/* Try reading as octet string according to rfc5652. If that fails, attempt
* a raw read according to rfc2315 */
- result = _gnutls_x509_read_string(c2, "encapContentInfo.eContent", &pkcs7->der_signed_data, ASN1_ETYPE_OCTET_STRING, 1);
+ result = _gnutls_x509_read_string(c2, "encapContentInfo.eContent", &pkcs7->der_encap_data, ASN1_ETYPE_OCTET_STRING, 1);
if (result < 0) {
- result = _gnutls_x509_read_value(c2, "encapContentInfo.eContent", &pkcs7->der_signed_data);
+ result = _gnutls_x509_read_value(c2, "encapContentInfo.eContent", &pkcs7->der_encap_data);
if (result < 0) {
- pkcs7->der_signed_data.data = NULL;
- pkcs7->der_signed_data.size = 0;
+ pkcs7->der_encap_data.data = NULL;
+ pkcs7->der_encap_data.size = 0;
} else {
int tag_len, len_len;
unsigned char cls;
unsigned long tag;
/* we skip the embedded element's tag and length - uncharted territorry - used by MICROSOFT_CERT_TRUST_LIST */
- result = asn1_get_tag_der(pkcs7->der_signed_data.data, pkcs7->der_signed_data.size, &cls, &tag_len, &tag);
+ result = asn1_get_tag_der(pkcs7->der_encap_data.data, pkcs7->der_encap_data.size, &cls, &tag_len, &tag);
if (result != ASN1_SUCCESS) {
gnutls_assert();
result = _gnutls_asn2err(result);
goto cleanup;
}
- result = asn1_get_length_ber(pkcs7->der_signed_data.data+tag_len, pkcs7->der_signed_data.size-tag_len, &len_len);
+ result = asn1_get_length_ber(pkcs7->der_encap_data.data+tag_len, pkcs7->der_encap_data.size-tag_len, &len_len);
if (result < 0) {
gnutls_assert();
result = GNUTLS_E_ASN1_DER_ERROR;
}
tag_len += len_len;
- memmove(pkcs7->der_signed_data.data, &pkcs7->der_signed_data.data[tag_len], pkcs7->der_signed_data.size-tag_len);
- pkcs7->der_signed_data.size-=tag_len;
+ memmove(pkcs7->der_encap_data.data, &pkcs7->der_encap_data.data[tag_len], pkcs7->der_encap_data.size-tag_len);
+ pkcs7->der_encap_data.size-=tag_len;
}
}
- if (pkcs7->signed_data)
- asn1_delete_structure(&pkcs7->signed_data);
- pkcs7->signed_data = c2;
+ if (pkcs7->content_data)
+ asn1_delete_structure(&pkcs7->content_data);
+ pkcs7->content_data = c2;
gnutls_free(tmp.data);
return 0;
len = sizeof(oid) - 1;
- result = asn1_read_value(pkcs7->signed_data, root2, oid, &len);
+ result = asn1_read_value(pkcs7->content_data, root2, oid, &len);
if (result == ASN1_VALUE_NOT_FOUND) {
result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
result =
- asn1_der_decoding_startEnd(pkcs7->signed_data, tmp.data,
+ asn1_der_decoding_startEnd(pkcs7->content_data, tmp.data,
tmp.size, root2, &start, &end);
if (result != ASN1_SUCCESS) {
/* Step 2. Count the CertificateSet */
result =
- asn1_number_of_elements(pkcs7->signed_data, "certificates", &count);
+ asn1_number_of_elements(pkcs7->content_data, "certificates", &count);
if (result != ASN1_SUCCESS) {
gnutls_assert();
return 0; /* no certificates */
}
len = sizeof(tval);
- result = asn1_read_value(pkcs7->signed_data, root, tval, &len);
+ result = asn1_read_value(pkcs7->content_data, root, tval, &len);
if (result != ASN1_SUCCESS) {
ret = -1;
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
ret =
- asn1_number_of_elements(pkcs7->signed_data, "signerInfos", &count);
+ asn1_number_of_elements(pkcs7->content_data, "signerInfos", &count);
if (ret != ASN1_SUCCESS) {
gnutls_assert();
return 0;
info->signing_time = -1;
ret =
- asn1_number_of_elements(pkcs7->signed_data, "signerInfos", &count);
+ asn1_number_of_elements(pkcs7->content_data, "signerInfos", &count);
if (ret != ASN1_SUCCESS || idx + 1 > (unsigned)count) {
gnutls_assert();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
"signerInfos.?%u.signatureAlgorithm.algorithm", idx + 1);
len = sizeof(oid) - 1;
- ret = asn1_read_value(pkcs7->signed_data, root, oid, &len);
+ ret = asn1_read_value(pkcs7->content_data, root, oid, &len);
if (ret != ASN1_SUCCESS) {
gnutls_assert();
goto unsupp_algo;
"signerInfos.?%u.digestAlgorithm.algorithm", idx + 1);
len = sizeof(oid) - 1;
- ret = asn1_read_value(pkcs7->signed_data, root, oid, &len);
+ ret = asn1_read_value(pkcs7->content_data, root, oid, &len);
if (ret != ASN1_SUCCESS) {
gnutls_assert();
goto unsupp_algo;
snprintf(root, sizeof(root), "signerInfos.?%u.signature", idx + 1);
/* read the signature */
- ret = _gnutls_x509_read_value(pkcs7->signed_data, root, &info->sig);
+ ret = _gnutls_x509_read_value(pkcs7->content_data, root, &info->sig);
if (ret < 0) {
gnutls_assert();
goto fail;
idx + 1);
/* read the signature */
ret =
- _gnutls_x509_get_raw_field(pkcs7->signed_data, root,
+ _gnutls_x509_get_raw_field(pkcs7->content_data, root,
&info->issuer_dn);
if (ret >= 0) {
snprintf(root, sizeof(root),
idx + 1);
/* read the signature */
ret =
- _gnutls_x509_read_value(pkcs7->signed_data, root,
+ _gnutls_x509_read_value(pkcs7->content_data, root,
&info->signer_serial);
if (ret < 0) {
gnutls_assert();
"signerInfos.?%u.sid.subjectKeyIdentifier", idx + 1);
/* read the signature */
ret =
- _gnutls_x509_read_value(pkcs7->signed_data, root,
+ _gnutls_x509_read_value(pkcs7->content_data, root,
&info->issuer_keyid);
if (ret < 0) {
gnutls_assert();
"signerInfos.?%u.signedAttrs.?%u.type", idx + 1,
i + 1);
len = sizeof(oid) - 1;
- ret = asn1_read_value(pkcs7->signed_data, root, oid, &len);
+ ret = asn1_read_value(pkcs7->content_data, root, oid, &len);
if (ret != ASN1_SUCCESS) {
break;
}
snprintf(root, sizeof(root),
"signerInfos.?%u.signedAttrs.?%u.values.?1", idx + 1,
i + 1);
- ret = _gnutls_x509_read_value(pkcs7->signed_data, root, &tmp);
+ ret = _gnutls_x509_read_value(pkcs7->content_data, root, &tmp);
if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
tmp.data = NULL;
tmp.size = 0;
"signerInfos.?%u.unsignedAttrs.?%u.type", idx + 1,
i + 1);
len = sizeof(oid) - 1;
- ret = asn1_read_value(pkcs7->signed_data, root, oid, &len);
+ ret = asn1_read_value(pkcs7->content_data, root, oid, &len);
if (ret != ASN1_SUCCESS) {
break;
}
snprintf(root, sizeof(root),
"signerInfos.?%u.unsignedAttrs.?%u.values.?1", idx + 1,
i + 1);
- ret = _gnutls_x509_read_value(pkcs7->signed_data, root, &tmp);
+ ret = _gnutls_x509_read_value(pkcs7->content_data, root, &tmp);
if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
tmp.data = NULL;
tmp.size = 0;
hash_size = gnutls_hash_get_len(hash);
if (data == NULL || data->data == NULL) {
- data = &pkcs7->der_signed_data;
+ data = &pkcs7->der_encap_data;
}
if (data->size == 0) {
for (i = 0;; i++) {
snprintf(name, sizeof(name), "%s.signedAttrs.?%u", root, i + 1);
- ret = _gnutls_x509_decode_and_read_attribute(pkcs7->signed_data,
+ ret = _gnutls_x509_decode_and_read_attribute(pkcs7->content_data,
name, oid,
sizeof(oid), &tmp,
1, 0);
/* check if it matches */
ret =
- _gnutls_x509_get_raw_field(pkcs7->signed_data,
+ _gnutls_x509_get_raw_field(pkcs7->content_data,
"encapContentInfo.eContentType",
&tmp2);
if (ret < 0) {
snprintf(name, sizeof(name), "%s.signedAttrs", root);
/* read the signature */
- ret = _gnutls_x509_get_raw_field(pkcs7->signed_data, name, sigdata);
+ ret = _gnutls_x509_get_raw_field(pkcs7->content_data, name, sigdata);
if (ret == 0) {
/* verify that hash matches */
ret = verify_hash_attr(pkcs7, root, algo, data);
/* We have no signedAttrs. Use the provided data, or the encapsulated */
if (data == NULL || data->data == NULL) {
- return _gnutls_set_datum(sigdata, pkcs7->der_signed_data.data, pkcs7->der_signed_data.size);
+ return _gnutls_set_datum(sigdata, pkcs7->der_encap_data.data, pkcs7->der_encap_data.size);
}
return _gnutls_set_datum(sigdata, data->data, data->size);
return GNUTLS_E_INVALID_REQUEST;
ret =
- asn1_number_of_elements(pkcs7->signed_data, "signerInfos", &count);
+ asn1_number_of_elements(pkcs7->content_data, "signerInfos", &count);
if (ret != ASN1_SUCCESS || idx + 1 > (unsigned)count) {
gnutls_assert();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
return GNUTLS_E_INVALID_REQUEST;
ret =
- asn1_number_of_elements(pkcs7->signed_data, "signerInfos", &count);
+ asn1_number_of_elements(pkcs7->content_data, "signerInfos", &count);
if (ret != ASN1_SUCCESS || idx + 1 > (unsigned)count) {
gnutls_assert();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
/* If the signed data are uninitialized
* then create them.
