add single-shot API for generating CMS Signed FirmwarePkgData

2018-10-09 10:23:47 -06:00
parent 2cc89936e3
commit cc05c46318
2 changed files with 26 additions and 6 deletions
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@ -1873,6 +1873,21 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
 }


+/* build PKCS#7 signedData content type with inner type set to FirmwarePkgData,
+   return size of generated bundle on success, negative upon error */
+int wc_PKCS7_EncodeSignedFirmwarePkgData(PKCS7* pkcs7, byte* output,
+                                         word32 outputSz)
+{
+    if (pkcs7 == NULL || output == NULL || outputSz == 0)
+        return BAD_FUNC_ARG;
+
+    /* force content type to FirmwarePkgData */
+    pkcs7->contentOID = FIRMWARE_PKG_DATA;
+
+    return wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
+}
+
+
 #ifndef NO_RSA

 /* returns size of signature put into out, negative on error */
--- a/wolfssl/wolfcrypt/pkcs7.h
+++ b/wolfssl/wolfcrypt/pkcs7.h
@ -263,16 +263,21 @@ WOLFSSL_API int  wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output,

 /* CMS/PKCS#7 SignedData */
 WOLFSSL_API int  wc_PKCS7_EncodeSignedData(PKCS7* pkcs7,
-                                       byte* output, word32 outputSz);
+                                          byte* output, word32 outputSz);
 WOLFSSL_API int  wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf, 
-    word32 hashSz, byte* outputHead, word32* outputHeadSz, byte* outputFoot, 
-    word32* outputFootSz);
+                                          word32 hashSz, byte* outputHead,
+                                          word32* outputHeadSz,
+                                          byte* outputFoot,
+                                          word32* outputFootSz);
+WOLFSSL_API int  wc_PKCS7_EncodeSignedFirmwarePkgData(PKCS7* pkcs7,
+                                          byte* output, word32 outputSz);
 WOLFSSL_API void wc_PKCS7_AllowDegenerate(PKCS7* pkcs7, word16 flag);
 WOLFSSL_API int  wc_PKCS7_VerifySignedData(PKCS7* pkcs7,
-                                       byte* pkiMsg, word32 pkiMsgSz);
+                                          byte* pkiMsg, word32 pkiMsgSz);
 WOLFSSL_API int  wc_PKCS7_VerifySignedData_ex(PKCS7* pkcs7, const byte* hashBuf, 
-    word32 hashSz, byte* pkiMsgHead, word32 pkiMsgHeadSz, byte* pkiMsgFoot, 
-    word32 pkiMsgFootSz);
+                                          word32 hashSz, byte* pkiMsgHead,
+                                          word32 pkiMsgHeadSz, byte* pkiMsgFoot,
+                                          word32 pkiMsgFootSz);

 /* EnvelopedData and AuthEnvelopedData RecipientInfo functions */
 WOLFSSL_API int  wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert,