📄 osppkcs7.c
字号:
/**########################################################################*########################################################################*########################################################################* * COPYRIGHT (c) 1998, 1999 by TransNexus, LLC * * This software contains proprietary and confidential information * of TransNexus, LLC. Except as may be set forth in the license * agreement under which this software is supplied, use, disclosure, * or reproduction is prohibited without the prior, express, written* consent of TransNexus, LLC. * *******#########################################################################*#########################################################################*#########################################################################*//* * osppkcs7.c - PKCS #7 Cryptographic message object processing functions. */#include "osp.h"#include "ospasn1.h"#include "osppkcs1.h"#include "ospx509.h"#include "ospx500.h"#include "osppkcs1.h"#include "osppkcs7.h"#include "ospcrypto.h"#include "osptnlog.h"#define DUMPOBJECTDATA(a, b) { unsigned char *_data; unsigned int _dataLength; OSPTASN1ELEMENTINFO *_eInfo; OSPPASN1ObjectGetElementInfo(a, &_eInfo); OSPPASN1ElementGetElementData(_eInfo, &_data, &_dataLength); OSPTNLOGDUMP(_data, _dataLength, b); }#define OSPC_ERR_PKCS7 (25500)#define OSPC_ERR_PKCS7_MALLOC_FAILED (OSPC_ERR_PKCS7 + 1000)/* FUNCTION PROTOTYPES *//* ---------------------------------------------------------*//* Member functions *//* ---------------------------------------------------------*/intOSPPPKCS7SignatureCreate( unsigned char *ospvContent, /* In - data to signed */ unsigned ospvContentLength, /* In - length of data to sign */ OSPTASN1OBJECT *ospvDigestAlgorithm, /* In - ptr to digest Algorithm */ OSPTASN1OBJECT *ospvSignerCertInfo, /* In - ptr to signer cert info */ OSPTASN1OBJECT *ospvSignerPrivateKey, /* In - ptr to private key struct */ int ospvSignatureOnly, /* In - TRUE - no content in sig FALSE- content included in sig */ unsigned char **ospvSignature, /* Out - ptr to ptr to sig store */ unsigned *ospvSignatureLength) /* Out - length of signature */{ int errorcode = OSPC_ERR_NO_ERROR; OSPTASN1OBJECT *signedData = OSPC_OSNULL; OSPTASN1OBJECT *contentInfo = OSPC_OSNULL; OSPTASN1OBJECT *dataContent = OSPC_OSNULL; OSPTASN1OBJECT *signerInfos = OSPC_OSNULL; OSPTASN1OBJECT *signerInfo = OSPC_OSNULL; OSPTASN1OBJECT *contentObject = OSPC_OSNULL; OSPTASN1OBJECT *certificates = OSPC_OSNULL; OSPTASN1OBJECT *digestAlgorithms = OSPC_OSNULL; OSPTASN1ELEMENTINFO *eInfo = OSPC_OSNULL; /* Generate an ASN1 Encoded PKCS7 Signed Data signature from the parameters given. The signed data message is a Content info with a content type of SIGNED DATA, and content, containing a Signed Data message which in turn contains a ContentInfo of type DATA. */ /* Encode the content as and OctetString. */ errorcode = OSPPASN1OctetStringEncode(&dataContent, ospvContent, ospvContentLength, OSPEDRID_CNTINF_CONTENT); if (errorcode == OSPC_ERR_NO_ERROR) { /* Create the DATA content info structure for the content being signed. Signature Only flag determines if the content is included or if an empty string is encoded in the ContentInfo. */ errorcode = OSPPPKCS7ContentInfoCreate(&contentObject, dataContent, OSPEID_DATA, ospvSignatureOnly); } if (errorcode == OSPC_ERR_NO_ERROR) { /* Generate the Set of Certificates */ errorcode = OSPPPKCS7CertificatesCreate(&certificates, ospvSignerCertInfo); } if (errorcode == OSPC_ERR_NO_ERROR) { /* Generate the set of DigestAlgorithms */ errorcode = OSPPPKCS7DigestAlgorithmsCreate(&digestAlgorithms, ospvDigestAlgorithm); } if (errorcode == OSPC_ERR_NO_ERROR) { /* Generate the Signer Info structure. Generate a signature based on the content's octet string (content octets only, no tag or length */ errorcode = OSPPPKCS7SignerInfoCreate(&signerInfo, dataContent, ospvDigestAlgorithm, ospvSignerCertInfo, ospvSignerPrivateKey); } if (errorcode == OSPC_ERR_NO_ERROR) { /* Generate the Set of Signer Info structures. */ errorcode = OSPPPKCS7SignerInfosCreate(&signerInfos, signerInfo); } if (errorcode == OSPC_ERR_NO_ERROR) { /* First, create the signed data object using the function parameters.