libksba  1.6.0
About: KSBA is a library to make the tasks of working with X.509 certificates, CMS data and related objects more easy.
  Fossies Dox: libksba-1.6.0.tar.bz2  ("unofficial" and yet experimental doxygen-generated source code documentation)  

cms-parser.c
Go to the documentation of this file.
1 /* cms-parse.c - parse cryptographic message syntax
2  * Copyright (C) 2001, 2012 g10 Code GmbH
3  *
4  * This file is part of KSBA.
5  *
6  * KSBA is free software; you can redistribute it and/or modify
7  * it under the terms of either
8  *
9  * - the GNU Lesser General Public License as published by the Free
10  * Software Foundation; either version 3 of the License, or (at
11  * your option) any later version.
12  *
13  * or
14  *
15  * - the GNU General Public License as published by the Free
16  * Software Foundation; either version 2 of the License, or (at
17  * your option) any later version.
18  *
19  * or both in parallel, as here.
20  *
21  * KSBA is distributed in the hope that it will be useful, but WITHOUT
22  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
23  * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
24  * License for more details.
25  *
26  * You should have received a copies of the GNU General Public License
27  * and the GNU Lesser General Public License along with this program;
28  * if not, see <http://www.gnu.org/licenses/>.
29  */
30 
31 /*
32  We handle CMS by using a handcrafted parser for the outer
33  structures and the generic parser of the parts we can handle in
34  memory. Extending the generic parser to allow hooks for indefinite
35  length objects and to auto select the object depending on the
36  content type OID is too complicated.
37 */
38 
39 
40 #include <config.h>
41 #include <stdio.h>
42 #include <stdlib.h>
43 #include <string.h>
44 #include <assert.h>
45 #include "util.h"
46 
47 #include "cms.h"
48 #include "asn1-func.h" /* need some constants */
49 #include "ber-decoder.h"
50 #include "ber-help.h"
51 #include "keyinfo.h"
52 
53 static int
55 {
56  unsigned char buf;
57  size_t nread;
58  int rc;
59 
60  do
61  rc = ksba_reader_read (reader, &buf, 1, &nread);
62  while (!rc && !nread);
63  return rc? -1: buf;
64 }
65 
66 /* read COUNT bytes into buffer. Return 0 on success */
67 static int
68 read_buffer (ksba_reader_t reader, char *buffer, size_t count)
69 {
70  size_t nread;
71 
72  while (count)
73  {
74  if (ksba_reader_read (reader, buffer, count, &nread))
75  return -1;
76  buffer += nread;
77  count -= nread;
78  }
79  return 0;
80 }
81 
82 /* Create a new decoder and run it for the given element */
83 static gpg_error_t
84 create_and_run_decoder (ksba_reader_t reader, const char *elem_name,
85  unsigned int flags,
86  AsnNode *r_root,
87  unsigned char **r_image, size_t *r_imagelen)
88 {
89  gpg_error_t err;
90  ksba_asn_tree_t cms_tree;
91  BerDecoder decoder;
92 
93  err = ksba_asn_create_tree ("cms", &cms_tree);
94  if (err)
95  return err;
96 
97  decoder = _ksba_ber_decoder_new ();
98  if (!decoder)
99  {
100  ksba_asn_tree_release (cms_tree);
101  return gpg_error (GPG_ERR_ENOMEM);
102  }
103 
104  err = _ksba_ber_decoder_set_reader (decoder, reader);
105  if (err)
106  {
107  ksba_asn_tree_release (cms_tree);
108  _ksba_ber_decoder_release (decoder);
109  return err;
110  }
111 
112  err = _ksba_ber_decoder_set_module (decoder, cms_tree);
113  if (err)
114  {
115  ksba_asn_tree_release (cms_tree);
116  _ksba_ber_decoder_release (decoder);
117  return err;
118  }
119 
120  err = _ksba_ber_decoder_decode (decoder, elem_name, flags,
121  r_root, r_image, r_imagelen);
122 
123  _ksba_ber_decoder_release (decoder);
124  ksba_asn_tree_release (cms_tree);
125  return err;
126 }
127 
128 
129 ␌
130 /* Parse this structure and return the oid of the content. The read
131  position is then located at the value of content. This fucntion is
132  the core for parsing ContentInfo and EncapsulatedContentInfo.
133 
134  ContentInfo ::= SEQUENCE {
135  contentType ContentType,
136  content [0] EXPLICIT ANY DEFINED BY contentType
137  }
138  ContentType ::= OBJECT IDENTIFIER
139 
140  Returns: 0 on success or an error code. Other values are returned
141  by the parameters.
142 
143 */
144 static gpg_error_t
146  unsigned long *r_len, int *r_ndef,
147  char **r_oid, int *has_content)
148 {
149  struct tag_info ti;
150  gpg_error_t err;
151  int content_ndef;
152  unsigned long content_len;
153  unsigned char oidbuf[100]; /* pretty large for an OID */
154  char *oid = NULL;
155 
156  /* read the sequence triplet */
157  err = _ksba_ber_read_tl (reader, &ti);
158  if (err)
159  return err;
160  if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_SEQUENCE
161  && ti.is_constructed) )
162  return gpg_error (GPG_ERR_INV_CMS_OBJ);
163  content_len = ti.length;
164  content_ndef = ti.ndef;
165  if (!content_ndef && content_len < 3)
166  return gpg_error (GPG_ERR_TOO_SHORT); /* to encode an OID */
167 
168  /* read the OID */
169  err = _ksba_ber_read_tl (reader, &ti);
170  if (err)
171  return err;
172  if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_OBJECT_ID
173  && !ti.is_constructed && ti.length) )
174  return gpg_error (GPG_ERR_INV_CMS_OBJ);
175  if (!content_ndef)
176  {
177  if (content_len < ti.nhdr)
178  return gpg_error (GPG_ERR_BAD_BER); /* triplet header larger that sequence */
179  content_len -= ti.nhdr;
180  if (content_len < ti.length)
181  return gpg_error (GPG_ERR_BAD_BER); /* triplet larger that sequence */
182  content_len -= ti.length;
183  }
184 
185  if (ti.length >= DIM(oidbuf))
186  return gpg_error (GPG_ERR_TOO_LARGE);
187  err = read_buffer (reader, oidbuf, ti.length);
188  if (err)
189  return err;
190  oid = ksba_oid_to_str (oidbuf, ti.length);
191  if (!oid)
192  return gpg_error (GPG_ERR_ENOMEM);
193 
194  if (!content_ndef && !content_len)
195  { /* no data */
196  *has_content = 0;
197  }
198  else
199  { /* now read the explicit tag 0 which is optional */
200  err = _ksba_ber_read_tl (reader, &ti);
201  if (err)
202  {
203  xfree (oid);
204  return err;
205  }
206 
207  if ( ti.class == CLASS_CONTEXT && ti.tag == 0 && ti.is_constructed )
208  {
209  *has_content = 1;
210  }
211  else if ( ti.class == CLASS_UNIVERSAL && ti.tag == 0 && !ti.is_constructed )
212  {
213  *has_content = 0; /* this is optional - allow NUL tag */
214  }
215  else /* neither [0] nor NULL */
216  {
217  xfree (oid);
218  return gpg_error (GPG_ERR_INV_CMS_OBJ);
219  }
220  if (!content_ndef)
221  {
222  if (content_len < ti.nhdr)
223  return gpg_error (GPG_ERR_BAD_BER); /* triplet header larger that sequence */
224  content_len -= ti.nhdr;
225  if (!ti.ndef && content_len < ti.length)
226  return gpg_error (GPG_ERR_BAD_BER); /* triplet larger that sequence */
227  }
228  }
229  *r_len = content_len;
230  *r_ndef = content_ndef;
231  *r_oid = oid;
232  return 0;
233 }
234 
235 ␌
236 /* Parse this structure and return the oid of the content as well as
237  the algorithm identifier. The read position is then located at the
238  value of the octect string.
239 
240  EncryptedContentInfo ::= SEQUENCE {
241  contentType OBJECT IDENTIFIER,
242  contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
243  encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL }
244 
245  Returns: 0 on success or an error code. Other values are returned
246  by the parameters.
247 */
248 static gpg_error_t
250  unsigned long *r_len, int *r_ndef,
251  char **r_cont_oid, char **r_algo_oid,
252  char **r_algo_parm, size_t *r_algo_parmlen,
253  int *r_algo_parmtype,
254  int *has_content)
255 {
256  struct tag_info ti;
257  gpg_error_t err;
258  int content_ndef;
259  unsigned long content_len;
260  unsigned char tmpbuf[500]; /* for OID or algorithmIdentifier */
261  char *cont_oid = NULL;
262  char *algo_oid = NULL;
263  char *algo_parm = NULL;
264  size_t algo_parmlen;
265  size_t nread;
266  int algo_parmtype;
267 
268  /* Fixme: release oids in case of errors */
269 
270  /* read the sequence triplet */
271  err = _ksba_ber_read_tl (reader, &ti);
272  if (err)
273  return err;
274  if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_SEQUENCE
275  && ti.is_constructed) )
276  return gpg_error (GPG_ERR_INV_CMS_OBJ);
277  content_len = ti.length;
278  content_ndef = ti.ndef;
279  if (!content_ndef && content_len < 3)
280  return gpg_error (GPG_ERR_TOO_SHORT); /* to encode an OID */
281 
282  /* read the OID */
283  err = _ksba_ber_read_tl (reader, &ti);
284  if (err)
285  return err;
286  if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_OBJECT_ID
287  && !ti.is_constructed && ti.length) )
288  return gpg_error (GPG_ERR_INV_CMS_OBJ);
289  if (!content_ndef)
290  {
291  if (content_len < ti.nhdr)
292  return gpg_error (GPG_ERR_BAD_BER); /* triplet header larger that sequence */
293  content_len -= ti.nhdr;
294  if (content_len < ti.length)
295  return gpg_error (GPG_ERR_BAD_BER); /* triplet larger that sequence */
296  content_len -= ti.length;
297  }
298  if (ti.length >= DIM(tmpbuf))
299  return gpg_error (GPG_ERR_TOO_LARGE);
300  err = read_buffer (reader, tmpbuf, ti.length);
301  if (err)
302  return err;
303  cont_oid = ksba_oid_to_str (tmpbuf, ti.length);
304  if (!cont_oid)
305  return gpg_error (GPG_ERR_ENOMEM);
306 
307  /* read the algorithmIdentifier */
308  err = _ksba_ber_read_tl (reader, &ti);
309  if (err)
310  return err;
311  if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_SEQUENCE
