mirror of
https://github.com/mozilla/gecko-dev.git
synced 2025-02-18 23:15:38 +00:00
NSS_CMSSignerInfo_Verify()
- This function is changed to explicitly allow some of its input arguments to be NULL. It will set the verification status in the CMSSignerInfo object accordingly. Since this is the ONLY function that ever sets the verification status, it must be able to do so even when problems have occurred. - lots of cleanup of this source code. Bugscape bug 54208, r=relyea
This commit is contained in:
nelsonb%netscape.com
parent
874fa3a93d
commit
f6f1a0d2e4
@ -34,7 +34,7 @@
|
||||
/*
|
||||
* CMS signerInfo methods.
|
||||
*
|
||||
* $Id: cmssiginfo.c,v 1.21 2003/12/03 02:42:08 jpierre%netscape.com Exp $
|
||||
* $Id: cmssiginfo.c,v 1.22 2003/12/04 00:29:31 nelsonb%netscape.com Exp $
|
||||
*/
|
||||
|
||||
#include "cmslocal.h"
|
||||
@ -309,7 +309,7 @@ NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHand
|
||||
* email profile.
|
||||
*/
|
||||
if (NSS_CMSSignerInfo_GetSigningTime (signerinfo, &stime) != SECSuccess)
|
||||
stime = PR_Now(); /* not found or conversion failed, so check against now */
|
||||
stime = PR_Now(); /* not found or conversion failed, so check against now */
|
||||
|
||||
/*
|
||||
* XXX This uses the signing time, if available. Additionally, we
|
||||
@ -319,7 +319,8 @@ NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHand
|
||||
* in a time (and for non-S/MIME callers to pass in nothing, or
|
||||
* maybe make them pass in the current time, always?).
|
||||
*/
|
||||
if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, stime, signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
|
||||
if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, stime,
|
||||
signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
|
||||
signerinfo->verificationStatus = NSSCMSVS_SigningCertNotTrusted;
|
||||
return SECFailure;
|
||||
}
|
||||
@ -329,11 +330,13 @@ NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHand
|
||||
/*
|
||||
* NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo
|
||||
*
|
||||
* Just verifies the signature. The assumption is that verification of the certificate
|
||||
* is done already.
|
||||
* Just verifies the signature. The assumption is that verification of
|
||||
* the certificate is done already.
|
||||
*/
|
||||
SECStatus
|
||||
NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType)
|
||||
NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo,
|
||||
SECItem *digest, /* may be NULL */
|
||||
SECItem *contentType) /* may be NULL */
|
||||
{
|
||||
SECKEYPublicKey *publickey = NULL;
|
||||
NSSCMSAttribute *attr;
|
||||
@ -345,9 +348,11 @@ NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem
|
||||
if (signerinfo == NULL)
|
||||
return SECFailure;
|
||||
|
||||
/* NSS_CMSSignerInfo_GetSigningCertificate will fail if 2nd parm is NULL and */
|
||||
/* cert has not been verified */
|
||||
if ((cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, NULL)) == NULL) {
|
||||
/* NSS_CMSSignerInfo_GetSigningCertificate will fail if 2nd parm is NULL
|
||||
** and cert has not been verified
|
||||
*/
|
||||
cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, NULL);
|
||||
if (cert == NULL) {
|
||||
vs = NSSCMSVS_SigningCertNotFound;
|
||||
goto loser;
|
||||
}
|
||||
@ -390,9 +395,9 @@ NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem
|
||||
* be one for message digest which matches our message digest.
|
||||
* So check these things first.
|
||||
*/
|
||||
if ((attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
|
||||
SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE)) == NULL)
|
||||
{
|
||||
attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
|
||||
SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE);
|
||||
if (attr == NULL) {
|
||||
vs = NSSCMSVS_MalformedSignature;
|
||||
goto loser;
|
||||
}
|
||||
@ -406,12 +411,14 @@ NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem
|
||||
/*
|
||||
* Check digest
|
||||
*/
|
||||
if ((attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE)) == NULL)
|
||||
{
|
||||
attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
|
||||
SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE);
|
||||
if (attr == NULL) {
|
||||
vs = NSSCMSVS_MalformedSignature;
|
||||
goto loser;
|
||||
}
|
||||
if (NSS_CMSAttribute_CompareValue(attr, digest) == PR_FALSE) {
|
||||
if (!digest ||
|
||||
NSS_CMSAttribute_CompareValue(attr, digest) == PR_FALSE) {
|
||||
vs = NSSCMSVS_DigestMismatch;
|
||||
goto loser;
|
||||
}
|
||||
@ -426,14 +433,15 @@ NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem
|
||||
*
|
||||
* The signature is based on a digest of the DER-encoded authenticated
|
||||
* attributes. So, first we encode and then we digest/verify.
|
||||
* we trust the decoder to have the attributes in the right (sorted) order
|
||||
* we trust the decoder to have the attributes in the right (sorted)
|
||||
* order
|
||||
*/
|
||||
encoded_attrs.data = NULL;
|
||||
encoded_attrs.len = 0;
|
||||
|
||||
if (NSS_CMSAttributeArray_Encode(poolp, &(signerinfo->authAttr), &encoded_attrs) == NULL ||
|
||||
encoded_attrs.data == NULL || encoded_attrs.len == 0)
|
||||
{
|
||||
if (NSS_CMSAttributeArray_Encode(poolp, &(signerinfo->authAttr),
|
||||
&encoded_attrs) == NULL ||
|
||||
encoded_attrs.data == NULL || encoded_attrs.len == 0) {
|
||||
vs = NSSCMSVS_ProcessingError;
|
||||
goto loser;
|
||||
}
|
||||
@ -441,21 +449,26 @@ NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem
|
||||
vs = (VFY_VerifyData (encoded_attrs.data, encoded_attrs.len,
|
||||
publickey, &(signerinfo->encDigest),
|
||||
SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
|
||||
signerinfo->cmsg->pwfn_arg) != SECSuccess) ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
|
||||
signerinfo->cmsg->pwfn_arg) != SECSuccess)
|
||||
? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
|
||||
|
||||
PORT_FreeArena(poolp, PR_FALSE); /* awkward memory management :-( */
|
||||
PORT_FreeArena(poolp, PR_FALSE); /* awkward memory management :-( */
|
||||
|
||||
} else {
|
||||
SECItem *sig;
|
||||
|
||||
/* No authenticated attributes. The signature is based on the plain message digest. */
|
||||
/* No authenticated attributes.
|
||||
** The signature is based on the plain message digest.
|
||||
*/
|
||||
sig = &(signerinfo->encDigest);
|
||||
if (sig->len == 0)
|
||||
goto loser;
|
||||
|
||||
vs = (VFY_VerifyDigest(digest, publickey, sig,
|
||||
vs = (!digest ||
|
||||
VFY_VerifyDigest(digest, publickey, sig,
|
||||
SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
|
||||
signerinfo->cmsg->pwfn_arg) != SECSuccess) ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
|
||||
signerinfo->cmsg->pwfn_arg) != SECSuccess)
|
||||
? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
|
||||
}
|
||||
|
||||
if (vs == NSSCMSVS_BadSignature) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user