*/ errorcode = OSPPPKCS7SignedDataCreate(&signedData, contentObject, digestAlgorithms, certificates, signerInfos); } if (errorcode == OSPC_ERR_NO_ERROR) { /* Next, create a ContentInfo with type SignedData. */ errorcode = OSPPPKCS7ContentInfoCreate(&contentInfo,signedData, OSPEID_SIGNEDDATA, 0 ); } if (errorcode == OSPC_ERR_NO_ERROR) { errorcode = OSPPASN1ObjectGetElementByDataRef(contentInfo, &eInfo, OSPEDRID_CONTENTINFO); if (errorcode == OSPC_ERR_NO_ERROR) { errorcode = OSPPASN1ElementCopyElementData(eInfo, ospvSignature, ospvSignatureLength); } } OSPPASN1ObjectDelete(&certificates); OSPPASN1ObjectDelete(&digestAlgorithms); OSPPASN1ObjectDelete(&signerInfo); OSPPASN1ObjectDelete(&dataContent); OSPPASN1ObjectDelete(&signerInfos); OSPPASN1ObjectDelete(&signedData); OSPPASN1ObjectDelete(&contentInfo); OSPPASN1ElementDelete(&eInfo, 0); OSPPASN1ObjectDelete(&contentObject); return errorcode;}int OSPPPKCS7DigestInfoCreate( OSPTASN1OBJECT **ospvDigestInfo, OSPTASN1OBJECT *ospvDigestAlgorithm, unsigned char *ospvContent, unsigned int ospvContentLength){ int errorcode = OSPC_ERR_NO_ERROR; OSPTASN1OBJECT *newObject = OSPC_OSNULL; OSPTASN1OBJECT *digestInfo = OSPC_OSNULL; OSPEASN1DATAREFID dataRefId = OSPEDRID_NOTDEFINED; int i = 0; errorcode = OSPPASN1ObjectNew(&digestInfo, OSPEDRID_DIGESTINFO); for (i = 0 ;errorcode == OSPC_ERR_NO_ERROR ; i++) { switch(i) { case 0: /* Add Digest Algorithm */ dataRefId = OSPEDRID_DIGINF_DIGESTALGORITHM; errorcode = OSPPASN1ObjectCopy(&newObject,ospvDigestAlgorithm); if(newObject) /* !!! PS */ { OSPM_FREE(newObject->ElementInfo->Element); OSPM_FREE(newObject->ElementInfo); } break; case 1: /* Add Digest */ dataRefId = OSPEDRID_DIGINF_DIGEST; if(newObject) /* !!! PS */ { OSPM_FREE(newObject->ElementInfo->Element); OSPM_FREE(newObject->ElementInfo); } errorcode = OSPPCryptoDigest( &newObject, ospvDigestAlgorithm, ospvContent, ospvContentLength); break; case 2: errorcode = OSPC_ERR_ASN1_PARSE_COMPLETE; break; default: errorcode = OSPC_ERR_PKCS7_ENCODING_ERROR; OSPM_DBGERRORLOG(errorcode, "Unknown case encountered encoding PKCS7 DigestInfoCreate"); } if (errorcode == OSPC_ERR_NO_ERROR) { /* Add new object to this object */ if (newObject != OSPC_OSNULL) { errorcode = OSPPASN1ObjectAddChild( digestInfo, newObject, dataRefId ); OSPM_FREE(newObject); newObject = OSPC_OSNULL; } } } if (errorcode == OSPC_ERR_ASN1_PARSE_COMPLETE) { errorcode = OSPC_ERR_NO_ERROR; } if (errorcode == OSPC_ERR_NO_ERROR) { /* Complete the encoding for this object. Update results, elements, etc. */ errorcode = OSPPASN1ObjectDeparse(digestInfo, OSPEPTID_DIGESTINFO, OSPEDRID_DIGESTINFO); } if (errorcode == OSPC_ERR_NO_ERROR) { *ospvDigestInfo = digestInfo; } else { /* Clean up from errors */ OSPPASN1ObjectDelete(&digestInfo); } return errorcode;}int OSPPPKCS7SignerInfoCreate(OSPTASN1OBJECT **ospvSignerInfo,OSPTASN1OBJECT *ospvDataContent,OSPTASN1OBJECT *ospvDigestAlgorithm,OSPTASN1OBJECT *ospvSignerCertInfo,OSPTASN1OBJECT *ospvSignerPrivateKey){ int errorcode = OSPC_ERR_NO_ERROR; OSPTASN1ELEMENTINFO *eInfo = OSPC_OSNULL; OSPEASN1DATAREFID dataRefId = OSPEDRID_NOTDEFINED; OSPTASN1OBJECT *signerInfo = OSPC_OSNULL; OSPTASN1OBJECT *newObject = OSPC_OSNULL; OSPTASN1OBJECT *digestEncryptionAlgorithm = OSPC_OSNULL; OSPTASN1OBJECT *digestInfo = OSPC_OSNULL; unsigned char *contentData = OSPC_OSNULL; unsigned int contentDataLength = 0; int i = 0; /*The Signature is a ContentInfo structure with a datatype of signedData */ errorcode = OSPPASN1ObjectNew(&signerInfo, OSPEDRID_SIGNERINFO); /* The elements are a contentType OID, and a content element. */ /* Add the content type Element to the result list */ for (i = 0 ;errorcode == OSPC_ERR_NO_ERROR ; i++) { switch(i) { case 0: /* Add VERSION Element */ dataRefId = OSPEDRID_SGNINF_VERSION; errorcode = OSPPASN1SmallIntegerEncode(&newObject, OSPC_ASN1_SIGNERINFO_VERSION, dataRefId); break; case 1: /* Add Issuer */ dataRefId = OSPEDRID_SGNINF_ISSUER; errorcode = OSPPASN1ObjectCopyElementObject( &newObject, ospvSignerCertInfo, OSPEDRID_CERT_ISSUER); if(newObject != OSPC_OSNULL) { if(newObject->ElementInfo != OSPC_OSNULL) { OSPPASN1ElementDelete(&(newObject->ElementInfo) , 0); } } break; case 2: /* Add SerialNumber */ dataRefId = OSPEDRID_SGNINF_SERIALNUMBER; errorcode = OSPPASN1ObjectCopyElementObject(&newObject, ospvSignerCertInfo, OSPEDRID_CERT_SERIALNUMBER); if(newObject != OSPC_OSNULL) { if(newObject->ElementInfo != OSPC_OSNULL) { OSPPASN1ElementDelete(&(newObject->ElementInfo) , 0); } } break; case 3: /* Add DigestAlgorithm */ dataRefId = OSPEDRID_SGNINF_DIGESTALGORITHM; errorcode = OSPPASN1ObjectCopy(&newObject, ospvDigestAlgorithm); if(newObject != OSPC_OSNULL) { if(newObject->ElementInfo != OSPC_OSNULL) { OSPPASN1ElementDelete(&(newObject->ElementInfo) , 0); } } break; case 4: /* Add AuthenticatedAttributes */ dataRefId = OSPEDRID_SGNINF_AUTHATTRIBUTES; break; case 5: /* Add DigestEncryptionAlgorithm */ dataRefId = OSPEDRID_SGNINF_DIGENCRYPTALG; errorcode = OSPPASN1ObjectCopyElementObject(&newObject, ospvSignerCertInfo, OSPEDRID_CERT_PUBLICKEYALG); if(newObject != OSPC_OSNULL) { if(newObject->ElementInfo != OSPC_OSNULL) { OSPPASN1ElementDelete(&(newObject->ElementInfo) , 0); } } break; case 6: /* Add EncryptedDigest */ dataRefId = OSPEDRID_SGNINF_ENCRYPTEDDIGEST; errorcode = OSPPASN1ObjectGetElementInfo(ospvDataContent, &eInfo); if (errorcode == OSPC_ERR_NO_ERROR) { errorcode = OSPPASN1ElementGetContentData(eInfo, &contentData, &contentDataLength); } if (errorcode == OSPC_ERR_NO_ERROR) { errorcode = OSPPPKCS7DigestInfoCreate(&digestInfo, ospvDigestAlgorithm, contentData, contentDataLength); } if (errorcode == OSPC_ERR_NO_ERROR) { errorcode = OSPPASN1ObjectCopyElementObject( &digestEncryptionAlgorithm, ospvSignerCertInfo, OSPEDRID_CERT_PUBLICKEYALG); }/* if (errorcode == OSPC_ERR_NO_ERROR) { unsigned char *pubkeybuf = OSPC_OSNULL; unsigned int pubkeybuflen = 0; OSPTASN1ELEMENTINFO *tmpSignerSubjPubKeyInfo = OSPC_OSNULL; errorcode = OSPPASN1ObjectGetElementByDataRef( ospvSignerCertInfo, &tmpSignerSubjPubKeyInfo, OSPEDRID_CERT_SUBJPUBKEYINFO); errorcode = OSPPASN1ElementGetElementData( tmpSignerSubjPubKeyInfo, &pubkeybuf, &pubkeybuflen); OSPTNLOGDUMP(pubkeybuf, pubkeybuflen,"signer PUB KEY INFO"); }*/ if (errorcode == OSPC_ERR_NO_ERROR) { errorcode = OSPPCryptoEncrypt(&newObject, digestEncryptionAlgorithm, digestInfo, ospvSignerPrivateKey); } if(digestInfo != OSPC_OSNULL) { OSPPASN1ObjectDelete(&digestInfo); } if(digestEncryptionAlgorithm != OSPC_OSNULL) { OSPPASN1ElementDelete(&(digestEncryptionAlgorithm->ParseResults->ElementInfo), 0); OSPPASN1ObjectDelete(&digestEncryptionAlgorithm); } break; case 7: /* Add UnAuthenticatedAttributes */ dataRefId = OSPEDRID_SGNINF_UNAUTHATTRIBUTES; newObject = OSPC_OSNULL; /* Add nothing */ break; case 8: errorcode = OSPC_ERR_ASN1_PARSE_COMPLETE;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -