41 if( envelopeInfoPtr->buffer == NULL || \
42 envelopeInfoPtr->
bufPos < 0 || \
50 if( envelopeInfoPtr->auxBuffer == NULL )
76 cryptAlgo < CRYPT_ALGO_LAST_EXTERNAL );
87 static
int getActionContext(
const ENVELOPE_INFO *envelopeInfoPtr,
98 switch( envelopeInfoPtr->
usage )
142 { NULL, 0 }, { NULL, 0 }
146 static
const BYTE *getContentOID(
IN_ENUM( CRYPT_CONTENT ) \
154 for( i = 0; contentOIDs[ i ].oid != NULL && \
157 if( contentOIDs[ i ].selectionID == contentType )
158 return( contentOIDs[ i ].
oid );
175 bytesCopied =
min( envelopeInfoPtr->bufSize - envelopeInfoPtr->bufPos,
176 envelopeInfoPtr->auxBufPos );
178 envelopeInfoPtr->bufPos + \
179 bytesCopied <= envelopeInfoPtr->
bufSize );
180 memcpy( envelopeInfoPtr->buffer + envelopeInfoPtr->bufPos,
181 envelopeInfoPtr->auxBuffer, bytesCopied );
190 envelopeInfoPtr->segmentDataEnd = envelopeInfoPtr->bufPos;
193 dataLeft = envelopeInfoPtr->auxBufPos -
bytesCopied;
197 envelopeInfoPtr->auxBufPos ) );
198 memmove( envelopeInfoPtr->auxBuffer, \
199 envelopeInfoPtr->auxBuffer + bytesCopied, dataLeft );
201 envelopeInfoPtr->auxBufPos = dataLeft;
213 static const BYTE indefEOC[ 16 ] = \
214 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
215 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
216 const int dataLeft = envelopeInfoPtr->bufSize - envelopeInfoPtr->bufPos;
217 const int eocLength = count *
sizeofEOC();
224 if( dataLeft < eocLength )
226 memcpy( envelopeInfoPtr->buffer + envelopeInfoPtr->bufPos, indefEOC,
228 envelopeInfoPtr->bufPos += eocLength;
247 const BYTE *contentOID = getContentOID( envelopeInfoPtr->
contentType );
250 int hashActionSize = 0, iterationCount,
status;
258 for( actionListPtr = envelopeInfoPtr->
actionList, iterationCount = 0;
260 actionListPtr = actionListPtr->
next, iterationCount++ )
262 const int actionSize = \
266 return( actionSize );
267 hashActionSize += actionSize;
278 dataSize = ( envelopeInfoPtr->
payloadSize > 0 ) ? \
279 sizeofObject( sizeofObject( envelopeInfoPtr->
payloadSize ) ) : 0;
280 dataSize = sizeofObject(
sizeofOID( contentOID ) + dataSize );
318 writeSet( stream, hashActionSize );
319 for( actionListPtr = envelopeInfoPtr->
actionList, iterationCount = 0;
321 actionListPtr = actionListPtr->
next, iterationCount++ )
323 status = writeContextAlgoID( stream, actionListPtr->
iCryptHandle,
331 return( writeCMSheader( stream, contentOID,
sizeofOID( contentOID ),
340 static
int getBlockedPayloadSize(
IN_LENGTH_INDEF const long payloadSize,
344 assert(
isWritePtr( blockedPayloadSize,
sizeof(
long ) ) );
351 *blockedPayloadSize = 0;
364 *blockedPayloadSize = payloadSize;
373 *blockedPayloadSize =
roundUp( payloadSize + 1, blockSize );
375 ENSURES( *blockedPayloadSize >= 8 && \
382 static
int writeEncryptedContentHeader(
INOUT STREAM *stream,
389 long blockedPayloadSize;
393 assert(
isReadPtr( contentOID, contentOIDlength ) );
