Security-58286.1.32.tar.gz

[apple/security.git] / libsecurity_smime / lib / cmsenvdata.c

diff --git a/libsecurity_smime/lib/cmsenvdata.c b/libsecurity_smime/lib/cmsenvdata.c
index 82f5ae05ce9c2cb80548a81b10406230b1db1b75..b7ccbdd696cab223222ed08d4980cc4e50a7b62e 100644 (file)
--- a/libsecurity_smime/lib/cmsenvdata.c
+++ b/libsecurity_smime/lib/cmsenvdata.c
@@ -170,6 +170,9 @@ SecCmsEnvelopedDataEncodeBeforeStart(SecCmsEnvelopedDataRef envd)
     SecCmsRecipientInfoRef *recipientinfos;
     SecCmsContentInfoRef cinfo;
     SecSymmetricKeyRef bulkkey = NULL;
+#if USE_CDSA_CRYPTO
+    SecAsn1AlgId algorithm;
+#endif
     SECOidTag bulkalgtag;
     //CK_MECHANISM_TYPE type;
     //PK11SlotInfo *slot;
@@ -186,6 +189,9 @@ SecCmsEnvelopedDataEncodeBeforeStart(SecCmsEnvelopedDataRef envd)
     recipientinfos = envd->recipientInfos;
     if (recipientinfos == NULL) {
        PORT_SetError(SEC_ERROR_BAD_DATA);
+#if 0
+       PORT_SetErrorString("Cannot find recipientinfos to encode.");
+#endif
        goto loser;
     }
 
@@ -215,12 +221,28 @@ SecCmsEnvelopedDataEncodeBeforeStart(SecCmsEnvelopedDataRef envd)
        bulkalgtag = SEC_OID_DES_EDE3_CBC;
     }
 
+#if USE_CDSA_CRYPTO
+    algorithm = SECOID_FindyCssmAlgorithmByTag(bulkalgtag);
+    if (!algorithm)
+       goto loser;
+    rv = SecKeyGenerate(NULL,  /* keychainRef */
+               algorithm,
+               SecCmsContentInfoGetBulkKeySize(cinfo),
+               0,              /* contextHandle */
+               CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_DECRYPT,
+               CSSM_KEYATTR_EXTRACTABLE,
+               NULL,           /* initialAccess */
+               &bulkkey);
+    if (rv)
+       goto loser;
+#else
     {
         size_t keysize = (cinfo->keysize + 7)/8;
         uint8_t key_material[keysize];
         require_noerr(SecRandomCopyBytes(kSecRandomDefault, keysize, key_material), loser);
         bulkkey = (SecSymmetricKeyRef)CFDataCreate(kCFAllocatorDefault, key_material, keysize);
     }
+#endif
 
     mark = PORT_ArenaMark(poolp);