NSSCMSSignerInfo* nsCMSMessage::GetTopLevelSignerInfo()
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return nsnull;
if (!m_cmsMsg)
return nsnull;
if (!NSS_CMSMessage_IsSigned(m_cmsMsg))
return nsnull;
NSSCMSContentInfo *cinfo = NSS_CMSMessage_ContentLevel(m_cmsMsg, 0);
if (!cinfo)
return nsnull;
NSSCMSSignedData *sigd = (NSSCMSSignedData*)NSS_CMSContentInfo_GetContent(cinfo);
if (!sigd)
return nsnull;
PR_ASSERT(NSS_CMSSignedData_SignerInfoCount(sigd) > 0);
return NSS_CMSSignedData_GetSignerInfo(sigd, 0);
}
static int
verify1(struct message *m, int n)
{
SECItem **digests;
NSSCMSMessage *msg;
PLArenaPool *poolp;
SECAlgorithmID **algids;
CERTCertDBHandle *handle;
int nlevels, i;
int status = 0;
int foundsender = 0;
char *sender;
if ((m = getsig(m, n, &msg)) == NULL)
return 1;
sender = getsender(m);
handle = CERT_GetDefaultCertDB();
nlevels = NSS_CMSMessage_ContentLevelCount(msg);
for (i = 0; i < nlevels; i++) {
NSSCMSContentInfo *content;
SECOidTag tag;
content = NSS_CMSMessage_ContentLevel(msg, i);
tag = NSS_CMSContentInfo_GetContentTypeTag(content);
if (tag == SEC_OID_PKCS7_SIGNED_DATA) {
NSSCMSSignedData *data;
int nsigners, j;
if ((data = NSS_CMSContentInfo_GetContent(content))
== NULL) {
fprintf(stderr, "Signed data missing for "
"message %d.\n", n);
status = -1;
break;
}
if (!NSS_CMSSignedData_HasDigests(data)) {
algids = NSS_CMSSignedData_GetDigestAlgs(data);
if (getdig(m, n, &digests, &poolp, algids)
!= OKAY) {
status = -1;
break;
}
if (NSS_CMSSignedData_SetDigests(data, algids,
digests)
!= SECSuccess) {
fprintf(stderr, "Cannot set digests "
"for message %d.\n", n);
status = -1;
break;
}
PORT_FreeArena(poolp, PR_FALSE);
}
if (NSS_CMSSignedData_ImportCerts(data, handle,
certUsageEmailSigner,
PR_FALSE) != SECSuccess) {
fprintf(stderr, "Cannot temporarily import "
"certificates for "
"message %d.\n", n);
status = -1;
break;
}
nsigners = NSS_CMSSignedData_SignerInfoCount(data);
if (nsigners == 0) {
fprintf(stderr, "Message %d has no signers.\n",
n);
status = -1;
break;
}
if (!NSS_CMSSignedData_HasDigests(data)) {
fprintf(stderr, "Message %d has no digests.\n",
n);
status = -1;
break;
}
for (j = 0; j < nsigners; j++) {
const char *svs;
NSSCMSSignerInfo *info;
NSSCMSVerificationStatus vs;
SECStatus bad;
CERTCertificate *cert;
const char *addr;
int passed = 0;
info = NSS_CMSSignedData_GetSignerInfo(data, j);
cert = NSS_CMSSignerInfo_GetSigningCertificate
(info, handle);
bad = NSS_CMSSignedData_VerifySignerInfo(data,
j, handle,
certUsageEmailSigner);
vs = NSS_CMSSignerInfo_GetVerificationStatus
(info);
svs = NSS_CMSUtil_VerificationStatusToString
(vs);
addr = CERT_GetCertEmailAddress(&cert->subject);
if (sender != NULL && addr != NULL &&
asccasecmp(sender, addr) == 0)
foundsender++;
else {
addr = CERT_GetFirstEmailAddress(cert);
while (sender && addr) {
if (!asccasecmp(sender, addr)) {
foundsender++;
break;
}
addr = CERT_GetNextEmailAddress
(cert, addr);
}
}
if (CERT_VerifyCertNow(handle,
cert, PR_TRUE,
certUsageEmailSigner,
NULL) != SECSuccess)
fprintf(stderr, "Bad certificate for "
"signer <%s> of "
"message %d: %s.\n",
addr ? addr : "?", n,
bad_cert_str());
else
passed++;
if (bad)
fprintf(stderr, "Bad status for "
"signer <%s> of "
"message %d: %s.\n",
addr ? addr : "?",
n, svs);
else
passed++;
if (passed < 2)
status = -1;
