robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4076 Commits
2 Branches
Tree: 196751ce95
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '196751ce95'
${ noResults }
ipxe/src/crypto/cms.c

cms.c 17KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603 
  1. /*

  2.  * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.

  3.  *

  4.  * This program is free software; you can redistribute it and/or

  5.  * modify it under the terms of the GNU General Public License as

  6.  * published by the Free Software Foundation; either version 2 of the

  7.  * License, or any later version.

  8.  *

  9.  * This program is distributed in the hope that it will be useful, but

  10.  * WITHOUT ANY WARRANTY; without even the implied warranty of

  11.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  12.  * General Public License for more details.

  13.  *

  14.  * You should have received a copy of the GNU General Public License

  15.  * along with this program; if not, write to the Free Software

  16.  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

  17.  */

  18. 

  19. FILE_LICENCE ( GPL2_OR_LATER );

  20. 

  21. /** @file

  22.  *

  23.  * Cryptographic Message Syntax (PKCS #7)

  24.  *

  25.  * The format of CMS messages is defined in RFC 5652.

  26.  *

  27.  */

  28. 

  29. #include <stdint.h>

  30. #include <string.h>

  31. #include <time.h>

  32. #include <errno.h>

  33. #include <ipxe/asn1.h>

  34. #include <ipxe/x509.h>

  35. #include <ipxe/uaccess.h>

  36. #include <ipxe/cms.h>

  37. 

  38. /* Disambiguate the various error causes */

  39. #define EACCES_NON_SIGNING \

  40. 	__einfo_error ( EINFO_EACCES_NON_SIGNING )

  41. #define EINFO_EACCES_NON_SIGNING \

  42. 	__einfo_uniqify ( EINFO_EACCES, 0x01, "Not a signing certificate" )

  43. #define EACCES_NON_CODE_SIGNING \

  44. 	__einfo_error ( EINFO_EACCES_NON_CODE_SIGNING )

  45. #define EINFO_EACCES_NON_CODE_SIGNING \

  46. 	__einfo_uniqify ( EINFO_EACCES, 0x02, "Not a code-signing certificate" )

  47. #define EACCES_INCOMPLETE \

  48. 	__einfo_error ( EINFO_EACCES_INCOMPLETE )

  49. #define EINFO_EACCES_INCOMPLETE \

  50. 	__einfo_uniqify ( EINFO_EACCES, 0x03, "Incomplete certificate chain" )

  51. #define EACCES_WRONG_NAME \

  52. 	__einfo_error ( EINFO_EACCES_WRONG_NAME )

  53. #define EINFO_EACCES_WRONG_NAME \

  54. 	__einfo_uniqify ( EINFO_EACCES, 0x04, "Incorrect certificate name" )

  55. #define EINVAL_DIGEST \

  56. 	__einfo_error ( EINFO_EINVAL_DIGEST )

  57. #define EINFO_EINVAL_DIGEST \

  58. 	__einfo_uniqify ( EINFO_EINVAL, 0x01, "Not a digest algorithm" )

  59. #define EINVAL_PUBKEY \

  60. 	__einfo_error ( EINFO_EINVAL_PUBKEY )

  61. #define EINFO_EINVAL_PUBKEY \

  62. 	__einfo_uniqify ( EINFO_EINVAL, 0x02, "Not a public-key algorithm" )

  63. #define ENOTSUP_SIGNEDDATA \

  64. 	__einfo_error ( EINFO_ENOTSUP_SIGNEDDATA )

  65. #define EINFO_ENOTSUP_SIGNEDDATA \

  66. 	__einfo_uniqify ( EINFO_ENOTSUP, 0x01, "Not a digital signature" )

  67. #define ENOTSUP_DIGEST \

  68. 	__einfo_error ( EINFO_ENOTSUP_DIGEST )

  69. #define EINFO_ENOTSUP_DIGEST \

  70. 	__einfo_uniqify ( EINFO_ENOTSUP, 0x02, "Unsupported digest algorithm" )

  71. #define ENOTSUP_PUBKEY \

  72. 	__einfo_error ( EINFO_ENOTSUP_PUBKEY )

  73. #define EINFO_ENOTSUP_PUBKEY					\

  74. 	__einfo_uniqify ( EINFO_ENOTSUP, 0x03,			\

  75. 			  "Unsupported public-key algorithm" )

  76. 

