mirror of https://github.com/wolfSSL/wolfssl.git
pkcs7.c: further smallstack refactor of PKCS7_EncodeSigned().
Daniel Pouzzner
parent
fb49d814c5
commit
7a4ec22953
|
|
@ -2327,17 +2327,17 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
byte* output2, word32* output2Sz)
|
byte* output2, word32* output2Sz)
|
||||||
{
|
{
|
||||||
/* contentType OID (1.2.840.113549.1.9.3) */
|
/* contentType OID (1.2.840.113549.1.9.3) */
|
||||||
const byte contentTypeOid[] =
|
static const byte contentTypeOid[] =
|
||||||
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01,
|
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01,
|
||||||
0x09, 0x03 };
|
0x09, 0x03 };
|
||||||
|
|
||||||
/* messageDigest OID (1.2.840.113549.1.9.4) */
|
/* messageDigest OID (1.2.840.113549.1.9.4) */
|
||||||
const byte messageDigestOid[] =
|
static const byte messageDigestOid[] =
|
||||||
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
|
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
|
||||||
0x09, 0x04 };
|
0x09, 0x04 };
|
||||||
|
|
||||||
/* signingTime OID () */
|
/* signingTime OID () */
|
||||||
byte signingTimeOid[] =
|
static const byte signingTimeOid[] =
|
||||||
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
|
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
|
||||||
0x09, 0x05};
|
0x09, 0x05};
|
||||||
|
|
||||||
|
|
@ -2351,7 +2351,11 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
byte* flatSignedAttribs = NULL;
|
byte* flatSignedAttribs = NULL;
|
||||||
word32 flatSignedAttribsSz = 0;
|
word32 flatSignedAttribsSz = 0;
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
|
byte *signedDataOid = NULL;
|
||||||
|
#else
|
||||||
byte signedDataOid[MAX_OID_SZ];
|
byte signedDataOid[MAX_OID_SZ];
|
||||||
|
#endif
|
||||||
word32 signedDataOidSz;
|
word32 signedDataOidSz;
|
||||||
|
|
||||||
byte signingTime[MAX_TIME_STRING_SZ];
|
byte signingTime[MAX_TIME_STRING_SZ];
|
||||||
|
|
@ -2362,11 +2366,18 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* verify the hash size matches */
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
|
signedDataOid = (byte *)XMALLOC(MAX_OID_SZ, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (signedDataOid == NULL) {
|
||||||
|
idx = MEMORY_E;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
esd = (ESD*)XMALLOC(sizeof(ESD), pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
esd = (ESD*)XMALLOC(sizeof(ESD), pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (esd == NULL)
|
if (esd == NULL) {
|
||||||
return MEMORY_E;
|
idx = MEMORY_E;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
XMEMSET(esd, 0, sizeof(ESD));
|
XMEMSET(esd, 0, sizeof(ESD));
|
||||||
|
|
@ -2383,21 +2394,17 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
ret = wc_SetContentType(pkcs7->contentOID, pkcs7->contentType,
|
ret = wc_SetContentType(pkcs7->contentOID, pkcs7->contentType,
|
||||||
sizeof(pkcs7->contentType));
|
sizeof(pkcs7->contentType));
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
idx = ret;
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
goto out;
|
||||||
#endif
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
pkcs7->contentTypeSz = ret;
|
pkcs7->contentTypeSz = ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* set signedData outer content type */
|
/* set signedData outer content type */
|
||||||
ret = wc_SetContentType(SIGNED_DATA, signedDataOid, sizeof(signedDataOid));
|
ret = wc_SetContentType(SIGNED_DATA, signedDataOid, MAX_OID_SZ);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
idx = ret;
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
goto out;
|
||||||
#endif
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
signedDataOidSz = ret;
|
signedDataOidSz = ret;
|
||||||
|
|
||||||
|
|
@ -2405,10 +2412,8 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
