinfo->refCount = 1;
rv = sec_pkcs7_init_content_info(cinfo, poolp, kind, detached);
if (rv != SECSuccess) {
PORT_FreeArena(poolp, PR_FALSE);
return NULL;
}
return cinfo;
}
/*
* Add a signer to a PKCS7 thing, verifying the signature cert first.
* Any error returns SECFailure.
*
* XXX Right now this only adds the *first* signer. It fails if you try
* to add a second one -- this needs to be fixed.
*/
static SECStatus
sec_pkcs7_add_signer(SEC_PKCS7ContentInfo *cinfo,
CERTCertificate *cert,
SECCertUsage certusage,
CERTCertDBHandle *certdb,
SECOidTag digestalgtag,
SECItem *digestdata)
{
SEC_PKCS7SignerInfo *signerinfo, **signerinfos, ***signerinfosp;
SECAlgorithmID *digestalg, **digestalgs, ***digestalgsp;
SECItem *digest, **digests, ***digestsp;
SECItem *dummy;
void *mark;
SECStatus rv;
SECOidTag kind;
kind = SEC_PKCS7ContentType(cinfo);
switch (kind) {
case SEC_OID_PKCS7_SIGNED_DATA: {
SEC_PKCS7SignedData *sdp;
sdp = cinfo->content.signedData;
digestalgsp = &(sdp->digestAlgorithms);
digestsp = &(sdp->digests);
signerinfosp = &(sdp->signerInfos);
}
break;
case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
SEC_PKCS7SignedAndEnvelopedData *saedp;
saedp = cinfo->content.signedAndEnvelopedData;
digestalgsp = &(saedp->digestAlgorithms);
digestsp = &(saedp->digests);
signerinfosp = &(saedp->signerInfos);
}
break;
default:
return SECFailure;
/* XXX set an error? */
}
/*
* XXX I think that CERT_VerifyCert should do this if *it* is passed
* a NULL database.
*/
if (certdb == NULL) {
certdb = CERT_GetDefaultCertDB();
if (certdb == NULL)
return SECFailure;
/* XXX set an error? */
}
if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, PR_Now(),
cinfo->pwfn_arg, NULL) != SECSuccess) {
/* XXX Did CERT_VerifyCert set an error? */
return SECFailure;
}
/*
* XXX This is the check that we do not already have a signer.
* This is not what we really want -- we want to allow this
* and *add* the new signer.
*/
PORT_Assert(*signerinfosp == NULL && *digestalgsp == NULL && *digestsp == NULL);
if (*signerinfosp != NULL || *digestalgsp != NULL || *digestsp != NULL)
return SECFailure;
mark = PORT_ArenaMark(cinfo->poolp);
signerinfo = (SEC_PKCS7SignerInfo *)PORT_ArenaZAlloc(cinfo->poolp,
sizeof(SEC_PKCS7SignerInfo));
if (signerinfo == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
dummy = SEC_ASN1EncodeInteger(cinfo->poolp, &signerinfo->version,
SEC_PKCS7_SIGNER_INFO_VERSION);
if (dummy == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
PORT_Assert(dummy == &signerinfo->version);
signerinfo->cert = CERT_DupCertificate(cert);
if (signerinfo->cert == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
signerinfo->issuerAndSN = CERT_GetCertIssuerAndSN(cinfo->poolp, cert);
if (signerinfo->issuerAndSN == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
rv = SECOID_SetAlgorithmID(cinfo->poolp, &signerinfo->digestAlg,
digestalgtag, NULL);
if (rv != SECSuccess) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
/*
* Okay, now signerinfo is all set. We just need to put it and its
* companions (another copy of the digest algorithm, and the digest
* itself if given) into the main structure.
*
* XXX If we are handling more than one signer, the following code
* needs to look through the digest algorithms already specified
* and see if the same one is there already. If it is, it does not
* need to be added again. Also, if it is there *and* the digest
* is not null, then the digest given should match the digest already
* specified -- if not, that is an error. Finally, the new signerinfo
* should be *added* to the set already found.
