cmscinfo.c   [plain text]

/*
 * The contents of this file are subject to the Mozilla Public
 * License Version 1.1 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of
 * the License at http://www.mozilla.org/MPL/
 * 
 * Software distributed under the License is distributed on an "AS
 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
 * implied. See the License for the specific language governing
 * rights and limitations under the License.
 * 
 * The Original Code is the Netscape security libraries.
 * 
 * The Initial Developer of the Original Code is Netscape
 * Communications Corporation.  Portions created by Netscape are 
 * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
 * Rights Reserved.
 * 
 * Contributor(s):
 * 
 * Alternatively, the contents of this file may be used under the
 * terms of the GNU General Public License Version 2 or later (the
 * "GPL"), in which case the provisions of the GPL are applicable 
 * instead of those above.  If you wish to allow use of your 
 * version of this file only under the terms of the GPL and not to
 * allow others to use your version of this file under the MPL,
 * indicate your decision by deleting the provisions above and
 * replace them with the notice and other provisions required by
 * the GPL.  If you do not delete the provisions above, a recipient
 * may use your version of this file under either the MPL or the
 * GPL.
 */

/*
 * CMS contentInfo methods.
 */

#include <Security/SecCmsContentInfo.h>

#include <Security/SecCmsDigestContext.h>
#include <Security/SecCmsDigestedData.h>
#include <Security/SecCmsEncryptedData.h>
#include <Security/SecCmsEnvelopedData.h>
#include <Security/SecCmsSignedData.h>

#include "cmslocal.h"

//#include "pk11func.h"
#include "secoid.h"
#include "SecAsn1Item.h"

#include <security_asn1/secerr.h>
#include <security_asn1/secport.h>

#include <Security/SecBase.h>

/*
 * SecCmsContentInfoDestroy - destroy a CMS contentInfo and all of its sub-pieces.
 */
void
SecCmsContentInfoDestroy(SecCmsContentInfoRef cinfo)
{
    SECOidTag kind;

    if(!cinfo) return;

    kind = SecCmsContentInfoGetContentTypeTag(cinfo);
    switch (kind) {
    case SEC_OID_PKCS7_ENVELOPED_DATA:
	SecCmsEnvelopedDataDestroy(cinfo->content.envelopedData);
	break;
      case SEC_OID_PKCS7_SIGNED_DATA:
	SecCmsSignedDataDestroy(cinfo->content.signedData);
	break;
      case SEC_OID_PKCS7_ENCRYPTED_DATA:
	SecCmsEncryptedDataDestroy(cinfo->content.encryptedData);
	break;
      case SEC_OID_PKCS7_DIGESTED_DATA:
	SecCmsDigestedDataDestroy(cinfo->content.digestedData);
	break;
      default:
	/* XXX Anything else that needs to be "manually" freed/destroyed? */
	break;
    }
    if (cinfo->digcx) {
	/* must destroy digest objects */
	SecCmsDigestContextCancel(cinfo->digcx);
	cinfo->digcx = NULL;
    }
    if (cinfo->bulkkey)
	CFRelease(cinfo->bulkkey);
    /* @@@ private key is only here as a workaround for 3401088.  Note this *must* be released after bulkkey */
    if (cinfo->privkey)
	CFRelease(cinfo->privkey);

    if (cinfo->ciphcx) {
	SecCmsCipherContextDestroy(cinfo->ciphcx);
	cinfo->ciphcx = NULL;
    }
    
    /* we live in a pool, so no need to worry about storage */
}

/*
 * SecCmsContentInfoGetChildContentInfo - get content's contentInfo (if it exists)
 */
SecCmsContentInfoRef
SecCmsContentInfoGetChildContentInfo(SecCmsContentInfoRef cinfo)
{
    void *ptr = NULL;
    SecCmsContentInfoRef ccinfo = NULL;
    SECOidTag tag = SecCmsContentInfoGetContentTypeTag(cinfo);
    switch (tag) {
    case SEC_OID_PKCS7_SIGNED_DATA:
	ptr = (void *)cinfo->content.signedData;
	ccinfo = &(cinfo->content.signedData->contentInfo);
	break;
    case SEC_OID_PKCS7_ENVELOPED_DATA:
	ptr = (void *)cinfo->content.envelopedData;
	ccinfo = &(cinfo->content.envelopedData->contentInfo);
	break;
    case SEC_OID_PKCS7_DIGESTED_DATA:
	ptr = (void *)cinfo->content.digestedData;
	ccinfo = &(cinfo->content.digestedData->contentInfo);
	break;
    case SEC_OID_PKCS7_ENCRYPTED_DATA:
	ptr = (void *)cinfo->content.encryptedData;
	ccinfo = &(cinfo->content.encryptedData->contentInfo);
	break;
    case SEC_OID_PKCS7_DATA:
    default:
	break;
    }
    return (ptr ? ccinfo : NULL);
}

/*
 * SecCmsContentInfoSetContent - set content type & content
 */
OSStatus
SecCmsContentInfoSetContent(SecCmsContentInfoRef cinfo, SECOidTag type, void *ptr)
{
    OSStatus rv;

    cinfo->contentTypeTag = SECOID_FindOIDByTag(type);
    if (cinfo->contentTypeTag == NULL)
	return errSecParam;
    
    /* do not copy the oid, just create a reference */
    rv = SECITEM_CopyItem (cinfo->cmsg->poolp, &(cinfo->contentType), &(cinfo->contentTypeTag->oid));
    if (rv != SECSuccess)
	return errSecAllocate;

    cinfo->content.pointer = ptr;

    if (type != SEC_OID_PKCS7_DATA) {
	/* as we always have some inner data,
	 * we need to set it to something, just to fool the encoder enough to work on it
	 * and get us into nss_cms_encoder_notify at that point */
	cinfo->rawContent = SECITEM_AllocItem(cinfo->cmsg->poolp, NULL, 1);
	if (cinfo->rawContent == NULL) {
	    PORT_SetError(SEC_ERROR_NO_MEMORY);
	    return errSecAllocate;
	}
    }

    return errSecSuccess;
}

/*
 * SecCmsContentInfoSetContentXXXX - typesafe wrappers for SecCmsContentInfoSetContent
 */

/*
 * data == NULL -> pass in data via SecCmsEncoderUpdate
 * data != NULL -> take this data
 */
OSStatus
SecCmsContentInfoSetContentData(SecCmsContentInfoRef cinfo, CFDataRef dataRef, Boolean detached)
{
    SecAsn1Item * data = NULL;
    if (dataRef) {
	/* @@@ Fixme CFRetain the passed in data rather than
	   always copying it for performance. */
	data = PORT_ArenaAlloc(cinfo->cmsg->poolp, sizeof(SecAsn1Item));
	data->Length = CFDataGetLength(dataRef);
	if (data->Length) {
	    data->Data = PORT_ArenaAlloc(cinfo->cmsg->poolp, data->Length);
	    memcpy(data->Data, CFDataGetBytePtr(dataRef), data->Length);
	}
	else
	    data->Data = NULL;
    }

    if (SecCmsContentInfoSetContent(cinfo, SEC_OID_PKCS7_DATA, (void *)data) != SECSuccess) {
        OSStatus status = PORT_GetError();
        PORT_SetError(0); // clean the thread since we've returned this error
        return status;
    }
    cinfo->rawContent = (detached) ? 
			    NULL : (data) ? 
				data : SECITEM_AllocItem(cinfo->cmsg->poolp, NULL, 1);
    return errSecSuccess;
}

OSStatus
SecCmsContentInfoSetContentSignedData(SecCmsContentInfoRef cinfo, SecCmsSignedDataRef sigd)
{
    return SecCmsContentInfoSetContent(cinfo, SEC_OID_PKCS7_SIGNED_DATA, (void *)sigd);
}

OSStatus
SecCmsContentInfoSetContentEnvelopedData(SecCmsContentInfoRef cinfo, SecCmsEnvelopedDataRef envd)
{
    return SecCmsContentInfoSetContent(cinfo, SEC_OID_PKCS7_ENVELOPED_DATA, (void *)envd);
}

OSStatus
SecCmsContentInfoSetContentDigestedData(SecCmsContentInfoRef cinfo, SecCmsDigestedDataRef digd)
{
    return SecCmsContentInfoSetContent(cinfo, SEC_OID_PKCS7_DIGESTED_DATA, (void *)digd);
}

OSStatus
SecCmsContentInfoSetContentEncryptedData(SecCmsContentInfoRef cinfo, SecCmsEncryptedDataRef encd)
{
    return SecCmsContentInfoSetContent(cinfo, SEC_OID_PKCS7_ENCRYPTED_DATA, (void *)encd);
}

OSStatus
SecCmsContentInfoSetContentOther(SecCmsContentInfoRef cinfo, SecAsn1Item *data, Boolean detached, const SecAsn1Oid *eContentType)
{
    SECStatus srtn;
    SECOidData *tmpOidData;

    /* just like SecCmsContentInfoSetContentData, except override the contentType and
     * contentTypeTag. This OID is for encoding... */
    srtn = SECITEM_CopyItem (cinfo->cmsg->poolp, &(cinfo->contentType), eContentType);
    if (srtn != SECSuccess) {
        return errSecAllocate;
    }

    /* this serves up a contentTypeTag with an empty OID */
    tmpOidData = SECOID_FindOIDByTag(SEC_OID_OTHER);
    /* but that's const: cook up a new one we can write to */
    cinfo->contentTypeTag = (SECOidData *)PORT_ArenaZAlloc(cinfo->cmsg->poolp, sizeof(SECOidData));
    *cinfo->contentTypeTag = *tmpOidData;
    /* now fill in the OID */
    srtn = SECITEM_CopyItem (cinfo->cmsg->poolp, &(cinfo->contentTypeTag->oid), eContentType);
    if (srtn != SECSuccess) {
        return errSecAllocate;
    }
    cinfo->content.pointer = data;
    cinfo->rawContent = (detached) ? NULL : (data) ?
                                data : SECITEM_AllocItem(cinfo->cmsg->poolp, NULL, 1);
    return noErr;
}

/*
 * SecCmsContentInfoGetContent - get pointer to inner content
 *
 * needs to be casted...
 */
void *
SecCmsContentInfoGetContent(SecCmsContentInfoRef cinfo)
{
    SECOidTag tag = (cinfo && cinfo->contentTypeTag) 
		     ? cinfo->contentTypeTag->offset 
		     : SEC_OID_UNKNOWN;
    switch (tag) {
    case SEC_OID_PKCS7_DATA:
    case SEC_OID_PKCS7_SIGNED_DATA:
    case SEC_OID_PKCS7_ENVELOPED_DATA:
    case SEC_OID_PKCS7_DIGESTED_DATA:
    case SEC_OID_PKCS7_ENCRYPTED_DATA:
	return cinfo->content.pointer;
    default:
	return NULL;
    }
}

/* 
 * SecCmsContentInfoGetInnerContent - get pointer to innermost content
 *
 * this is typically only called by SecCmsMessageGetContent()
 */
const SecAsn1Item *
SecCmsContentInfoGetInnerContent(SecCmsContentInfoRef cinfo)
{
    SecCmsContentInfoRef ccinfo;
    SECOidTag tag;
    SecAsn1Item * pItem;

    tag = SecCmsContentInfoGetContentTypeTag(cinfo);
    switch (tag) {
    case SEC_OID_PKCS7_DATA:
	/* end of recursion - every message has to have a data cinfo */
	pItem = cinfo->content.data; 
	break;
    case SEC_OID_PKCS7_DIGESTED_DATA:
    case SEC_OID_PKCS7_ENCRYPTED_DATA:
    case SEC_OID_PKCS7_ENVELOPED_DATA:
    case SEC_OID_PKCS7_SIGNED_DATA:
	ccinfo = SecCmsContentInfoGetChildContentInfo(cinfo);
	if (ccinfo == NULL)
	    pItem = NULL;
	else
	    pItem = SecCmsContentInfoGetContent(ccinfo);
	break;
    default:
	PORT_Assert(0);
	pItem = NULL;
	break;
    }
    return pItem;
}

/*
 * SecCmsContentInfoGetContentType{Tag,OID} - find out (saving pointer to lookup result
 * for future reference) and return the inner content type.
 */
SECOidTag
SecCmsContentInfoGetContentTypeTag(SecCmsContentInfoRef cinfo)
{
    if (cinfo->contentTypeTag == NULL)
	cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));

    if (cinfo->contentTypeTag == NULL)
	return SEC_OID_UNKNOWN;

    return cinfo->contentTypeTag->offset;
}

SecAsn1Oid *
SecCmsContentInfoGetContentTypeOID(SecCmsContentInfoRef cinfo)
{
    if (cinfo->contentTypeTag == NULL)
	cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));

    if (cinfo->contentTypeTag == NULL)
	return NULL;

    return &(cinfo->contentTypeTag->oid);
}

/*
 * SecCmsContentInfoGetContentEncAlgTag - find out (saving pointer to lookup result
 * for future reference) and return the content encryption algorithm tag.
 */
SECOidTag
SecCmsContentInfoGetContentEncAlgTag(SecCmsContentInfoRef cinfo)
{
    if (cinfo->contentEncAlgTag == SEC_OID_UNKNOWN)
	cinfo->contentEncAlgTag = SECOID_GetAlgorithmTag(&(cinfo->contentEncAlg));

    return cinfo->contentEncAlgTag;
}

/*
 * SecCmsContentInfoGetContentEncAlg - find out and return the content encryption algorithm tag.
 */
SECAlgorithmID *
SecCmsContentInfoGetContentEncAlg(SecCmsContentInfoRef cinfo)
{
    return &(cinfo->contentEncAlg);
}

OSStatus
SecCmsContentInfoSetContentEncAlg(SecCmsContentInfoRef cinfo,
				  SECOidTag bulkalgtag, const SecAsn1Item *parameters, int keysize)
{
    PLArenaPool *poolp = cinfo->cmsg->poolp;
    OSStatus rv;

    rv = SECOID_SetAlgorithmID(poolp, &(cinfo->contentEncAlg), bulkalgtag, parameters);
    if (rv != SECSuccess)
	return SECFailure;
    cinfo->keysize = keysize;
    return SECSuccess;
}

OSStatus
SecCmsContentInfoSetContentEncAlgID(SecCmsContentInfoRef cinfo,
				    SECAlgorithmID *algid, int keysize)
{
    PLArenaPool *poolp = cinfo->cmsg->poolp;
    OSStatus rv;

    rv = SECOID_CopyAlgorithmID(poolp, &(cinfo->contentEncAlg), algid);
    if (rv != SECSuccess)
	return SECFailure;
    if (keysize >= 0)
	cinfo->keysize = keysize;
    return SECSuccess;
}

void
SecCmsContentInfoSetBulkKey(SecCmsContentInfoRef cinfo, SecSymmetricKeyRef bulkkey)
{
#ifdef USE_CDSA_CRYPTO
    const CSSM_KEY *cssmKey = NULL;
#endif
    if (!bulkkey || !cinfo) return;
    cinfo->bulkkey = bulkkey;
    CFRetain(cinfo->bulkkey);
#ifdef USE_CDSA_CRYPTO
    SecKeyGetCSSMKey(cinfo->bulkkey, &cssmKey);
    cinfo->keysize = cssmKey ? cssmKey->KeyHeader.LogicalKeySizeInBits : 0;
#else
    long long bulkKeySize = CFDataGetLength((CFDataRef)bulkkey) * 8;
    if (bulkKeySize < INT_MAX) {
        cinfo->keysize = (int)bulkKeySize;
    } else {
        CFRelease(cinfo->bulkkey);
        cinfo->bulkkey = NULL;
        cinfo->keysize = 0;
    }
#endif
}

SecSymmetricKeyRef
SecCmsContentInfoGetBulkKey(SecCmsContentInfoRef cinfo)
{
    if (cinfo->bulkkey == NULL)
	return NULL;

    CFRetain(cinfo->bulkkey);
    return cinfo->bulkkey;
}

int
SecCmsContentInfoGetBulkKeySize(SecCmsContentInfoRef cinfo)
{
    return cinfo->keysize;
}