kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2555 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: f01fb5dc0e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f01fb5dc0e'
${ noResults }
boringssl/crypto/x509/pkcs7.c

354 lines
10 KiB
Raw Blame History 

  1. /* Copyright (c) 2014, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #include <openssl/x509.h>

  16. 

  17. #include <assert.h>

  18. #include <limits.h>

  19. 

  20. #include <openssl/bytestring.h>

  21. #include <openssl/err.h>

  22. #include <openssl/mem.h>

  23. #include <openssl/obj.h>

  24. #include <openssl/pem.h>

  25. #include <openssl/stack.h>

  26. 

  27. #include "../bytestring/internal.h"

  28. 

  29. 

  30. /* pkcs7_parse_header reads the non-certificate/non-CRL prefix of a PKCS#7

  31.  * SignedData blob from |cbs| and sets |*out| to point to the rest of the

  32.  * input. If the input is in BER format, then |*der_bytes| will be set to a

  33.  * pointer that needs to be freed by the caller once they have finished

  34.  * processing |*out| (which will be pointing into |*der_bytes|).

  35.  *

  36.  * It returns one on success or zero on error. On error, |*der_bytes| is

  37.  * NULL. */

  38. static int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs) {

  39.   size_t der_len;

  40.   CBS in, content_info, content_type, wrapped_signed_data, signed_data;

  41.   uint64_t version;

  42. 

  43.   /* The input may be in BER format. */

  44.   *der_bytes = NULL;

  45.   if (!CBS_asn1_ber_to_der(cbs, der_bytes, &der_len)) {

  46.     return 0;

  47.   }

  48.   if (*der_bytes != NULL) {

  49.     CBS_init(&in, *der_bytes, der_len);

  50.   } else {

  51.     CBS_init(&in, CBS_data(cbs), CBS_len(cbs));

  52.   }

  53. 

  54.   /* See https://tools.ietf.org/html/rfc2315#section-7 */

  55.   if (!CBS_get_asn1(&in, &content_info, CBS_ASN1_SEQUENCE) ||

  56.       !CBS_get_asn1(&content_info, &content_type, CBS_ASN1_OBJECT)) {

  57.     goto err;

  58.   }

  59. 

  60.   if (OBJ_cbs2nid(&content_type) != NID_pkcs7_signed) {

  61.     OPENSSL_PUT_ERROR(X509, X509_R_NOT_PKCS7_SIGNED_DATA);

  62.     goto err;

  63.   }

  64. 

  65.   /* See https://tools.ietf.org/html/rfc2315#section-9.1 */

  66.   if (!CBS_get_asn1(&content_info, &wrapped_signed_data,

  67.                     CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) ||

  68.       !CBS_get_asn1(&wrapped_signed_data, &signed_data, CBS_ASN1_SEQUENCE) ||

  69.       !CBS_get_asn1_uint64(&signed_data, &version) ||

  70.       !CBS_get_asn1(&signed_data, NULL /* digests */, CBS_ASN1_SET) ||

  71.       !CBS_get_asn1(&signed_data, NULL /* content */, CBS_ASN1_SEQUENCE)) {

  72.     goto err;

  73.   }

  74. 

  75.   if (version < 1) {

  76.     OPENSSL_PUT_ERROR(X509, X509_R_BAD_PKCS7_VERSION);

  77.     goto err;

  78.   }

  79. 

  80.   CBS_init(out, CBS_data(&signed_data), CBS_len(&signed_data));

  81.   return 1;

  82. 

  83. err:

  84.   if (*der_bytes) {

  85.     OPENSSL_free(*der_bytes);

  86.     *der_bytes = NULL;

  87.   }

  88. 

  89.   return 0;

  90. }

  91. 

  92. int PKCS7_get_certificates(STACK_OF(X509) *out_certs, CBS *cbs) {

  93.   CBS signed_data, certificates;

  94.   uint8_t *der_bytes = NULL;

  95.   int ret = 0;

  96.   const size_t initial_certs_len = sk_X509_num(out_certs);

  97. 

  98.   if (!pkcs7_parse_header(&der_bytes, &signed_data, cbs)) {

  99.     return 0;

  100.   }

  101. 

  102.   /* See https://tools.ietf.org/html/rfc2315#section-9.1 */

  103.   if (!CBS_get_asn1(&signed_data, &certificates,

  104.                     CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) {

  105.     OPENSSL_PUT_ERROR(X509, X509_R_NO_CERTIFICATES_INCLUDED);

  106.     goto err;

  107.   }

  108. 

  109.   while (CBS_len(&certificates) > 0) {

  110.     CBS cert;

  111.     X509 *x509;

  112.     const uint8_t *inp;

  113. 

  114.     if (!CBS_get_asn1_element(&certificates, &cert, CBS_ASN1_SEQUENCE)) {

  115.       goto err;

  116.     }

  117. 