*/
signerinfos = (SEC_PKCS7SignerInfo **)PORT_ArenaAlloc(cinfo->poolp,
2 *
sizeof(SEC_PKCS7SignerInfo *));
if (signerinfos == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
signerinfos[0] = signerinfo;
signerinfos[1] = NULL;
digestalg = PORT_ArenaZAlloc(cinfo->poolp,
sizeof(SECAlgorithmID));
digestalgs = PORT_ArenaAlloc(cinfo->poolp, 2 *
sizeof(SECAlgorithmID *));
if (digestalg == NULL || digestalgs == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
rv = SECOID_SetAlgorithmID(cinfo->poolp, digestalg, digestalgtag, NULL);
if (rv != SECSuccess) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
digestalgs[0] = digestalg;
digestalgs[1] = NULL;
if (digestdata != NULL) {
digest = (SECItem *)PORT_ArenaAlloc(cinfo->poolp,
sizeof(SECItem));
digests = (SECItem **)PORT_ArenaAlloc(cinfo->poolp,
2 *
sizeof(SECItem *));
if (digest == NULL || digests == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
rv = SECITEM_CopyItem(cinfo->poolp, digest, digestdata);
if (rv != SECSuccess) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
digests[0] = digest;
digests[1] = NULL;
}
else {
digests = NULL;
}
*signerinfosp = signerinfos;
*digestalgsp = digestalgs;
*digestsp = digests;
PORT_ArenaUnmark(cinfo->poolp, mark);
return SECSuccess;
}
/*
* Helper function for creating an empty signedData.
*/
static SEC_PKCS7ContentInfo *
sec_pkcs7_create_signed_data(SECKEYGetPasswordKey pwfn,
void *pwfn_arg)
{
SEC_PKCS7ContentInfo *cinfo;
SEC_PKCS7SignedData *sigd;
SECStatus rv;
cinfo = sec_pkcs7_create_content_info(SEC_OID_PKCS7_SIGNED_DATA, PR_FALSE,
pwfn, pwfn_arg);
if (cinfo == NULL)
return NULL;
sigd = cinfo->content.signedData;
PORT_Assert(sigd != NULL);
/*
* XXX Might we want to allow content types other than data?
* If so, via what interface?
*/
rv = sec_pkcs7_init_content_info(&(sigd->contentInfo), cinfo->poolp,
SEC_OID_PKCS7_DATA, PR_TRUE);
if (rv != SECSuccess) {
SEC_PKCS7DestroyContentInfo(cinfo);
return NULL;
}
return cinfo;
}
/*
* Start a PKCS7 signing context.
*
* "cert" is the cert that will be used to sign the data. It will be
* checked for validity.
*
* "certusage" describes the signing usage (e.g. certUsageEmailSigner)
* XXX Maybe SECCertUsage should be split so that our caller just says
* "email" and *we* add the "signing" part -- otherwise our caller
* could be lying about the usage; we do not want to allow encryption
* certs for signing or vice versa.
*
* "certdb" is the cert database to use for verifying the cert.
* It can be NULL if a default database is available (like in the client).
*
* "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
*
* "digest" is the actual digest of the data. It must be provided in
* the case of detached data or NULL if the content will be included.
*
* The return value can be passed to functions which add things to
* it like attributes, then eventually to SEC_PKCS7Encode() or to
* SEC_PKCS7EncoderStart() to create the encoded data, and finally to
* SEC_PKCS7DestroyContentInfo().
*
* An error results in a return value of NULL and an error set.
* (Retrieve specific errors via PORT_GetError()/XP_GetError().)
*/
SEC_PKCS7ContentInfo *
SEC_PKCS7CreateSignedData(CERTCertificate *cert,
SECCertUsage certusage,
CERTCertDBHandle *certdb,
SECOidTag digestalg,
SECItem *digest,
SECKEYGetPasswordKey pwfn,
void *pwfn_arg)
{
SEC_PKCS7ContentInfo *cinfo;
SECStatus rv;
cinfo = sec_pkcs7_create_signed_data(pwfn, pwfn_arg);
if (cinfo == NULL)
return NULL;
rv = sec_pkcs7_add_signer(cinfo, cert, certusage, certdb,
digestalg, digest);
if (rv != SECSuccess) {
SEC_PKCS7DestroyContentInfo(cinfo);
return NULL;
}
return cinfo;
}
static SEC_PKCS7Attribute *
sec_pkcs7_create_attribute(PLArenaPool *poolp, SECOidTag oidtag,
SECItem *value, PRBool encoded)
{
SEC_PKCS7Attribute *attr;
SECItem **values;
void *mark;
PORT_Assert(poolp != NULL);
mark = PORT_ArenaMark(poolp);
attr = (SEC_PKCS7Attribute *)PORT_ArenaAlloc(poolp,
sizeof(SEC_PKCS7Attribute));
if (attr == NULL)
goto loser;
attr->typeTag = SECOID_FindOIDByTag(oidtag);
if (attr->typeTag == NULL)
goto loser;
if (SECITEM_CopyItem(poolp, &(attr->type),
&(attr->typeTag->oid)) != SECSuccess)
goto loser;
values = (SECItem **)PORT_ArenaAlloc(poolp, 2 *
sizeof(SECItem *));
if (values == NULL)
goto loser;
if (value != NULL) {
SECItem *copy;
copy = (SECItem *)PORT_ArenaAlloc(poolp,
sizeof(SECItem));
if (copy == NULL)
goto loser;
if (SECITEM_CopyItem(poolp, copy, value) != SECSuccess)
goto loser;
value = copy;
}
values[0] = value;
values[1] = NULL;
attr->values = values;
attr->encoded = encoded;
PORT_ArenaUnmark(poolp, mark);
return attr;
loser:
PORT_Assert(mark != NULL);
PORT_ArenaRelease(poolp, mark);
return NULL;
}
static SECStatus
sec_pkcs7_add_attribute(SEC_PKCS7ContentInfo *cinfo,
SEC_PKCS7Attribute ***attrsp,
SEC_PKCS7Attribute *attr)
{
SEC_PKCS7Attribute **attrs;
SECItem *ct_value;
void *mark;
PORT_Assert(SEC_PKCS7ContentType(cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
if (SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
return SECFailure;
attrs = *attrsp;
if (attrs != NULL) {
int count;
/*
* We already have some attributes, and just need to add this
* new one.
*/
/*
* We should already have the *required* attributes, which were
* created/added at the same time the first attribute was added.
*/
PORT_Assert(sec_PKCS7FindAttribute(attrs,
SEC_OID_PKCS9_CONTENT_TYPE,
PR_FALSE) != NULL);
PORT_Assert(sec_PKCS7FindAttribute(attrs,
SEC_OID_PKCS9_MESSAGE_DIGEST,
PR_FALSE) != NULL);
for (count = 0; attrs[count] != NULL; count++)
;
attrs = (SEC_PKCS7Attribute **)PORT_ArenaGrow(cinfo->poolp, attrs,
(count + 1) *
sizeof(SEC_PKCS7Attribute *),
(count + 2) *
sizeof(SEC_PKCS7Attribute *));
if (attrs == NULL)
return SECFailure;
attrs[count] = attr;
attrs[count + 1] = NULL;
*attrsp = attrs;
return SECSuccess;
}
/*
* This is the first time an attribute is going in.
* We need to create and add the required attributes, and then
* we will also add in the one our caller gave us.
*/
/*
* There are 2 required attributes, plus the one our caller wants
* to add, plus we always end with a NULL one. Thus, four slots.
*/
attrs = (SEC_PKCS7Attribute **)PORT_ArenaAlloc(cinfo->poolp,
4 *
sizeof(SEC_PKCS7Attribute *));
if (attrs == NULL)
return SECFailure;
mark = PORT_ArenaMark(cinfo->poolp);
/*
* First required attribute is the content type of the data
* being signed.
*/
ct_value = &(cinfo->content.signedData->contentInfo.contentType);
attrs[0] = sec_pkcs7_create_attribute(cinfo->poolp,
SEC_OID_PKCS9_CONTENT_TYPE,
ct_value, PR_FALSE);
/*
* Second required attribute is the message digest of the data
* being signed; we leave the value NULL for now (just create
* the place for it to go), and the encoder will fill it in later.
*/
attrs[1] = sec_pkcs7_create_attribute(cinfo->poolp,
SEC_OID_PKCS9_MESSAGE_DIGEST,
NULL, PR_FALSE);
if (attrs[0] == NULL || attrs[1] == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
attrs[2] = attr;
attrs[3] = NULL;
*attrsp = attrs;
PORT_ArenaUnmark(cinfo->poolp, mark);
return SECSuccess;
}
/*
* Add the signing time to the authenticated (i.e. signed) attributes
* of "cinfo". This is expected to be included in outgoing signed
* messages for email (S/MIME) but is likely useful in other situations.
*
* This should only be added once; a second call will either do
* nothing or replace an old signing time with a newer one.
*
* XXX This will probably just shove the current time into "cinfo"
* but it will not actually get signed until the entire item is
* processed for encoding. Is this (expected to be small) delay okay?
*
* "cinfo" should be of type signedData (the only kind of pkcs7 data
* that is allowed authenticated attributes); SECFailure will be returned
* if it is not.
