[apple/security.git] / OSX / libsecurity_smime / lib / cmsmessage.c

/*
 * The contents of this file are subject to the Mozilla Public
 * License Version 1.1 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of
 * the License at http://www.mozilla.org/MPL/
 * 
 * Software distributed under the License is distributed on an "AS
 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
 * implied. See the License for the specific language governing
 * rights and limitations under the License.
 * 
 * The Original Code is the Netscape security libraries.
 * 
 * The Initial Developer of the Original Code is Netscape
 * Communications Corporation.  Portions created by Netscape are 
 * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
 * Rights Reserved.
 * 
 * Contributor(s):
 * 
 * Alternatively, the contents of this file may be used under the
 * terms of the GNU General Public License Version 2 or later (the
 * "GPL"), in which case the provisions of the GPL are applicable 
 * instead of those above.  If you wish to allow use of your 
 * version of this file only under the terms of the GPL and not to
 * allow others to use your version of this file under the MPL,
 * indicate your decision by deleting the provisions above and
 * replace them with the notice and other provisions required by
 * the GPL.  If you do not delete the provisions above, a recipient
 * may use your version of this file under either the MPL or the
 * GPL.
 */

/*
 * CMS message methods.
 */

#include <Security/SecCmsMessage.h>

#include <Security/SecCmsContentInfo.h>
#include <Security/SecCmsSignedData.h>

#include "cmslocal.h"

#include "secitem.h"
#include "secoid.h"

#include <security_asn1/secasn1.h>
#include <security_asn1/secerr.h>

/*
 * SecCmsMessageCreate - create a CMS message object
 *
 * "poolp" - arena to allocate memory from, or NULL if new arena should be created
 */
SecCmsMessageRef
SecCmsMessageCreate(SecArenaPoolRef pool)
{
    PLArenaPool *poolp = (PLArenaPool *)pool;
    void *mark = NULL;
    SecCmsMessageRef cmsg = NULL;
    Boolean poolp_is_ours = PR_FALSE;

    if (poolp == NULL) {
	poolp = PORT_NewArena (1024);           /* XXX what is right value? */
	if (poolp == NULL)
	    return NULL;
	poolp_is_ours = PR_TRUE;
    } 

    if (!poolp_is_ours)
	mark = PORT_ArenaMark(poolp);

    cmsg = (SecCmsMessageRef)PORT_ArenaZAlloc (poolp, sizeof(SecCmsMessage));
    if (cmsg == NULL) {
	if (!poolp_is_ours) {
	    if (mark) {
		PORT_ArenaRelease(poolp, mark);
	    }
	} else
	    PORT_FreeArena(poolp, PR_FALSE);
	return NULL;
    }

    cmsg->poolp = poolp;
    cmsg->poolp_is_ours = poolp_is_ours;
    cmsg->refCount = 1;

    if (mark)
	PORT_ArenaUnmark(poolp, mark);

    return cmsg;
}

/*
 * SecCmsMessageSetEncodingParams - set up a CMS message object for encoding or decoding
 *
 * "cmsg" - message object
 * "pwfn", pwfn_arg" - callback function for getting token password
 * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
 * "detached_digestalgs", "detached_digests" - digests from detached content
 */
void
SecCmsMessageSetEncodingParams(SecCmsMessageRef cmsg,
			PK11PasswordFunc pwfn, void *pwfn_arg,
			SecCmsGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
			SECAlgorithmID **detached_digestalgs, CSSM_DATA_PTR *detached_digests)
{
#if 0
    // @@@ Deal with password stuff.
    if (pwfn)
	PK11_SetPasswordFunc(pwfn);
#endif
    cmsg->pwfn_arg = pwfn_arg;
    cmsg->decrypt_key_cb = decrypt_key_cb;
    cmsg->decrypt_key_cb_arg = decrypt_key_cb_arg;
    cmsg->detached_digestalgs = detached_digestalgs;
    cmsg->detached_digests = detached_digests;
}

/*
 * SecCmsMessageDestroy - destroy a CMS message and all of its sub-pieces.
 */
void
SecCmsMessageDestroy(SecCmsMessageRef cmsg)
{
    PORT_Assert (cmsg->refCount > 0);
    if (cmsg->refCount <= 0)	/* oops */
	return;

    cmsg->refCount--;		/* thread safety? */
    if (cmsg->refCount > 0)
	return;

    SecCmsContentInfoDestroy(&(cmsg->contentInfo));

    /* if poolp is not NULL, cmsg is the owner of its arena */
    if (cmsg->poolp_is_ours && cmsg->poolp) {
	PORT_FreeArena (cmsg->poolp, PR_TRUE);
    }
}

/*
 * SecCmsMessageCopy - return a copy of the given message. 
 *
 * The copy may be virtual or may be real -- either way, the result needs
 * to be passed to SecCmsMessageDestroy later (as does the original).
 */
SecCmsMessageRef
SecCmsMessageCopy(SecCmsMessageRef cmsg)
{
    if (cmsg == NULL)
	return NULL;

    PORT_Assert (cmsg->refCount > 0);

    cmsg->refCount++; /* XXX chrisk thread safety? */
    return cmsg;
}

/*
 * SecCmsMessageGetArena - return a pointer to the message's arena pool
 */
SecArenaPoolRef
SecCmsMessageGetArena(SecCmsMessageRef cmsg)
{
    return (SecArenaPoolRef)cmsg->poolp;
}

/*
 * SecCmsMessageGetContentInfo - return a pointer to the top level contentInfo
 */
SecCmsContentInfoRef
SecCmsMessageGetContentInfo(SecCmsMessageRef cmsg)
{
    return &(cmsg->contentInfo);
}

/*
 * Return a pointer to the actual content. 
 * In the case of those types which are encrypted, this returns the *plain* content.
 * In case of nested contentInfos, this descends and retrieves the innermost content.
 */
CSSM_DATA_PTR
SecCmsMessageGetContent(SecCmsMessageRef cmsg)
{
    /* this is a shortcut */
    SecCmsContentInfoRef cinfo = SecCmsMessageGetContentInfo(cmsg);
    CSSM_DATA_PTR pItem = SecCmsContentInfoGetInnerContent(cinfo);
    return pItem;
}

/*
 * SecCmsMessageContentLevelCount - count number of levels of CMS content objects in this message
 *
 * CMS data content objects do not count.
 */
int
SecCmsMessageContentLevelCount(SecCmsMessageRef cmsg)
{
    int count = 0;
    SecCmsContentInfoRef cinfo;

    /* walk down the chain of contentinfos */
    for (cinfo = &(cmsg->contentInfo); cinfo != NULL; ) {
	count++;
	cinfo = SecCmsContentInfoGetChildContentInfo(cinfo);
    }
    return count;
}

/*
 * SecCmsMessageContentLevel - find content level #n
 *
 * CMS data content objects do not count.
 */
SecCmsContentInfoRef
SecCmsMessageContentLevel(SecCmsMessageRef cmsg, int n)
{
    int count = 0;
    SecCmsContentInfoRef cinfo;

    /* walk down the chain of contentinfos */
    for (cinfo = &(cmsg->contentInfo); cinfo != NULL && count < n; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo)) {
	count++;
    }

    return cinfo;
}

/*
 * SecCmsMessageContainsCertsOrCrls - see if message contains certs along the way
 */
Boolean
SecCmsMessageContainsCertsOrCrls(SecCmsMessageRef cmsg)
{
    SecCmsContentInfoRef cinfo;

    /* descend into CMS message */
    for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo)) {
	if (SecCmsContentInfoGetContentTypeTag(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
	    continue;	/* next level */
	
	if (SecCmsSignedDataContainsCertsOrCrls(cinfo->content.signedData))
	    return PR_TRUE;
    }
    return PR_FALSE;
}

/*
 * SecCmsMessageIsEncrypted - see if message contains a encrypted submessage
 */
Boolean
SecCmsMessageIsEncrypted(SecCmsMessageRef cmsg)
{
    SecCmsContentInfoRef cinfo;

    /* walk down the chain of contentinfos */
    for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo))
    {
	switch (SecCmsContentInfoGetContentTypeTag(cinfo)) {
	case SEC_OID_PKCS7_ENVELOPED_DATA:
	case SEC_OID_PKCS7_ENCRYPTED_DATA:
	    return PR_TRUE;
	default:
	    break;
	}
    }
    return PR_FALSE;
}

/*
 * SecCmsMessageIsSigned - see if message contains a signed submessage
 *
 * If the CMS message has a SignedData with a signature (not just a SignedData)
 * return true; false otherwise.  This can/should be called before calling
 * VerifySignature, which will always indicate failure if no signature is
 * present, but that does not mean there even was a signature!
 * Note that the content itself can be empty (detached content was sent
 * another way); it is the presence of the signature that matters.
 */
Boolean
SecCmsMessageIsSigned(SecCmsMessageRef cmsg)
{
    SecCmsContentInfoRef cinfo;

    /* walk down the chain of contentinfos */
    for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo))
    {
	switch (SecCmsContentInfoGetContentTypeTag(cinfo)) {
	case SEC_OID_PKCS7_SIGNED_DATA:
	    if (!SecCmsArrayIsEmpty((void **)cinfo->content.signedData->signerInfos))
		return PR_TRUE;
	    break;
	default:
	    break;
	}
    }
    return PR_FALSE;
}

/*
 * SecCmsMessageIsContentEmpty - see if content is empty
 *
 * returns PR_TRUE is innermost content length is < minLen
 * XXX need the encrypted content length (why?)
 */
Boolean
SecCmsMessageIsContentEmpty(SecCmsMessageRef cmsg, unsigned int minLen)
{
    CSSM_DATA_PTR item = NULL;

    if (cmsg == NULL)
	return PR_TRUE;

    item = SecCmsContentInfoGetContent(SecCmsMessageGetContentInfo(cmsg));

    if (!item) {
	return PR_TRUE;
    } else if(item->Length <= minLen) {
	return PR_TRUE;
    }

    return PR_FALSE;
}

/*
 * SecCmsMessageContainsTSTInfo - see if message contains a TimeStamping info block
 */
Boolean
SecCmsMessageContainsTSTInfo(SecCmsMessageRef cmsg)
{
    SecCmsContentInfoRef cinfo;

    /* walk down the chain of contentinfos */
    for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo))
    {
        switch (SecCmsContentInfoGetContentTypeTag(cinfo))
        {
        case SEC_OID_PKCS9_ID_CT_TSTInfo:
            // TSTInfo is in cinfo->rawContent->Data
            return PR_TRUE;
        default:
            break;
        }
    }
    return PR_FALSE;
}

void
SecCmsMessageSetTSACallback(SecCmsMessageRef cmsg, SecCmsTSACallback tsaCallback)
{
    if (cmsg)
        cmsg->tsaCallback = tsaCallback;
}

void
SecCmsMessageSetTSAContext(SecCmsMessageRef cmsg, const void *tsaContext)   //CFTypeRef
{
    if (cmsg)
        cmsg->tsaContext = tsaContext;
}
Commit	Line	Data
d8f41ccd A	1	/*
	2	* The contents of this file are subject to the Mozilla Public
	3	* License Version 1.1 (the "License"); you may not use this file
	4	* except in compliance with the License. You may obtain a copy of
	5	* the License at http://www.mozilla.org/MPL/
	6	*
	7	* Software distributed under the License is distributed on an "AS
	8	* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
	9	* implied. See the License for the specific language governing
	10	* rights and limitations under the License.
	11	*
	12	* The Original Code is the Netscape security libraries.
	13	*
	14	* The Initial Developer of the Original Code is Netscape
	15	* Communications Corporation. Portions created by Netscape are
	16	* Copyright (C) 1994-2000 Netscape Communications Corporation. All
	17	* Rights Reserved.
	18	*
	19	* Contributor(s):
	20	*
	21	* Alternatively, the contents of this file may be used under the
	22	* terms of the GNU General Public License Version 2 or later (the
	23	* "GPL"), in which case the provisions of the GPL are applicable
	24	* instead of those above. If you wish to allow use of your
	25	* version of this file only under the terms of the GPL and not to
	26	* allow others to use your version of this file under the MPL,
	27	* indicate your decision by deleting the provisions above and
	28	* replace them with the notice and other provisions required by
	29	* the GPL. If you do not delete the provisions above, a recipient
	30	* may use your version of this file under either the MPL or the
	31	* GPL.
	32	*/
	33
	34	/*
	35	* CMS message methods.
	36	*/
	37
	38	#include <Security/SecCmsMessage.h>
	39
	40	#include <Security/SecCmsContentInfo.h>
	41	#include <Security/SecCmsSignedData.h>
	42
	43	#include "cmslocal.h"
	44
	45	#include "secitem.h"
	46	#include "secoid.h"
	47
	48	#include <security_asn1/secasn1.h>
	49	#include <security_asn1/secerr.h>
	50
	51	/*
	52	* SecCmsMessageCreate - create a CMS message object
	53	*
	54	* "poolp" - arena to allocate memory from, or NULL if new arena should be created
	55	*/
	56	SecCmsMessageRef
	57	SecCmsMessageCreate(SecArenaPoolRef pool)
	58	{
	59	PLArenaPool poolp = (PLArenaPool )pool;
	60	void *mark = NULL;
6b200bc3	61	SecCmsMessageRef cmsg = NULL;
d8f41ccd A	62	Boolean poolp_is_ours = PR_FALSE;
	63
	64	if (poolp == NULL) {
	65	poolp = PORT_NewArena (1024); /* XXX what is right value? */
	66	if (poolp == NULL)
	67	return NULL;
	68	poolp_is_ours = PR_TRUE;
	69	}
	70
	71	if (!poolp_is_ours)
	72	mark = PORT_ArenaMark(poolp);
	73
	74	cmsg = (SecCmsMessageRef)PORT_ArenaZAlloc (poolp, sizeof(SecCmsMessage));
	75	if (cmsg == NULL) {
	76	if (!poolp_is_ours) {
	77	if (mark) {
	78	PORT_ArenaRelease(poolp, mark);
	79	}
	80	} else
	81	PORT_FreeArena(poolp, PR_FALSE);
	82	return NULL;
	83	}
	84
	85	cmsg->poolp = poolp;
	86	cmsg->poolp_is_ours = poolp_is_ours;
	87	cmsg->refCount = 1;
	88
	89	if (mark)
	90	PORT_ArenaUnmark(poolp, mark);
	91
	92	return cmsg;
	93	}
	94
	95	/*
	96	* SecCmsMessageSetEncodingParams - set up a CMS message object for encoding or decoding
	97	*
	98	* "cmsg" - message object
	99	* "pwfn", pwfn_arg" - callback function for getting token password
	100	* "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
	101	* "detached_digestalgs", "detached_digests" - digests from detached content
	102	*/
	103	void
	104	SecCmsMessageSetEncodingParams(SecCmsMessageRef cmsg,
	105	PK11PasswordFunc pwfn, void *pwfn_arg,
	106	SecCmsGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
	107	SECAlgorithmID *detached_digestalgs, CSSM_DATA_PTR detached_digests)
	108	{
	109	#if 0
	110	// @@@ Deal with password stuff.
	111	if (pwfn)
	112	PK11_SetPasswordFunc(pwfn);
	113	#endif
	114	cmsg->pwfn_arg = pwfn_arg;
	115	cmsg->decrypt_key_cb = decrypt_key_cb;
	116	cmsg->decrypt_key_cb_arg = decrypt_key_cb_arg;
	117	cmsg->detached_digestalgs = detached_digestalgs;
	118	cmsg->detached_digests = detached_digests;
	119	}
	120
	121	/*
	122	* SecCmsMessageDestroy - destroy a CMS message and all of its sub-pieces.
	123	*/
	124	void
	125	SecCmsMessageDestroy(SecCmsMessageRef cmsg)
126	{
127	PORT_Assert (cmsg->refCount > 0);
128	if (cmsg->refCount <= 0) /* oops */
129	return;
130
131	cmsg->refCount--; /* thread safety? */
132	if (cmsg->refCount > 0)
133	return;
134
135	SecCmsContentInfoDestroy(&(cmsg->contentInfo));
136
137	/* if poolp is not NULL, cmsg is the owner of its arena */
6b200bc3 A	138	if (cmsg->poolp_is_ours && cmsg->poolp) {
6b200bc3 A	139	PORT_FreeArena (cmsg->poolp, PR_TRUE);
fa7225c8	140	}
d8f41ccd A	141	}
	142
	143	/*
	144	* SecCmsMessageCopy - return a copy of the given message.
	145	*
	146	* The copy may be virtual or may be real -- either way, the result needs
	147	* to be passed to SecCmsMessageDestroy later (as does the original).
	148	*/
	149	SecCmsMessageRef
	150	SecCmsMessageCopy(SecCmsMessageRef cmsg)
	151	{
	152	if (cmsg == NULL)
	153	return NULL;
	154
	155	PORT_Assert (cmsg->refCount > 0);
	156
	157	cmsg->refCount++; /* XXX chrisk thread safety? */
	158	return cmsg;
	159	}
	160
	161	/*
	162	* SecCmsMessageGetArena - return a pointer to the message's arena pool
	163	*/
	164	SecArenaPoolRef
	165	SecCmsMessageGetArena(SecCmsMessageRef cmsg)
	166	{
	167	return (SecArenaPoolRef)cmsg->poolp;
	168	}
	169
	170	/*
	171	* SecCmsMessageGetContentInfo - return a pointer to the top level contentInfo
	172	*/
	173	SecCmsContentInfoRef
	174	SecCmsMessageGetContentInfo(SecCmsMessageRef cmsg)
	175	{
	176	return &(cmsg->contentInfo);
	177	}
	178
	179	/*
	180	* Return a pointer to the actual content.
	181	* In the case of those types which are encrypted, this returns the plain content.
	182	* In case of nested contentInfos, this descends and retrieves the innermost content.
	183	*/
	184	CSSM_DATA_PTR
	185	SecCmsMessageGetContent(SecCmsMessageRef cmsg)
	186	{
	187	/* this is a shortcut */
	188	SecCmsContentInfoRef cinfo = SecCmsMessageGetContentInfo(cmsg);
	189	CSSM_DATA_PTR pItem = SecCmsContentInfoGetInnerContent(cinfo);
	190	return pItem;
	191	}
	192
	193	/*
	194	* SecCmsMessageContentLevelCount - count number of levels of CMS content objects in this message
	195	*
	196	* CMS data content objects do not count.
	197	*/
	198	int
	199	SecCmsMessageContentLevelCount(SecCmsMessageRef cmsg)
	200	{
	201	int count = 0;
	202	SecCmsContentInfoRef cinfo;
	203
	204	/* walk down the chain of contentinfos */
205	for (cinfo = &(cmsg->contentInfo); cinfo != NULL; ) {
206	count++;
207	cinfo = SecCmsContentInfoGetChildContentInfo(cinfo);
208	}
209	return count;
210	}
211
212	/*
213	* SecCmsMessageContentLevel - find content level #n
214	*
215	* CMS data content objects do not count.
216	*/
217	SecCmsContentInfoRef
218	SecCmsMessageContentLevel(SecCmsMessageRef cmsg, int n)
219	{
220	int count = 0;
221	SecCmsContentInfoRef cinfo;
222
223	/* walk down the chain of contentinfos */
224	for (cinfo = &(cmsg->contentInfo); cinfo != NULL && count < n; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo)) {
225	count++;
226	}
227
228	return cinfo;
229	}
230
231	/*
232	* SecCmsMessageContainsCertsOrCrls - see if message contains certs along the way
233	*/
234	Boolean
235	SecCmsMessageContainsCertsOrCrls(SecCmsMessageRef cmsg)
236	{
237	SecCmsContentInfoRef cinfo;
238
239	/* descend into CMS message */
240	for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo)) {
241	if (SecCmsContentInfoGetContentTypeTag(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
242	continue; /* next level */
243
244	if (SecCmsSignedDataContainsCertsOrCrls(cinfo->content.signedData))
245	return PR_TRUE;
246	}
247	return PR_FALSE;
248	}
249
250	/*
251	* SecCmsMessageIsEncrypted - see if message contains a encrypted submessage
252	*/
253	Boolean
254	SecCmsMessageIsEncrypted(SecCmsMessageRef cmsg)
255	{
256	SecCmsContentInfoRef cinfo;
257
258	/* walk down the chain of contentinfos */
259	for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo))
260	{
261	switch (SecCmsContentInfoGetContentTypeTag(cinfo)) {
262	case SEC_OID_PKCS7_ENVELOPED_DATA:
263	case SEC_OID_PKCS7_ENCRYPTED_DATA:
264	return PR_TRUE;
265	default:
266	break;
267	}
268	}
269	return PR_FALSE;
270	}
271
272	/*
273	* SecCmsMessageIsSigned - see if message contains a signed submessage
274	*
275	* If the CMS message has a SignedData with a signature (not just a SignedData)
276	* return true; false otherwise. This can/should be called before calling
277	* VerifySignature, which will always indicate failure if no signature is
278	* present, but that does not mean there even was a signature!
279	* Note that the content itself can be empty (detached content was sent
280	* another way); it is the presence of the signature that matters.
281	*/
282	Boolean
283	SecCmsMessageIsSigned(SecCmsMessageRef cmsg)
284	{
285	SecCmsContentInfoRef cinfo;
286
287	/* walk down the chain of contentinfos */
288	for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo))
289	{
290	switch (SecCmsContentInfoGetContentTypeTag(cinfo)) {
291	case SEC_OID_PKCS7_SIGNED_DATA:
292	if (!SecCmsArrayIsEmpty((void **)cinfo->content.signedData->signerInfos))
293	return PR_TRUE;
294	break;
295	default:
296	break;
297	}
298	}
299	return PR_FALSE;
300	}
301
302	/*
303	* SecCmsMessageIsContentEmpty - see if content is empty
304	*
305	* returns PR_TRUE is innermost content length is < minLen
306	* XXX need the encrypted content length (why?)
307	*/
308	Boolean
309	SecCmsMessageIsContentEmpty(SecCmsMessageRef cmsg, unsigned int minLen)
310	{
311	CSSM_DATA_PTR item = NULL;
312
313	if (cmsg == NULL)
314	return PR_TRUE;
315
316	item = SecCmsContentInfoGetContent(SecCmsMessageGetContentInfo(cmsg));
317
318	if (!item) {
319	return PR_TRUE;
320	} else if(item->Length <= minLen) {
321	return PR_TRUE;
322	}
323
324	return PR_FALSE;
325	}
326
327	/*
328	* SecCmsMessageContainsTSTInfo - see if message contains a TimeStamping info block
329	*/
330	Boolean
331	SecCmsMessageContainsTSTInfo(SecCmsMessageRef cmsg)
332	{
333	SecCmsContentInfoRef cinfo;
334
335	/* walk down the chain of contentinfos */
336	for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = SecCmsContentInfoGetChildContentInfo(cinfo))
337	{
338	switch (SecCmsContentInfoGetContentTypeTag(cinfo))
339	{
340	case SEC_OID_PKCS9_ID_CT_TSTInfo:
341	// TSTInfo is in cinfo->rawContent->Data
342	return PR_TRUE;
343	default:
344	break;
345	}
346	}
347	return PR_FALSE;
348	}
349
350	void
351	SecCmsMessageSetTSACallback(SecCmsMessageRef cmsg, SecCmsTSACallback tsaCallback)
352	{
353	if (cmsg)
354	cmsg->tsaCallback = tsaCallback;
355	}
356
357	void
358	SecCmsMessageSetTSAContext(SecCmsMessageRef cmsg, const void *tsaContext) //CFTypeRef
359	{
360	if (cmsg)
361	cmsg->tsaContext = tsaContext;
362	}
363