Enforcing Definite Encoding on Constructed CMS Objects

Thu, 09 Sep 2010 03:38:54 -0700 

How do I get the CMS encoder in mozilla's NSS 3.12.7 to use definite
encodings on constructed types as well as data. Here is what I am
trying now (in the least invasive way possible.)

  /* Create memory pool (aka an arena.) */
  PLArenaPool * arena = PORT_NewArena(4096);

  /* Create the CMS Message object */
  fprintf(stderr, "Create the CMS Message object\n");
  NSSCMSMessage * cmsMessage = NSS_CMSMessage_Create(arena);
  NSSCMSContentInfo * cinfo = NSS_CMSMessage_GetContentInfo(cmsMessage);

  /* Create a DigestedData object who's parent is cmsMessage */
  fprintf(stderr, "Create a DigestedData object who's parent is cmsMessage\n");
  SECAlgorithmID * id = CreateDigestAlgorithmID(arena, SEC_OID_SHA1);
  NSSCMSDigestedData * digestedData =
    NSS_CMSDigestedData_Create(cmsMessage, id);
  NSSCMSContentInfo * dcinfo =
    NSS_CMSDigestedData_GetContentInfo(digestedData);

  /* Tell the DigestedData object to include the content (not detached.) */
  fprintf(stderr, "Tell the DigestedData object to include the content
(Length: %d)\n", in_len);
  SECItem * in_data = CreateSECItemString(arena, in, in_len);
  NSS_CMSContentInfo_SetContent_Data(cmsMessage, dcinfo, in_data, PR_FALSE);

  /* Put digestedData into cmsMessage's contentInfo section */
  fprintf(stderr, "Put digestedData into cmsMessage's contentInfo section\n");
  NSS_CMSContentInfo_SetContent_DigestedData(cmsMessage, cinfo, digestedData);

  /* Encode input data to DER format with following parameters */
  fprintf(stderr, "Encode input data to DER format\n");
  SECItem * encodedOutput = (SECItem*)PORT_ArenaZAlloc(arena, sizeof(SECItem));

  NSSCMSEncoderContext * ecx =
    NSS_CMSEncoder_Start(cmsMessage, NULL, NULL, encodedOutput, arena,
      NULL, NULL, NULL, NULL, NULL, NULL);
  fprintf(stderr, "NSS_CMSEncoder_Update\n");
  NSS_CMSEncoder_Update(ecx, NULL, 0);
  fprintf(stderr, "NSS_CMSEncoder_Finish\n");
  NSS_CMSEncoder_Finish(ecx);

The output has the sequence fields indefinite. Researching into the
code, I've found (in secasn1e.c)

    /* The !isString test below is apparently intended to ensure that all
    ** constructed types receive indefinite length encoding.
    */
   indefinite = (PRBool)
  (state->top->streaming && state->may_stream &&
   (state->top->from_buf || !state->is_string));

which leads me to believe there is no way to do this easily. If know
one knows of an easy way to handle this,
I'll probably submit bug/patch, just thought this was suppose to be a
std feature of CMS encoders?

Thanks for any help!
Vinnie Agriesti
-- 
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to