The Tor Browser: security/nss/lib/smime/cmsenvdata.c@b8a032363ba2 (annotated)

security/nss/lib/smime/cmsenvdata.c@b8a032363ba2 (annotated)

security/nss/lib/smime/cmsenvdata.c

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /*
  * CMS envelopedData methods.
  */
 #include "cmslocal.h"
 #include "cert.h"
 #include "key.h"
 #include "secasn1.h"
 #include "secitem.h"
 #include "secoid.h"
 #include "pk11func.h"
 #include "secerr.h"
 #include "secpkcs5.h"
 /*
  * NSS_CMSEnvelopedData_Create - create an enveloped data message
  */
 NSSCMSEnvelopedData *
 NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize)
 {
     void *mark;
     NSSCMSEnvelopedData *envd;
     PLArenaPool *poolp;
     SECStatus rv;
     poolp = cmsg->poolp;
     mark = PORT_ArenaMark(poolp);
     envd = (NSSCMSEnvelopedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSEnvelopedData));
     if (envd == NULL)
 	goto loser;
     envd->cmsg = cmsg;
     /* version is set in NSS_CMSEnvelopedData_Encode_BeforeStart() */
     rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, &(envd->contentInfo), algorithm, NULL, keysize);
     if (rv != SECSuccess)
 	goto loser;
     PORT_ArenaUnmark(poolp, mark);
     return envd;
 loser:
     PORT_ArenaRelease(poolp, mark);
     return NULL;
 }
 /*
  * NSS_CMSEnvelopedData_Destroy - destroy an enveloped data message
  */
 void
 NSS_CMSEnvelopedData_Destroy(NSSCMSEnvelopedData *edp)
 {
     NSSCMSRecipientInfo **recipientinfos;
     NSSCMSRecipientInfo *ri;
     if (edp == NULL)
 	return;
     recipientinfos = edp->recipientInfos;
     if (recipientinfos == NULL)
 	return;
     while ((ri = *recipientinfos++) != NULL)
 	NSS_CMSRecipientInfo_Destroy(ri);
    NSS_CMSContentInfo_Destroy(&(edp->contentInfo));
 }
 /*
  * NSS_CMSEnvelopedData_GetContentInfo - return pointer to this envelopedData's contentinfo
  */
 NSSCMSContentInfo *
 NSS_CMSEnvelopedData_GetContentInfo(NSSCMSEnvelopedData *envd)
 {
     return &(envd->contentInfo);
 }
 /*
  * NSS_CMSEnvelopedData_AddRecipient - add a recipientinfo to the enveloped data msg
  *
  * rip must be created on the same pool as edp - this is not enforced, though.
  */
 SECStatus
 NSS_CMSEnvelopedData_AddRecipient(NSSCMSEnvelopedData *edp, NSSCMSRecipientInfo *rip)
 {
     void *mark;
     SECStatus rv;
     /* XXX compare pools, if not same, copy rip into edp's pool */
     PR_ASSERT(edp != NULL);
     PR_ASSERT(rip != NULL);
     mark = PORT_ArenaMark(edp->cmsg->poolp);
     rv = NSS_CMSArray_Add(edp->cmsg->poolp, (void ***)&(edp->recipientInfos), (void *)rip);
     if (rv != SECSuccess) {
 	PORT_ArenaRelease(edp->cmsg->poolp, mark);
 	return SECFailure;
     }
     PORT_ArenaUnmark (edp->cmsg->poolp, mark);
     return SECSuccess;
 }
 /*
  * NSS_CMSEnvelopedData_Encode_BeforeStart - prepare this envelopedData for encoding
  *
  * at this point, we need
  * - recipientinfos set up with recipient's certificates
  * - a content encryption algorithm (if none, 3DES will be used)
  *
  * this function will generate a random content encryption key (aka bulk key),
  * initialize the recipientinfos with certificate identification and wrap the bulk key
  * using the proper algorithm for every certificiate.
  * it will finally set the bulk algorithm and key so that the encode step can find it.
  */
 SECStatus
 NSS_CMSEnvelopedData_Encode_BeforeStart(NSSCMSEnvelopedData *envd)
 {
     int version;
     NSSCMSRecipientInfo **recipientinfos;
     NSSCMSContentInfo *cinfo;
     PK11SymKey *bulkkey = NULL;
     SECOidTag bulkalgtag;
     CK_MECHANISM_TYPE type;
     PK11SlotInfo *slot;
     SECStatus rv;
     SECItem *dummy;
     PLArenaPool *poolp;
     extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
     void *mark = NULL;
     int i;
     poolp = envd->cmsg->poolp;
     cinfo = &(envd->contentInfo);
     recipientinfos = envd->recipientInfos;
     if (recipientinfos == NULL) {
 	PORT_SetError(SEC_ERROR_BAD_DATA);
 #if 0
 	PORT_SetErrorString("Cannot find recipientinfos to encode.");
 #endif
 	goto loser;
     }
     version = NSS_CMS_ENVELOPED_DATA_VERSION_REG;
     if (envd->originatorInfo != NULL || envd->unprotectedAttr != NULL) {
 	version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
     } else {
 	for (i = 0; recipientinfos[i] != NULL; i++) {
 	    if (NSS_CMSRecipientInfo_GetVersion(recipientinfos[i]) != 0) {
 		version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
 		break;
 	    }
 	}
     }
     dummy = SEC_ASN1EncodeInteger(poolp, &(envd->version), version);
     if (dummy == NULL)
 	goto loser;
     /* now we need to have a proper content encryption algorithm
      * on the SMIME level, we would figure one out by looking at SMIME capabilities
      * we cannot do that on our level, so if none is set already, we'll just go
      * with one of the mandatory algorithms (3DES) */
     if ((bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo)) == SEC_OID_UNKNOWN) {
 	rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, cinfo, SEC_OID_DES_EDE3_CBC, NULL, 168);
 	if (rv != SECSuccess)
 	    goto loser;
 	bulkalgtag = SEC_OID_DES_EDE3_CBC;
     }
     /* generate a random bulk key suitable for content encryption alg */
     type = PK11_AlgtagToMechanism(bulkalgtag);
     slot = PK11_GetBestSlot(type, envd->cmsg->pwfn_arg);
     if (slot == NULL)
 	goto loser;	/* error has been set by PK11_GetBestSlot */
     /* this is expensive... */
     bulkkey = PK11_KeyGen(slot, type, NULL, NSS_CMSContentInfo_GetBulkKeySize(cinfo) / 8, envd->cmsg->pwfn_arg);
     PK11_FreeSlot(slot);
     if (bulkkey == NULL)
 	goto loser;	/* error has been set by PK11_KeyGen */
     mark = PORT_ArenaMark(poolp);
     /* Encrypt the bulk key with the public key of each recipient.  */
     for (i = 0; recipientinfos[i] != NULL; i++) {
 	rv = NSS_CMSRecipientInfo_WrapBulkKey(recipientinfos[i], bulkkey, bulkalgtag);
 	if (rv != SECSuccess)
 	    goto loser;	/* error has been set by NSS_CMSRecipientInfo_EncryptBulkKey */
 	    		/* could be: alg not supported etc. */
     }
     /* the recipientinfos are all finished. now sort them by DER for SET OF encoding */
     rv = NSS_CMSArray_SortByDER((void **)envd->recipientInfos, NSSCMSRecipientInfoTemplate, NULL);
     if (rv != SECSuccess)
 	goto loser;	/* error has been set by NSS_CMSArray_SortByDER */
     /* store the bulk key in the contentInfo so that the encoder can find it */
     NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
     PORT_ArenaUnmark(poolp, mark);
     PK11_FreeSymKey(bulkkey);
     return SECSuccess;
 loser:
     if (mark != NULL)
 	PORT_ArenaRelease (poolp, mark);
     if (bulkkey)
 	PK11_FreeSymKey(bulkkey);
     return SECFailure;
 }
 /*
  * NSS_CMSEnvelopedData_Encode_BeforeData - set up encryption
  *
  * it is essential that this is called before the contentEncAlg is encoded, because
  * setting up the encryption may generate IVs and thus change it!
  */
 SECStatus
 NSS_CMSEnvelopedData_Encode_BeforeData(NSSCMSEnvelopedData *envd)
 {
     NSSCMSContentInfo *cinfo;
     PK11SymKey *bulkkey;
     SECAlgorithmID *algid;
     SECStatus rv;
     cinfo = &(envd->contentInfo);
     /* find bulkkey and algorithm - must have been set by NSS_CMSEnvelopedData_Encode_BeforeStart */
     bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
     if (bulkkey == NULL)
 	return SECFailure;
     algid = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
     if (algid == NULL)
 	return SECFailure;
     rv = NSS_CMSContentInfo_Private_Init(cinfo);
     if (rv != SECSuccess) {
 	return SECFailure;
     }
     /* this may modify algid (with IVs generated in a token).
      * it is essential that algid is a pointer to the contentEncAlg data, not a
      * pointer to a copy! */
     cinfo->privateInfo->ciphcx = NSS_CMSCipherContext_StartEncrypt(envd->cmsg->poolp, bulkkey, algid);
     PK11_FreeSymKey(bulkkey);
     if (cinfo->privateInfo->ciphcx == NULL)
 	return SECFailure;
     return SECSuccess;
 }
 /*
  * NSS_CMSEnvelopedData_Encode_AfterData - finalize this envelopedData for encoding
  */
 SECStatus
 NSS_CMSEnvelopedData_Encode_AfterData(NSSCMSEnvelopedData *envd)
 {
     if (envd->contentInfo.privateInfo && envd->contentInfo.privateInfo->ciphcx) {
 	NSS_CMSCipherContext_Destroy(envd->contentInfo.privateInfo->ciphcx);
 	envd->contentInfo.privateInfo->ciphcx = NULL;
     }
     /* nothing else to do after data */
     return SECSuccess;
 }
 /*
  * NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo,
  * derive bulk key & set up our contentinfo
  */
 SECStatus
 NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd)
 {
     NSSCMSRecipientInfo *ri;
     PK11SymKey *bulkkey = NULL;
     SECOidTag bulkalgtag;
     SECAlgorithmID *bulkalg;
     SECStatus rv = SECFailure;
     NSSCMSContentInfo *cinfo;
     NSSCMSRecipient **recipient_list = NULL;
     NSSCMSRecipient *recipient;
     int rlIndex;
     if (NSS_CMSArray_Count((void **)envd->recipientInfos) == 0) {
 	PORT_SetError(SEC_ERROR_BAD_DATA);
 #if 0
 	PORT_SetErrorString("No recipient data in envelope.");
 #endif
 	goto loser;
     }
     /* look if one of OUR cert's issuerSN is on the list of recipients, and if so,  */
     /* get the cert and private key for it right away */
     recipient_list = nss_cms_recipient_list_create(envd->recipientInfos);
     if (recipient_list == NULL)
 	goto loser;
     /* what about multiple recipientInfos that match?
      * especially if, for some reason, we could not produce a bulk key with the first match?!
      * we could loop & feed partial recipient_list to PK11_FindCertAndKeyByRecipientList...
      * maybe later... */
     rlIndex = PK11_FindCertAndKeyByRecipientListNew(recipient_list, envd->cmsg->pwfn_arg);
     /* if that fails, then we're not an intended recipient and cannot decrypt */
     if (rlIndex < 0) {
 	PORT_SetError(SEC_ERROR_NOT_A_RECIPIENT);
 #if 0
 	PORT_SetErrorString("Cannot decrypt data because proper key cannot be found.");
 #endif
 	goto loser;
     }
     recipient = recipient_list[rlIndex];
     if (!recipient->cert || !recipient->privkey) {
 	/* XXX should set an error code ?!? */
 	goto loser;
     }
     /* get a pointer to "our" recipientinfo */
     ri = envd->recipientInfos[recipient->riIndex];
     cinfo = &(envd->contentInfo);
     bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo);
     if (bulkalgtag == SEC_OID_UNKNOWN) {
 	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
     } else
 	bulkkey =
 	    NSS_CMSRecipientInfo_UnwrapBulkKey(ri,recipient->subIndex,
 						    recipient->cert,
 						    recipient->privkey,
 						    bulkalgtag);
     if (bulkkey == NULL) {
 	/* no success finding a bulk key */
 	goto loser;
     }
     NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
     bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
     rv = NSS_CMSContentInfo_Private_Init(cinfo);
     if (rv != SECSuccess) {
 	goto loser;
     }
     rv = SECFailure;
     cinfo->privateInfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
     if (cinfo->privateInfo->ciphcx == NULL)
 	goto loser;		/* error has been set by NSS_CMSCipherContext_StartDecrypt */
     rv = SECSuccess;
 loser:
     if (bulkkey)
 	PK11_FreeSymKey(bulkkey);
     if (recipient_list != NULL)
 	nss_cms_recipient_list_destroy(recipient_list);
     return rv;
 }
 /*
  * NSS_CMSEnvelopedData_Decode_AfterData - finish decrypting this envelopedData's content
  */
 SECStatus
 NSS_CMSEnvelopedData_Decode_AfterData(NSSCMSEnvelopedData *envd)
 {
     if (envd && envd->contentInfo.privateInfo && envd->contentInfo.privateInfo->ciphcx) {
 	NSS_CMSCipherContext_Destroy(envd->contentInfo.privateInfo->ciphcx);
 	envd->contentInfo.privateInfo->ciphcx = NULL;
     }
     return SECSuccess;
 }
 /*
  * NSS_CMSEnvelopedData_Decode_AfterEnd - finish decoding this envelopedData
  */
 SECStatus
 NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd)
 {
     /* apply final touches */
     return SECSuccess;
 }

The Tor Browser / annotate

security/nss/lib/smime/cmsenvdata.c@b8a032363ba2 (annotated)

security/nss/lib/smime/cmsenvdata.c