*/
SECStatus
SEC_PKCS7AddSigningTime(SEC_PKCS7ContentInfo *cinfo)
{
SEC_PKCS7SignerInfo **signerinfos;
SEC_PKCS7Attribute *attr;
SECItem stime;
SECStatus rv;
int si;
PORT_Assert(SEC_PKCS7ContentType(cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
if (SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
return SECFailure;
signerinfos = cinfo->content.signedData->signerInfos;
/* There has to be a signer, or it makes no sense. */
if (signerinfos == NULL || signerinfos[0] == NULL)
return SECFailure;
rv = DER_EncodeTimeChoice(NULL, &stime, PR_Now());
if (rv != SECSuccess)
return rv;
attr = sec_pkcs7_create_attribute(cinfo->poolp,
SEC_OID_PKCS9_SIGNING_TIME,
&stime, PR_FALSE);
SECITEM_FreeItem(&stime, PR_FALSE);
if (attr == NULL)
return SECFailure;
rv = SECSuccess;
for (si = 0; signerinfos[si] != NULL; si++) {
SEC_PKCS7Attribute *oattr;
oattr = sec_PKCS7FindAttribute(signerinfos[si]->authAttr,
SEC_OID_PKCS9_SIGNING_TIME, PR_FALSE);
PORT_Assert(oattr == NULL);
if (oattr != NULL)
continue;
/* XXX or would it be better to replace it? */
rv = sec_pkcs7_add_attribute(cinfo, &(signerinfos[si]->authAttr),
attr);
if (rv != SECSuccess)
break;
/* could try to continue, but may as well give up now */
}
return rv;
}
/*
* Add the specified attribute to the authenticated (i.e. signed) attributes
* of "cinfo" -- "oidtag" describes the attribute and "value" is the
* value to be associated with it. NOTE! "value" must already be encoded;
* no interpretation of "oidtag" is done. Also, it is assumed that this
* signedData has only one signer -- if we ever need to add attributes
* when there is more than one signature, we need a way to specify *which*
* signature should get the attribute.
*
* XXX Technically, a signed attribute can have multiple values; if/when
* we ever need to support an attribute which takes multiple values, we
* either need to change this interface or create an AddSignedAttributeValue
* which can be called subsequently, and would then append a value.
*
* "cinfo" should be of type signedData (the only kind of pkcs7 data
* that is allowed authenticated attributes); SECFailure will be returned
* if it is not.
*/
SECStatus
SEC_PKCS7AddSignedAttribute(SEC_PKCS7ContentInfo *cinfo,
SECOidTag oidtag,
SECItem *value)
{
SEC_PKCS7SignerInfo **signerinfos;
SEC_PKCS7Attribute *attr;
PORT_Assert(SEC_PKCS7ContentType(cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
if (SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
return SECFailure;
signerinfos = cinfo->content.signedData->signerInfos;
/*
* No signature or more than one means no deal.
*/
if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL)
return SECFailure;
attr = sec_pkcs7_create_attribute(cinfo->poolp, oidtag, value, PR_TRUE);
if (attr == NULL)
return SECFailure;
return sec_pkcs7_add_attribute(cinfo, &(signerinfos[0]->authAttr), attr);
}
/*
* Mark that the signer certificates and their issuing chain should
* be included in the encoded data. This is expected to be used
* in outgoing signed messages for email (S/MIME).
*
* "certdb" is the cert database to use for finding the chain.
* It can be NULL, meaning use the default database.
*
* "cinfo" should be of type signedData or signedAndEnvelopedData;
* SECFailure will be returned if it is not.
*/
SECStatus
SEC_PKCS7IncludeCertChain(SEC_PKCS7ContentInfo *cinfo,
CERTCertDBHandle *certdb)
{
SECOidTag kind;
SEC_PKCS7SignerInfo *signerinfo, **signerinfos;
kind = SEC_PKCS7ContentType(cinfo);
switch (kind) {
case SEC_OID_PKCS7_SIGNED_DATA:
signerinfos = cinfo->content.signedData->signerInfos;
break;
case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
signerinfos = cinfo->content.signedAndEnvelopedData->signerInfos;
break;
default:
return SECFailure;
/* XXX set an error? */
}
if (signerinfos == NULL)
/* no signer, no certs? */
return SECFailure;
/* XXX set an error? */
if (certdb == NULL) {
certdb = CERT_GetDefaultCertDB();
if (certdb == NULL) {
PORT_SetError(SEC_ERROR_BAD_DATABASE);
return SECFailure;
}
}
/* XXX Should it be an error if we find no signerinfo or no certs? */
while ((signerinfo = *signerinfos++) != NULL) {
if (signerinfo->cert != NULL)
/* get the cert chain. don't send the root to avoid contamination
* of old clients with a new root that they don't trust
*/
signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert,
certUsageEmailSigner,
PR_FALSE);
}
return SECSuccess;
}
/*
* Helper function to add a certificate chain for inclusion in the
* bag of certificates in a signedData.
*/
static SECStatus
sec_pkcs7_add_cert_chain(SEC_PKCS7ContentInfo *cinfo,
CERTCertificate *cert,
CERTCertDBHandle *certdb)
{
SECOidTag kind;
CERTCertificateList *certlist, **certlists, ***certlistsp;
int count;
kind = SEC_PKCS7ContentType(cinfo);
switch (kind) {
case SEC_OID_PKCS7_SIGNED_DATA: {
SEC_PKCS7SignedData *sdp;
sdp = cinfo->content.signedData;
certlistsp = &(sdp->certLists);
}
break;
case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
SEC_PKCS7SignedAndEnvelopedData *saedp;
saedp = cinfo->content.signedAndEnvelopedData;
certlistsp = &(saedp->certLists);
}
break;
default:
return SECFailure;
/* XXX set an error? */
}
if (certdb == NULL) {
certdb = CERT_GetDefaultCertDB();
if (certdb == NULL) {
PORT_SetError(SEC_ERROR_BAD_DATABASE);
return SECFailure;
}
}
certlist = CERT_CertChainFromCert(cert, certUsageEmailSigner, PR_FALSE);
if (certlist == NULL)
return SECFailure;
certlists = *certlistsp;
if (certlists == NULL) {
count = 0;
certlists = (CERTCertificateList **)PORT_ArenaAlloc(cinfo->poolp,
2 *
sizeof(CERTCertificateList *));
}
else {
for (count = 0; certlists[count] != NULL; count++)
;
PORT_Assert(count);
/* should be at least one already */
certlists = (CERTCertificateList **)PORT_ArenaGrow(cinfo->poolp,
certlists,
(count + 1) *
sizeof(CERTCertificateList *),
(count + 2) *
sizeof(CERTCertificateList *));
}
if (certlists == NULL) {
CERT_DestroyCertificateList(certlist);
return SECFailure;
}
certlists[count] = certlist;
certlists[count + 1] = NULL;
*certlistsp = certlists;
return SECSuccess;
}
/*
* Helper function to add a certificate for inclusion in the bag of
* certificates in a signedData.
*/
static SECStatus
sec_pkcs7_add_certificate(SEC_PKCS7ContentInfo *cinfo,
CERTCertificate *cert)
{
SECOidTag kind;
CERTCertificate **certs, ***certsp;
int count;
kind = SEC_PKCS7ContentType(cinfo);
switch (kind) {
case SEC_OID_PKCS7_SIGNED_DATA: {
SEC_PKCS7SignedData *sdp;
sdp = cinfo->content.signedData;
certsp = &(sdp->certs);
}
break;
case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
SEC_PKCS7SignedAndEnvelopedData *saedp;
saedp = cinfo->content.signedAndEnvelopedData;
certsp = &(saedp->certs);
}
break;
default:
return SECFailure;
/* XXX set an error? */
}
cert = CERT_DupCertificate(cert);
if (cert == NULL)
return SECFailure;
certs = *certsp;
if (certs == NULL) {
count = 0;
certs = (CERTCertificate **)PORT_ArenaAlloc(cinfo->poolp,
2 *
sizeof(CERTCertificate *));
}
else {
for (count = 0; certs[count] != NULL; count++)
;
PORT_Assert(count);
/* should be at least one already */
certs = (CERTCertificate **)PORT_ArenaGrow(cinfo->poolp, certs,
(count + 1) *
sizeof(CERTCertificate *),
(count + 2) *
sizeof(CERTCertificate *));
}
if (certs == NULL) {
CERT_DestroyCertificate(cert);
return SECFailure;
}
certs[count] = cert;
certs[count + 1] = NULL;
*certsp = certs;
return SECSuccess;
}
/*
* Create a PKCS7 certs-only container.
*
* "cert" is the (first) cert that will be included.
*
* "include_chain" specifies whether the entire chain for "cert" should
* be included.
*
* "certdb" is the cert database to use for finding the chain.
* It can be NULL in when "include_chain" is false, or when meaning
* use the default database.
*
* More certs and chains can be added via AddCertificate and AddCertChain.
*
* An error results in a return value of NULL and an error set.
* (Retrieve specific errors via PORT_GetError()/XP_GetError().)
*/
SEC_PKCS7ContentInfo *
SEC_PKCS7CreateCertsOnly(CERTCertificate *cert,
PRBool include_chain,
CERTCertDBHandle *certdb)
{
SEC_PKCS7ContentInfo *cinfo;
SECStatus rv;
cinfo = sec_pkcs7_create_signed_data(NULL, NULL);
if (cinfo == NULL)
return NULL;
if (include_chain)
rv = sec_pkcs7_add_cert_chain(cinfo, cert, certdb);
else
rv = sec_pkcs7_add_certificate(cinfo, cert);
if (rv != SECSuccess) {
SEC_PKCS7DestroyContentInfo(cinfo);
return NULL;
}
return cinfo;
}
/*
* Add "cert" and its entire chain to the set of certs included in "cinfo".
*
* "certdb" is the cert database to use for finding the chain.
* It can be NULL, meaning use the default database.
*
* "cinfo" should be of type signedData or signedAndEnvelopedData;
* SECFailure will be returned if it is not.
*/
SECStatus
SEC_PKCS7AddCertChain(SEC_PKCS7ContentInfo *cinfo,
CERTCertificate *cert,
CERTCertDBHandle *certdb)
{
SECOidTag kind;
kind = SEC_PKCS7ContentType(cinfo);
if (kind != SEC_OID_PKCS7_SIGNED_DATA && kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
return SECFailure;
/* XXX set an error? */
return sec_pkcs7_add_cert_chain(cinfo, cert, certdb);
}
/*
* Add "cert" to the set of certs included in "cinfo".
*
* "cinfo" should be of type signedData or signedAndEnvelopedData;
* SECFailure will be returned if it is not.
*/
SECStatus
SEC_PKCS7AddCertificate(SEC_PKCS7ContentInfo *cinfo, CERTCertificate *cert)
{
SECOidTag kind;
kind = SEC_PKCS7ContentType(cinfo);
if (kind != SEC_OID_PKCS7_SIGNED_DATA && kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
return SECFailure;
/* XXX set an error? */
return sec_pkcs7_add_certificate(cinfo, cert);
}
static SECStatus
sec_pkcs7_init_encrypted_content_info(SEC_PKCS7EncryptedContentInfo *enccinfo,
PLArenaPool *poolp,
SECOidTag kind, PRBool detached,
SECOidTag encalg,
int keysize)
{
SECStatus rv;
PORT_Assert(enccinfo != NULL && poolp != NULL);
if (enccinfo == NULL || poolp == NULL)
return SECFailure;
/*
* XXX Some day we may want to allow for other kinds. That needs
* more work and modifications to the creation interface, etc.
* For now, allow but notice callers who pass in other kinds.
* They are responsible for creating the inner type and encoding,
* if it is other than DATA.
*/
PORT_Assert(kind == SEC_OID_PKCS7_DATA);
enccinfo->contentTypeTag = SECOID_FindOIDByTag(kind);
PORT_Assert(enccinfo->contentTypeTag && enccinfo->contentTypeTag->offset == kind);
rv = SECITEM_CopyItem(poolp, &(enccinfo->contentType),
&(enccinfo->contentTypeTag->oid));
if (rv != SECSuccess)
return rv;
/* Save keysize and algorithm for later. */
enccinfo->keysize = keysize;
enccinfo->encalg = encalg;
return SECSuccess;
}
/*
* Add a recipient to a PKCS7 thing, verifying their cert first.
* Any error returns SECFailure.
*/
static SECStatus
sec_pkcs7_add_recipient(SEC_PKCS7ContentInfo *cinfo,
CERTCertificate *cert,
SECCertUsage certusage,
CERTCertDBHandle *certdb)
{
SECOidTag kind;
SEC_PKCS7RecipientInfo *recipientinfo, **recipientinfos, ***recipientinfosp;
SECItem *dummy;
void *mark;
int count;
kind = SEC_PKCS7ContentType(cinfo);
switch (kind) {
case SEC_OID_PKCS7_ENVELOPED_DATA: {
SEC_PKCS7EnvelopedData *edp;
edp = cinfo->content.envelopedData;
recipientinfosp = &(edp->recipientInfos);
}
break;
case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: {
SEC_PKCS7SignedAndEnvelopedData *saedp;
saedp = cinfo->content.signedAndEnvelopedData;
recipientinfosp = &(saedp->recipientInfos);
}
break;
default:
return SECFailure;
/* XXX set an error? */
}
/*
* XXX I think that CERT_VerifyCert should do this if *it* is passed
* a NULL database.
*/
if (certdb == NULL) {
certdb = CERT_GetDefaultCertDB();
if (certdb == NULL)
return SECFailure;
/* XXX set an error? */
}
if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, PR_Now(),
cinfo->pwfn_arg, NULL) != SECSuccess) {
/* XXX Did CERT_VerifyCert set an error? */
return SECFailure;
}
mark = PORT_ArenaMark(cinfo->poolp);
recipientinfo = (SEC_PKCS7RecipientInfo *)PORT_ArenaZAlloc(cinfo->poolp,
sizeof(SEC_PKCS7RecipientInfo));
if (recipientinfo == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
dummy = SEC_ASN1EncodeInteger(cinfo->poolp, &recipientinfo->version,
SEC_PKCS7_RECIPIENT_INFO_VERSION);
if (dummy == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
PORT_Assert(dummy == &recipientinfo->version);
recipientinfo->cert = CERT_DupCertificate(cert);
if (recipientinfo->cert == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
recipientinfo->issuerAndSN = CERT_GetCertIssuerAndSN(cinfo->poolp, cert);
if (recipientinfo->issuerAndSN == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
/*
* Okay, now recipientinfo is all set. We just need to put it into
* the main structure.
*
* If this is the first recipient, allocate a new recipientinfos array;
* otherwise, reallocate the array, making room for the new entry.
*/
recipientinfos = *recipientinfosp;
if (recipientinfos == NULL) {
count = 0;
recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaAlloc(
cinfo->poolp,
2 *
sizeof(SEC_PKCS7RecipientInfo *));
}
else {
for (count = 0; recipientinfos[count] != NULL; count++)
;
PORT_Assert(count);
/* should be at least one already */
recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaGrow(
cinfo->poolp, recipientinfos,
(count + 1) *
sizeof(SEC_PKCS7RecipientInfo *),
(count + 2) *
sizeof(SEC_PKCS7RecipientInfo *));
}
if (recipientinfos == NULL) {
PORT_ArenaRelease(cinfo->poolp, mark);
return SECFailure;
}
recipientinfos[count] = recipientinfo;
recipientinfos[count + 1] = NULL;
*recipientinfosp = recipientinfos;
PORT_ArenaUnmark(cinfo->poolp, mark);
return SECSuccess;
}
/*
* Start a PKCS7 enveloping context.
*
* "cert" is the cert for the recipient. It will be checked for validity.
*
* "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
* XXX Maybe SECCertUsage should be split so that our caller just says
* "email" and *we* add the "recipient" part -- otherwise our caller
* could be lying about the usage; we do not want to allow encryption
* certs for signing or vice versa.
*
* "certdb" is the cert database to use for verifying the cert.
* It can be NULL if a default database is available (like in the client).
*
* "encalg" specifies the bulk encryption algorithm to use (e.g. SEC_OID_RC2).
*
* "keysize" specifies the bulk encryption key size, in bits.
*
* The return value can be passed to functions which add things to
* it like more recipients, then eventually to SEC_PKCS7Encode() or to
* SEC_PKCS7EncoderStart() to create the encoded data, and finally to
* SEC_PKCS7DestroyContentInfo().
*
* An error results in a return value of NULL and an error set.
* (Retrieve specific errors via PORT_GetError()/XP_GetError().)
*/
extern SEC_PKCS7ContentInfo *
SEC_PKCS7CreateEnvelopedData(CERTCertificate *cert,
SECCertUsage certusage,
CERTCertDBHandle *certdb,
SECOidTag encalg,
int keysize,
SECKEYGetPasswordKey pwfn,
void *pwfn_arg)
{
SEC_PKCS7ContentInfo *cinfo;
SEC_PKCS7EnvelopedData *envd;
SECStatus rv;
cinfo = sec_pkcs7_create_content_info(SEC_OID_PKCS7_ENVELOPED_DATA,
PR_FALSE, pwfn, pwfn_arg);
if (cinfo == NULL)
return NULL;
rv = sec_pkcs7_add_recipient(cinfo, cert, certusage, certdb);
if (rv != SECSuccess) {
SEC_PKCS7DestroyContentInfo(cinfo);
return NULL;
}
envd = cinfo->content.envelopedData;
PORT_Assert(envd != NULL);
/*
* XXX Might we want to allow content types other than data?
* If so, via what interface?
*/
rv = sec_pkcs7_init_encrypted_content_info(&(envd->encContentInfo),
cinfo->poolp,
SEC_OID_PKCS7_DATA, PR_FALSE,
encalg, keysize);
if (rv != SECSuccess) {
SEC_PKCS7DestroyContentInfo(cinfo);
return NULL;
}
/* XXX Anything more to do here? */
return cinfo;
}
/*
* Add another recipient to an encrypted message.
*
* "cinfo" should be of type envelopedData or signedAndEnvelopedData;
* SECFailure will be returned if it is not.
*
* "cert" is the cert for the recipient. It will be checked for validity.
*
* "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
* XXX Maybe SECCertUsage should be split so that our caller just says
* "email" and *we* add the "recipient" part -- otherwise our caller
* could be lying about the usage; we do not want to allow encryption
* certs for signing or vice versa.
*
* "certdb" is the cert database to use for verifying the cert.
* It can be NULL if a default database is available (like in the client).
*/
SECStatus
SEC_PKCS7AddRecipient(SEC_PKCS7ContentInfo *cinfo,
CERTCertificate *cert,
SECCertUsage certusage,
CERTCertDBHandle *certdb)
{
return sec_pkcs7_add_recipient(cinfo, cert, certusage, certdb);
}
/*
* Create an empty PKCS7 data content info.
*
* An error results in a return value of NULL and an error set.
* (Retrieve specific errors via PORT_GetError()/XP_GetError().)
*/
SEC_PKCS7ContentInfo *
SEC_PKCS7CreateData(
void)
{
return sec_pkcs7_create_content_info(SEC_OID_PKCS7_DATA, PR_FALSE,
NULL, NULL);
}
/*
* Create an empty PKCS7 encrypted content info.
*
* "algorithm" specifies the bulk encryption algorithm to use.
*
* An error results in a return value of NULL and an error set.
* (Retrieve specific errors via PORT_GetError()/XP_GetError().)
*/
SEC_PKCS7ContentInfo *
SEC_PKCS7CreateEncryptedData(SECOidTag algorithm,
int keysize,
SECKEYGetPasswordKey pwfn,
void *pwfn_arg)
{
SEC_PKCS7ContentInfo *cinfo;
SECAlgorithmID *algid;
SEC_PKCS7EncryptedData *enc_data;
SECStatus rv;
cinfo = sec_pkcs7_create_content_info(SEC_OID_PKCS7_ENCRYPTED_DATA,
PR_FALSE, pwfn, pwfn_arg);
if (cinfo == NULL)
return NULL;
enc_data = cinfo->content.encryptedData;
algid = &(enc_data->encContentInfo.contentEncAlg);
if (!SEC_PKCS5IsAlgorithmPBEAlgTag(algorithm)) {
rv = SECOID_SetAlgorithmID(cinfo->poolp, algid, algorithm, NULL);
}
else {
/* Assume password-based-encryption.
* Note: we can't generate pkcs5v2 from this interface.
* PK11_CreateBPEAlgorithmID generates pkcs5v2 by accepting
* non-PBE oids and assuming that they are pkcs5v2 oids, but
* NSS_CMSEncryptedData_Create accepts non-PBE oids as regular
* CMS encrypted data, so we can't tell SEC_PKCS7CreateEncryptedtedData
* to create pkcs5v2 PBEs */
SECAlgorithmID *pbe_algid;
pbe_algid = PK11_CreatePBEAlgorithmID(algorithm,
NSS_PBE_DEFAULT_ITERATION_COUNT,
NULL);
if (pbe_algid == NULL) {
rv = SECFailure;
}
else {
rv = SECOID_CopyAlgorithmID(cinfo->poolp, algid, pbe_algid);
SECOID_DestroyAlgorithmID(pbe_algid, PR_TRUE);
}
}
if (rv != SECSuccess) {
SEC_PKCS7DestroyContentInfo(cinfo);
return NULL;
}
rv = sec_pkcs7_init_encrypted_content_info(&(enc_data->encContentInfo),
cinfo->poolp,
SEC_OID_PKCS7_DATA, PR_FALSE,
algorithm, keysize);
if (rv != SECSuccess) {
SEC_PKCS7DestroyContentInfo(cinfo);
return NULL;
}
return cinfo;
}
SEC_PKCS7ContentInfo *
SEC_PKCS7CreateEncryptedDataWithPBEV2(SECOidTag pbe_algorithm,
SECOidTag cipher_algorithm,
SECOidTag prf_algorithm,
int keysize,
SECKEYGetPasswordKey pwfn,
void *pwfn_arg)
{
SEC_PKCS7ContentInfo *cinfo;
SECAlgorithmID *algid;
SEC_PKCS7EncryptedData *enc_data;
SECStatus rv;
PORT_Assert(SEC_PKCS5IsAlgorithmPBEAlgTag(pbe_algorithm));
cinfo = sec_pkcs7_create_content_info(SEC_OID_PKCS7_ENCRYPTED_DATA,
PR_FALSE, pwfn, pwfn_arg);
if (cinfo == NULL)
return NULL;
enc_data = cinfo->content.encryptedData;
algid = &(enc_data->encContentInfo.contentEncAlg);
SECAlgorithmID *pbe_algid;
pbe_algid = PK11_CreatePBEV2AlgorithmID(pbe_algorithm,
cipher_algorithm,
prf_algorithm,
keysize,
NSS_PBE_DEFAULT_ITERATION_COUNT,
NULL);
if (pbe_algid == NULL) {
rv = SECFailure;
}
else {
rv = SECOID_CopyAlgorithmID(cinfo->poolp, algid, pbe_algid);
SECOID_DestroyAlgorithmID(pbe_algid, PR_TRUE);
}
if (rv != SECSuccess) {
SEC_PKCS7DestroyContentInfo(cinfo);
return NULL;
}
rv = sec_pkcs7_init_encrypted_content_info(&(enc_data->encContentInfo),
cinfo->poolp,
SEC_OID_PKCS7_DATA, PR_FALSE,
cipher_algorithm, keysize);
if (rv != SECSuccess) {
SEC_PKCS7DestroyContentInfo(cinfo);
return NULL;
}
return cinfo;
}