312  && ti.is_constructed) )
313  return gpg_error (GPG_ERR_INV_CMS_OBJ);
314  if (!content_ndef)
315  {
316  if (content_len < ti.nhdr)
317  return gpg_error (GPG_ERR_BAD_BER); /* triplet header larger that sequence */
318  content_len -= ti.nhdr;
319  if (content_len < ti.length)
320  return gpg_error (GPG_ERR_BAD_BER); /* triplet larger that sequence */
321  content_len -= ti.length;
322  }
323  if (ti.nhdr + ti.length >= DIM(tmpbuf))
324  return gpg_error (GPG_ERR_TOO_LARGE);
325  memcpy (tmpbuf, ti.buf, ti.nhdr);
326  err = read_buffer (reader, tmpbuf+ti.nhdr, ti.length);
327  if (err)
328  return err;
329  err = _ksba_parse_algorithm_identifier3 (tmpbuf, ti.nhdr+ti.length,
330  0x30,
331  &nread, &algo_oid,
332  &algo_parm, &algo_parmlen,
333  &algo_parmtype);
334  if (err)
335  return err;
336  assert (nread <= ti.nhdr + ti.length);
337  if (nread < ti.nhdr + ti.length)
338  return gpg_error (GPG_ERR_TOO_SHORT);
339 
340  /* the optional encryptedDataInfo */
341  *has_content = 0;
342  if (content_ndef || content_len)
343  { /* now read the implicit tag 0. Actually this is optional but
344  in that case we don't expect to have a content_len - well, it
345  may be the end tag */
346  err = _ksba_ber_read_tl (reader, &ti);
347  if (err)
348  {
349  xfree (cont_oid);
350  xfree (algo_oid);
351  return err;
352  }
353 
354  /* Note: the tag may either denote a constructed or a primitve
355  object. Actually this should match the use of NDEF header
356  but we don't ceck that */
357  if ( ti.class == CLASS_CONTEXT && ti.tag == 0 )
358  {
359  *has_content = 1;
360  if (!content_ndef)
361  {
362  if (content_len < ti.nhdr)
363  return gpg_error (GPG_ERR_BAD_BER);
364  content_len -= ti.nhdr;
365  if (!ti.ndef && content_len < ti.length)
366  return gpg_error (GPG_ERR_BAD_BER);
367  }
368  }
369  else /* not what we want - push it back */
370  {
371  *has_content = 0;
372  err = ksba_reader_unread (reader, ti.buf, ti.nhdr);
373  if (err)
374  return err;
375  }
376  }
377  *r_len = content_len;
378  *r_ndef = content_ndef;
379  *r_cont_oid = cont_oid;
380  *r_algo_oid = algo_oid;
381  *r_algo_parm = algo_parm;
382  *r_algo_parmlen = algo_parmlen;
383  *r_algo_parmtype = algo_parmtype;
384  return 0;
385 }
386 
387 
388 ␌
389 /* Parse this structure and return the oid of the content. The read
390  position is then located at the value of content.
391 
392  ContentInfo ::= SEQUENCE {
393  contentType ContentType,
394  content [0] EXPLICIT ANY DEFINED BY contentType
395  }
396  ContentType ::= OBJECT IDENTIFIER
397 
398  Returns: 0 on success or an error code. On success the OID and the
399  length values are stored in the cms structure.
400 */
401 gpg_error_t
403 {
404  gpg_error_t err;
405  int has_content;
406  int content_ndef;
407  unsigned long content_len;
408  char *oid;
409 
410  err = parse_content_info (cms->reader, &content_len, &content_ndef,
411  &oid, &has_content);
412  if (err)
413  { /* return a more meaningful error message. This way the caller
414  can pass arbitrary data to the function and get back an error
415  that this is not CMS instead of the the not very detailed BER
416  Error. */
417  if (gpg_err_code (err) == GPG_ERR_BAD_BER
418  || gpg_err_code (err) == GPG_ERR_INV_CMS_OBJ
419  || gpg_err_code (err) == GPG_ERR_TOO_SHORT)
420  err = gpg_error (GPG_ERR_NO_CMS_OBJ);
421  return err;
422  }
423  if (!has_content)
424  return gpg_error (GPG_ERR_NO_CMS_OBJ); /* It is not optional here */
425  cms->content.length = content_len;
426  cms->content.ndef = content_ndef;
427  xfree (cms->content.oid);
428  cms->content.oid = oid;
429  return 0;
430 }
431 
432 
433 ␌
434 /* parse a SEQUENCE and the first element which is expected to be the
435  CMS version. Return the version and the length info */
436 static gpg_error_t
437 parse_cms_version (ksba_reader_t reader, int *r_version,
438  unsigned long *r_len, int *r_ndef)
439 {
440  struct tag_info ti;
441  gpg_error_t err;
442  unsigned long data_len;
443  int data_ndef;
444  int c;
445 
446  /* read the sequence triplet */
447  err = _ksba_ber_read_tl (reader, &ti);
448  if (err)
449  return err;
450  if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_SEQUENCE
451  && ti.is_constructed) )
452  return gpg_error (GPG_ERR_INV_CMS_OBJ);
453  data_len = ti.length;
454  data_ndef = ti.ndef;
455  if (!data_ndef && data_len < 3)
456  return gpg_error (GPG_ERR_TOO_SHORT); /*to encode the version*/
457 
458  /* read the version integer */
459  err = _ksba_ber_read_tl (reader, &ti);
460  if (err)
461  return err;
462  if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_INTEGER
463  && !ti.is_constructed && ti.length) )
464  return gpg_error (GPG_ERR_INV_CMS_OBJ);
465  if (!data_ndef)
466  {
467  if (data_len < ti.nhdr)
468  return gpg_error (GPG_ERR_BAD_BER); /* triplet header larger that sequence */
469  data_len -= ti.nhdr;
470  if (data_len < ti.length)
471  return gpg_error (GPG_ERR_BAD_BER); /* triplet larger that sequence */
472  data_len -= ti.length;
473  }
474  if (ti.length != 1)
475  return gpg_error (GPG_ERR_UNSUPPORTED_CMS_VERSION);
476  if ( (c=read_byte (reader)) == -1)
477  {
478  err = ksba_reader_error (reader);
479  return err? err : gpg_error (GPG_ERR_GENERAL);
480  }
481  if ( !(c == 0 || c == 1 || c == 2 || c == 3 || c == 4) )
482  return gpg_error (GPG_ERR_UNSUPPORTED_CMS_VERSION);
483  *r_version = c;
484  *r_len = data_len;
485  *r_ndef = data_ndef;
486  return 0;
487 }
488 
489 
490 
491 ␌
492 /* Parse a structure:
493 
494  SignedData ::= SEQUENCE {
495  version INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4) }),
496  digestAlgorithms SET OF AlgorithmIdentifier,
497  encapContentInfo EncapsulatedContentInfo,
498  certificates [0] IMPLICIT CertificateSet OPTIONAL,
499  crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
500  signerInfos SignerInfos }
501 
502  AlgorithmIdentifier ::= SEQUENCE {
503  algorithm OBJECT IDENTIFIER,
504  parameters ANY DEFINED BY algorithm OPTIONAL
505  }
506 
507 */
508 gpg_error_t
510 {
511  struct tag_info ti;
512  gpg_error_t err;
513  int signed_data_ndef;
514  unsigned long signed_data_len;
515  int algo_set_ndef;
516  unsigned long algo_set_len;
517  int encap_cont_ndef;
518  unsigned long encap_cont_len;
519  int has_content;
520  char *oid;
521  char *p, *buffer;
522  unsigned long off, len;
523 
524  err = parse_cms_version (cms->reader, &cms->cms_version,
525  &signed_data_len, &signed_data_ndef);
526  if (err)
527  return err;
528 
529  /* read the SET OF algorithmIdentifiers */
530  err = _ksba_ber_read_tl (cms->reader, &ti);
531  if (err)
532  return err;
533  if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_SET
534  && ti.is_constructed) )
535  return gpg_error (GPG_ERR_INV_CMS_OBJ); /* not the expected SET tag */
536  if (!signed_data_ndef)
537  {
538  if (signed_data_len < ti.nhdr)
539  return gpg_error (GPG_ERR_BAD_BER); /* triplet header larger that sequence */
540  signed_data_len -= ti.nhdr;
541  if (!ti.ndef && signed_data_len < ti.length)
542  return gpg_error (GPG_ERR_BAD_BER); /* triplet larger that sequence */
543  signed_data_len -= ti.length;
544  }
545  algo_set_len = ti.length;
546  algo_set_ndef = ti.ndef;
547 
548  /* fixme: we are not able to read ndef length algorithm indentifiers. */
549  if (algo_set_ndef)
550  return gpg_error (GPG_ERR_UNSUPPORTED_ENCODING);
551  /* read the entire sequence into a buffer (add one to avoid malloc(0)) */
552  buffer = xtrymalloc (algo_set_len + 1);
553  if (!buffer)
554  return gpg_error (GPG_ERR_ENOMEM);
555  if (read_buffer (cms->reader, buffer, algo_set_len))
556  {
557  xfree (buffer);
558  err = ksba_reader_error (cms->reader);
559  return err? err: gpg_error (GPG_ERR_GENERAL);
560  }
561  p = buffer;
562  while (algo_set_len)
563  {
564  size_t nread;
565  struct oidlist_s *ol;
566 
567  err = _ksba_parse_algorithm_identifier (p, algo_set_len, &nread, &oid);
568  if (err)
569  {
570  xfree (buffer);
571  return err;
572  }
573  assert (nread <= algo_set_len);
574  algo_set_len -= nread;
575  p += nread;
576  /* store the oid */
577  ol = xtrymalloc (sizeof *ol);
578  if (!ol)
579  {
580  xfree (oid);
581  return gpg_error (GPG_ERR_ENOMEM);
582  }
583  ol->oid = oid;
584  ol->next = cms->digest_algos;
585  cms->digest_algos = ol;
586  }
587  xfree (buffer); buffer = NULL;
588 
589  /* Now for the encapsulatedContentInfo */
590  off = ksba_reader_tell (cms->reader);
591  err = parse_content_info (cms->reader,
592  &encap_cont_len, &encap_cont_ndef,
593  &oid, &has_content);
594  if (err)
595  return err;
596  cms->inner_cont_len = encap_cont_len;
597  cms->inner_cont_ndef = encap_cont_ndef;
598  cms->inner_cont_oid = oid;
599  cms->detached_data = !has_content;
600  if (!signed_data_ndef)
601  {
602  len = ksba_reader_tell (cms->reader) - off;
603  if (signed_data_len < len)
604  return gpg_error (GPG_ERR_BAD_BER); /* parsed content info larger that sequence */
605  signed_data_len -= len;
606  if (!encap_cont_ndef && signed_data_len < encap_cont_len)
607  return gpg_error (GPG_ERR_BAD_BER); /* triplet larger that sequence */
608  }
609 
610  /* We have to stop here so that the caller can set up the hashing etc. */
611  return 0;
612 }
613 
614 /* Continue parsing of the structure we started to parse with the
615  part_1 function. We expect to be right at the certificates tag. */
616 gpg_error_t
618 {
619  struct tag_info ti;
620  gpg_error_t err;
621  struct signer_info_s *si, **si_tail;
622 
623  /* read the next triplet which is either a [0], a [1] or a SET OF
624  (signerInfo) */
625  err = _ksba_ber_read_tl (cms->reader, &ti);
626  if (err)
627  return err;
628  if (ti.class == CLASS_UNIVERSAL && !ti.tag && !ti.is_constructed)
629  {
630  /* well, there might be still an end tag pending; eat it -
631  fixme: we should keep track of this to catch invalid
632  encodings */
633  err = _ksba_ber_read_tl (cms->reader, &ti);
634  if (err)
635  return err;
636  }
637 
638  if (ti.class == CLASS_CONTEXT && ti.tag == 0 && ti.is_constructed)
639  { /* Implicit SET OF certificateSet with elements of CHOICE, but
640  we assume the first choice which is a Certificate; all other
641  choices are obsolete. We are now parsing a set of
642  certificates which we do by utilizing the ksba_cert code. */
643  ksba_cert_t cert;
644  int expect_endtag;
645 
646  expect_endtag = !!ti.ndef;
647 
648  for (;;)
649  {
650  struct certlist_s *cl;
651 
652  /* First see whether this is really a sequence */
653  err = _ksba_ber_read_tl (cms->reader, &ti);
654  if (err)
655  return err;
656  if (expect_endtag && !ti.class && !ti.tag)
657  {
658  /* This is an end tag. Read the next tag but don't fail
659  if this is just an EOF. */
660  err = _ksba_ber_read_tl (cms->reader, &ti);
661  if (err)
662  {
663  if (gpg_err_code (err) == GPG_ERR_EOF)
664  err = 0;
665  return err;
666  }
667  break;
668  }
669  if (!(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_SEQUENCE
670  && ti.is_constructed))
671  break; /* not a sequence, so we are ready with the set */
672 
673  /* We must unread so that the standard parser sees the sequence */
674  err = ksba_reader_unread (cms->reader, ti.buf, ti.nhdr);
675  if (err)
676  return err;
677  /* Use the standard certificate parser */
678  err = ksba_cert_new (&cert);
679  if (err)
680  return err;
681  err = ksba_cert_read_der (cert, cms->reader);
682  if (err)
683  {
685  return err;
686  }
687  cl = xtrycalloc (1, sizeof *cl);
688  if (!cl)
689  {
691  return gpg_error (GPG_ERR_ENOMEM);
692  }
693  cl->cert = cert;
694  cl->next = cms->cert_list;
695  cms->cert_list = cl;
696  }
697  }
698 
699  if (ti.class == CLASS_CONTEXT && ti.tag == 1 && ti.is_constructed)
700  { /* implicit SET OF certificateList. We should delegate the
701  parsing to a - not yet existing - ksba_crl module. CRLs are
702  quite important for other applications too so we should
703  provide a nice interface */
704  int expect_endtag;
705 
706 
707  expect_endtag = !!ti.ndef;
708 
709  /* FIXME this is just dummy read code */
710  /* fprintf (stderr,"WARNING: Can't handle CRLs yet\n"); */
711  for (;;)
712  {
713  /* first see whether this is really a sequence */
714  err = _ksba_ber_read_tl (cms->reader, &ti);
715  if (err)
716  return err;
717  if (expect_endtag && !ti.class && !ti.tag)
718  {
719  /* This is an end tag. Read the next tag but don't fail
720  if this is just an EOF. */
721  err = _ksba_ber_read_tl (cms->reader, &ti);
722  if (err)
723  {
724  if (gpg_err_code (err) == GPG_ERR_EOF)
725  err = 0;
726  return err;
727  }
728  break;
729  }
730  if ( !(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_SEQUENCE
731  && ti.is_constructed))
732  break; /* not a sequence, so we are ready with the set */
733 
734  while (ti.length)
735  {
736  size_t n, nread;
737  char dummy[256];
738 
739  n = ti.length > DIM(dummy) ? DIM(dummy): ti.length;
740  err = ksba_reader_read (cms->reader, dummy, n, &nread);
741  if (err)
742  return err;
743  ti.length -= nread;
744  }
745  }
746  }
747 
748  /* expect a SET OF signerInfo */
749  if ( !(ti.class == CLASS_UNIVERSAL
750  && ti.tag == TYPE_SET && ti.is_constructed))
751  return gpg_error (GPG_ERR_INV_CMS_OBJ);
752 
753  si_tail = &cms->signer_info;
754 
755  while (ti.length)
756  {
757  size_t off1, off2;
758 
759  off1 = ksba_reader_tell (cms->reader);
760  si = xtrycalloc (1, sizeof *si);
761  if (!si)
762  return gpg_error (GPG_ERR_ENOMEM);
763 
764  err = create_and_run_decoder (cms->reader,
765  "CryptographicMessageSyntax.SignerInfo",
766  0,
767  &si->root, &si->image, &si->imagelen);
768  /* The signerInfo might be an empty set in the case of a certs-only
769  signature. Thus we have to allow for EOF here */
770  if (gpg_err_code (err) == GPG_ERR_EOF)
771  {
772  xfree (si);
773  err = 0;
774  break;
775  }
776  if (err)
777  {
778  xfree (si);
779  return err;
780  }
781 
782  *si_tail = si;
783  si_tail = &si->next;
784 
785  off2 = ksba_reader_tell (cms->reader);
786  if ( (off2 - off1) > ti.length )
787  ti.length = 0;
788  else
789  ti.length -= off2 - off1;
790  }
791 
792  return 0;
793 }
794 
795 
796 
797 
798 ␌
799 /* Parse the structure:
800  *
801  * EnvelopedData ::= SEQUENCE {
802  * version INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4) }),
803  * originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
804  * recipientInfos RecipientInfos,
805  * encryptedContentInfo EncryptedContentInfo,
806  * unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }
807  *
808  * or this one:
809  *
810  * AuthEnvelopedData ::= SEQUENCE {
811  * version CMSVersion,
812  * originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
813  * recipientInfos RecipientInfos,
814  * authEncryptedContentInfo EncryptedContentInfo,
815  * authAttrs [1] IMPLICIT AuthAttributes OPTIONAL, -- not in above
816  * mac MessageAuthenticationCode, -- not in above
817  * unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL } -- different tag
818  *
819  * where
820  *
821  * OriginatorInfo ::= SEQUENCE {
822  * certs [0] IMPLICIT CertificateSet OPTIONAL,
823  * crls [1] IMPLICIT CertificateRevocationLists OPTIONAL }
824  *
825  * RecipientInfos ::= SET OF RecipientInfo
826  *
827  * EncryptedContentInfo ::= SEQUENCE {
828  * contentType ContentType,
829  * contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
830  * encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL }
831  *
832  * EncryptedContent ::= OCTET STRING
833  *
834  * MessageAuthenticationCode ::= OCTET STRING
835  *
836  * We stop parsing so that the next read will be the first byte of the
837  * encryptedContent or (if there is no content) the unprotectedAttrs
838  * respective the authAttrs.