401 status = getBlockedPayloadSize( payloadSize, blockSize,
402 &blockedPayloadSize );
405 return( writeCMSencrHeader( stream, contentOID, contentOIDlength,
406 blockedPayloadSize, iCryptContext ) );
412 static
int getEncryptedContentSize(
const ENVELOPE_INFO *envelopeInfoPtr,
423 assert(
isReadPtr( contentOID, contentOIDlength ) );
424 assert(
isWritePtr( blockedPayloadSize,
sizeof(
long ) ) );
425 assert(
isWritePtr( encrContentInfoSize,
sizeof(
long ) ) );
431 *blockedPayloadSize = *encrContentInfoSize = 0;
434 status = getBlockedPayloadSize( envelopeInfoPtr->
payloadSize,
436 blockedPayloadSize );
441 status = getActionContext( envelopeInfoPtr, &iCryptContext );
444 length = sizeofCMSencrHeader( contentOID, contentOIDlength,
445 *blockedPayloadSize, iCryptContext );
447 return( (
int ) length );
448 *encrContentInfoSize =
length;
454 static
int writeEncryptionHeader(
INOUT STREAM *stream,
472 ( blockedPayloadSize >= 8 && \
477 status = writeCMSheader( stream, oid, oidLength,
486 return( writeShortInteger( stream, version,
DEFAULT_TAG ) );
490 static
int writeEncryptedDataHeader(
INOUT STREAM *stream,
493 const BYTE *contentOID = getContentOID( envelopeInfoPtr->
contentType );
494 long blockedPayloadSize, encrContentInfoSize;
504 status = getEncryptedContentSize( envelopeInfoPtr, contentOID,
507 &encrContentInfoSize );
515 blockedPayloadSize, encrContentInfoSize );
518 return( writeEncryptedContentHeader( stream, contentOID,
524 static
int writeEnvelopedDataHeader(
INOUT STREAM *stream,
527 const BYTE *contentOID = getContentOID( envelopeInfoPtr->
contentType );
528 long blockedPayloadSize, encrContentInfoSize;
538 status = getEncryptedContentSize( envelopeInfoPtr, contentOID,
541 &encrContentInfoSize );
556 encrContentInfoSize );
568 static
int writeAuthenticatedDataHeader(
INOUT STREAM *stream,
571 const BYTE *contentOID = getContentOID( envelopeInfoPtr->
contentType );
572 const int macActionSize = \
583 return( macActionSize );
596 int macSize, contentInfoSize;
605 contentInfoSize = sizeofObject( \
607 contentInfoSize = sizeofObject(
sizeofOID( contentOID ) + \
608 contentInfoSize ) - \
609 envelopeInfoPtr->payloadSize;
620 macActionSize + contentInfoSize + \
621 sizeofObject( macSize ) );
643 REQUIRES( attribute == CRYPT_IATTRIBUTE_ENCPARAMS || \
644 attribute == CRYPT_IATTRIBUTE_MACPARAMS );
649 if( attribute == CRYPT_IATTRIBUTE_ENCPARAMS )
650 status = writeCryptContextAlgoID( &stream, iCryptContext );
652 status = writeContextAlgoID( &stream, iCryptContext,
655 algorithmParamDataSize = stell( &stream );
656 sMemDisconnect( &stream );
662 setMessageData( &msgData, algorithmParamData, algorithmParamDataSize );
664 &msgData, attribute ) );
668 static
int writeAuthEncDataHeader(
INOUT STREAM *stream,
673 const BYTE *contentOID = getContentOID( envelopeInfoPtr->
contentType );
674 long blockedPayloadSize, encrContentInfoSize;
693 status = setAlgoParams( iGenericSecret, actionListPtr->
