OSStatus createTSAMessageImprint(SecCmsSignedDataRef signedData, CSSM_DATA_PTR encDigest, SecAsn1TSAMessageImprint *messageImprint) { // Calculate hash of encDigest and put in messageImprint.hashedMessage // We pass in encDigest, since in the verification case, it comes from a different signedData OSStatus status = SECFailure; require(signedData && messageImprint, xit); SECAlgorithmID **digestAlgorithms = SecCmsSignedDataGetDigestAlgs(signedData); require(digestAlgorithms, xit); SecCmsDigestContextRef digcx = SecCmsDigestContextStartMultiple(digestAlgorithms); require(digcx, xit); require(encDigest, xit); SecCmsSignerInfoRef signerinfo = SecCmsSignedDataGetSignerInfo(signedData, 0); // NB - assume 1 signer only! messageImprint->hashAlgorithm = signerinfo->digestAlg; SecCmsDigestContextUpdate(digcx, encDigest->Data, encDigest->Length); require_noerr(SecCmsDigestContextFinishSingle(digcx, (SecArenaPoolRef)signedData->cmsg->poolp, &messageImprint->hashedMessage), xit); status = SECSuccess; xit: return status; }
/* * SecCmsDigestedDataDecodeAfterData - do all the necessary things to a DigestedData * after all the encapsulated data was passed through the encoder. * * In detail: * - finish the digests */ OSStatus SecCmsDigestedDataDecodeAfterData(SecCmsDigestedDataRef digd) { OSStatus rv = SECSuccess; /* did we have digest calculation going on? */ if (digd->contentInfo.digcx) { SecAsn1Item data; rv = SecCmsDigestContextFinishSingle(digd->contentInfo.digcx, &data); if (rv == SECSuccess) rv = SECITEM_CopyItem(digd->contentInfo.cmsg->poolp, &(digd->digest), &data); if (rv == SECSuccess) SecCmsDigestContextDestroy(digd->contentInfo.digcx); digd->contentInfo.digcx = NULL; } return rv; }