839  */
840 gpg_error_t
842 {
843  struct tag_info ti;
844  gpg_error_t err;
845  int env_data_ndef;
846  unsigned long env_data_len;
847  int encr_cont_ndef = 0;
848  unsigned long encr_cont_len = 0;
849  int has_content = 0;
850  unsigned long off, len;
851  char *cont_oid = NULL;
852  char *algo_oid = NULL;
853  char *algo_parm = NULL;
854  size_t algo_parmlen = 0;
855  int algo_parmtype = 0;
856  struct value_tree_s *vt, **vtend;
857 
858  /* get the version */
859  err = parse_cms_version (cms->reader, &cms->cms_version,
860  &env_data_len, &env_data_ndef);
861  if (err)
862  return err;
863 
864  /* read the next triplet which is either a [0] for originatorInfos
865  or a SET_OF (recipientInfo) */
866  err = _ksba_ber_read_tl (cms->reader, &ti);
867  if (err)
868  return err;
869 
870  if (ti.class == CLASS_CONTEXT && ti.tag == 0 && ti.is_constructed)
871  { /* originatorInfo - but we skip it for now */
872  /* well, raise an error */
873  return gpg_error (GPG_ERR_UNSUPPORTED_CMS_OBJ);
874  }
875 
876  /* Next one is the SET OF RecipientInfo:
877  * RecipientInfo ::= CHOICE {
878  * ktri KeyTransRecipientInfo,
879  * kari [1] KeyAgreeRecipientInfo,
880  * kekri [2] KEKRecipientInfo,
881  * pwri [3] PasswordRecipientInfo
882  * } */
883  if ( !(ti.class == CLASS_UNIVERSAL
884  && ti.tag == TYPE_SET && ti.is_constructed))
885  return gpg_error (GPG_ERR_INV_CMS_OBJ);
886 
887 
888  vtend = &cms->recp_info;
889  if (ti.ndef)
890  {
891  for (;;)
892  {
893  struct tag_info ti2;
894 
895  err = _ksba_ber_read_tl (cms->reader, &ti2);
896  if (err)
897  return err;
898 
899  if (!ti2.class && !ti2.tag)
900  break; /* End tag found: ready. */
901 
902  /* Not an end tag: Push it back and run the decoder. */
903  err = ksba_reader_unread (cms->reader, ti2.buf, ti2.nhdr);
904  if (err)
905  return err;
906 
907  vt = xtrycalloc (1, sizeof *vt);
908  if (!vt)
909  return gpg_error_from_syserror ();
910 
912  (cms->reader,
913  "CryptographicMessageSyntax.RecipientInfo",
915  &vt->root, &vt->image, &vt->imagelen);
916  if (err)
917  {
918  xfree (vt);
919  return err;
920  }
921 
922  *vtend = vt;
923  vtend = &vt->next;
924  }
925  }
926  else
927  {
928  while (ti.length)
929  {
930  size_t off1, off2;
931 
932  off1 = ksba_reader_tell (cms->reader);
933  vt = xtrycalloc (1, sizeof *vt);
934  if (!vt)
935  return gpg_error_from_syserror ();
936 
938  (cms->reader,
939  "CryptographicMessageSyntax.RecipientInfo",
941  &vt->root, &vt->image, &vt->imagelen);
942  if (err)
943  {
944  xfree (vt);
945  return err;
946  }
947 
948  *vtend = vt;
949  vtend = &vt->next;
950 
951  off2 = ksba_reader_tell (cms->reader);
952  if ( (off2 - off1) > ti.length )
953  ti.length = 0;
954  else
955  ti.length -= off2 - off1;
956  }
957  }
958 
959  /* Now for the encryptedContentInfo */
960  off = ksba_reader_tell (cms->reader);
962  &encr_cont_len, &encr_cont_ndef,
963  &cont_oid,
964  &algo_oid,
965  &algo_parm, &algo_parmlen, &algo_parmtype,
966  &has_content);
967  if (err)
968  return err;
969 
970  /* If this is AES with GCM the parameter should be
971  *
972  * GCMParameters ::= SEQUENCE {
973  * aes-nonce OCTET STRING, -- recommended size is 12 octets
974  * aes-ICVlen AES-GCM-ICVlen DEFAULT 12 }
975  *
976  * Under the assumption that the IV is at max 16 bytes (i.e. the
977  * blocksize of AES) and the default ICVlen is used, we modify the
978  * parameter to have just the nonce without any encoding. */
979  if (algo_parmlen > 4 && algo_parm[0] == 0x30 /* Sequence. */
980  && algo_oid
981  && (!strcmp (algo_oid, "2.16.840.1.101.3.4.1.46") /*AES256.GCM*/
982  || !strcmp (algo_oid, "2.16.840.1.101.3.4.1.26") /*AES192.GCM*/
983  || !strcmp (algo_oid, "2.16.840.1.101.3.4.1.6"))) /*AES128.GCM*/
984  {
985  if (algo_parmlen == algo_parm[1] + 2
986  && algo_parm[1] == algo_parm[3] + 2
987  && algo_parm[2] == 0x04
988  && algo_parm[3] && algo_parm[3] <= 16)
989  {
990  algo_parmlen = algo_parm[3];
991  memmove (algo_parm, algo_parm+4, algo_parmlen);
992  }
993  }
994 
995  cms->inner_cont_len = encr_cont_len;
996  cms->inner_cont_ndef = encr_cont_ndef;
997  cms->inner_cont_oid = cont_oid;