esd->hashType = wc_OidGetHash(pkcs7->hashOID);
|
esd->hashType = wc_OidGetHash(pkcs7->hashOID);
|
||||||
if (wc_HashGetDigestSize(esd->hashType) != (int)hashSz) {
|
if (wc_HashGetDigestSize(esd->hashType) != (int)hashSz) {
|
||||||
WOLFSSL_MSG("hashSz did not match hashOID");
|
WOLFSSL_MSG("hashSz did not match hashOID");
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
idx = BUFFER_E;
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
goto out;
|
||||||
#endif
|
|
||||||
return BUFFER_E;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* include hash */
|
/* include hash */
|
||||||
|
|
@ -2465,10 +2470,8 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
} else if (pkcs7->sidType == DEGENERATE_SID) {
|
} else if (pkcs7->sidType == DEGENERATE_SID) {
|
||||||
/* no signer info added */
|
/* no signer info added */
|
||||||
} else {
|
} else {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
idx = SKID_E;
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
goto out;
|
||||||
#endif
|
|
||||||
return SKID_E;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (pkcs7->sidType != DEGENERATE_SID) {
|
if (pkcs7->sidType != DEGENERATE_SID) {
|
||||||
|
|
@ -2481,10 +2484,8 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
ret = wc_PKCS7_SignedDataGetEncAlgoId(pkcs7, &digEncAlgoId,
|
ret = wc_PKCS7_SignedDataGetEncAlgoId(pkcs7, &digEncAlgoId,
|
||||||
&digEncAlgoType);
|
&digEncAlgoType);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
idx = ret;
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
goto out;
|
||||||
#endif
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
esd->digEncAlgoIdSz = SetAlgoID(digEncAlgoId, esd->digEncAlgoId,
|
esd->digEncAlgoIdSz = SetAlgoID(digEncAlgoId, esd->digEncAlgoId,
|
||||||
digEncAlgoType, 0);
|
digEncAlgoType, 0);
|
||||||
|
|
@ -2499,23 +2500,20 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
signingTimeOid, sizeof(signingTimeOid),
|
signingTimeOid, sizeof(signingTimeOid),
|
||||||
signingTime, sizeof(signingTime));
|
signingTime, sizeof(signingTime));
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
idx = ret;
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
goto out;
|
||||||
#endif
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (esd->signedAttribsSz > 0) {
|
if (esd->signedAttribsSz > 0) {
|
||||||
flatSignedAttribs = (byte*)XMALLOC(esd->signedAttribsSz, pkcs7->heap,
|
flatSignedAttribs = (byte*)XMALLOC(esd->signedAttribsSz, pkcs7->heap,
|
||||||
DYNAMIC_TYPE_PKCS7);
|
DYNAMIC_TYPE_PKCS7);
|
||||||
flatSignedAttribsSz = esd->signedAttribsSz;
|
|
||||||
if (flatSignedAttribs == NULL) {
|
if (flatSignedAttribs == NULL) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
idx = MEMORY_E;
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
goto out;
|
||||||
#endif
|
|
||||||
return MEMORY_E;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
flatSignedAttribsSz = esd->signedAttribsSz;
|
||||||
|
|
||||||
FlattenAttributes(pkcs7, flatSignedAttribs,
|
FlattenAttributes(pkcs7, flatSignedAttribs,
|
||||||
esd->signedAttribs, esd->signedAttribsCount);
|
esd->signedAttribs, esd->signedAttribsCount);
|
||||||
esd->signedAttribSetSz = SetImplicit(ASN_SET, 0, esd->signedAttribsSz,
|
esd->signedAttribSetSz = SetImplicit(ASN_SET, 0, esd->signedAttribsSz,
|
||||||
|
|
@ -2528,12 +2526,8 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
ret = wc_PKCS7_SignedDataBuildSignature(pkcs7, flatSignedAttribs,
|
ret = wc_PKCS7_SignedDataBuildSignature(pkcs7, flatSignedAttribs,
|
||||||
flatSignedAttribsSz, esd);
|
flatSignedAttribsSz, esd);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
if (esd->signedAttribsSz != 0)
|
idx = ret;
|
||||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
goto out;
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
|
||||||
#endif
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
signerInfoSz += flatSignedAttribsSz + esd->signedAttribSetSz;
|
signerInfoSz += flatSignedAttribsSz + esd->signedAttribSetSz;
|
||||||
|
|
@ -2593,17 +2587,14 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
/* if using header/footer, we are not returning the content */
|
/* if using header/footer, we are not returning the content */
|
||||||
if (output2 && output2Sz) {
|
if (output2 && output2Sz) {
|
||||||
if (total2Sz > *output2Sz) {
|
if (total2Sz > *output2Sz) {
|
||||||
if (esd->signedAttribsSz != 0)
|
|
||||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
|
||||||
#endif
|
|
||||||
if (*outputSz == 0 && *output2Sz == 0) {
|
if (*outputSz == 0 && *output2Sz == 0) {
|
||||||
*outputSz = totalSz;
|
*outputSz = totalSz;
|
||||||
*output2Sz = total2Sz;
|
*output2Sz = total2Sz;
|
||||||
return 0;
|
idx = 0;
|
||||||
|
goto out;
|
||||||
}
|
}
|
||||||
return BUFFER_E;
|
idx = BUFFER_E;
|
||||||
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!pkcs7->detached) {
|
if (!pkcs7->detached) {
|
||||||
|
|
@ -2616,25 +2607,18 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (totalSz > *outputSz) {
|
if (totalSz > *outputSz) {
|
||||||
if (esd->signedAttribsSz != 0)
|
|
||||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
|
||||||
#endif
|
|
||||||
if (*outputSz == 0) {
|
if (*outputSz == 0) {
|
||||||
*outputSz = totalSz;
|
*outputSz = totalSz;
|
||||||
return totalSz;
|
idx = totalSz;
|
||||||
|
goto out;
|
||||||
}
|
}
|
||||||
return BUFFER_E;
|
idx = BUFFER_E;
|
||||||
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (output == NULL) {
|
if (output == NULL) {
|
||||||
if (esd->signedAttribsSz != 0)
|
idx = BUFFER_E;
|
||||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
goto out;
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
|
||||||
#endif
|
|
||||||
return BUFFER_E;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
idx = 0;
|
idx = 0;
|
||||||
|
|
@ -2713,10 +2697,8 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
} else if (pkcs7->sidType == DEGENERATE_SID) {
|
} else if (pkcs7->sidType == DEGENERATE_SID) {
|
||||||
/* no signer infos in degenerate case */
|
/* no signer infos in degenerate case */
|
||||||
} else {
|
} else {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
idx = SKID_E;
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
goto out;
|
||||||
#endif
|
|
||||||
return SKID_E;
|
|
||||||
}
|
}
|
||||||
XMEMCPY(output2 + idx, esd->signerDigAlgoId, esd->signerDigAlgoIdSz);
|
XMEMCPY(output2 + idx, esd->signerDigAlgoId, esd->signerDigAlgoIdSz);
|
||||||
idx += esd->signerDigAlgoIdSz;
|
idx += esd->signerDigAlgoIdSz;
|
||||||
|
|
@ -2727,7 +2709,6 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
idx += esd->signedAttribSetSz;
|
idx += esd->signedAttribSetSz;
|
||||||
XMEMCPY(output2 + idx, flatSignedAttribs, flatSignedAttribsSz);
|
XMEMCPY(output2 + idx, flatSignedAttribs, flatSignedAttribsSz);
|
||||||
idx += flatSignedAttribsSz;
|
idx += flatSignedAttribsSz;
|
||||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
XMEMCPY(output2 + idx, esd->digEncAlgoId, esd->digEncAlgoIdSz);
|
XMEMCPY(output2 + idx, esd->digEncAlgoId, esd->digEncAlgoIdSz);
|
||||||
|
|
@ -2745,9 +2726,18 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||||
*outputSz = idx;
|
*outputSz = idx;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
out:
|
||||||
|
|
||||||
|
if (flatSignedAttribs != NULL)
|
||||||
|
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
if (esd)
|
||||||
|
XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (signedDataOid)
|
||||||
|
XFREE(signedDataOid, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return idx;
|
return idx;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue