/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* * CMS decoding. */ #include "cmslocal.h" #include "cert.h" #include "keyhi.h" #include "secasn1.h" #include "secitem.h" #include "secoid.h" #include "prtime.h" #include "secerr.h" struct NSSCMSDecoderContextStr { SEC_ASN1DecoderContext *dcx; /* ASN.1 decoder context */ NSSCMSMessage *cmsg; /* backpointer to the root message */ SECOidTag type; /* type of message */ NSSCMSContent content; /* pointer to message */ NSSCMSDecoderContext *childp7dcx; /* inner CMS decoder context */ PRBool saw_contents; int error; NSSCMSContentCallback cb; void *cb_arg; PRBool first_decoded; PRBool need_indefinite_finish; }; struct NSSCMSDecoderDataStr { SECItem data; /* must be first */ unsigned int totalBufferSize; }; typedef struct NSSCMSDecoderDataStr NSSCMSDecoderData; static void nss_cms_decoder_update_filter(void *arg, const char *data, unsigned long len, int depth, SEC_ASN1EncodingPart data_kind); static SECStatus nss_cms_before_data(NSSCMSDecoderContext *p7dcx); static SECStatus nss_cms_after_data(NSSCMSDecoderContext *p7dcx); static SECStatus nss_cms_after_end(NSSCMSDecoderContext *p7dcx); static void nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx, const unsigned char *data, unsigned long len, PRBool final); static NSSCMSDecoderData *nss_cms_create_decoder_data(PLArenaPool *poolp); extern const SEC_ASN1Template NSSCMSMessageTemplate[]; static NSSCMSDecoderData * nss_cms_create_decoder_data(PLArenaPool *poolp) { NSSCMSDecoderData *decoderData = NULL; decoderData = (NSSCMSDecoderData *) PORT_ArenaAlloc(poolp, sizeof(NSSCMSDecoderData)); if (!decoderData) { return NULL; } decoderData->data.data = NULL; decoderData->data.len = 0; decoderData->totalBufferSize = 0; return decoderData; } /* * nss_cms_decoder_notify - * this is the driver of the decoding process. It gets called by the ASN.1 * decoder before and after an object is decoded. * at various points in the decoding process, we intercept to set up and do * further processing. */ static void nss_cms_decoder_notify(void *arg, PRBool before, void *dest, int depth) { NSSCMSDecoderContext *p7dcx; NSSCMSContentInfo *rootcinfo, *cinfo; PRBool after = !before; p7dcx = (NSSCMSDecoderContext *)arg; rootcinfo = &(p7dcx->cmsg->contentInfo); /* XXX error handling: need to set p7dcx->error */ #ifdef CMSDEBUG fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before" : "after", dest, depth); #endif /* so what are we working on right now? */ if (p7dcx->type == SEC_OID_UNKNOWN) { /* * right now, we are still decoding the OUTER (root) cinfo * As soon as we know the inner content type, set up the info, * but NO inner decoder or filter. The root decoder handles the first * level children by itself - only for encapsulated contents (which * are encoded as DER inside of an OCTET STRING) we need to set up a * child decoder... */ if (after && dest == &(rootcinfo->contentType)) { p7dcx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo); p7dcx->content = rootcinfo->content; /* is this ready already ? need to alloc? */ /* XXX yes we need to alloc -- continue here */ } } else if (NSS_CMSType_IsData(p7dcx->type)) { /* this can only happen if the outermost cinfo has DATA in it */ /* otherwise, we handle this type implicitely in the inner decoders */ if (before && dest == &(rootcinfo->content)) { /* cause the filter to put the data in the right place... ** We want the ASN.1 decoder to deliver the decoded bytes to us ** from now on */ SEC_ASN1DecoderSetFilterProc(p7dcx->dcx, nss_cms_decoder_update_filter, p7dcx, (PRBool)(p7dcx->cb != NULL)); } else if (after && dest == &(rootcinfo->content.data)) { /* remove the filter */ SEC_ASN1DecoderClearFilterProc(p7dcx->dcx); } } else if (NSS_CMSType_IsWrapper(p7dcx->type)) { if (!before || dest != &(rootcinfo->content)) { if (p7dcx->content.pointer == NULL) p7dcx->content = rootcinfo->content; /* get this data type's inner contentInfo */ cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type); if (before && dest == &(cinfo->contentType)) { /* at this point, set up the &%$&$ back pointer */ /* we cannot do it later, because the content itself * is optional! */ switch (p7dcx->type) { case SEC_OID_PKCS7_SIGNED_DATA: p7dcx->content.signedData->cmsg = p7dcx->cmsg; break; case SEC_OID_PKCS7_DIGESTED_DATA: p7dcx->content.digestedData->cmsg = p7dcx->cmsg; break; case SEC_OID_PKCS7_ENVELOPED_DATA: p7dcx->content.envelopedData->cmsg = p7dcx->cmsg; break; case SEC_OID_PKCS7_ENCRYPTED_DATA: p7dcx->content.encryptedData->cmsg = p7dcx->cmsg; break; default: p7dcx->content.genericData->cmsg = p7dcx->cmsg; break; } } if (before && dest == &(cinfo->rawContent)) { /* we want the ASN.1 decoder to deliver the decoded bytes to us ** from now on */ SEC_ASN1DecoderSetFilterProc(p7dcx->dcx, nss_cms_decoder_update_filter, p7dcx, (PRBool)(p7dcx->cb != NULL)); /* we're right in front of the data */ if (nss_cms_before_data(p7dcx) != SECSuccess) { SEC_ASN1DecoderClearFilterProc(p7dcx->dcx); /* stop all processing */ p7dcx->error = PORT_GetError(); } } if (after && dest == &(cinfo->rawContent)) { /* we're right after of the data */ if (nss_cms_after_data(p7dcx) != SECSuccess) p7dcx->error = PORT_GetError(); /* we don't need to see the contents anymore */ SEC_ASN1DecoderClearFilterProc(p7dcx->dcx); } } } else { /* unsupported or unknown message type - fail gracefully */ p7dcx->error = SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE; } } /* * nss_cms_before_data - set up the current encoder to receive data */ static SECStatus nss_cms_before_data(NSSCMSDecoderContext *p7dcx) { SECStatus rv; SECOidTag childtype; PLArenaPool *poolp; NSSCMSDecoderContext *childp7dcx; NSSCMSContentInfo *cinfo; const SEC_ASN1Template *template; void *mark = NULL; size_t size; poolp = p7dcx->cmsg->poolp; /* call _Decode_BeforeData handlers */ switch (p7dcx->type) { case SEC_OID_PKCS7_SIGNED_DATA: /* we're decoding a signedData, so set up the digests */ rv = NSS_CMSSignedData_Decode_BeforeData(p7dcx->content.signedData); break; case SEC_OID_PKCS7_DIGESTED_DATA: /* we're encoding a digestedData, so set up the digest */ rv = NSS_CMSDigestedData_Decode_BeforeData(p7dcx->content.digestedData); break; case SEC_OID_PKCS7_ENVELOPED_DATA: rv = NSS_CMSEnvelopedData_Decode_BeforeData( p7dcx->content.envelopedData); break; case SEC_OID_PKCS7_ENCRYPTED_DATA: rv = NSS_CMSEncryptedData_Decode_BeforeData( p7dcx->content.encryptedData); break; default: rv = NSS_CMSGenericWrapperData_Decode_BeforeData(p7dcx->type, p7dcx->content.genericData); } if (rv != SECSuccess) return SECFailure; /* ok, now we have a pointer to cinfo */ /* find out what kind of data is encapsulated */ cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type); childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo); if (NSS_CMSType_IsData(childtype)) { cinfo->content.pointer = (void *)nss_cms_create_decoder_data(poolp); if (cinfo->content.pointer == NULL) /* set memory error */ return SECFailure; p7dcx->childp7dcx = NULL; return SECSuccess; } /* set up inner decoder */ if ((template = NSS_CMSUtil_GetTemplateByTypeTag(childtype)) == NULL) return SECFailure; childp7dcx = PORT_ZNew(NSSCMSDecoderContext); if (childp7dcx == NULL) return SECFailure; mark = PORT_ArenaMark(poolp); /* allocate space for the stuff we're creating */ size = NSS_CMSUtil_GetSizeByTypeTag(childtype); childp7dcx->content.pointer = (void *)PORT_ArenaZAlloc(poolp, size); if (childp7dcx->content.pointer == NULL) goto loser; /* give the parent a copy of the pointer so that it doesn't get lost */ cinfo->content.pointer = childp7dcx->content.pointer; /* start the child decoder */ childp7dcx->dcx = SEC_ASN1DecoderStart(poolp, childp7dcx->content.pointer, template); if (childp7dcx->dcx == NULL) goto loser; /* the new decoder needs to notify, too */ SEC_ASN1DecoderSetNotifyProc(childp7dcx->dcx, nss_cms_decoder_notify, childp7dcx); /* tell the parent decoder that it needs to feed us the content data */ p7dcx->childp7dcx = childp7dcx; childp7dcx->type = childtype; /* our type */ childp7dcx->cmsg = p7dcx->cmsg; /* backpointer to root message */ /* should the child decoder encounter real data, ** it must give it to the caller */ childp7dcx->cb = p7dcx->cb; childp7dcx->cb_arg = p7dcx->cb_arg; childp7dcx->first_decoded = PR_FALSE; childp7dcx->need_indefinite_finish = PR_FALSE; if (childtype == SEC_OID_PKCS7_SIGNED_DATA) { childp7dcx->first_decoded = PR_TRUE; } /* now set up the parent to hand decoded data to the next level decoder */ p7dcx->cb = (NSSCMSContentCallback)NSS_CMSDecoder_Update; p7dcx->cb_arg = childp7dcx; PORT_ArenaUnmark(poolp, mark); return SECSuccess; loser: if (mark) PORT_ArenaRelease(poolp, mark); PORT_Free(childp7dcx); p7dcx->childp7dcx = NULL; return SECFailure; } static SECStatus nss_cms_after_data(NSSCMSDecoderContext *p7dcx) { NSSCMSDecoderContext *childp7dcx; SECStatus rv = SECFailure; /* Handle last block. This is necessary to flush out the last bytes * of a possibly incomplete block */ nss_cms_decoder_work_data(p7dcx, NULL, 0, PR_TRUE); /* finish any "inner" decoders - there's no more data coming... */ if (p7dcx->childp7dcx != NULL) { childp7dcx = p7dcx->childp7dcx; if (childp7dcx->dcx != NULL) { /* we started and indefinite sequence somewhere, not complete it */ if (childp7dcx->need_indefinite_finish) { static const char lbuf[2] = { 0, 0 }; NSS_CMSDecoder_Update(childp7dcx, lbuf, sizeof(lbuf)); childp7dcx->need_indefinite_finish = PR_FALSE; } if (SEC_ASN1DecoderFinish(childp7dcx->dcx) != SECSuccess) { /* do what? free content? */ rv = SECFailure; } else { rv = nss_cms_after_end(childp7dcx); } if (rv != SECSuccess) goto done; } PORT_Free(p7dcx->childp7dcx); p7dcx->childp7dcx = NULL; } switch (p7dcx->type) { case SEC_OID_PKCS7_SIGNED_DATA: /* this will finish the digests and verify */ rv = NSS_CMSSignedData_Decode_AfterData(p7dcx->content.signedData); break; case SEC_OID_PKCS7_ENVELOPED_DATA: rv = NSS_CMSEnvelopedData_Decode_AfterData( p7dcx->content.envelopedData); break; case SEC_OID_PKCS7_DIGESTED_DATA: rv = NSS_CMSDigestedData_Decode_AfterData( p7dcx->content.digestedData); break; case SEC_OID_PKCS7_ENCRYPTED_DATA: rv = NSS_CMSEncryptedData_Decode_AfterData( p7dcx->content.encryptedData); break; case SEC_OID_PKCS7_DATA: /* do nothing */ break; default: rv = NSS_CMSGenericWrapperData_Decode_AfterData(p7dcx->type, p7dcx->content.genericData); break; } done: return rv; } static SECStatus nss_cms_after_end(NSSCMSDecoderContext *p7dcx) { SECStatus rv = SECSuccess; switch (p7dcx->type) { case SEC_OID_PKCS7_SIGNED_DATA: if (p7dcx->content.signedData) rv = NSS_CMSSignedData_Decode_AfterEnd(p7dcx->content.signedData); break; case SEC_OID_PKCS7_ENVELOPED_DATA: if (p7dcx->content.envelopedData) rv = NSS_CMSEnvelopedData_Decode_AfterEnd( p7dcx->content.envelopedData); break; case SEC_OID_PKCS7_DIGESTED_DATA: if (p7dcx->content.digestedData) rv = NSS_CMSDigestedData_Decode_AfterEnd( p7dcx->content.digestedData); break; case SEC_OID_PKCS7_ENCRYPTED_DATA: if (p7dcx->content.encryptedData) rv = NSS_CMSEncryptedData_Decode_AfterEnd( p7dcx->content.encryptedData); break; case SEC_OID_PKCS7_DATA: break; default: rv = NSS_CMSGenericWrapperData_Decode_AfterEnd(p7dcx->type, p7dcx->content.genericData); break; } return rv; } /* * nss_cms_decoder_work_data - handle decoded data bytes. * * This function either decrypts the data if needed, and/or calculates digests * on it, then either stores it or passes it on to the next level decoder. */ static void nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx, const unsigned char *data, unsigned long len, PRBool final) { NSSCMSContentInfo *cinfo; unsigned char *buf = NULL; unsigned char *dest; unsigned int offset; SECStatus rv; /* * We should really have data to process, or we should be trying * to finish/flush the last block. (This is an overly paranoid * check since all callers are in this file and simple inspection * proves they do it right. But it could find a bug in future * modifications/development, that is why it is here.) */ PORT_Assert((data != NULL && len) || final); cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type); if (!cinfo) { /* The original programmer didn't expect this to happen */ p7dcx->error = SEC_ERROR_LIBRARY_FAILURE; goto loser; } if (cinfo->privateInfo && cinfo->privateInfo->ciphcx != NULL) { /* * we are decrypting. * * XXX If we get an error, we do not want to do the digest or callback, * but we want to keep decoding. Or maybe we want to stop decoding * altogether if there is a callback, because obviously we are not * sending the data back and they want to know that. */ unsigned int outlen = 0; /* length of decrypted data */ unsigned int buflen; /* length available for decrypted data */ /* find out about the length of decrypted data */ buflen = NSS_CMSCipherContext_DecryptLength(cinfo->privateInfo->ciphcx, len, final); /* * it might happen that we did not provide enough data for a full * block (decryption unit), and that there is no output available */ /* no output available, AND no input? */ if (buflen == 0 && len == 0) goto loser; /* bail out */ /* * have inner decoder: pass the data on (means inner content type is NOT data) * no inner decoder: we have DATA in here: either call callback or store */ if (buflen != 0) { /* there will be some output - need to make room for it */ /* allocate buffer from the heap */ buf = (unsigned char *)PORT_Alloc(buflen); if (buf == NULL) { p7dcx->error = SEC_ERROR_NO_MEMORY; goto loser; } } /* * decrypt incoming data * buf can still be NULL here (and buflen == 0) here if we don't expect * any output (see above), but we still need to call NSS_CMSCipherContext_Decrypt to * keep track of incoming data */ rv = NSS_CMSCipherContext_Decrypt(cinfo->privateInfo->ciphcx, buf, &outlen, buflen, data, len, final); if (rv != SECSuccess) { p7dcx->error = PORT_GetError(); goto loser; } PORT_Assert(final || outlen == buflen); /* swap decrypted data in */ data = buf; len = outlen; } if (len == 0) goto done; /* nothing more to do */ /* * Update the running digests with plaintext bytes (if we need to). */ if (cinfo->privateInfo && cinfo->privateInfo->digcx) NSS_CMSDigestContext_Update(cinfo->privateInfo->digcx, data, len); /* at this point, we have the plain decoded & decrypted data ** which is either more encoded DER (which we need to hand to the child ** decoder) or data we need to hand back to our caller */ /* pass the content back to our caller or */ /* feed our freshly decrypted and decoded data into child decoder */ if (p7dcx->cb != NULL) { (*p7dcx->cb)(p7dcx->cb_arg, (const char *)data, len); } #if 1 else #endif if (NSS_CMSContentInfo_GetContentTypeTag(cinfo) == SEC_OID_PKCS7_DATA) { /* store it in "inner" data item as well */ /* find the DATA item in the encapsulated cinfo and store it there */ NSSCMSDecoderData *decoderData = (NSSCMSDecoderData *)cinfo->content.pointer; SECItem *dataItem = &decoderData->data; offset = dataItem->len; if (dataItem->len + len > decoderData->totalBufferSize) { int needLen = (dataItem->len + len) * 2; dest = (unsigned char *) PORT_ArenaAlloc(p7dcx->cmsg->poolp, needLen); if (dest == NULL) { p7dcx->error = SEC_ERROR_NO_MEMORY; goto loser; } if (dataItem->len) { PORT_Memcpy(dest, dataItem->data, dataItem->len); } decoderData->totalBufferSize = needLen; dataItem->data = dest; } /* copy it in */ PORT_Memcpy(dataItem->data + offset, data, len); dataItem->len += len; } done: loser: if (buf) PORT_Free(buf); } /* * nss_cms_decoder_update_filter - process ASN.1 data * * once we have set up a filter in nss_cms_decoder_notify(), * all data processed by the ASN.1 decoder is also passed through here. * we pass the content bytes (as opposed to length and tag bytes) on to * nss_cms_decoder_work_data(). */ static void nss_cms_decoder_update_filter(void *arg, const char *data, unsigned long len, int depth, SEC_ASN1EncodingPart data_kind) { NSSCMSDecoderContext *p7dcx; PORT_Assert(len); /* paranoia */ if (len == 0) return; p7dcx = (NSSCMSDecoderContext *)arg; p7dcx->saw_contents = PR_TRUE; /* pass on the content bytes only */ if (data_kind == SEC_ASN1_Contents) nss_cms_decoder_work_data(p7dcx, (const unsigned char *)data, len, PR_FALSE); } /* * NSS_CMSDecoder_Start - set up decoding of a DER-encoded CMS message * * "poolp" - pointer to arena for message, or NULL if new pool should be created * "cb", "cb_arg" - callback function and argument for delivery of inner content * "pwfn", pwfn_arg" - callback function for getting token password * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData */ NSSCMSDecoderContext * NSS_CMSDecoder_Start(PLArenaPool *poolp, NSSCMSContentCallback cb, void *cb_arg, PK11PasswordFunc pwfn, void *pwfn_arg, NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg) { NSSCMSDecoderContext *p7dcx; NSSCMSMessage *cmsg; cmsg = NSS_CMSMessage_Create(poolp); if (cmsg == NULL) return NULL; NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg, NULL, NULL); p7dcx = PORT_ZNew(NSSCMSDecoderContext); if (p7dcx == NULL) { NSS_CMSMessage_Destroy(cmsg); return NULL; } p7dcx->dcx = SEC_ASN1DecoderStart(cmsg->poolp, cmsg, NSSCMSMessageTemplate); if (p7dcx->dcx == NULL) { PORT_Free(p7dcx); NSS_CMSMessage_Destroy(cmsg); return NULL; } SEC_ASN1DecoderSetNotifyProc(p7dcx->dcx, nss_cms_decoder_notify, p7dcx); p7dcx->cmsg = cmsg; p7dcx->type = SEC_OID_UNKNOWN; p7dcx->cb = cb; p7dcx->cb_arg = cb_arg; p7dcx->first_decoded = PR_FALSE; p7dcx->need_indefinite_finish = PR_FALSE; return p7dcx; } /* * NSS_CMSDecoder_Update - feed DER-encoded data to decoder */ SECStatus NSS_CMSDecoder_Update(NSSCMSDecoderContext *p7dcx, const char *buf, unsigned long len) { SECStatus rv = SECSuccess; if (p7dcx->dcx != NULL && p7dcx->error == 0) { /* if error is set already, don't bother */ if ((p7dcx->type == SEC_OID_PKCS7_SIGNED_DATA) && (p7dcx->first_decoded == PR_TRUE) && (buf[0] == SEC_ASN1_INTEGER)) { /* Microsoft Windows 2008 left out the Sequence wrapping in some * of their kerberos replies. If we are here, we most likely are * dealing with one of those replies. Supply the Sequence wrap * as indefinite encoding (since we don't know the total length * yet) */ static const char lbuf[2] = { SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED, 0x80 }; rv = SEC_ASN1DecoderUpdate(p7dcx->dcx, lbuf, sizeof(lbuf)); if (rv != SECSuccess) { goto loser; } /* ok, we're going to need the indefinite finish when we are done */ p7dcx->need_indefinite_finish = PR_TRUE; } rv = SEC_ASN1DecoderUpdate(p7dcx->dcx, buf, len); } loser: p7dcx->first_decoded = PR_FALSE; if (rv != SECSuccess) { p7dcx->error = PORT_GetError(); PORT_Assert(p7dcx->error); if (p7dcx->error == 0) p7dcx->error = -1; } if (p7dcx->error == 0) return SECSuccess; /* there has been a problem, let's finish the decoder */ if (p7dcx->dcx != NULL) { (void)SEC_ASN1DecoderFinish(p7dcx->dcx); p7dcx->dcx = NULL; } PORT_SetError(p7dcx->error); return SECFailure; } /* * NSS_CMSDecoder_Cancel - stop decoding in case of error */ void NSS_CMSDecoder_Cancel(NSSCMSDecoderContext *p7dcx) { if (p7dcx->dcx != NULL) (void)SEC_ASN1DecoderFinish(p7dcx->dcx); NSS_CMSMessage_Destroy(p7dcx->cmsg); PORT_Free(p7dcx); } /* * NSS_CMSDecoder_Finish - mark the end of inner content and finish decoding */ NSSCMSMessage * NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx) { NSSCMSMessage *cmsg; cmsg = p7dcx->cmsg; if (p7dcx->dcx == NULL || SEC_ASN1DecoderFinish(p7dcx->dcx) != SECSuccess || nss_cms_after_end(p7dcx) != SECSuccess) { NSS_CMSMessage_Destroy(cmsg); /* get rid of pool if it's ours */ cmsg = NULL; } PORT_Free(p7dcx); return cmsg; } NSSCMSMessage * NSS_CMSMessage_CreateFromDER(SECItem *DERmessage, NSSCMSContentCallback cb, void *cb_arg, PK11PasswordFunc pwfn, void *pwfn_arg, NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg) { NSSCMSDecoderContext *p7dcx; /* first arg(poolp) == NULL => create our own pool */ p7dcx = NSS_CMSDecoder_Start(NULL, cb, cb_arg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg); if (p7dcx == NULL) return NULL; NSS_CMSDecoder_Update(p7dcx, (char *)DERmessage->data, DERmessage->len); return NSS_CMSDecoder_Finish(p7dcx); }