feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add CMS AuthEnvelopedData support for unauthAttrs

Browse Source
This commit is contained in:
Chris Conlon
2018-09-24 16:42:12 -06:00
committed by David Garske
parent 4315384051
commit 40ef246b1f
5 changed files with 276 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -109,6 +109,10 @@ pkcs7authEnvelopedDataAES128GCM_PWRI.der
pkcs7authEnvelopedDataAES192GCM.der
pkcs7authEnvelopedDataAES256GCM.der
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der
pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der

4
Makefile.am
View File

@ -47,6 +47,10 @@ CLEANFILES+= cert.der \
pkcs7authEnvelopedDataAES192GCM.der \
pkcs7authEnvelopedDataAES256GCM.der \
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der \
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der \
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der \
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der \
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der \
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der \
pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der \
pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der \

117
wolfcrypt/src/pkcs7.c
View File

@ -7119,15 +7119,25 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
byte macInt[MAX_VERSION_SZ];
word32 nonceSz, macIntSz;
/* authAttribs */
byte* flatAuthAttribs = NULL;
word32 flatAuthAttribsSz = 0;
byte authAttribSet[MAX_SET_SZ];
EncodedAttrib authAttribs[MAX_AUTH_ATTRIBS_SZ];
word32 authAttribsSz = 0, authAttribsCount = 0;
word32 authAttribsSetSz = 0;
byte* aadBuffer = NULL;
word32 aadBufferSz = 0;
byte authAttribSet[MAX_SET_SZ];
byte authAttribAadSet[MAX_SET_SZ];
EncodedAttrib authAttribs[MAX_SIGNED_ATTRIBS_SZ];
word32 authAttribsSz = 0, authAttribsCount = 0;
word32 authAttribsSetSz = 0, authAttribsAadSetSz = 0;
word32 authAttribsAadSetSz = 0;
/* unauthAttribs */
byte* flatUnauthAttribs = NULL;
byte unauthAttribSet[MAX_SET_SZ];
EncodedAttrib unauthAttribs[MAX_UNAUTH_ATTRIBS_SZ];
word32 unauthAttribsSz = 0, unauthAttribsCount = 0;
word32 unauthAttribsSetSz = 0;
PKCS7Attrib contentTypeAttrib;
byte contentTypeValue[MAX_OID_SZ];
@ -7233,12 +7243,13 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
return ret;
ret = wc_PKCS7_GenerateBlock(pkcs7, &rng, nonce, nonceSz);
wc_FreeRng(&rng);
if (ret != 0) {
wc_FreeRng(&rng);
return ret;
}
/* build up authenticated attributes (authAttrs) */
/* authAttribs: add contentType attrib if needed */
if (pkcs7->contentOID != DATA) {
/* if type is not id-data, contentType attribute MUST be added */
@ -7252,8 +7263,8 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
contentTypeAttrib.value = contentTypeValue;
contentTypeAttrib.valueSz = ret;
/* otherwise, try to set from custom content type */
} else if (ret <= 0) {
/* try to set from custom content type */
if (pkcs7->contentType == NULL || pkcs7->contentTypeSz == 0) {
WOLFSSL_MSG("CMS pkcs7->contentType must be set if "
"contentOID is not");
@ -7263,29 +7274,30 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
contentTypeAttrib.valueSz = pkcs7->contentTypeSz;
}
authAttribsCount += 1;
authAttribsSz += EncodeAttributes(authAttribs, 1,
&contentTypeAttrib, 1);
authAttribsCount += 1;
}
/* add in user's signed attributes */
if (pkcs7->authAttribsSz > 0) {
authAttribsCount += pkcs7->authAttribsSz;
authAttribsSz += EncodeAttributes(authAttribs +
authAttribsCount * sizeof(PKCS7Attrib),
MAX_SIGNED_ATTRIBS_SZ - authAttribsCount,
pkcs7->authAttribs,
pkcs7->authAttribsSz);
}
/* authAttribs: add in user authenticated attributes */
if (pkcs7->authAttribs != NULL && pkcs7->authAttribsSz > 0) {
authAttribsSz += EncodeAttributes(authAttribs + authAttribsCount,
MAX_AUTH_ATTRIBS_SZ - authAttribsCount,
pkcs7->authAttribs,
pkcs7->authAttribsSz);
authAttribsCount += pkcs7->authAttribsSz;
}
/* authAttribs: flatten authAttribs */
if (authAttribsSz > 0 && authAttribsCount > 0) {
flatAuthAttribs = (byte*)XMALLOC(authAttribsSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
flatAuthAttribsSz = authAttribsSz;
if (flatAuthAttribs == NULL) {
return MEMORY_E;
}
FlattenAttributes(flatAuthAttribs, authAttribs, authAttribsCount);
authAttribsSetSz = SetImplicit(ASN_SET, 1, authAttribsSz,
authAttribSet);
@ -7295,7 +7307,7 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
authAttribsAadSetSz = SetSet(authAttribsSz, authAttribAadSet);
/* allocate temp buffer to hold alternate attrib encoding for aad */
aadBuffer = (byte*)XMALLOC(flatAuthAttribsSz + authAttribsAadSetSz,
aadBuffer = (byte*)XMALLOC(authAttribsSz + authAttribsAadSetSz,
pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (aadBuffer == NULL) {
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@ -7306,8 +7318,31 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
aadBufferSz = 0;
XMEMCPY(aadBuffer + aadBufferSz, authAttribAadSet, authAttribsAadSetSz);
aadBufferSz += authAttribsAadSetSz;
XMEMCPY(aadBuffer + aadBufferSz, flatAuthAttribs, flatAuthAttribsSz);
aadBufferSz += flatAuthAttribsSz;
XMEMCPY(aadBuffer + aadBufferSz, flatAuthAttribs, authAttribsSz);
aadBufferSz += authAttribsSz;
}
/* build up unauthenticated attributes (unauthAttrs) */
if (pkcs7->unauthAttribsSz > 0) {
unauthAttribsSz = EncodeAttributes(unauthAttribs + unauthAttribsCount,
MAX_UNAUTH_ATTRIBS_SZ - unauthAttribsCount,
pkcs7->unauthAttribs,
pkcs7->unauthAttribsSz);
unauthAttribsCount = pkcs7->unauthAttribsSz;
flatUnauthAttribs = (byte*)XMALLOC(unauthAttribsSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
if (flatUnauthAttribs == NULL) {
if (aadBuffer)
XFREE(aadBuffer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (flatAuthAttribs)
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return MEMORY_E;
}
FlattenAttributes(flatUnauthAttribs, unauthAttribs, unauthAttribsCount);
unauthAttribsSetSz = SetImplicit(ASN_SET, 2, unauthAttribsSz,
unauthAttribSet);
}
/* allocate encrypted content buffer */
@ -7315,6 +7350,10 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
encryptedContent = (byte*)XMALLOC(encryptedOutSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
if (encryptedContent == NULL) {
if (aadBuffer)
XFREE(aadBuffer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (flatUnauthAttribs)
XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (flatAuthAttribs)
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return MEMORY_E;
@ -7325,10 +7364,14 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
pkcs7->cekSz, nonce, nonceSz, aadBuffer, aadBufferSz, authTag,
sizeof(authTag), pkcs7->content, encryptedOutSz, encryptedContent);
if (aadBuffer)
if (aadBuffer) {
XFREE(aadBuffer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
aadBuffer = NULL;
}
if (ret != 0) {
if (flatUnauthAttribs)
XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (flatAuthAttribs)
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@ -7339,6 +7382,8 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
ret = wc_SetContentType(pkcs7->contentOID, contentType,
sizeof(contentType));
if (ret < 0) {
if (flatUnauthAttribs)
XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (flatAuthAttribs)
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@ -7361,6 +7406,8 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
macIntSz);
if (contentEncAlgoSz == 0) {
if (flatUnauthAttribs)
XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (flatAuthAttribs)
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@ -7380,8 +7427,9 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
/* keep track of sizes for outer wrapper layering */
totalSz = verSz + recipSetSz + recipSz + encContentSeqSz + contentTypeSz +
contentEncAlgoSz + nonceOctetStringSz + nonceSz + macIntSz +
encContentOctetSz + encryptedOutSz + flatAuthAttribsSz +
authAttribsSetSz + macOctetStringSz + sizeof(authTag);
encContentOctetSz + encryptedOutSz + authAttribsSz +
authAttribsSetSz + macOctetStringSz + sizeof(authTag) +
unauthAttribsSz + unauthAttribsSetSz;
/* EnvelopedData */
envDataSeqSz = SetSequence(totalSz, envDataSeq);
@ -7398,6 +7446,8 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
if (totalSz > (int)outputSz) {
WOLFSSL_MSG("Pkcs7_encrypt output buffer too small");
if (flatUnauthAttribs)
XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (flatAuthAttribs)
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@ -7442,11 +7492,11 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
idx += encryptedOutSz;
/* authenticated attributes */
if (flatAuthAttribsSz > 0) {
if (authAttribsSz > 0) {
XMEMCPY(output + idx, authAttribSet, authAttribsSetSz);
idx += authAttribsSetSz;
XMEMCPY(output + idx, flatAuthAttribs, flatAuthAttribsSz);
idx += flatAuthAttribsSz;
XMEMCPY(output + idx, flatAuthAttribs, authAttribsSz);
idx += authAttribsSz;
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
}
@ -7455,6 +7505,15 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output,
XMEMCPY(output + idx, authTag, sizeof(authTag));
idx += sizeof(authTag);
/* unauthenticated attributes */
if (unauthAttribsSz > 0) {
XMEMCPY(output + idx, unauthAttribSet, unauthAttribsSetSz);
idx += unauthAttribsSetSz;
XMEMCPY(output + idx, flatUnauthAttribs, unauthAttribsSz);
idx += unauthAttribsSz;
XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
}
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return idx;

247
wolfcrypt/test/test.c
View File

@ -19529,8 +19529,10 @@ typedef struct {
size_t certSz;
byte* privateKey;
word32 privateKeySz;
PKCS7Attrib* signedAttribs;
word32 signedAttribsSz;
PKCS7Attrib* authAttribs;
word32 authAttribsSz;
PKCS7Attrib* unauthAttribs;
word32 unauthAttribsSz;
/* KARI / KTRI specific */
byte* optionalUkm;
@ -19579,6 +19581,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
byte enveloped[2048];
byte decoded[2048];
WC_RNG rng;
PKCS7* pkcs7;
#ifdef PKCS7_OUTPUT_TEST_BUNDLES
FILE* pkcs7File;
@ -19589,6 +19592,17 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
0x72,0x6c,0x64
};
static byte senderNonceOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x05 };
static byte senderNonce[PKCS7_NONCE_SZ + 2];
PKCS7Attrib attribs[] =
{
{ senderNonceOid, sizeof(senderNonceOid), senderNonce,
sizeof(senderNonce) }
};
#if !defined(NO_AES) && defined(WOLFSSL_AES_256) && defined(HAVE_ECC) && \
defined(WOLFSSL_SHA512)
byte optionalUkm[] = {
@ -19624,37 +19638,38 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifdef WOLFSSL_AES_128
{data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0,
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES128GCM.der"},
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES128GCM.der"},
#endif
#ifdef WOLFSSL_AES_192
{data, (word32)sizeof(data), DATA, AES192GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0,
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES192GCM.der"},
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES192GCM.der"},
#endif
#ifdef WOLFSSL_AES_256
{data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0,
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM.der"},
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES256GCM.der"},
/* test with contentType set to FirmwarePkgData */
{data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, 0, 0,
rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, 0, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0,
0, 0, 0, 0, 0, "pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der"},
rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL,
0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL,
0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der"},
/* explicitly using SKID for SubjectKeyIdentifier */
{data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, CMS_SKID, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES256GCM_SKID.der"},
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, CMS_SKID, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0,
0, 0, 0, 0, 0, "pkcs7authEnvelopedDataAES256GCM_SKID.der"},
/* explicitly using IssuerAndSerialNumber for SubjectKeyIdentifier */
{data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0,
CMS_ISSUER_AND_SERIAL_NUMBER, 0, NULL, 0, NULL, 0, NULL, NULL, 0,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_IANDS.der"},
@ -19668,32 +19683,70 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
{data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP,
dhSinglePass_stdDH_sha1kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL,
0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0,
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der"},
#endif
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_256)
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0,
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der"},
/* with authenticated attributes */
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)),
NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0,
0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der"},
/* with unauthenticated attributes */
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, attribs,
(sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0,
0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der"},
/* with authenticated AND unauthenticated attributes */
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)),
attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0,
0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der"},
/* with authenticated AND unauthenticated attributes AND
* contentType of FirmwarePkgData */
{data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)),
attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0,
0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der"},
#endif /* NO_SHA256 && WOLFSSL_AES_256 */
#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_AES_256)
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL,
NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der"},
/* with optional user keying material (ukm) */
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, optionalUkm, sizeof(optionalUkm), 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der"},
eccPrivKeySz, NULL, 0, NULL, 0, optionalUkm, sizeof(optionalUkm), 0,
0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0,
0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der"},
#endif /* WOLFSSL_SHA512 && WOLFSSL_AES_256 */
#endif /* NO_AES */
#endif
@ -19702,9 +19755,9 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
{data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, secretKey, sizeof(secretKey),
secretKeyId, sizeof(secretKeyId), NULL, NULL, 0, NULL, 0,
0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0,
secretKey, sizeof(secretKey), secretKeyId, sizeof(secretKeyId),
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES128GCM_KEKRI.der"},
#endif
#endif
@ -19713,7 +19766,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#if !defined(NO_PWDBASED) && !defined(NO_AES) && defined(HAVE_AESGCM)
#if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
{data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, password,
(word32)XSTRLEN(password), salt, sizeof(salt), PBKDF2_OID, WC_SHA, 5,
AES128CBCb, 0, 0, 0, "pkcs7authEnvelopedDataAES128GCM_PWRI.der"},
@ -19724,8 +19777,8 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#ifdef WOLFSSL_AES_128
/* ori (OtherRecipientInfo) recipient types */
{data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, NULL, 0, NULL, 0,
NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0,
NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 1, 0,
NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 1, 0,
"pkcs7authEnvelopedDataAES128GCM_ORI.der"},
#endif
#endif
@ -19733,6 +19786,30 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
testSz = sizeof(testVectors) / sizeof(pkcs7AuthEnvelopedVector);
/* generate senderNonce */
{
#ifndef HAVE_FIPS
ret = wc_InitRng_ex(&rng, HEAP_HINT, devId);
#else
ret = wc_InitRng(&rng);
#endif
if (ret != 0) {
return -9370;
}
senderNonce[0] = 0x04;
senderNonce[1] = PKCS7_NONCE_SZ;
ret = wc_RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
if (ret != 0) {
wc_FreeRng(&rng);
return -9371;
}
wc_FreeRng(&rng);
}
for (i = 0; i < testSz; i++) {
pkcs7 = wc_PKCS7_New(HEAP_HINT,
#ifdef WOLFSSL_ASYNC_CRYPT
@ -19742,22 +19819,26 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#endif
);
if (pkcs7 == NULL)
return -9370;
return -9372;
if (testVectors[i].secretKey != NULL) {
/* KEKRI recipient type */
ret = wc_PKCS7_Init(pkcs7, pkcs7->heap, pkcs7->devId);
if (ret != 0) {
return -9371;
return -9373;
}
pkcs7->content = (byte*)testVectors[i].content;
pkcs7->contentSz = testVectors[i].contentSz;
pkcs7->contentOID = testVectors[i].contentOID;
pkcs7->encryptOID = testVectors[i].encryptOID;
pkcs7->ukm = testVectors[i].optionalUkm;
pkcs7->ukmSz = testVectors[i].optionalUkmSz;
pkcs7->content = (byte*)testVectors[i].content;
pkcs7->contentSz = testVectors[i].contentSz;
pkcs7->contentOID = testVectors[i].contentOID;
pkcs7->encryptOID = testVectors[i].encryptOID;
pkcs7->ukm = testVectors[i].optionalUkm;
pkcs7->ukmSz = testVectors[i].optionalUkmSz;
pkcs7->authAttribs = testVectors[i].authAttribs;
pkcs7->authAttribsSz = testVectors[i].authAttribsSz;
pkcs7->unauthAttribs = testVectors[i].unauthAttribs;
pkcs7->unauthAttribsSz = testVectors[i].unauthAttribsSz;
ret = wc_PKCS7_AddRecipient_KEKRI(pkcs7, testVectors[i].keyWrapOID,
testVectors[i].secretKey, testVectors[i].secretKeySz,
@ -19768,7 +19849,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
if (ret < 0) {
wc_PKCS7_Free(pkcs7);
return -9372;
return -9374;
}
/* set key, for decryption */
@ -19777,7 +19858,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
if (ret != 0) {
wc_PKCS7_Free(pkcs7);
return -9373;
return -9375;
}
} else if (testVectors[i].password != NULL) {
@ -19785,15 +19866,19 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
ret = wc_PKCS7_Init(pkcs7, pkcs7->heap, pkcs7->devId);
if (ret != 0) {
return -9374;
return -9376;
}
pkcs7->content = (byte*)testVectors[i].content;
pkcs7->contentSz = testVectors[i].contentSz;
pkcs7->contentOID = testVectors[i].contentOID;
pkcs7->encryptOID = testVectors[i].encryptOID;
pkcs7->ukm = testVectors[i].optionalUkm;
pkcs7->ukmSz = testVectors[i].optionalUkmSz;
pkcs7->content = (byte*)testVectors[i].content;
pkcs7->contentSz = testVectors[i].contentSz;
pkcs7->contentOID = testVectors[i].contentOID;
pkcs7->encryptOID = testVectors[i].encryptOID;
pkcs7->ukm = testVectors[i].optionalUkm;
pkcs7->ukmSz = testVectors[i].optionalUkmSz;
pkcs7->authAttribs = testVectors[i].authAttribs;
pkcs7->authAttribsSz = testVectors[i].authAttribsSz;
pkcs7->unauthAttribs = testVectors[i].unauthAttribs;
pkcs7->unauthAttribsSz = testVectors[i].unauthAttribsSz;
ret = wc_PKCS7_AddRecipient_PWRI(pkcs7,
(byte*)testVectors[i].password,
@ -19804,7 +19889,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
if (ret < 0) {
wc_PKCS7_Free(pkcs7);
return -9375;
return -9377;
}
/* set password, for decryption */
@ -19813,7 +19898,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
if (ret < 0) {
wc_PKCS7_Free(pkcs7);
return -9376;
return -9378;
}
} else if (testVectors[i].isOri == 1) {
@ -19821,20 +19906,24 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
ret = wc_PKCS7_Init(pkcs7, pkcs7->heap, pkcs7->devId);
if (ret != 0) {
return -9377;
return -9379;
}
pkcs7->content = (byte*)testVectors[i].content;
pkcs7->contentSz = testVectors[i].contentSz;
pkcs7->contentOID = testVectors[i].contentOID;
pkcs7->encryptOID = testVectors[i].encryptOID;
pkcs7->content = (byte*)testVectors[i].content;
pkcs7->contentSz = testVectors[i].contentSz;
pkcs7->contentOID = testVectors[i].contentOID;
pkcs7->encryptOID = testVectors[i].encryptOID;
pkcs7->authAttribs = testVectors[i].authAttribs;
pkcs7->authAttribsSz = testVectors[i].authAttribsSz;
pkcs7->unauthAttribs = testVectors[i].unauthAttribs;
pkcs7->unauthAttribsSz = testVectors[i].unauthAttribsSz;
ret = wc_PKCS7_AddRecipient_ORI(pkcs7, myOriEncryptCb,
testVectors[i].oriOptions);
if (ret < 0) {
wc_PKCS7_Free(pkcs7);
return -9378;
return -9380;
}
/* set decrypt callback for decryption */
@ -19842,7 +19931,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
if (ret < 0) {
wc_PKCS7_Free(pkcs7);
return -9379;
return -9381;
}
} else {
@ -19852,19 +19941,23 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
(word32)testVectors[i].certSz);
if (ret != 0) {
wc_PKCS7_Free(pkcs7);
return -9380;
return -9382;
}
pkcs7->keyWrapOID = testVectors[i].keyWrapOID;
pkcs7->keyAgreeOID = testVectors[i].keyAgreeOID;
pkcs7->privateKey = testVectors[i].privateKey;
pkcs7->privateKeySz = testVectors[i].privateKeySz;
pkcs7->content = (byte*)testVectors[i].content;
pkcs7->contentSz = testVectors[i].contentSz;
pkcs7->contentOID = testVectors[i].contentOID;
pkcs7->encryptOID = testVectors[i].encryptOID;
pkcs7->ukm = testVectors[i].optionalUkm;
pkcs7->ukmSz = testVectors[i].optionalUkmSz;
pkcs7->keyWrapOID = testVectors[i].keyWrapOID;
pkcs7->keyAgreeOID = testVectors[i].keyAgreeOID;
pkcs7->privateKey = testVectors[i].privateKey;
pkcs7->privateKeySz = testVectors[i].privateKeySz;
pkcs7->content = (byte*)testVectors[i].content;
pkcs7->contentSz = testVectors[i].contentSz;
pkcs7->contentOID = testVectors[i].contentOID;
pkcs7->encryptOID = testVectors[i].encryptOID;
pkcs7->ukm = testVectors[i].optionalUkm;
pkcs7->ukmSz = testVectors[i].optionalUkmSz;
pkcs7->authAttribs = testVectors[i].authAttribs;
pkcs7->authAttribsSz = testVectors[i].authAttribsSz;
pkcs7->unauthAttribs = testVectors[i].unauthAttribs;
pkcs7->unauthAttribsSz = testVectors[i].unauthAttribsSz;
/* set SubjectIdentifier type for KTRI types */
if (testVectors[i].ktriOptions & CMS_SKID) {
@ -19872,7 +19965,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
ret = wc_PKCS7_SetSignerIdentifierType(pkcs7, CMS_SKID);
if (ret != 0) {
wc_PKCS7_Free(pkcs7);
return -9381;
return -9383;
}
} else if (testVectors[i].ktriOptions &
CMS_ISSUER_AND_SERIAL_NUMBER) {
@ -19881,7 +19974,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
CMS_ISSUER_AND_SERIAL_NUMBER);
if (ret != 0) {
wc_PKCS7_Free(pkcs7);
return -9382;
return -9384;
}
}
}
@ -19891,7 +19984,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
sizeof(enveloped));
if (envelopedSz <= 0) {
wc_PKCS7_Free(pkcs7);
return -9383;
return -9385;
}
/* decode envelopedData */
@ -19900,13 +19993,13 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
sizeof(decoded));
if (decodedSz <= 0) {
wc_PKCS7_Free(pkcs7);
return -9384;
return -9386;
}
/* test decode result */
if (XMEMCMP(decoded, data, sizeof(data)) != 0){
wc_PKCS7_Free(pkcs7);
return -9385;
return -9387;
}
#ifdef PKCS7_OUTPUT_TEST_BUNDLES
@ -19914,14 +20007,14 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
pkcs7File = fopen(testVectors[i].outFileName, "wb");
if (!pkcs7File) {
wc_PKCS7_Free(pkcs7);
return -9386;
return -9388;
}
ret = (int)fwrite(enveloped, 1, envelopedSz, pkcs7File);
fclose(pkcs7File);
if (ret != envelopedSz) {
wc_PKCS7_Free(pkcs7);
return -9387;
return -9389;
}
#endif /* PKCS7_OUTPUT_TEST_BUNDLES */

10
wolfssl/wolfcrypt/pkcs7.h
View File

@ -62,6 +62,14 @@
#define MAX_SIGNED_ATTRIBS_SZ 7
#endif
#ifndef MAX_AUTH_ATTRIBS_SZ
#define MAX_AUTH_ATTRIBS_SZ 7
#endif
#ifndef MAX_UNAUTH_ATTRIBS_SZ
#define MAX_UNAUTH_ATTRIBS_SZ 7
#endif
/* PKCS#7 content types, ref RFC 2315 (Section 14) */
enum PKCS7_TYPES {
PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */
@ -211,6 +219,8 @@ typedef struct PKCS7 {
PKCS7Attrib* authAttribs; /* authenticated attribs */
word32 authAttribsSz;
PKCS7Attrib* unauthAttribs; /* unauthenticated attribs */
word32 unauthAttribsSz;
/* !! NEW DATA MEMBERS MUST BE ADDED AT END !! */
} PKCS7;