summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/cms/cms_kari.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/cms/cms_kari.c')
-rw-r--r--src/lib/libcrypto/cms/cms_kari.c96
1 files changed, 58 insertions, 38 deletions
diff --git a/src/lib/libcrypto/cms/cms_kari.c b/src/lib/libcrypto/cms/cms_kari.c
index 7aad3c755b..3605baac41 100644
--- a/src/lib/libcrypto/cms/cms_kari.c
+++ b/src/lib/libcrypto/cms/cms_kari.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cms_kari.c,v 1.5 2019/08/10 16:42:20 jsing Exp $ */ 1/* $OpenBSD: cms_kari.c,v 1.6 2019/08/10 18:15:52 jsing Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 * project. 4 * project.
@@ -64,9 +64,9 @@
64 64
65/* Key Agreement Recipient Info (KARI) routines */ 65/* Key Agreement Recipient Info (KARI) routines */
66 66
67int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, 67int
68 X509_ALGOR **palg, 68CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, X509_ALGOR **palg,
69 ASN1_OCTET_STRING **pukm) 69 ASN1_OCTET_STRING **pukm)
70{ 70{
71 if (ri->type != CMS_RECIPINFO_AGREE) { 71 if (ri->type != CMS_RECIPINFO_AGREE) {
72 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG, 72 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG,
@@ -77,13 +77,14 @@ int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
77 *palg = ri->d.kari->keyEncryptionAlgorithm; 77 *palg = ri->d.kari->keyEncryptionAlgorithm;
78 if (pukm) 78 if (pukm)
79 *pukm = ri->d.kari->ukm; 79 *pukm = ri->d.kari->ukm;
80
80 return 1; 81 return 1;
81} 82}
82 83
83/* Retrieve recipient encrypted keys from a kari */ 84/* Retrieve recipient encrypted keys from a kari */
84 85
85STACK_OF(CMS_RecipientEncryptedKey) 86STACK_OF(CMS_RecipientEncryptedKey) *
86*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri) 87CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri)
87{ 88{
88 if (ri->type != CMS_RECIPINFO_AGREE) { 89 if (ri->type != CMS_RECIPINFO_AGREE) {
89 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS, 90 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS,
@@ -93,14 +94,13 @@ STACK_OF(CMS_RecipientEncryptedKey)
93 return ri->d.kari->recipientEncryptedKeys; 94 return ri->d.kari->recipientEncryptedKeys;
94} 95}
95 96
96int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri, 97int
97 X509_ALGOR **pubalg, 98CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri, X509_ALGOR **pubalg,
98 ASN1_BIT_STRING **pubkey, 99 ASN1_BIT_STRING **pubkey, ASN1_OCTET_STRING **keyid, X509_NAME **issuer,
99 ASN1_OCTET_STRING **keyid, 100 ASN1_INTEGER **sno)
100 X509_NAME **issuer,
101 ASN1_INTEGER **sno)
102{ 101{
103 CMS_OriginatorIdentifierOrKey *oik; 102 CMS_OriginatorIdentifierOrKey *oik;
103
104 if (ri->type != CMS_RECIPINFO_AGREE) { 104 if (ri->type != CMS_RECIPINFO_AGREE) {
105 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID, 105 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID,
106 CMS_R_NOT_KEY_AGREEMENT); 106 CMS_R_NOT_KEY_AGREEMENT);
@@ -132,15 +132,18 @@ int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
132 *pubkey = oik->d.originatorKey->publicKey; 132 *pubkey = oik->d.originatorKey->publicKey;
133 } else 133 } else
134 return 0; 134 return 0;
135
135 return 1; 136 return 1;
136} 137}
137 138
138int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert) 139int
140CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert)
139{ 141{
140 CMS_OriginatorIdentifierOrKey *oik; 142 CMS_OriginatorIdentifierOrKey *oik;
143
141 if (ri->type != CMS_RECIPINFO_AGREE) { 144 if (ri->type != CMS_RECIPINFO_AGREE) {
142 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP, 145 CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP,
143 CMS_R_NOT_KEY_AGREEMENT); 146 CMS_R_NOT_KEY_AGREEMENT);
144 return -2; 147 return -2;
145 } 148 }
146 oik = ri->d.kari->originator; 149 oik = ri->d.kari->originator;
@@ -148,16 +151,17 @@ int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert)
148 return cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert); 151 return cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert);
149 else if (oik->type == CMS_OIK_KEYIDENTIFIER) 152 else if (oik->type == CMS_OIK_KEYIDENTIFIER)
150 return cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert); 153 return cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert);
154
151 return -1; 155 return -1;
152} 156}
153 157
154int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek, 158int
155 ASN1_OCTET_STRING **keyid, 159CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
156 ASN1_GENERALIZEDTIME **tm, 160 ASN1_OCTET_STRING **keyid, ASN1_GENERALIZEDTIME **tm,
157 CMS_OtherKeyAttribute **other, 161 CMS_OtherKeyAttribute **other, X509_NAME **issuer, ASN1_INTEGER **sno)
158 X509_NAME **issuer, ASN1_INTEGER **sno)
159{ 162{
160 CMS_KeyAgreeRecipientIdentifier *rid = rek->rid; 163 CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
164
161 if (rid->type == CMS_REK_ISSUER_SERIAL) { 165 if (rid->type == CMS_REK_ISSUER_SERIAL) {
162 if (issuer) 166 if (issuer)
163 *issuer = rid->d.issuerAndSerialNumber->issuer; 167 *issuer = rid->d.issuerAndSerialNumber->issuer;
@@ -182,13 +186,15 @@ int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
182 *sno = NULL; 186 *sno = NULL;
183 } else 187 } else
184 return 0; 188 return 0;
189
185 return 1; 190 return 1;
186} 191}
187 192
188int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek, 193int
189 X509 *cert) 194CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek, X509 *cert)
190{ 195{
191 CMS_KeyAgreeRecipientIdentifier *rid = rek->rid; 196 CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
197
192 if (rid->type == CMS_REK_ISSUER_SERIAL) 198 if (rid->type == CMS_REK_ISSUER_SERIAL)
193 return cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert); 199 return cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert);
194 else if (rid->type == CMS_REK_KEYIDENTIFIER) 200 else if (rid->type == CMS_REK_KEYIDENTIFIER)
@@ -197,7 +203,8 @@ int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
197 return -1; 203 return -1;
198} 204}
199 205
200int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk) 206int
207CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
201{ 208{
202 EVP_PKEY_CTX *pctx; 209 EVP_PKEY_CTX *pctx;
203 CMS_KeyAgreeRecipientInfo *kari = ri->d.kari; 210 CMS_KeyAgreeRecipientInfo *kari = ri->d.kari;
@@ -211,12 +218,14 @@ int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
211 goto err; 218 goto err;
212 kari->pctx = pctx; 219 kari->pctx = pctx;
213 return 1; 220 return 1;
221
214 err: 222 err:
215 EVP_PKEY_CTX_free(pctx); 223 EVP_PKEY_CTX_free(pctx);
216 return 0; 224 return 0;
217} 225}
218 226
219EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri) 227EVP_CIPHER_CTX *
228CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri)
220{ 229{
221 if (ri->type == CMS_RECIPINFO_AGREE) 230 if (ri->type == CMS_RECIPINFO_AGREE)
222 return ri->d.kari->ctx; 231 return ri->d.kari->ctx;
@@ -228,9 +237,9 @@ EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri)
228 * or the encrypted CEK. 237 * or the encrypted CEK.
229 */ 238 */
230 239
231static int cms_kek_cipher(unsigned char **pout, size_t *poutlen, 240static int
232 const unsigned char *in, size_t inlen, 241cms_kek_cipher(unsigned char **pout, size_t *poutlen, const unsigned char *in,
233 CMS_KeyAgreeRecipientInfo *kari, int enc) 242 size_t inlen, CMS_KeyAgreeRecipientInfo *kari, int enc)
234{ 243{
235 /* Key encryption key */ 244 /* Key encryption key */
236 unsigned char kek[EVP_MAX_KEY_LENGTH]; 245 unsigned char kek[EVP_MAX_KEY_LENGTH];
@@ -238,6 +247,7 @@ static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
238 int rv = 0; 247 int rv = 0;
239 unsigned char *out = NULL; 248 unsigned char *out = NULL;
240 int outlen; 249 int outlen;
250
241 keklen = EVP_CIPHER_CTX_key_length(kari->ctx); 251 keklen = EVP_CIPHER_CTX_key_length(kari->ctx);
242 if (keklen > EVP_MAX_KEY_LENGTH) 252 if (keklen > EVP_MAX_KEY_LENGTH)
243 return 0; 253 return 0;
@@ -267,18 +277,20 @@ static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
267 /* FIXME: WHY IS kari->pctx freed here? /RL */ 277 /* FIXME: WHY IS kari->pctx freed here? /RL */
268 EVP_PKEY_CTX_free(kari->pctx); 278 EVP_PKEY_CTX_free(kari->pctx);
269 kari->pctx = NULL; 279 kari->pctx = NULL;
280
270 return rv; 281 return rv;
271} 282}
272 283
273int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, 284int
274 CMS_RecipientInfo *ri, 285CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
275 CMS_RecipientEncryptedKey *rek) 286 CMS_RecipientEncryptedKey *rek)
276{ 287{
277 int rv = 0; 288 int rv = 0;
278 unsigned char *enckey = NULL, *cek = NULL; 289 unsigned char *enckey = NULL, *cek = NULL;
279 size_t enckeylen; 290 size_t enckeylen;
280 size_t ceklen; 291 size_t ceklen;
281 CMS_EncryptedContentInfo *ec; 292 CMS_EncryptedContentInfo *ec;
293
282 enckeylen = rek->encryptedKey->length; 294 enckeylen = rek->encryptedKey->length;
283 enckey = rek->encryptedKey->data; 295 enckey = rek->encryptedKey->data;
284 /* Setup all parameters to derive KEK */ 296 /* Setup all parameters to derive KEK */
@@ -293,18 +305,21 @@ int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
293 ec->keylen = ceklen; 305 ec->keylen = ceklen;
294 cek = NULL; 306 cek = NULL;
295 rv = 1; 307 rv = 1;
308
296 err: 309 err:
297 OPENSSL_free(cek); 310 OPENSSL_free(cek);
311
298 return rv; 312 return rv;
299} 313}
300 314
301/* Create ephemeral key and initialise context based on it */ 315/* Create ephemeral key and initialise context based on it */
302static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari, 316static int
303 EVP_PKEY *pk) 317cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari, EVP_PKEY *pk)
304{ 318{
305 EVP_PKEY_CTX *pctx = NULL; 319 EVP_PKEY_CTX *pctx = NULL;
306 EVP_PKEY *ekey = NULL; 320 EVP_PKEY *ekey = NULL;
307 int rv = 0; 321 int rv = 0;
322
308 pctx = EVP_PKEY_CTX_new(pk, NULL); 323 pctx = EVP_PKEY_CTX_new(pk, NULL);
309 if (!pctx) 324 if (!pctx)
310 goto err; 325 goto err;
@@ -320,17 +335,20 @@ static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
320 goto err; 335 goto err;
321 kari->pctx = pctx; 336 kari->pctx = pctx;
322 rv = 1; 337 rv = 1;
338
323 err: 339 err:
324 if (!rv) 340 if (!rv)
325 EVP_PKEY_CTX_free(pctx); 341 EVP_PKEY_CTX_free(pctx);
326 EVP_PKEY_free(ekey); 342 EVP_PKEY_free(ekey);
343
327 return rv; 344 return rv;
328} 345}
329 346
330/* Initialise a kari based on passed certificate and key */ 347/* Initialise a kari based on passed certificate and key */
331 348
332int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip, 349int
333 EVP_PKEY *pk, unsigned int flags) 350cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip, EVP_PKEY *pk,
351 unsigned int flags)
334{ 352{
335 CMS_KeyAgreeRecipientInfo *kari; 353 CMS_KeyAgreeRecipientInfo *kari;
336 CMS_RecipientEncryptedKey *rek = NULL; 354 CMS_RecipientEncryptedKey *rek = NULL;
@@ -371,15 +389,17 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
371 389
372 EVP_PKEY_up_ref(pk); 390 EVP_PKEY_up_ref(pk);
373 rek->pkey = pk; 391 rek->pkey = pk;
392
374 return 1; 393 return 1;
375} 394}
376 395
377static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari, 396static int
378 const EVP_CIPHER *cipher) 397cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari, const EVP_CIPHER *cipher)
379{ 398{
380 EVP_CIPHER_CTX *ctx = kari->ctx; 399 EVP_CIPHER_CTX *ctx = kari->ctx;
381 const EVP_CIPHER *kekcipher; 400 const EVP_CIPHER *kekcipher;
382 int keylen = EVP_CIPHER_key_length(cipher); 401 int keylen = EVP_CIPHER_key_length(cipher);
402
383 /* If a suitable wrap algorithm is already set nothing to do */ 403 /* If a suitable wrap algorithm is already set nothing to do */
384 kekcipher = EVP_CIPHER_CTX_cipher(ctx); 404 kekcipher = EVP_CIPHER_CTX_cipher(ctx);
385 405
@@ -403,13 +423,14 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
403 kekcipher = EVP_aes_192_wrap(); 423 kekcipher = EVP_aes_192_wrap();
404 else 424 else
405 kekcipher = EVP_aes_256_wrap(); 425 kekcipher = EVP_aes_256_wrap();
426
406 return EVP_EncryptInit_ex(ctx, kekcipher, NULL, NULL, NULL); 427 return EVP_EncryptInit_ex(ctx, kekcipher, NULL, NULL, NULL);
407} 428}
408 429
409/* Encrypt content key in key agreement recipient info */ 430/* Encrypt content key in key agreement recipient info */
410 431
411int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, 432int
412 CMS_RecipientInfo *ri) 433cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
413{ 434{
414 CMS_KeyAgreeRecipientInfo *kari; 435 CMS_KeyAgreeRecipientInfo *kari;
415 CMS_EncryptedContentInfo *ec; 436 CMS_EncryptedContentInfo *ec;
@@ -455,5 +476,4 @@ int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms,
455 } 476 }
456 477
457 return 1; 478 return 1;
458
459} 479}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 13:02:32 +0000