else if (status == 0)
status = 1;
}
}
}
if (foundsender == 0) {
if (sender) {
fprintf(stderr, "Signers of message "
"%d do not include the sender <%s>\n",
n, sender);
status = -1;
} else
fprintf(stderr, "Warning: Message %d has no From: "
"header field.\n", n);
} else if (status == 1)
printf("Message %d was verified successfully.\n", n);
if (status == 0)
fprintf(stderr, "No verification information found in "
"message %d.\n", n);
NSS_CMSMessage_Destroy(msg);
return status != 1;
}
struct message *
smime_decrypt(struct message *m, const char *to, const char *cc, int signcall)
{
NSSCMSDecoderContext *ctx;
NSSCMSMessage *msg;
FILE *op, *hp, *bp;
char *buf = NULL;
size_t bufsize = 0, buflen, count;
char *cp;
struct str in, out;
FILE *yp;
long size;
int i, nlevels;
int binary = 0;
if ((yp = setinput(&mb, m, NEED_BODY)) == NULL)
return NULL;
if (nss_init() != OKAY)
return NULL;
if ((op = Ftemp(&cp, "Rp", "w+", 0600, 1)) == NULL) {
perror("tempfile");
return NULL;
}
rm(cp);
Ftfree(&cp);
if ((ctx = NSS_CMSDecoder_Start(NULL,
decoder_cb, op,
password_cb, "Pass phrase:",
NULL, NULL)) == NULL) {
fprintf(stderr, "Cannot start decoder.\n");
return NULL;
}
size = m->m_size;
if ((smime_split(yp, &hp, &bp, size, 1)) == STOP)
return NULL;
count = fsize(bp);
while (fgetline(&buf, &bufsize, &count, &buflen, bp, 0) != NULL) {
if (buf[0] == '\n')
break;
if ((cp = thisfield(buf, "content-transfer-encoding")) != NULL)
if (ascncasecmp(cp, "binary", 7) == 0)
binary = 1;
}
while (fgetline(&buf, &bufsize, &count, &buflen, bp, 0) != NULL) {
if (binary)
NSS_CMSDecoder_Update(ctx, buf, buflen);
else {
in.s = buf;
in.l = buflen;
mime_fromb64_b(&in, &out, 0, bp);
NSS_CMSDecoder_Update(ctx, out.s, out.l);
free(out.s);
}
}
free(buf);
if ((msg = NSS_CMSDecoder_Finish(ctx)) == NULL) {
fprintf(stderr, "Failed to decode message.\n");
Fclose(hp);
Fclose(bp);
return NULL;
}
nlevels = NSS_CMSMessage_ContentLevelCount(msg);
for (i = 0; i < nlevels; i++) {
NSSCMSContentInfo *content;
SECOidTag tag;
content = NSS_CMSMessage_ContentLevel(msg, i);
tag = NSS_CMSContentInfo_GetContentTypeTag(content);
if (tag == SEC_OID_PKCS7_DATA) {
const char *fld = "X-Encryption-Cipher";
SECOidTag alg;
int keysize;
alg = NSS_CMSContentInfo_GetContentEncAlgTag(content);
keysize = NSS_CMSContentInfo_GetBulkKeySize(content);
fseek(hp, 0L, SEEK_END);
switch (alg) {
case 0:
if (signcall) {
NSS_CMSMessage_Destroy(msg);
Fclose(hp);
Fclose(bp);
setinput(&mb, m, NEED_BODY);
return (struct message *)-1;
}
fprintf(hp, "%s: none\n", fld);
break;
case SEC_OID_RC2_CBC:
fprintf(hp, "%s: RC2, %d bits\n", fld, keysize);
break;
case SEC_OID_DES_CBC:
fprintf(hp, "%s: DES, 56 bits\n", fld);
break;
case SEC_OID_DES_EDE3_CBC:
fprintf(hp, "%s: 3DES, 112/168 bits\n", fld);
break;
case SEC_OID_FORTEZZA_SKIPJACK:
fprintf(hp, "%s: Fortezza\n", fld);
break;
default:
fprintf(hp, "%s: unknown type %lu\n", fld,
(unsigned long)alg);
}
fflush(hp);
rewind(hp);
}
}
NSS_CMSMessage_Destroy(msg);
fflush(op);
rewind(op);
Fclose(bp);
return smime_decrypt_assemble(m, hp, op);
}
enum okay
smime_certsave(struct message *m, int n, FILE *op)
{
NSSCMSMessage *msg;
CERTCertDBHandle *handle;
int nlevels, i, cnt = 0;
enum okay ok = OKAY;
if (nss_init() == STOP)
return STOP;
if ((m = getsig(m, n, &msg)) == NULL)
return 1;
handle = CERT_GetDefaultCertDB();
nlevels = NSS_CMSMessage_ContentLevelCount(msg);
for (i = 0; i < nlevels; i++) {
NSSCMSContentInfo *content;
SECOidTag tag;
content = NSS_CMSMessage_ContentLevel(msg, i);
tag = NSS_CMSContentInfo_GetContentTypeTag(content);
if (tag == SEC_OID_PKCS7_SIGNED_DATA) {
NSSCMSSignedData *data;
int nsigners, j;
if ((data = NSS_CMSContentInfo_GetContent(content))
== NULL) {
fprintf(stderr, "Signed data missing for "
"message %d.\n", n);
ok = STOP;
break;
}
if (NSS_CMSSignedData_ImportCerts(data, handle,
certUsageEmailSigner,
PR_FALSE) != SECSuccess) {
fprintf(stderr, "Cannot temporarily import "
"certificates for "
"message %d.\n", n);
ok = STOP;
break;
}
nsigners = NSS_CMSSignedData_SignerInfoCount(data);
if (nsigners == 0) {
fprintf(stderr, "Message %d has no signers.\n",
n);
ok = STOP;
break;
}
for (j = 0; j < nsigners; j++) {
NSSCMSSignerInfo *info;
CERTCertificateList *list;
CERTCertificate *cert;
int k;
info = NSS_CMSSignedData_GetSignerInfo(data, j);
list = NSS_CMSSignerInfo_GetCertList(info);
if (list) {
for (k = 0; k < list->len; k++) {
cert = (CERTCertificate *)
&list->certs[k];
dumpcert(cert, op);
cnt++;
}
}
cert = NSS_CMSSignerInfo_GetSigningCertificate
(info, handle);
if (cert) {
dumpcert(cert, op);
cnt++;
}
}
}
}
NSS_CMSMessage_Destroy(msg);
if (cnt == 0) {
fprintf(stderr, "No certificates found in message %d.\n", n);
ok = STOP;
}
return ok;
}
static CamelCipherValidity *
sm_verify_cmsg(CamelCipherContext *context, NSSCMSMessage *cmsg, CamelStream *extstream, CamelException *ex)
{
struct _CamelSMIMEContextPrivate *p = ((CamelSMIMEContext *)context)->priv;
NSSCMSSignedData *sigd = NULL;
NSSCMSEnvelopedData *envd;
NSSCMSEncryptedData *encd;
SECAlgorithmID **digestalgs;
NSSCMSDigestContext *digcx;
int count, i, nsigners, j;
SECItem **digests;
PLArenaPool *poolp = NULL;
CamelStreamMem *mem;
NSSCMSVerificationStatus status;
CamelCipherValidity *valid;
GString *description;
description = g_string_new("");
valid = camel_cipher_validity_new();
camel_cipher_validity_set_valid(valid, TRUE);
status = NSSCMSVS_Unverified;
/* NB: this probably needs to go into a decoding routine that can be used for processing
enveloped data too */
count = NSS_CMSMessage_ContentLevelCount(cmsg);
for (i = 0; i < count; i++) {
NSSCMSContentInfo *cinfo = NSS_CMSMessage_ContentLevel(cmsg, i);
SECOidTag typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
switch (typetag) {
case SEC_OID_PKCS7_SIGNED_DATA:
sigd = (NSSCMSSignedData *)NSS_CMSContentInfo_GetContent(cinfo);
if (sigd == NULL) {
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("No signed data in signature"));
goto fail;
}
/* need to build digests of the content */
if (!NSS_CMSSignedData_HasDigests(sigd)) {
if (extstream == NULL) {
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Digests missing from enveloped data"));
goto fail;
}
if ((poolp = PORT_NewArena(1024)) == NULL) {
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM));
goto fail;
}
digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
if (digcx == NULL) {
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
goto fail;
}
mem = (CamelStreamMem *)camel_stream_mem_new();
camel_stream_write_to_stream(extstream, (CamelStream *)mem);
NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
camel_object_unref(mem);