iCryptHandle,
694 CRYPT_IATTRIBUTE_ENCPARAMS );
699 status = setAlgoParams( iGenericSecret, actionListPtr->
iCryptHandle,
700 CRYPT_IATTRIBUTE_MACPARAMS );
706 status = getEncryptedContentSize( envelopeInfoPtr, contentOID,
709 &encrContentInfoSize );
734 encrContentInfoSize + \
735 sizeofObject( macSize ) );
747 static
int writeCompressedDataHeader(
INOUT STREAM *stream,
750 const BYTE *contentOID = getContentOID( envelopeInfoPtr->contentType );
772 return( writeCMSheader( stream, contentOID,
sizeofOID( contentOID ),
796 findAction( envelopeInfoPtr->actionList,
ACTION_CRYPT );
799 status = initEnvelopeEncryption( envelopeInfoPtr,
812 sMemOpen( &stream, envelopeInfoPtr->buffer, envelopeInfoPtr->
bufSize );
813 switch( envelopeInfoPtr->usage )
821 status = writeAuthEncDataHeader( &stream,
827 if( envelopeInfoPtr->preActionList == NULL )
828 status = writeEncryptedDataHeader( &stream,
831 status = writeEnvelopedDataHeader( &stream,
836 status = writeSignedDataHeader( &stream, envelopeInfoPtr,
TRUE );
840 status = writeSignedDataHeader( &stream, envelopeInfoPtr,
FALSE );
844 status = writeCompressedDataHeader( &stream, envelopeInfoPtr );
849 const BYTE *contentOID = \
850 getContentOID( envelopeInfoPtr->contentType );
854 status = writeCMSheader( &stream, contentOID,
856 envelopeInfoPtr->payloadSize,
FALSE );
861 status = writeAuthenticatedDataHeader( &stream, envelopeInfoPtr );
868 envelopeInfoPtr->bufPos = stell( &stream );
869 sMemDisconnect( &stream );
876 envelopeInfoPtr->preActionList == NULL )
882 envelopeInfoPtr->blockSizeMask = -1;
883 envelopeInfoPtr->lastAction = NULL;
888 envelopeInfoPtr->lastAction =
findAction( envelopeInfoPtr->preActionList,
890 if( envelopeInfoPtr->lastAction == NULL )
891 envelopeInfoPtr->lastAction =
findAction( envelopeInfoPtr->preActionList,
893 ENSURES( envelopeInfoPtr->lastAction != NULL );
905 int iterationCount, status =
CRYPT_OK;
911 status = getActionContext( envelopeInfoPtr, &iCryptContext );
918 for( actionListPtr = envelopeInfoPtr->lastAction, iterationCount = 0;
920 actionListPtr = actionListPtr->
next, iterationCount++ )
925 const int dataLeft =
min( envelopeInfoPtr->bufSize - \
926 envelopeInfoPtr->bufPos,
941 status = iCryptExportKey( envelopeInfoPtr->buffer + \
942 envelopeInfoPtr->bufPos, dataLeft,
943 &keyexSize, formatType, iCryptContext,
947 envelopeInfoPtr->bufPos += keyexSize;
957 return( writeEOCs( envelopeInfoPtr, 1 ) );
978 void *certChainBufPtr;
979 const int dataLeft =
min( envelopeInfoPtr->bufSize - \
980 envelopeInfoPtr->bufPos,
982 const int eocSize = ( envelopeInfoPtr->payloadSize ==
CRYPT_UNUSED ) ? \
992 if( envelopeInfoPtr->extraDataSize + 64 < dataLeft )
995 certChainBufPtr = envelopeInfoPtr->buffer + \
996 envelopeInfoPtr->bufPos + eocSize;
997 certChainBufSize = dataLeft - eocSize;
1005 if( dataLeft < 1024 )
1011 REQUIRES( envelopeInfoPtr->auxBuffer == NULL );
1012 if( ( envelopeInfoPtr->auxBuffer = \
1014 envelopeInfoPtr->extraDataSize + 64 ) ) == NULL )
1016 certChainBufPtr = envelopeInfoPtr->auxBuffer;
1017 certChainBufSize = envelopeInfoPtr->auxBufSize = \
1018 envelopeInfoPtr->extraDataSize + 64;
1025 status = writeEOCs( envelopeInfoPtr, 3 );
1029 envelopeInfoPtr->lastAction = envelopeInfoPtr->postActionList;
1034 sMemOpen( &stream, certChainBufPtr, certChainBufSize );
1039 status = exportCertToStream( &stream,
1040 ( envelopeInfoPtr->iExtraCertChain !=
CRYPT_ERROR ) ? \
1041 envelopeInfoPtr->iExtraCertChain : \
1042 envelopeInfoPtr->lastAction->iCryptHandle,
1043 CRYPT_ICERTFORMAT_CERTSET );
1046 sMemDisconnect( &stream );
1053 status = writeSet( &stream, envelopeInfoPtr->signActionSize );
1055 certChainSize = stell( &stream );
1056 sMemDisconnect( &stream );
1065 if( envelopeInfoPtr->auxBufSize > 0 )
1067 envelopeInfoPtr->auxBufPos = certChainSize;
1068 status = copyFromAuxBuffer( envelopeInfoPtr );
1077 envelopeInfoPtr->bufPos += certChainSize;
1078 envelopeInfoPtr->segmentDataEnd = envelopeInfoPtr->bufPos;
1089 int iterationCount, status =
CRYPT_OK;
1094 for( actionListPtr = envelopeInfoPtr->lastAction, iterationCount = 0;
1096 actionListPtr = actionListPtr->
next, iterationCount++ )
1099 const int sigBufSize =
min( envelopeInfoPtr->bufSize - \
1100 envelopeInfoPtr->bufPos, \
1111 if( actionListPtr->
encodedSize + 64 > sigBufSize )
1119 status = cmsInitSigParams( actionListPtr, envelopeInfoPtr->type,
1120 envelopeInfoPtr->ownerHandle,
1127 status = iCryptCreateSignature( envelopeInfoPtr->buffer + \
1128 envelopeInfoPtr->bufPos, sigBufSize,
1129 &sigSize, envelopeInfoPtr->type,
1133 NULL : &sigParams );
1136 envelopeInfoPtr->bufPos += sigSize;
1154 "Couldn't emit signature to envelope trailer" ) );
1156 if( iterationCount <= 0 )
1160 "Couldn't emit signature to envelope trailer" ) );
1164 "Couldn't emit signature #%d to envelope trailer",
1165 iterationCount + 1 ) );
1177 findAction( envelopeInfoPtr->actionList,
ACTION_MAC );
1181 const int eocSize = ( envelopeInfoPtr->payloadSize ==
CRYPT_UNUSED ) ? \
1183 const int dataLeft =
min( envelopeInfoPtr->bufSize - \
1184 envelopeInfoPtr->bufPos, 512 );
1199 status = writeEOCs( envelopeInfoPtr, 3 );
1211 sMemOpen( &stream, envelopeInfoPtr->buffer + envelopeInfoPtr->
bufPos,
1215 length = stell( &stream );
1216 sMemDisconnect( &stream );
1219 envelopeInfoPtr->bufPos +=
length;
1239 REQUIRES( sanityCheck( envelopeInfoPtr ) );
1257 envelopeInfoPtr->segmentSize = envelopeInfoPtr->payloadSize;
1264 status = cmsPreEnvelopeEncrypt( envelopeInfoPtr );
1268 status = cmsPreEnvelopeSign( envelopeInfoPtr );
1274 "Couldn't perform final %s initialisation prior to "
1277 "signing" :
"encryption" ) );
1283 status = deleteUnusedActions( envelopeInfoPtr );
1294 ENSURES( checkActions( envelopeInfoPtr ) );
1304 status = writeEnvelopeHeader( envelopeInfoPtr );
1311 ENSURES( sanityCheck( envelopeInfoPtr ) );
1318 "Couldn't create envelope header" ) );
1328 status = writeKeyex( envelopeInfoPtr );
1333 "Couldn't emit key exchange actions to envelope "
1345 const BYTE *contentOID = getContentOID( envelopeInfoPtr->contentType );
1346 const int originalBufPos = envelopeInfoPtr->bufPos;
1347 const int dataLeft =
min( envelopeInfoPtr->bufSize - \
1348 envelopeInfoPtr->bufPos, \
1357 if( dataLeft < 256 )
1361 sMemOpen( &stream, envelopeInfoPtr->buffer + envelopeInfoPtr->
bufPos,
1367 status = writeContextAlgoID( &stream,
1368 envelopeInfoPtr->actionList->iCryptHandle,
1372 status = writeCMSheader( &stream, contentOID,
1374 envelopeInfoPtr->payloadSize,
1383 status = getActionContext( envelopeInfoPtr, &iCryptContext );
1386 status = writeEncryptedContentHeader( &stream, contentOID,
1388 envelopeInfoPtr->payloadSize,
1389 envelopeInfoPtr->blockSize );
1392 envelopeInfoPtr->bufPos += stell( &stream );
1393 sMemDisconnect( &stream );
1398 findAction( envelopeInfoPtr->actionList,
ACTION_MAC );
1411 sMemConnect( &stream, envelopeInfoPtr->buffer + originalBufPos,
1412 envelopeInfoPtr->
bufPos - originalBufPos );
1413 readLongSequence( &stream, NULL );
1414 status = readUniversal( &stream );
1416 status = getStreamObjectLength( &stream, &macDataLength );
1419 status = sMemGetDataBlock( &stream, (
void ** ) &macData,
1429 sMemDisconnect( &stream );
1435 "Couldn't emit encrypted content header to envelope "
1449 ENSURES( sanityCheck( envelopeInfoPtr ) );
1464 REQUIRES( sanityCheck( envelopeInfoPtr ) );
1470 status = envelopeInfoPtr->copyToEnvelopeFunction( envelopeInfoPtr,
1476 "Couldn't flush remaining data into envelope "
1479 envelopeInfoPtr->envState = \
1503 status = writeEOCs( envelopeInfoPtr, 3 + \
1504 ( ( envelopeInfoPtr->usage == \
1512 status = writeEOCs( envelopeInfoPtr, 3 );
1518 "Couldn't emit final EOC octets" ) );
1525 envelopeInfoPtr->segmentDataEnd = envelopeInfoPtr->bufPos;
1528 ENSURES( sanityCheck( envelopeInfoPtr ) );
1535 if( envelopeInfoPtr->auxBufPos > 0 )
1537 status = copyFromAuxBuffer( envelopeInfoPtr );
1542 "Couldn't flush remaining signature data into "
1543 "envelope buffer" ) );
1550 status = writeCertchainTrailer( envelopeInfoPtr );
1555 "Couldn't emit certificate chain to envelope "
1579 status = writeSignatures( envelopeInfoPtr );
1585 status = writeMAC( envelopeInfoPtr );
1590 "Couldn't emit MAC to envelope trailer" ) );
1600 status = writeEOCs( envelopeInfoPtr,
1601 3 + ( ( envelopeInfoPtr->dataFlags & \
1608 "Couldn't emit final EOC octets" ) );
1615 envelopeInfoPtr->segmentDataEnd = envelopeInfoPtr->bufPos;
1618 ENSURES( sanityCheck( envelopeInfoPtr ) );
1639 envelopeInfoPtr->processPreambleFunction = emitPreamble;
1640 envelopeInfoPtr->processPostambleFunction = emitPostamble;
1659 envelopeInfoPtr->defaultHash =
algorithm;
1668 envelopeInfoPtr->defaultAlgo =
algorithm;
1676 envelopeInfoPtr->defaultMAC =
algorithm;