Merge pull request #6496 from JacobBarthelmeh/PKCS7

parse ASN1 only with SMIME_read_PKCS7
wolfSSL · Jul 10, 2023 · fa053be · fa053be
2 parents f2809c5 + 9d3a95a
commit fa053be
Show file tree

Hide file tree

Showing 3 changed files with 99 additions and 50 deletions.
diff --git a/src/ssl.c b/src/ssl.c
@@ -37036,19 +37036,14 @@ PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in, int len)
  return wolfSSL_d2i_PKCS7_ex(p7, in, len, NULL, 0);
 }
 
-/*****************************************************************************
-* wolfSSL_d2i_PKCS7_ex - Converts the given unsigned char buffer of size len
-* into a PKCS7 object. Optionally, accepts a byte buffer of content which
-* is stored as the PKCS7 object's content, to support detached signatures.
-* @param content The content which is signed, in case the signature is
-* detached. Ignored if NULL.
-* @param contentSz The size of the passed in content.
+/* This internal function is only decoding and setting up the PKCS7 struct. It
+* does not verify the PKCS7 signature.
 *
 * RETURNS:
 * returns pointer to a PKCS7 structure on success, otherwise returns NULL
 */
-PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
-   byte* content, word32 contentSz)
+static PKCS7* wolfSSL_d2i_PKCS7_only(PKCS7** p7, const unsigned char** in,
+ int len, byte* content, word32 contentSz)
 {
  WOLFSSL_PKCS7* pkcs7 = NULL;
 
@@ -37072,19 +37067,50 @@ PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
  pkcs7->pkcs7.content = content;
  pkcs7->pkcs7.contentSz = contentSz;
  }
- if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len)
- != 0) {
- WOLFSSL_MSG("wc_PKCS7_VerifySignedData failed");
- wolfSSL_PKCS7_free((PKCS7*)pkcs7);
- return NULL;
- }
 
  if (p7 != NULL)
  *p7 = (PKCS7*)pkcs7;
  *in += pkcs7->len;
  return (PKCS7*)pkcs7;
 }
 
+
+/*****************************************************************************
+* wolfSSL_d2i_PKCS7_ex - Converts the given unsigned char buffer of size len
+* into a PKCS7 object. Optionally, accepts a byte buffer of content which
+* is stored as the PKCS7 object's content, to support detached signatures.
+* @param content The content which is signed, in case the signature is
+* detached. Ignored if NULL.
+* @param contentSz The size of the passed in content.
+*
+* RETURNS:
+* returns pointer to a PKCS7 structure on success, otherwise returns NULL
+*/
+PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
+ byte* content, word32 contentSz)
+{
+ WOLFSSL_PKCS7* pkcs7 = NULL;
+
+ WOLFSSL_ENTER("wolfSSL_d2i_PKCS7_ex");
+
+ if (in == NULL || *in == NULL || len < 0)
+ return NULL;
+
+ pkcs7 = (WOLFSSL_PKCS7*)wolfSSL_d2i_PKCS7_only(p7, in, len, content,
+ contentSz);
+ if (pkcs7 != NULL) {
+ if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len)
+ != 0) {
+ WOLFSSL_MSG("wc_PKCS7_VerifySignedData failed");
+ wolfSSL_PKCS7_free((PKCS7*)pkcs7);
+ return NULL;
+ }
+ }
+
+ return (PKCS7*)pkcs7;
+}
+
+
 /**
  * This API was added as a helper function for libest. It
  * extracts a stack of certificates from the pkcs7 object.
@@ -38256,7 +38282,7 @@ PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in,
  WOLFSSL_MSG("Error base64 decoding S/MIME message.");
  goto error;
  }
- pkcs7 = wolfSSL_d2i_PKCS7_ex(NULL, (const unsigned char**)&out, outLen,
+ pkcs7 = wolfSSL_d2i_PKCS7_only(NULL, (const unsigned char**)&out, outLen,
  bcontMem, bcontMemSz);
 
  wc_MIME_free_hdrs(allHdrs);

diff --git a/tests/api.c b/tests/api.c
@@ -25656,18 +25656,32 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
  tempWrd32 = pkcs7->singleCertSz;
  pkcs7->singleCertSz = 0;
  }
+ #if defined(WOLFSSL_ASN_TEMPLATE)
  ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
  (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
- BAD_FUNC_ARG);
+ BUFFER_E);
+ #else
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ ASN_PARSE_E);
+ #endif
  if (pkcs7 != NULL) {
  pkcs7->singleCertSz = tempWrd32;
 
  tmpBytePtr = pkcs7->singleCert;
  pkcs7->singleCert = NULL;
  }
+ #if defined(NO_PKCS7_STREAM)
+ /* when none streaming mode is used and PKCS7 is in bad state buffer error
+ * is returned from kari parse which gets set to bad func arg */
  ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
  (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
  BAD_FUNC_ARG);
+ #else
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ ASN_PARSE_E);
+ #endif
  if (pkcs7 != NULL) {
  pkcs7->singleCert = tmpBytePtr;
  }
@@ -48860,7 +48874,7 @@ static int test_wolfSSL_SMIME_read_PKCS7(void)
  smimeTestFile = XFOPEN("./certs/test/smime-test-multipart-badsig.p7s", "r");
  ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
  pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
- ExpectNull(pkcs7);
+ ExpectNotNull(pkcs7); /* can read in the unverified smime bundle */
  ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
  PKCS7_NOVERIFY), SSL_FAILURE);
  XFCLOSE(smimeTestFile);

diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c
@@ -5771,29 +5771,30 @@ static int wc_PKCS7_KariParseRecipCert(WC_PKCS7_KARI* kari, const byte* cert,
  int ret;
  word32 idx;
 
- if (kari == NULL || kari->decoded == NULL ||
- cert == NULL || certSz == 0)
+ if (kari == NULL || kari->decoded == NULL) {
  return BAD_FUNC_ARG;
+ }
 
  /* decode certificate */
- InitDecodedCert(kari->decoded, (byte*)cert, certSz, kari->heap);
- kari->decodedInit = 1;
- ret = ParseCert(kari->decoded, CA_TYPE, NO_VERIFY, 0);
- if (ret < 0)
- return ret;
+ if (cert != NULL) {
+ InitDecodedCert(kari->decoded, (byte*)cert, certSz, kari->heap);
+ kari->decodedInit = 1;
+ ret = ParseCert(kari->decoded, CA_TYPE, NO_VERIFY, 0);
+ if (ret < 0)
+ return ret;
 
- /* only supports ECDSA for now */
- if (kari->decoded->keyOID != ECDSAk) {
- WOLFSSL_MSG("CMS KARI only supports ECDSA key types");
- return BAD_FUNC_ARG;
- }
+  /* only supports ECDSA for now */
+  if (kari->decoded->keyOID != ECDSAk) {
+  WOLFSSL_MSG("CMS KARI only supports ECDSA key types");
+  return BAD_FUNC_ARG;
+  }
 
- /* make sure subject key id was read from cert */
- if (kari->decoded->extSubjKeyIdSet == 0) {
- WOLFSSL_MSG("Failed to read subject key ID from recipient cert");
- return BAD_FUNC_ARG;
+ /* make sure subject key id was read from cert */
+ if (kari->decoded->extSubjKeyIdSet == 0) {
+ WOLFSSL_MSG("Failed to read subject key ID from recipient cert");
+ return BAD_FUNC_ARG;
+ }
  }
-
  ret = wc_ecc_init_ex(kari->recipKey, kari->heap, kari->devId);
  if (ret != 0)
  return ret;
@@ -5802,6 +5803,10 @@ static int wc_PKCS7_KariParseRecipCert(WC_PKCS7_KARI* kari, const byte* cert,
 
  /* get recip public key */
  if (kari->direction == WC_PKCS7_ENCODE) {
+ if (cert == NULL) {
+ WOLFSSL_MSG("Error recipient cert can not be null with encode");
+ return BAD_FUNC_ARG;
+ }
 
  idx = 0;
  ret = wc_EccPublicKeyDecode(kari->decoded->publicKey, &idx,
@@ -9270,7 +9275,14 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
  }
 
  /* if we found correct recipient, issuer hashes will match */
- if (XMEMCMP(rid, kari->decoded->issuerHash, keyIdSize) == 0) {
+ if (kari->decodedInit == 1) {
+ if (XMEMCMP(rid, kari->decoded->issuerHash, keyIdSize) == 0) {
+ *recipFound = 1;
+ }
+ }
+ else {
+ /* can not confirm recipient serial number with no cert provided */
+ WOLFSSL_MSG("No recipient cert loaded to match with CMS serial number");
  *recipFound = 1;
  }
 
@@ -9308,7 +9320,8 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
  return ret;
  }
 
- if (mp_cmp(recipSerial, serial) != MP_EQ) {
+ if (kari->decodedInit == 1 &&
+ mp_cmp(recipSerial, serial) != MP_EQ) {
  mp_clear(serial);
  mp_clear(recipSerial);
  WOLFSSL_MSG("CMS serial number does not match recipient");
@@ -9944,8 +9957,6 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
 
  WOLFSSL_ENTER("wc_PKCS7_DecryptKari");
  if (pkcs7 == NULL || pkiMsg == NULL ||
- ((pkcs7->singleCert == NULL || pkcs7->singleCertSz == 0) &&
- pkcs7->wrapCEKCb == NULL) ||
  idx == NULL || decryptedKey == NULL || decryptedKeySz == NULL) {
  return BAD_FUNC_ARG;
  }
@@ -9986,17 +9997,15 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
  encryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
 
  /* parse cert and key */
- if (pkcs7->singleCert != NULL) {
- ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert,
- pkcs7->singleCertSz, pkcs7->privateKey,
- pkcs7->privateKeySz);
- if (ret != 0) {
- wc_PKCS7_KariFree(kari);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
- #endif
- return ret;
- }
+ ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert,
+ pkcs7->singleCertSz, pkcs7->privateKey,
+ pkcs7->privateKeySz);
+ if (ret != 0) {
+ wc_PKCS7_KariFree(kari);
+ #ifdef WOLFSSL_SMALL_STACK
+ XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+ #endif
+ return ret;
  }
 
  /* remove OriginatorIdentifierOrKey */