From 264ce75041431b060f5ef2eb340523f881cdc97f Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 16 Jan 2014 16:17:17 -0800 Subject: [PATCH] 1. Split SetTagged into SetExplicit and SetImplicit. 2. Updated code using SetTagged to use new functions. --- ctaocrypt/src/asn.c | 12 ++++++++++-- ctaocrypt/src/pkcs7.c | 19 +++++++++---------- cyassl/ctaocrypt/asn.h | 3 ++- 3 files changed, 21 insertions(+), 13 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index a7d0bc45a..c76ee571e 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2279,9 +2279,17 @@ CYASSL_LOCAL word32 SetSet(word32 len, byte* output) return SetLength(len, output + 1) + 1; } -CYASSL_LOCAL word32 SetTagged(byte tag, word32 len, byte* output) +CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len, byte* output) { - output[0] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | tag; + + output[0] = ((tag == ASN_SEQUENCE || tag == ASN_SET) ? ASN_CONSTRUCTED : 0) + | ASN_CONTEXT_SPECIFIC | number; + return SetLength(len, output + 1) + 1; +} + +CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output) +{ + output[0] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | number; return SetLength(len, output + 1) + 1; } diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c index 2dc3bcd3c..5afa96138 100644 --- a/ctaocrypt/src/pkcs7.c +++ b/ctaocrypt/src/pkcs7.c @@ -30,7 +30,6 @@ #include #include #include -#include #ifndef min static INLINE word32 min(word32 a, word32 b) @@ -331,7 +330,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) } esd.innerOctetsSz = SetOctetString(pkcs7->contentSz, esd.innerOctets); - esd.innerContSeqSz = SetTagged(0, esd.innerOctetsSz + pkcs7->contentSz, + esd.innerContSeqSz = SetExplicit(0, esd.innerOctetsSz + pkcs7->contentSz, esd.innerContSeq); esd.contentInfoSeqSz = SetSequence(pkcs7->contentSz + esd.innerOctetsSz + innerOidSz + esd.innerContSeqSz, @@ -387,7 +386,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) return MEMORY_E; FlattenAttributes(flatSignedAttribs, esd.signedAttribs, esd.signedAttribsCount); - esd.signedAttribSetSz = SetTagged(0, esd.signedAttribsSz, + esd.signedAttribSetSz = SetImplicit(ASN_SET, 0, esd.signedAttribsSz, esd.signedAttribSet); } /* Calculate the final hash and encrypt it. */ @@ -437,7 +436,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) esd.signerInfoSetSz = SetSet(signerInfoSz, esd.signerInfoSet); signerInfoSz += esd.signerInfoSetSz; - esd.certsSetSz = SetTagged(0, pkcs7->singleCertSz, esd.certsSet); + esd.certsSetSz = SetImplicit(ASN_SET, 0, pkcs7->singleCertSz, esd.certsSet); esd.singleDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd.singleDigAlgoId, hashType, 0); @@ -453,7 +452,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) signerInfoSz; esd.innerSeqSz = SetSequence(totalSz, esd.innerSeq); totalSz += esd.innerSeqSz; - esd.outerContentSz = SetTagged(0, totalSz, esd.outerContent); + esd.outerContentSz = SetExplicit(0, totalSz, esd.outerContent); totalSz += esd.outerContentSz + outerOidSz; esd.outerSeqSz = SetSequence(totalSz, esd.outerSeq); totalSz += esd.outerSeqSz; @@ -769,7 +768,8 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) Des3_CbcEncrypt(&des3, encryptedContent, plain, desOutSz); } - encContentOctetSz = SetOctetString(desOutSz, encContentOctet); + encContentOctetSz = SetImplicit(ASN_OCTET_STRING, 0, + desOutSz, encContentOctet); encContentSeqSz = SetSequence(contentTypeSz + contentEncAlgoSz + encContentOctetSz + desOutSz, encContentSeq); @@ -783,8 +783,7 @@ int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz) totalSz += envDataSeqSz; /* outer content */ - outerContent[0] = (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0); - outerContentSz = 1 + SetLength(totalSz, outerContent + 1); + outerContentSz = SetExplicit(0, totalSz, outerContent); totalSz += outerContentTypeSz; totalSz += outerContentSz; @@ -1003,8 +1002,8 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) return ASN_PARSE_E; - /* read encryptedContent */ - if (pkiMsg[idx++] != ASN_OCTET_STRING) + /* read encryptedContent, cont[0] */ + if (pkiMsg[idx++] != (ASN_CONTEXT_SPECIFIC | 0)) return ASN_PARSE_E; if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) < 0) diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index e5c153295..90ba8c7a1 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -459,7 +459,8 @@ CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, CYASSL_LOCAL word32 SetLength(word32 length, byte* output); CYASSL_LOCAL word32 SetSequence(word32 len, byte* output); CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output); -CYASSL_LOCAL word32 SetTagged(byte tag, word32 len, byte* output); +CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output); +CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output); CYASSL_LOCAL word32 SetSet(word32 len, byte* output); CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz); CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);