1 /* sign.c - Sign a message
2 * Copyright (C) 2001, 2002, 2003, 2008 Free Software Foundation, Inc.
4 * This file is part of GnuPG.
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
38 hash_data (int fd
, gcry_md_hd_t md
)
44 fp
= fdopen ( dup (fd
), "rb");
47 log_error ("fdopen(%d) failed: %s\n", fd
, strerror (errno
));
53 nread
= fread (buffer
, 1, DIM(buffer
), fp
);
54 gcry_md_write (md
, buffer
, nread
);
58 log_error ("read error on fd %d: %s\n", fd
, strerror (errno
));
63 hash_and_copy_data (int fd
, gcry_md_hd_t md
, ksba_writer_t writer
)
72 fp
= fdopen ( dup (fd
), "rb");
75 gpg_error_t tmperr
= gpg_error (gpg_err_code_from_errno (errno
));
76 log_error ("fdopen(%d) failed: %s\n", fd
, strerror (errno
));
82 nread
= fread (buffer
, 1, DIM(buffer
), fp
);
86 gcry_md_write (md
, buffer
, nread
);
87 err
= ksba_writer_write_octet_string (writer
, buffer
, nread
, 0);
90 log_error ("write failed: %s\n", gpg_strerror (err
));
98 rc
= gpg_error (gpg_err_code_from_errno (errno
));
99 log_error ("read error on fd %d: %s\n", fd
, strerror (errno
));
104 /* We can't allow to sign an empty message because it does not
105 make much sense and more seriously, ksba-cms_build has
106 already written the tag for data and now expects an octet
107 string but an octet string of zeize 0 is illegal. */
108 log_error ("cannot sign an empty message\n");
109 rc
= gpg_error (GPG_ERR_NO_DATA
);
113 err
= ksba_writer_write_octet_string (writer
, NULL
, 0, 1);
116 log_error ("write failed: %s\n", gpg_strerror (err
));
125 /* Get the default certificate which is defined as the first
126 certificate capable of signing returned by the keyDB and has a
127 secret key available. */
129 gpgsm_get_default_cert (ctrl_t ctrl
, ksba_cert_t
*r_cert
)
132 ksba_cert_t cert
= NULL
;
138 return gpg_error (GPG_ERR_GENERAL
);
139 rc
= keydb_search_first (hd
);
148 rc
= keydb_get_cert (hd
, &cert
);
151 log_error ("keydb_get_cert failed: %s\n", gpg_strerror (rc
));
156 if (!gpgsm_cert_use_sign_p (cert
))
158 p
= gpgsm_get_keygrip_hexstring (cert
);
161 if (!gpgsm_agent_havekey (ctrl
, p
))
166 return 0; /* got it */
172 ksba_cert_release (cert
);
175 while (!(rc
= keydb_search_next (hd
)));
177 log_error ("keydb_search_next failed: %s\n", gpg_strerror (rc
));
179 ksba_cert_release (cert
);
186 get_default_signer (ctrl_t ctrl
)
188 KEYDB_SEARCH_DESC desc
;
189 ksba_cert_t cert
= NULL
;
190 KEYDB_HANDLE kh
= NULL
;
195 rc
= gpgsm_get_default_cert (ctrl
, &cert
);
199 log_debug ("failed to find default certificate: %s\n",
206 rc
= keydb_classify_name (opt
.local_user
, &desc
);
209 log_error ("failed to find default signer: %s\n", gpg_strerror (rc
));
217 rc
= keydb_search (kh
, &desc
, 1);
220 log_debug ("failed to find default certificate: rc=%d\n", rc
);
224 rc
= keydb_get_cert (kh
, &cert
);
227 log_debug ("failed to get cert: rc=%d\n", rc
);
235 /* Depending on the options in CTRL add the certificate CERT as well as
236 other certificate up in the chain to the Root-CA to the CMS
239 add_certificate_list (ctrl_t ctrl
, ksba_cms_t cms
, ksba_cert_t cert
)
243 ksba_cert_t next
= NULL
;
247 ksba_cert_ref (cert
);
249 n
= ctrl
->include_certs
;
250 log_debug ("adding certificates at level %d\n", n
);
257 n
= 50; /* We better apply an upper bound */
259 /* First add my own certificate unless we don't want any certificate
263 if (not_root
&& gpgsm_is_root_cert (cert
))
266 err
= ksba_cms_add_cert (cms
, cert
);
272 /* Walk the chain to include all other certificates. Note that a -1
273 used for N makes sure that there is no limit and all certs get
275 while ( n
-- && !(rc
= gpgsm_walk_cert_chain (ctrl
, cert
, &next
)) )
277 if (not_root
&& gpgsm_is_root_cert (next
))
280 err
= ksba_cms_add_cert (cms
, next
);
281 ksba_cert_release (cert
);
282 cert
= next
; next
= NULL
;
286 ksba_cert_release (cert
);
288 return rc
== -1? 0: rc
;
291 ksba_cert_release (cert
);
292 log_error ("ksba_cms_add_cert failed: %s\n", gpg_strerror (err
));
299 /* Perform a sign operation.
