2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/objects.h>
13 #include <openssl/x509.h>
14 #include <openssl/pkcs7.h>
15 #include "crypto/asn1.h"
16 #include "crypto/evp.h"
17 #include "crypto/x509.h" /* for sk_X509_add1_cert() */
18 #include "pk7_local.h"
20 long PKCS7_ctrl(PKCS7
*p7
, int cmd
, long larg
, char *parg
)
25 nid
= OBJ_obj2nid(p7
->type
);
28 /* NOTE(emilia): does not support detached digested data. */
29 case PKCS7_OP_SET_DETACHED_SIGNATURE
:
30 if (nid
== NID_pkcs7_signed
) {
31 ret
= p7
->detached
= (int)larg
;
32 if (ret
&& PKCS7_type_is_data(p7
->d
.sign
->contents
)) {
33 ASN1_OCTET_STRING
*os
;
34 os
= p7
->d
.sign
->contents
->d
.data
;
35 ASN1_OCTET_STRING_free(os
);
36 p7
->d
.sign
->contents
->d
.data
= NULL
;
39 ERR_raise(ERR_LIB_PKCS7
,
40 PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE
);
44 case PKCS7_OP_GET_DETACHED_SIGNATURE
:
45 if (nid
== NID_pkcs7_signed
) {
46 if (p7
->d
.sign
== NULL
|| p7
->d
.sign
->contents
->d
.ptr
== NULL
)
53 ERR_raise(ERR_LIB_PKCS7
,
54 PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE
);
60 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_UNKNOWN_OPERATION
);
66 int PKCS7_content_new(PKCS7
*p7
, int type
)
70 if ((ret
= PKCS7_new()) == NULL
)
72 if (!PKCS7_set_type(ret
, type
))
74 if (!PKCS7_set_content(p7
, ret
))
83 int PKCS7_set_content(PKCS7
*p7
, PKCS7
*p7_data
)
87 i
= OBJ_obj2nid(p7
->type
);
89 case NID_pkcs7_signed
:
90 PKCS7_free(p7
->d
.sign
->contents
);
91 p7
->d
.sign
->contents
= p7_data
;
93 case NID_pkcs7_digest
:
94 PKCS7_free(p7
->d
.digest
->contents
);
95 p7
->d
.digest
->contents
= p7_data
;
98 case NID_pkcs7_enveloped
:
99 case NID_pkcs7_signedAndEnveloped
:
100 case NID_pkcs7_encrypted
:
102 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_UNSUPPORTED_CONTENT_TYPE
);
110 int PKCS7_set_type(PKCS7
*p7
, int type
)
115 * PKCS7_content_free(p7);
117 obj
= OBJ_nid2obj(type
); /* will not fail */
120 case NID_pkcs7_signed
:
122 if ((p7
->d
.sign
= PKCS7_SIGNED_new()) == NULL
)
124 if (!ASN1_INTEGER_set(p7
->d
.sign
->version
, 1)) {
125 PKCS7_SIGNED_free(p7
->d
.sign
);
132 if ((p7
->d
.data
= ASN1_OCTET_STRING_new()) == NULL
)
135 case NID_pkcs7_signedAndEnveloped
:
137 if ((p7
->d
.signed_and_enveloped
= PKCS7_SIGN_ENVELOPE_new())
140 if (!ASN1_INTEGER_set(p7
->d
.signed_and_enveloped
->version
, 1))
142 p7
->d
.signed_and_enveloped
->enc_data
->content_type
143 = OBJ_nid2obj(NID_pkcs7_data
);
145 case NID_pkcs7_enveloped
:
147 if ((p7
->d
.enveloped
= PKCS7_ENVELOPE_new())
150 if (!ASN1_INTEGER_set(p7
->d
.enveloped
->version
, 0))
152 p7
->d
.enveloped
->enc_data
->content_type
= OBJ_nid2obj(NID_pkcs7_data
);
154 case NID_pkcs7_encrypted
:
156 if ((p7
->d
.encrypted
= PKCS7_ENCRYPT_new())
159 if (!ASN1_INTEGER_set(p7
->d
.encrypted
->version
, 0))
161 p7
->d
.encrypted
->enc_data
->content_type
= OBJ_nid2obj(NID_pkcs7_data
);
164 case NID_pkcs7_digest
:
166 if ((p7
->d
.digest
= PKCS7_DIGEST_new())
169 if (!ASN1_INTEGER_set(p7
->d
.digest
->version
, 0))
173 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_UNSUPPORTED_CONTENT_TYPE
);
181 int PKCS7_set0_type_other(PKCS7
*p7
, int type
, ASN1_TYPE
*other
)
183 p7
->type
= OBJ_nid2obj(type
);
188 int PKCS7_add_signer(PKCS7
*p7
, PKCS7_SIGNER_INFO
*psi
)
192 STACK_OF(PKCS7_SIGNER_INFO
) *signer_sk
;
193 STACK_OF(X509_ALGOR
) *md_sk
;
195 i
= OBJ_obj2nid(p7
->type
);
197 case NID_pkcs7_signed
:
198 signer_sk
= p7
->d
.sign
->signer_info
;
199 md_sk
= p7
->d
.sign
->md_algs
;
201 case NID_pkcs7_signedAndEnveloped
:
202 signer_sk
= p7
->d
.signed_and_enveloped
->signer_info
;
203 md_sk
= p7
->d
.signed_and_enveloped
->md_algs
;
206 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_WRONG_CONTENT_TYPE
);
210 nid
= OBJ_obj2nid(psi
->digest_alg
->algorithm
);
212 /* If the digest is not currently listed, add it */
214 for (i
= 0; i
< sk_X509_ALGOR_num(md_sk
); i
++) {
215 alg
= sk_X509_ALGOR_value(md_sk
, i
);
216 if (OBJ_obj2nid(alg
->algorithm
) == nid
) {
221 if (!j
) { /* we need to add another algorithm */
222 if ((alg
= X509_ALGOR_new()) == NULL
223 || (alg
->parameter
= ASN1_TYPE_new()) == NULL
) {
224 X509_ALGOR_free(alg
);
225 ERR_raise(ERR_LIB_PKCS7
, ERR_R_MALLOC_FAILURE
);
228 alg
->algorithm
= OBJ_nid2obj(nid
);
229 alg
->parameter
->type
= V_ASN1_NULL
;
230 if (!sk_X509_ALGOR_push(md_sk
, alg
)) {
231 X509_ALGOR_free(alg
);
236 psi
->ctx
= pkcs7_get0_ctx(p7
);
237 if (!sk_PKCS7_SIGNER_INFO_push(signer_sk
, psi
))
242 int PKCS7_add_certificate(PKCS7
*p7
, X509
*x509
)
247 i
= OBJ_obj2nid(p7
->type
);
249 case NID_pkcs7_signed
:
250 sk
= &(p7
->d
.sign
->cert
);
252 case NID_pkcs7_signedAndEnveloped
:
253 sk
= &(p7
->d
.signed_and_enveloped
->cert
);
256 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_WRONG_CONTENT_TYPE
);
260 return X509_add_cert_new(sk
, x509
, X509_ADD_FLAG_UP_REF
);
263 int PKCS7_add_crl(PKCS7
*p7
, X509_CRL
*crl
)
266 STACK_OF(X509_CRL
) **sk
;
268 i
= OBJ_obj2nid(p7
->type
);
270 case NID_pkcs7_signed
:
271 sk
= &(p7
->d
.sign
->crl
);
273 case NID_pkcs7_signedAndEnveloped
:
274 sk
= &(p7
->d
.signed_and_enveloped
->crl
);
277 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_WRONG_CONTENT_TYPE
);
282 *sk
= sk_X509_CRL_new_null();
284 ERR_raise(ERR_LIB_PKCS7
, ERR_R_MALLOC_FAILURE
);
288 X509_CRL_up_ref(crl
);
289 if (!sk_X509_CRL_push(*sk
, crl
)) {
296 static int pkcs7_ecdsa_or_dsa_sign_verify_setup(PKCS7_SIGNER_INFO
*si
,
301 X509_ALGOR
*alg1
, *alg2
;
302 EVP_PKEY
*pkey
= si
->pkey
;
304 PKCS7_SIGNER_INFO_get0_algs(si
, NULL
, &alg1
, &alg2
);
305 if (alg1
== NULL
|| alg1
->algorithm
== NULL
)
307 hnid
= OBJ_obj2nid(alg1
->algorithm
);
308 if (hnid
== NID_undef
)
310 if (!OBJ_find_sigid_by_algs(&snid
, hnid
, EVP_PKEY_id(pkey
)))
312 X509_ALGOR_set0(alg2
, OBJ_nid2obj(snid
), V_ASN1_UNDEF
, 0);
317 static int pkcs7_rsa_sign_verify_setup(PKCS7_SIGNER_INFO
*si
, int verify
)
320 X509_ALGOR
*alg
= NULL
;
322 PKCS7_SIGNER_INFO_get0_algs(si
, NULL
, NULL
, &alg
);
324 X509_ALGOR_set0(alg
, OBJ_nid2obj(NID_rsaEncryption
), V_ASN1_NULL
, 0);
329 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO
*p7i
, X509
*x509
, EVP_PKEY
*pkey
,
334 /* We now need to add another PKCS7_SIGNER_INFO entry */
335 if (!ASN1_INTEGER_set(p7i
->version
, 1))
337 if (!X509_NAME_set(&p7i
->issuer_and_serial
->issuer
,
338 X509_get_issuer_name(x509
)))
342 * because ASN1_INTEGER_set is used to set a 'long' we will do things the
345 ASN1_INTEGER_free(p7i
->issuer_and_serial
->serial
);
346 if (!(p7i
->issuer_and_serial
->serial
=
347 ASN1_INTEGER_dup(X509_get0_serialNumber(x509
))))
350 /* lets keep the pkey around for a while */
351 EVP_PKEY_up_ref(pkey
);
354 /* Set the algorithms */
356 X509_ALGOR_set0(p7i
->digest_alg
, OBJ_nid2obj(EVP_MD_type(dgst
)),
359 if (EVP_PKEY_is_a(pkey
, "EC") || EVP_PKEY_is_a(pkey
, "DSA"))
360 return pkcs7_ecdsa_or_dsa_sign_verify_setup(p7i
, 0);
361 if (EVP_PKEY_is_a(pkey
, "RSA"))
362 return pkcs7_rsa_sign_verify_setup(p7i
, 0);
364 if (pkey
->ameth
!= NULL
&& pkey
->ameth
->pkey_ctrl
!= NULL
) {
365 ret
= pkey
->ameth
->pkey_ctrl(pkey
, ASN1_PKEY_CTRL_PKCS7_SIGN
, 0, p7i
);
369 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_SIGNING_CTRL_FAILURE
);
373 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE
);
378 PKCS7_SIGNER_INFO
*PKCS7_add_signature(PKCS7
*p7
, X509
*x509
, EVP_PKEY
*pkey
,
381 PKCS7_SIGNER_INFO
*si
= NULL
;
385 if (EVP_PKEY_get_default_digest_nid(pkey
, &def_nid
) <= 0)
387 dgst
= EVP_get_digestbynid(def_nid
);
389 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_NO_DEFAULT_DIGEST
);
394 if ((si
= PKCS7_SIGNER_INFO_new()) == NULL
)
396 if (!PKCS7_SIGNER_INFO_set(si
, x509
, pkey
, dgst
))
398 if (!PKCS7_add_signer(p7
, si
))
402 PKCS7_SIGNER_INFO_free(si
);
406 static STACK_OF(X509
) *pkcs7_get_signer_certs(const PKCS7
*p7
)
408 if (PKCS7_type_is_signed(p7
))
409 return p7
->d
.sign
->cert
;
410 if (PKCS7_type_is_signedAndEnveloped(p7
))
411 return p7
->d
.signed_and_enveloped
->cert
;
415 static STACK_OF(PKCS7_RECIP_INFO
) *pkcs7_get_recipient_info(const PKCS7
*p7
)
417 if (PKCS7_type_is_signedAndEnveloped(p7
))
418 return p7
->d
.signed_and_enveloped
->recipientinfo
;
419 if (PKCS7_type_is_enveloped(p7
))
420 return p7
->d
.enveloped
->recipientinfo
;
425 * Set up the library context into any loaded structure that needs it.
426 * i.e loaded X509 objects.
428 void pkcs7_resolve_libctx(PKCS7
*p7
)
431 const PKCS7_CTX
*ctx
= pkcs7_get0_ctx(p7
);
432 OSSL_LIB_CTX
*libctx
= pkcs7_ctx_get0_libctx(ctx
);
433 const char *propq
= pkcs7_ctx_get0_propq(ctx
);
434 STACK_OF(PKCS7_RECIP_INFO
) *rinfos
= pkcs7_get_recipient_info(p7
);
435 STACK_OF(PKCS7_SIGNER_INFO
) *sinfos
= PKCS7_get_signer_info(p7
);
436 STACK_OF(X509
) *certs
= pkcs7_get_signer_certs(p7
);
441 for (i
= 0; i
< sk_X509_num(certs
); i
++)
442 x509_set0_libctx(sk_X509_value(certs
, i
), libctx
, propq
);
444 for (i
= 0; i
< sk_PKCS7_RECIP_INFO_num(rinfos
); i
++) {
445 PKCS7_RECIP_INFO
*ri
= sk_PKCS7_RECIP_INFO_value(rinfos
, i
);
447 x509_set0_libctx(ri
->cert
, libctx
, propq
);
450 for (i
= 0; i
< sk_PKCS7_SIGNER_INFO_num(sinfos
); i
++) {
451 PKCS7_SIGNER_INFO
*si
= sk_PKCS7_SIGNER_INFO_value(sinfos
, i
);
458 const PKCS7_CTX
*pkcs7_get0_ctx(const PKCS7
*p7
)
460 return p7
!= NULL
? &p7
->ctx
: NULL
;
463 OSSL_LIB_CTX
*pkcs7_ctx_get0_libctx(const PKCS7_CTX
*ctx
)
465 return ctx
!= NULL
? ctx
->libctx
: NULL
;
467 const char *pkcs7_ctx_get0_propq(const PKCS7_CTX
*ctx
)
469 return ctx
!= NULL
? ctx
->propq
: NULL
;
472 int PKCS7_set_digest(PKCS7
*p7
, const EVP_MD
*md
)
474 if (PKCS7_type_is_digest(p7
)) {
475 if ((p7
->d
.digest
->md
->parameter
= ASN1_TYPE_new()) == NULL
) {
476 ERR_raise(ERR_LIB_PKCS7
, ERR_R_MALLOC_FAILURE
);
479 p7
->d
.digest
->md
->parameter
->type
= V_ASN1_NULL
;
480 p7
->d
.digest
->md
->algorithm
= OBJ_nid2obj(EVP_MD_nid(md
));
484 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_WRONG_CONTENT_TYPE
);
488 STACK_OF(PKCS7_SIGNER_INFO
) *PKCS7_get_signer_info(PKCS7
*p7
)
490 if (p7
== NULL
|| p7
->d
.ptr
== NULL
)
492 if (PKCS7_type_is_signed(p7
)) {
493 return p7
->d
.sign
->signer_info
;
494 } else if (PKCS7_type_is_signedAndEnveloped(p7
)) {
495 return p7
->d
.signed_and_enveloped
->signer_info
;
500 void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO
*si
, EVP_PKEY
**pk
,
501 X509_ALGOR
**pdig
, X509_ALGOR
**psig
)
506 *pdig
= si
->digest_alg
;
508 *psig
= si
->digest_enc_alg
;
511 void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO
*ri
, X509_ALGOR
**penc
)
514 *penc
= ri
->key_enc_algor
;
517 PKCS7_RECIP_INFO
*PKCS7_add_recipient(PKCS7
*p7
, X509
*x509
)
519 PKCS7_RECIP_INFO
*ri
;
521 if ((ri
= PKCS7_RECIP_INFO_new()) == NULL
)
523 if (!PKCS7_RECIP_INFO_set(ri
, x509
))
525 if (!PKCS7_add_recipient_info(p7
, ri
))
527 ri
->ctx
= pkcs7_get0_ctx(p7
);
530 PKCS7_RECIP_INFO_free(ri
);
534 int PKCS7_add_recipient_info(PKCS7
*p7
, PKCS7_RECIP_INFO
*ri
)
537 STACK_OF(PKCS7_RECIP_INFO
) *sk
;
539 i
= OBJ_obj2nid(p7
->type
);
541 case NID_pkcs7_signedAndEnveloped
:
542 sk
= p7
->d
.signed_and_enveloped
->recipientinfo
;
544 case NID_pkcs7_enveloped
:
545 sk
= p7
->d
.enveloped
->recipientinfo
;
548 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_WRONG_CONTENT_TYPE
