feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

store CMS detached variable when using streaming API

Browse Source
This commit is contained in:
Chris Conlon
2018-11-21 10:12:36 -08:00
parent e756c5ffc9
commit 09141d479e
1 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
wolfcrypt/src/pkcs7.c
View File

@ -102,6 +102,7 @@ struct PKCS7State {
#endif #endif
byte multi:1; /* flag for if content is in multiple parts */ byte multi:1; /* flag for if content is in multiple parts */
byte flagOne:1; byte flagOne:1;
byte detached:1; /* flag to indicate detached signature is present */
}; };
@ -177,6 +178,7 @@ static void wc_PKCS7_ResetStream(PKCS7* pkcs7)
pkcs7->stream->multi = 0; pkcs7->stream->multi = 0;
pkcs7->stream->flagOne = 0; pkcs7->stream->flagOne = 0;
pkcs7->stream->detached = 0;
pkcs7->stream->varOne = 0; pkcs7->stream->varOne = 0;
pkcs7->stream->varTwo = 0; pkcs7->stream->varTwo = 0;
pkcs7->stream->varThree = 0; pkcs7->stream->varThree = 0;
@ -3599,6 +3601,9 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
} }
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
/* save detached flag value */
pkcs7->stream->detached = detached;
/* save contentType */ /* save contentType */
pkcs7->stream->nonce = (byte*)XMALLOC(contentTypeSz, pkcs7->heap, pkcs7->stream->nonce = (byte*)XMALLOC(contentTypeSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS7); DYNAMIC_TYPE_PKCS7);
@ -3657,11 +3662,12 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
localIdx = 0; localIdx = 0;
} }
multiPart = pkcs7->stream->multi; multiPart = pkcs7->stream->multi;
detached = pkcs7->stream->detached;
#endif #endif
/* Break out before content because it can be optional in degenerate /* Break out before content because it can be optional in degenerate
* cases. */ * cases. */
if (ret != 0) if (ret != 0 && !detached)
break; break;
/* get parts of content */ /* get parts of content */
@ -3826,6 +3832,9 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
content = pkcs7->stream->content; content = pkcs7->stream->content;
contentSz = pkcs7->stream->contentSz; contentSz = pkcs7->stream->contentSz;
/* restore detached flag */
detached = pkcs7->stream->detached;
/* store certificate if needed */ /* store certificate if needed */
if (length > 0 && in2Sz == 0) { if (length > 0 && in2Sz == 0) {
/* free tmpCert if not NULL */ /* free tmpCert if not NULL */
@ -8959,7 +8968,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* in,
byte* pkiMsg = in; byte* pkiMsg = in;
word32 pkiMsgSz = inSz; word32 pkiMsgSz = inSz;
byte* decryptedKey = NULL; byte* decryptedKey = NULL;
int encryptedContentSz; int encryptedContentSz = 0;
byte padLen; byte padLen;
byte* encryptedContent = NULL; byte* encryptedContent = NULL;
int explicitOctet; int explicitOctet;
@ -9798,7 +9807,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in,
#else #else
byte decryptedKey[MAX_ENCRYPTED_KEY_SZ]; byte decryptedKey[MAX_ENCRYPTED_KEY_SZ];
#endif #endif
int encryptedContentSz; int encryptedContentSz = 0;
byte* encryptedContent = NULL; byte* encryptedContent = NULL;
int explicitOctet = 0; int explicitOctet = 0;
@ -10643,7 +10652,7 @@ static int wc_PKCS7_DecodeUnprotectedAttributes(PKCS7* pkcs7, byte* pkiMsg,
int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* in, word32 inSz, int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* in, word32 inSz,
byte* output, word32 outputSz) byte* output, word32 outputSz)
{ {
int ret = 0, version, length, haveAttribs = 0; int ret = 0, version, length = 0, haveAttribs = 0;
word32 idx = 0; word32 idx = 0;
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM