diff options
Diffstat (limited to 'comm/mailnews/extensions/smime/nsCMS.cpp')
| -rw-r--r-- | comm/mailnews/extensions/smime/nsCMS.cpp | 1187 |
1 files changed, 1187 insertions, 0 deletions
diff --git a/comm/mailnews/extensions/smime/nsCMS.cpp b/comm/mailnews/extensions/smime/nsCMS.cpp new file mode 100644 index 0000000000..be743b9663 --- /dev/null +++ b/comm/mailnews/extensions/smime/nsCMS.cpp @@ -0,0 +1,1187 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "nsCMS.h" + +#include "CertVerifier.h" +#include "CryptoTask.h" +#include "ScopedNSSTypes.h" +#include "cms.h" +#include "mozilla/Logging.h" +#include "mozilla/RefPtr.h" +#include "nsDependentSubstring.h" +#include "nsICryptoHash.h" +#include "nsISupports.h" +#include "nsIX509CertDB.h" +#include "nsNSSCertificate.h" +#include "nsNSSComponent.h" +#include "nsNSSHelper.h" +#include "nsServiceManagerUtils.h" +#include "mozpkix/Result.h" +#include "mozpkix/pkixtypes.h" +#include "sechash.h" +#include "secerr.h" +#include "smime.h" +#include "mozilla/StaticMutex.h" +#include "nsIPrefBranch.h" + +using namespace mozilla; +using namespace mozilla::psm; +using namespace mozilla::pkix; + +static mozilla::LazyLogModule gCMSLog("CMS"); + +NS_IMPL_ISUPPORTS(nsCMSMessage, nsICMSMessage) + +nsCMSMessage::nsCMSMessage() { m_cmsMsg = nullptr; } +nsCMSMessage::nsCMSMessage(NSSCMSMessage* aCMSMsg) { m_cmsMsg = aCMSMsg; } + +nsCMSMessage::~nsCMSMessage() { + if (m_cmsMsg) { + NSS_CMSMessage_Destroy(m_cmsMsg); + } +} + +nsresult nsCMSMessage::Init() { + nsresult rv; + nsCOMPtr<nsISupports> nssInitialized = + do_GetService("@mozilla.org/psm;1", &rv); + return rv; +} + +NS_IMETHODIMP nsCMSMessage::VerifySignature(int32_t verifyFlags) { + return CommonVerifySignature(verifyFlags, {}, 0); +} + +NSSCMSSignerInfo* nsCMSMessage::GetTopLevelSignerInfo() { + if (!m_cmsMsg) return nullptr; + + if (!NSS_CMSMessage_IsSigned(m_cmsMsg)) return nullptr; + + NSSCMSContentInfo* cinfo = NSS_CMSMessage_ContentLevel(m_cmsMsg, 0); + if (!cinfo) return nullptr; + + NSSCMSSignedData* sigd = + (NSSCMSSignedData*)NSS_CMSContentInfo_GetContent(cinfo); + if (!sigd) return nullptr; + + PR_ASSERT(NSS_CMSSignedData_SignerInfoCount(sigd) > 0); + return NSS_CMSSignedData_GetSignerInfo(sigd, 0); +} + +NS_IMETHODIMP nsCMSMessage::GetSignerEmailAddress(char** aEmail) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSMessage::GetSignerEmailAddress")); + NS_ENSURE_ARG(aEmail); + + NSSCMSSignerInfo* si = GetTopLevelSignerInfo(); + if (!si) return NS_ERROR_FAILURE; + + *aEmail = NSS_CMSSignerInfo_GetSignerEmailAddress(si); + return NS_OK; +} + +NS_IMETHODIMP nsCMSMessage::GetSignerCommonName(char** aName) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSMessage::GetSignerCommonName")); + NS_ENSURE_ARG(aName); + + NSSCMSSignerInfo* si = GetTopLevelSignerInfo(); + if (!si) return NS_ERROR_FAILURE; + + *aName = NSS_CMSSignerInfo_GetSignerCommonName(si); + return NS_OK; +} + +NS_IMETHODIMP nsCMSMessage::ContentIsEncrypted(bool* isEncrypted) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSMessage::ContentIsEncrypted")); + NS_ENSURE_ARG(isEncrypted); + + if (!m_cmsMsg) return NS_ERROR_FAILURE; + + *isEncrypted = NSS_CMSMessage_IsEncrypted(m_cmsMsg); + + return NS_OK; +} + +NS_IMETHODIMP nsCMSMessage::ContentIsSigned(bool* isSigned) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSMessage::ContentIsSigned")); + NS_ENSURE_ARG(isSigned); + + if (!m_cmsMsg) return NS_ERROR_FAILURE; + + *isSigned = NSS_CMSMessage_IsSigned(m_cmsMsg); + + return NS_OK; +} + +NS_IMETHODIMP nsCMSMessage::GetSignerCert(nsIX509Cert** scert) { + NSSCMSSignerInfo* si = GetTopLevelSignerInfo(); + if (!si) return NS_ERROR_FAILURE; + + nsCOMPtr<nsIX509Cert> cert; + if (si->cert) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::GetSignerCert got signer cert")); + + nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID); + nsTArray<uint8_t> certBytes; + certBytes.AppendElements(si->cert->derCert.data, si->cert->derCert.len); + nsresult rv = certdb->ConstructX509(certBytes, getter_AddRefs(cert)); + NS_ENSURE_SUCCESS(rv, rv); + } else { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::GetSignerCert no signer cert, do we have a cert " + "list? %s", + (si->certList ? "yes" : "no"))); + + *scert = nullptr; + } + + cert.forget(scert); + + return NS_OK; +} + +NS_IMETHODIMP nsCMSMessage::GetEncryptionCert(nsIX509Cert**) { + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP nsCMSMessage::GetSigningTime(PRTime* aTime) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSMessage::GetSigningTime")); + NS_ENSURE_ARG(aTime); + + NSSCMSSignerInfo* si = GetTopLevelSignerInfo(); + if (!si) { + return NS_ERROR_FAILURE; + } + + SECStatus getSigningTimeResult = NSS_CMSSignerInfo_GetSigningTime(si, aTime); + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::GetSigningTime result: %s", + (getSigningTimeResult ? "ok" : "fail"))); + + return getSigningTimeResult == SECSuccess ? NS_OK : NS_ERROR_FAILURE; +} + +NS_IMETHODIMP +nsCMSMessage::VerifyDetachedSignature(int32_t verifyFlags, + const nsTArray<uint8_t>& aDigestData, + int16_t aDigestType) { + if (aDigestData.IsEmpty()) return NS_ERROR_FAILURE; + + return CommonVerifySignature(verifyFlags, aDigestData, aDigestType); +} + +// This is an exact copy of NSS_CMSArray_Count from NSS' cmsarray.c, +// temporarily necessary, see below for for justification. +static int myNSS_CMSArray_Count(void** array) { + int n = 0; + + if (array == NULL) return 0; + + while (*array++ != NULL) n++; + + return n; +} + +// This is an exact copy of NSS_CMSArray_Add from NSS' cmsarray.c, +// temporarily necessary, see below for for justification. +static SECStatus myNSS_CMSArray_Add(PLArenaPool* poolp, void*** array, + void* obj) { + void** p; + int n; + void** dest; + + PORT_Assert(array != NULL); + if (array == NULL) return SECFailure; + + if (*array == NULL) { + dest = (void**)PORT_ArenaAlloc(poolp, 2 * sizeof(void*)); + n = 0; + } else { + n = 0; + p = *array; + while (*p++) n++; + dest = (void**)PORT_ArenaGrow(poolp, *array, (n + 1) * sizeof(void*), + (n + 2) * sizeof(void*)); + } + + if (dest == NULL) return SECFailure; + + dest[n] = obj; + dest[n + 1] = NULL; + *array = dest; + return SECSuccess; +} + +// This is an exact copy of NSS_CMSArray_Add from NSS' cmsarray.c, +// temporarily necessary, see below for for justification. +static SECStatus myNSS_CMSSignedData_AddTempCertificate(NSSCMSSignedData* sigd, + CERTCertificate* cert) { + CERTCertificate* c; + SECStatus rv; + + if (!sigd || !cert) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + c = CERT_DupCertificate(cert); + rv = myNSS_CMSArray_Add(sigd->cmsg->poolp, (void***)&(sigd->tempCerts), + (void*)c); + return rv; +} + +typedef SECStatus (*extraVerificationOnCertFn)(CERTCertificate* cert, + SECCertUsage certusage); + +static SECStatus myExtraVerificationOnCert(CERTCertificate* cert, + SECCertUsage certusage) { + RefPtr<SharedCertVerifier> certVerifier; + certVerifier = GetDefaultCertVerifier(); + if (!certVerifier) { + return SECFailure; + } + + SECCertificateUsage usageForPkix; + + switch (certusage) { + case certUsageEmailSigner: + usageForPkix = certificateUsageEmailSigner; + break; + case certUsageEmailRecipient: + usageForPkix = certificateUsageEmailRecipient; + break; + default: + return SECFailure; + } + + nsTArray<uint8_t> certBytes(cert->derCert.data, cert->derCert.len); + nsTArray<nsTArray<uint8_t>> builtChain; + // This code is used when verifying incoming certificates, including + // a signature certificate. Performing OCSP is necessary. + // Allowing OCSP in blocking mode should be fine, because all our + // callers run this code on a separate thread, using + // SMimeVerificationTask/CryptoTask. + mozilla::pkix::Result result = certVerifier->VerifyCert( + certBytes, usageForPkix, Now(), nullptr /*XXX pinarg*/, + nullptr /*hostname*/, builtChain); + if (result != mozilla::pkix::Success) { + return SECFailure; + } + + return SECSuccess; +} + +// This is a temporary copy of NSS_CMSSignedData_ImportCerts, which +// performs additional verifications prior to import. +// The copy is almost identical to the original. +// +// The ONLY DIFFERENCE is the addition of parameter extraVerifyFn, +// and the call to it - plus a non-null check. +// +// NSS should add this or a similar API in the future, +// and then these temporary functions should be removed, including +// the ones above. Request is tracked in bugzilla 1738592. +static SECStatus myNSS_CMSSignedData_ImportCerts( + NSSCMSSignedData* sigd, CERTCertDBHandle* certdb, SECCertUsage certusage, + PRBool keepcerts, extraVerificationOnCertFn extraVerifyFn) { + int certcount; + CERTCertificate** certArray = NULL; + CERTCertList* certList = NULL; + CERTCertListNode* node; + SECStatus rv; + SECItem** rawArray; + int i; + PRTime now; + + if (!sigd) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + + certcount = myNSS_CMSArray_Count((void**)sigd->rawCerts); + + /* get the certs in the temp DB */ + rv = CERT_ImportCerts(certdb, certusage, certcount, sigd->rawCerts, + &certArray, PR_FALSE, PR_FALSE, NULL); + if (rv != SECSuccess) { + goto loser; + } + + /* save the certs so they don't get destroyed */ + for (i = 0; i < certcount; i++) { + CERTCertificate* cert = certArray[i]; + if (cert) myNSS_CMSSignedData_AddTempCertificate(sigd, cert); + } + + if (!keepcerts) { + goto done; + } + + /* build a CertList for filtering */ + certList = CERT_NewCertList(); + if (certList == NULL) { + rv = SECFailure; + goto loser; + } + for (i = 0; i < certcount; i++) { + CERTCertificate* cert = certArray[i]; + if (cert) cert = CERT_DupCertificate(cert); + if (cert) CERT_AddCertToListTail(certList, cert); + } + + /* filter out the certs we don't want */ + rv = CERT_FilterCertListByUsage(certList, certusage, PR_FALSE); + if (rv != SECSuccess) { + goto loser; + } + + /* go down the remaining list of certs and verify that they have + * valid chains, then import them. + */ + now = PR_Now(); + for (node = CERT_LIST_HEAD(certList); !CERT_LIST_END(node, certList); + node = CERT_LIST_NEXT(node)) { + CERTCertificateList* certChain; + + if (!node->cert) { + continue; + } + + if (extraVerifyFn) { + if ((*extraVerifyFn)(node->cert, certusage) != SECSuccess) { + continue; + } + } + + if (CERT_VerifyCert(certdb, node->cert, PR_TRUE, certusage, now, NULL, + NULL) != SECSuccess) { + continue; + } + + certChain = CERT_CertChainFromCert(node->cert, certusage, PR_FALSE); + if (!certChain) { + continue; + } + + /* + * CertChain returns an array of SECItems, import expects an array of + * SECItem pointers. Create the SECItem Pointers from the array of + * SECItems. + */ + rawArray = (SECItem**)PORT_Alloc(certChain->len * sizeof(SECItem*)); + if (!rawArray) { + CERT_DestroyCertificateList(certChain); + continue; + } + for (i = 0; i < certChain->len; i++) { + rawArray[i] = &certChain->certs[i]; + } + (void)CERT_ImportCerts(certdb, certusage, certChain->len, rawArray, NULL, + keepcerts, PR_FALSE, NULL); + PORT_Free(rawArray); + CERT_DestroyCertificateList(certChain); + } + + rv = SECSuccess; + + /* XXX CRL handling */ + +done: + if (sigd->signerInfos != NULL) { + /* fill in all signerinfo's certs */ + for (i = 0; sigd->signerInfos[i] != NULL; i++) + (void)NSS_CMSSignerInfo_GetSigningCertificate(sigd->signerInfos[i], + certdb); + } + +loser: + /* now free everything */ + if (certArray) { + CERT_DestroyCertArray(certArray, certcount); + } + if (certList) { + CERT_DestroyCertList(certList); + } + + return rv; +} + +nsresult nsCMSMessage::CommonVerifySignature( + int32_t verifyFlags, const nsTArray<uint8_t>& aDigestData, + int16_t aDigestType) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature, content level count %d", + NSS_CMSMessage_ContentLevelCount(m_cmsMsg))); + NSSCMSContentInfo* cinfo = nullptr; + NSSCMSSignedData* sigd = nullptr; + NSSCMSSignerInfo* si; + int32_t nsigners; + nsresult rv = NS_ERROR_FAILURE; + SECOidTag sigAlgTag; + + if (!NSS_CMSMessage_IsSigned(m_cmsMsg)) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - not signed")); + return NS_ERROR_CMS_VERIFY_NOT_SIGNED; + } + + cinfo = NSS_CMSMessage_ContentLevel(m_cmsMsg, 0); + if (cinfo) { + switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) { + case SEC_OID_PKCS7_SIGNED_DATA: + sigd = reinterpret_cast<NSSCMSSignedData*>( + NSS_CMSContentInfo_GetContent(cinfo)); + break; + + case SEC_OID_PKCS7_ENVELOPED_DATA: + case SEC_OID_PKCS7_ENCRYPTED_DATA: + case SEC_OID_PKCS7_DIGESTED_DATA: + default: { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - unexpected " + "ContentTypeTag")); + rv = NS_ERROR_CMS_VERIFY_NO_CONTENT_INFO; + goto loser; + } + } + } + + if (!sigd) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - no content info")); + rv = NS_ERROR_CMS_VERIFY_NO_CONTENT_INFO; + goto loser; + } + + if (!aDigestData.IsEmpty()) { + SECOidTag oidTag; + SECItem digest; + // NSS_CMSSignedData_SetDigestValue() takes a copy and won't mutate our + // data, so we're OK to cast away the const here. + digest.data = const_cast<uint8_t*>(aDigestData.Elements()); + digest.len = aDigestData.Length(); + + if (NSS_CMSSignedData_HasDigests(sigd)) { + SECAlgorithmID** existingAlgs = NSS_CMSSignedData_GetDigestAlgs(sigd); + if (existingAlgs) { + while (*existingAlgs) { + SECAlgorithmID* alg = *existingAlgs; + SECOidTag algOIDTag = SECOID_FindOIDTag(&alg->algorithm); + NSS_CMSSignedData_SetDigestValue(sigd, algOIDTag, NULL); + ++existingAlgs; + } + } + } + + oidTag = + HASH_GetHashOidTagByHashType(static_cast<HASH_HashType>(aDigestType)); + if (oidTag == SEC_OID_UNKNOWN) { + rv = NS_ERROR_CMS_VERIFY_BAD_DIGEST; + goto loser; + } + + if (NSS_CMSSignedData_SetDigestValue(sigd, oidTag, &digest)) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - bad digest")); + rv = NS_ERROR_CMS_VERIFY_BAD_DIGEST; + goto loser; + } + } + + // Import certs. Note that import failure is not a signature verification + // failure. // + if (myNSS_CMSSignedData_ImportCerts( + sigd, CERT_GetDefaultCertDB(), certUsageEmailRecipient, true, + myExtraVerificationOnCert) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - can not import certs")); + } + + nsigners = NSS_CMSSignedData_SignerInfoCount(sigd); + PR_ASSERT(nsigners > 0); + NS_ENSURE_TRUE(nsigners > 0, NS_ERROR_UNEXPECTED); + si = NSS_CMSSignedData_GetSignerInfo(sigd, 0); + + NS_ENSURE_TRUE(si, NS_ERROR_UNEXPECTED); + NS_ENSURE_TRUE(si->cert, NS_ERROR_UNEXPECTED); + + // See bug 324474. We want to make sure the signing cert is + // still valid at the current time. + + if (myExtraVerificationOnCert(si->cert, certUsageEmailSigner) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - signing cert not trusted " + "now")); + rv = NS_ERROR_CMS_VERIFY_UNTRUSTED; + goto loser; + } + + sigAlgTag = NSS_CMSSignerInfo_GetDigestAlgTag(si); + switch (sigAlgTag) { + case SEC_OID_SHA256: + case SEC_OID_SHA384: + case SEC_OID_SHA512: + break; + + case SEC_OID_SHA1: + if (verifyFlags & nsICMSVerifyFlags::VERIFY_ALLOW_WEAK_SHA1) { + break; + } + // else fall through to failure +#if defined(__clang__) + [[clang::fallthrough]]; +#endif + + default: + MOZ_LOG( + gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - unsupported digest algo")); + rv = NS_ERROR_CMS_VERIFY_UNSUPPORTED_ALGO; + goto loser; + }; + + // We verify the first signer info, only // + // XXX: NSS_CMSSignedData_VerifySignerInfo calls CERT_VerifyCert, which + // requires NSS's certificate verification configuration to be done in + // order to work well (e.g. honoring OCSP preferences and proxy settings + // for OCSP requests), but Gecko stopped doing that configuration. Something + // similar to what was done for Gecko bug 1028643 needs to be done here too. + if (NSS_CMSSignedData_VerifySignerInfo(sigd, 0, CERT_GetDefaultCertDB(), + certUsageEmailSigner) != SECSuccess) { + MOZ_LOG( + gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - unable to verify signature")); + + if (NSSCMSVS_SigningCertNotFound == si->verificationStatus) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - signing cert not found")); + rv = NS_ERROR_CMS_VERIFY_NOCERT; + } else if (NSSCMSVS_SigningCertNotTrusted == si->verificationStatus) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - signing cert not trusted " + "at signing time")); + rv = NS_ERROR_CMS_VERIFY_UNTRUSTED; + } else if (NSSCMSVS_Unverified == si->verificationStatus) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - can not verify")); + rv = NS_ERROR_CMS_VERIFY_ERROR_UNVERIFIED; + } else if (NSSCMSVS_ProcessingError == si->verificationStatus) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - processing error")); + rv = NS_ERROR_CMS_VERIFY_ERROR_PROCESSING; + } else if (NSSCMSVS_BadSignature == si->verificationStatus) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - bad signature")); + rv = NS_ERROR_CMS_VERIFY_BAD_SIGNATURE; + } else if (NSSCMSVS_DigestMismatch == si->verificationStatus) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - digest mismatch")); + rv = NS_ERROR_CMS_VERIFY_DIGEST_MISMATCH; + } else if (NSSCMSVS_SignatureAlgorithmUnknown == si->verificationStatus) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - algo unknown")); + rv = NS_ERROR_CMS_VERIFY_UNKNOWN_ALGO; + } else if (NSSCMSVS_SignatureAlgorithmUnsupported == + si->verificationStatus) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - algo not supported")); + rv = NS_ERROR_CMS_VERIFY_UNSUPPORTED_ALGO; + } else if (NSSCMSVS_MalformedSignature == si->verificationStatus) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - malformed signature")); + rv = NS_ERROR_CMS_VERIFY_MALFORMED_SIGNATURE; + } + + goto loser; + } + + // Save the profile. Note that save import failure is not a signature + // verification failure. // + if (NSS_SMIMESignerInfo_SaveSMIMEProfile(si) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CommonVerifySignature - unable to save smime " + "profile")); + } + + rv = NS_OK; +loser: + return rv; +} + +NS_IMETHODIMP nsCMSMessage::AsyncVerifySignature( + int32_t verifyFlags, nsISMimeVerificationListener* aListener) { + return CommonAsyncVerifySignature(verifyFlags, aListener, {}, 0); +} + +NS_IMETHODIMP nsCMSMessage::AsyncVerifyDetachedSignature( + int32_t verifyFlags, nsISMimeVerificationListener* aListener, + const nsTArray<uint8_t>& aDigestData, int16_t aDigestType) { + if (aDigestData.IsEmpty()) return NS_ERROR_FAILURE; + + return CommonAsyncVerifySignature(verifyFlags, aListener, aDigestData, + aDigestType); +} + +class SMimeVerificationTask final : public CryptoTask { + public: + SMimeVerificationTask(nsICMSMessage* aMessage, int32_t verifyFlags, + nsISMimeVerificationListener* aListener, + const nsTArray<uint8_t>& aDigestData, + int16_t aDigestType) + : mMessage(aMessage), + mListener(aListener), + mDigestData(aDigestData.Clone()), + mDigestType(aDigestType), + mVerifyFlags(verifyFlags) { + MOZ_ASSERT(NS_IsMainThread()); + } + + private: + virtual nsresult CalculateResult() override { + MOZ_ASSERT(!NS_IsMainThread()); + + // Because the S/MIME code and related certificate processing isn't + // sufficiently threadsafe (see bug 1529003), we want this code to + // never run in parallel (see bug 1386601). + mozilla::StaticMutexAutoLock lock(sMutex); + nsresult rv; + if (mDigestData.IsEmpty()) { + rv = mMessage->VerifySignature(mVerifyFlags); + } else { + rv = mMessage->VerifyDetachedSignature(mVerifyFlags, mDigestData, + mDigestType); + } + + return rv; + } + virtual void CallCallback(nsresult rv) override { + MOZ_ASSERT(NS_IsMainThread()); + mListener->Notify(mMessage, rv); + } + + nsCOMPtr<nsICMSMessage> mMessage; + nsCOMPtr<nsISMimeVerificationListener> mListener; + nsTArray<uint8_t> mDigestData; + int16_t mDigestType; + int32_t mVerifyFlags; + + static mozilla::StaticMutex sMutex; +}; + +mozilla::StaticMutex SMimeVerificationTask::sMutex; + +nsresult nsCMSMessage::CommonAsyncVerifySignature( + int32_t verifyFlags, nsISMimeVerificationListener* aListener, + const nsTArray<uint8_t>& aDigestData, int16_t aDigestType) { + RefPtr<CryptoTask> task = new SMimeVerificationTask( + this, verifyFlags, aListener, aDigestData, aDigestType); + return task->Dispatch(); +} + +class nsZeroTerminatedCertArray { + public: + nsZeroTerminatedCertArray() : mCerts(nullptr), mPoolp(nullptr), mSize(0) {} + + ~nsZeroTerminatedCertArray() { + if (mCerts) { + for (uint32_t i = 0; i < mSize; i++) { + if (mCerts[i]) { + CERT_DestroyCertificate(mCerts[i]); + } + } + } + + if (mPoolp) PORT_FreeArena(mPoolp, false); + } + + bool allocate(uint32_t count) { + // only allow allocation once + if (mPoolp) return false; + + mSize = count; + + if (!mSize) return false; + + mPoolp = PORT_NewArena(1024); + if (!mPoolp) return false; + + mCerts = (CERTCertificate**)PORT_ArenaZAlloc( + mPoolp, (count + 1) * sizeof(CERTCertificate*)); + + if (!mCerts) return false; + + // null array, including zero termination + for (uint32_t i = 0; i < count + 1; i++) { + mCerts[i] = nullptr; + } + + return true; + } + + void set(uint32_t i, CERTCertificate* c) { + if (i >= mSize) return; + + if (mCerts[i]) { + CERT_DestroyCertificate(mCerts[i]); + } + + mCerts[i] = CERT_DupCertificate(c); + } + + CERTCertificate* get(uint32_t i) { + if (i >= mSize) return nullptr; + + return CERT_DupCertificate(mCerts[i]); + } + + CERTCertificate** getRawArray() { return mCerts; } + + private: + CERTCertificate** mCerts; + PLArenaPool* mPoolp; + uint32_t mSize; +}; + +NS_IMETHODIMP nsCMSMessage::CreateEncrypted( + const nsTArray<RefPtr<nsIX509Cert>>& aRecipientCerts) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSMessage::CreateEncrypted")); + NSSCMSContentInfo* cinfo; + NSSCMSEnvelopedData* envd; + NSSCMSRecipientInfo* recipientInfo; + nsZeroTerminatedCertArray recipientCerts; + SECOidTag bulkAlgTag; + int keySize; + uint32_t i; + nsresult rv = NS_ERROR_FAILURE; + + // Check the recipient certificates // + uint32_t recipientCertCount = aRecipientCerts.Length(); + PR_ASSERT(recipientCertCount > 0); + + if (!recipientCerts.allocate(recipientCertCount)) { + goto loser; + } + + for (i = 0; i < recipientCertCount; i++) { + nsIX509Cert* x509cert = aRecipientCerts[i]; + + if (!x509cert) return NS_ERROR_FAILURE; + + UniqueCERTCertificate c(x509cert->GetCert()); + recipientCerts.set(i, c.get()); + } + + // Find a bulk key algorithm // + if (NSS_SMIMEUtil_FindBulkAlgForRecipients( + recipientCerts.getRawArray(), &bulkAlgTag, &keySize) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateEncrypted - can't find bulk alg for " + "recipients")); + rv = NS_ERROR_CMS_ENCRYPT_NO_BULK_ALG; + goto loser; + } + + m_cmsMsg = NSS_CMSMessage_Create(nullptr); + if (!m_cmsMsg) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateEncrypted - can't create new cms message")); + rv = NS_ERROR_OUT_OF_MEMORY; + goto loser; + } + + if ((envd = NSS_CMSEnvelopedData_Create(m_cmsMsg, bulkAlgTag, keySize)) == + nullptr) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateEncrypted - can't create enveloped data")); + goto loser; + } + + cinfo = NSS_CMSMessage_GetContentInfo(m_cmsMsg); + if (NSS_CMSContentInfo_SetContent_EnvelopedData(m_cmsMsg, cinfo, envd) != + SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateEncrypted - can't create content enveloped " + "data")); + goto loser; + } + + cinfo = NSS_CMSEnvelopedData_GetContentInfo(envd); + if (NSS_CMSContentInfo_SetContent_Data(m_cmsMsg, cinfo, nullptr, false) != + SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateEncrypted - can't set content data")); + goto loser; + } + + // Create and attach recipient information // + for (i = 0; i < recipientCertCount; i++) { + UniqueCERTCertificate rc(recipientCerts.get(i)); + if ((recipientInfo = NSS_CMSRecipientInfo_Create(m_cmsMsg, rc.get())) == + nullptr) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateEncrypted - can't create recipient info")); + goto loser; + } + if (NSS_CMSEnvelopedData_AddRecipient(envd, recipientInfo) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateEncrypted - can't add recipient info")); + goto loser; + } + } + + return NS_OK; +loser: + if (m_cmsMsg) { + NSS_CMSMessage_Destroy(m_cmsMsg); + m_cmsMsg = nullptr; + } + + return rv; +} + +bool nsCMSMessage::IsAllowedHash(const int16_t aCryptoHashInt) { + switch (aCryptoHashInt) { + case nsICryptoHash::SHA1: + case nsICryptoHash::SHA256: + case nsICryptoHash::SHA384: + case nsICryptoHash::SHA512: + return true; + default: + return false; + } +} + +NS_IMETHODIMP +nsCMSMessage::CreateSigned(nsIX509Cert* aSigningCert, nsIX509Cert* aEncryptCert, + const nsTArray<uint8_t>& aDigestData, + int16_t aDigestType) { + NS_ENSURE_ARG(aSigningCert); + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSMessage::CreateSigned")); + NSSCMSContentInfo* cinfo; + NSSCMSSignedData* sigd; + NSSCMSSignerInfo* signerinfo; + UniqueCERTCertificate scert(aSigningCert->GetCert()); + UniqueCERTCertificate ecert; + nsresult rv = NS_ERROR_FAILURE; + + if (!scert) { + return NS_ERROR_FAILURE; + } + + if (aEncryptCert) { + ecert = UniqueCERTCertificate(aEncryptCert->GetCert()); + } + + if (!IsAllowedHash(aDigestType)) { + return NS_ERROR_INVALID_ARG; + } + + SECOidTag digestType = + HASH_GetHashOidTagByHashType(static_cast<HASH_HashType>(aDigestType)); + if (digestType == SEC_OID_UNKNOWN) { + return NS_ERROR_INVALID_ARG; + } + + /* + * create the message object + */ + m_cmsMsg = + NSS_CMSMessage_Create(nullptr); /* create a message on its own pool */ + if (!m_cmsMsg) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't create new message")); + rv = NS_ERROR_OUT_OF_MEMORY; + goto loser; + } + + /* + * build chain of objects: message->signedData->data + */ + if ((sigd = NSS_CMSSignedData_Create(m_cmsMsg)) == nullptr) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't create signed data")); + goto loser; + } + cinfo = NSS_CMSMessage_GetContentInfo(m_cmsMsg); + if (NSS_CMSContentInfo_SetContent_SignedData(m_cmsMsg, cinfo, sigd) != + SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't set content signed data")); + goto loser; + } + + cinfo = NSS_CMSSignedData_GetContentInfo(sigd); + + /* we're always passing data in and detaching optionally */ + if (NSS_CMSContentInfo_SetContent_Data(m_cmsMsg, cinfo, nullptr, true) != + SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't set content data")); + goto loser; + } + + /* + * create & attach signer information + */ + signerinfo = NSS_CMSSignerInfo_Create(m_cmsMsg, scert.get(), digestType); + if (!signerinfo) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't create signer info")); + goto loser; + } + + /* we want the cert chain included for this one */ + if (NSS_CMSSignerInfo_IncludeCerts(signerinfo, NSSCMSCM_CertChain, + certUsageEmailSigner) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't include signer cert chain")); + goto loser; + } + + if (NSS_CMSSignerInfo_AddSigningTime(signerinfo, PR_Now()) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't add signing time")); + goto loser; + } + + if (NSS_CMSSignerInfo_AddSMIMECaps(signerinfo) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't add smime caps")); + goto loser; + } + + if (ecert) { + if (NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs( + signerinfo, ecert.get(), CERT_GetDefaultCertDB()) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't add smime enc key prefs")); + goto loser; + } + + if (NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs( + signerinfo, ecert.get(), CERT_GetDefaultCertDB()) != SECSuccess) { + MOZ_LOG( + gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't add MS smime enc key prefs")); + goto loser; + } + + // If signing and encryption cert are identical, don't add it twice. + bool addEncryptionCert = + (ecert && (!scert || !CERT_CompareCerts(ecert.get(), scert.get()))); + + if (addEncryptionCert && + NSS_CMSSignedData_AddCertificate(sigd, ecert.get()) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't add own encryption " + "certificate")); + goto loser; + } + } + + if (NSS_CMSSignedData_AddSignerInfo(sigd, signerinfo) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't add signer info")); + goto loser; + } + + // Finally, add the pre-computed digest if passed in + if (!aDigestData.IsEmpty()) { + SECItem digest; + + // NSS_CMSSignedData_SetDigestValue() takes a copy and won't mutate our + // data, so we're OK to cast away the const here. + digest.data = const_cast<uint8_t*>(aDigestData.Elements()); + digest.len = aDigestData.Length(); + if (NSS_CMSSignedData_SetDigestValue(sigd, digestType, &digest) != + SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSMessage::CreateSigned - can't set digest value")); + goto loser; + } + } + + return NS_OK; +loser: + if (m_cmsMsg) { + NSS_CMSMessage_Destroy(m_cmsMsg); + m_cmsMsg = nullptr; + } + return rv; +} + +NS_IMPL_ISUPPORTS(nsCMSDecoder, nsICMSDecoder) +NS_IMPL_ISUPPORTS(nsCMSDecoderJS, nsICMSDecoderJS) + +nsCMSDecoder::nsCMSDecoder() : m_dcx(nullptr) {} +nsCMSDecoderJS::nsCMSDecoderJS() : m_dcx(nullptr) {} + +nsCMSDecoder::~nsCMSDecoder() { + if (m_dcx) { + NSS_CMSDecoder_Cancel(m_dcx); + m_dcx = nullptr; + } +} + +nsCMSDecoderJS::~nsCMSDecoderJS() { + if (m_dcx) { + NSS_CMSDecoder_Cancel(m_dcx); + m_dcx = nullptr; + } +} + +nsresult nsCMSDecoder::Init() { + nsresult rv; + nsCOMPtr<nsISupports> nssInitialized = + do_GetService("@mozilla.org/psm;1", &rv); + return rv; +} + +nsresult nsCMSDecoderJS::Init() { + nsresult rv; + nsCOMPtr<nsISupports> nssInitialized = + do_GetService("@mozilla.org/psm;1", &rv); + return rv; +} + +/* void start (in NSSCMSContentCallback cb, in voidPtr arg); */ +NS_IMETHODIMP nsCMSDecoder::Start(NSSCMSContentCallback cb, void* arg) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSDecoder::Start")); + m_ctx = new PipUIContext(); + + m_dcx = NSS_CMSDecoder_Start(0, cb, arg, 0, m_ctx, 0, 0); + if (!m_dcx) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSDecoder::Start - can't start decoder")); + return NS_ERROR_FAILURE; + } + return NS_OK; +} + +/* void update (in string bug, in long len); */ +NS_IMETHODIMP nsCMSDecoder::Update(const char* buf, int32_t len) { + NSS_CMSDecoder_Update(m_dcx, (char*)buf, len); + return NS_OK; +} + +/* void finish (); */ +NS_IMETHODIMP nsCMSDecoder::Finish(nsICMSMessage** aCMSMsg) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSDecoder::Finish")); + NSSCMSMessage* cmsMsg; + cmsMsg = NSS_CMSDecoder_Finish(m_dcx); + m_dcx = nullptr; + if (cmsMsg) { + nsCMSMessage* obj = new nsCMSMessage(cmsMsg); + // The NSS object cmsMsg still carries a reference to the context + // we gave it on construction. + // Make sure the context will live long enough. + obj->referenceContext(m_ctx); + NS_ADDREF(*aCMSMsg = obj); + } + return NS_OK; +} + +void nsCMSDecoderJS::content_callback(void* arg, const char* input, + unsigned long length) { + nsCMSDecoderJS* self = reinterpret_cast<nsCMSDecoderJS*>(arg); + self->mDecryptedData.AppendElements(input, length); +} + +NS_IMETHODIMP nsCMSDecoderJS::Decrypt(const nsTArray<uint8_t>& aInput, + nsTArray<uint8_t>& _retval) { + if (aInput.IsEmpty()) { + return NS_ERROR_FAILURE; + } + + m_ctx = new PipUIContext(); + + m_dcx = NSS_CMSDecoder_Start(0, nsCMSDecoderJS::content_callback, this, 0, + m_ctx, 0, 0); + if (!m_dcx) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSDecoderJS::Start - can't start decoder")); + return NS_ERROR_FAILURE; + } + + NSS_CMSDecoder_Update(m_dcx, (char*)aInput.Elements(), aInput.Length()); + + NSSCMSMessage* cmsMsg; + cmsMsg = NSS_CMSDecoder_Finish(m_dcx); + m_dcx = nullptr; + if (cmsMsg) { + nsCMSMessage* obj = new nsCMSMessage(cmsMsg); + // The NSS object cmsMsg still carries a reference to the context + // we gave it on construction. + // Make sure the context will live long enough. + obj->referenceContext(m_ctx); + mCMSMessage = obj; + } + + _retval = mDecryptedData.Clone(); + return NS_OK; +} + +NS_IMPL_ISUPPORTS(nsCMSEncoder, nsICMSEncoder) + +nsCMSEncoder::nsCMSEncoder() : m_ecx(nullptr) {} + +nsCMSEncoder::~nsCMSEncoder() { + if (m_ecx) NSS_CMSEncoder_Cancel(m_ecx); +} + +nsresult nsCMSEncoder::Init() { + nsresult rv; + nsCOMPtr<nsISupports> nssInitialized = + do_GetService("@mozilla.org/psm;1", &rv); + return rv; +} + +/* void start (); */ +NS_IMETHODIMP nsCMSEncoder::Start(nsICMSMessage* aMsg, NSSCMSContentCallback cb, + void* arg) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSEncoder::Start")); + nsCMSMessage* cmsMsg = static_cast<nsCMSMessage*>(aMsg); + m_ctx = new PipUIContext(); + + m_ecx = NSS_CMSEncoder_Start(cmsMsg->getCMS(), cb, arg, 0, 0, 0, m_ctx, 0, 0, + 0, 0); + if (!m_ecx) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSEncoder::Start - can't start encoder")); + return NS_ERROR_FAILURE; + } + return NS_OK; +} + +/* void update (in string aBuf, in long aLen); */ +NS_IMETHODIMP nsCMSEncoder::Update(const char* aBuf, int32_t aLen) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSEncoder::Update")); + if (!m_ecx || NSS_CMSEncoder_Update(m_ecx, aBuf, aLen) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSEncoder::Update - can't update encoder")); + return NS_ERROR_FAILURE; + } + return NS_OK; +} + +/* void finish (); */ +NS_IMETHODIMP nsCMSEncoder::Finish() { + nsresult rv = NS_OK; + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSEncoder::Finish")); + if (!m_ecx || NSS_CMSEncoder_Finish(m_ecx) != SECSuccess) { + MOZ_LOG(gCMSLog, LogLevel::Debug, + ("nsCMSEncoder::Finish - can't finish encoder")); + rv = NS_ERROR_FAILURE; + } + m_ecx = nullptr; + return rv; +} + +/* void encode (in nsICMSMessage aMsg); */ +NS_IMETHODIMP nsCMSEncoder::Encode(nsICMSMessage* aMsg) { + MOZ_LOG(gCMSLog, LogLevel::Debug, ("nsCMSEncoder::Encode")); + return NS_ERROR_NOT_IMPLEMENTED; +} |