/*
* NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo,
* derive bulk key & set up our contentinfo
*/
SECStatus
NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd)
{
NSSCMSRecipientInfo *ri;
PK11SymKey *bulkkey = NULL;
SECOidTag bulkalgtag;
SECAlgorithmID *bulkalg;
SECStatus rv = SECFailure;
NSSCMSContentInfo *cinfo;
NSSCMSRecipient **recipient_list = NULL;
NSSCMSRecipient *recipient;
int rlIndex;
if (NSS_CMSArray_Count((void **)envd->recipientInfos) == 0) {
PORT_SetError(SEC_ERROR_BAD_DATA);
#if 0
PORT_SetErrorString("No recipient data in envelope.");
#endif
goto loser;
}
/* look if one of OUR cert's issuerSN is on the list of recipients, and if so, */
/* get the cert and private key for it right away */
recipient_list = nss_cms_recipient_list_create(envd->recipientInfos);
if (recipient_list == NULL)
goto loser;
/* what about multiple recipientInfos that match?
* especially if, for some reason, we could not produce a bulk key with the first match?!
* we could loop & feed partial recipient_list to PK11_FindCertAndKeyByRecipientList...
* maybe later... */
rlIndex = PK11_FindCertAndKeyByRecipientListNew(recipient_list, envd->cmsg->pwfn_arg);
/* if that fails, then we're not an intended recipient and cannot decrypt */
if (rlIndex < 0) {
PORT_SetError(SEC_ERROR_NOT_A_RECIPIENT);
#if 0
PORT_SetErrorString("Cannot decrypt data because proper key cannot be found.");
#endif
goto loser;
}
recipient = recipient_list[rlIndex];
if (!recipient->cert || !recipient->privkey) {
/* XXX should set an error code ?!? */
goto loser;
}
/* get a pointer to "our" recipientinfo */
ri = envd->recipientInfos[recipient->riIndex];
cinfo = &(envd->contentInfo);
bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo);
if (bulkalgtag == SEC_OID_UNKNOWN) {
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
} else
bulkkey =
NSS_CMSRecipientInfo_UnwrapBulkKey(ri,recipient->subIndex,
recipient->cert,
recipient->privkey,
bulkalgtag);
if (bulkkey == NULL) {
/* no success finding a bulk key */
goto loser;
}
NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
rv = NSS_CMSContentInfo_Private_Init(cinfo);
if (rv != SECSuccess) {
goto loser;
}
rv = SECFailure;
cinfo->privateInfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
if (cinfo->privateInfo->ciphcx == NULL)
goto loser; /* error has been set by NSS_CMSCipherContext_StartDecrypt */
rv = SECSuccess;
loser:
if (bulkkey)
PK11_FreeSymKey(bulkkey);
if (recipient_list != NULL)
nss_cms_recipient_list_destroy(recipient_list);
return rv;
}
SECStatus NSS_CMSRecipientInfo_GetCertAndKey(NSSCMSRecipientInfo *ri,
CERTCertificate** retcert,
SECKEYPrivateKey** retkey)
{
CERTCertificate* cert = NULL;
NSSCMSRecipient** recipients = NULL;
NSSCMSRecipientInfo* recipientInfos[2];
SECStatus rv = SECSuccess;
SECKEYPrivateKey* key = NULL;
if (!ri)
return SECFailure;
if (!retcert && !retkey) {
/* nothing requested, nothing found, success */
return SECSuccess;
}
if (retcert) {
*retcert = NULL;
}
if (retkey) {
*retkey = NULL;
}
if (ri->cert) {
cert = CERT_DupCertificate(ri->cert);
if (!cert) {
rv = SECFailure;
}
}
if (SECSuccess == rv && !cert) {
/* we don't have the cert, we have to look for it */
/* first build an NSS_CMSRecipient */
recipientInfos[0] = ri;
recipientInfos[1] = NULL;
recipients = nss_cms_recipient_list_create(recipientInfos);
if (recipients) {
/* now look for the cert and key */
if (0 == PK11_FindCertAndKeyByRecipientListNew(recipients,
ri->cmsg->pwfn_arg)) {
cert = CERT_DupCertificate(recipients[0]->cert);
key = SECKEY_CopyPrivateKey(recipients[0]->privkey);
} else {
rv = SECFailure;
}
nss_cms_recipient_list_destroy(recipients);