  118.     if (CBS_len(&cert) > LONG_MAX) {

  119.       goto err;

  120.     }

  121.     inp = CBS_data(&cert);

  122.     x509 = d2i_X509(NULL, &inp, (long)CBS_len(&cert));

  123.     if (!x509) {

  124.       goto err;

  125.     }

  126. 

  127.     assert(inp == CBS_data(&cert) + CBS_len(&cert));

  128. 

  129.     if (sk_X509_push(out_certs, x509) == 0) {

  130.       X509_free(x509);

  131.       goto err;

  132.     }

  133.   }

  134. 

  135.   ret = 1;

  136. 

  137. err:

  138.   if (der_bytes) {

  139.     OPENSSL_free(der_bytes);

  140.   }

  141. 

  142.   if (!ret) {

  143.     while (sk_X509_num(out_certs) != initial_certs_len) {

  144.       X509 *x509 = sk_X509_pop(out_certs);

  145.       X509_free(x509);

  146.     }

  147.   }

  148. 

  149.   return ret;

  150. }

  151. 

  152. int PKCS7_get_CRLs(STACK_OF(X509_CRL) *out_crls, CBS *cbs) {

  153.   CBS signed_data, crls;

  154.   uint8_t *der_bytes = NULL;

  155.   int ret = 0;

  156.   const size_t initial_crls_len = sk_X509_CRL_num(out_crls);

  157. 

  158.   if (!pkcs7_parse_header(&der_bytes, &signed_data, cbs)) {

  159.     return 0;

  160.   }

  161. 

  162.   /* See https://tools.ietf.org/html/rfc2315#section-9.1 */

  163. 

  164.   /* Even if only CRLs are included, there may be an empty certificates block.

  165.    * OpenSSL does this, for example. */

  166.   if (CBS_peek_asn1_tag(&signed_data,

  167.                         CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) &&

  168.       !CBS_get_asn1(&signed_data, NULL /* certificates */,

  169.                     CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) {

  170.     goto err;

  171.   }

  172. 

  173.   if (!CBS_get_asn1(&signed_data, &crls,

  174.                     CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1)) {

  175.     OPENSSL_PUT_ERROR(X509, X509_R_NO_CRLS_INCLUDED);

  176.     goto err;

  177.   }

  178. 

  179.   while (CBS_len(&crls) > 0) {

  180.     CBS crl_data;

  181.     X509_CRL *crl;

  182.     const uint8_t *inp;

  183. 

  184.     if (!CBS_get_asn1_element(&crls, &crl_data, CBS_ASN1_SEQUENCE)) {

  185.       goto err;

  186.     }

  187. 

  188.     if (CBS_len(&crl_data) > LONG_MAX) {

  189.       goto err;

  190.     }

  191.     inp = CBS_data(&crl_data);

  192.     crl = d2i_X509_CRL(NULL, &inp, (long)CBS_len(&crl_data));

  193.     if (!crl) {

  194.       goto err;

  195.     }

  196. 

  197.     assert(inp == CBS_data(&crl_data) + CBS_len(&crl_data));

  198. 

  199.     if (sk_X509_CRL_push(out_crls, crl) == 0) {

  200.       X509_CRL_free(crl);

  201.       goto err;

  202.     }

  203.   }

  204. 

  205.   ret = 1;

  206. 

  207. err:

  208.   if (der_bytes) {

  209.     OPENSSL_free(der_bytes);

  210.   }

  211. 

  212.   if (!ret) {

  213.     while (sk_X509_CRL_num(out_crls) != initial_crls_len) {

  214.       X509_CRL_free(sk_X509_CRL_pop(out_crls));

  215.     }

  216.   }

  217. 

  218.   return ret;

  219. }

  220. 

  221. int PKCS7_get_PEM_certificates(STACK_OF(X509) *out_certs, BIO *pem_bio) {

  222.   uint8_t *data;

  223.   long len;

  224.   int ret;

  225. 

  226.   /* Even though we pass PEM_STRING_PKCS7 as the expected PEM type here, PEM

  227.    * internally will actually allow several other values too, including

  228.    * "CERTIFICATE". */

  229.   if (!PEM_bytes_read_bio(&data, &len, NULL /* PEM type output */,

  230.                           PEM_STRING_PKCS7, pem_bio,

  231.                           NULL /* password callback */,

  232.                           NULL /* password callback argument */)) {

  233.     return 0;

  234.   }

  235. 

  236.   CBS cbs;

  237.   CBS_init(&cbs, data, len);

  238.   ret = PKCS7_get_certificates(out_certs, &cbs);

  239.   OPENSSL_free(data);

  240.   return ret;

  241. }

  242. 

  243. int PKCS7_get_PEM_CRLs(STACK_OF(X509_CRL) *out_crls, BIO *pem_bio) {

  244.   uint8_t *data;

  245.   long len;

  246.   int ret;

  247. 

