Added method to encode PKCS7 data type messages.

2025-08-01 03:34:39 +02:00 · 2014-01-13 10:58:01 -08:00
parent 3a984990c2
commit ef9cfc2172
2 changed files with 95 additions and 2 deletions
--- a/ctaocrypt/src/pkcs7.c
+++ b/ctaocrypt/src/pkcs7.c
@@ -55,7 +55,7 @@ CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output)
    byte ID_Length[MAX_LENGTH_SZ];

    switch (pkcs7TypeOID) {
-        case PKCS7:
+        case PKCS7_MSG:
            typeSz = sizeof(pkcs7);
            typeName = pkcs7;
            break;
@@ -122,6 +122,65 @@ int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, word32 dataSz,
    return 0;
 }

+
+int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz)
+{
+    XMEMSET(pkcs7, 0, sizeof(PKCS7));
+    pkcs7->singleCert = cert;
+    pkcs7->singleCertSz = certSz;
+
+    return 0;
+}
+
+
+int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    static const byte oid[] =
+        { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+                         0x07, 0x01 };
+    byte seq[MAX_SEQ_SZ];
+    byte octetStr[MAX_OCTET_STR_SZ];
+    word32 seqSz;
+    word32 octetStrSz;
+    int idx = 0;
+
+    octetStrSz = SetOctetString(pkcs7->contentSz, octetStr);
+    seqSz = SetSequence(pkcs7->contentSz + octetStrSz + sizeof(oid), seq);
+
+    if (outputSz < pkcs7->contentSz + octetStrSz + sizeof(oid) + seqSz)
+        return BUFFER_E;
+
+    XMEMCPY(output, seq, seqSz);
+    idx += seqSz;
+    XMEMCPY(output + idx, oid, sizeof(oid));
+    idx += sizeof(oid);
+    XMEMCPY(output + idx, octetStr, octetStrSz);
+    idx += octetStrSz;
+    XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz);
+    idx += pkcs7->contentSz;
+
+    return idx;
+}
+
+
+int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    (void)pkcs7;
+    (void)output;
+    (void)outputSz;
+    return 0;
+}
+
+
+int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    (void)pkcs7;
+    (void)output;
+    (void)outputSz;
+    return 0;
+}
+
+
 #else  /* HAVE_PKCS7 */


--- a/cyassl/ctaocrypt/pkcs7.h
+++ b/cyassl/ctaocrypt/pkcs7.h
@@ -36,7 +36,7 @@
 #endif

 enum PKCS7_TYPES {
-    PKCS7                     = 650,   /* 1.2.840.113549.1.7 */ 
+    PKCS7_MSG                 = 650,   /* 1.2.840.113549.1.7 */ 
    DATA                      = 651,   /* 1.2.840.113549.1.7.1 */
    SIGNED_DATA               = 652,   /* 1.2.840.113549.1.7.2 */
    ENVELOPED_DATA            = 653,   /* 1.2.840.113549.1.7.3 */
@@ -53,6 +53,33 @@ enum Pkcs7_Misc {
                           MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ
 };

+
+typedef struct PKCS7Attrib {
+    byte* oid;
+    word32 oidSz;
+    byte* value;
+    word32 valueSz;
+} PKCS7Attrib;
+
+
+typedef struct PKCS7 {
+    byte* content;
+    word32 contentSz;
+    int contentOID;
+
+    int hashOID;
+    int encryptOID;
+
+    byte* singleCert;
+    word32 singleCertSz;
+    byte* issuer;
+    word32 issuerSz;
+    
+    PKCS7Attrib** signedAttribs;
+    word32 signedAttribsSz; /* Number of attribs in list */
+} PKCS7;
+
+
 CYASSL_API int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data,
                             word32 dataSz, int cipher, byte* out,
                             word32* outSz, word32 flags);
@@ -64,6 +91,13 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
                                     byte* contentKeyEnc,
                                     int* keyEncSz, byte* out, word32 outSz);

+CYASSL_API int  PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
+CYASSL_API int  PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz);
+CYASSL_API int  PKCS7_EncodeSignedData(PKCS7* pkcs7,
+                                       byte* output, word32 outputSz);
+CYASSL_API int  PKCS7_EncodeEnvelopeData(PKCS7* pkcs7,
+                                         byte* output, word32 outputSz);
+
 #ifdef __cplusplus
    } /* extern "C" */
 #endif