CMSCertificateChainMode chainMode;
CFDataRef hashAgilityAttrValue;
+ CFDictionaryRef hashAgilityV2AttrValues;
};
static void cmsEncoderInit(CFTypeRef enc);
for(digit=0; digit<numsToProcess; digit++) {
free(digits[digit]);
}
- free(digits);
- free(numDigits);
}
result = 0;
cleanExit:
+ if (digits) free(digits);
+ if (numDigits) free(numDigits);
if (oidStr) CFRelease(oidStr);
if (argvRef) CFRelease(argvRef);
CFRELEASE(cmsEncoder->otherCerts);
if(cmsEncoder->cmsMsg != NULL) {
SecCmsMessageDestroy(cmsEncoder->cmsMsg);
+ cmsEncoder->cmsMsg = NULL;
}
if(cmsEncoder->arena != NULL) {
SecArenaPoolFree(cmsEncoder->arena, false);
break;
}
}
+ if(cmsEncoder->signedAttributes & kCMSAttrAppleCodesigningHashAgilityV2) {
+ ortn = SecCmsSignerInfoAddAppleCodesigningHashAgilityV2(signerInfo, cmsEncoder->hashAgilityV2AttrValues);
+ /* libsecurity_smime made a copy of the attribute value. We don't need it anymore. */
+ CFReleaseNull(cmsEncoder->hashAgilityV2AttrValues);
+ if(ortn) {
+ ortn = cmsRtnToOSStatus(ortn);
+ CSSM_PERROR("SecCmsSignerInfoAddAppleCodesigningHashAgilityV2", ortn);
+ break;
+ }
+ }
ortn = SecCmsSignedDataAddSignerInfo(signedData, signerInfo);
if(ortn) {
return errSecSuccess;
}
+/*
+ * Set the hash agility attribute for a CMSEncoder.
+ * This is only used if the kCMSAttrAppleCodesigningHashAgilityV2 attribute
+ * is included.
+ */
+OSStatus CMSEncoderSetAppleCodesigningHashAgilityV2(
+ CMSEncoderRef cmsEncoder,
+ CFDictionaryRef hashAgilityV2AttrValues)
+{
+ if (cmsEncoder == NULL || cmsEncoder->encState != ES_Init) {
+ return errSecParam;
+ }
+ cmsEncoder->hashAgilityV2AttrValues = CFRetainSafe(hashAgilityV2AttrValues);
+ return errSecSuccess;
+}
+
OSStatus CMSEncoderSetCertificateChainMode(
CMSEncoderRef cmsEncoder,
CMSCertificateChainMode chainMode)
projects / apple / security.git / blobdiff