int
hx509_cms_envelope_1(hx509_context context,
int flags,
hx509_cert cert,
const void *data,
size_t length,
const heim_oid *encryption_type,
const heim_oid *contentType,
heim_octet_string *content)
{
KeyTransRecipientInfo *ri;
heim_octet_string ivec;
heim_octet_string key;
hx509_crypto crypto = NULL;
int ret, cmsidflag;
EnvelopedData ed;
size_t size;
memset(&ivec, 0, sizeof(ivec));
memset(&key, 0, sizeof(key));
memset(&ed, 0, sizeof(ed));
memset(content, 0, sizeof(*content));
if (encryption_type == NULL)
encryption_type = &asn1_oid_id_aes_256_cbc;
if ((flags & HX509_CMS_EV_NO_KU_CHECK) == 0) {
ret = _hx509_check_key_usage(context, cert, 1 << 2, TRUE);
if (ret)
goto out;
}
ret = hx509_crypto_init(context, NULL, encryption_type, &crypto);
if (ret)
goto out;
if (flags & HX509_CMS_EV_ALLOW_WEAK)
hx509_crypto_allow_weak(crypto);
ret = hx509_crypto_set_random_key(crypto, &key);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Create random key for EnvelopedData content");
goto out;
}
ret = hx509_crypto_random_iv(crypto, &ivec);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to create a random iv");
goto out;
}
ret = hx509_crypto_encrypt(crypto,
data,
length,
&ivec,
&ed.encryptedContentInfo.encryptedContent);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to encrypt EnvelopedData content");
goto out;
}
{
AlgorithmIdentifier *enc_alg;
enc_alg = &ed.encryptedContentInfo.contentEncryptionAlgorithm;
ret = der_copy_oid(encryption_type, &enc_alg->algorithm);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to set crypto oid "
"for EnvelopedData");
goto out;
}
ALLOC(enc_alg->parameters, 1);
if (enc_alg->parameters == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret,
"Failed to allocate crypto paramaters "
"for EnvelopedData");
goto out;
}
ret = hx509_crypto_get_params(context,
crypto,
&ivec,
enc_alg->parameters);
if (ret) {
goto out;
}
}
ALLOC_SEQ(&ed.recipientInfos, 1);
if (ed.recipientInfos.val == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret,
"Failed to allocate recipients info "
"for EnvelopedData");
goto out;
}
ri = &ed.recipientInfos.val[0];
if (flags & HX509_CMS_EV_ID_NAME) {
ri->version = 0;
cmsidflag = CMS_ID_NAME;
} else {
ri->version = 2;
cmsidflag = CMS_ID_SKI;
}
ret = fill_CMSIdentifier(cert, cmsidflag, &ri->rid);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to set CMS identifier info "
"for EnvelopedData");
goto out;
}
ret = hx509_cert_public_encrypt(context,
&key, cert,
&ri->keyEncryptionAlgorithm.algorithm,
&ri->encryptedKey);
if (ret) {
hx509_set_error_string(context, HX509_ERROR_APPEND, ret,
"Failed to encrypt transport key for "
"EnvelopedData");
goto out;
}
/*
*
*/
ed.version = 0;
ed.originatorInfo = NULL;
ret = der_copy_oid(contentType, &ed.encryptedContentInfo.contentType);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to copy content oid for "
"EnvelopedData");
goto out;
}
ed.unprotectedAttrs = NULL;
ASN1_MALLOC_ENCODE(EnvelopedData, content->data, content->length,
&ed, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to encode EnvelopedData");
goto out;
}
if (size != content->length)
_hx509_abort("internal ASN.1 encoder error");
out:
if (crypto)
hx509_crypto_destroy(crypto);
if (ret)
der_free_octet_string(content);
der_free_octet_string(&key);
der_free_octet_string(&ivec);
free_EnvelopedData(&ed);
return ret;
}
static int
verify_crl(hx509_context context,
hx509_revoke_ctx ctx,
CRLCertificateList *crl,
time_t time_now,
hx509_certs certs,
hx509_cert parent)
{
hx509_cert signer;
hx509_query q;
time_t t;
int ret;
t = _hx509_Time2time_t(&crl->tbsCertList.thisUpdate);
if (t > time_now) {
hx509_set_error_string(context, 0, HX509_CRL_USED_BEFORE_TIME,
"CRL used before time");
return HX509_CRL_USED_BEFORE_TIME;
}
if (crl->tbsCertList.nextUpdate == NULL) {
hx509_set_error_string(context, 0, HX509_CRL_INVALID_FORMAT,
"CRL missing nextUpdate");
return HX509_CRL_INVALID_FORMAT;
}
t = _hx509_Time2time_t(crl->tbsCertList.nextUpdate);
if (t < time_now) {
hx509_set_error_string(context, 0, HX509_CRL_USED_AFTER_TIME,
"CRL used after time");
return HX509_CRL_USED_AFTER_TIME;
}
_hx509_query_clear(&q);
/*
* If it's the signer have CRLSIGN bit set, use that as the signer
* cert for the certificate, otherwise, search for a certificate.
*/
if (_hx509_check_key_usage(context, parent, 1 << 6, FALSE) == 0) {
signer = hx509_cert_ref(parent);
} else {
q.match = HX509_QUERY_MATCH_SUBJECT_NAME;
q.match |= HX509_QUERY_KU_CRLSIGN;
q.subject_name = &crl->tbsCertList.issuer;
ret = hx509_certs_find(context, certs, &q, &signer);
if (ret) {
hx509_set_error_string(context, HX509_ERROR_APPEND, ret,
"Failed to find certificate for CRL");
return ret;
}
}
ret = _hx509_verify_signature_bitstring(context,
signer,
&crl->signatureAlgorithm,
&crl->tbsCertList._save,
&crl->signatureValue);
if (ret) {
hx509_set_error_string(context, HX509_ERROR_APPEND, ret,
"CRL signature invalid");
goto out;
}
/*
* If signer is not CA cert, need to check revoke status of this
* CRL signing cert too, this include all parent CRL signer cert
* up to the root *sigh*, assume root at least hve CERTSIGN flag
* set.
*/
while (_hx509_check_key_usage(context, signer, 1 << 5, TRUE)) {
hx509_cert crl_parent;
_hx509_query_clear(&q);
q.match = HX509_QUERY_MATCH_SUBJECT_NAME;
q.match |= HX509_QUERY_KU_CRLSIGN;
q.subject_name = &_hx509_get_cert(signer)->tbsCertificate.issuer;
ret = hx509_certs_find(context, certs, &q, &crl_parent);
if (ret) {
hx509_set_error_string(context, HX509_ERROR_APPEND, ret,
"Failed to find parent of CRL signer");
goto out;
}
ret = hx509_revoke_verify(context,
ctx,
certs,
time_now,
signer,
crl_parent);
hx509_cert_free(signer);
signer = crl_parent;
if (ret) {
hx509_set_error_string(context, HX509_ERROR_APPEND, ret,
"Failed to verify revoke "
"status of CRL signer");
goto out;
}
}
out:
hx509_cert_free(signer);
return ret;
}