*/
- if (pkcs7->signed_data == NULL) {
+ if (pkcs7->content_data == NULL) {
/* The pkcs7 structure is new, so create the
* signedData.
*/
result =
- create_empty_signed_data(pkcs7->pkcs7, &pkcs7->signed_data);
+ create_empty_signed_data(pkcs7->pkcs7, &pkcs7->content_data);
if (result < 0) {
gnutls_assert();
return result;
/* Step 2. Append the new certificate.
*/
- result = asn1_write_value(pkcs7->signed_data, "certificates", "NEW", 1);
+ result = asn1_write_value(pkcs7->content_data, "certificates", "NEW", 1);
if (result != ASN1_SUCCESS) {
gnutls_assert();
result = _gnutls_asn2err(result);
}
result =
- asn1_write_value(pkcs7->signed_data, "certificates.?LAST",
+ asn1_write_value(pkcs7->content_data, "certificates.?LAST",
"certificate", 1);
if (result != ASN1_SUCCESS) {
gnutls_assert();
}
result =
- asn1_write_value(pkcs7->signed_data,
+ asn1_write_value(pkcs7->content_data,
"certificates.?LAST.certificate", crt->data,
crt->size);
if (result != ASN1_SUCCESS) {
snprintf(root2, sizeof(root2), "certificates.?%d", indx + 1);
- result = asn1_write_value(pkcs7->signed_data, root2, NULL, 0);
+ result = asn1_write_value(pkcs7->content_data, root2, NULL, 0);
if (result != ASN1_SUCCESS) {
gnutls_assert();
result = _gnutls_asn2err(result);
/* Get the raw CRL
*/
result =
- asn1_der_decoding_startEnd(pkcs7->signed_data, tmp.data, tmp.size,
+ asn1_der_decoding_startEnd(pkcs7->content_data, tmp.data, tmp.size,
root2, &start, &end);
if (result != ASN1_SUCCESS) {
/* Step 2. Count the CertificateSet */
- result = asn1_number_of_elements(pkcs7->signed_data, "crls", &count);
+ result = asn1_number_of_elements(pkcs7->content_data, "crls", &count);
if (result != ASN1_SUCCESS) {
gnutls_assert();
return 0; /* no crls */
/* If the signed data are uninitialized
* then create them.
*/
- if (pkcs7->signed_data == NULL) {
+ if (pkcs7->content_data == NULL) {
/* The pkcs7 structure is new, so create the
* signedData.
*/
result =
- create_empty_signed_data(pkcs7->pkcs7, &pkcs7->signed_data);
+ create_empty_signed_data(pkcs7->pkcs7, &pkcs7->content_data);
if (result < 0) {
gnutls_assert();
return result;
/* Step 2. Append the new crl.
*/
- result = asn1_write_value(pkcs7->signed_data, "crls", "NEW", 1);
+ result = asn1_write_value(pkcs7->content_data, "crls", "NEW", 1);
if (result != ASN1_SUCCESS) {
gnutls_assert();
result = _gnutls_asn2err(result);
}
result =
- asn1_write_value(pkcs7->signed_data, "crls.?LAST", crl->data,
+ asn1_write_value(pkcs7->content_data, "crls.?LAST", crl->data,
crl->size);
if (result != ASN1_SUCCESS) {
gnutls_assert();
snprintf(root2, sizeof(root2), "crls.?%d", indx + 1);
- result = asn1_write_value(pkcs7->signed_data, root2, NULL, 0);
+ result = asn1_write_value(pkcs7->content_data, root2, NULL, 0);
if (result != ASN1_SUCCESS) {
gnutls_assert();
result = _gnutls_asn2err(result);
if (pkcs7 == NULL || me == NULL)
return GNUTLS_E_INVALID_REQUEST;
- if (pkcs7->signed_data == NULL) {
+ if (pkcs7->content_data == NULL) {
result =
asn1_create_element(_gnutls_get_pkix(),
"PKIX1.pkcs-7-SignedData",
- &pkcs7->signed_data);
+ &pkcs7->content_data);
if (result != ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(result);
}
if (!(flags & GNUTLS_PKCS7_EMBED_DATA)) {
- (void)asn1_write_value(pkcs7->signed_data,
+ (void)asn1_write_value(pkcs7->content_data,
"encapContentInfo.eContent", NULL, 0);
}
}
- result = asn1_write_value(pkcs7->signed_data, "version", &one, 1);
+ result = asn1_write_value(pkcs7->content_data, "version", &one, 1);
if (result != ASN1_SUCCESS) {
ret = _gnutls_asn2err(result);
goto cleanup;
}
result =
- asn1_write_value(pkcs7->signed_data,
+ asn1_write_value(pkcs7->content_data,
"encapContentInfo.eContentType", DATA_OID,
0);
if (result != ASN1_SUCCESS) {
if ((flags & GNUTLS_PKCS7_EMBED_DATA) && data->data) { /* embed data */
ret =
- _gnutls_x509_write_string(pkcs7->signed_data,
+ _gnutls_x509_write_string(pkcs7->content_data,
"encapContentInfo.eContent", data,
ASN1_ETYPE_OCTET_STRING);
if (ret < 0) {
/* append digest info algorithm */
result =
- asn1_write_value(pkcs7->signed_data, "digestAlgorithms", "NEW", 1);
+ asn1_write_value(pkcs7->content_data, "digestAlgorithms", "NEW", 1);
if (result != ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(result);
}
result =
- asn1_write_value(pkcs7->signed_data,
+ asn1_write_value(pkcs7->content_data,
"digestAlgorithms.?LAST.algorithm",
_gnutls_x509_digest_to_oid(me), 1);
if (result != ASN1_SUCCESS) {
goto cleanup;
}
- (void)asn1_write_value(pkcs7->signed_data,
+ (void)asn1_write_value(pkcs7->content_data,
"digestAlgorithms.?LAST.parameters", NULL, 0);
/* append signer's info */
- result = asn1_write_value(pkcs7->signed_data, "signerInfos", "NEW", 1);
+ result = asn1_write_value(pkcs7->content_data, "signerInfos", "NEW", 1);
if (result != ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(result);
}
result =
- asn1_write_value(pkcs7->signed_data, "signerInfos.?LAST.version",
+ asn1_write_value(pkcs7->content_data, "signerInfos.?LAST.version",
&one, 1);
if (result != ASN1_SUCCESS) {
gnutls_assert();
}
result =
- asn1_write_value(pkcs7->signed_data,
+ asn1_write_value(pkcs7->content_data,
"signerInfos.?LAST.digestAlgorithm.algorithm",
_gnutls_x509_digest_to_oid(me), 1);
if (result != ASN1_SUCCESS) {
goto cleanup;
}
- (void)asn1_write_value(pkcs7->signed_data,
+ (void)asn1_write_value(pkcs7->content_data,
"signerInfos.?LAST.digestAlgorithm.parameters", NULL,
0);
ret =
- write_signer_id(pkcs7->signed_data, "signerInfos.?LAST", signer,
+ write_signer_id(pkcs7->content_data, "signerInfos.?LAST", signer,
flags);
if (ret < 0) {
gnutls_assert();
}
ret =
- add_attrs(pkcs7->signed_data, "signerInfos.?LAST.unsignedAttrs",
+ add_attrs(pkcs7->content_data, "signerInfos.?LAST.unsignedAttrs",
unsigned_attrs, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
- write_attributes(pkcs7->signed_data,
+ write_attributes(pkcs7->content_data,
"signerInfos.?LAST.signedAttrs", data, me,
signed_attrs, flags);
if (ret < 0) {
*/
params.legacy = 1;
ret =
- _gnutls_x509_write_sign_params(pkcs7->signed_data,
+ _gnutls_x509_write_sign_params(pkcs7->content_data,
"signerInfos.?LAST.signatureAlgorithm",
se, ¶ms);
if (ret < 0) {
}
result =
- asn1_write_value(pkcs7->signed_data, "signerInfos.?LAST.signature",
+ asn1_write_value(pkcs7->content_data, "signerInfos.?LAST.signature",
signature.data, signature.size);
if (result != ASN1_SUCCESS) {
gnutls_assert();
projects / thirdparty / gnutls.git / commitdiff
