summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/cms/cms_env.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/cms/cms_env.c')
-rw-r--r--src/lib/libcrypto/cms/cms_env.c1264
1 files changed, 632 insertions, 632 deletions
diff --git a/src/lib/libcrypto/cms/cms_env.c b/src/lib/libcrypto/cms/cms_env.c
index ee92fc39ee..e137cadf34 100644
--- a/src/lib/libcrypto/cms/cms_env.c
+++ b/src/lib/libcrypto/cms/cms_env.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_env.c,v 1.14 2019/08/10 16:39:17 jsing Exp $ */ 1/* $OpenBSD: cms_env.c,v 1.15 2019/08/10 16:42:20 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -67,103 +67,103 @@
67 67
68CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms) 68CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
69{ 69{
70 if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) { 70 if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
71 CMSerr(CMS_F_CMS_GET0_ENVELOPED, 71 CMSerr(CMS_F_CMS_GET0_ENVELOPED,
72 CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA); 72 CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
73 return NULL; 73 return NULL;
74 } 74 }
75 return cms->d.envelopedData; 75 return cms->d.envelopedData;
76} 76}
77 77
78static CMS_EnvelopedData *cms_enveloped_data_init(CMS_ContentInfo *cms) 78static CMS_EnvelopedData *cms_enveloped_data_init(CMS_ContentInfo *cms)
79{ 79{
80 if (cms->d.other == NULL) { 80 if (cms->d.other == NULL) {
81 cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData); 81 cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData);
82 if (!cms->d.envelopedData) { 82 if (!cms->d.envelopedData) {
83 CMSerr(CMS_F_CMS_ENVELOPED_DATA_INIT, ERR_R_MALLOC_FAILURE); 83 CMSerr(CMS_F_CMS_ENVELOPED_DATA_INIT, ERR_R_MALLOC_FAILURE);
84 return NULL; 84 return NULL;
85 } 85 }
86 cms->d.envelopedData->version = 0; 86 cms->d.envelopedData->version = 0;
87 cms->d.envelopedData->encryptedContentInfo->contentType = 87 cms->d.envelopedData->encryptedContentInfo->contentType =
88 OBJ_nid2obj(NID_pkcs7_data); 88 OBJ_nid2obj(NID_pkcs7_data);
89 ASN1_OBJECT_free(cms->contentType); 89 ASN1_OBJECT_free(cms->contentType);
90 cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped); 90 cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped);
91 return cms->d.envelopedData; 91 return cms->d.envelopedData;
92 } 92 }
93 return cms_get0_enveloped(cms); 93 return cms_get0_enveloped(cms);
94} 94}
95 95
96int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd) 96int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
97{ 97{
98 EVP_PKEY *pkey; 98 EVP_PKEY *pkey;
99 int i; 99 int i;
100 if (ri->type == CMS_RECIPINFO_TRANS) 100 if (ri->type == CMS_RECIPINFO_TRANS)
101 pkey = ri->d.ktri->pkey; 101 pkey = ri->d.ktri->pkey;
102 else if (ri->type == CMS_RECIPINFO_AGREE) { 102 else if (ri->type == CMS_RECIPINFO_AGREE) {
103 EVP_PKEY_CTX *pctx = ri->d.kari->pctx; 103 EVP_PKEY_CTX *pctx = ri->d.kari->pctx;
104 if (!pctx) 104 if (!pctx)
105 return 0; 105 return 0;
106 pkey = EVP_PKEY_CTX_get0_pkey(pctx); 106 pkey = EVP_PKEY_CTX_get0_pkey(pctx);
107 if (!pkey) 107 if (!pkey)
108 return 0; 108 return 0;
109 } else 109 } else
110 return 0; 110 return 0;
111 if (!pkey->ameth || !pkey->ameth->pkey_ctrl) 111 if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
112 return 1; 112 return 1;
113 i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_ENVELOPE, cmd, ri); 113 i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_ENVELOPE, cmd, ri);
114 if (i == -2) { 114 if (i == -2) {
115 CMSerr(CMS_F_CMS_ENV_ASN1_CTRL, 115 CMSerr(CMS_F_CMS_ENV_ASN1_CTRL,
116 CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); 116 CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
117 return 0; 117 return 0;
118 } 118 }
119 if (i <= 0) { 119 if (i <= 0) {
120 CMSerr(CMS_F_CMS_ENV_ASN1_CTRL, CMS_R_CTRL_FAILURE); 120 CMSerr(CMS_F_CMS_ENV_ASN1_CTRL, CMS_R_CTRL_FAILURE);
121 return 0; 121 return 0;
122 } 122 }
123 return 1; 123 return 1;
124} 124}
125 125
126STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms) 126STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms)
127{ 127{
128 CMS_EnvelopedData *env; 128 CMS_EnvelopedData *env;
129 env = cms_get0_enveloped(cms); 129 env = cms_get0_enveloped(cms);
130 if (!env) 130 if (!env)
131 return NULL; 131 return NULL;
132 return env->recipientInfos; 132 return env->recipientInfos;
133} 133}
134 134
135int CMS_RecipientInfo_type(CMS_RecipientInfo *ri) 135int CMS_RecipientInfo_type(CMS_RecipientInfo *ri)
136{ 136{
137 return ri->type; 137 return ri->type;
138} 138}
139 139
140EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri) 140EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri)
141{ 141{
142 if (ri->type == CMS_RECIPINFO_TRANS) 142 if (ri->type == CMS_RECIPINFO_TRANS)
143 return ri->d.ktri->pctx; 143 return ri->d.ktri->pctx;
144 else if (ri->type == CMS_RECIPINFO_AGREE) 144 else if (ri->type == CMS_RECIPINFO_AGREE)
145 return ri->d.kari->pctx; 145 return ri->d.kari->pctx;
146 return NULL; 146 return NULL;
147} 147}
148 148
149CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher) 149CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
150{ 150{
151 CMS_ContentInfo *cms; 151 CMS_ContentInfo *cms;
152 CMS_EnvelopedData *env; 152 CMS_EnvelopedData *env;
153 cms = CMS_ContentInfo_new(); 153 cms = CMS_ContentInfo_new();
154 if (cms == NULL) 154 if (cms == NULL)
155 goto merr; 155 goto merr;
156 env = cms_enveloped_data_init(cms); 156 env = cms_enveloped_data_init(cms);
157 if (env == NULL) 157 if (env == NULL)
158 goto merr; 158 goto merr;
159 if (!cms_EncryptedContent_init(env->encryptedContentInfo, 159 if (!cms_EncryptedContent_init(env->encryptedContentInfo,
160 cipher, NULL, 0)) 160 cipher, NULL, 0))
161 goto merr; 161 goto merr;
162 return cms; 162 return cms;
163 merr: 163 merr:
164 CMS_ContentInfo_free(cms); 164 CMS_ContentInfo_free(cms);
165 CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE); 165 CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE);
166 return NULL; 166 return NULL;
167} 167}
168 168
169/* Key Transport Recipient Info (KTRI) routines */ 169/* Key Transport Recipient Info (KTRI) routines */
@@ -171,49 +171,49 @@ CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
171/* Initialise a ktri based on passed certificate and key */ 171/* Initialise a ktri based on passed certificate and key */
172 172
173static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip, 173static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
174 EVP_PKEY *pk, unsigned int flags) 174 EVP_PKEY *pk, unsigned int flags)
175{ 175{
176 CMS_KeyTransRecipientInfo *ktri; 176 CMS_KeyTransRecipientInfo *ktri;
177 int idtype; 177 int idtype;
178 178
179 ri->d.ktri = M_ASN1_new_of(CMS_KeyTransRecipientInfo); 179 ri->d.ktri = M_ASN1_new_of(CMS_KeyTransRecipientInfo);
180 if (!ri->d.ktri) 180 if (!ri->d.ktri)
181 return 0; 181 return 0;
182 ri->type = CMS_RECIPINFO_TRANS; 182 ri->type = CMS_RECIPINFO_TRANS;
183 183
184 ktri = ri->d.ktri; 184 ktri = ri->d.ktri;
185 185
186 if (flags & CMS_USE_KEYID) { 186 if (flags & CMS_USE_KEYID) {
187 ktri->version = 2; 187 ktri->version = 2;
188 idtype = CMS_RECIPINFO_KEYIDENTIFIER; 188 idtype = CMS_RECIPINFO_KEYIDENTIFIER;
189 } else { 189 } else {
190 ktri->version = 0; 190 ktri->version = 0;
191 idtype = CMS_RECIPINFO_ISSUER_SERIAL; 191 idtype = CMS_RECIPINFO_ISSUER_SERIAL;
192 } 192 }
193 193
194 /* 194 /*
195 * Not a typo: RecipientIdentifier and SignerIdentifier are the same 195 * Not a typo: RecipientIdentifier and SignerIdentifier are the same
196 * structure. 196 * structure.
197 */ 197 */
198 198
199 if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype)) 199 if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype))
200 return 0; 200 return 0;
201 201
202 X509_up_ref(recip); 202 X509_up_ref(recip);
203 EVP_PKEY_up_ref(pk); 203 EVP_PKEY_up_ref(pk);
204 204
205 ktri->pkey = pk; 205 ktri->pkey = pk;
206 ktri->recip = recip; 206 ktri->recip = recip;
207 207
208 if (flags & CMS_KEY_PARAM) { 208 if (flags & CMS_KEY_PARAM) {
209 ktri->pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL); 209 ktri->pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
210 if (ktri->pctx == NULL) 210 if (ktri->pctx == NULL)
211 return 0; 211 return 0;
212 if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0) 212 if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0)
213 return 0; 213 return 0;
214 } else if (!cms_env_asn1_ctrl(ri, 0)) 214 } else if (!cms_env_asn1_ctrl(ri, 0))
215 return 0; 215 return 0;
216 return 1; 216 return 1;
217} 217}
218 218
219/* 219/*
@@ -221,713 +221,713 @@ static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
221 */ 221 */
222 222
223CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, 223CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
224 X509 *recip, unsigned int flags) 224 X509 *recip, unsigned int flags)
225{ 225{
226 CMS_RecipientInfo *ri = NULL; 226 CMS_RecipientInfo *ri = NULL;
227 CMS_EnvelopedData *env; 227 CMS_EnvelopedData *env;
228 EVP_PKEY *pk = NULL; 228 EVP_PKEY *pk = NULL;
229 env = cms_get0_enveloped(cms); 229 env = cms_get0_enveloped(cms);
230 if (!env) 230 if (!env)
231 goto err; 231 goto err;
232 232
233 /* Initialize recipient info */ 233 /* Initialize recipient info */
234 ri = M_ASN1_new_of(CMS_RecipientInfo); 234 ri = M_ASN1_new_of(CMS_RecipientInfo);
235 if (!ri) 235 if (!ri)
236 goto merr; 236 goto merr;
237 237
238 pk = X509_get0_pubkey(recip); 238 pk = X509_get0_pubkey(recip);
239 if (!pk) { 239 if (!pk) {
240 CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, CMS_R_ERROR_GETTING_PUBLIC_KEY); 240 CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, CMS_R_ERROR_GETTING_PUBLIC_KEY);
241 goto err; 241 goto err;
242 } 242 }
243 243
244 switch (cms_pkey_get_ri_type(pk)) { 244 switch (cms_pkey_get_ri_type(pk)) {
245 245
246 case CMS_RECIPINFO_TRANS: 246 case CMS_RECIPINFO_TRANS:
247 if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags)) 247 if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags))
248 goto err; 248 goto err;
249 break; 249 break;
250 250
251 case CMS_RECIPINFO_AGREE: 251 case CMS_RECIPINFO_AGREE:
252 if (!cms_RecipientInfo_kari_init(ri, recip, pk, flags)) 252 if (!cms_RecipientInfo_kari_init(ri, recip, pk, flags))
253 goto err; 253 goto err;
254 break; 254 break;
255 255
256 default: 256 default:
257 CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, 257 CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
258 CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); 258 CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
259 goto err; 259 goto err;
260 260
261 } 261 }
262 262
263 if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri)) 263 if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
264 goto merr; 264 goto merr;
265 265
266 return ri; 266 return ri;
267 267
268 merr: 268 merr:
269 CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, ERR_R_MALLOC_FAILURE); 269 CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, ERR_R_MALLOC_FAILURE);
270 err: 270 err:
271 M_ASN1_free_of(ri, CMS_RecipientInfo); 271 M_ASN1_free_of(ri, CMS_RecipientInfo);
272 return NULL; 272 return NULL;
273 273
274} 274}
275 275
276int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, 276int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
277 EVP_PKEY **pk, X509 **recip, 277 EVP_PKEY **pk, X509 **recip,
278 X509_ALGOR **palg) 278 X509_ALGOR **palg)
279{ 279{
280 CMS_KeyTransRecipientInfo *ktri; 280 CMS_KeyTransRecipientInfo *ktri;
281 if (ri->type != CMS_RECIPINFO_TRANS) { 281 if (ri->type != CMS_RECIPINFO_TRANS) {
282 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS, 282 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS,
283 CMS_R_NOT_KEY_TRANSPORT); 283 CMS_R_NOT_KEY_TRANSPORT);
284 return 0; 284 return 0;
285 } 285 }
286 286
287 ktri = ri->d.ktri; 287 ktri = ri->d.ktri;
288 288
289 if (pk) 289 if (pk)
290 *pk = ktri->pkey; 290 *pk = ktri->pkey;
291 if (recip) 291 if (recip)
292 *recip = ktri->recip; 292 *recip = ktri->recip;
293 if (palg) 293 if (palg)
294 *palg = ktri->keyEncryptionAlgorithm; 294 *palg = ktri->keyEncryptionAlgorithm;
295 return 1; 295 return 1;
296} 296}
297 297
298int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, 298int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
299 ASN1_OCTET_STRING **keyid, 299 ASN1_OCTET_STRING **keyid,
300 X509_NAME **issuer, 300 X509_NAME **issuer,
301 ASN1_INTEGER **sno) 301 ASN1_INTEGER **sno)
302{ 302{
303 CMS_KeyTransRecipientInfo *ktri; 303 CMS_KeyTransRecipientInfo *ktri;
304 if (ri->type != CMS_RECIPINFO_TRANS) { 304 if (ri->type != CMS_RECIPINFO_TRANS) {
305 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID, 305 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID,
306 CMS_R_NOT_KEY_TRANSPORT); 306 CMS_R_NOT_KEY_TRANSPORT);
307 return 0; 307 return 0;
308 } 308 }
309 ktri = ri->d.ktri; 309 ktri = ri->d.ktri;
310 310
311 return cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid, issuer, sno); 311 return cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid, issuer, sno);
312} 312}
313 313
314int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert) 314int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
315{ 315{
316 if (ri->type != CMS_RECIPINFO_TRANS) { 316 if (ri->type != CMS_RECIPINFO_TRANS) {
317 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP, 317 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP,
318 CMS_R_NOT_KEY_TRANSPORT); 318 CMS_R_NOT_KEY_TRANSPORT);
319 return -2; 319 return -2;
320 } 320 }
321 return cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert); 321 return cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
322} 322}
323 323
324int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey) 324int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
325{ 325{
326 if (ri->type != CMS_RECIPINFO_TRANS) { 326 if (ri->type != CMS_RECIPINFO_TRANS) {
327 CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY, CMS_R_NOT_KEY_TRANSPORT); 327 CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY, CMS_R_NOT_KEY_TRANSPORT);
328 return 0; 328 return 0;
329 } 329 }
330 EVP_PKEY_free(ri->d.ktri->pkey); 330 EVP_PKEY_free(ri->d.ktri->pkey);
331 ri->d.ktri->pkey = pkey; 331 ri->d.ktri->pkey = pkey;
332 return 1; 332 return 1;
333} 333}
334 334
335/* Encrypt content key in key transport recipient info */ 335/* Encrypt content key in key transport recipient info */
336 336
337static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, 337static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms,
338 CMS_RecipientInfo *ri) 338 CMS_RecipientInfo *ri)
339{ 339{
340 CMS_KeyTransRecipientInfo *ktri; 340 CMS_KeyTransRecipientInfo *ktri;
341 CMS_EncryptedContentInfo *ec; 341 CMS_EncryptedContentInfo *ec;
342 EVP_PKEY_CTX *pctx; 342 EVP_PKEY_CTX *pctx;
343 unsigned char *ek = NULL; 343 unsigned char *ek = NULL;
344 size_t eklen; 344 size_t eklen;
345 345
346 int ret = 0; 346 int ret = 0;
347 347
348 if (ri->type != CMS_RECIPINFO_TRANS) { 348 if (ri->type != CMS_RECIPINFO_TRANS) {
349 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_NOT_KEY_TRANSPORT); 349 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_NOT_KEY_TRANSPORT);
350 return 0; 350 return 0;
351 } 351 }
352 ktri = ri->d.ktri; 352 ktri = ri->d.ktri;
353 ec = cms->d.envelopedData->encryptedContentInfo; 353 ec = cms->d.envelopedData->encryptedContentInfo;
354 354
355 pctx = ktri->pctx; 355 pctx = ktri->pctx;
356 356
357 if (pctx) { 357 if (pctx) {
358 if (!cms_env_asn1_ctrl(ri, 0)) 358 if (!cms_env_asn1_ctrl(ri, 0))
359 goto err; 359 goto err;
360 } else { 360 } else {
361 pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL); 361 pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
362 if (pctx == NULL) 362 if (pctx == NULL)
363 return 0; 363 return 0;
364 364
365 if (EVP_PKEY_encrypt_init(pctx) <= 0) 365 if (EVP_PKEY_encrypt_init(pctx) <= 0)
366 goto err; 366 goto err;
367 } 367 }
368 368
369 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT, 369 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
370 EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) { 370 EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) {
371 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR); 371 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR);
372 goto err; 372 goto err;
373 } 373 }
374 374
375 if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0) 375 if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0)
376 goto err; 376 goto err;
377 377
378 ek = OPENSSL_malloc(eklen); 378 ek = OPENSSL_malloc(eklen);
379 379
380 if (ek == NULL) { 380 if (ek == NULL) {
381 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, ERR_R_MALLOC_FAILURE); 381 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, ERR_R_MALLOC_FAILURE);
382 goto err; 382 goto err;
383 } 383 }
384 384
385 if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0) 385 if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0)
386 goto err; 386 goto err;
387 387
388 ASN1_STRING_set0(ktri->encryptedKey, ek, eklen); 388 ASN1_STRING_set0(ktri->encryptedKey, ek, eklen);
389 ek = NULL; 389 ek = NULL;
390 390
391 ret = 1; 391 ret = 1;
392 392
393 err: 393 err:
394 EVP_PKEY_CTX_free(pctx); 394 EVP_PKEY_CTX_free(pctx);
395 ktri->pctx = NULL; 395 ktri->pctx = NULL;
396 OPENSSL_free(ek); 396 OPENSSL_free(ek);
397 return ret; 397 return ret;
398 398
399} 399}
400 400
401/* Decrypt content key from KTRI */ 401/* Decrypt content key from KTRI */
402 402
403static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, 403static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
404 CMS_RecipientInfo *ri) 404 CMS_RecipientInfo *ri)
405{ 405{
406 CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; 406 CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
407 EVP_PKEY *pkey = ktri->pkey; 407 EVP_PKEY *pkey = ktri->pkey;
408 unsigned char *ek = NULL; 408 unsigned char *ek = NULL;
409 size_t eklen; 409 size_t eklen;
410 int ret = 0; 410 int ret = 0;
411 CMS_EncryptedContentInfo *ec; 411 CMS_EncryptedContentInfo *ec;
412 ec = cms->d.envelopedData->encryptedContentInfo; 412 ec = cms->d.envelopedData->encryptedContentInfo;
413 413
414 if (ktri->pkey == NULL) { 414 if (ktri->pkey == NULL) {
415 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_NO_PRIVATE_KEY); 415 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_NO_PRIVATE_KEY);
416 return 0; 416 return 0;
417 } 417 }
418 418
419 ktri->pctx = EVP_PKEY_CTX_new(pkey, NULL); 419 ktri->pctx = EVP_PKEY_CTX_new(pkey, NULL);
420 if (ktri->pctx == NULL) 420 if (ktri->pctx == NULL)
421 return 0; 421 return 0;
422 422
423 if (EVP_PKEY_decrypt_init(ktri->pctx) <= 0) 423 if (EVP_PKEY_decrypt_init(ktri->pctx) <= 0)
424 goto err; 424 goto err;
425 425
426 if (!cms_env_asn1_ctrl(ri, 1)) 426 if (!cms_env_asn1_ctrl(ri, 1))
427 goto err; 427 goto err;
428 428
429 if (EVP_PKEY_CTX_ctrl(ktri->pctx, -1, EVP_PKEY_OP_DECRYPT, 429 if (EVP_PKEY_CTX_ctrl(ktri->pctx, -1, EVP_PKEY_OP_DECRYPT,
430 EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) { 430 EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) {
431 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CTRL_ERROR); 431 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CTRL_ERROR);
432 goto err; 432 goto err;
433 } 433 }
434 434
435 if (EVP_PKEY_decrypt(ktri->pctx, NULL, &eklen, 435 if (EVP_PKEY_decrypt(ktri->pctx, NULL, &eklen,
436 ktri->encryptedKey->data, 436 ktri->encryptedKey->data,
437 ktri->encryptedKey->length) <= 0) 437 ktri->encryptedKey->length) <= 0)
438 goto err; 438 goto err;
439 439
440 ek = OPENSSL_malloc(eklen); 440 ek = OPENSSL_malloc(eklen);
441 441
442 if (ek == NULL) { 442 if (ek == NULL) {
443 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, ERR_R_MALLOC_FAILURE); 443 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, ERR_R_MALLOC_FAILURE);
444 goto err; 444 goto err;
445 } 445 }
446 446
447 if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen, 447 if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen,
448 ktri->encryptedKey->data, 448 ktri->encryptedKey->data,
449 ktri->encryptedKey->length) <= 0) { 449 ktri->encryptedKey->length) <= 0) {
450 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB); 450 CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB);
451 goto err; 451 goto err;
452 } 452 }
453 453
454 ret = 1; 454 ret = 1;
455 455
456 OPENSSL_clear_free(ec->key, ec->keylen); 456 OPENSSL_clear_free(ec->key, ec->keylen);
457 ec->key = ek; 457 ec->key = ek;
458 ec->keylen = eklen; 458 ec->keylen = eklen;
459 459
460 err: 460 err:
461 EVP_PKEY_CTX_free(ktri->pctx); 461 EVP_PKEY_CTX_free(ktri->pctx);
462 ktri->pctx = NULL; 462 ktri->pctx = NULL;
463 if (!ret) 463 if (!ret)
464 OPENSSL_free(ek); 464 OPENSSL_free(ek);
465 465
466 return ret; 466 return ret;
467} 467}
468 468
469/* Key Encrypted Key (KEK) RecipientInfo routines */ 469/* Key Encrypted Key (KEK) RecipientInfo routines */
470 470
471int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, 471int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
472 const unsigned char *id, size_t idlen) 472 const unsigned char *id, size_t idlen)
473{ 473{
474 ASN1_OCTET_STRING tmp_os; 474 ASN1_OCTET_STRING tmp_os;
475 CMS_KEKRecipientInfo *kekri; 475 CMS_KEKRecipientInfo *kekri;
476 if (ri->type != CMS_RECIPINFO_KEK) { 476 if (ri->type != CMS_RECIPINFO_KEK) {
477 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP, CMS_R_NOT_KEK); 477 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP, CMS_R_NOT_KEK);
478 return -2; 478 return -2;
479 } 479 }
480 kekri = ri->d.kekri; 480 kekri = ri->d.kekri;
481 tmp_os.type = V_ASN1_OCTET_STRING; 481 tmp_os.type = V_ASN1_OCTET_STRING;
482 tmp_os.flags = 0; 482 tmp_os.flags = 0;
483 tmp_os.data = (unsigned char *)id; 483 tmp_os.data = (unsigned char *)id;
484 tmp_os.length = (int)idlen; 484 tmp_os.length = (int)idlen;
485 return ASN1_OCTET_STRING_cmp(&tmp_os, kekri->kekid->keyIdentifier); 485 return ASN1_OCTET_STRING_cmp(&tmp_os, kekri->kekid->keyIdentifier);
486} 486}
487 487
488/* For now hard code AES key wrap info */ 488/* For now hard code AES key wrap info */
489 489
490static size_t aes_wrap_keylen(int nid) 490static size_t aes_wrap_keylen(int nid)
491{ 491{
492 switch (nid) { 492 switch (nid) {
493 case NID_id_aes128_wrap: 493 case NID_id_aes128_wrap:
494 return 16; 494 return 16;
495 495
496 case NID_id_aes192_wrap: 496 case NID_id_aes192_wrap:
497 return 24; 497 return 24;
498 498
499 case NID_id_aes256_wrap: 499 case NID_id_aes256_wrap:
500 return 32; 500 return 32;
501 501
502 default: 502 default:
503 return 0; 503 return 0;
504 } 504 }
505} 505}
506 506
507CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, 507CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
508 unsigned char *key, size_t keylen, 508 unsigned char *key, size_t keylen,
509 unsigned char *id, size_t idlen, 509 unsigned char *id, size_t idlen,
510 ASN1_GENERALIZEDTIME *date, 510 ASN1_GENERALIZEDTIME *date,
511 ASN1_OBJECT *otherTypeId, 511 ASN1_OBJECT *otherTypeId,
512 ASN1_TYPE *otherType) 512 ASN1_TYPE *otherType)
513{ 513{
514 CMS_RecipientInfo *ri = NULL; 514 CMS_RecipientInfo *ri = NULL;
515 CMS_EnvelopedData *env; 515 CMS_EnvelopedData *env;
516 CMS_KEKRecipientInfo *kekri; 516 CMS_KEKRecipientInfo *kekri;
517 env = cms_get0_enveloped(cms); 517 env = cms_get0_enveloped(cms);
518 if (!env) 518 if (!env)
519 goto err; 519 goto err;
520 520
521 if (nid == NID_undef) { 521 if (nid == NID_undef) {
522 switch (keylen) { 522 switch (keylen) {
523 case 16: 523 case 16:
524 nid = NID_id_aes128_wrap; 524 nid = NID_id_aes128_wrap;
525 break; 525 break;
526 526
527 case 24: 527 case 24:
528 nid = NID_id_aes192_wrap; 528 nid = NID_id_aes192_wrap;
529 break; 529 break;
530 530
531 case 32: 531 case 32:
532 nid = NID_id_aes256_wrap; 532 nid = NID_id_aes256_wrap;
533 break; 533 break;
534 534
535 default: 535 default:
536 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH); 536 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH);
537 goto err; 537 goto err;
538 } 538 }
539 539
540 } else { 540 } else {
541 541
542 size_t exp_keylen = aes_wrap_keylen(nid); 542 size_t exp_keylen = aes_wrap_keylen(nid);
543 543
544 if (!exp_keylen) { 544 if (!exp_keylen) {
545 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, 545 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
546 CMS_R_UNSUPPORTED_KEK_ALGORITHM); 546 CMS_R_UNSUPPORTED_KEK_ALGORITHM);
547 goto err; 547 goto err;
548 } 548 }
549 549
550 if (keylen != exp_keylen) { 550 if (keylen != exp_keylen) {
551 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH); 551 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH);
552 goto err; 552 goto err;
553 } 553 }
554 554
555 } 555 }
556 556
557 /* Initialize recipient info */ 557 /* Initialize recipient info */
558 ri = M_ASN1_new_of(CMS_RecipientInfo); 558 ri = M_ASN1_new_of(CMS_RecipientInfo);
559 if (!ri) 559 if (!ri)
560 goto merr; 560 goto merr;
561 561
562 ri->d.kekri = M_ASN1_new_of(CMS_KEKRecipientInfo); 562 ri->d.kekri = M_ASN1_new_of(CMS_KEKRecipientInfo);
563 if (!ri->d.kekri) 563 if (!ri->d.kekri)
564 goto merr; 564 goto merr;
565 ri->type = CMS_RECIPINFO_KEK; 565 ri->type = CMS_RECIPINFO_KEK;
566 566
567 kekri = ri->d.kekri; 567 kekri = ri->d.kekri;
568 568
569 if (otherTypeId) { 569 if (otherTypeId) {
570 kekri->kekid->other = M_ASN1_new_of(CMS_OtherKeyAttribute); 570 kekri->kekid->other = M_ASN1_new_of(CMS_OtherKeyAttribute);
571 if (kekri->kekid->other == NULL) 571 if (kekri->kekid->other == NULL)
572 goto merr; 572 goto merr;
573 } 573 }
574 574
575 if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri)) 575 if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
576 goto merr; 576 goto merr;
577 577
578 /* After this point no calls can fail */ 578 /* After this point no calls can fail */
579 579
580 kekri->version = 4; 580 kekri->version = 4;
581 581
582 kekri->key = key; 582 kekri->key = key;
583 kekri->keylen = keylen; 583 kekri->keylen = keylen;
584 584
585 ASN1_STRING_set0(kekri->kekid->keyIdentifier, id, idlen); 585 ASN1_STRING_set0(kekri->kekid->keyIdentifier, id, idlen);
586 586
587 kekri->kekid->date = date; 587 kekri->kekid->date = date;
588 588
589 if (kekri->kekid->other) { 589 if (kekri->kekid->other) {
590 kekri->kekid->other->keyAttrId = otherTypeId; 590 kekri->kekid->other->keyAttrId = otherTypeId;
591 kekri->kekid->other->keyAttr = otherType; 591 kekri->kekid->other->keyAttr = otherType;
592 } 592 }
593 593
594 X509_ALGOR_set0(kekri->keyEncryptionAlgorithm, 594 X509_ALGOR_set0(kekri->keyEncryptionAlgorithm,
595 OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL); 595 OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL);
596 596
597 return ri; 597 return ri;
598 598
599 merr: 599 merr:
600 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, ERR_R_MALLOC_FAILURE); 600 CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, ERR_R_MALLOC_FAILURE);
601 err: 601 err:
602 M_ASN1_free_of(ri, CMS_RecipientInfo); 602 M_ASN1_free_of(ri, CMS_RecipientInfo);
603 return NULL; 603 return NULL;
604 604
605} 605}
606 606
607int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, 607int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
608 X509_ALGOR **palg, 608 X509_ALGOR **palg,
609 ASN1_OCTET_STRING **pid, 609 ASN1_OCTET_STRING **pid,
610 ASN1_GENERALIZEDTIME **pdate, 610 ASN1_GENERALIZEDTIME **pdate,
611 ASN1_OBJECT **potherid, 611 ASN1_OBJECT **potherid,
612 ASN1_TYPE **pothertype) 612 ASN1_TYPE **pothertype)
613{ 613{
614 CMS_KEKIdentifier *rkid; 614 CMS_KEKIdentifier *rkid;
615 if (ri->type != CMS_RECIPINFO_KEK) { 615 if (ri->type != CMS_RECIPINFO_KEK) {
616 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID, CMS_R_NOT_KEK); 616 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID, CMS_R_NOT_KEK);
617 return 0; 617 return 0;
618 } 618 }
619 rkid = ri->d.kekri->kekid; 619 rkid = ri->d.kekri->kekid;
620 if (palg) 620 if (palg)
621 *palg = ri->d.kekri->keyEncryptionAlgorithm; 621 *palg = ri->d.kekri->keyEncryptionAlgorithm;
622 if (pid) 622 if (pid)
623 *pid = rkid->keyIdentifier; 623 *pid = rkid->keyIdentifier;
624 if (pdate) 624 if (pdate)
625 *pdate = rkid->date; 625 *pdate = rkid->date;
626 if (potherid) { 626 if (potherid) {
627 if (rkid->other) 627 if (rkid->other)
628 *potherid = rkid->other->keyAttrId; 628 *potherid = rkid->other->keyAttrId;
629 else 629 else
630 *potherid = NULL; 630 *potherid = NULL;
631 } 631 }
