Skip to content

Commit

Permalink
add content stream output callback for VerifySignedData function
Browse files Browse the repository at this point in the history
  • Loading branch information
JacobBarthelmeh committed Oct 15, 2024
1 parent cd8d158 commit 4945aa9
Showing 1 changed file with 66 additions and 27 deletions.
93 changes: 66 additions & 27 deletions wolfcrypt/src/pkcs7.c
Original file line number Diff line number Diff line change
Expand Up @@ -5261,35 +5261,49 @@ static int wc_PKCS7_HandleOctetStrings(PKCS7* pkcs7, byte* in, word32 inSz,
/* got partial octet string data */
/* accumulate partial octet string to buffer */
if (keepContent) {
if (pkcs7->streamOutCb) {
ret = wc_HashUpdate(&pkcs7->stream->hashAlg,
pkcs7->stream->hashType,
msg + *idx, pkcs7->stream->expected);
if (ret != 0)
break;
pkcs7->streamOutCb(pkcs7, msg + *idx,
pkcs7->stream->expected, pkcs7->streamCtx);
}
else {
/* store current content buffer temporarily */
tempBuf = pkcs7->stream->content;
pkcs7->stream->content = NULL;

/* store current content buffer temporarily */
tempBuf = pkcs7->stream->content;
pkcs7->stream->content = NULL;

/* grow content buffer */
contBufSz = pkcs7->stream->accumContSz;
pkcs7->stream->accumContSz += pkcs7->stream->expected;
/* grow content buffer */
contBufSz = pkcs7->stream->accumContSz;
pkcs7->stream->accumContSz += pkcs7->stream->expected;

pkcs7->stream->content =
(byte*)XMALLOC(pkcs7->stream->accumContSz,
pkcs7->heap, DYNAMIC_TYPE_PKCS7);
pkcs7->stream->content =
(byte*)XMALLOC(pkcs7->stream->accumContSz,
pkcs7->heap, DYNAMIC_TYPE_PKCS7);

if (pkcs7->stream->content == NULL) {
WOLFSSL_MSG("failed to grow content buffer.");
XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
tempBuf = NULL;
ret = MEMORY_E;
break;
}
else {
/* accumulate content */
if (tempBuf != NULL && contBufSz != 0) {
XMEMCPY(pkcs7->stream->content, tempBuf, contBufSz);
if (pkcs7->stream->content == NULL) {
WOLFSSL_MSG("failed to grow content buffer.");
if (tempBuf != NULL) {
XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
tempBuf = NULL;
}
ret = MEMORY_E;
break;
}
else {
/* accumulate content */
if (tempBuf != NULL && contBufSz != 0) {
XMEMCPY(pkcs7->stream->content, tempBuf, contBufSz);
}
XMEMCPY(pkcs7->stream->content + contBufSz, msg + *idx,
pkcs7->stream->expected);
if (tempBuf != NULL) {
XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
tempBuf = NULL;
}
}
XMEMCPY(pkcs7->stream->content + contBufSz, msg + *idx,
pkcs7->stream->expected);
XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
tempBuf = NULL;
}
}

Expand Down Expand Up @@ -5909,6 +5923,14 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE3);

#ifndef NO_PKCS7_STREAM
/* setup hash struct for creating hash of content if needed */
if (pkcs7->streamOutCb) {
ret = wc_HashInit_ex(&pkcs7->stream->hashAlg,
pkcs7->stream->hashType, pkcs7->heap, pkcs7->devId);
if (ret != 0)
break;
}

/* free pkcs7->stream->content buffer */
XFREE(pkcs7->stream->content, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
pkcs7->stream->content = NULL;
Expand Down Expand Up @@ -6571,8 +6593,25 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
pkcs7->contentSz = (word32)contentSz;

if (ret == 0) {
ret = wc_PKCS7_SignedDataVerifySignature(pkcs7, sig, (word32)sigSz,
signedAttrib, (word32)signedAttribSz,
#ifndef NO_PKCS7_STREAM
byte streamHash[WC_MAX_DIGEST_SIZE];

/* get final hash if having done hash updates while
* streaming out the content */
if (pkcs7->streamOutCb) {
ret = wc_HashFinal(&pkcs7->stream->hashAlg,
pkcs7->stream->hashType, streamHash);
hashBuf = streamHash;
hashSz = wc_HashGetDigestSize(pkcs7->stream->hashType);

wc_HashFree(&pkcs7->stream->hashAlg,
pkcs7->stream->hashType);
if (ret != 0)
break;
}
#endif
ret = wc_PKCS7_SignedDataVerifySignature(pkcs7, sig,
(word32)sigSz, signedAttrib, (word32)signedAttribSz,
hashBuf, hashSz);
}
}
Expand Down

0 comments on commit 4945aa9

Please sign in to comment.