}
else {
rv = SECFailure;
}
} else if (SECSuccess == rv && cert && retkey) {
/* we have the cert, we just need the key now */
key = PK11_FindPrivateKeyFromCert(cert->slot, cert, ri->cmsg->pwfn_arg);
}
if (retcert) {
*retcert = cert;
} else {
if (cert) {
CERT_DestroyCertificate(cert);
}
}
if (retkey) {
*retkey = key;
} else {
if (key) {
SECKEY_DestroyPrivateKey(key);
}
}
return rv;
}
/*
* SecCmsEnvelopedDataDecodeBeforeData - find our recipientinfo,
* derive bulk key & set up our contentinfo
*/
OSStatus
SecCmsEnvelopedDataDecodeBeforeData(SecCmsEnvelopedData *envd)
{
SecCmsRecipientInfo *ri;
SecSymmetricKeyRef bulkkey = NULL;
SECOidTag bulkalgtag;
SECAlgorithmID *bulkalg;
OSStatus rv = SECFailure;
SecCmsContentInfo *cinfo;
SecCmsRecipient **recipient_list = NULL;
SecCmsRecipient *recipient;
int rlIndex;
if (SecCmsArrayCount((void **)envd->recipientInfos) == 0) {
PORT_SetError(SEC_ERROR_BAD_DATA);
#if 0
PORT_SetErrorString("No recipient data in envelope.");
#endif
goto loser;
}
/* look if one of OUR cert's issuerSN is on the list of recipients, and if so, */
/* get the cert and private key for it right away */
recipient_list = nss_cms_recipient_list_create(envd->recipientInfos);
if (recipient_list == NULL)
goto loser;
/* what about multiple recipientInfos that match?
* especially if, for some reason, we could not produce a bulk key with the first match?!
* we could loop & feed partial recipient_list to PK11_FindCertAndKeyByRecipientList...
* maybe later... */
rlIndex = nss_cms_FindCertAndKeyByRecipientList(recipient_list, envd->cmsg->pwfn_arg);
/* if that fails, then we're not an intended recipient and cannot decrypt */
if (rlIndex < 0) {
PORT_SetError(SEC_ERROR_NOT_A_RECIPIENT);
#if 0
PORT_SetErrorString("Cannot decrypt data because proper key cannot be found.");
#endif
goto loser;
}
recipient = recipient_list[rlIndex];
if (!recipient->cert || !recipient->privkey) {
/* XXX should set an error code ?!? */
goto loser;
}
/* get a pointer to "our" recipientinfo */
ri = envd->recipientInfos[recipient->riIndex];
cinfo = &(envd->contentInfo);
bulkalgtag = SecCmsContentInfoGetContentEncAlgTag(cinfo);
bulkkey = SecCmsRecipientInfoUnwrapBulkKey(ri,recipient->subIndex,
recipient->cert,
recipient->privkey,
bulkalgtag);
if (bulkkey == NULL) {
/* no success finding a bulk key */
goto loser;
}
SecCmsContentInfoSetBulkKey(cinfo, bulkkey);
// @@@ See 3401088 for details. We need to CFRelease cinfo->bulkkey before recipient->privkey gets CFReleased. It's created with SecKeyCreate which is not safe currently. If the private key's SecKeyRef from which we extracted the CSP gets CFRelease before the builkkey does we crash. We should really fix SecKeyCreate which is a huge hack currently. To work around this we add recipient->privkey to the cinfo so it gets when cinfo is destroyed.
CFRetain(recipient->privkey);
cinfo->privkey = recipient->privkey;
bulkalg = SecCmsContentInfoGetContentEncAlg(cinfo);
cinfo->ciphcx = SecCmsCipherContextStartDecrypt(bulkkey, bulkalg);
if (cinfo->ciphcx == NULL)
goto loser; /* error has been set by SecCmsCipherContextStartDecrypt */
#if 1
// @@@ Fix me
#else
/*
* HACK ALERT!!
* For PKCS5 Encryption Algorithms, the bulkkey is actually a different
* structure. Therefore, we need to set the bulkkey to the actual key
* prior to freeing it.
*/
if (SEC_PKCS5IsAlgorithmPBEAlg(bulkalg)) {
SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
bulkkey = keyPwd->key;
}
#endif
rv = SECSuccess;
loser:
if (bulkkey)
CFRelease(bulkkey);
if (recipient_list != NULL)
nss_cms_recipient_list_destroy(recipient_list);
return rv;
}