);
552 if (!sk_PKCS7_RECIP_INFO_push(sk
, ri
))
557 static int pkcs7_rsa_encrypt_decrypt_setup(PKCS7_RECIP_INFO
*ri
, int decrypt
)
559 X509_ALGOR
*alg
= NULL
;
562 PKCS7_RECIP_INFO_get0_alg(ri
, &alg
);
564 X509_ALGOR_set0(alg
, OBJ_nid2obj(NID_rsaEncryption
), V_ASN1_NULL
, 0);
569 int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO
*p7i
, X509
*x509
)
572 EVP_PKEY
*pkey
= NULL
;
573 if (!ASN1_INTEGER_set(p7i
->version
, 0))
575 if (!X509_NAME_set(&p7i
->issuer_and_serial
->issuer
,
576 X509_get_issuer_name(x509
)))
579 ASN1_INTEGER_free(p7i
->issuer_and_serial
->serial
);
580 if (!(p7i
->issuer_and_serial
->serial
=
581 ASN1_INTEGER_dup(X509_get0_serialNumber(x509
))))
584 pkey
= X509_get0_pubkey(x509
);
588 if (EVP_PKEY_is_a(pkey
, "RSA-PSS"))
590 if (EVP_PKEY_is_a(pkey
, "RSA")) {
591 if (pkcs7_rsa_encrypt_decrypt_setup(p7i
, 0) <= 0)
596 if (pkey
->ameth
== NULL
|| pkey
->ameth
->pkey_ctrl
== NULL
) {
597 ERR_raise(ERR_LIB_PKCS7
,
598 PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE
);
602 ret
= pkey
->ameth
->pkey_ctrl(pkey
, ASN1_PKEY_CTRL_PKCS7_ENCRYPT
, 0, p7i
);
604 ERR_raise(ERR_LIB_PKCS7
,
605 PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE
);
609 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_ENCRYPTION_CTRL_FAILURE
);
622 X509
*PKCS7_cert_from_signer_info(PKCS7
*p7
, PKCS7_SIGNER_INFO
*si
)
624 if (PKCS7_type_is_signed(p7
))
625 return (X509_find_by_issuer_and_serial(p7
->d
.sign
->cert
,
626 si
->issuer_and_serial
->issuer
,
628 issuer_and_serial
->serial
));
633 int PKCS7_set_cipher(PKCS7
*p7
, const EVP_CIPHER
*cipher
)
636 PKCS7_ENC_CONTENT
*ec
;
638 i
= OBJ_obj2nid(p7
->type
);
640 case NID_pkcs7_signedAndEnveloped
:
641 ec
= p7
->d
.signed_and_enveloped
->enc_data
;
643 case NID_pkcs7_enveloped
:
644 ec
= p7
->d
.enveloped
->enc_data
;
647 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_WRONG_CONTENT_TYPE
);
651 /* Check cipher OID exists and has data in it */
652 i
= EVP_CIPHER_type(cipher
);
653 if (i
== NID_undef
) {
654 ERR_raise(ERR_LIB_PKCS7
, PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER
);
659 ec
->ctx
= pkcs7_get0_ctx(p7
);
663 /* unfortunately cannot constify BIO_new_NDEF() due to this and CMS_stream() */
664 int PKCS7_stream(unsigned char ***boundary
, PKCS7
*p7
)
666 ASN1_OCTET_STRING
*os
= NULL
;
668 switch (OBJ_obj2nid(p7
->type
)) {
673 case NID_pkcs7_signedAndEnveloped
:
674 os
= p7
->d
.signed_and_enveloped
->enc_data
->enc_data
;
676 os
= ASN1_OCTET_STRING_new();
677 p7
->d
.signed_and_enveloped
->enc_data
->enc_data
= os
;
681 case NID_pkcs7_enveloped
:
682 os
= p7
->d
.enveloped
->enc_data
->enc_data
;
684 os
= ASN1_OCTET_STRING_new();
685 p7
->d
.enveloped
->enc_data
->enc_data
= os
;
689 case NID_pkcs7_signed
:
690 os
= p7
->d
.sign
->contents
->d
.data
;
701 os
->flags
|= ASN1_STRING_FLAG_NDEF
;
702 *boundary
= &os
->data
;