📄 readsign.c
字号:
if (status != 0)
break;
*bytesRead += messageRead;
if (derElement->complete == 0)
break;
/* We'll now start reading data. How much data is there to read?
*/
readCtx->dataLen = derElement->valueLen;
obj->state = VOLT_P7_STATE_SIGN_READ_DATA_S;
VOLT_SET_FNCT_LINE (fnctLine)
status = VtDigestInit (readCtx->digestObj);
if (status != 0)
break;
/* Move on to the next element.
*/
message += messageRead;
messageLen -= messageRead;
VoltResetDerElement (derElement);
if (messageLen == 0)
break;
case VOLT_P7_STATE_SIGN_READ_DATA_S:
/* How many of the bytes are to be output?
*/
#if VT_64_BIT_LENGTH == 64
length = 0xffffffff;
if (readCtx->dataLen < (VtUInt64)0xffffffff)
length = (unsigned int)(readCtx->dataLen);
#else
length = readCtx->dataLen;
#endif
if (messageLen < length)
length = messageLen;
VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
VOLT_SET_FNCT_LINE (fnctLine)
status = VT_ERROR_BUFFER_TOO_SMALL;
*outputDataLen = length;
if (bufferSize < length)
break;
/* Digest the data.
*/
VOLT_SET_ERROR_TYPE (errorType, 0)
VOLT_SET_FNCT_LINE (fnctLine)
status = VtDigestUpdate (readCtx->digestObj, message, length);
if (status != 0)
break;
Z2Memcpy (outputData, message, length);
*bytesRead += length;
message += length;
messageLen -= length;
#if VT_64_BIT_LENGTH == 64
readCtx->dataLen -= (VtUInt64)length;
#else
readCtx->dataLen -= length;
#endif
/* If we're expecting more data, we're done with Update. If not,
* finish this call so the caller can call Update again.
*/
if (readCtx->dataLen != 0)
break;
/* We've processed all the data to verify. Complete the digest.
*/
obj->state = VOLT_P7_STATE_SIGN_READ_DATA_F;
VOLT_SET_FNCT_LINE (fnctLine)
status = VtDigestFinal (
readCtx->digestObj, (unsigned char *)0, 0,
(unsigned char *)0, 0, &(readCtx->digestLen));
if (status == 0)
status = VT_ERROR_GENERAL;
if (status != VT_ERROR_BUFFER_TOO_SMALL)
break;
VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
VOLT_SET_FNCT_LINE (fnctLine)
status = VT_ERROR_MEMORY;
readCtx->digest = (unsigned char *)Z2Realloc (
readCtx->digest, readCtx->digestLen);
if (readCtx->digest == (unsigned char *)0)
break;
VOLT_SET_ERROR_TYPE (errorType, 0)
VOLT_SET_FNCT_LINE (fnctLine)
status = VtDigestFinal (
readCtx->digestObj, (unsigned char *)0, 0,
readCtx->digest, readCtx->digestLen, &(readCtx->digestLen));
if (status != 0)
break;
if (readCtx->dataLen != 0)
obj->state = VOLT_P7_STATE_SIGN_READ_DATA_S;
if (messageLen == 0)
break;
case VOLT_P7_STATE_SIGN_READ_DATA_F:
/* Next come the certs. Actually, they're OPTIONAL, so they may
* not be there.
*/
if (message[0] != 0xA0)
{
/* If no certs, check to see if there are any CRL's. If there
* are CRL's, consider the state to be the state it would be if
* we had just finished reading all the certs and confirmed
* that there are CRL's. If there are no CRL's, consider the
* state to be the state it would be if we had just finished
* reading all the CRL's.
* Note from the programmer: Notice the goto statement.
* Normally I don't like them, but in this case it really works.
*/
if (message[0] == 0xA1)
{
obj->state = VOLT_P7_STATE_SIGN_READ_CRL_L;
goto VoltP7StateSignReadCrlLen;
}
obj->state = VOLT_P7_STATE_SIGN_READ_CRLS;
goto VoltP7StateSignReadCrls;
}
obj->state = VOLT_P7_STATE_SIGN_READ_CERT_L;
case VOLT_P7_STATE_SIGN_READ_CERT_L:
/* How long is the cert list? This is IMPLICIT.
*/
VOLT_SET_ERROR_TYPE (errorType, 0)
VOLT_SET_FNCT_LINE (fnctLine)
status = VoltGetNextDerElement (
libCtx, message, messageLen, 0, 0xA0, 0, derElement, &messageRead);
if (status != 0)
break;
*bytesRead += messageRead;
if (derElement->complete == 0)
break;
readCtx->currentLen = (unsigned int)(derElement->valueLen);
obj->state = VOLT_P7_STATE_SIGN_READ_CERT_D;
/* Move on to the next element.
*/
message += messageRead;
messageLen -= messageRead;
VoltResetDerElement (derElement);
if (messageLen == 0)
break;
VoltP7StateSignReadCertData:
case VOLT_P7_STATE_SIGN_READ_CERT_D:
/* The next element is a cert.
*/
VOLT_SET_ERROR_TYPE (errorType, 0)
VOLT_SET_FNCT_LINE (fnctLine)
status = VoltGetNextDerElement (
libCtx, message, messageLen, 0, VOLT_SEQUENCE_TAG, 1,
derElement, &messageRead);
if (status != 0)
break;
*bytesRead += messageRead;
if (derElement->complete == 0)
break;
/* We kept the total length of all the certs, now that we've read
* one, subtract its length from the total. If that was the last
* cert, set the state to indicate we're done reading certs.
*/
readCtx->currentLen -= derElement->elementLen;
if (readCtx->currentLen == 0)
obj->state = VOLT_P7_STATE_SIGN_READ_CERTS;
/* Add this cert to the list of certs.
*/
VOLT_SET_FNCT_LINE (fnctLine)
status = AddCertToList (
libCtx, readCtx, derElement->element, derElement->elementLen);
if (status != 0)
break;
/* Move on to the next element.
*/
message += messageRead;
messageLen -= messageRead;
VoltResetDerElement (derElement);
if (messageLen == 0)
break;
/* There may be more certs, we checked readCtx->currentLen to
* see, if there are no more the state was set to
* VOLT_P7_STATE_SIGN_READ_CERTS. If the state is not that value,
* read another cert. If it is, move on to the CRL's.
* Note from the programmer: Notice the goto statement.
* Normally I don't like them, but in this case it really works.
*/
if (obj->state != VOLT_P7_STATE_SIGN_READ_CERTS)
goto VoltP7StateSignReadCertData;
case VOLT_P7_STATE_SIGN_READ_CERTS:
/* We're done with the certs. There might be some CRL's, but they
* are OPTIONAL. If they are there, the next byte will be A1. If
* not, skip the CRL collection code.
* Note from the programmer: Notice the goto statement.
* Normally I don't like them, but in this case it really works.
*/
if (message[0] != 0xA1)
{
obj->state = VOLT_P7_STATE_SIGN_READ_CRLS;
goto VoltP7StateSignReadCrls;
}
obj->state = VOLT_P7_STATE_SIGN_READ_CRL_L;
VoltP7StateSignReadCrlLen:
case VOLT_P7_STATE_SIGN_READ_CRL_L:
/* This implementation skips the CRL's. Get the length.
*/
VOLT_SET_ERROR_TYPE (errorType, 0)
VOLT_SET_FNCT_LINE (fnctLine)
status = VoltGetNextDerElement (
libCtx, message, messageLen, 0, 0xA1, 0, derElement, &messageRead);
if (status != 0)
break;
*bytesRead += messageRead;
if (derElement->complete == 0)
break;
readCtx->currentLen = (unsigned int)(derElement->valueLen);
obj->state = VOLT_P7_STATE_SIGN_READ_CRL_D;
/* Move on to the next element.
*/
message += messageRead;
messageLen -= messageRead;
VoltResetDerElement (derElement);
if (messageLen == 0)
break;
case VOLT_P7_STATE_SIGN_READ_CRL_D:
/* Just skip CRL's. Skip all the CRL data, unless the amount in
* message is not enough. Then skip all the data in the message.
*/
length = messageLen;
if (messageLen >= readCtx->currentLen)
{
length = readCtx->currentLen;
obj->state = VOLT_P7_STATE_SIGN_READ_CRLS;
}
readCtx->currentLen -= length;
message += length;
messageLen -= length;
if (messageLen == 0)
break;
VoltP7StateSignReadCrls:
case VOLT_P7_STATE_SIGN_READ_CRLS:
/* We should have a SET OF SignerInfo. How long?
*/
VOLT_SET_ERROR_TYPE (errorType, 0)
VOLT_SET_FNCT_LINE (fnctLine)
status = VoltGetNextDerElement (
libCtx, message, messageLen, 0, VOLT_SET_TAG, 0,
derElement, &messageRead);
if (status != 0)
break;
*bytesRead += messageRead;
if (derElement->complete == 0)
break;
readCtx->currentLen = (unsigned int)(derElement->valueLen);
obj->state = VOLT_P7_STATE_SIGN_READ_SI;
/* Move on to the next element.
*/
message += messageRead;
messageLen -= messageRead;
VoltResetDerElement (derElement);
if (messageLen == 0)
break;
VoltP7StateSignReadSi:
case VOLT_P7_STATE_SIGN_READ_SI:
/* The next element is a SignerInfo
*/
VOLT_SET_ERROR_TYPE (errorType, 0)
VOLT_SET_FNCT_LINE (fnctLine)
status = VoltGetNextDerElement (
libCtx, message, messageLen, 0, VOLT_SEQUENCE_TAG, 1,
derElement, &messageRead);
if (status != 0)
break;
*bytesRead += messageRead;
if (derElement->complete == 0)
break;
/* We kept the total length of all the SignerInfo's, now that
* we've read one, subtract its length from the total. If that
* was the last SignerInfo, set the state to indicate we're done
* reading them.
*/
readCtx->currentLen -= derElement->elementLen;
if (readCtx->currentLen == 0)
obj->state = VOLT_P7_STATE_SIGN_READ_COMPLETE;
/* Add this cert to the list of SingerInfo's.
*/
VOLT_SET_FNCT_LINE (fnctLine)
status = AddSignerInfoToList (
libCtx, readCtx, derElement->element, derElement->elementLen);
if (status != 0)
break;
/* There may be more SignerInfo's, we checked readCtx->currentLen
* to see, if there are no more the state was set to
* VOLT_P7_STATE_SIGN_READ_COMPLETE. If the state is not that
* value, read another SignerInfo. If it is, we've read all there
* is to read, decode the authenticated attributes.
* Note from the programmer: Notice the goto statement.
* Normally I don't like them, but in this case it really works.
*/
if (obj->state == VOLT_P7_STATE_SIGN_READ_COMPLETE)
break;
/* Move on to the next element.
*/
message += messageRead;
messageLen -= messageRead;
VoltResetDerElement (derElement);
if (messageLen == 0)
break;
goto VoltP7StateSignReadSi;
}
VOLT_LOG_ERROR_INFO_COMPARE (
status, 0, pkcs7Obj, status, 0, errorType,
(char *)0, "VoltP7ReadSignedUpdate", fnctLine, (char *)0)
return (status);
}
int VoltP7ReadSignedFinal (
VtPkcs7Object pkcs7Obj,
unsigned char *message,
unsigned int messageLen,
unsigned int *bytesRead,
unsigned char *outputData,
unsigned int bufferSize,
unsigned int *outputDataLen
)
{
int status;
VoltPkcs7Object *obj = (VoltPkcs7Object *)pkcs7Obj;
VOLT_DECLARE_ERROR_TYPE (errorType)
VOLT_DECLARE_FNCT_LINE (fnctLine)
*bytesRead = 0;
*outputDataLen = 0;
do
{
/* If we're done, there's nothing to do.
*/
if ( (obj->state == VOLT_P7_STATE_SIGN_READ_COMPLETE) ||
(obj->state == VOLT_P7_STATE_SIGN_READ_FINAL) )
{
obj->state = VOLT_P7_STATE_SIGN_READ_FINAL;
status = 0;
break;
}
/* If we're not done, try to finish.
*/
VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
VOLT_SET_FNCT_LINE (fnctLine)
status = VT_ERROR_INVALID_INPUT_LENGTH;
if (messageLen == 0)
break;
VOLT_SET_ERROR_TYPE (errorType, 0)
VOLT_SET_FNCT_LINE (fnctLine)
status = VoltP7ReadSignedUpdate (
pkcs7Obj, message, messageLen, bytesRead,
outputData, bufferSize, outputDataLen);
if (status != 0)
break;
/* Are we finished now?
*/
VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
VOLT_SET_FNCT_LINE (fnctLine)
status = VT_ERROR_INVALID_INPUT_LENGTH;
if (obj->state != VOLT_P7_STATE_SIGN_READ_COMPLETE)
break;
obj->state = VOLT_P7_STATE_SIGN_READ_FINAL;
status = 0;
} while (0);
VOLT_LOG_ERROR_INFO_COMPARE (
status, 0, pkcs7Obj, status, 0, errorType,
(char *)0, "VoltP7ReadSignedFinal", fnctLine, (char *)0)
return (status);
}
int VoltP7VerifySignerInfo (
VtPkcs7Object pkcs7Obj,
unsigned int index,
VtPolicyCtx policyCtx,
VtStorageCtx storageCtx,
VtTransportCtx transportCtx,
VtCertVerifyCtx certVerifyCtx,
Pointer verifyCtxInfo,
VtVerifyFailureList vfyFailList,
unsigned int *verifyResult
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -