38 const int startPos = stell( stream );
50 status = readBitStringHole( stream, &queryInfo->dataLength, 18 + 18,
54 queryInfo->dataStart = stell( stream ) -
startPos;
57 return( sSkip( stream, queryInfo->dataLength ) );
70 assert(
isReadPtr( signature, signatureLength ) );
77 writeBitStringHole( stream, signatureLength,
DEFAULT_TAG );
87 const int startPos = stell( stream );
100 status = readAlgoIDex( stream, &queryInfo->cryptAlgo,
101 &queryInfo->hashAlgo, &queryInfo->hashParam,
105 status = readBitStringHole( stream, &queryInfo->dataLength, 18 + 18,
110 queryInfo->dataStart = stell( stream ) -
startPos;
113 return( sSkip( stream, queryInfo->dataLength ) );
117 static
int writeX509Signature(
INOUT STREAM *stream,
126 assert(
isReadPtr( signature, signatureLength ) );
131 REQUIRES( signatureLength >= 40 && \
136 writeContextAlgoID( stream, iSignContext, hashAlgo );
137 writeBitStringHole( stream, signatureLength,
DEFAULT_TAG );
153 const int startPos = stell( stream );
165 status = getStreamObjectLength( stream, &length );
168 endPos = startPos +
length;
171 readSequence( stream, NULL );
181 status = getStreamObjectLength( stream, &length );
184 queryInfo->iAndSStart = stell( stream ) -
startPos;
185 queryInfo->iAndSLength =
length;
186 sSkip( stream, length );
192 if( peekTag( stream ) ==
MAKE_CTAG( 0 ) )
194 status = getStreamObjectLength( stream, &length );
197 queryInfo->attributeStart = stell( stream ) -
startPos;
198 queryInfo->attributeLength =
length;
199 status = sSkip( stream, length );
212 status = readAlgoID( stream, &queryInfo->cryptAlgo,
216 status = readOctetStringHole( stream, &queryInfo->dataLength,
221 queryInfo->dataStart = stell( stream ) -
startPos;
222 status = sSkip( stream, queryInfo->dataLength );
228 if( stell( stream ) < endPos && peekTag( stream ) ==
MAKE_CTAG( 1 ) )
230 status = getStreamObjectLength( stream, &length );
233 queryInfo->unauthAttributeStart = stell( stream ) -
startPos;
234 queryInfo->unauthAttributeLength =
length;
235 status = sSkip( stream, length );
244 static
int writeCmsSignature(
INOUT STREAM *stream,
253 assert(
isReadPtr( signature, signatureLength ) );
257 REQUIRES( signatureLength >= 40 && \
266 return( writeOctetString( stream, signature, signatureLength,
DEFAULT_TAG ) );
272 static
int readCryptlibSignature(
INOUT STREAM *stream,
275 const int startPos = stell( stream );
288 readSequence( stream, NULL );
296 readOctetStringTag( stream, queryInfo->keyID, &queryInfo->keyIDlength,
309 status = readOctetStringHole( stream, &queryInfo->dataLength,
314 queryInfo->dataStart = stell( stream ) -
startPos;
317 return( sSkip( stream, queryInfo->dataLength ) );
321 static
int writeCryptlibSignature(
INOUT STREAM *stream,
327 const BYTE *signature,
329 const int signatureLength )
333 const int signAlgoIdSize = \
339 assert(
isReadPtr( signature, signatureLength ) );
344 REQUIRES( signatureLength >= 40 && \
348 return( signAlgoIdSize );
350 return( hashAlgoIdSize );
355 &msgData, CRYPT_IATTRIBUTE_KEYID );
361 sizeofObject( msgData.
length ) + \
362 signAlgoIdSize + hashAlgoIdSize + \
363 sizeofObject( signatureLength ) );
368 writeAlgoID( stream, hashAlgo );
370 return( writeOctetString( stream, signature, signatureLength,
DEFAULT_TAG ) );
388 BYTE nameBuffer[ 32 + 8 ];
389 static const char FAR_BSS *nameString =
"issuerAndSerialNumber";
396 REQUIRES( startPos < stell( stream ) );
405 nameLength = readUint16( stream );
406 status = valueLength = readUint16( stream );
409 if( nameLength != 21 || valueLength < 16 || valueLength > 2048 )
410 return( sSkip( stream, nameLength + valueLength ) );
413 status = sread( stream, nameBuffer, nameLength );
416 if( !memcmp( nameBuffer, nameString, nameLength ) )
419 queryInfo->iAndSStart = stell( stream ) -
startPos;
422 return( sSkip( stream, valueLength ) );
432 static
int readSignatureSubpackets(
INOUT STREAM *stream,
436 const BOOLEAN isAuthenticated )
438 const int endPos = stell( stream ) +
length;
446 REQUIRES( startPos < stell( stream ) );
449 for( iterationCount = 0;
450 stell( stream ) < endPos && \
457 status = pgpReadShortLength( stream, &subpacketLength,
460 status = type = sgetc( stream );
482 if( queryInfo->keyIDlength <= 0 )
491 status = sSkip( stream, subpacketLength - 1 );
498 status = readTypeAndValue( stream, queryInfo, startPos );
504 status = sSkip( stream, subpacketLength - 1 );
510 ENSURES( iterationCount < FAILSAFE_ITERATIONS_MED );
537 status = getPgpPacketInfo( stream, queryInfo );
540 if( sgetc( stream ) != 3 )
546 status = sgetc( stream );
548 status = readPgpAlgo( stream, &queryInfo->hashAlgo,
551 status = readPgpAlgo( stream, &queryInfo->cryptAlgo,
592 REQUIRES( startPos < stell( stream ) );
595 status = value = sgetc( stream );
600 queryInfo->attributeStart = stell( stream ) -
startPos;
601 queryInfo->attributeLength = 5;
602 status = sSkip( stream, 5 );
611 status = readPgpAlgo( stream, &queryInfo->cryptAlgo,
614 status = readPgpAlgo( stream, &queryInfo->hashAlgo,
620 static
int readOpenPgpSigInfo(
INOUT STREAM *stream,
630 REQUIRES( startPos < stell( stream ) );
636 queryInfo->attributeStart = ( stell( stream ) - 1 ) - startPos;
639 status = sgetc( stream );
641 status = readPgpAlgo( stream, &queryInfo->cryptAlgo,
644 status = readPgpAlgo( stream, &queryInfo->hashAlgo,
650 status = length = readUint16( stream );
653 if( length < 0 || length > 2048 )
658 status = readSignatureSubpackets( stream, queryInfo, length,
665 queryInfo->unauthAttributeStart = stell( stream ) -
startPos;
666 status = length = readUint16( stream );
669 if( length < 0 || length > 2048 )
674 status = readSignatureSubpackets( stream, queryInfo, length,
687 const int startPos = stell( stream );
701 status = getPgpPacketInfo( stream, queryInfo );
704 status = value = sgetc( stream );
716 status = readPgp2SigInfo( stream, queryInfo, startPos );
718 status = readOpenPgpSigInfo( stream, queryInfo, startPos );
720 status = sSkip( stream, 2 );
738 status = readInteger16Ubits( stream, NULL, &queryInfo->dataLength,
742 queryInfo->dataStart = stell( stream ) - queryInfo->dataLength;
746 const int dataStartPos = stell( stream );
756 status = readInteger16Ubits( stream, NULL, &dummy, 16, 20 );
758 status = readInteger16Ubits( stream, NULL, &dummy, 16, 20 );
761 queryInfo->dataStart = dataStartPos -
startPos;
762 queryInfo->dataLength = stell( stream ) - dataStartPos;
769 static
int writePgpSignature(
INOUT STREAM *stream,
776 const int signatureLength )
779 assert(
isReadPtr( signature, signatureLength ) );
783 REQUIRES( signatureLength > ( 18 + 18 ) && \
794 return( swrite( stream, signature, signatureLength ) );
797 return( writeInteger16Ubits( stream, signature, signatureLength ) );
817 const int startPos = stell( stream );
830 readUint32( stream );
838 if( !memcmp( buffer,
"ssh-rsa", 7 ) )
842 if( !memcmp( buffer,
"ssh-dss", 7 ) )
855 if( memcmp( buffer,
"ecdsa-sha2-", 11 ) )
861 status = length = readUint32( stream );
864 switch( queryInfo->cryptAlgo )
872 if( length != ( 20 + 20 ) )
885 queryInfo->dataStart = stell( stream ) -
startPos;
886 queryInfo->dataLength =
length;
889 return( sSkip( stream, length ) );
893 static
int writeSshSignature(
INOUT STREAM *stream,
902 assert(
isReadPtr( signature, signatureLength ) );
907 REQUIRES( signatureLength >= ( 20 + 20 ) && \
928 algoName =
"ecdsa-sha2-nistp256";
933 algoName =
"ecdsa-sha2-nistp384";
938 algoName =
"ecdsa-sha2-nistp521";
948 writeString32( stream, algoName, algoNameLen );
949 return( writeString32( stream, signature, signatureLength ) );
957 "ssh-rsa" :
"ssh-dss", 7 );
958 return( writeString32( stream, signature, signatureLength ) );
971 const int startPos = stell( stream );
983 status = length = readUint16( stream );
987 length > CRYPT_MAX_PKCSIZE )
989 queryInfo->dataStart = stell( stream ) -
startPos;
990 queryInfo->dataLength =
length;
993 return( sSkip( stream, length ) );
997 static
int writeSslSignature(
INOUT STREAM *stream,
1004 const int signatureLength )
1007 assert(
isReadPtr( signature, signatureLength ) );
1010 REQUIRES( signatureLength > ( 18 + 18 ) && \
1013 writeUint16( stream, signatureLength );
1014 return( swrite( stream, signature, signatureLength ) );
1021 static
int readTls12Signature(
INOUT STREAM *stream,
1024 static const MAP_TABLE hashAlgoIDTbl[] = {
1030 static const MAP_TABLE sigAlgoIDTbl[] = {
1036 const int startPos = stell( stream );
1045 memset( queryInfo, 0,
sizeof(
QUERY_INFO ) );
1048 hashAlgoID = sgetc( stream );
1049 status = sigAlgoID = sgetc( stream );
1052 status = mapValue( hashAlgoID, &value, hashAlgoIDTbl,
1057 if( hashAlgoID == 5 )
1068 queryInfo->hashAlgo =
value;
1070 status = mapValue( sigAlgoID, &value, sigAlgoIDTbl,
1074 queryInfo->cryptAlgo =
value;
1077 status = length = readUint16( stream );
1081 length > CRYPT_MAX_PKCSIZE )
1083 queryInfo->dataStart = stell( stream ) -
startPos;
1084 queryInfo->dataLength =
length;
1087 return( sSkip( stream, length ) );
1091 static
int writeTls12Signature(
INOUT STREAM *stream,
1098 const int signatureLength )
1100 static const MAP_TABLE hashAlgoIDTbl[] = {
1106 static const MAP_TABLE sigAlgoIDTbl[] = {
1112 int hashAlgoID, sigAlgoID,
status;
1115 assert(
isReadPtr( signature, signatureLength ) );
1120 REQUIRES( signatureLength > ( 18 + 18 ) && \
1124 status = mapValue( hashAlgo, &hashAlgoID, hashAlgoIDTbl,
1131 status = mapValue( signAlgo, &sigAlgoID, sigAlgoIDTbl,
1134 sputc( stream, hashAlgoID );
1135 sputc( stream, sigAlgoID );
1138 writeUint16( stream, signatureLength );
1139 return( swrite( stream, signature, signatureLength ) );
1151 const READSIG_FUNCTION
function;
1173 const WRITESIG_FUNCTION
function;
1206 if( sigReadTable[ i ].type == sigType )
1207 return( sigReadTable[ i ].
function );
1226 if( sigWriteTable[ i ].type == sigType )
1227 return( sigWriteTable[ i ].
function );