您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713
  1. /*
  2. * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
  3. *
  4. * This program is free software; you can redistribute it and/or
  5. * modify it under the terms of the GNU General Public License as
  6. * published by the Free Software Foundation; either version 2 of the
  7. * License, or any later version.
  8. *
  9. * This program is distributed in the hope that it will be useful, but
  10. * WITHOUT ANY WARRANTY; without even the implied warranty of
  11. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  12. * General Public License for more details.
  13. *
  14. * You should have received a copy of the GNU General Public License
  15. * along with this program; if not, write to the Free Software
  16. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  17. * 02110-1301, USA.
  18. *
  19. * You can also choose to distribute this program under the terms of
  20. * the Unmodified Binary Distribution Licence (as given in the file
  21. * COPYING.UBDL), provided that you have satisfied its requirements.
  22. */
  23. FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
  24. /** @file
  25. *
  26. * Cryptographic Message Syntax (PKCS #7)
  27. *
  28. * The format of CMS messages is defined in RFC 5652.
  29. *
  30. */
  31. #include <stdint.h>
  32. #include <string.h>
  33. #include <time.h>
  34. #include <errno.h>
  35. #include <ipxe/asn1.h>
  36. #include <ipxe/x509.h>
  37. #include <ipxe/malloc.h>
  38. #include <ipxe/uaccess.h>
  39. #include <ipxe/cms.h>
  40. /* Disambiguate the various error causes */
  41. #define EACCES_NON_SIGNING \
  42. __einfo_error ( EINFO_EACCES_NON_SIGNING )
  43. #define EINFO_EACCES_NON_SIGNING \
  44. __einfo_uniqify ( EINFO_EACCES, 0x01, "Not a signing certificate" )
  45. #define EACCES_NON_CODE_SIGNING \
  46. __einfo_error ( EINFO_EACCES_NON_CODE_SIGNING )
  47. #define EINFO_EACCES_NON_CODE_SIGNING \
  48. __einfo_uniqify ( EINFO_EACCES, 0x02, "Not a code-signing certificate" )
  49. #define EACCES_WRONG_NAME \
  50. __einfo_error ( EINFO_EACCES_WRONG_NAME )
  51. #define EINFO_EACCES_WRONG_NAME \
  52. __einfo_uniqify ( EINFO_EACCES, 0x04, "Incorrect certificate name" )
  53. #define EACCES_NO_SIGNATURES \
  54. __einfo_error ( EINFO_EACCES_NO_SIGNATURES )
  55. #define EINFO_EACCES_NO_SIGNATURES \
  56. __einfo_uniqify ( EINFO_EACCES, 0x05, "No signatures present" )
  57. #define EINVAL_DIGEST \
  58. __einfo_error ( EINFO_EINVAL_DIGEST )
  59. #define EINFO_EINVAL_DIGEST \
  60. __einfo_uniqify ( EINFO_EINVAL, 0x01, "Not a digest algorithm" )
  61. #define EINVAL_PUBKEY \
  62. __einfo_error ( EINFO_EINVAL_PUBKEY )
  63. #define EINFO_EINVAL_PUBKEY \
  64. __einfo_uniqify ( EINFO_EINVAL, 0x02, "Not a public-key algorithm" )
  65. #define ENOTSUP_SIGNEDDATA \
  66. __einfo_error ( EINFO_ENOTSUP_SIGNEDDATA )
  67. #define EINFO_ENOTSUP_SIGNEDDATA \
  68. __einfo_uniqify ( EINFO_ENOTSUP, 0x01, "Not a digital signature" )
  69. /** "pkcs7-signedData" object identifier */
  70. static uint8_t oid_signeddata[] = { ASN1_OID_SIGNEDDATA };
  71. /** "pkcs7-signedData" object identifier cursor */
  72. static struct asn1_cursor oid_signeddata_cursor =
  73. ASN1_OID_CURSOR ( oid_signeddata );
  74. /**
  75. * Parse CMS signature content type
  76. *
  77. * @v sig CMS signature
  78. * @v raw ASN.1 cursor
  79. * @ret rc Return status code
  80. */
  81. static int cms_parse_content_type ( struct cms_signature *sig,
  82. const struct asn1_cursor *raw ) {
  83. struct asn1_cursor cursor;
  84. /* Enter contentType */
  85. memcpy ( &cursor, raw, sizeof ( cursor ) );
  86. asn1_enter ( &cursor, ASN1_OID );
  87. /* Check OID is pkcs7-signedData */
  88. if ( asn1_compare ( &cursor, &oid_signeddata_cursor ) != 0 ) {
  89. DBGC ( sig, "CMS %p does not contain signedData:\n", sig );
  90. DBGC_HDA ( sig, 0, raw->data, raw->len );
  91. return -ENOTSUP_SIGNEDDATA;
  92. }
  93. DBGC ( sig, "CMS %p contains signedData\n", sig );
  94. return 0;
  95. }
  96. /**
  97. * Parse CMS signature certificate list
  98. *
  99. * @v sig CMS signature
  100. * @v raw ASN.1 cursor
  101. * @ret rc Return status code
  102. */
  103. static int cms_parse_certificates ( struct cms_signature *sig,
  104. const struct asn1_cursor *raw ) {
  105. struct asn1_cursor cursor;
  106. struct x509_certificate *cert;
  107. int rc;
  108. /* Enter certificates */
  109. memcpy ( &cursor, raw, sizeof ( cursor ) );
  110. asn1_enter ( &cursor, ASN1_EXPLICIT_TAG ( 0 ) );
  111. /* Add each certificate */
  112. while ( cursor.len ) {
  113. /* Add certificate to chain */
  114. if ( ( rc = x509_append_raw ( sig->certificates, cursor.data,
  115. cursor.len ) ) != 0 ) {
  116. DBGC ( sig, "CMS %p could not append certificate: %s\n",
  117. sig, strerror ( rc) );
  118. DBGC_HDA ( sig, 0, cursor.data, cursor.len );
  119. return rc;
  120. }
  121. cert = x509_last ( sig->certificates );
  122. DBGC ( sig, "CMS %p found certificate %s\n",
  123. sig, x509_name ( cert ) );
  124. /* Move to next certificate */
  125. asn1_skip_any ( &cursor );
  126. }
  127. return 0;
  128. }
  129. /**
  130. * Identify CMS signature certificate by issuer and serial number
  131. *
  132. * @v sig CMS signature
  133. * @v issuer Issuer
  134. * @v serial Serial number
  135. * @ret cert X.509 certificate, or NULL if not found
  136. */
  137. static struct x509_certificate *
  138. cms_find_issuer_serial ( struct cms_signature *sig,
  139. const struct asn1_cursor *issuer,
  140. const struct asn1_cursor *serial ) {
  141. struct x509_link *link;
  142. struct x509_certificate *cert;
  143. /* Scan through certificate list */
  144. list_for_each_entry ( link, &sig->certificates->links, list ) {
  145. /* Check issuer and serial number */
  146. cert = link->cert;
  147. if ( ( asn1_compare ( issuer, &cert->issuer.raw ) == 0 ) &&
  148. ( asn1_compare ( serial, &cert->serial.raw ) == 0 ) )
  149. return cert;
  150. }
  151. return NULL;
  152. }
  153. /**
  154. * Parse CMS signature signer identifier
  155. *
  156. * @v sig CMS signature
  157. * @v info Signer information to fill in
  158. * @v raw ASN.1 cursor
  159. * @ret rc Return status code
  160. */
  161. static int cms_parse_signer_identifier ( struct cms_signature *sig,
  162. struct cms_signer_info *info,
  163. const struct asn1_cursor *raw ) {
  164. struct asn1_cursor cursor;
  165. struct asn1_cursor serial;
  166. struct asn1_cursor issuer;
  167. struct x509_certificate *cert;
  168. int rc;
  169. /* Enter issuerAndSerialNumber */
  170. memcpy ( &cursor, raw, sizeof ( cursor ) );
  171. asn1_enter ( &cursor, ASN1_SEQUENCE );
  172. /* Identify issuer */
  173. memcpy ( &issuer, &cursor, sizeof ( issuer ) );
  174. if ( ( rc = asn1_shrink ( &issuer, ASN1_SEQUENCE ) ) != 0 ) {
  175. DBGC ( sig, "CMS %p/%p could not locate issuer: %s\n",
  176. sig, info, strerror ( rc ) );
  177. DBGC_HDA ( sig, 0, raw->data, raw->len );
  178. return rc;
  179. }
  180. DBGC ( sig, "CMS %p/%p issuer is:\n", sig, info );
  181. DBGC_HDA ( sig, 0, issuer.data, issuer.len );
  182. asn1_skip_any ( &cursor );
  183. /* Identify serialNumber */
  184. memcpy ( &serial, &cursor, sizeof ( serial ) );
  185. if ( ( rc = asn1_shrink ( &serial, ASN1_INTEGER ) ) != 0 ) {
  186. DBGC ( sig, "CMS %p/%p could not locate serialNumber: %s\n",
  187. sig, info, strerror ( rc ) );
  188. DBGC_HDA ( sig, 0, raw->data, raw->len );
  189. return rc;
  190. }
  191. DBGC ( sig, "CMS %p/%p serial number is:\n", sig, info );
  192. DBGC_HDA ( sig, 0, serial.data, serial.len );
  193. /* Identify certificate */
  194. cert = cms_find_issuer_serial ( sig, &issuer, &serial );
  195. if ( ! cert ) {
  196. DBGC ( sig, "CMS %p/%p could not identify signer's "
  197. "certificate\n", sig, info );
  198. return -ENOENT;
  199. }
  200. /* Append certificate to chain */
  201. if ( ( rc = x509_append ( info->chain, cert ) ) != 0 ) {
  202. DBGC ( sig, "CMS %p/%p could not append certificate: %s\n",
  203. sig, info, strerror ( rc ) );
  204. return rc;
  205. }
  206. /* Append remaining certificates to chain */
  207. if ( ( rc = x509_auto_append ( info->chain,
  208. sig->certificates ) ) != 0 ) {
  209. DBGC ( sig, "CMS %p/%p could not append certificates: %s\n",
  210. sig, info, strerror ( rc ) );
  211. return rc;
  212. }
  213. return 0;
  214. }
  215. /**
  216. * Parse CMS signature digest algorithm
  217. *
  218. * @v sig CMS signature
  219. * @v info Signer information to fill in
  220. * @v raw ASN.1 cursor
  221. * @ret rc Return status code
  222. */
  223. static int cms_parse_digest_algorithm ( struct cms_signature *sig,
  224. struct cms_signer_info *info,
  225. const struct asn1_cursor *raw ) {
  226. struct asn1_algorithm *algorithm;
  227. int rc;
  228. /* Identify algorithm */
  229. if ( ( rc = asn1_digest_algorithm ( raw, &algorithm ) ) != 0 ) {
  230. DBGC ( sig, "CMS %p/%p could not identify digest algorithm: "
  231. "%s\n", sig, info, strerror ( rc ) );
  232. DBGC_HDA ( sig, 0, raw->data, raw->len );
  233. return rc;
  234. }
  235. /* Record digest algorithm */
  236. info->digest = algorithm->digest;
  237. DBGC ( sig, "CMS %p/%p digest algorithm is %s\n",
  238. sig, info, algorithm->name );
  239. return 0;
  240. }
  241. /**
  242. * Parse CMS signature algorithm
  243. *
  244. * @v sig CMS signature
  245. * @v info Signer information to fill in
  246. * @v raw ASN.1 cursor
  247. * @ret rc Return status code
  248. */
  249. static int cms_parse_signature_algorithm ( struct cms_signature *sig,
  250. struct cms_signer_info *info,
  251. const struct asn1_cursor *raw ) {
  252. struct asn1_algorithm *algorithm;
  253. int rc;
  254. /* Identify algorithm */
  255. if ( ( rc = asn1_pubkey_algorithm ( raw, &algorithm ) ) != 0 ) {
  256. DBGC ( sig, "CMS %p/%p could not identify public-key "
  257. "algorithm: %s\n", sig, info, strerror ( rc ) );
  258. DBGC_HDA ( sig, 0, raw->data, raw->len );
  259. return rc;
  260. }
  261. /* Record signature algorithm */
  262. info->pubkey = algorithm->pubkey;
  263. DBGC ( sig, "CMS %p/%p public-key algorithm is %s\n",
  264. sig, info, algorithm->name );
  265. return 0;
  266. }
  267. /**
  268. * Parse CMS signature value
  269. *
  270. * @v sig CMS signature
  271. * @v info Signer information to fill in
  272. * @v raw ASN.1 cursor
  273. * @ret rc Return status code
  274. */
  275. static int cms_parse_signature_value ( struct cms_signature *sig,
  276. struct cms_signer_info *info,
  277. const struct asn1_cursor *raw ) {
  278. struct asn1_cursor cursor;
  279. int rc;
  280. /* Enter signature */
  281. memcpy ( &cursor, raw, sizeof ( cursor ) );
  282. if ( ( rc = asn1_enter ( &cursor, ASN1_OCTET_STRING ) ) != 0 ) {
  283. DBGC ( sig, "CMS %p/%p could not locate signature:\n",
  284. sig, info );
  285. DBGC_HDA ( sig, 0, raw->data, raw->len );
  286. return rc;
  287. }
  288. /* Record signature */
  289. info->signature_len = cursor.len;
  290. info->signature = malloc ( info->signature_len );
  291. if ( ! info->signature )
  292. return -ENOMEM;
  293. memcpy ( info->signature, cursor.data, info->signature_len );
  294. DBGC ( sig, "CMS %p/%p signature value is:\n", sig, info );
  295. DBGC_HDA ( sig, 0, info->signature, info->signature_len );
  296. return 0;
  297. }
  298. /**
  299. * Parse CMS signature signer information
  300. *
  301. * @v sig CMS signature
  302. * @v info Signer information to fill in
  303. * @v raw ASN.1 cursor
  304. * @ret rc Return status code
  305. */
  306. static int cms_parse_signer_info ( struct cms_signature *sig,
  307. struct cms_signer_info *info,
  308. const struct asn1_cursor *raw ) {
  309. struct asn1_cursor cursor;
  310. int rc;
  311. /* Enter signerInfo */
  312. memcpy ( &cursor, raw, sizeof ( cursor ) );
  313. asn1_enter ( &cursor, ASN1_SEQUENCE );
  314. /* Skip version */
  315. asn1_skip ( &cursor, ASN1_INTEGER );
  316. /* Parse sid */
  317. if ( ( rc = cms_parse_signer_identifier ( sig, info, &cursor ) ) != 0 )
  318. return rc;
  319. asn1_skip_any ( &cursor );
  320. /* Parse digestAlgorithm */
  321. if ( ( rc = cms_parse_digest_algorithm ( sig, info, &cursor ) ) != 0 )
  322. return rc;
  323. asn1_skip_any ( &cursor );
  324. /* Skip signedAttrs, if present */
  325. asn1_skip_if_exists ( &cursor, ASN1_EXPLICIT_TAG ( 0 ) );
  326. /* Parse signatureAlgorithm */
  327. if ( ( rc = cms_parse_signature_algorithm ( sig, info, &cursor ) ) != 0)
  328. return rc;
  329. asn1_skip_any ( &cursor );
  330. /* Parse signature */
  331. if ( ( rc = cms_parse_signature_value ( sig, info, &cursor ) ) != 0 )
  332. return rc;
  333. return 0;
  334. }
  335. /**
  336. * Parse CMS signature from ASN.1 data
  337. *
  338. * @v sig CMS signature
  339. * @v raw ASN.1 cursor
  340. * @ret rc Return status code
  341. */
  342. static int cms_parse ( struct cms_signature *sig,
  343. const struct asn1_cursor *raw ) {
  344. struct asn1_cursor cursor;
  345. struct cms_signer_info *info;
  346. int rc;
  347. /* Enter contentInfo */
  348. memcpy ( &cursor, raw, sizeof ( cursor ) );
  349. asn1_enter ( &cursor, ASN1_SEQUENCE );
  350. /* Parse contentType */
  351. if ( ( rc = cms_parse_content_type ( sig, &cursor ) ) != 0 )
  352. return rc;
  353. asn1_skip_any ( &cursor );
  354. /* Enter content */
  355. asn1_enter ( &cursor, ASN1_EXPLICIT_TAG ( 0 ) );
  356. /* Enter signedData */
  357. asn1_enter ( &cursor, ASN1_SEQUENCE );
  358. /* Skip version */
  359. asn1_skip ( &cursor, ASN1_INTEGER );
  360. /* Skip digestAlgorithms */
  361. asn1_skip ( &cursor, ASN1_SET );
  362. /* Skip encapContentInfo */
  363. asn1_skip ( &cursor, ASN1_SEQUENCE );
  364. /* Parse certificates */
  365. if ( ( rc = cms_parse_certificates ( sig, &cursor ) ) != 0 )
  366. return rc;
  367. asn1_skip_any ( &cursor );
  368. /* Skip crls, if present */
  369. asn1_skip_if_exists ( &cursor, ASN1_EXPLICIT_TAG ( 1 ) );
  370. /* Enter signerInfos */
  371. asn1_enter ( &cursor, ASN1_SET );
  372. /* Add each signerInfo. Errors are handled by ensuring that
  373. * cms_put() will always be able to free any allocated memory.
  374. */
  375. while ( cursor.len ) {
  376. /* Allocate signer information block */
  377. info = zalloc ( sizeof ( *info ) );
  378. if ( ! info )
  379. return -ENOMEM;
  380. list_add ( &info->list, &sig->info );
  381. /* Allocate certificate chain */
  382. info->chain = x509_alloc_chain();
  383. if ( ! info->chain )
  384. return -ENOMEM;
  385. /* Parse signerInfo */
  386. if ( ( rc = cms_parse_signer_info ( sig, info,
  387. &cursor ) ) != 0 )
  388. return rc;
  389. asn1_skip_any ( &cursor );
  390. }
  391. return 0;
  392. }
  393. /**
  394. * Free CMS signature
  395. *
  396. * @v refcnt Reference count
  397. */
  398. static void cms_free ( struct refcnt *refcnt ) {
  399. struct cms_signature *sig =
  400. container_of ( refcnt, struct cms_signature, refcnt );
  401. struct cms_signer_info *info;
  402. struct cms_signer_info *tmp;
  403. list_for_each_entry_safe ( info, tmp, &sig->info, list ) {
  404. list_del ( &info->list );
  405. x509_chain_put ( info->chain );
  406. free ( info->signature );
  407. free ( info );
  408. }
  409. x509_chain_put ( sig->certificates );
  410. free ( sig );
  411. }
  412. /**
  413. * Create CMS signature
  414. *
  415. * @v data Raw signature data
  416. * @v len Length of raw data
  417. * @ret sig CMS signature
  418. * @ret rc Return status code
  419. *
  420. * On success, the caller holds a reference to the CMS signature, and
  421. * is responsible for ultimately calling cms_put().
  422. */
  423. int cms_signature ( const void *data, size_t len, struct cms_signature **sig ) {
  424. struct asn1_cursor cursor;
  425. int rc;
  426. /* Allocate and initialise signature */
  427. *sig = zalloc ( sizeof ( **sig ) );
  428. if ( ! *sig ) {
  429. rc = -ENOMEM;
  430. goto err_alloc;
  431. }
  432. ref_init ( &(*sig)->refcnt, cms_free );
  433. INIT_LIST_HEAD ( &(*sig)->info );
  434. /* Allocate certificate list */
  435. (*sig)->certificates = x509_alloc_chain();
  436. if ( ! (*sig)->certificates ) {
  437. rc = -ENOMEM;
  438. goto err_alloc_chain;
  439. }
  440. /* Initialise cursor */
  441. cursor.data = data;
  442. cursor.len = len;
  443. asn1_shrink_any ( &cursor );
  444. /* Parse signature */
  445. if ( ( rc = cms_parse ( *sig, &cursor ) ) != 0 )
  446. goto err_parse;
  447. return 0;
  448. err_parse:
  449. err_alloc_chain:
  450. cms_put ( *sig );
  451. err_alloc:
  452. return rc;
  453. }
  454. /**
  455. * Calculate digest of CMS-signed data
  456. *
  457. * @v sig CMS signature
  458. * @v info Signer information
  459. * @v data Signed data
  460. * @v len Length of signed data
  461. * @v out Digest output
  462. */
  463. static void cms_digest ( struct cms_signature *sig,
  464. struct cms_signer_info *info,
  465. userptr_t data, size_t len, void *out ) {
  466. struct digest_algorithm *digest = info->digest;
  467. uint8_t ctx[ digest->ctxsize ];
  468. uint8_t block[ digest->blocksize ];
  469. size_t offset = 0;
  470. size_t frag_len;
  471. /* Initialise digest */
  472. digest_init ( digest, ctx );
  473. /* Process data one block at a time */
  474. while ( len ) {
  475. frag_len = len;
  476. if ( frag_len > sizeof ( block ) )
  477. frag_len = sizeof ( block );
  478. copy_from_user ( block, data, offset, frag_len );
  479. digest_update ( digest, ctx, block, frag_len );
  480. offset += frag_len;
  481. len -= frag_len;
  482. }
  483. /* Finalise digest */
  484. digest_final ( digest, ctx, out );
  485. DBGC ( sig, "CMS %p/%p digest value:\n", sig, info );
  486. DBGC_HDA ( sig, 0, out, digest->digestsize );
  487. }
  488. /**
  489. * Verify digest of CMS-signed data
  490. *
  491. * @v sig CMS signature
  492. * @v info Signer information
  493. * @v cert Corresponding certificate
  494. * @v data Signed data
  495. * @v len Length of signed data
  496. * @ret rc Return status code
  497. */
  498. static int cms_verify_digest ( struct cms_signature *sig,
  499. struct cms_signer_info *info,
  500. struct x509_certificate *cert,
  501. userptr_t data, size_t len ) {
  502. struct digest_algorithm *digest = info->digest;
  503. struct pubkey_algorithm *pubkey = info->pubkey;
  504. struct x509_public_key *public_key = &cert->subject.public_key;
  505. uint8_t digest_out[ digest->digestsize ];
  506. uint8_t ctx[ pubkey->ctxsize ];
  507. int rc;
  508. /* Generate digest */
  509. cms_digest ( sig, info, data, len, digest_out );
  510. /* Initialise public-key algorithm */
  511. if ( ( rc = pubkey_init ( pubkey, ctx, public_key->raw.data,
  512. public_key->raw.len ) ) != 0 ) {
  513. DBGC ( sig, "CMS %p/%p could not initialise public key: %s\n",
  514. sig, info, strerror ( rc ) );
  515. goto err_init;
  516. }
  517. /* Verify digest */
  518. if ( ( rc = pubkey_verify ( pubkey, ctx, digest, digest_out,
  519. info->signature,
  520. info->signature_len ) ) != 0 ) {
  521. DBGC ( sig, "CMS %p/%p signature verification failed: %s\n",