998  cms->detached_data = !has_content;
999  cms->encr_algo_oid = algo_oid;
1000  cms->encr_iv = algo_parm; algo_parm = NULL;
1001  cms->encr_ivlen = algo_parmlen;
1002  if (!env_data_ndef)
1003  {
1004  len = ksba_reader_tell (cms->reader) - off;
1005  if (env_data_len < len)
1006  return gpg_error (GPG_ERR_BAD_BER); /* parsed content info larger that sequence */
1007  env_data_len -= len;
1008  if (!encr_cont_ndef && env_data_len < encr_cont_len)
1009  return gpg_error (GPG_ERR_BAD_BER); /* triplet larger that sequence */
1010  }
1011 
1012  return 0;
1013 }
1014 
1015 
1016 /* Handle the unprotected attributes and more important
1017  *
1018  * authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
1019  * mac MessageAuthenticationCode,
1020  * unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL
1021  *
1022  * if case of cms->content.ct == KSBA_CT_AUTHENVELOPED_DATA
1023  */
1024 gpg_error_t
1026 {
1027  gpg_error_t err;
1028  struct tag_info ti;
1029 
1031  return 0; /* We don't yet support unprotectedAttrs. */
1032 
1033  /* Shall we use ksba_cms_get_message_digest to return the mac? To
1034  * return the authAttrs we need a new function: A generic get_attr
1035  * function which can be used for all kind of attributes would be
1036  * best. */
1037 
1038  /* Read authAttr if availabale. */
1039  err = _ksba_ber_read_tl (cms->reader, &ti);
1040  if (err)
1041  return err;
1042  /* Skip an end tag. */
1043  if (!ti.class && !ti.tag && (err = _ksba_ber_read_tl (cms->reader, &ti)))
1044  return err;
1045 
1046  if ((ti.class == CLASS_CONTEXT && ti.tag == 1 && ti.is_constructed))
1047  {
1048  /* Okay, we got an authAttr. We need to do something with it.
1049  * However, without sample data it does not make sense to handle
1050  * it. Further it is currently useless because in gpgsm we need
1051  * to get access to authAttrs before we decrypt the content.
1052  * This will require the use of temp files in gpgsm and thus a
1053  * larger rework.*/
1054  return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
1055 
1056  /* err = _ksba_ber_read_tl (cms->reader, &ti); */
1057  /* if (err) */
1058  /* return err; */
1059  /* /\* Skip an end tag. *\/ */
1060  /* if (!ti.class && !ti.tag && (err = _ksba_ber_read_tl (cms->reader, &ti))) */
1061  /* return err; */
1062  }
1063 
1064 
1065  /* Next comes the mandatory mac. We store it in the CMS. */
1066  if (!(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_OCTET_STRING
1067  && !ti.is_constructed) || !ti.length)
1068  {
1069  return gpg_error (GPG_ERR_INV_CMS_OBJ);
1070  }
1071  xfree (cms->authdata.mac);
1072  cms->authdata.mac_len = ti.length;
1073  cms->authdata.mac = xtrymalloc (ti.length);
1074  if (!cms->authdata.mac)
1075  return gpg_error_from_syserror ();
1076 
1077  err = read_buffer (cms->reader, cms->authdata.mac, ti.length);
1078  if (err)
1079  return err;
1080 
1081  /* No support for unauthAttr. */
1082 
1083  return 0;
1084 }
@ TYPE_OCTET_STRING
@ TYPE_OBJECT_ID
@ TYPE_INTEGER
@ TYPE_SEQUENCE
@ TYPE_SET
@ CLASS_CONTEXT
@ CLASS_UNIVERSAL
gpg_error_t _ksba_ber_decoder_decode(BerDecoder d, const char *start_name, unsigned int flags, AsnNode *r_root, unsigned char **r_image, size_t *r_imagelen)
Definition: ber-decoder.c:1203
gpg_error_t _ksba_ber_decoder_set_module(BerDecoder d, ksba_asn_tree_t module)
Definition: ber-decoder.c:373
BerDecoder _ksba_ber_decoder_new(void)
Definition: ber-decoder.c:344
void _ksba_ber_decoder_release(BerDecoder d)
Definition: ber-decoder.c:356
gpg_error_t _ksba_ber_decoder_set_reader(BerDecoder d, ksba_reader_t r)
Definition: ber-decoder.c:386
#define BER_DECODER_FLAG_FAST_STOP
Definition: ber-decoder.h:52
gpg_error_t _ksba_ber_read_tl(ksba_reader_t reader, struct tag_info *ti)
Definition: ber-help.c:93
static gpg_error_t create_and_run_decoder(ksba_reader_t reader, const char *elem_name, unsigned int flags, AsnNode *r_root, unsigned char **r_image, size_t *r_imagelen)
Definition: cms-parser.c:84
static int read_buffer(ksba_reader_t reader, char *buffer, size_t count)
Definition: cms-parser.c:68
gpg_error_t _ksba_cms_parse_content_info(ksba_cms_t cms)
Definition: cms-parser.c:402
static int read_byte(ksba_reader_t reader)
Definition: cms-parser.c:54
gpg_error_t _ksba_cms_parse_signed_data_part_2(ksba_cms_t cms)
Definition: cms-parser.c:617
gpg_error_t _ksba_cms_parse_signed_data_part_1(ksba_cms_t cms)
Definition: cms-parser.c:509
static gpg_error_t parse_encrypted_content_info(ksba_reader_t reader, unsigned long *r_len, int *r_ndef, char **r_cont_oid, char **r_algo_oid, char **r_algo_parm, size_t *r_algo_parmlen, int *r_algo_parmtype, int *has_content)
Definition: cms-parser.c:249
static gpg_error_t parse_content_info(ksba_reader_t reader, unsigned long *r_len, int *r_ndef, char **r_oid, int *has_content)
Definition: cms-parser.c:145
gpg_error_t _ksba_cms_parse_enveloped_data_part_1(ksba_cms_t cms)
Definition: cms-parser.c:841
static gpg_error_t parse_cms_version(ksba_reader_t reader, int *r_version, unsigned long *r_len, int *r_ndef)
Definition: cms-parser.c:437
gpg_error_t _ksba_cms_parse_enveloped_data_part_2(ksba_cms_t cms)
Definition: cms-parser.c:1025
const char * oid
Definition: cms.c:71
#define DIM(v)
Definition: gen-help.h:46
#define gpg_error_from_syserror()
Definition: gen-help.h:88
#define GPG_ERR_GENERAL
Definition: gen-help.h:80
#define xtrymalloc(a)
Definition: gen-help.h:38
#define gpg_error(a)
Definition: gen-help.h:87
gpg_error_t _ksba_parse_algorithm_identifier(const unsigned char *der, size_t derlen, size_t *r_nread, char **r_oid)
Definition: keyinfo.c:679
gpg_error_t _ksba_parse_algorithm_identifier3(const unsigned char *der, size_t derlen, int firsttag, size_t *r_nread, char **r_oid, char **r_parm, size_t *r_parmlen, int *r_parmtype)
Definition: keyinfo.c:700
gpg_error_t ksba_cert_read_der(ksba_cert_t cert, ksba_reader_t reader)
gpg_error_t ksba_reader_unread(ksba_reader_t r, const void *buffer, size_t count)
gpg_error_t ksba_cert_new(ksba_cert_t *acert)
char * ksba_oid_to_str(const char *buffer, size_t length)
unsigned long ksba_reader_tell(ksba_reader_t r)
@ KSBA_CT_AUTHENVELOPED_DATA
Definition: ksba.h:130
gpg_error_t ksba_reader_read(ksba_reader_t r, char *buffer, size_t length, size_t *nread)
gpg_error_t ksba_asn_create_tree(const char *mod_name, ksba_asn_tree_t *result)
gpg_error_t ksba_reader_error(ksba_reader_t r)
void ksba_cert_release(ksba_cert_t cert)
void ksba_asn_tree_release(ksba_asn_tree_t tree)
Definition: cms.h:78
struct certlist_s * next
Definition: cms.h:79
ksba_cert_t cert
Definition: cms.h:80
int mac_len
Definition: cms.h:136
struct ksba_cms_s::@19 content
int cms_version
Definition: cms.h:141
char * oid
Definition: cms.h:126
struct signer_info_s * signer_info
Definition: cms.h:159
char * encr_iv
Definition: cms.h:151
unsigned long length
Definition: cms.h:127
struct certlist_s * cert_list
Definition: cms.h:144
struct ksba_cms_s::@20 authdata
int inner_cont_ndef
Definition: cms.h:148
unsigned char * mac
Definition: cms.h:135
char * encr_algo_oid
Definition: cms.h:150
unsigned long inner_cont_len
Definition: cms.h:147
int detached_data
Definition: cms.h:149
struct value_tree_s * recp_info
Definition: cms.h:161
struct oidlist_s * digest_algos
Definition: cms.h:143
size_t encr_ivlen
Definition: cms.h:152
ksba_content_type_t ct
Definition: cms.h:129
int ndef
Definition: cms.h:128
ksba_reader_t reader
Definition: cms.h:117
char * inner_cont_oid
Definition: cms.h:145
Definition: cms.h:64
struct oidlist_s * next
Definition: cms.h:65
char * oid
Definition: cms.h:66
unsigned char * image
Definition: cms.h:95
size_t imagelen
Definition: cms.h:96
struct signer_info_s * next
Definition: cms.h:93
AsnNode root
Definition: cms.h:94
unsigned long tag
Definition: ber-help.h:38
int is_constructed
Definition: ber-help.h:37
unsigned char buf[10]
Definition: ber-help.h:42
unsigned long length
Definition: ber-help.h:39
int ndef
Definition: ber-help.h:40
enum tag_class class
Definition: ber-help.h:36
size_t nhdr
Definition: ber-help.h:41
size_t imagelen
Definition: cms.h:47
struct value_tree_s * next
Definition: cms.h:44
unsigned char * image
Definition: cms.h:46
AsnNode root
Definition: cms.h:45
#define xfree(a)
Definition: util.h:58
#define xtrycalloc(a, b)
Definition: util.h:55