andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: andre@0: /* andre@0: * Stuff specific to S/MIME policy and interoperability. andre@0: * Depends on PKCS7, but there should be no dependency the other way around. andre@0: */ andre@0: andre@0: #include "secmime.h" andre@0: #include "secoid.h" andre@0: #include "pk11func.h" andre@0: #include "ciferfam.h" /* for CIPHER_FAMILY symbols */ andre@0: #include "secasn1.h" andre@0: #include "secitem.h" andre@0: #include "cert.h" andre@0: #include "key.h" andre@0: #include "secerr.h" andre@0: andre@0: typedef struct smime_cipher_map_struct { andre@0: unsigned long cipher; andre@0: SECOidTag algtag; andre@0: SECItem *parms; andre@0: } smime_cipher_map; andre@0: andre@0: /* andre@0: * These are macros because I think some subsequent parameters, andre@0: * like those for RC5, will want to use them, too, separately. andre@0: */ andre@0: #define SMIME_DER_INTVAL_16 SEC_ASN1_INTEGER, 0x01, 0x10 andre@0: #define SMIME_DER_INTVAL_40 SEC_ASN1_INTEGER, 0x01, 0x28 andre@0: #define SMIME_DER_INTVAL_64 SEC_ASN1_INTEGER, 0x01, 0x40 andre@0: #define SMIME_DER_INTVAL_128 SEC_ASN1_INTEGER, 0x02, 0x00, 0x80 andre@0: andre@0: #ifdef SMIME_DOES_RC5 /* will be needed; quiet unused warning for now */ andre@0: static unsigned char smime_int16[] = { SMIME_DER_INTVAL_16 }; andre@0: #endif andre@0: static unsigned char smime_int40[] = { SMIME_DER_INTVAL_40 }; andre@0: static unsigned char smime_int64[] = { SMIME_DER_INTVAL_64 }; andre@0: static unsigned char smime_int128[] = { SMIME_DER_INTVAL_128 }; andre@0: andre@0: static SECItem smime_rc2p40 = { siBuffer, smime_int40, sizeof(smime_int40) }; andre@0: static SECItem smime_rc2p64 = { siBuffer, smime_int64, sizeof(smime_int64) }; andre@0: static SECItem smime_rc2p128 = { siBuffer, smime_int128, sizeof(smime_int128) }; andre@0: andre@0: static smime_cipher_map smime_cipher_maps[] = { andre@0: { SMIME_RC2_CBC_40, SEC_OID_RC2_CBC, &smime_rc2p40 }, andre@0: { SMIME_RC2_CBC_64, SEC_OID_RC2_CBC, &smime_rc2p64 }, andre@0: { SMIME_RC2_CBC_128, SEC_OID_RC2_CBC, &smime_rc2p128 }, andre@0: #ifdef SMIME_DOES_RC5 andre@0: { SMIME_RC5PAD_64_16_40, SEC_OID_RC5_CBC_PAD, &smime_rc5p40 }, andre@0: { SMIME_RC5PAD_64_16_64, SEC_OID_RC5_CBC_PAD, &smime_rc5p64 }, andre@0: { SMIME_RC5PAD_64_16_128, SEC_OID_RC5_CBC_PAD, &smime_rc5p128 }, andre@0: #endif andre@0: { SMIME_DES_CBC_56, SEC_OID_DES_CBC, NULL }, andre@0: { SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL } andre@0: }; andre@0: andre@0: /* andre@0: * Note, the following value really just needs to be an upper bound andre@0: * on the ciphers. andre@0: */ andre@0: static const int smime_symmetric_count = sizeof(smime_cipher_maps) andre@0: / sizeof(smime_cipher_map); andre@0: andre@0: static unsigned long *smime_prefs, *smime_newprefs; andre@0: static int smime_current_pref_index = 0; andre@0: static PRBool smime_prefs_complete = PR_FALSE; andre@0: static PRBool smime_prefs_changed = PR_TRUE; andre@0: andre@0: static unsigned long smime_policy_bits = 0; andre@0: andre@0: andre@0: static int andre@0: smime_mapi_by_cipher (unsigned long cipher) andre@0: { andre@0: int i; andre@0: andre@0: for (i = 0; i < smime_symmetric_count; i++) { andre@0: if (smime_cipher_maps[i].cipher == cipher) andre@0: break; andre@0: } andre@0: andre@0: if (i == smime_symmetric_count) andre@0: return -1; andre@0: andre@0: return i; andre@0: } andre@0: andre@0: andre@0: /* andre@0: * this function locally records the user's preference andre@0: */ andre@0: SECStatus andre@0: SECMIME_EnableCipher(long which, int on) andre@0: { andre@0: unsigned long mask; andre@0: andre@0: if (smime_newprefs == NULL || smime_prefs_complete) { andre@0: /* andre@0: * This is either the very first time, or we are starting over. andre@0: */ andre@0: smime_newprefs = (unsigned long*)PORT_ZAlloc (smime_symmetric_count andre@0: * sizeof(*smime_newprefs)); andre@0: if (smime_newprefs == NULL) andre@0: return SECFailure; andre@0: smime_current_pref_index = 0; andre@0: smime_prefs_complete = PR_FALSE; andre@0: } andre@0: andre@0: mask = which & CIPHER_FAMILYID_MASK; andre@0: if (mask == CIPHER_FAMILYID_MASK) { andre@0: /* andre@0: * This call signifies that all preferences have been set. andre@0: * Move "newprefs" over, after checking first whether or andre@0: * not the new ones are different from the old ones. andre@0: */ andre@0: if (smime_prefs != NULL) { andre@0: if (PORT_Memcmp (smime_prefs, smime_newprefs, andre@0: smime_symmetric_count * sizeof(*smime_prefs)) == 0) andre@0: smime_prefs_changed = PR_FALSE; andre@0: else andre@0: smime_prefs_changed = PR_TRUE; andre@0: PORT_Free (smime_prefs); andre@0: } andre@0: andre@0: smime_prefs = smime_newprefs; andre@0: smime_prefs_complete = PR_TRUE; andre@0: return SECSuccess; andre@0: } andre@0: andre@0: PORT_Assert (mask == CIPHER_FAMILYID_SMIME); andre@0: if (mask != CIPHER_FAMILYID_SMIME) { andre@0: /* XXX set an error! */ andre@0: return SECFailure; andre@0: } andre@0: andre@0: if (on) { andre@0: PORT_Assert (smime_current_pref_index < smime_symmetric_count); andre@0: if (smime_current_pref_index >= smime_symmetric_count) { andre@0: /* XXX set an error! */ andre@0: return SECFailure; andre@0: } andre@0: andre@0: smime_newprefs[smime_current_pref_index++] = which; andre@0: } andre@0: andre@0: return SECSuccess; andre@0: } andre@0: andre@0: andre@0: /* andre@0: * this function locally records the export policy andre@0: */ andre@0: SECStatus andre@0: SECMIME_SetPolicy(long which, int on) andre@0: { andre@0: unsigned long mask; andre@0: andre@0: PORT_Assert ((which & CIPHER_FAMILYID_MASK) == CIPHER_FAMILYID_SMIME); andre@0: if ((which & CIPHER_FAMILYID_MASK) != CIPHER_FAMILYID_SMIME) { andre@0: /* XXX set an error! */ andre@0: return SECFailure; andre@0: } andre@0: andre@0: which &= ~CIPHER_FAMILYID_MASK; andre@0: andre@0: PORT_Assert (which < 32); /* bits in the long */ andre@0: if (which >= 32) { andre@0: /* XXX set an error! */ andre@0: return SECFailure; andre@0: } andre@0: andre@0: mask = 1UL << which; andre@0: andre@0: if (on) { andre@0: smime_policy_bits |= mask; andre@0: } else { andre@0: smime_policy_bits &= ~mask; andre@0: } andre@0: andre@0: return SECSuccess; andre@0: } andre@0: andre@0: andre@0: /* andre@0: * Based on the given algorithm (including its parameters, in some cases!) andre@0: * and the given key (may or may not be inspected, depending on the andre@0: * algorithm), find the appropriate policy algorithm specification andre@0: * and return it. If no match can be made, -1 is returned. andre@0: */ andre@0: static long andre@0: smime_policy_algorithm (SECAlgorithmID *algid, PK11SymKey *key) andre@0: { andre@0: SECOidTag algtag; andre@0: andre@0: algtag = SECOID_GetAlgorithmTag (algid); andre@0: switch (algtag) { andre@0: case SEC_OID_RC2_CBC: andre@0: { andre@0: unsigned int keylen_bits; andre@0: andre@0: keylen_bits = PK11_GetKeyStrength (key, algid); andre@0: switch (keylen_bits) { andre@0: case 40: andre@0: return SMIME_RC2_CBC_40; andre@0: case 64: andre@0: return SMIME_RC2_CBC_64; andre@0: case 128: andre@0: return SMIME_RC2_CBC_128; andre@0: default: andre@0: break; andre@0: } andre@0: } andre@0: break; andre@0: case SEC_OID_DES_CBC: andre@0: return SMIME_DES_CBC_56; andre@0: case SEC_OID_DES_EDE3_CBC: andre@0: return SMIME_DES_EDE3_168; andre@0: #ifdef SMIME_DOES_RC5 andre@0: case SEC_OID_RC5_CBC_PAD: andre@0: PORT_Assert (0); /* XXX need to pull out parameters and match */ andre@0: break; andre@0: #endif andre@0: default: andre@0: break; andre@0: } andre@0: andre@0: return -1; andre@0: } andre@0: andre@0: andre@0: static PRBool andre@0: smime_cipher_allowed (unsigned long which) andre@0: { andre@0: unsigned long mask; andre@0: andre@0: which &= ~CIPHER_FAMILYID_MASK; andre@0: PORT_Assert (which < 32); /* bits per long (min) */ andre@0: if (which >= 32) andre@0: return PR_FALSE; andre@0: andre@0: mask = 1UL << which; andre@0: if ((mask & smime_policy_bits) == 0) andre@0: return PR_FALSE; andre@0: andre@0: return PR_TRUE; andre@0: } andre@0: andre@0: andre@0: PRBool andre@0: SECMIME_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key) andre@0: { andre@0: long which; andre@0: andre@0: which = smime_policy_algorithm (algid, key); andre@0: if (which < 0) andre@0: return PR_FALSE; andre@0: andre@0: return smime_cipher_allowed ((unsigned long)which); andre@0: } andre@0: andre@0: andre@0: /* andre@0: * Does the current policy allow *any* S/MIME encryption (or decryption)? andre@0: * andre@0: * This tells whether or not *any* S/MIME encryption can be done, andre@0: * according to policy. Callers may use this to do nicer user interface andre@0: * (say, greying out a checkbox so a user does not even try to encrypt andre@0: * a message when they are not allowed to) or for any reason they want andre@0: * to check whether S/MIME encryption (or decryption, for that matter) andre@0: * may be done. andre@0: * andre@0: * It takes no arguments. The return value is a simple boolean: andre@0: * PR_TRUE means encryption (or decryption) is *possible* andre@0: * (but may still fail due to other reasons, like because we cannot andre@0: * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee) andre@0: * PR_FALSE means encryption (or decryption) is not permitted andre@0: * andre@0: * There are no errors from this routine. andre@0: */ andre@0: PRBool andre@0: SECMIME_EncryptionPossible (void) andre@0: { andre@0: if (smime_policy_bits != 0) andre@0: return PR_TRUE; andre@0: andre@0: return PR_FALSE; andre@0: } andre@0: andre@0: andre@0: /* andre@0: * XXX Would like the "parameters" field to be a SECItem *, but the andre@0: * encoder is having trouble with optional pointers to an ANY. Maybe andre@0: * once that is fixed, can change this back... andre@0: */ andre@0: typedef struct smime_capability_struct { andre@0: unsigned long cipher; /* local; not part of encoding */ andre@0: SECOidTag capIDTag; /* local; not part of encoding */ andre@0: SECItem capabilityID; andre@0: SECItem parameters; andre@0: } smime_capability; andre@0: andre@0: static const SEC_ASN1Template smime_capability_template[] = { andre@0: { SEC_ASN1_SEQUENCE, andre@0: 0, NULL, sizeof(smime_capability) }, andre@0: { SEC_ASN1_OBJECT_ID, andre@0: offsetof(smime_capability,capabilityID), }, andre@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY, andre@0: offsetof(smime_capability,parameters), }, andre@0: { 0, } andre@0: }; andre@0: andre@0: static const SEC_ASN1Template smime_capabilities_template[] = { andre@0: { SEC_ASN1_SEQUENCE_OF, 0, smime_capability_template } andre@0: }; andre@0: andre@0: andre@0: andre@0: static void andre@0: smime_fill_capability (smime_capability *cap) andre@0: { andre@0: unsigned long cipher; andre@0: SECOidTag algtag; andre@0: int i; andre@0: andre@0: algtag = SECOID_FindOIDTag (&(cap->capabilityID)); andre@0: andre@0: for (i = 0; i < smime_symmetric_count; i++) { andre@0: if (smime_cipher_maps[i].algtag != algtag) andre@0: continue; andre@0: /* andre@0: * XXX If SECITEM_CompareItem allowed NULLs as arguments (comparing andre@0: * 2 NULLs as equal and NULL and non-NULL as not equal), we could andre@0: * use that here instead of all of the following comparison code. andre@0: */ andre@0: if (cap->parameters.data != NULL) { andre@0: if (smime_cipher_maps[i].parms == NULL) andre@0: continue; andre@0: if (cap->parameters.len != smime_cipher_maps[i].parms->len) andre@0: continue; andre@0: if (PORT_Memcmp (cap->parameters.data, andre@0: smime_cipher_maps[i].parms->data, andre@0: cap->parameters.len) == 0) andre@0: break; andre@0: } else if (smime_cipher_maps[i].parms == NULL) { andre@0: break; andre@0: } andre@0: } andre@0: andre@0: if (i == smime_symmetric_count) andre@0: cipher = 0; andre@0: else andre@0: cipher = smime_cipher_maps[i].cipher; andre@0: andre@0: cap->cipher = cipher; andre@0: cap->capIDTag = algtag; andre@0: } andre@0: andre@0: andre@0: static long andre@0: smime_choose_cipher (CERTCertificate *scert, CERTCertificate **rcerts) andre@0: { andre@0: PLArenaPool *poolp; andre@0: long chosen_cipher; andre@0: int *cipher_abilities; andre@0: int *cipher_votes; andre@0: int strong_mapi; andre@0: int rcount, mapi, max; andre@0: andre@0: if (smime_policy_bits == 0) { andre@0: PORT_SetError (SEC_ERROR_BAD_EXPORT_ALGORITHM); andre@0: return -1; andre@0: } andre@0: andre@0: chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */ andre@0: andre@0: poolp = PORT_NewArena (1024); /* XXX what is right value? */ andre@0: if (poolp == NULL) andre@0: goto done; andre@0: andre@0: cipher_abilities = (int*)PORT_ArenaZAlloc (poolp, andre@0: smime_symmetric_count * sizeof(int)); andre@0: if (cipher_abilities == NULL) andre@0: goto done; andre@0: andre@0: cipher_votes = (int*)PORT_ArenaZAlloc (poolp, andre@0: smime_symmetric_count * sizeof(int)); andre@0: if (cipher_votes == NULL) andre@0: goto done; andre@0: andre@0: /* andre@0: * XXX Should have a #define somewhere which specifies default andre@0: * strong cipher. (Or better, a way to configure.) andre@0: */ andre@0: andre@0: /* Make triple-DES the strong cipher. */ andre@0: strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168); andre@0: andre@0: PORT_Assert (strong_mapi >= 0); andre@0: andre@0: for (rcount = 0; rcerts[rcount] != NULL; rcount++) { andre@0: SECItem *profile; andre@0: smime_capability **caps; andre@0: int capi, pref; andre@0: SECStatus dstat; andre@0: andre@0: pref = smime_symmetric_count; andre@0: profile = CERT_FindSMimeProfile (rcerts[rcount]); andre@0: if (profile != NULL && profile->data != NULL && profile->len > 0) { andre@0: caps = NULL; andre@0: dstat = SEC_QuickDERDecodeItem (poolp, &caps, andre@0: smime_capabilities_template, andre@0: profile); andre@0: if (dstat == SECSuccess && caps != NULL) { andre@0: for (capi = 0; caps[capi] != NULL; capi++) { andre@0: smime_fill_capability (caps[capi]); andre@0: mapi = smime_mapi_by_cipher (caps[capi]->cipher); andre@0: if (mapi >= 0) { andre@0: cipher_abilities[mapi]++; andre@0: cipher_votes[mapi] += pref; andre@0: --pref; andre@0: } andre@0: } andre@0: } andre@0: } else { andre@0: SECKEYPublicKey *key; andre@0: unsigned int pklen_bits; andre@0: andre@0: /* andre@0: * XXX This is probably only good for RSA keys. What I would andre@0: * really like is a function to just say; Is the public key in andre@0: * this cert an export-length key? Then I would not have to andre@0: * know things like the value 512, or the kind of key, or what andre@0: * a subjectPublicKeyInfo is, etc. andre@0: */ andre@0: key = CERT_ExtractPublicKey (rcerts[rcount]); andre@0: if (key != NULL) { andre@0: pklen_bits = SECKEY_PublicKeyStrength (key) * 8; andre@0: SECKEY_DestroyPublicKey (key); andre@0: andre@0: if (pklen_bits > 512) { andre@0: cipher_abilities[strong_mapi]++; andre@0: cipher_votes[strong_mapi] += pref; andre@0: } andre@0: } andre@0: } andre@0: if (profile != NULL) andre@0: SECITEM_FreeItem (profile, PR_TRUE); andre@0: } andre@0: andre@0: max = 0; andre@0: for (mapi = 0; mapi < smime_symmetric_count; mapi++) { andre@0: if (cipher_abilities[mapi] != rcount) andre@0: continue; andre@0: if (! smime_cipher_allowed (smime_cipher_maps[mapi].cipher)) andre@0: continue; andre@0: if (cipher_votes[mapi] > max) { andre@0: chosen_cipher = smime_cipher_maps[mapi].cipher; andre@0: max = cipher_votes[mapi]; andre@0: } /* XXX else if a tie, let scert break it? */ andre@0: } andre@0: andre@0: done: andre@0: if (poolp != NULL) andre@0: PORT_FreeArena (poolp, PR_FALSE); andre@0: andre@0: return chosen_cipher; andre@0: } andre@0: andre@0: andre@0: /* andre@0: * XXX This is a hack for now to satisfy our current interface. andre@0: * Eventually, with more parameters needing to be specified, just andre@0: * looking up the keysize is not going to be sufficient. andre@0: */ andre@0: static int andre@0: smime_keysize_by_cipher (unsigned long which) andre@0: { andre@0: int keysize; andre@0: andre@0: switch (which) { andre@0: case SMIME_RC2_CBC_40: andre@0: keysize = 40; andre@0: break; andre@0: case SMIME_RC2_CBC_64: andre@0: keysize = 64; andre@0: break; andre@0: case SMIME_RC2_CBC_128: andre@0: keysize = 128; andre@0: break; andre@0: #ifdef SMIME_DOES_RC5 andre@0: case SMIME_RC5PAD_64_16_40: andre@0: case SMIME_RC5PAD_64_16_64: andre@0: case SMIME_RC5PAD_64_16_128: andre@0: /* XXX See comment above; keysize is not enough... */ andre@0: PORT_Assert (0); andre@0: PORT_SetError (SEC_ERROR_INVALID_ALGORITHM); andre@0: keysize = -1; andre@0: break; andre@0: #endif andre@0: case SMIME_DES_CBC_56: andre@0: case SMIME_DES_EDE3_168: andre@0: /* andre@0: * These are special; since the key size is fixed, we actually andre@0: * want to *avoid* specifying a key size. andre@0: */ andre@0: keysize = 0; andre@0: break; andre@0: default: andre@0: keysize = -1; andre@0: break; andre@0: } andre@0: andre@0: return keysize; andre@0: } andre@0: andre@0: andre@0: /* andre@0: * Start an S/MIME encrypting context. andre@0: * andre@0: * "scert" is the cert for the sender. It will be checked for validity. andre@0: * "rcerts" are the certs for the recipients. They will also be checked. andre@0: * andre@0: * "certdb" is the cert database to use for verifying the certs. andre@0: * It can be NULL if a default database is available (like in the client). andre@0: * andre@0: * This function already does all of the stuff specific to S/MIME protocol andre@0: * and local policy; the return value just needs to be passed to andre@0: * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data, andre@0: * and finally to SEC_PKCS7DestroyContentInfo(). andre@0: * andre@0: * An error results in a return value of NULL and an error set. andre@0: * (Retrieve specific errors via PORT_GetError()/XP_GetError().) andre@0: */ andre@0: SEC_PKCS7ContentInfo * andre@0: SECMIME_CreateEncrypted(CERTCertificate *scert, andre@0: CERTCertificate **rcerts, andre@0: CERTCertDBHandle *certdb, andre@0: SECKEYGetPasswordKey pwfn, andre@0: void *pwfn_arg) andre@0: { andre@0: SEC_PKCS7ContentInfo *cinfo; andre@0: long cipher; andre@0: SECOidTag encalg; andre@0: int keysize; andre@0: int mapi, rci; andre@0: andre@0: cipher = smime_choose_cipher (scert, rcerts); andre@0: if (cipher < 0) andre@0: return NULL; andre@0: andre@0: mapi = smime_mapi_by_cipher (cipher); andre@0: if (mapi < 0) andre@0: return NULL; andre@0: andre@0: /* andre@0: * XXX This is stretching it -- CreateEnvelopedData should probably andre@0: * take a cipher itself of some sort, because we cannot know what the andre@0: * future will bring in terms of parameters for each type of algorithm. andre@0: * For example, just an algorithm and keysize is *not* sufficient to andre@0: * fully specify the usage of RC5 (which also needs to know rounds and andre@0: * block size). Work this out into a better API! andre@0: */ andre@0: encalg = smime_cipher_maps[mapi].algtag; andre@0: keysize = smime_keysize_by_cipher (cipher); andre@0: if (keysize < 0) andre@0: return NULL; andre@0: andre@0: cinfo = SEC_PKCS7CreateEnvelopedData (scert, certUsageEmailRecipient, andre@0: certdb, encalg, keysize, andre@0: pwfn, pwfn_arg); andre@0: if (cinfo == NULL) andre@0: return NULL; andre@0: andre@0: for (rci = 0; rcerts[rci] != NULL; rci++) { andre@0: if (rcerts[rci] == scert) andre@0: continue; andre@0: if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient, andre@0: NULL) != SECSuccess) { andre@0: SEC_PKCS7DestroyContentInfo (cinfo); andre@0: return NULL; andre@0: } andre@0: } andre@0: andre@0: return cinfo; andre@0: } andre@0: andre@0: andre@0: static smime_capability **smime_capabilities; andre@0: static SECItem *smime_encoded_caps; andre@0: andre@0: andre@0: static SECStatus andre@0: smime_init_caps (void) andre@0: { andre@0: smime_capability *cap; andre@0: smime_cipher_map *map; andre@0: SECOidData *oiddata; andre@0: SECStatus rv; andre@0: int i; andre@0: andre@0: if (smime_encoded_caps != NULL && (! smime_prefs_changed)) andre@0: return SECSuccess; andre@0: andre@0: if (smime_encoded_caps != NULL) { andre@0: SECITEM_FreeItem (smime_encoded_caps, PR_TRUE); andre@0: smime_encoded_caps = NULL; andre@0: } andre@0: andre@0: if (smime_capabilities == NULL) { andre@0: smime_capabilities = (smime_capability**)PORT_ZAlloc ( andre@0: (smime_symmetric_count + 1) andre@0: * sizeof(smime_capability *)); andre@0: if (smime_capabilities == NULL) andre@0: return SECFailure; andre@0: } andre@0: andre@0: rv = SECFailure; andre@0: andre@0: /* andre@0: The process of creating the encoded PKCS7 cipher capability list andre@0: involves two basic steps: andre@0: andre@0: (a) Convert our internal representation of cipher preferences andre@0: (smime_prefs) into an array containing cipher OIDs and andre@0: parameter data (smime_capabilities). This step is andre@0: performed here. andre@0: andre@0: (b) Encode, using ASN.1, the cipher information in andre@0: smime_capabilities, leaving the encoded result in andre@0: smime_encoded_caps. andre@0: andre@0: (In the process of performing (a), Lisa put in some optimizations andre@0: which allow us to avoid needlessly re-populating elements in andre@0: smime_capabilities as we walk through smime_prefs.) andre@0: */ andre@0: for (i = 0; i < smime_current_pref_index; i++) { andre@0: int mapi; andre@0: andre@0: /* Get the next cipher preference in smime_prefs. */ andre@0: mapi = smime_mapi_by_cipher (smime_prefs[i]); andre@0: if (mapi < 0) andre@0: break; andre@0: andre@0: /* Find the corresponding entry in the cipher map. */ andre@0: PORT_Assert (mapi < smime_symmetric_count); andre@0: map = &(smime_cipher_maps[mapi]); andre@0: andre@0: /* andre@0: * Convert the next preference found in smime_prefs into an andre@0: * smime_capability. andre@0: */ andre@0: andre@0: cap = smime_capabilities[i]; andre@0: if (cap == NULL) { andre@0: cap = (smime_capability*)PORT_ZAlloc (sizeof(smime_capability)); andre@0: if (cap == NULL) andre@0: break; andre@0: smime_capabilities[i] = cap; andre@0: } else if (cap->cipher == smime_prefs[i]) { andre@0: continue; /* no change to this one */ andre@0: } andre@0: andre@0: cap->capIDTag = map->algtag; andre@0: oiddata = SECOID_FindOIDByTag (map->algtag); andre@0: if (oiddata == NULL) andre@0: break; andre@0: andre@0: if (cap->capabilityID.data != NULL) { andre@0: SECITEM_FreeItem (&(cap->capabilityID), PR_FALSE); andre@0: cap->capabilityID.data = NULL; andre@0: cap->capabilityID.len = 0; andre@0: } andre@0: andre@0: rv = SECITEM_CopyItem (NULL, &(cap->capabilityID), &(oiddata->oid)); andre@0: if (rv != SECSuccess) andre@0: break; andre@0: andre@0: if (map->parms == NULL) { andre@0: cap->parameters.data = NULL; andre@0: cap->parameters.len = 0; andre@0: } else { andre@0: cap->parameters.data = map->parms->data; andre@0: cap->parameters.len = map->parms->len; andre@0: } andre@0: andre@0: cap->cipher = smime_prefs[i]; andre@0: } andre@0: andre@0: if (i != smime_current_pref_index) andre@0: return rv; andre@0: andre@0: while (i < smime_symmetric_count) { andre@0: cap = smime_capabilities[i]; andre@0: if (cap != NULL) { andre@0: SECITEM_FreeItem (&(cap->capabilityID), PR_FALSE); andre@0: PORT_Free (cap); andre@0: } andre@0: smime_capabilities[i] = NULL; andre@0: i++; andre@0: } andre@0: smime_capabilities[i] = NULL; andre@0: andre@0: smime_encoded_caps = SEC_ASN1EncodeItem (NULL, NULL, &smime_capabilities, andre@0: smime_capabilities_template); andre@0: if (smime_encoded_caps == NULL) andre@0: return SECFailure; andre@0: andre@0: return SECSuccess; andre@0: } andre@0: andre@0: andre@0: static SECStatus andre@0: smime_add_profile (CERTCertificate *cert, SEC_PKCS7ContentInfo *cinfo) andre@0: { andre@0: PORT_Assert (smime_prefs_complete); andre@0: if (! smime_prefs_complete) andre@0: return SECFailure; andre@0: andre@0: /* For that matter, if capabilities haven't been initialized yet, andre@0: do so now. */ andre@0: if (smime_encoded_caps == NULL || smime_prefs_changed) { andre@0: SECStatus rv; andre@0: andre@0: rv = smime_init_caps(); andre@0: if (rv != SECSuccess) andre@0: return rv; andre@0: andre@0: PORT_Assert (smime_encoded_caps != NULL); andre@0: } andre@0: andre@0: return SEC_PKCS7AddSignedAttribute (cinfo, SEC_OID_PKCS9_SMIME_CAPABILITIES, andre@0: smime_encoded_caps); andre@0: } andre@0: andre@0: andre@0: /* andre@0: * Start an S/MIME signing context. andre@0: * andre@0: * "scert" is the cert that will be used to sign the data. It will be andre@0: * checked for validity. andre@0: * andre@0: * "ecert" is the signer's encryption cert. If it is different from andre@0: * scert, then it will be included in the signed message so that the andre@0: * recipient can save it for future encryptions. andre@0: * andre@0: * "certdb" is the cert database to use for verifying the cert. andre@0: * It can be NULL if a default database is available (like in the client). andre@0: * andre@0: * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1). andre@0: * XXX There should be SECMIME functions for hashing, or the hashing should andre@0: * be built into this interface, which we would like because we would andre@0: * support more smartcards that way, and then this argument should go away.) andre@0: * andre@0: * "digest" is the actual digest of the data. It must be provided in andre@0: * the case of detached data or NULL if the content will be included. andre@0: * andre@0: * This function already does all of the stuff specific to S/MIME protocol andre@0: * and local policy; the return value just needs to be passed to andre@0: * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data, andre@0: * and finally to SEC_PKCS7DestroyContentInfo(). andre@0: * andre@0: * An error results in a return value of NULL and an error set. andre@0: * (Retrieve specific errors via PORT_GetError()/XP_GetError().) andre@0: */ andre@0: andre@0: SEC_PKCS7ContentInfo * andre@0: SECMIME_CreateSigned (CERTCertificate *scert, andre@0: CERTCertificate *ecert, andre@0: CERTCertDBHandle *certdb, andre@0: SECOidTag digestalg, andre@0: SECItem *digest, andre@0: SECKEYGetPasswordKey pwfn, andre@0: void *pwfn_arg) andre@0: { andre@0: SEC_PKCS7ContentInfo *cinfo; andre@0: SECStatus rv; andre@0: andre@0: /* See note in header comment above about digestalg. */ andre@0: /* Doesn't explain this. PORT_Assert (digestalg == SEC_OID_SHA1); */ andre@0: andre@0: cinfo = SEC_PKCS7CreateSignedData (scert, certUsageEmailSigner, andre@0: certdb, digestalg, digest, andre@0: pwfn, pwfn_arg); andre@0: if (cinfo == NULL) andre@0: return NULL; andre@0: andre@0: if (SEC_PKCS7IncludeCertChain (cinfo, NULL) != SECSuccess) { andre@0: SEC_PKCS7DestroyContentInfo (cinfo); andre@0: return NULL; andre@0: } andre@0: andre@0: /* if the encryption cert and the signing cert differ, then include andre@0: * the encryption cert too. andre@0: */ andre@0: /* it is ok to compare the pointers since we ref count, and the same andre@0: * cert will always have the same pointer andre@0: */ andre@0: if ( ( ecert != NULL ) && ( ecert != scert ) ) { andre@0: rv = SEC_PKCS7AddCertificate(cinfo, ecert); andre@0: if ( rv != SECSuccess ) { andre@0: SEC_PKCS7DestroyContentInfo (cinfo); andre@0: return NULL; andre@0: } andre@0: } andre@0: /* andre@0: * Add the signing time. But if it fails for some reason, andre@0: * may as well not give up altogether -- just assert. andre@0: */ andre@0: rv = SEC_PKCS7AddSigningTime (cinfo); andre@0: PORT_Assert (rv == SECSuccess); andre@0: andre@0: /* andre@0: * Add the email profile. Again, if it fails for some reason, andre@0: * may as well not give up altogether -- just assert. andre@0: */ andre@0: rv = smime_add_profile (ecert, cinfo); andre@0: PORT_Assert (rv == SECSuccess); andre@0: andre@0: return cinfo; andre@0: }