632 if (pothertype) { 632 if (pothertype) {
633 if (rkid->other) 633 if (rkid->other)
634 *pothertype = rkid->other->keyAttr; 634 *pothertype = rkid->other->keyAttr;
635 else 635 else
636 *pothertype = NULL; 636 *pothertype = NULL;
637 } 637 }
638 return 1; 638 return 1;
639} 639}
640 640
641int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, 641int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
642 unsigned char *key, size_t keylen) 642 unsigned char *key, size_t keylen)
643{ 643{
644 CMS_KEKRecipientInfo *kekri; 644 CMS_KEKRecipientInfo *kekri;
645 if (ri->type != CMS_RECIPINFO_KEK) { 645 if (ri->type != CMS_RECIPINFO_KEK) {
646 CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_KEY, CMS_R_NOT_KEK); 646 CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_KEY, CMS_R_NOT_KEK);
647 return 0; 647 return 0;
648 } 648 }
649 649
650 kekri = ri->d.kekri; 650 kekri = ri->d.kekri;
651 kekri->key = key; 651 kekri->key = key;
652 kekri->keylen = keylen; 652 kekri->keylen = keylen;
653 return 1; 653 return 1;
654} 654}
655 655
656/* Encrypt content key in KEK recipient info */ 656/* Encrypt content key in KEK recipient info */
657 657
658static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, 658static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms,
659 CMS_RecipientInfo *ri) 659 CMS_RecipientInfo *ri)
660{ 660{
661 CMS_EncryptedContentInfo *ec; 661 CMS_EncryptedContentInfo *ec;
662 CMS_KEKRecipientInfo *kekri; 662 CMS_KEKRecipientInfo *kekri;
663 AES_KEY actx; 663 AES_KEY actx;
664 unsigned char *wkey = NULL; 664 unsigned char *wkey = NULL;
665 int wkeylen; 665 int wkeylen;
666 int r = 0; 666 int r = 0;
667 667
668 ec = cms->d.envelopedData->encryptedContentInfo; 668 ec = cms->d.envelopedData->encryptedContentInfo;
669 669
670 kekri = ri->d.kekri; 670 kekri = ri->d.kekri;
671 671
672 if (!kekri->key) { 672 if (!kekri->key) {
673 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_NO_KEY); 673 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_NO_KEY);
674 return 0; 674 return 0;
675 } 675 }
676 676
677 if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx)) { 677 if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
678 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, 678 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT,
679 CMS_R_ERROR_SETTING_KEY); 679 CMS_R_ERROR_SETTING_KEY);
680 goto err; 680 goto err;
681 } 681 }
682 682
683 wkey = OPENSSL_malloc(ec->keylen + 8); 683 wkey = OPENSSL_malloc(ec->keylen + 8);
684 684
685 if (wkey == NULL) { 685 if (wkey == NULL) {
686 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, ERR_R_MALLOC_FAILURE); 686 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, ERR_R_MALLOC_FAILURE);
687 goto err; 687 goto err;
688 } 688 }
689 689
690 wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen); 690 wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen);
691 691
692 if (wkeylen <= 0) { 692 if (wkeylen <= 0) {
693 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_WRAP_ERROR); 693 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_WRAP_ERROR);
694 goto err; 694 goto err;
695 } 695 }
696 696
697 ASN1_STRING_set0(kekri->encryptedKey, wkey, wkeylen); 697 ASN1_STRING_set0(kekri->encryptedKey, wkey, wkeylen);
698 698
699 r = 1; 699 r = 1;
700 700
701 err: 701 err:
702 702
703 if (!r) 703 if (!r)
704 OPENSSL_free(wkey); 704 OPENSSL_free(wkey);
705 OPENSSL_cleanse(&actx, sizeof(actx)); 705 OPENSSL_cleanse(&actx, sizeof(actx));
706 706
707 return r; 707 return r;
708 708
709} 709}
710 710
711/* Decrypt content key in KEK recipient info */ 711/* Decrypt content key in KEK recipient info */
712 712
713static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, 713static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
714 CMS_RecipientInfo *ri) 714 CMS_RecipientInfo *ri)
715{ 715{
716 CMS_EncryptedContentInfo *ec; 716 CMS_EncryptedContentInfo *ec;
717 CMS_KEKRecipientInfo *kekri; 717 CMS_KEKRecipientInfo *kekri;
718 AES_KEY actx; 718 AES_KEY actx;
719 unsigned char *ukey = NULL; 719 unsigned char *ukey = NULL;
720 int ukeylen; 720 int ukeylen;
721 int r = 0, wrap_nid; 721 int r = 0, wrap_nid;
722 722
723 ec = cms->d.envelopedData->encryptedContentInfo; 723 ec = cms->d.envelopedData->encryptedContentInfo;
724 724
725 kekri = ri->d.kekri; 725 kekri = ri->d.kekri;
726 726
727 if (!kekri->key) { 727 if (!kekri->key) {
728 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_NO_KEY); 728 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_NO_KEY);
729 return 0; 729 return 0;
730 } 730 }
731 731
732 wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm); 732 wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm);
733 if (aes_wrap_keylen(wrap_nid) != kekri->keylen) { 733 if (aes_wrap_keylen(wrap_nid) != kekri->keylen) {
734 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, 734 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
735 CMS_R_INVALID_KEY_LENGTH); 735 CMS_R_INVALID_KEY_LENGTH);
736 return 0; 736 return 0;
737 } 737 }
738 738
739 /* If encrypted key length is invalid don't bother */ 739 /* If encrypted key length is invalid don't bother */
740 740
741 if (kekri->encryptedKey->length < 16) { 741 if (kekri->encryptedKey->length < 16) {
742 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, 742 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
743 CMS_R_INVALID_ENCRYPTED_KEY_LENGTH); 743 CMS_R_INVALID_ENCRYPTED_KEY_LENGTH);
744 goto err; 744 goto err;
745 } 745 }
746 746
747 if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx)) { 747 if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
748 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, 748 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
749 CMS_R_ERROR_SETTING_KEY); 749 CMS_R_ERROR_SETTING_KEY);
750 goto err; 750 goto err;
751 } 751 }
752 752
753 ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8); 753 ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8);
754 754
755 if (ukey == NULL) { 755 if (ukey == NULL) {
756 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, ERR_R_MALLOC_FAILURE); 756 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, ERR_R_MALLOC_FAILURE);
757 goto err; 757 goto err;
758 } 758 }
759 759
760 ukeylen = AES_unwrap_key(&actx, NULL, ukey, 760 ukeylen = AES_unwrap_key(&actx, NULL, ukey,
761 kekri->encryptedKey->data, 761 kekri->encryptedKey->data,
762 kekri->encryptedKey->length); 762 kekri->encryptedKey->length);
763 763
764 if (ukeylen <= 0) { 764 if (ukeylen <= 0) {
765 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_UNWRAP_ERROR); 765 CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_UNWRAP_ERROR);
766 goto err; 766 goto err;
767 } 767 }
768 768
769 ec->key = ukey; 769 ec->key = ukey;
770 ec->keylen = ukeylen; 770 ec->keylen = ukeylen;
771 771
772 r = 1; 772 r = 1;
773 773
774 err: 774 err:
775 775
776 if (!r) 776 if (!r)
777 OPENSSL_free(ukey); 777 OPENSSL_free(ukey);
778 OPENSSL_cleanse(&actx, sizeof(actx)); 778 OPENSSL_cleanse(&actx, sizeof(actx));
779 779
780 return r; 780 return r;
781 781
782} 782}
783 783
784int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) 784int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
785{ 785{
786 switch (ri->type) { 786 switch (ri->type) {
787 case CMS_RECIPINFO_TRANS: 787 case CMS_RECIPINFO_TRANS:
788 return cms_RecipientInfo_ktri_decrypt(cms, ri); 788 return cms_RecipientInfo_ktri_decrypt(cms, ri);
789 789
790 case CMS_RECIPINFO_KEK: 790 case CMS_RECIPINFO_KEK:
791 return cms_RecipientInfo_kekri_decrypt(cms, ri); 791 return cms_RecipientInfo_kekri_decrypt(cms, ri);
792 792
793 case CMS_RECIPINFO_PASS: 793 case CMS_RECIPINFO_PASS:
794 return cms_RecipientInfo_pwri_crypt(cms, ri, 0); 794 return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
795 795
796 default: 796 default:
797 CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT, 797 CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT,
798 CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE); 798 CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE);
799 return 0; 799 return 0;
800 } 800 }
801} 801}
802 802
803int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) 803int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
804{ 804{
805 switch (ri->type) { 805 switch (ri->type) {
806 case CMS_RECIPINFO_TRANS: 806 case CMS_RECIPINFO_TRANS:
807 return cms_RecipientInfo_ktri_encrypt(cms, ri); 807 return cms_RecipientInfo_ktri_encrypt(cms, ri);
808 808
809 case CMS_RECIPINFO_AGREE: 809 case CMS_RECIPINFO_AGREE:
810 return cms_RecipientInfo_kari_encrypt(cms, ri); 810 return cms_RecipientInfo_kari_encrypt(cms, ri);
811 811
812 case CMS_RECIPINFO_KEK: 812 case CMS_RECIPINFO_KEK:
813 return cms_RecipientInfo_kekri_encrypt(cms, ri); 813 return cms_RecipientInfo_kekri_encrypt(cms, ri);
814 814
815 case CMS_RECIPINFO_PASS: 815 case CMS_RECIPINFO_PASS:
816 return cms_RecipientInfo_pwri_crypt(cms, ri, 1); 816 return cms_RecipientInfo_pwri_crypt(cms, ri, 1);
817 817
818 default: 818 default:
819 CMSerr(CMS_F_CMS_RECIPIENTINFO_ENCRYPT, 819 CMSerr(CMS_F_CMS_RECIPIENTINFO_ENCRYPT,
820 CMS_R_UNSUPPORTED_RECIPIENT_TYPE); 820 CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
821 return 0; 821 return 0;
822 } 822 }
823} 823}
824 824
825/* Check structures and fixup version numbers (if necessary) */ 825/* Check structures and fixup version numbers (if necessary) */
826 826
827static void cms_env_set_originfo_version(CMS_EnvelopedData *env) 827static void cms_env_set_originfo_version(CMS_EnvelopedData *env)
828{ 828{
829 CMS_OriginatorInfo *org = env->originatorInfo; 829 CMS_OriginatorInfo *org = env->originatorInfo;
830 int i; 830 int i;
831 if (org == NULL) 831 if (org == NULL)
832 return; 832 return;
833 for (i = 0; i < sk_CMS_CertificateChoices_num(org->certificates); i++) { 833 for (i = 0; i < sk_CMS_CertificateChoices_num(org->certificates); i++) {
834 CMS_CertificateChoices *cch; 834 CMS_CertificateChoices *cch;
835 cch = sk_CMS_CertificateChoices_value(org->certificates, i); 835 cch = sk_CMS_CertificateChoices_value(org->certificates, i);
836 if (cch->type == CMS_CERTCHOICE_OTHER) { 836 if (cch->type == CMS_CERTCHOICE_OTHER) {
837 env->version = 4; 837 env->version = 4;
838 return; 838 return;
839 } else if (cch->type == CMS_CERTCHOICE_V2ACERT) { 839 } else if (cch->type == CMS_CERTCHOICE_V2ACERT) {
840 if (env->version < 3) 840 if (env->version < 3)
841 env->version = 3; 841 env->version = 3;
842 } 842 }
843 } 843 }
844 844
845 for (i = 0; i < sk_CMS_RevocationInfoChoice_num(org->crls); i++) { 845 for (i = 0; i < sk_CMS_RevocationInfoChoice_num(org->crls); i++) {
846 CMS_RevocationInfoChoice *rch; 846 CMS_RevocationInfoChoice *rch;
847 rch = sk_CMS_RevocationInfoChoice_value(org->crls, i); 847 rch = sk_CMS_RevocationInfoChoice_value(org->crls, i);
848 if (rch->type == CMS_REVCHOICE_OTHER) { 848 if (rch->type == CMS_REVCHOICE_OTHER) {
849 env->version = 4; 849 env->version = 4;
850 return; 850 return;
851 } 851 }
852 } 852 }
853} 853}
854 854
855static void cms_env_set_version(CMS_EnvelopedData *env) 855static void cms_env_set_version(CMS_EnvelopedData *env)
856{ 856{
857 int i; 857 int i;
858 CMS_RecipientInfo *ri; 858 CMS_RecipientInfo *ri;
859 859
860 /* 860 /*
861 * Can't set version higher than 4 so if 4 or more already nothing to do. 861 * Can't set version higher than 4 so if 4 or more already nothing to do.
862 */ 862 */
863 if (env->version >= 4) 863 if (env->version >= 4)
864 return; 864 return;
865 865
866 cms_env_set_originfo_version(env); 866 cms_env_set_originfo_version(env);
867 867
868 if (env->version >= 3) 868 if (env->version >= 3)
869 return; 869 return;
870 870
871 for (i = 0; i < sk_CMS_RecipientInfo_num(env->recipientInfos); i++) { 871 for (i = 0; i < sk_CMS_RecipientInfo_num(env->recipientInfos); i++) {
872 ri = sk_CMS_RecipientInfo_value(env->recipientInfos, i); 872 ri = sk_CMS_RecipientInfo_value(env->recipientInfos, i);
873 if (ri->type == CMS_RECIPINFO_PASS || ri->type == CMS_RECIPINFO_OTHER) { 873 if (ri->type == CMS_RECIPINFO_PASS || ri->type == CMS_RECIPINFO_OTHER) {
874 env->version = 3; 874 env->version = 3;
875 return; 875 return;
876 } else if (ri->type != CMS_RECIPINFO_TRANS 876 } else if (ri->type != CMS_RECIPINFO_TRANS
877 || ri->d.ktri->version != 0) { 877 || ri->d.ktri->version != 0) {
878 env->version = 2; 878 env->version = 2;
879 } 879 }
880 } 880 }
881 if (env->originatorInfo || env->unprotectedAttrs) 881 if (env->originatorInfo || env->unprotectedAttrs)
882 env->version = 2; 882 env->version = 2;
883 if (env->version == 2) 883 if (env->version == 2)
884 return; 884 return;
885 env->version = 0; 885 env->version = 0;
886} 886}
887 887
888BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms) 888BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
889{ 889{
890 CMS_EncryptedContentInfo *ec; 890 CMS_EncryptedContentInfo *ec;
891 STACK_OF(CMS_RecipientInfo) *rinfos; 891 STACK_OF(CMS_RecipientInfo) *rinfos;
892 CMS_RecipientInfo *ri; 892 CMS_RecipientInfo *ri;
893 int i, ok = 0; 893 int i, ok = 0;
894 BIO *ret; 894 BIO *ret;
895 895
896 /* Get BIO first to set up key */ 896 /* Get BIO first to set up key */
897 897
898 ec = cms->d.envelopedData->encryptedContentInfo; 898 ec = cms->d.envelopedData->encryptedContentInfo;
899 ret = cms_EncryptedContent_init_bio(ec); 899 ret = cms_EncryptedContent_init_bio(ec);
900 900
901 /* If error or no cipher end of processing */ 901 /* If error or no cipher end of processing */
902 902
903 if (!ret || !ec->cipher) 903 if (!ret || !ec->cipher)
904 return ret; 904 return ret;
905 905
906 /* Now encrypt content key according to each RecipientInfo type */ 906 /* Now encrypt content key according to each RecipientInfo type */
907 907
908 rinfos = cms->d.envelopedData->recipientInfos; 908 rinfos = cms->d.envelopedData->recipientInfos;
909 909
910 for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) { 910 for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) {
911 ri = sk_CMS_RecipientInfo_value(rinfos, i); 911 ri = sk_CMS_RecipientInfo_value(rinfos, i);
912 if (CMS_RecipientInfo_encrypt(cms, ri) <= 0) { 912 if (CMS_RecipientInfo_encrypt(cms, ri) <= 0) {
913 CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO, 913 CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO,
914 CMS_R_ERROR_SETTING_RECIPIENTINFO); 914 CMS_R_ERROR_SETTING_RECIPIENTINFO);
915 goto err; 915 goto err;
916 } 916 }
917 } 917 }
918 cms_env_set_version(cms->d.envelopedData); 918 cms_env_set_version(cms->d.envelopedData);
919 919
920 ok = 1; 920 ok = 1;
921 921
922 err: 922 err:
923 ec->cipher = NULL; 923 ec->cipher = NULL;
924 OPENSSL_clear_free(ec->key, ec->keylen); 924 OPENSSL_clear_free(ec->key, ec->keylen);
925 ec->key = NULL; 925 ec->key = NULL;
926 ec->keylen = 0; 926 ec->keylen = 0;
927 if (ok) 927 if (ok)
928 return ret; 928 return ret;
929 BIO_free(ret); 929 BIO_free(ret);
930 return NULL; 930 return NULL;
931 931
932} 932}
933 933
@@ -938,11 +938,11 @@ BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
938 */ 938 */
939int cms_pkey_get_ri_type(EVP_PKEY *pk) 939int cms_pkey_get_ri_type(EVP_PKEY *pk)
940{ 940{
941 if (pk->ameth && pk->ameth->pkey_ctrl) { 941 if (pk->ameth && pk->ameth->pkey_ctrl) {
942 int i, r; 942 int i, r;
943 i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_RI_TYPE, 0, &r); 943 i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_RI_TYPE, 0, &r);
944 if (i > 0) 944 if (i > 0)
945 return r; 945 return r;
946 } 946 }
947 return CMS_RECIPINFO_TRANS; 947 return CMS_RECIPINFO_TRANS;
948} 948}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 05:57:40 +0000