  522. sig, info, strerror ( rc ) );
  523. goto err_verify;
  524. }
  525. err_verify:
  526. pubkey_final ( pubkey, ctx );
  527. err_init:
  528. return rc;
  529. }
  530. /**
  531. * Verify CMS signature signer information
  532. *
  533. * @v sig CMS signature
  534. * @v info Signer information
  535. * @v data Signed data
  536. * @v len Length of signed data
  537. * @v time Time at which to validate certificates
  538. * @v store Certificate store, or NULL to use default
  539. * @v root Root certificate list, or NULL to use default
  540. * @ret rc Return status code
  541. */
  542. static int cms_verify_signer_info ( struct cms_signature *sig,
  543. struct cms_signer_info *info,
  544. userptr_t data, size_t len,
  545. time_t time, struct x509_chain *store,
  546. struct x509_root *root ) {
  547. struct x509_certificate *cert;
  548. int rc;
  549. /* Validate certificate chain */
  550. if ( ( rc = x509_validate_chain ( info->chain, time, store,
  551. root ) ) != 0 ) {
  552. DBGC ( sig, "CMS %p/%p could not validate chain: %s\n",
  553. sig, info, strerror ( rc ) );
  554. return rc;
  555. }
  556. /* Extract code-signing certificate */
  557. cert = x509_first ( info->chain );
  558. assert ( cert != NULL );
  559. /* Check that certificate can create digital signatures */
  560. if ( ! ( cert->extensions.usage.bits & X509_DIGITAL_SIGNATURE ) ) {
  561. DBGC ( sig, "CMS %p/%p certificate cannot create signatures\n",
  562. sig, info );
  563. return -EACCES_NON_SIGNING;
  564. }
  565. /* Check that certificate can sign code */
  566. if ( ! ( cert->extensions.ext_usage.bits & X509_CODE_SIGNING ) ) {
  567. DBGC ( sig, "CMS %p/%p certificate is not code-signing\n",
  568. sig, info );
  569. return -EACCES_NON_CODE_SIGNING;
  570. }
  571. /* Verify digest */
  572. if ( ( rc = cms_verify_digest ( sig, info, cert, data, len ) ) != 0 )
  573. return rc;
  574. return 0;
  575. }
  576. /**
  577. * Verify CMS signature
  578. *
  579. * @v sig CMS signature
  580. * @v data Signed data
  581. * @v len Length of signed data
  582. * @v name Required common name, or NULL to check all signatures
  583. * @v time Time at which to validate certificates
  584. * @v store Certificate store, or NULL to use default
  585. * @v root Root certificate list, or NULL to use default
  586. * @ret rc Return status code
  587. */
  588. int cms_verify ( struct cms_signature *sig, userptr_t data, size_t len,
  589. const char *name, time_t time, struct x509_chain *store,
  590. struct x509_root *root ) {
  591. struct cms_signer_info *info;
  592. struct x509_certificate *cert;
  593. int count = 0;
  594. int rc;
  595. /* Verify using all signerInfos */
  596. list_for_each_entry ( info, &sig->info, list ) {
  597. cert = x509_first ( info->chain );
  598. if ( name && ( x509_check_name ( cert, name ) != 0 ) )
  599. continue;
  600. if ( ( rc = cms_verify_signer_info ( sig, info, data, len, time,
  601. store, root ) ) != 0 )
  602. return rc;
  603. count++;
  604. }
  605. /* Check that we have verified at least one signature */
  606. if ( count == 0 ) {
  607. if ( name ) {
  608. DBGC ( sig, "CMS %p had no signatures matching name "
  609. "%s\n", sig, name );
  610. return -EACCES_WRONG_NAME;
  611. } else {
  612. DBGC ( sig, "CMS %p had no signatures\n", sig );
  613. return -EACCES_NO_SIGNATURES;
  614. }
  615. }
  616. return 0;
  617. }