OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 | 4 |
5 /* | 5 /* |
6 * PKCS7 decoding, verification. | 6 * PKCS7 decoding, verification. |
7 */ | 7 */ |
8 | 8 |
9 #include "p7local.h" | 9 #include "p7local.h" |
10 | 10 |
(...skipping 1272 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1283 SECCertUsage certusage, | 1283 SECCertUsage certusage, |
1284 const SECItem *detached_digest, | 1284 const SECItem *detached_digest, |
1285 HASH_HashType digest_type, | 1285 HASH_HashType digest_type, |
1286 PRBool keepcerts, | 1286 PRBool keepcerts, |
1287 const PRTime *atTime) | 1287 const PRTime *atTime) |
1288 { | 1288 { |
1289 SECAlgorithmID **digestalgs, *bulkid; | 1289 SECAlgorithmID **digestalgs, *bulkid; |
1290 const SECItem *digest; | 1290 const SECItem *digest; |
1291 SECItem **digests; | 1291 SECItem **digests; |
1292 SECItem **rawcerts; | 1292 SECItem **rawcerts; |
1293 CERTSignedCrl **crls; | |
1294 SEC_PKCS7SignerInfo **signerinfos, *signerinfo; | 1293 SEC_PKCS7SignerInfo **signerinfos, *signerinfo; |
1295 CERTCertificate *cert, **certs; | 1294 CERTCertificate *cert, **certs; |
1296 PRBool goodsig; | 1295 PRBool goodsig; |
1297 CERTCertDBHandle *certdb, *defaultdb; | 1296 CERTCertDBHandle *certdb, *defaultdb; |
1298 SECOidTag encTag,digestTag; | 1297 SECOidTag encTag,digestTag; |
1299 HASH_HashType found_type; | 1298 HASH_HashType found_type; |
1300 int i, certcount; | 1299 int i, certcount; |
1301 SECKEYPublicKey *publickey; | 1300 SECKEYPublicKey *publickey; |
1302 SECItem *content_type; | 1301 SECItem *content_type; |
1303 PK11SymKey *sigkey; | 1302 PK11SymKey *sigkey; |
(...skipping 29 matching lines...) Expand all Loading... |
1333 /* Could only get here if SEC_PKCS7ContentIsSigned is broken. */ | 1332 /* Could only get here if SEC_PKCS7ContentIsSigned is broken. */ |
1334 PORT_Assert (0); | 1333 PORT_Assert (0); |
1335 case SEC_OID_PKCS7_SIGNED_DATA: | 1334 case SEC_OID_PKCS7_SIGNED_DATA: |
1336 { | 1335 { |
1337 SEC_PKCS7SignedData *sdp; | 1336 SEC_PKCS7SignedData *sdp; |
1338 | 1337 |
1339 sdp = cinfo->content.signedData; | 1338 sdp = cinfo->content.signedData; |
1340 digestalgs = sdp->digestAlgorithms; | 1339 digestalgs = sdp->digestAlgorithms; |
1341 digests = sdp->digests; | 1340 digests = sdp->digests; |
1342 rawcerts = sdp->rawCerts; | 1341 rawcerts = sdp->rawCerts; |
1343 crls = sdp->crls; | |
1344 signerinfos = sdp->signerInfos; | 1342 signerinfos = sdp->signerInfos; |
1345 content_type = &(sdp->contentInfo.contentType); | 1343 content_type = &(sdp->contentInfo.contentType); |
1346 sigkey = NULL; | 1344 sigkey = NULL; |
1347 bulkid = NULL; | 1345 bulkid = NULL; |
1348 } | 1346 } |
1349 break; | 1347 break; |
1350 case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: | 1348 case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: |
1351 { | 1349 { |
1352 SEC_PKCS7SignedAndEnvelopedData *saedp; | 1350 SEC_PKCS7SignedAndEnvelopedData *saedp; |
1353 | 1351 |
1354 saedp = cinfo->content.signedAndEnvelopedData; | 1352 saedp = cinfo->content.signedAndEnvelopedData; |
1355 digestalgs = saedp->digestAlgorithms; | 1353 digestalgs = saedp->digestAlgorithms; |
1356 digests = saedp->digests; | 1354 digests = saedp->digests; |
1357 rawcerts = saedp->rawCerts; | 1355 rawcerts = saedp->rawCerts; |
1358 crls = saedp->crls; | |
1359 signerinfos = saedp->signerInfos; | 1356 signerinfos = saedp->signerInfos; |
1360 content_type = &(saedp->encContentInfo.contentType); | 1357 content_type = &(saedp->encContentInfo.contentType); |
1361 sigkey = saedp->sigKey; | 1358 sigkey = saedp->sigKey; |
1362 bulkid = &(saedp->encContentInfo.contentEncAlg); | 1359 bulkid = &(saedp->encContentInfo.contentEncAlg); |
1363 } | 1360 } |
1364 break; | 1361 break; |
1365 } | 1362 } |
1366 | 1363 |
1367 if ((signerinfos == NULL) || (signerinfos[0] == NULL)) { | 1364 if ((signerinfos == NULL) || (signerinfos[0] == NULL)) { |
1368 PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE); | 1365 PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE); |
(...skipping 554 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1923 /* | 1920 /* |
1924 * No signature, or more than one, means no deal. | 1921 * No signature, or more than one, means no deal. |
1925 */ | 1922 */ |
1926 if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL) | 1923 if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL) |
1927 return NULL; | 1924 return NULL; |
1928 | 1925 |
1929 attr = sec_PKCS7FindAttribute (signerinfos[0]->authAttr, | 1926 attr = sec_PKCS7FindAttribute (signerinfos[0]->authAttr, |
1930 SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE); | 1927 SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE); |
1931 return sec_PKCS7AttributeValue (attr); | 1928 return sec_PKCS7AttributeValue (attr); |
1932 } | 1929 } |
OLD | NEW |