  77. /** "pkcs7-signedData" object identifier */

  78. static uint8_t oid_signeddata[] = { ASN1_OID_SIGNEDDATA };

  79. 

  80. /** "pkcs7-signedData" object identifier cursor */

  81. static struct asn1_cursor oid_signeddata_cursor =

  82. 	ASN1_OID_CURSOR ( oid_signeddata );

  83. 

  84. /**

  85.  * Parse CMS signature content type

  86.  *

  87.  * @v sig		CMS signature

  88.  * @v raw		ASN.1 cursor

  89.  * @ret rc		Return status code

  90.  */

  91. static int cms_parse_content_type ( struct cms_signature *sig,

  92. 				    const struct asn1_cursor *raw ) {

  93. 	struct asn1_cursor cursor;

  94. 

  95. 	/* Enter contentType */

  96. 	memcpy ( &cursor, raw, sizeof ( cursor ) );

  97. 	asn1_enter ( &cursor, ASN1_OID );

  98. 

  99. 	/* Check OID is pkcs7-signedData */

  100. 	if ( asn1_compare ( &cursor, &oid_signeddata_cursor ) != 0 ) {

  101. 		DBGC ( sig, "CMS %p does not contain signedData:\n", sig );

  102. 		DBGC_HDA ( sig, 0, raw->data, raw->len );

  103. 		return -ENOTSUP_SIGNEDDATA;

  104. 	}

  105. 

  106. 	DBGC ( sig, "CMS %p contains signedData\n", sig );

  107. 	return 0;

  108. }

  109. 

  110. /**

  111.  * Parse CMS signature signer identifier

  112.  *

  113.  * @v sig		CMS signature

  114.  * @v info		Signer information to fill in

  115.  * @v raw		ASN.1 cursor

  116.  * @ret rc		Return status code

  117.  */

  118. static int cms_parse_signer_identifier ( struct cms_signature *sig,

  119. 					 struct cms_signer_info *info,

  120. 					 const struct asn1_cursor *raw ) {

  121. 	struct asn1_cursor cursor;

  122. 	int rc;

  123. 

  124. 	/* Enter issuerAndSerialNumber */

  125. 	memcpy ( &cursor, raw, sizeof ( cursor ) );

  126. 	asn1_enter ( &cursor, ASN1_SEQUENCE );

  127. 

  128. 	/* Record issuer */

  129. 	memcpy ( &info->issuer, &cursor, sizeof ( info->issuer ) );

  130. 	if ( ( rc = asn1_shrink ( &info->issuer, ASN1_SEQUENCE ) ) != 0 ) {

  131. 		DBGC ( sig, "CMS %p/%p could not locate issuer: %s\n",

  132. 		       sig, info, strerror ( rc ) );

  133. 		DBGC_HDA ( sig, 0, raw->data, raw->len );

  134. 		return rc;

  135. 	}

  136. 	DBGC ( sig, "CMS %p/%p issuer is:\n", sig, info );

  137. 	DBGC_HDA ( sig, 0, info->issuer.data, info->issuer.len );

  138. 	asn1_skip_any ( &cursor );

  139. 

  140. 	/* Record serialNumber */

  141. 	memcpy ( &info->serial, &cursor, sizeof ( info->serial ) );

  142. 	if ( ( rc = asn1_shrink ( &info->serial, ASN1_INTEGER ) ) != 0 ) {

  143. 		DBGC ( sig, "CMS %p/%p could not locate serialNumber: %s\n",

  144. 		       sig, info, strerror ( rc ) );

  145. 		DBGC_HDA ( sig, 0, raw->data, raw->len );

  146. 		return rc;

  147. 	}

  148. 	DBGC ( sig, "CMS %p/%p serial number is:\n", sig, info );

  149. 	DBGC_HDA ( sig, 0, info->serial.data, info->serial.len );

  150. 

  151. 	return 0;

  152. }

  153. 

  154. /**

  155.  * Parse CMS signature digest algorithm

  156.  *

  157.  * @v sig		CMS signature

  158.  * @v info		Signer information to fill in

  159.  * @v raw		ASN.1 cursor

  160.  * @ret rc		Return status code

  161.  */

  162. static int cms_parse_digest_algorithm ( struct cms_signature *sig,

  163. 					struct cms_signer_info *info,

  164. 					const struct asn1_cursor *raw ) {

  165. 	struct asn1_algorithm *algorithm;

  166. 

  167. 	/* Identify algorithm */

  168. 	algorithm = asn1_algorithm ( raw );

  169. 	if ( ! algorithm ) {

  170. 		DBGC ( sig, "CMS %p/%p could not identify digest algorithm:\n",

  171. 		       sig, info );

  172. 		DBGC_HDA ( sig, 0, raw->data, raw->len );

  173. 		return -ENOTSUP_DIGEST;

  174. 	}

  175. 

  176. 	/* Check algorithm is a digest algorithm */

  177. 	if ( ! algorithm->digest ) {

  178. 		DBGC ( sig, "CMS %p/%p algorithm %s is not a digest "

  179. 		       "algorithm\n", sig, info, algorithm->name );

  180. 		return -EINVAL_DIGEST;

  181. 	}

  182. 

  183. 	/* Record digest algorithm */

  184. 	info->digest = algorithm->digest;

  185. 	DBGC ( sig, "CMS %p/%p digest algorithm is %s\n",

  186. 	       sig, info, algorithm->name );

  187. 

  188. 	return 0;

  189. }

  190. 

  191. /**

  192.  * Parse CMS signature algorithm

  193.  *

  194.  * @v sig		CMS signature

  195.  * @v info		Signer information to fill in

  196.  * @v raw		ASN.1 cursor

  197.  * @ret rc		Return status code

  198.  */

  199. static int cms_parse_signature_algorithm ( struct cms_signature *sig,

  200. 					   struct cms_signer_info *info,

  201. 					   const struct asn1_cursor *raw ) {

  202. 	struct asn1_algorithm *algorithm;

  203. 

  204. 	/* Identify algorithm */

  205. 	algorithm = asn1_algorithm ( raw );

  206. 	if ( ! algorithm ) {

  207. 		DBGC ( sig, "CMS %p/%p could not identify public-key "

  208. 		       "algorithm:\n", sig, info );

  209. 		DBGC_HDA ( sig, 0, raw->data, raw->len );

  210. 		return -ENOTSUP_PUBKEY;

  211. 	}

  212. 

  213. 	/* Check algorithm is a signature algorithm */

  214. 	if ( ! algorithm->pubkey ) {

  215. 		DBGC ( sig, "CMS %p/%p algorithm %s is not a public-key "

  216. 		       "algorithm\n", sig, info, algorithm->name );

  217. 		return -EINVAL_PUBKEY;

  218. 	}

  219. 

  220. 	/* Record signature algorithm */

  221. 	info->pubkey = algorithm->pubkey;

  222. 	DBGC ( sig, "CMS %p/%p public-key algorithm is %s\n",

  223. 	       sig, info, algorithm->name );

  224. 

  225. 	return 0;

  226. }

  227. 

  228. /**

  229.  * Parse CMS signature value

  230.  *

  231.  * @v sig		CMS signature

  232.  * @v info		Signer information to fill in

  233.  * @v raw		ASN.1 cursor

  234.  * @ret rc		Return status code

  235.  */

  236. static int cms_parse_signature_value ( struct cms_signature *sig,

  237. 				       struct cms_signer_info *info,

  238. 				       const struct asn1_cursor *raw ) {

  239. 	struct asn1_cursor cursor;

  240. 	int rc;

  241. 

  242. 	/* Enter signature */

  243. 	memcpy ( &cursor, raw, sizeof ( cursor ) );

  244. 	if ( ( rc = asn1_enter ( &cursor, ASN1_OCTET_STRING ) ) != 0 ) {

  245. 		DBGC ( sig, "CMS %p/%p could not locate signature:\n",

  246. 		       sig, info );

  247. 		DBGC_HDA ( sig, 0, raw->data, raw->len );

  248. 		return rc;

  249. 	}

  250. 

  251. 	/* Record signature */

  252. 	info->signature = cursor.data;

  253. 	info->signature_len = cursor.len;

  254. 	DBGC ( sig, "CMS %p/%p signature value is:\n", sig, info );

  255. 	DBGC_HDA ( sig, 0, info->signature, info->signature_len );

  256. 

  257. 	return 0;

  258. }

  259. 

  260. /**

  261.  * Parse CMS signature signer information

  262.  *

  263.  * @v sig		CMS signature

  264.  * @v info		Signer information to fill in

  265.  * @v raw		ASN.1 cursor

  266.  * @ret rc		Return status code

  267.  */

  268. static int cms_parse_signer_info ( struct cms_signature *sig,

  269. 				   struct cms_signer_info *info,

  270. 				   const struct asn1_cursor *raw ) {

  271. 	struct asn1_cursor cursor;

  272. 	int rc;

  273. 

  274. 	/* Enter signerInfo */

  275. 	memcpy ( &cursor, raw, sizeof ( cursor ) );

  276. 	asn1_enter ( &cursor, ASN1_SEQUENCE );

  277. 

  278. 	/* Skip version */

  279. 	asn1_skip ( &cursor, ASN1_INTEGER );

  280. 

  281. 	/* Parse sid */

  282. 	if ( ( rc = cms_parse_signer_identifier ( sig, info, &cursor ) ) != 0 )

  283. 		return rc;

  284. 	asn1_skip_any ( &cursor );

  285. 

  286. 	/* Parse digestAlgorithm */

  287. 	if ( ( rc = cms_parse_digest_algorithm ( sig, info, &cursor ) ) != 0 )

  288. 		return rc;

  289. 	asn1_skip_any ( &cursor );

  290. 

  291. 	/* Skip signedAttrs, if present */

  292. 	asn1_skip_if_exists ( &cursor, ASN1_EXPLICIT_TAG ( 0 ) );

  293. 

  294. 	/* Parse signatureAlgorithm */

  295. 	if ( ( rc = cms_parse_signature_algorithm ( sig, info, &cursor ) ) != 0)

  296. 		return rc;

  297. 	asn1_skip_any ( &cursor );

  298. 

  299. 	/* Parse signature */

  300. 	if ( ( rc = cms_parse_signature_value ( sig, info, &cursor ) ) != 0 )

  301. 		return rc;

  302. 

  303. 	return 0;

  304. }

  305. 

  306. /**

  307.  * Parse CMS signature from ASN.1 data

  308.  *

  309.  * @v sig		CMS signature

  310.  * @v data		Raw signature data

  311.  * @v len		Length of raw data

  312.  * @ret rc		Return status code

  313.  */

  314. int cms_parse ( struct cms_signature *sig, const void *data, size_t len ) {

  315. 	struct asn1_cursor cursor;

  316. 	int rc;

  317. 

  318. 	/* Initialise signature */

  319. 	memset ( sig, 0, sizeof ( *sig ) );

  320. 	cursor.data = data;

  321. 	cursor.len = len;

  322. 

  323. 	/* Enter contentInfo */

  324. 	asn1_enter ( &cursor, ASN1_SEQUENCE );

  325. 

  326. 	/* Parse contentType */

  327. 	if ( ( rc = cms_parse_content_type ( sig, &cursor ) ) != 0 )

  328. 		return rc;

  329. 	asn1_skip_any ( &cursor );

  330. 

  331. 	/* Enter content */

  332. 	asn1_enter ( &cursor, ASN1_EXPLICIT_TAG ( 0 ) );

  333. 

  334. 	/* Enter signedData */

  335. 	asn1_enter ( &cursor, ASN1_SEQUENCE );

  336. 

  337. 	/* Skip version */

  338. 	asn1_skip ( &cursor, ASN1_INTEGER );

  339. 

  340. 	/* Skip digestAlgorithms */

  341. 	asn1_skip ( &cursor, ASN1_SET );

  342. 

  343. 	/* Skip encapContentInfo */

  344. 	asn1_skip ( &cursor, ASN1_SEQUENCE );

  345. 

  346. 	/* Record certificates */

  347. 	memcpy ( &sig->certificates, &cursor, sizeof ( sig->certificates ) );

  348. 	if ( ( rc = asn1_enter ( &sig->certificates,

  349. 				 ASN1_EXPLICIT_TAG ( 0 ) ) ) != 0 ) {

  350. 		DBGC ( sig, "CMS %p could not locate certificates:\n", sig );

  351. 		DBGC_HDA ( sig, 0, data, len );

  352. 		return rc;

  353. 	}

  354. 	asn1_skip_any ( &cursor );

  355. 

  356. 	/* Skip crls, if present */

  357. 	asn1_skip_if_exists ( &cursor, ASN1_EXPLICIT_TAG ( 1 ) );

  358. 

  359. 	/* Enter signerInfos */

  360. 	asn1_enter ( &cursor, ASN1_SET );

  361. 

  362. 	/* Parse first signerInfo */

  363. 	if ( ( rc = cms_parse_signer_info ( sig, &sig->info, &cursor ) ) != 0 )

  364. 		return rc;

  365. 

  366. 	return 0;

  367. }

  368. 

  369. /** CMS certificate chain context */

  370. struct cms_chain_context {

  371. 	/** Signature */

  372. 	struct cms_signature *sig;

  373. 	/** Signer information */

  374. 	struct cms_signer_info *info;

  375. };

  376. 

  377. /**

  378.  * Parse next certificate in chain

  379.  *

  380.  * @v cert		X.509 certificate to parse

  381.  * @v previous		Previous X.509 certificate, or NULL

  382.  * @v ctx		Chain context

  383.  * @ret rc		Return status code

  384.  */

  385. static int cms_parse_next ( struct x509_certificate *cert,

  386. 			    const struct x509_certificate *previous,

  387. 			    void *ctx ) {

  388. 	struct cms_chain_context *context = ctx;

  389. 	struct cms_signature *sig = context->sig;

  390. 	struct cms_signer_info *info = context->info;

  391. 	struct asn1_cursor cursor;

  392. 	int rc;

  393. 

  394. 	/* Search for relevant certificate */

  395. 	memcpy ( &cursor, &sig->certificates, sizeof ( cursor ) );

  396. 	while ( cursor.len ) {

  397. 

  398. 		/* Parse certificate */

  399. 		if ( ( rc = x509_parse ( cert, cursor.data,

  400. 					 cursor.len ) ) != 0 ) {

  401. 			DBGC ( sig, "CMS %p/%p could not parse certificate:\n",

  402. 			       sig, info );

  403. 			DBGC_HDA ( sig, 0, cursor.data, cursor.len );

  404. 			return rc;

  405. 		}

  406. 

  407. 		if ( previous == NULL ) {

  408. 			/* First certificate: check issuer and serial

  409. 			 * number against signer info

  410. 			 */

  411. 			if ( ( asn1_compare ( &info->issuer,

  412. 					      &cert->issuer.raw ) == 0 ) &&

  413. 			     ( asn1_compare ( &info->serial,

  414. 					      &cert->serial.raw ) == 0 ) ) {

  415. 				return 0;

  416. 			}

  417. 		} else {

  418. 			/* Subsequent certificates: check subject

  419. 			 * against previous certificate's issuer.

  420. 			 */

  421. 			if ( asn1_compare ( &previous->issuer.raw,

  422. 					    &cert->subject.raw ) == 0 ) {

  423. 				return 0;

  424. 			}

  425. 		}

  426. 

  427. 		/* Move to next certificate */

  428. 		asn1_skip_any ( &cursor );

  429. 	}

  430. 

  431. 	DBGC ( sig, "CMS %p/%p reached end of certificate chain\n", sig, info );

  432. 	return -EACCES_INCOMPLETE;

  433. }

  434. 

  435. /**

  436.  * Calculate digest of CMS-signed data

  437.  *

  438.  * @v sig		CMS signature

  439.  * @v info		Signer information

  440.  * @v data		Signed data

  441.  * @v len		Length of signed data

  442.  * @v out		Digest output

  443.  */

  444. static void cms_digest ( struct cms_signature *sig,

  445. 			 struct cms_signer_info *info,

  446. 			 userptr_t data, size_t len, void *out ) {

  447. 	struct digest_algorithm *digest = info->digest;

  448. 	uint8_t ctx[ digest->ctxsize ];

  449. 	uint8_t block[ digest->blocksize ];

  450. 	size_t offset = 0;

  451. 	size_t frag_len;

  452. 

  453. 	/* Initialise digest */

  454. 	digest_init ( digest, ctx );

  455. 

  456. 	/* Process data one block at a time */

  457. 	while ( len ) {

  458. 		frag_len = len;

  459. 		if ( frag_len > sizeof ( block ) )

  460. 			frag_len = sizeof ( block );

  461. 		copy_from_user ( block, data, offset, frag_len );

  462. 		digest_update ( digest, ctx, block, frag_len );

  463. 		offset += frag_len;

  464. 		len -= frag_len;

  465. 	}

  466. 

  467. 	/* Finalise digest */

  468. 	digest_final ( digest, ctx, out );

  469. 

  470. 	DBGC ( sig, "CMS %p/%p digest value:\n", sig, info );

  471. 	DBGC_HDA ( sig, 0, out, digest->digestsize );

  472. }

  473. 

  474. /**

  475.  * Verify digest of CMS-signed data

  476.  *

  477.  * @v sig		CMS signature

  478.  * @v info		Signer information

  479.  * @v cert		Corresponding certificate

  480.  * @v data		Signed data

  481.  * @v len		Length of signed data

  482.  * @ret rc		Return status code

  483.  */

  484. static int cms_verify_digest ( struct cms_signature *sig,

  485. 			       struct cms_signer_info *info,

  486. 			       struct x509_certificate *cert,

  487. 			       userptr_t data, size_t len ) {

  488. 	struct digest_algorithm *digest = info->digest;

  489. 	struct pubkey_algorithm *pubkey = info->pubkey;

  490. 	struct x509_public_key *public_key = &cert->subject.public_key;

  491. 	uint8_t digest_out[ digest->digestsize ];

  492. 	uint8_t ctx[ pubkey->ctxsize ];

  493. 	int rc;

  494. 

  495. 	/* Generate digest */

  496. 	cms_digest ( sig, info, data, len, digest_out );

  497. 

  498. 	/* Initialise public-key algorithm */

  499. 	if ( ( rc = pubkey_init ( pubkey, ctx, public_key->raw.data,

  500. 				  public_key->raw.len ) ) != 0 ) {

  501. 		DBGC ( sig, "CMS %p/%p could not initialise public key: %s\n",

  502. 		       sig, info, strerror ( rc ) );

  503. 		goto err_init;

  504. 	}

  505. 

  506. 	/* Verify digest */

  507. 	if ( ( rc = pubkey_verify ( pubkey, ctx, digest, digest_out,

  508. 				    info->signature,

  509. 				    info->signature_len ) ) != 0 ) {

  510. 		DBGC ( sig, "CMS %p/%p signature verification failed: %s\n",

  511. 		       sig, info, strerror ( rc ) );

  512. 		return rc;

  513. 	}

  514. 

  515. 	pubkey_final ( pubkey, ctx );

  516.  err_init:

  517. 	return rc;

  518. }

  519. 

  520. /**

  521.  * Verify CMS signature signer information

  522.  *

  523.  * @v sig		CMS signature

  524.  * @v info		Signer information

  525.  * @v data		Signed data

  526.  * @v len		Length of signed data

  527.  * @v name		Required common name, or NULL to allow any name

  528.  * @v time		Time at which to validate certificates

  529.  * @v root		Root certificate store, or NULL to use default

  530.  * @ret rc		Return status code

  531.  */

  532. static int cms_verify_signer_info ( struct cms_signature *sig,

  533. 				    struct cms_signer_info *info,

  534. 				    userptr_t data, size_t len,

  535. 				    const char *name, time_t time,

  536. 				    struct x509_root *root ) {

  537. 	struct cms_chain_context context;

  538. 	struct x509_certificate cert;

  539. 	int rc;

  540. 

  541. 	/* Validate certificate chain */

  542. 	context.sig = sig;

  543. 	context.info = info;

  544. 	if ( ( rc = x509_validate_chain ( cms_parse_next, &context, time, root,

  545. 					  &cert ) ) != 0 ) {

  546. 		DBGC ( sig, "CMS %p/%p could not validate chain: %s\n",

  547. 		       sig, info, strerror ( rc ) );

  548. 		return rc;

  549. 	}

  550. 

  551. 	/* Check that certificate can create digital signatures */

  552. 	if ( ! ( cert.extensions.usage.bits & X509_DIGITAL_SIGNATURE ) ) {

  553. 		DBGC ( sig, "CMS %p/%p certificate cannot create signatures\n",

  554. 		       sig, info );

  555. 		return -EACCES_NON_SIGNING;

  556. 	}

  557. 

  558. 	/* Check that certificate can sign code */

  559. 	if ( ! ( cert.extensions.ext_usage.bits & X509_CODE_SIGNING ) ) {

  560. 		DBGC ( sig, "CMS %p/%p certificate is not code-signing\n",

  561. 		       sig, info );

  562. 		return -EACCES_NON_CODE_SIGNING;

  563. 	}

  564. 

  565. 	/* Check certificate name, if applicable */

  566. 	if ( ( name != NULL ) &&

  567. 	     ( ( cert.subject.name.len != strlen ( name ) ) ||

  568. 	       ( memcmp ( cert.subject.name.data, name,

  569. 			  cert.subject.name.len ) != 0 ) ) ) {

  570. 		DBGC ( sig, "CMS %p/%p certificate name incorrect\n",

  571. 		       sig, info );

  572. 		return -EACCES_WRONG_NAME;

  573. 	}

  574. 

  575. 	/* Verify digest */

  576. 	if ( ( rc = cms_verify_digest ( sig, info, &cert, data, len ) ) != 0 )

  577. 		return rc;

  578. 

  579. 	return 0;

  580. }

  581. 

  582. /**

  583.  * Verify CMS signature

  584.  *

  585.  * @v sig		CMS signature

  586.  * @v data		Signed data

  587.  * @v len		Length of signed data

  588.  * @v name		Required common name, or NULL to allow any name

  589.  * @v time		Time at which to validate certificates

  590.  * @v root		Root certificate store, or NULL to use default

  591.  * @ret rc		Return status code

  592.  */

  593. int cms_verify ( struct cms_signature *sig, userptr_t data, size_t len,

  594. 		 const char *name, time_t time, struct x509_root *root ) {

  595. 	int rc;

  596. 

  597. 	/* Verify using first signerInfo */

  598. 	if ( ( rc = cms_verify_signer_info ( sig, &sig->info, data, len,

  599. 					     name, time, root ) ) != 0 )

  600. 		return rc;

  601. 

  602. 	return 0;

  603. }