Exemple #1
0
SECOidData *
NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo)
{
    SECOidData *algdata;
    SECOidTag   algtag;

    algdata = SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
    if (algdata == NULL) {
	return algdata;
    }
    /* Windows may have given us a signer algorithm oid instead of a digest 
     * algorithm oid. This call will map to a signer oid to a digest one, 
     * otherwise it leaves the oid alone and let the chips fall as they may
     * if it's not a digest oid.
     */
    algtag = NSS_CMSUtil_MapSignAlgs(algdata->offset);
    if (algtag != algdata->offset) {
	/* if the tags don't match, then we must have received a signer 
	 * algorithID. Now we need to get the oid data for the digest
	 * oid, which the rest of the code is expecting */
	algdata = SECOID_FindOIDByTag(algtag);
    }

    return algdata;

}
Exemple #2
0
SECStatus
NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd)
{
    SECStatus rv;
    if (!sigd) {
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
        return SECFailure;
    }
    rv = NSS_CMSContentInfo_Private_Init(&sigd->contentInfo);
    if (rv != SECSuccess) {
	return SECFailure;
    }
    /* handle issue with Windows 2003 servers and kerberos */
    if (sigd->digestAlgorithms != NULL) {
	int i;
	for (i=0; sigd->digestAlgorithms[i] != NULL; i++) {
	    SECAlgorithmID *algid = sigd->digestAlgorithms[i];
	    SECOidTag senttag= SECOID_FindOIDTag(&algid->algorithm);
	    SECOidTag maptag = NSS_CMSUtil_MapSignAlgs(senttag);

	    if (maptag != senttag) {
		SECOidData *hashoid = SECOID_FindOIDByTag(maptag);
		rv = SECITEM_CopyItem(sigd->cmsg->poolp, &algid->algorithm 
							,&hashoid->oid);
		if (rv != SECSuccess) {
		    return rv;
		}
	    }
	}
    }

    /* set up the digests */
    if (sigd->digestAlgorithms != NULL && sigd->digests == NULL) {
	/* if digests are already there, do nothing */
	sigd->contentInfo.privateInfo->digcx = NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
	if (sigd->contentInfo.privateInfo->digcx == NULL)
	    return SECFailure;
    }
    return SECSuccess;
}