if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
goto fail;
}
if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) {
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests"));
goto fail;
}
PORT_FreeArena(poolp, PR_FALSE);
poolp = NULL;
}
/* import all certificates present */
if (NSS_CMSSignedData_ImportCerts(sigd, p->certdb, certUsageEmailSigner, PR_TRUE) != SECSuccess) {
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Certificate import failed"));
goto fail;
}
if (NSS_CMSSignedData_ImportCerts(sigd, p->certdb, certUsageEmailRecipient, PR_TRUE) != SECSuccess) {
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Certificate import failed"));
goto fail;
}
/* check for certs-only message */
nsigners = NSS_CMSSignedData_SignerInfoCount(sigd);
if (nsigners == 0) {
/* already imported certs above, not sure what usage we should use here or if this isn't handled above */
if (NSS_CMSSignedData_VerifyCertsOnly(sigd, p->certdb, certUsageEmailSigner) != SECSuccess) {
g_string_printf(description, _("Certificate is the only message, cannot verify certificates"));
} else {
status = NSSCMSVS_GoodSignature;
g_string_printf(description, _("Certificate is the only message, certificates imported and verified"));
}
} else {
if (!NSS_CMSSignedData_HasDigests(sigd)) {
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot find signature digests"));
goto fail;
}
for (j = 0; j < nsigners; j++) {
NSSCMSSignerInfo *si;
char *cn, *em;
si = NSS_CMSSignedData_GetSignerInfo(sigd, j);
NSS_CMSSignedData_VerifySignerInfo(sigd, j, p->certdb, certUsageEmailSigner);
status = NSS_CMSSignerInfo_GetVerificationStatus(si);
cn = NSS_CMSSignerInfo_GetSignerCommonName(si);
em = NSS_CMSSignerInfo_GetSignerEmailAddress(si);
g_string_append_printf(description, _("Signer: %s <%s>: %s\n"),
cn?cn:"<unknown>", em?em:"<unknown>",
sm_status_description(status));
camel_cipher_validity_add_certinfo(valid, CAMEL_CIPHER_VALIDITY_SIGN, cn, em);
if (cn)
PORT_Free(cn);
if (em)
PORT_Free(em);
if (status != NSSCMSVS_GoodSignature)
camel_cipher_validity_set_valid(valid, FALSE);
}
}
break;
case SEC_OID_PKCS7_ENVELOPED_DATA:
envd = (NSSCMSEnvelopedData *)NSS_CMSContentInfo_GetContent(cinfo);
break;
case SEC_OID_PKCS7_ENCRYPTED_DATA:
encd = (NSSCMSEncryptedData *)NSS_CMSContentInfo_GetContent(cinfo);
break;
case SEC_OID_PKCS7_DATA:
break;
default:
break;
}
}
camel_cipher_validity_set_valid(valid, status == NSSCMSVS_GoodSignature);
camel_cipher_validity_set_description(valid, description->str);
g_string_free(description, TRUE);
return valid;
fail:
camel_cipher_validity_free(valid);
g_string_free(description, TRUE);
return NULL;
}
nsresult nsCMSMessage::CommonVerifySignature(unsigned char* aDigestData, PRUint32 aDigestDataLen)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature, content level count %d\n", NSS_CMSMessage_ContentLevelCount(m_cmsMsg)));
NSSCMSContentInfo *cinfo = nsnull;
NSSCMSSignedData *sigd = nsnull;
NSSCMSSignerInfo *si;
PRInt32 nsigners;
nsresult rv = NS_ERROR_FAILURE;
if (!NSS_CMSMessage_IsSigned(m_cmsMsg)) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - not signed\n"));
return NS_ERROR_CMS_VERIFY_NOT_SIGNED;
}
cinfo = NSS_CMSMessage_ContentLevel(m_cmsMsg, 0);
if (cinfo) {
// I don't like this hard cast. We should check in some way, that we really have this type.
sigd = (NSSCMSSignedData*)NSS_CMSContentInfo_GetContent(cinfo);
}
if (!sigd) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - no content info\n"));
rv = NS_ERROR_CMS_VERIFY_NO_CONTENT_INFO;
goto loser;
}
if (aDigestData && aDigestDataLen)
{
SECItem digest;
digest.data = aDigestData;
digest.len = aDigestDataLen;
if (NSS_CMSSignedData_SetDigestValue(sigd, SEC_OID_SHA1, &digest)) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - bad digest\n"));
rv = NS_ERROR_CMS_VERIFY_BAD_DIGEST;
goto loser;
}
}
// Import certs. Note that import failure is not a signature verification failure. //
if (NSS_CMSSignedData_ImportCerts(sigd, CERT_GetDefaultCertDB(), certUsageEmailRecipient, PR_TRUE) != SECSuccess) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - can not import certs\n"));
}
nsigners = NSS_CMSSignedData_SignerInfoCount(sigd);
PR_ASSERT(nsigners > 0);
si = NSS_CMSSignedData_GetSignerInfo(sigd, 0);
// See bug 324474. We want to make sure the signing cert is
// still valid at the current time.
if (CERT_VerifyCertificateNow(CERT_GetDefaultCertDB(), si->cert, PR_TRUE,
certificateUsageEmailSigner,
si->cmsg->pwfn_arg, NULL) != SECSuccess) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - signing cert not trusted now\n"));
rv = NS_ERROR_CMS_VERIFY_UNTRUSTED;
goto loser;
}
// We verify the first signer info, only //
if (NSS_CMSSignedData_VerifySignerInfo(sigd, 0, CERT_GetDefaultCertDB(), certUsageEmailSigner) != SECSuccess) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - unable to verify signature\n"));
if (NSSCMSVS_SigningCertNotFound == si->verificationStatus) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - signing cert not found\n"));
rv = NS_ERROR_CMS_VERIFY_NOCERT;
}
else if(NSSCMSVS_SigningCertNotTrusted == si->verificationStatus) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - signing cert not trusted at signing time\n"));
rv = NS_ERROR_CMS_VERIFY_UNTRUSTED;
}
else if(NSSCMSVS_Unverified == si->verificationStatus) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - can not verify\n"));
rv = NS_ERROR_CMS_VERIFY_ERROR_UNVERIFIED;
}
else if(NSSCMSVS_ProcessingError == si->verificationStatus) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - processing error\n"));
rv = NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
else if(NSSCMSVS_BadSignature == si->verificationStatus) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - bad signature\n"));
rv = NS_ERROR_CMS_VERIFY_BAD_SIGNATURE;
}
else if(NSSCMSVS_DigestMismatch == si->verificationStatus) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - digest mismatch\n"));
rv = NS_ERROR_CMS_VERIFY_DIGEST_MISMATCH;
}
else if(NSSCMSVS_SignatureAlgorithmUnknown == si->verificationStatus) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - algo unknown\n"));
rv = NS_ERROR_CMS_VERIFY_UNKNOWN_ALGO;
}
else if(NSSCMSVS_SignatureAlgorithmUnsupported == si->verificationStatus) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - algo not supported\n"));
rv = NS_ERROR_CMS_VERIFY_UNSUPPORTED_ALGO;
}
else if(NSSCMSVS_MalformedSignature == si->verificationStatus) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - malformed signature\n"));
rv = NS_ERROR_CMS_VERIFY_MALFORMED_SIGNATURE;
}
goto loser;
}
// Save the profile. Note that save import failure is not a signature verification failure. //
if (NSS_SMIMESignerInfo_SaveSMIMEProfile(si) != SECSuccess) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsCMSMessage::CommonVerifySignature - unable to save smime profile\n"));
}
rv = NS_OK;
loser:
return rv;
}
nsresult
VerifyCMSDetachedSignatureIncludingCertificate(
const SECItem& buffer, const SECItem& detachedDigest,
nsresult (*verifyCertificate)(CERTCertificate* cert, void* context,
void* pinArg),
void *verifyCertificateContext, void* pinArg)
{
// XXX: missing pinArg is tolerated.
if (NS_WARN_IF(!buffer.data && buffer.len > 0) ||
NS_WARN_IF(!detachedDigest.data && detachedDigest.len > 0) ||
(!verifyCertificate) ||
NS_WARN_IF(!verifyCertificateContext)) {
return NS_ERROR_INVALID_ARG;
}
ScopedNSSCMSMessage
cmsMsg(NSS_CMSMessage_CreateFromDER(const_cast<SECItem*>(&buffer), nullptr,
nullptr, nullptr, nullptr, nullptr,
nullptr));
if (!cmsMsg) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
if (!NSS_CMSMessage_IsSigned(cmsMsg.get())) {
return NS_ERROR_CMS_VERIFY_NOT_SIGNED;
}
NSSCMSContentInfo* cinfo = NSS_CMSMessage_ContentLevel(cmsMsg.get(), 0);
if (!cinfo) {
return NS_ERROR_CMS_VERIFY_NO_CONTENT_INFO;
}
// signedData is non-owning
NSSCMSSignedData* signedData =
reinterpret_cast<NSSCMSSignedData*>(NSS_CMSContentInfo_GetContent(cinfo));
if (!signedData) {
return NS_ERROR_CMS_VERIFY_NO_CONTENT_INFO;
}
// Set digest value.
if (NSS_CMSSignedData_SetDigestValue(signedData, SEC_OID_SHA1,
const_cast<SECItem*>(&detachedDigest))) {
return NS_ERROR_CMS_VERIFY_BAD_DIGEST;
}
// Parse the certificates into CERTCertificate objects held in memory so
// verifyCertificate will be able to find them during path building.
ScopedCERTCertList certs(CERT_NewCertList());
if (!certs) {
return NS_ERROR_OUT_OF_MEMORY;
}
if (signedData->rawCerts) {
for (size_t i = 0; signedData->rawCerts[i]; ++i) {
ScopedCERTCertificate
cert(CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
signedData->rawCerts[i], nullptr, false,
true));
// Skip certificates that fail to parse
if (cert) {
if (CERT_AddCertToListTail(certs.get(), cert.get()) == SECSuccess) {
cert.forget(); // ownership transfered
} else {
return NS_ERROR_OUT_OF_MEMORY;
}
}
}
}
// Get the end-entity certificate.
int numSigners = NSS_CMSSignedData_SignerInfoCount(signedData);
if (NS_WARN_IF(numSigners != 1)) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
// signer is non-owning.
NSSCMSSignerInfo* signer = NSS_CMSSignedData_GetSignerInfo(signedData, 0);
if (NS_WARN_IF(!signer)) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
CERTCertificate* signerCert =
NSS_CMSSignerInfo_GetSigningCertificate(signer, CERT_GetDefaultCertDB());
if (!signerCert) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
nsresult rv = verifyCertificate(signerCert, verifyCertificateContext, pinArg);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
// See NSS_CMSContentInfo_GetContentTypeOID, which isn't exported from NSS.
SECOidData* contentTypeOidData =
SECOID_FindOID(&signedData->contentInfo.contentType);
if (!contentTypeOidData) {
return NS_ERROR_CMS_VERIFY_ERROR_PROCESSING;
}
return MapSECStatus(NSS_CMSSignerInfo_Verify(signer,
const_cast<SECItem*>(&detachedDigest),
&contentTypeOidData->oid));
}
