diff options
Diffstat (limited to 'src/cms')
-rw-r--r-- | src/cms/Makefile | 12 | ||||
-rw-r--r-- | src/cms/cms_algo.cpp | 144 | ||||
-rw-r--r-- | src/cms/cms_comp.cpp | 102 | ||||
-rw-r--r-- | src/cms/cms_dalg.cpp | 270 | ||||
-rw-r--r-- | src/cms/cms_dec.cpp | 123 | ||||
-rw-r--r-- | src/cms/cms_dec.h | 63 | ||||
-rw-r--r-- | src/cms/cms_ealg.cpp | 371 | ||||
-rw-r--r-- | src/cms/cms_enc.cpp | 84 | ||||
-rw-r--r-- | src/cms/cms_enc.h | 74 | ||||
-rw-r--r-- | src/cms/tests/cms_dec.cpp | 111 | ||||
-rw-r--r-- | src/cms/tests/cms_enc.cpp | 46 |
11 files changed, 1400 insertions, 0 deletions
diff --git a/src/cms/Makefile b/src/cms/Makefile new file mode 100644 index 000000000..143c0d741 --- /dev/null +++ b/src/cms/Makefile @@ -0,0 +1,12 @@ + +SRCS=cms_algo.cpp cms_comp.cpp cms_dalg.cpp cms_dec.cpp cms_ealg.cpp cms_enc.cpp +OBJS=cms_algo.o cms_comp.o cms_dalg.o cms_dec.o cms_ealg.o cms_enc.o + +libcms.a: $(OBJS) + ar libcms.a $(OBJS) + +%.o: %.cpp + g++ -I. $(shell botan-config --cflags) -c $? -o $@ + +clean: + rm -f *.o diff --git a/src/cms/cms_algo.cpp b/src/cms/cms_algo.cpp new file mode 100644 index 000000000..efd016514 --- /dev/null +++ b/src/cms/cms_algo.cpp @@ -0,0 +1,144 @@ +/************************************************* +* CMS Algorithm Specific Code Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/cms_enc.h> +#include <botan/der_enc.h> +#include <botan/lookup.h> +#include <botan/filters.h> +#include <botan/libstate.h> +#include <botan/rc2.h> + +namespace Botan { + +namespace { + +/************************************************* +* Wrap a key as specified in RFC 3217 * +*************************************************/ +SecureVector<byte> do_rfc3217_wrap(RandomNumberGenerator& rng, + const std::string& cipher, + const SymmetricKey& kek, + const SecureVector<byte>& input) + { + class Flip_Bytes : public Filter + { + public: + void write(const byte data[], u32bit length) + { + buf.append(data, length); + } + void end_msg() + { + for(u32bit j = 0; j != buf.size(); j++) + send(buf[buf.size()-j-1]); + buf.destroy(); + } + Flip_Bytes(const SecureVector<byte>& prefix) { buf.append(prefix); } + private: + SecureVector<byte> buf; + }; + + if(block_size_of(cipher) != 8) + throw Encoding_Error("do_rfc3217_wrap: Bad cipher: " + cipher); + + Pipe icv(new Hash_Filter("SHA-160", 8)); + icv.process_msg(input); + + InitializationVector iv(rng, 8); + InitializationVector fixed("4ADDA22C79E82105"); + + Pipe pipe(get_cipher(cipher + "/CBC/NoPadding", kek, iv, ENCRYPTION), + new Flip_Bytes(iv.bits_of()), + get_cipher(cipher + "/CBC/NoPadding", kek, fixed, ENCRYPTION)); + pipe.start_msg(); + pipe.write(input); + pipe.write(icv.read_all()); + pipe.end_msg(); + return pipe.read_all(); + } + +} + +/************************************************* +* Wrap a CEK with a KEK * +*************************************************/ +SecureVector<byte> CMS_Encoder::wrap_key(RandomNumberGenerator& rng, + const std::string& cipher, + const SymmetricKey& cek, + const SymmetricKey& kek) + { + if(cipher == "TripleDES") + { + SymmetricKey cek_parity = cek; + cek_parity.set_odd_parity(); + return do_rfc3217_wrap(rng, cipher, kek, cek_parity.bits_of()); + } + else if(cipher == "RC2" || cipher == "CAST-128") + { + if(kek.length() != 16) + throw Encoding_Error("CMS: 128-bit KEKs must be used with " + cipher); + + SecureVector<byte> lcekpad; + lcekpad.append((byte)cek.length()); + lcekpad.append(cek.bits_of()); + while(lcekpad.size() % 8) + lcekpad.append(rng.next_byte()); + return do_rfc3217_wrap(rng, cipher, kek, lcekpad); + } + else + throw Invalid_Argument("CMS_Encoder::wrap: Unknown cipher " + cipher); + } + +/************************************************* +* Encode the parameters for an encryption algo * +*************************************************/ +SecureVector<byte> CMS_Encoder::encode_params(const std::string& cipher, + const SymmetricKey& key, + const InitializationVector& iv) + { + DER_Encoder encoder; + + if(cipher == "RC2") + { + encoder.start_cons(SEQUENCE). + encode((u32bit)RC2::EKB_code(8*key.length())). + encode(iv.bits_of(), OCTET_STRING). + end_cons(); + } + else if(cipher == "CAST-128") + { + encoder.start_cons(SEQUENCE). + encode(iv.bits_of(), OCTET_STRING). + encode(8*key.length()). + end_cons(); + } + else + encoder.encode(iv.bits_of(), OCTET_STRING); + + return encoder.get_contents(); + } + +/************************************************* +* Generate a CEK or KEK for the cipher * +*************************************************/ +SymmetricKey CMS_Encoder::setup_key(RandomNumberGenerator& rng, + const std::string& cipher) + { + u32bit keysize = 0; + + if(cipher == "TripleDES") keysize = 24; + if(cipher == "RC2") keysize = 16; + if(cipher == "CAST-128") keysize = 16; + + if(keysize == 0) + throw Invalid_Argument("CMS: Cannot encrypt with cipher " + cipher); + + SymmetricKey key(rng, keysize); + if(cipher == "DES" || cipher == "TripleDES") + key.set_odd_parity(); + return key; + } + +} diff --git a/src/cms/cms_comp.cpp b/src/cms/cms_comp.cpp new file mode 100644 index 000000000..0d75dae76 --- /dev/null +++ b/src/cms/cms_comp.cpp @@ -0,0 +1,102 @@ +/************************************************* +* CMS Compression Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/cms_enc.h> +#include <botan/cms_dec.h> +#include <botan/der_enc.h> +#include <botan/ber_dec.h> +#include <botan/oids.h> +#include <botan/pipe.h> + +#if defined(BOTAN_EXT_COMPRESSOR_ZLIB) + #include <botan/zlib.h> + #define HAVE_ZLIB 1 +#else + #define HAVE_ZLIB 0 +#endif + +namespace Botan { + +/************************************************* +* Compress a message * +*************************************************/ +void CMS_Encoder::compress(const std::string& algo) + { + if(!CMS_Encoder::can_compress_with(algo)) + throw Invalid_Argument("CMS_Encoder: Cannot compress with " + algo); + + Filter* compressor = 0; + +#if HAVE_ZLIB + if(algo == "Zlib") compressor = new Zlib_Compression; +#endif + + if(compressor == 0) + throw Internal_Error("CMS: Couldn't get ahold of a compressor"); + + Pipe pipe(compressor); + pipe.process_msg(data); + SecureVector<byte> compressed = pipe.read_all(); + + DER_Encoder encoder; + encoder.start_cons(SEQUENCE). + encode((u32bit)0). + encode(AlgorithmIdentifier("Compression." + algo, + MemoryVector<byte>())). + raw_bytes(make_econtent(compressed, type)). + end_cons(); + + add_layer("CMS.CompressedData", encoder); + } + +/************************************************* +* See if the named compression algo is available * +*************************************************/ +bool CMS_Encoder::can_compress_with(const std::string& algo) + { + if(HAVE_ZLIB && algo == "Zlib") + return true; + return false; + } + +/************************************************* +* Decompress a message * +*************************************************/ +void CMS_Decoder::decompress(BER_Decoder& decoder) + { + u32bit version; + AlgorithmIdentifier comp_algo; + + BER_Decoder comp_info = decoder.start_cons(SEQUENCE); + + comp_info.decode(version); + if(version != 0) + throw Decoding_Error("CMS: Unknown version for CompressedData"); + + comp_info.decode(comp_algo); + read_econtent(comp_info); + comp_info.end_cons(); + + Filter* decompressor = 0; + + info = comp_algo.oid.as_string(); + +#if HAVE_ZLIB + if(comp_algo.oid == OIDS::lookup("Compression.Zlib")) + { + decompressor = new Zlib_Decompression; + info = "Zlib"; + } +#endif + + if(!decompressor) + status = FAILURE; + + Pipe pipe(decompressor); + pipe.process_msg(data); + data = pipe.read_all(); + } + +} diff --git a/src/cms/cms_dalg.cpp b/src/cms/cms_dalg.cpp new file mode 100644 index 000000000..cd38c596d --- /dev/null +++ b/src/cms/cms_dalg.cpp @@ -0,0 +1,270 @@ +/************************************************* +* CMS Decoding Operations Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/cms_dec.h> +#include <botan/x509find.h> +#include <botan/ber_dec.h> +#include <botan/oids.h> +#include <botan/lookup.h> +#include <botan/look_pk.h> +#include <botan/bigint.h> +#include <memory> + +namespace Botan { + +namespace { + +/************************************************* +* Compute the hash of some content * +*************************************************/ +SecureVector<byte> hash_of(const SecureVector<byte>& content, + const AlgorithmIdentifier& hash_algo, + std::string& hash_name) + { + hash_name = OIDS::lookup(hash_algo.oid); + std::auto_ptr<HashFunction> hash_fn(get_hash(hash_name)); + return hash_fn->process(content); + } + +/************************************************* +* Find a cert based on SignerIdentifier * +*************************************************/ +std::vector<X509_Certificate> get_cert(BER_Decoder& signer_info, + X509_Store& store) + { + BER_Object id = signer_info.get_next_object(); + + std::vector<X509_Certificate> found; + + if(id.type_tag == SEQUENCE && id.class_tag == CONSTRUCTED) + { + X509_DN issuer; + BigInt serial; + BER_Decoder iands(id.value); + iands.decode(issuer); + iands.decode(serial); + + found = store.get_certs(IandS_Match(issuer, BigInt::encode(serial))); + } + else if(id.type_tag == 0 && id.class_tag == CONSTRUCTED) + found = store.get_certs(SKID_Match(id.value)); + else + throw Decoding_Error("CMS: Unknown tag for cert identifier"); + + // verify cert if found + + if(found.size() > 1) + throw Internal_Error("CMS: Found more than one match in get_cert"); + return found; + } + +/************************************************* +* Read OriginatorInfo * +*************************************************/ +void read_orig_info(BER_Decoder& info, X509_Store& store) + { + BER_Object next = info.get_next_object(); + + if(next.type_tag == 0 && + next.class_tag == ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC)) + { + DataSource_Memory certs(next.value); + while(!certs.end_of_data()) + { + // FIXME: can be attribute certs too + // FIXME: DoS? + X509_Certificate cert(certs); + store.add_cert(cert); + } + next = info.get_next_object(); + } + if(next.type_tag == 1 && + next.class_tag == ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC)) + { + DataSource_Memory crls(next.value); + while(!crls.end_of_data()) + { + // FIXME: DoS? + X509_CRL crl(crls); + store.add_crl(crl); + } + next = info.get_next_object(); + } + info.push_back(next); + } + +/************************************************* +* Decode any Attributes, and check type * +*************************************************/ +SecureVector<byte> decode_attributes(BER_Decoder& ber, const OID& type, + bool& bad_attributes) + { + BER_Object obj = ber.get_next_object(); + SecureVector<byte> digest; + + bool got_digest = false; + bool got_content_type = false; + + if(obj.type_tag == 0 && + obj.class_tag == ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC)) + ber.push_back(obj); + else + { + BER_Decoder attributes(obj.value); + while(attributes.more_items()) + { + Attribute attr; + attributes.decode(attr); + BER_Decoder attr_value(attr.parameters); + + if(attr.oid == OIDS::lookup("PKCS9.MessageDigest")) + { + got_digest = true; + attr_value.decode(digest, OCTET_STRING); + } + else if(attr.oid == OIDS::lookup("PKCS9.ContentType")) + { + got_content_type = true; + OID inner_type; + attr_value.decode(inner_type); + if(inner_type != type) + bad_attributes = true; + } + else + throw Decoding_Error("Unknown/unhandled CMS attribute found: " + + OIDS::lookup(attr.oid)); + } + + if(!got_digest || !got_content_type) + bad_attributes = true; + } + + return digest; + } + +} + +/************************************************* +* Decode this layer of CMS encoding * +*************************************************/ +void CMS_Decoder::decode_layer() + { + try { + if(status == FAILURE) + throw Invalid_State("CMS: Decoder is in FAILURE state"); + + status = GOOD; + info = ""; + + type = next_type; + + if(type == OIDS::lookup("CMS.DataContent")) + return; + + BER_Decoder decoder(data); + if(type == OIDS::lookup("CMS.CompressedData")) + decompress(decoder); + else if(type == OIDS::lookup("CMS.DigestedData")) + { + u32bit version; + AlgorithmIdentifier hash_algo; + SecureVector<byte> digest; + + BER_Decoder hash_info = decoder.start_cons(SEQUENCE); + + hash_info.decode(version); + if(version != 0 && version != 2) + throw Decoding_Error("CMS: Unknown version for DigestedData"); + + hash_info.decode(hash_algo); + read_econtent(hash_info); + hash_info.decode(digest, OCTET_STRING); + hash_info.end_cons(); + + if(digest != hash_of(data, hash_algo, info)) + status = BAD; + } + else if(type == OIDS::lookup("CMS.SignedData")) + { +#if 1 + throw Exception("FIXME: not implemented"); +#else + u32bit version; + + BER_Decoder sig_info = BER::get_subsequence(decoder); + BER::decode(sig_info, version); + if(version != 1 && version != 3) + throw Decoding_Error("CMS: Unknown version for SignedData"); + BER::get_subset(sig_info); // hash algos (do something with these?) + read_econtent(sig_info); + read_orig_info(sig_info, store); + + BER_Decoder signer_infos = BER::get_subset(sig_info); + while(signer_infos.more_items()) + { + AlgorithmIdentifier sig_algo, hash_algo; + SecureVector<byte> signature, digest; + u32bit version; + + BER_Decoder signer_info = BER::get_subsequence(signer_infos); + BER::decode(signer_info, version); + if(version != 1 && version != 3) + throw Decoding_Error("CMS: Unknown version for SignerInfo"); + + std::vector<X509_Certificate> certs = get_cert(signer_info, store); + if(certs.size() == 0) { status = NO_KEY; continue; } + + BER::decode(signer_info, hash_algo); + bool bad_attr = false; + digest = decode_attributes(signer_info, next_type, bad_attr); + if(bad_attr) { status = BAD; continue; } + BER::decode(signer_info, sig_algo); + BER::decode(signer_info, signature, OCTET_STRING); + // unsigned attributes + signer_info.verify_end(); + + if(digest.has_items()) + { + std::string hash; + if(digest != hash_of(data, hash_algo, hash)) + { + status = BAD; + continue; + } + status = check_sig(signed_attr, sig_algo, signature, certs[0]); + } + else + status = check_sig(data, sig_algo, signature, certs[0]); + + if(status == BAD) + continue; + + // fix this (gets only last signer, for one thing) + // maybe some way for the user to get all certs that signed the + // message? that would be useful + info = "CN=" + cert.subject_info("CommonName") + + ",O=" + cert.subject_info("Organization") + + ",OU=" + cert.subject_info("Organizational Unit"); + } +#endif + } + else if(type == OIDS::lookup("CMS.EnvelopedData")) + { + throw Exception("FIXME: not implemented"); + } + else if(type == OIDS::lookup("CMS.AuthenticatedData")) + { + throw Exception("FIXME: not implemented"); + } + else + throw Decoding_Error("CMS: Unknown content ID " + type.as_string()); + } + catch(std::exception) + { + status = FAILURE; + } + } + +} diff --git a/src/cms/cms_dec.cpp b/src/cms/cms_dec.cpp new file mode 100644 index 000000000..edd1cd489 --- /dev/null +++ b/src/cms/cms_dec.cpp @@ -0,0 +1,123 @@ +/************************************************* +* CMS Decoding Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/cms_dec.h> +#include <botan/ber_dec.h> +#include <botan/asn1_int.h> +#include <botan/oids.h> +#include <botan/pem.h> + +namespace Botan { + +/************************************************* +* CMS_Decoder Constructor * +*************************************************/ +CMS_Decoder::CMS_Decoder(DataSource& in, const X509_Store& x509store, + User_Interface& ui_ref, PKCS8_PrivateKey* key) : + ui(ui_ref), store(x509store) + { + status = GOOD; + + add_key(key); + + if(ASN1::maybe_BER(in) && !PEM_Code::matches(in)) + initial_read(in); + else + { + DataSource_Memory ber(PEM_Code::decode_check_label(in, "PKCS7")); + initial_read(ber); + } + } + +/************************************************* +* Read the outermost ContentInfo * +*************************************************/ +void CMS_Decoder::initial_read(DataSource& in) + { + // FIXME... + + /* + BER_Decoder decoder(in); + BER_Decoder content_info = decoder.start_cons(SEQUENCE); + + content_info.decode(next_type); + + + BER_Decoder content_type = BER::get_subsequence(content_info, ASN1_Tag(0)); + data = content_type.get_remaining(); + */ + + decode_layer(); + } + +/************************************************* +* Add another private key to use * +*************************************************/ +void CMS_Decoder::add_key(PKCS8_PrivateKey* key) + { + if(!key) + return; + + for(u32bit j = 0; j != keys.size(); j++) + if(keys[j]->key_id() == key->key_id()) + return; + + keys.push_back(key); + } + +/************************************************* +* Return the status information * +*************************************************/ +CMS_Decoder::Status CMS_Decoder::layer_status() const + { + return status; + } + +/************************************************* +* Return the final data content * +*************************************************/ +std::string CMS_Decoder::get_data() const + { + if(layer_type() != DATA) + throw Invalid_State("CMS: Cannot retrieve data from non-DATA layer"); + return std::string((const char*)data.begin(), data.size()); + } + +/************************************************* +* Return the content type of this layer * +*************************************************/ +CMS_Decoder::Content_Type CMS_Decoder::layer_type() const + { + if(type == OIDS::lookup("CMS.DataContent")) return DATA; + if(type == OIDS::lookup("CMS.EnvelopedData")) return ENVELOPED; + if(type == OIDS::lookup("CMS.CompressedData")) return COMPRESSED; + if(type == OIDS::lookup("CMS.SignedData")) return SIGNED; + if(type == OIDS::lookup("CMS.AuthenticatedData")) return AUTHENTICATED; + if(type == OIDS::lookup("CMS.DigestedData")) return DIGESTED; + return UNKNOWN; + } + +/************************************************* +* Return some information about this layer * +*************************************************/ +std::string CMS_Decoder::layer_info() const + { + return info; + } + +/************************************************* +* Return some information about this layer * +*************************************************/ +void CMS_Decoder::read_econtent(BER_Decoder& decoder) + { + BER_Decoder econtent_info = decoder.start_cons(SEQUENCE); + econtent_info.decode(next_type); + + // FIXME + //BER_Decoder econtent = BER::get_subsequence(econtent_info, ASN1_Tag(0)); + //econtent.decode(data, OCTET_STRING); + } + +} diff --git a/src/cms/cms_dec.h b/src/cms/cms_dec.h new file mode 100644 index 000000000..ef21036bb --- /dev/null +++ b/src/cms/cms_dec.h @@ -0,0 +1,63 @@ +/************************************************* +* CMS Decoding Header File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#ifndef BOTAN_CMS_DECODER_H__ +#define BOTAN_CMS_DECODER_H__ + +#include <botan/x509cert.h> +#include <botan/x509stor.h> +#include <botan/pkcs8.h> +#include <botan/ber_dec.h> +#include <botan/ui.h> + +namespace Botan { + +/************************************************* +* CMS Decoding Operation * +*************************************************/ +class CMS_Decoder + { + public: + enum Status { GOOD, BAD, NO_KEY, FAILURE }; + + enum Content_Type { DATA, UNKNOWN, COMPRESSED, ENVELOPED, SIGNED, + AUTHENTICATED, DIGESTED }; + + Status layer_status() const; + Content_Type layer_type() const; + std::string layer_info() const; + std::string layer_algo() const; + std::string get_data() const; + std::vector<X509_Certificate> get_certs() const; + std::vector<X509_CRL> get_crls() const; + + void next_layer() { decode_layer(); } + + void add_key(PKCS8_PrivateKey*); + + CMS_Decoder(DataSource&, const X509_Store&, User_Interface&, + PKCS8_PrivateKey* = 0); + private: + std::string get_passphrase(const std::string&); + void read_econtent(BER_Decoder&); + void initial_read(DataSource&); + void decode_layer(); + void decompress(BER_Decoder&); + + User_Interface& ui; + + X509_Store store; + std::vector<std::string> passphrases; + std::vector<PKCS8_PrivateKey*> keys; + + OID type, next_type; + SecureVector<byte> data; + Status status; + std::string info; + }; + +} + +#endif diff --git a/src/cms/cms_ealg.cpp b/src/cms/cms_ealg.cpp new file mode 100644 index 000000000..7749200d2 --- /dev/null +++ b/src/cms/cms_ealg.cpp @@ -0,0 +1,371 @@ +/************************************************* +* CMS Encoding Operations Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/cms_enc.h> +#include <botan/der_enc.h> +#include <botan/bigint.h> +#include <botan/oids.h> +#include <botan/lookup.h> +#include <botan/look_pk.h> +#include <botan/libstate.h> +#include <botan/pipe.h> +#include <memory> + +namespace Botan { + +namespace { + +/************************************************* +* Choose an algorithm * +*************************************************/ +std::string choose_algo(const std::string& user_algo, + const std::string& default_algo) + { + if(user_algo == "") + return global_state().deref_alias(default_algo); + return global_state().deref_alias(user_algo); + } + +/************************************************* +* Encode a SignerIdentifier/RecipientIdentifier * +*************************************************/ +void encode_si(DER_Encoder& der, const X509_Certificate& cert, + bool use_skid_encoding = false) + { + if(cert.subject_key_id().size() && use_skid_encoding) + der.encode(cert.subject_key_id(), OCTET_STRING, ASN1_Tag(0)); + else + { + der.start_cons(SEQUENCE). + encode(cert.issuer_dn()). + encode(BigInt::decode(cert.serial_number())). + end_cons(); + } + } + +/************************************************* +* Compute the hash of some content * +*************************************************/ +SecureVector<byte> hash_of(const SecureVector<byte>& content, + const std::string& hash) + { + std::auto_ptr<HashFunction> hash_fn(get_hash(hash)); + return hash_fn->process(content); + } + +/************************************************* +* Encode Attributes containing info on content * +*************************************************/ +SecureVector<byte> encode_attr(const SecureVector<byte>& data, + const std::string& type, + const std::string& hash) + { + SecureVector<byte> digest = hash_of(data, hash); + + DER_Encoder encoder; + encoder.encode(OIDS::lookup(type)); + Attribute content_type("PKCS9.ContentType", encoder.get_contents()); + + encoder.encode(digest, OCTET_STRING); + Attribute message_digest("PKCS9.MessageDigest", encoder.get_contents()); + + encoder.start_cons(SET) + .encode(content_type) + .encode(message_digest) + .end_cons(); + + return encoder.get_contents(); + } + +} + +/************************************************* +* Encrypt a message * +*************************************************/ +void CMS_Encoder::encrypt(const X509_Certificate& to, + const std::string user_cipher) + { + const std::string cipher = choose_algo(user_cipher, "TripleDES"); + + std::auto_ptr<X509_PublicKey> key(to.subject_public_key()); + const std::string algo = key->algo_name(); + + Key_Constraints constraints = to.constraints(); + + if(algo == "RSA") + { + if(constraints != NO_CONSTRAINTS && !(constraints & KEY_ENCIPHERMENT)) + throw Invalid_Argument("CMS: Constraints not set for encryption"); + + PK_Encrypting_Key* enc_key = dynamic_cast<PK_Encrypting_Key*>(key.get()); + if(enc_key == 0) + throw Internal_Error("CMS_Encoder::encrypt: " + algo + + " can't encrypt"); + + encrypt_ktri(to, enc_key, cipher); + } + else if(algo == "DH") + { + if(constraints != NO_CONSTRAINTS && !(constraints & KEY_AGREEMENT)) + throw Invalid_Argument("CMS: Constraints not set for key agreement"); + + encrypt_kari(to, key.get(), cipher); + } + else + throw Invalid_Argument("Unknown CMS PK encryption algorithm " + algo); + } + +/************************************************* +* Encrypt a message with a key transport algo * +*************************************************/ +void CMS_Encoder::encrypt_ktri(const X509_Certificate& to, + PK_Encrypting_Key* pub_key, + const std::string& cipher) + { + const std::string padding = "EME-PKCS1-v1_5"; + const std::string pk_algo = pub_key->algo_name(); + std::auto_ptr<PK_Encryptor> enc(get_pk_encryptor(*pub_key, padding)); + + SymmetricKey cek = setup_key(rng, cipher); + + DER_Encoder encoder; + encoder.start_cons(SEQUENCE); + encoder.encode((u32bit)0); + encoder.start_cons(SET); + encoder.start_cons(SEQUENCE); + encoder.encode((u32bit)0); + encode_si(encoder, to); + encoder.encode(AlgorithmIdentifier(pk_algo + "/" + padding)); + encoder.encode(enc->encrypt(cek.bits_of()), OCTET_STRING); + encoder.end_cons(); + encoder.end_cons(); + encoder.raw_bytes(do_encrypt(cek, cipher)); + encoder.end_cons(); + + add_layer("CMS.EnvelopedData", encoder); + } + +/************************************************* +* Encrypt a message with a key agreement algo * +*************************************************/ +void CMS_Encoder::encrypt_kari(const X509_Certificate&, + X509_PublicKey*, + const std::string&) + { + throw Exception("FIXME: unimplemented"); +#if 0 + SymmetricKey cek = setup_key(rng, cipher); + + DER_Encoder encoder; + encoder.start_cons(SEQUENCE); + encoder.encode(2); + encoder.start_cons(SET); + encoder.start_sequence(ASN1_Tag(1)); + encoder.encode(3); + encode_si(encoder, to); + encoder.encode(AlgorithmIdentifier(pk_algo + "/" + padding)); + encoder.encode(encrypted_cek, OCTET_STRING); + encoder.end_cons(); + encoder.end_cons(); + encoder.raw_bytes(do_encrypt(cek, cipher)); + encoder.end_cons(); + + add_layer("CMS.EnvelopedData", encoder); +#endif + } + +/************************************************* +* Encrypt a message with a shared key * +*************************************************/ +void CMS_Encoder::encrypt(const SymmetricKey& kek, + const std::string& user_cipher) + { + throw Exception("FIXME: untested"); + + const std::string cipher = choose_algo(user_cipher, "TripleDES"); + SymmetricKey cek = setup_key(rng, cipher); + + SecureVector<byte> kek_id; // FIXME: ? + + DER_Encoder encoder; + encoder.start_cons(SEQUENCE); + encoder.encode((u32bit)2); + encoder.start_sequence(ASN1_Tag(2)); + encoder.encode((u32bit)4); + encoder.start_cons(SEQUENCE); + encoder.encode(kek_id, OCTET_STRING); + encoder.end_cons(); + encoder.encode(AlgorithmIdentifier("KeyWrap." + cipher, true)); + encoder.encode(wrap_key(cipher, cek, kek), OCTET_STRING); + encoder.end_cons(); + encoder.raw_bytes(do_encrypt(cek, cipher)); + encoder.end_cons(); + + add_layer("CMS.EnvelopedData", encoder); + } + +/************************************************* +* Encrypt a message with a passphrase * +*************************************************/ +void CMS_Encoder::encrypt(const std::string&, + const std::string& user_cipher) + { + const std::string cipher = choose_algo(user_cipher, "TripleDES"); + throw Exception("FIXME: unimplemented"); + /* + SymmetricKey cek = setup_key(key); + + DER_Encoder encoder; + encoder.start_cons(SEQUENCE); + encoder.encode(0); + encoder.raw_bytes(do_encrypt(cek, cipher)); + encoder.end_cons(); + + add_layer("CMS.EnvelopedData", encoder); + */ + } + +/************************************************* +* Encrypt the content with the chosen key/cipher * +*************************************************/ +SecureVector<byte> CMS_Encoder::do_encrypt(const SymmetricKey& key, + const std::string& cipher) + { + if(!have_block_cipher(cipher)) + throw Invalid_Argument("CMS: Can't encrypt with non-existent cipher " + + cipher); + if(!OIDS::have_oid(cipher + "/CBC")) + throw Encoding_Error("CMS: No OID assigned for " + cipher + "/CBC"); + + InitializationVector iv(block_size_of(cipher)); + + AlgorithmIdentifier content_cipher; + content_cipher.oid = OIDS::lookup(cipher + "/CBC"); + content_cipher.parameters = encode_params(cipher, key, iv); + + Pipe pipe(get_cipher(cipher + "/CBC/PKCS7", key, iv, ENCRYPTION)); + pipe.process_msg(data); + + DER_Encoder encoder; + encoder.start_cons(SEQUENCE); + encoder.encode(OIDS::lookup(type)); + encoder.encode(content_cipher); + encoder.encode(pipe.read_all(), OCTET_STRING, ASN1_Tag(0)); + encoder.end_cons(); + + return encoder.get_contents(); + } + +/************************************************* +* Sign a message * +*************************************************/ +void CMS_Encoder::sign(X509_Store& store, const PKCS8_PrivateKey& key) + { + std::vector<X509_Certificate> matching = + X509_Store_Search::by_keyid(store, key.key_id()); + if(matching.size() == 0) + throw Encoding_Error("CMS::sign: Cannot find cert matching given key"); + + const X509_Certificate& cert = matching[0]; + + std::vector<X509_Certificate> chain = store.get_cert_chain(cert); + + std::string padding, hash; + Signature_Format format; + choose_sig_format(key.algo_name(), padding, hash, format); + const std::string sig_algo = key.algo_name() + "/" + padding; + + SecureVector<byte> signed_attr = encode_attr(data, type, hash); + const PK_Signing_Key& sig_key = dynamic_cast<const PK_Signing_Key&>(key); + std::auto_ptr<PK_Signer> signer(get_pk_signer(sig_key, padding, format)); + signer->update(signed_attr); + SecureVector<byte> signature = signer->signature(); + signed_attr[0] = 0xA0; + + const u32bit SI_VERSION = cert.subject_key_id().size() ? 3 : 1; + const u32bit CMS_VERSION = (type != "CMS.DataContent") ? 3 : SI_VERSION; + + DER_Encoder encoder; + encoder.start_cons(SEQUENCE); + encoder.encode(CMS_VERSION); + encoder.start_cons(SET); + encoder.encode(AlgorithmIdentifier(hash, true)); + encoder.end_cons(); + encoder.raw_bytes(make_econtent(data, type)); + + encoder.start_set(ASN1_Tag(0)); + for(u32bit j = 0; j != chain.size(); j++) + encoder.raw_bytes(chain[j].BER_encode()); + encoder.raw_bytes(cert.BER_encode()); + encoder.end_cons(ASN1_Tag(0)); + + encoder.start_cons(SET); + encoder.start_cons(SEQUENCE); + encoder.encode(SI_VERSION); + encode_si(encoder, cert, ((SI_VERSION == 3) ? true : false)); + encoder.encode(AlgorithmIdentifier(hash, true)); + encoder.raw_bytes(signed_attr); + encoder.encode(AlgorithmIdentifier(sig_algo, true)); + encoder.encode(signature, OCTET_STRING); + encoder.end_cons(); + encoder.end_cons(); + encoder.end_cons(); + + add_layer("CMS.SignedData", encoder); + } + +/************************************************* +* Digest a message * +*************************************************/ +void CMS_Encoder::digest(const std::string& user_hash) + { + const std::string hash = choose_algo(user_hash, "SHA-1"); + if(!OIDS::have_oid(hash)) + throw Encoding_Error("CMS: No OID assigned for " + hash); + + const u32bit VERSION = (type != "CMS.DataContent") ? 2 : 0; + + DER_Encoder encoder; + encoder.start_cons(SEQUENCE); + encoder.encode(VERSION); + encoder.encode(AlgorithmIdentifier(hash, true)); + encoder.raw_bytes(make_econtent(data, type)); + encoder.encode(hash_of(data, hash), OCTET_STRING); + encoder.end_cons(); + + add_layer("CMS.DigestedData", encoder); + } + +/************************************************* +* MAC a message with an encrypted key * +*************************************************/ +void CMS_Encoder::authenticate(const X509_Certificate&, + const std::string& mac_algo) + { + const std::string mac = choose_algo(mac_algo, "HMAC(SHA-1)"); + throw Exception("FIXME: unimplemented"); + } + +/************************************************* +* MAC a message with a shared key * +*************************************************/ +void CMS_Encoder::authenticate(const SymmetricKey&, + const std::string& mac_algo) + { + const std::string mac = choose_algo(mac_algo, "HMAC(SHA-1)"); + throw Exception("FIXME: unimplemented"); + } + +/************************************************* +* MAC a message with a passphrase * +*************************************************/ +void CMS_Encoder::authenticate(const std::string&, + const std::string& mac_algo) + { + const std::string mac = choose_algo(mac_algo, "HMAC(SHA-1)"); + throw Exception("FIXME: unimplemented"); + } + +} diff --git a/src/cms/cms_enc.cpp b/src/cms/cms_enc.cpp new file mode 100644 index 000000000..601fbc9b6 --- /dev/null +++ b/src/cms/cms_enc.cpp @@ -0,0 +1,84 @@ +/************************************************* +* CMS Encoding Base Source File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#include <botan/cms_enc.h> +#include <botan/der_enc.h> +#include <botan/oids.h> +#include <botan/pem.h> + +namespace Botan { + +/************************************************* +* Setup the intitial layer of CMS data * +*************************************************/ +void CMS_Encoder::set_data(const byte buf[], u32bit length) + { + if(data.has_items()) + throw Invalid_State("Cannot call CMS_Encoder::set_data here"); + + data.set(buf, length); + type = "CMS.DataContent"; + } + +/************************************************* +* Setup the intitial layer of CMS data * +*************************************************/ +void CMS_Encoder::set_data(const std::string& str) + { + set_data((const byte*)str.c_str(), str.length()); + } + +/************************************************* +* Finalize and return the CMS encoded data * +*************************************************/ +SecureVector<byte> CMS_Encoder::get_contents() + { + DER_Encoder encoder; + + encoder.start_cons(SEQUENCE). + encode(OIDS::lookup(type)). + start_explicit(0). + raw_bytes(data). + end_explicit(). + end_cons(); + + data.clear(); + + return encoder.get_contents(); + } + +/************************************************* +* Add a new layer of encapsulation * +*************************************************/ +void CMS_Encoder::add_layer(const std::string& oid, DER_Encoder& new_layer) + { + data = new_layer.get_contents(); + type = oid; + } + +/************************************************* +* Return the PEM-encoded data * +*************************************************/ +std::string CMS_Encoder::PEM_contents() + { + return PEM_Code::encode(get_contents(), "PKCS7"); + } + +/************************************************* +* Make an EncapsulatedContentInfo * +*************************************************/ +SecureVector<byte> CMS_Encoder::make_econtent(const SecureVector<byte>& data, + const std::string& type) + { + return DER_Encoder().start_cons(SEQUENCE). + encode(OIDS::lookup(type)). + start_explicit(0). + encode(data, OCTET_STRING). + end_explicit(). + end_cons(). + get_contents(); + } + +} diff --git a/src/cms/cms_enc.h b/src/cms/cms_enc.h new file mode 100644 index 000000000..6bdde8813 --- /dev/null +++ b/src/cms/cms_enc.h @@ -0,0 +1,74 @@ +/************************************************* +* CMS Encoding Header File * +* (C) 1999-2007 Jack Lloyd * +*************************************************/ + +#ifndef BOTAN_CMS_ENCODER_H__ +#define BOTAN_CMS_ENCODER_H__ + +#include <botan/x509cert.h> +#include <botan/x509stor.h> +#include <botan/pkcs8.h> + +namespace Botan { + +/************************************************* +* CMS Encoding Operation * +*************************************************/ +class CMS_Encoder + { + public: + void encrypt(const X509_Certificate&, const std::string = ""); + void encrypt(const std::string&, const std::string& = ""); + void encrypt(const SymmetricKey&, const std::string& = ""); + + void authenticate(const X509_Certificate&, const std::string& = ""); + void authenticate(const std::string&, const std::string& = ""); + void authenticate(const SymmetricKey&, const std::string& = ""); + + void sign(X509_Store&, const PKCS8_PrivateKey&); + void digest(const std::string& = ""); + + void compress(const std::string&); + static bool can_compress_with(const std::string&); + + SecureVector<byte> get_contents(); + std::string PEM_contents(); + + void set_data(const std::string&); + void set_data(const