OSStatus createTSAMessageImprint(SecCmsSignedDataRef signedData, CSSM_DATA_PTR encDigest,
SecAsn1TSAMessageImprint *messageImprint)
{
// Calculate hash of encDigest and put in messageImprint.hashedMessage
// We pass in encDigest, since in the verification case, it comes from a different signedData
OSStatus status = SECFailure;
require(signedData && messageImprint, xit);
SECAlgorithmID **digestAlgorithms = SecCmsSignedDataGetDigestAlgs(signedData);
require(digestAlgorithms, xit);
SecCmsDigestContextRef digcx = SecCmsDigestContextStartMultiple(digestAlgorithms);
require(digcx, xit);
require(encDigest, xit);
SecCmsSignerInfoRef signerinfo = SecCmsSignedDataGetSignerInfo(signedData, 0); // NB - assume 1 signer only!
messageImprint->hashAlgorithm = signerinfo->digestAlg;
SecCmsDigestContextUpdate(digcx, encDigest->Data, encDigest->Length);
require_noerr(SecCmsDigestContextFinishSingle(digcx, (SecArenaPoolRef)signedData->cmsg->poolp,
&messageImprint->hashedMessage), xit);
status = SECSuccess;
xit:
return status;
}
/*
* SecCmsDigestedDataDecodeAfterData - do all the necessary things to a DigestedData
* after all the encapsulated data was passed through the encoder.
*
* In detail:
* - finish the digests
*/
OSStatus
SecCmsDigestedDataDecodeAfterData(SecCmsDigestedDataRef digd)
{
OSStatus rv = SECSuccess;
/* did we have digest calculation going on? */
if (digd->contentInfo.digcx) {
SecAsn1Item data;
rv = SecCmsDigestContextFinishSingle(digd->contentInfo.digcx, &data);
if (rv == SECSuccess)
rv = SECITEM_CopyItem(digd->contentInfo.cmsg->poolp, &(digd->digest), &data);
if (rv == SECSuccess)
SecCmsDigestContextDestroy(digd->contentInfo.digcx);
digd->contentInfo.digcx = NULL;
}
return rv;
}
