CAdES: implement CAdES-BES signed attributes validation #8098
Conversation
|
First quick read |
crypto/cms/cms_ess.c
Outdated
Show resolved
Hide resolved
crypto/cms/cms_ess.c
Outdated
Show resolved
Hide resolved
|
Apart from my comment, can you have a look at Travis and figure out what's going on? Them are a few too many unresolved symbols for my comfort... |
Fully fixed, I should not edit my code so late ;) |
|
any news about this? |
|
@maxcuttins : needs a bit of documents about the two added methods. |
|
Ping @slontis : suggested tests added. |
|
Just a general comment about the generated files..
|
apps/cms.c
Outdated
Show resolved
Hide resolved
|
Fully rebased. CI are all green. |
|
with make test TESTS=test_x509 V=1 |
Thanks @opensignature. @FdaSilvaYY already reported this issue in #11853. |
|
Some minor things to resolve. |
| X509 *signer; | ||
| int i, scount = 0, ret = 0; | ||
| BIO *cmsbio = NULL, *tmpin = NULL, *tmpout = NULL; | ||
| unsigned char cadesVerify = (flags & CMS_CADES) ? 1 : 0; |
t8m
May 19, 2020
Member
Nit: It is weird to "optimize" boolean value into unsigned char. The int type is usually used in place of boolean throughout the OpenSSL code. Also I would slightly prefer using (flags & CMS_CADES) != 0 instead of the ? operator.
Nit: It is weird to "optimize" boolean value into unsigned char. The int type is usually used in place of boolean throughout the OpenSSL code. Also I would slightly prefer using (flags & CMS_CADES) != 0 instead of the ? operator.
| CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE); | ||
| goto err; | ||
| } | ||
| } | ||
| cms_certs = CMS_get1_certs(cms); | ||
| if (!(flags & CMS_NOCRL)) | ||
| crls = CMS_get1_crls(cms); | ||
| for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { |
t8m
May 19, 2020
Member
Optional: at this point scount == sk_CMS_SignerInfo_num(sinfos) so you could use scount here to optimize.
Optional: at this point scount == sk_CMS_SignerInfo_num(sinfos) so you could use scount here to optimize.
| || X509_NAME_cmp(issuer->d.dirn, X509_get_issuer_name(cert)) != 0) | ||
| return -1; | ||
|
|
||
| if (ASN1_INTEGER_cmp(is->serial, X509_get_serialNumber((X509 *)cert)) != 0) |
t8m
May 19, 2020
Member
Would it make sense to just return ASN1_INTEGER_cmp(is->serial, X509_get_serialNumber((X509 *)cert)); here?
Would it make sense to just return ASN1_INTEGER_cmp(is->serial, X509_get_serialNumber((X509 *)cert)); here?
| X509_digest(cert, EVP_sha1(), cert_sha1, NULL); | ||
|
|
||
| /* Recompute SHA1 hash of certificate if necessary (side effect). */ | ||
| X509_check_purpose(cert, -1, 0); |
t8m
May 19, 2020
Member
This was now changed. You can also use X509v3_cache_extensions() directly.
This was now changed. You can also use X509v3_cache_extensions() directly.
| const ESS_CERT_ID_V2 *cid = sk_ESS_CERT_ID_V2_value(cert_ids, i); | ||
| const EVP_MD *md; | ||
|
|
||
| if (cid != NULL && cid->hash_alg != NULL) |
t8m
May 19, 2020
Member
This will require change to use fetch. Perhaps just mark with TODO 3.0.
This will require change to use fetch. Perhaps just mark with TODO 3.0.
| /* Recompute SHA1 hash of certificate if necessary (side effect). */ | ||
| X509_check_purpose(cert, -1, 0); | ||
|
|
||
| if (!X509_digest(cert, EVP_sha1(), cert_sha1, NULL)) |
t8m
May 19, 2020
Member
This will have to be changed for 3.0 to use fetch. Please add TODO 3.0 comment.
This will have to be changed for 3.0 to use fetch. Please add TODO 3.0 comment.
FdaSilvaYY
May 22, 2020
Author
Contributor
fixed !
fixed !
| return -1; | ||
|
|
||
| /* Recompute SHA1 hash of certificate if necessary (side effect). */ | ||
| if (!X509v3_cache_extensions(cert, NULL, NULL)) |
bernd-edlinger
May 22, 2020
Member
I think that X509_digest should do this automatically.
I think that X509_digest should do this automatically.
for signing certificate V2 and signing certificate extensions. CAdES : lowercase name for now internal methods.
about the two new added methods and two new error codes.
[extended tests]
…ning certificate V2 and signing certificate extensions.
|
Travis builds are Green, except usual s390 "no space left" ... |
|
Good work! |
|
@slontis Can you please re-approve? |
|
Reapproved.. Thanks for your patience with this PR @FdaSilvaYY. |
|
This pull request is ready to merge. |
for signing certificate V2 and signing certificate extensions. CAdES: lowercase name for now internal methods. crypto/cms: generated file changes. Add some CHANGES entries. [extended tests] Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #8098)
|
Squashed and merged as 9e3c510. Thank you very much for the PR and your patience when waiting for the reviews and merge. |
|
Thanks for all your reviews and remarks. |
CAdES-BES Signature Validation feature following #7893.
The core validation code comes from PR #771. this PR mostly shared and reuse its code.
Checklist