PKCS7 Decryption: more content decryption algorithms (#12088)

* pkcs7: added more content encryption algorithms * removed creation of AES 192 algorithm * remove AES 192 compat (historical relic) * minor correction
pyca · Dec 2, 2024 · ac8c300 · ac8c300
1 parent c2fdc9c
commit ac8c300
Show file tree

Hide file tree

Showing 5 changed files with 53 additions and 9 deletions.
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
@@ -877,8 +877,11 @@ Custom PKCS7 Test Vectors
   CA 2 and 3 generated by OpenSSL.
 * ``pkcs7/enveloped.pem`` - A PEM encoded PKCS7 file with enveloped data.
 * ``pkcs7/enveloped-aes-256-cbc.pem`` - A PEM encoded PKCS7 file with 
-  enveloped data, with content encrypted using AES-256-CBC, under the public key of
-  ``x509/custom/ca/rsa_ca.pem``. 
+  enveloped data, with content encrypted using AES-256-CBC, under the public 
+  key of ``x509/custom/ca/rsa_ca.pem``. 
+* ``pkcs7/enveloped-triple-des.pem`` - A PEM encoded PKCS7 file with 
+  enveloped data, with content encrypted using DES EDE3 CBC (also called 
+  Triple DES), under the public key of ``x509/custom/ca/rsa_ca.pem``. 
 * ``pkcs7/enveloped-rsa-oaep.pem``- A PEM encoded PKCS7 file with 
   enveloped data, with key encrypted using RSA-OAEP, under the public key of 
   ``x509/custom/ca/rsa_ca.pem``.

diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst
@@ -1363,7 +1363,7 @@ contain certificates, CRLs, and much more. PKCS7 files commonly have a ``p7b``,
         with another algorithm than RSA with PKCS1 v1.5 padding.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: If the content is encrypted with
-        another algorithm than AES-128-CBC.
+        another algorithm than AES (with key sizes 128 and 256), with CBC mode.
 
     :raises ValueError: If the PKCS7 data does not contain encrypted content.
 
@@ -1420,7 +1420,7 @@ contain certificates, CRLs, and much more. PKCS7 files commonly have a ``p7b``,
         with another algorithm than RSA with PKCS1 v1.5 padding.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: If the content is encrypted with
-        another algorithm than AES-128-CBC.
+        another algorithm than AES (with key sizes 128 and 256), with CBC mode.
 
     :raises ValueError: If the PKCS7 data does not contain encrypted content.
 
@@ -1478,7 +1478,7 @@ contain certificates, CRLs, and much more. PKCS7 files commonly have a ``p7b``,
         with another algorithm than RSA with PKCS1 v1.5 padding.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: If the content is encrypted with
-        another algorithm than AES-128-CBC.
+        another algorithm than AES (with key sizes 128 and 256), with CBC mode.
 
     :raises ValueError: If the PKCS7 data does not contain encrypted content.
 

diff --git a/src/rust/src/pkcs7.rs b/src/rust/src/pkcs7.rs
@@ -267,8 +267,10 @@ fn decrypt_der<'p>(
                 }
             };
 
-            // Get algorithm
-            // TODO: implement all the possible algorithms
+            // The function can decrypt content encrypted with AES-128-CBC, which the S/MIME v3.2
+            // RFC specifies as MUST support, and AES-256-CBC, which is specified as SHOULD+
+            // support. More info: https://datatracker.ietf.org/doc/html/rfc5751#section-2.7
+            // TODO: implement the possible algorithms from S/MIME 3.2 (and 4.0?)
             let algorithm_identifier = enveloped_data
                 .encrypted_content_info
                 .content_encryption_algorithm;
@@ -279,10 +281,16 @@ fn decrypt_der<'p>(
                         .get(py)?
                         .call1((pyo3::types::PyBytes::new(py, &iv),))?,
                 ),
+                AlgorithmParameters::Aes256Cbc(iv) => (
+                    types::AES256.get(py)?.call1((key,))?,
+                    types::CBC
+                        .get(py)?
+                        .call1((pyo3::types::PyBytes::new(py, &iv),))?,
+                ),
                 _ => {
                     return Err(CryptographyError::from(
                         exceptions::UnsupportedAlgorithm::new_err((
-                            "Only AES-128-CBC is currently supported for content decryption.",
+                            "Only AES (with key sizes 128 or 256) with CBC mode is currently supported for content decryption.",
                             exceptions::Reasons::UNSUPPORTED_SERIALIZATION,
                         )),
                     ));

diff --git a/tests/hazmat/primitives/test_pkcs7.py b/tests/hazmat/primitives/test_pkcs7.py
@@ -1148,6 +1148,23 @@ def test_pkcs7_decrypt_der(
         )
         assert decrypted == data.replace(b"\n", b"\r\n")
 
+    def test_pkcs7_decrypt_aes_256_cbc_encrypted_content(
+        self, backend, data, certificate, private_key
+    ):
+        # Loading encrypted content (for now, not possible natively)
+        enveloped = load_vectors_from_file(
+            os.path.join("pkcs7", "enveloped-aes-256-cbc.pem"),
+            loader=lambda pemfile: pemfile.read(),
+            mode="rb",
+        )
+
+        # Test decryption: new lines are canonicalized to '\r\n' when
+        # encryption has no Binary option
+        decrypted = pkcs7.pkcs7_decrypt_pem(
+            enveloped, certificate, private_key, []
+        )
+        assert decrypted == data.replace(b"\n", b"\r\n")
+
     @pytest.mark.parametrize(
         "header",
         [
@@ -1318,7 +1335,7 @@ def test_smime_decrypt_unsupported_content_encryption_algorithm(
         self, backend, data, certificate, private_key
     ):
         enveloped = load_vectors_from_file(
-            os.path.join("pkcs7", "enveloped-aes-256-cbc.pem"),
+            os.path.join("pkcs7", "enveloped-triple-des.pem"),
             loader=lambda pemfile: pemfile.read(),
             mode="rb",
         )

diff --git a/vectors/cryptography_vectors/pkcs7/enveloped-triple-des.pem b/vectors/cryptography_vectors/pkcs7/enveloped-triple-des.pem
@@ -0,0 +1,16 @@
+-----BEGIN PKCS7-----
+MIICkgYJKoZIhvcNAQcDoIICgzCCAn8CAQAxggJDMIICPwIBADAnMBoxGDAWBgNV
+BAMMD2NyeXB0b2dyYXBoeSBDQQIJAOcS06ClbtbJMA0GCSqGSIb3DQEBAQUABIIC
+AFCp88C3EJNc3WTTMaWqoKL/aBhrW/utkceKN89Vjmqk1gbdsbK/jZhuBlleSESj
+HrZ2wcfubY8UthsVLUfxMUvjSJh2WdZ99IwmPGOtvvPcEWN8mYXO+Q7wN3zyl0cu
+aVOZS0NpXm1y9bnbLt2RrohSrTlQ+zyDDPEYUOa1eNX7WOr7hUuVEVchraFHMX7O
+kKjWdbVolXvFeqXn3TuHSxRoRIWhhmLNpFUH3lFTUtmpmHHL5W0Qfld/kL0Cagar
+gMjSWWWPB0uyd7ufVbDAfGuQFzxWrUy3hQiLhWHxe3hV2vsXcpvBBieIwJKlb5G7
+GwbkdOV7wyqiRv8WUtWSwpn1finxypfGGeNfeYdU9M7WuWJ88govos9nIsP2bbyB
+hITtKZlZIYBTCimihy691v6QlbdQ79pENq6QWaZlXtcZW6K9Iqq+GY4P2Se6phow
+gnGSgR19NRr7rhe78qAJR1fMGDyPPSMSAAEWyrEMupMig23/iLSlZPt+fG58STOq
+3eHw2zNSWSwqbrA0ZUB+YtAh03dy6bWzSx8//Pu64DiJYFtkwR5J+Wzu1S3xZPiy
+DRLhlfYSzEGZVqd/8b459WU5t4VnyRL0kFSqMLiTl1Drowut7qypWcBoaRgq9j+D
+lZxCM5YYPeetGBWZb7zLNWH16h29t5yuoHDoLl1IJunbMDMGCSqGSIb3DQEHATAU
+BggqhkiG9w0DBwQI1ISrWpzpTc+AEBSqVJaeybYcyk7DnBT2pyE=
+-----END PKCS7-----