301 Sign the data received on DATA-FD in embedded mode or in detached
302 mode when DETACHED is true. Write the signature to OUT_FP. The
303 keys used to sign are taken from SIGNERLIST or the default one will
304 be used if the value of this argument is NULL. */
306 gpgsm_sign (ctrl_t ctrl
, certlist_t signerlist
,
307 int data_fd
, int detached
, FILE *out_fp
)
311 Base64Context b64writer
= NULL
;
312 ksba_writer_t writer
;
313 ksba_cms_t cms
= NULL
;
314 ksba_stop_reason_t stopreason
;
315 KEYDB_HANDLE kh
= NULL
;
316 gcry_md_hd_t data_md
= NULL
;
320 ksba_isotime_t signed_at
;
322 int release_signerlist
= 0;
327 log_error (_("failed to allocated keyDB handle\n"));
328 rc
= gpg_error (GPG_ERR_GENERAL
);
332 ctrl
->pem_name
= "SIGNED MESSAGE";
333 rc
= gpgsm_create_writer (&b64writer
, ctrl
, out_fp
, NULL
, &writer
);
336 log_error ("can't create writer: %s\n", gpg_strerror (rc
));
340 err
= ksba_cms_new (&cms
);
347 err
= ksba_cms_set_reader_writer (cms
, NULL
, writer
);
350 log_debug ("ksba_cms_set_reader_writer failed: %s\n",
356 /* We are going to create signed data with data as encap. content */
357 err
= ksba_cms_set_content_type (cms
, 0, KSBA_CT_SIGNED_DATA
);
359 err
= ksba_cms_set_content_type (cms
, 1, KSBA_CT_DATA
);
362 log_debug ("ksba_cms_set_content_type failed: %s\n",
368 /* If no list of signers is given, use the default certificate. */
371 ksba_cert_t cert
= get_default_signer (ctrl
);
374 log_error ("no default signer found\n");
375 rc
= gpg_error (GPG_ERR_GENERAL
);
379 /* Although we don't check for ambigious specification we will
380 check that the signer's certificate is usable and valid. */
381 rc
= gpgsm_cert_use_sign_p (cert
);
383 rc
= gpgsm_validate_chain (ctrl
, cert
, "", NULL
, 0, NULL
, 0, NULL
);
387 /* That one is fine - create signerlist. */
388 signerlist
= xtrycalloc (1, sizeof *signerlist
);
392 ksba_cert_release (cert
);
395 signerlist
->cert
= cert
;
396 release_signerlist
= 1;
399 /* Figure out the hash algorithm to use. We do not want to use the
400 one for the certificate but if possible an OID for the plain
402 if (opt
.forced_digest_algo
&& opt
.verbose
)
403 log_info ("user requested hash algorithm %d\n", opt
.forced_digest_algo
);
404 for (i
=0, cl
=signerlist
; cl
; cl
= cl
->next
, i
++)
406 const char *oid
= ksba_cert_get_digest_algo (cl
->cert
);
408 if (opt
.forced_digest_algo
)
411 cl
->hash_algo
= opt
.forced_digest_algo
;
415 oid
= ksba_cert_get_digest_algo (cl
->cert
);
416 cl
->hash_algo
= oid
? gcry_md_map_name (oid
) : 0;
418 switch (cl
->hash_algo
)
420 case GCRY_MD_SHA1
: oid
= "1.3.14.3.2.26"; break;
421 case GCRY_MD_RMD160
: oid
= "1.3.36.3.2.1"; break;
422 case GCRY_MD_SHA224
: oid
= "2.16.840.1.101.3.4.2.4"; break;
423 case GCRY_MD_SHA256
: oid
= "2.16.840.1.101.3.4.2.1"; break;
424 case GCRY_MD_SHA384
: oid
= "2.16.840.1.101.3.4.2.2"; break;
425 case GCRY_MD_SHA512
: oid
= "2.16.840.1.101.3.4.2.3"; break;
426 /* case GCRY_MD_WHIRLPOOL: oid = "No OID yet"; break; */
428 case GCRY_MD_MD5
: /* We don't want to use MD5. */
429 case 0: /* No algorithm found in cert. */
430 default: /* Other algorithms. */
431 log_info (_("hash algorithm %d (%s) for signer %d not supported;"
433 cl
->hash_algo
, oid
? oid
: "?", i
,
434 gcry_md_algo_name (GCRY_MD_SHA1
));
435 cl
->hash_algo
= GCRY_MD_SHA1
;
436 oid
= "1.3.14.3.2.26";
439 cl
->hash_algo_oid
= oid
;
444 for (i
=0, cl
=signerlist
; cl
; cl
= cl
->next
, i
++)
445 log_info (_("hash algorithm used for signer %d: %s (%s)\n"),
446 i
, gcry_md_algo_name (cl
->hash_algo
), cl
->hash_algo_oid
);
450 /* Gather certificates of signers and store them in the CMS object. */
451 for (cl
=signerlist
; cl
; cl
= cl
->next
)
453 rc
= gpgsm_cert_use_sign_p (cl
->cert
);
457 err
= ksba_cms_add_signer (cms
, cl
->cert
);
460 log_error ("ksba_cms_add_signer failed: %s\n", gpg_strerror (err
));
464 rc
= add_certificate_list (ctrl
, cms
, cl
->cert
);
467 log_error ("failed to store list of certificates: %s\n",
471 /* Set the hash algorithm we are going to use */
472 err
= ksba_cms_add_digest_algo (cms
, cl
->hash_algo_oid
);
475 log_debug ("ksba_cms_add_digest_algo failed: %s\n",
483 /* Check whether one of the certificates is qualified. Note that we
484 already validated the certificate and thus the user data stored
485 flag must be available. */
486 for (cl
=signerlist
; cl
; cl
= cl
->next
)
491 err
= ksba_cert_get_user_data (cl
->cert
, "is_qualified",
492 &buffer
, sizeof (buffer
), &buflen
);
495 log_error (_("checking for qualified certificate failed: %s\n"),
501 err
= gpgsm_qualified_consent (ctrl
, cl
->cert
);
503 err
= gpgsm_not_qualified_warning (ctrl
, cl
->cert
);
511 /* Prepare hashing (actually we are figuring out what we have set
513 rc
= gcry_md_open (&data_md
, 0, 0);
516 log_error ("md_open failed: %s\n", gpg_strerror (rc
));
520 gcry_md_start_debug (data_md
, "sign.data");
522 for (i
=0; (algoid
=ksba_cms_get_digest_algo_list (cms
, i
)); i
++)
524 algo
= gcry_md_map_name (algoid
);
527 log_error ("unknown hash algorithm `%s'\n", algoid
? algoid
:"?");
528 rc
= gpg_error (GPG_ERR_BUG
);
531 gcry_md_enable (data_md
, algo
);
535 { /* We hash the data right now so that we can store the message
536 digest. ksba_cms_build() takes this as an flag that detached
538 unsigned char *digest
;
541 hash_data (data_fd
, data_md
);
542 for (cl
=signerlist
,signer
=0; cl
; cl
= cl
->next
, signer
++)
544 digest
= gcry_md_read (data_md
, cl
->hash_algo
);
545 digest_len
= gcry_md_get_algo_dlen (cl
->hash_algo
);
546 if ( !digest
|| !digest_len
)
548 log_error ("problem getting the hash of the data\n");
549 rc
= gpg_error (GPG_ERR_BUG
);
552 err
= ksba_cms_set_message_digest (cms
, signer
, digest
, digest_len
);
555 log_error ("ksba_cms_set_message_digest failed: %s\n",
563 gnupg_get_isotime (signed_at
);
564 for (cl
=signerlist
,signer
=0; cl
; cl
= cl
->next
, signer
++)
566 err
= ksba_cms_set_signing_time (cms
, signer
, signed_at
);
569 log_error ("ksba_cms_set_signing_time failed: %s\n",
576 /* We need to write at least a minimal list of our capabilities to
577 try to convince some MUAs to use 3DES and not the crippled
583 err
= ksba_cms_add_smime_capability (cms
, "2.16.840.1.101.3.4.1.2", NULL
, 0);
585 err
= ksba_cms_add_smime_capability (cms
, "1.2.840.113549.3.7", NULL
, 0);
588 log_error ("ksba_cms_add_smime_capability failed: %s\n",
594 /* Main building loop. */
597 err
= ksba_cms_build (cms
, &stopreason
);
600 log_debug ("ksba_cms_build failed: %s\n", gpg_strerror (err
));
605 if (stopreason
== KSBA_SR_BEGIN_DATA
)
607 /* Hash the data and store the message digest. */
608 unsigned char *digest
;
613 rc
= hash_and_copy_data (data_fd
, data_md
, writer
);
616 for (cl
=signerlist
,signer
=0; cl
; cl
= cl
->next
, signer
++)
618 digest
= gcry_md_read (data_md
, cl
->hash_algo
);
619 digest_len
= gcry_md_get_algo_dlen (cl
->hash_algo
);
620 if ( !digest
|| !digest_len
)
622 log_error ("problem getting the hash of the data\n");
623 rc
= gpg_error (GPG_ERR_BUG
);
626 err
= ksba_cms_set_message_digest (cms
, signer
,
630 log_error ("ksba_cms_set_message_digest failed: %s\n",
637 else if (stopreason
== KSBA_SR_NEED_SIG
)
639 /* Compute the signature for all signers. */
642 rc
= gcry_md_open (&md
, 0, 0);
645 log_error ("md_open failed: %s\n", gpg_strerror (rc
));
649 gcry_md_start_debug (md
, "sign.attr");
650 ksba_cms_set_hash_function (cms
, HASH_FNC
, md
);
651 for (cl
=signerlist
,signer
=0; cl
; cl
= cl
->next
, signer
++)
653 unsigned char *sigval
= NULL
;
661 for (cl_tmp
=signerlist
; cl_tmp
; cl_tmp
= cl_tmp
->next
)
662 gcry_md_enable (md
, cl_tmp
->hash_algo
);
665 rc
= ksba_cms_hash_signed_attrs (cms
, signer
);
668 log_debug ("hashing signed attrs failed: %s\n",
674 rc
= gpgsm_create_cms_signature (ctrl
, cl
->cert
,
675 md
, cl
->hash_algo
, &sigval
);
682 err
= ksba_cms_set_sig_val (cms
, signer
, sigval
);
686 log_error ("failed to store the signature: %s\n",
693 /* write a status message */
694 fpr
= gpgsm_get_fingerprint_hexstring (cl
->cert
, GCRY_MD_SHA1
);
697 rc
= gpg_error (GPG_ERR_ENOMEM
);
702 int pkalgo
= gpgsm_get_key_algo_info (cl
->cert
, NULL
);
703 rc
= asprintf (&buf
, "%c %d %d 00 %s %s",
713 rc
= gpg_error (GPG_ERR_ENOMEM
);
718 gpgsm_status (ctrl
, STATUS_SIG_CREATED
, buf
);
719 free (buf
); /* yes, we must use the regular free() here */
725 while (stopreason
!= KSBA_SR_READY
);
727 rc
= gpgsm_finish_writer (b64writer
);
730 log_error ("write failed: %s\n", gpg_strerror (rc
));
734 log_info ("signature created\n");
739 log_error ("error creating signature: %s <%s>\n",
740 gpg_strerror (rc
), gpg_strsource (rc
) );
741 if (release_signerlist
)
742 gpgsm_release_certlist (signerlist
);
743 ksba_cms_release (cms
);
744 gpgsm_destroy_writer (b64writer
);
746 gcry_md_close (data_md
);