byte[], u32bit); + + CMS_Encoder(const std::string& str) { set_data(str); } + CMS_Encoder(const byte buf[], u32bit length) { set_data(buf, length); } + private: + void add_layer(const std::string&, DER_Encoder&); + + void encrypt_ktri(const X509_Certificate&, PK_Encrypting_Key*, + const std::string&); + void encrypt_kari(const X509_Certificate&, X509_PublicKey*, + const std::string&); + + SecureVector<byte> do_encrypt(const SymmetricKey&, const std::string&); + + static SecureVector<byte> make_econtent(const SecureVector<byte>&, + const std::string&); + + static SymmetricKey setup_key(RandomNumberGenerator& rng, + const std::string&); + + static SecureVector<byte> wrap_key(RandomNumberGenerator& rng, + const std::string&, + const SymmetricKey&, + const SymmetricKey&); + + static SecureVector<byte> encode_params(const std::string&, + const SymmetricKey&, + const InitializationVector&); + + SecureVector<byte> data; + std::string type; + }; + +} + +#endif diff --git a/src/cms/tests/cms_dec.cpp b/src/cms/tests/cms_dec.cpp new file mode 100644 index 000000000..593cf2e09 --- /dev/null +++ b/src/cms/tests/cms_dec.cpp @@ -0,0 +1,111 @@ +#include <botan/cms_dec.h> +using namespace Botan; + +#include <iostream> + +int main(int argc, char* argv[]) + { + if(argc != 2) + { + printf("Usage: %s <filename>\n", argv[0]); + return 1; + } + + LibraryInitializer init; + + try { + X509_Certificate mycert("mycert.pem"); + PKCS8_PrivateKey* mykey = PKCS8::load_key("mykey.pem", "cut"); + + X509_Certificate yourcert("yourcert.pem"); + X509_Certificate cacert("cacert.pem"); + X509_Certificate int_ca("int_ca.pem"); + + X509_Store store; + store.add_cert(mycert); + store.add_cert(yourcert); + store.add_cert(cacert, true); + store.add_cert(int_ca); + + DataSource_Stream message(argv[1]); + + User_Interface ui; + + CMS_Decoder decoder(message, store, ui, mykey); + + while(decoder.layer_type() != CMS_Decoder::DATA) + { + CMS_Decoder::Status status = decoder.layer_status(); + CMS_Decoder::Content_Type content = decoder.layer_type(); + + if(status == CMS_Decoder::FAILURE) + { + std::cout << "Failure reading CMS data" << std::endl; + break; + } + + if(content == CMS_Decoder::DIGESTED) + { + std::cout << "Digested data, hash = " << decoder.layer_info() + << std::endl; + std::cout << "Hash is " + << ((status == CMS_Decoder::GOOD) ? "good" : "bad") + << std::endl; + } + + if(content == CMS_Decoder::SIGNED) + { + // how to handle multiple signers? they can all exist within a + // single level... + + std::cout << "Signed by " << decoder.layer_info() << std::endl; + //std::cout << "Sign time: " << decoder.xxx() << std::endl; + std::cout << "Signature is "; + if(status == CMS_Decoder::GOOD) + std::cout << "valid"; + else if(status == CMS_Decoder::BAD) + std::cout << "bad"; + else if(status == CMS_Decoder::NO_KEY) + std::cout << "(cannot check, no known cert)"; + std::cout << std::endl; + } + if(content == CMS_Decoder::ENVELOPED || + content == CMS_Decoder::COMPRESSED || + content == CMS_Decoder::AUTHENTICATED) + { + if(content == CMS_Decoder::ENVELOPED) + std::cout << "Enveloped"; + if(content == CMS_Decoder::COMPRESSED) + std::cout << "Compressed"; + if(content == CMS_Decoder::AUTHENTICATED) + std::cout << "MACed"; + + std::cout << ", algo = " << decoder.layer_info() << std::endl; + + if(content == CMS_Decoder::AUTHENTICATED) + { + std::cout << "MAC status is "; + if(status == CMS_Decoder::GOOD) + std::cout << "valid"; + else if(status == CMS_Decoder::BAD) + std::cout << "bad"; + else if(status == CMS_Decoder::NO_KEY) + std::cout << "(cannot check, no key)"; + std::cout << std::endl; + } + } + decoder.next_layer(); + } + + if(decoder.layer_type() == CMS_Decoder::DATA) + std::cout << "Message is \"" << decoder.get_data() + << '"' << std::endl; + else + std::cout << "No data anywhere?" << std::endl; + } + catch(std::exception& e) + { + std::cerr << e.what() << std::endl; + } + return 0; + } diff --git a/src/cms/tests/cms_enc.cpp b/src/cms/tests/cms_enc.cpp new file mode 100644 index 000000000..0319925d8 --- /dev/null +++ b/src/cms/tests/cms_enc.cpp @@ -0,0 +1,46 @@ +#include <botan/cms_enc.h> +using namespace Botan; + +#include <iostream> +#include <fstream> + +int main() + { + LibraryInitializer init; + + try { + PKCS8_PrivateKey* mykey = PKCS8::load_key("mykey.pem", "cut"); + + X509_Certificate mycert("mycert.pem"); + X509_Certificate mycert2("mycert2.pem"); + X509_Certificate yourcert("yourcert.pem"); + X509_Certificate cacert("cacert.pem"); + X509_Certificate int_ca("int_ca.pem"); + + X509_Store store; + store.add_cert(mycert); + store.add_cert(mycert2); + store.add_cert(yourcert); + store.add_cert(int_ca); + store.add_cert(cacert, true); + + const std::string msg = "prioncorp: we don't toy\n"; + + CMS_Encoder encoder(msg); + + encoder.compress("Zlib"); + encoder.digest(); + encoder.encrypt(mycert); + encoder.sign(store, *mykey); + + SecureVector<byte> raw = encoder.get_contents(); + std::ofstream out("out.der"); + + out.write((const char*)raw.ptr(), raw.size()); + } + catch(std::exception& e) + { + std::cerr << e.what() << std::endl; + } + return 0; + } |