  248.   /* Even though we pass PEM_STRING_PKCS7 as the expected PEM type here, PEM

  249.    * internally will actually allow several other values too, including

  250.    * "CERTIFICATE". */

  251.   if (!PEM_bytes_read_bio(&data, &len, NULL /* PEM type output */,

  252.                           PEM_STRING_PKCS7, pem_bio,

  253.                           NULL /* password callback */,

  254.                           NULL /* password callback argument */)) {

  255.     return 0;

  256.   }

  257. 

  258.   CBS cbs;

  259.   CBS_init(&cbs, data, len);

  260.   ret = PKCS7_get_CRLs(out_crls, &cbs);

  261.   OPENSSL_free(data);

  262.   return ret;

  263. }

  264. 

  265. /* pkcs7_bundle writes a PKCS#7, SignedData structure to |out| and then calls

  266.  * |cb| with a CBB to which certificate or CRL data can be written, and the

  267.  * opaque context pointer, |arg|. The callback can return zero to indicate an

  268.  * error.

  269.  *

  270.  * pkcs7_bundle returns one on success or zero on error. */

  271. static int pkcs7_bundle(CBB *out, int (*cb)(CBB *out, const void *arg),

  272.                         const void *arg) {

  273.   CBB outer_seq, wrapped_seq, seq, version_bytes, digest_algos_set,

  274.       content_info;

  275. 

  276.   /* See https://tools.ietf.org/html/rfc2315#section-7 */

  277.   if (!CBB_add_asn1(out, &outer_seq, CBS_ASN1_SEQUENCE) ||

  278.       !OBJ_nid2cbb(&outer_seq, NID_pkcs7_signed) ||

  279.       !CBB_add_asn1(&outer_seq, &wrapped_seq,

  280.                     CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) ||

  281.       /* See https://tools.ietf.org/html/rfc2315#section-9.1 */

  282.       !CBB_add_asn1(&wrapped_seq, &seq, CBS_ASN1_SEQUENCE) ||

  283.       !CBB_add_asn1(&seq, &version_bytes, CBS_ASN1_INTEGER) ||

  284.       !CBB_add_u8(&version_bytes, 1) ||

  285.       !CBB_add_asn1(&seq, &digest_algos_set, CBS_ASN1_SET) ||

  286.       !CBB_add_asn1(&seq, &content_info, CBS_ASN1_SEQUENCE) ||

  287.       !OBJ_nid2cbb(&content_info, NID_pkcs7_data) ||

  288.       !cb(&seq, arg)) {

  289.     return 0;

  290.   }

  291. 

  292.   return CBB_flush(out);

  293. }

  294. 

  295. static int pkcs7_bundle_certificates_cb(CBB *out, const void *arg) {

  296.   const STACK_OF(X509) *certs = arg;

  297.   size_t i;

  298.   CBB certificates;

  299. 

  300.   /* See https://tools.ietf.org/html/rfc2315#section-9.1 */

  301.   if (!CBB_add_asn1(out, &certificates,

  302.                     CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) {

  303.     return 0;

  304.   }

  305. 

  306.   for (i = 0; i < sk_X509_num(certs); i++) {

  307.     X509 *x509 = sk_X509_value(certs, i);

  308.     uint8_t *buf;

  309.     int len = i2d_X509(x509, NULL);

  310. 

  311.     if (len < 0 ||

  312.         !CBB_add_space(&certificates, &buf, len) ||

  313.         i2d_X509(x509, &buf) < 0) {

  314.       return 0;

  315.     }

  316.   }

  317. 

  318.   return CBB_flush(out);

  319. }

  320. 

  321. int PKCS7_bundle_certificates(CBB *out, const STACK_OF(X509) *certs) {

  322.   return pkcs7_bundle(out, pkcs7_bundle_certificates_cb, certs);

  323. }

  324. 

  325. static int pkcs7_bundle_crls_cb(CBB *out, const void *arg) {

  326.   const STACK_OF(X509_CRL) *crls = arg;

  327.   size_t i;

  328.   CBB crl_data;

  329. 

  330.   /* See https://tools.ietf.org/html/rfc2315#section-9.1 */

  331.   if (!CBB_add_asn1(out, &crl_data,

  332.                     CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 1)) {

  333.     return 0;

  334.   }

  335. 

  336.   for (i = 0; i < sk_X509_CRL_num(crls); i++) {

  337.     X509_CRL *crl = sk_X509_CRL_value(crls, i);

  338.     uint8_t *buf;

  339.     int len = i2d_X509_CRL(crl, NULL);

  340. 

  341.     if (len < 0 ||

  342.         !CBB_add_space(&crl_data, &buf, len) ||

  343.         i2d_X509_CRL(crl, &buf) < 0) {

  344.       return 0;

  345.     }

  346.   }

  347. 

  348.   return CBB_flush(out);

  349. }

  350. 

  351. int PKCS7_bundle_CRLs(CBB *out, const STACK_OF(X509_CRL) *crls) {

  352.   return pkcs7_bundle(out, pkcs7_bundle_crls_cb, crls);

  353. }